r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b3537658770790ad6cf0d727f0c0acd2
8365cadda05ef27b2ebd627d545e31886b512bde
df992311f130f15459739841de925c7eec2604d5a68ca6b2a67b6dc8d229212c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF992311F130F15459739841DE925C7EEC2604D5A68CA6B2A67B6DC8D229212C"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4149
Expires: Wed, 26 Oct 2022 04:55:25 GMT
Date: Wed, 26 Oct 2022 03:46:16 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c2bba4cad162918b17858b60e909e4d9
d9a1d4f7fb7635ab233ebbf776e6de1a2857032b
3a1d27ec3d034d6326b32f6054b6be46079a86a33e75d5a2a3796a0c4c5eadab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4399
Cache-Control: max-age=111494
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:16 GMT
Etag: "6357acdf-1d7"
Expires: Thu, 27 Oct 2022 10:44:30 GMT
Last-Modified: Tue, 25 Oct 2022 09:31:11 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10639
Expires: Wed, 26 Oct 2022 06:43:35 GMT
Date: Wed, 26 Oct 2022 03:46:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: thliLPpFJqVaYJM7bV2zX3vWB06YkNT7UqPGP1rPNVF3TxFODPC6UIKNgb2DC9OXGQRzXtGSEPo=
x-amz-request-id: KPPPD95D793QD9P4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 26 Oct 2022 03:39:03 GMT
age: 433
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
taraa.xyz/9GuC
104.21.38.143200 OK 5.4 kB IP 104.21.38.143:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (552)
Hash 51432ad2b82f586ed4a9626bc38a566c
1f56bb1d5017f07b3a14d05ff0cffd9545320584
0ec6f6b625251799dad7c4f8e3620b77d1e78825d193fc7b3bd4f28e4f5a9fa1
GET /9GuC HTTP/1.1
Host: taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: FLYSESSID=oum83to0roh2mpbu2u23il6vbn; path=/; HttpOnly; SameSite=Lax
yp1=d6d3afbab59b819343f48548849260a7; expires=Thu, 27-Oct-2022 03:46:16 GMT; Max-Age=86400; path=/; domain=.taraa.xyz
yp2=530aaadfbd2c81e5bb513d9e6446395b; expires=Thu, 27-Oct-2022 03:46:16 GMT; Max-Age=86400; path=/; domain=.taraa.xyz
yp3=1532635802; expires=Thu, 27-Oct-2022 03:46:16 GMT; Max-Age=86400; path=/; domain=.taraa.xyz
x-powered-by: adfly
strict-transport-security: max-age=0
p3p: policyref="http://adult.xyz/w3c/p3p_adult.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 26 Oct 2022 03:46:16 GMT
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msD6YPmg8ef2JlWErfUVckzO%2BLh9HGnhHaQm4wpVkh7ZulV8FsnqKXAzkWhI1Whtk%2BQRcEu0cv8%2B%2FRIwIw1d9dLnD0QKLZ128fRu1cYWtRa%2B4YVOHk04HFvjbss%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7600343408db1c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 03:46:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdn.taraa.xyz/static/js/view118_bidshow.js
172.67.223.164200 OK 4.0 kB URL HTTP/1.1 cdn.taraa.xyz/static/js/view118_bidshow.js
IP 172.67.223.164:0
File type ASCII text, with very long lines (10991), with no line terminators
Hash 966f84aff8b7893cbf2b87da5a27f8a9
695e0fcb64fc820db2ca76e808136a3762ea3673
25c6680edff77f84bc5606fdd9f06116ec800f29173528135cb74d564f2732f9
GET /static/js/view118_bidshow.js HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/9GuC
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:16 GMT
Content-Type: application/x-javascript
Content-Length: 4024
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 03:32:17 GMT
last-modified: Wed, 24 Aug 2022 10:51:38 GMT
etag: "2aef-630602ba-3bacd69da000f03;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 839
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Tdz2pYOkwDiyQY3v6db2SvzFc530gLJjgIkk%2FoOWt0gPddiM8jVyd%2Fbp%2B1y%2BX3P3hyC2sHEEWXTjB61EZF%2FctRbn%2F5yh0T5MbUEB64hmTx1ibgINch%2B43VH1h7LVNC%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7600343639a40b45-OSL
alt-svc: h2=":443"; ma=60
cdn.taraa.xyz/static/css/adult/ad_default_2.css
172.67.223.164200 OK 1.0 kB URL HTTP/1.1 cdn.taraa.xyz/static/css/adult/ad_default_2.css
IP 172.67.223.164:0
File type ASCII text, with very long lines (3019), with no line terminators
Hash d71a21fe5c3144380a86fc92b3a1b1d8
2b38d6a0bc14cc7009813432a32be8fc33a6988d
89be7bfc0e11317964a8e7ea64c4a826393eeff08f373556628c1ddf8d03d475
GET /static/css/adult/ad_default_2.css HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/9GuC
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=4230
cache-control: public, max-age=604800
etag: W/"1086-5faa60e6-1f0baddc216b902a;gz"
expires: Wed, 02 Nov 2022 03:32:17 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 839
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ui%2F2vW%2FHPjjyvNG7QnnTuuph7zpnWgXeedrj%2B2yL1up7FWzuGymeJNqqsQHNasY3kJlbqOclekUHMau5Tdm2AZoHGge4LAjKoS3%2BVpsT%2FCyWXoeGIIche2AssxeUE7Ze"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 760034363ebf0b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
142.250.74.74200 OK 33 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP 142.250.74.74:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0
GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33333
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 24 Oct 2022 11:11:20 GMT
Expires: Tue, 24 Oct 2023 11:11:20 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 146096
a.realsrv.com/ad-provider.js
205.185.216.42200 OK 26 kB URL HTTP/1.1 a.realsrv.com/ad-provider.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (49710)
Hash 8d6cea7f45f63e24ce51b95eeeb92dd7
6828bb7a22370a378545c38ef277ac8afc2a83ea
f64ff74c6a8128b33ca151754e213a6568b0dba92ed8a9b66c7198a8c1eb91ac
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:16 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 25545
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"7e7baedcc388b2a109d47913a75"
X-HW: 1666755976.dop001.sk1.t,1666755976.cds207.sk1.c
Access-Control-Allow-Origin: *, *
cdn.taraa.xyz/static/js/main.js?v=2022052901
172.67.223.164200 OK 705 B URL HTTP/1.1 cdn.taraa.xyz/static/js/main.js?v=2022052901
IP 172.67.223.164:0
Hash 5d2f026c4af9cf86a2ecb368dc1533d6
376ce5a73144b00dd162aa8524ac856b8db7a33e
0fd907185fe7d7610498d8d487449707fe4949c5c89a1028da380d2e5e862c3d
GET /static/js/main.js?v=2022052901 HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/9GuC
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:16 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 03:46:16 GMT
last-modified: Sun, 29 May 2022 07:10:19 GMT
etag: "7a0-62931c5b-8cbcca2019146215;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlo2SWfZIDeECFyNXnDO1Sr%2BRPKN6m8JV4sKrRPgbfJbWJ%2F3jalEwi48N1SkPP5MNuchOhU69Zkz%2FgBnlR16KuKkfwQBMPN%2B1fmNhjTUus2NIR3%2BfrYEmqqvIAXsfPgP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 760034363888b524-OSL
alt-svc: h2=":443"; ma=60
d3t5ngjixpjdho.cloudfront.net/?jgntd=788614
54.230.245.226200 OK 36 kB URL HTTP/1.1 d3t5ngjixpjdho.cloudfront.net/?jgntd=788614
IP 54.230.245.226:0
File type Unicode text, UTF-8 text, with very long lines (15478)
Hash 272b3a845dae288d3a88ff19128ee84d
85f570a428348d4fb5e8811035e581d811718e70
ddf69382d546fdc122ab8ebb6c8306b9f6d94a1e6676367fa06feab21ec1411d
GET /?jgntd=788614 HTTP/1.1
Host: d3t5ngjixpjdho.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Content-Length: 36013
Connection: keep-alive
Date: Wed, 26 Oct 2022 03:46:16 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 28NfoFcRN5HsgZBTKqIMqEOaG1gubFbSWJiFLN-GImcDOE7BFP_pOA==
cdn.taraa.xyz/static/image/logo_fb2.png
172.67.223.164200 OK 6.3 kB URL HTTP/1.1 cdn.taraa.xyz/static/image/logo_fb2.png
IP 172.67.223.164:0
File type PNG image data, 193 x 98, 8-bit colormap, non-interlaced\012- data
Hash 84a673a878949a7a8410199f5f8ea220
49cbc367cd9e0943df6d6e2180bb9a5771dbb208
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3
GET /static/image/logo_fb2.png HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/9GuC
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:17 GMT
Content-Type: image/png
Content-Length: 6283
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 03:32:18 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "188b-5faa60e6-48354ceeda0c07b3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 839
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F21i7zbMQxbChpP%2Bvasf54B%2F8%2BANop%2BcVDUkz2BV8YhucLCWrdWyTCt9G4WXSX%2Fuf38MvXkAj%2BgoRQICt6Z8vD%2FjBWo%2FgWSlr7p8nDfhEkx3dPU71shcw3K%2BMqpTdKFf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760034393fca0b61-OSL
alt-svc: h2=":443"; ma=60
cdn.taraa.xyz/static/image/delete2.png
172.67.223.164200 OK 577 B URL HTTP/1.1 cdn.taraa.xyz/static/image/delete2.png
IP 172.67.223.164:0
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a612b41ba5d1cad10ae4c6660d8fda4
4006ab2bfe338d2d1f060c0486bad8e1b589ba44
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43
GET /static/image/delete2.png HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/9GuC
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:17 GMT
Content-Type: image/png
Content-Length: 577
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 03:32:18 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "241-5faa60e6-657b5e5638f6aacc;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 839
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4SZohu9O7K5qlM5Xtmb6qZhW%2BylCWPOzd%2BEqW04ThE8Po3QQRfO3OeWp8rc0nXlHsIkZBnhSU2sxX%2FdatWwf2JAn6d%2Bet%2FOif30Qqzb8EcWN5dkITo%2FOpZ0IOqBZpZx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760034393a7b0b45-OSL
alt-svc: h2=":443"; ma=60
cdn.taraa.xyz/static/image/spinner.gif
172.67.223.164200 OK 36 kB URL HTTP/1.1 cdn.taraa.xyz/static/image/spinner.gif
IP 172.67.223.164:0
File type GIF image data, version 89a, 39 x 39\012- data
Hash 2055f195780b3e4c71b97c95fa97eab0
36c1138bdcccf116f1b9ee9effa3e5d13f1e6161
0a607f27600e85addcfd1415ee611a370a30dce3f53ac200d3e0e25d2bdc5157
GET /static/image/spinner.gif HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/9GuC
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:17 GMT
Content-Type: image/gif
Content-Length: 35453
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 03:32:18 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "8a7d-5faa60e6-3361a662be6e6961;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 839
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jt9zkyJI8P5b8zGIYITZbc2RvDfIc3YjjOMUCIEqjUD7QVBJBXSFtIL%2BGZ3geigzR3Se1yRpOvtFg96A3dZfiE1mI0lFRpHWgaJ5F0yV7TOavlYGzV54J9AU8dFMgJ2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760034393ad31c02-OSL
alt-svc: h2=":443"; ma=60
cdn.taraa.xyz/static/image/adult/logo.png
172.67.223.164200 OK 6.6 kB URL HTTP/1.1 cdn.taraa.xyz/static/image/adult/logo.png
IP 172.67.223.164:0
File type PNG image data, 185 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash eba85b03dac77520a465167b5342cd8b
c262160125e6852f36eadfaaa114c22ec2637f63
24db3841268bf9a96b73062bf2a7d6e44b032fe0b842f6dea7889b86bd044d3f
GET /static/image/adult/logo.png HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/9GuC
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:17 GMT
Content-Type: image/png
Content-Length: 6603
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 03:32:18 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "19cb-5faa60e6-9e10d0de5235b15d;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 839
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWpYHMjKJl4OWJiTEFlqTKQuR%2BtAYX5O9YC2jqrBKxjATQ6NA7u%2B9DXncpzZSp3rvs0M%2BJnxNpOy%2F%2BUvbePudmoMdJnPf8rNzwZHgw8nNBsOa1Wa3SqX31lini4iPff9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760034393d92b518-OSL
alt-svc: h2=":443"; ma=60
taraa.xyz/js/display.js
104.21.38.143200 OK 5.8 kB IP 104.21.38.143:0
File type ASCII text, with very long lines (15999)
Hash e149217d65efcf53cc382af7c60f461c
6de97c3f773cf9b21e4373097f5f5cddf37d872e
4d30ac5f2c0ab10e25b4c39eb646e9cb86d66394775d77ba7b88a34720f85b27
GET /js/display.js HTTP/1.1
Host: taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/9GuC
Connection: keep-alive
Cookie: FLYSESSID=oum83to0roh2mpbu2u23il6vbn; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:17 GMT
Content-Type: application/x-javascript
Content-Length: 5775
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 03:32:18 GMT
last-modified: Thu, 29 Jul 2021 14:08:58 GMT
etag: "3e81-6102b67a-b080f0a7a094466b;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 839
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AyUkau3fKj4NbgTn2YyHtYs4qqSYFcTYBus4wlTci8BC5b7sMkKSEeriAxA8PIMyTK3DINYExUBPhLkEY%2FakYNeQh9CIOAA8%2FDw3fHzy5qPhJWsW1K332BvRxE0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76003439bafa1c02-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 518ff04fd536958e285cf07aaf4a2786
fa5dad2391c2a9957340bd629f0462db4f412a5c
608c78964412d5dc7025e9cbfaef345d448a29eae0f11257c49a41f274917b9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6548
Cache-Control: max-age=108579
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:17 GMT
Etag: "63579918-1d7"
Expires: Thu, 27 Oct 2022 09:55:56 GMT
Last-Modified: Tue, 25 Oct 2022 08:06:48 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
chestfoollo.one/popunder.gif
172.67.154.214200 OK 58 B URL HTTP/1.1 chestfoollo.one/popunder.gif
IP 172.67.154.214:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 79c15b369d32d2f0f17c116f541b6df3
3039289d4d1f5bc7385a81621deb2614423b769b
e3a3c6b90f511e80a77636fdd4c6047336d4ed5b2c86adf74318a08142649e08
GET /popunder.gif HTTP/1.1
Host: chestfoollo.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:17 GMT
Content-Type: image/gif
Content-Length: 58
Connection: keep-alive
access-control-allow-origin: *
Pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
CF-Cache-Status: HIT
Age: 42190
Last-Modified: Tue, 25 Oct 2022 16:03:07 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ff4eT4h5%2FqyG4TDZ8EFZxLp%2BJjX5mJBAysw2xMO6JLTXJyW2x4G5m1hGUrUGaTjAIxk70tWehiv8aRjnR%2B7SHLNkw%2FeQwQ24%2F%2Fnh0ElenAcx4aoFV%2Bz2fL6lgGvOGUwYsWQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76003439ca710b02-OSL
alt-svc: h2=":443"; ma=60
cdn.taraa.xyz/static/image/d_top_bg.png
172.67.223.164200 OK 156 B URL HTTP/1.1 cdn.taraa.xyz/static/image/d_top_bg.png
IP 172.67.223.164:0
File type PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Hash 106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
GET /static/image/d_top_bg.png HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/9GuC
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:17 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 03:32:18 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-4968c22d9bbfac4c;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 839
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbXX%2FWKx3lJwA2S2JSTQoBT8OiqCMwkfqF6AAbn0W7fF3KiHkhe0uICh1HmRH2Nx40zUvwge0X7ntpdoVHtfK0CWSr0iYoYIl8ECY2Q%2BpYiNlM2lZwd76AAVGATQsIYi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76003439fb0b1c02-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/bmiDRxqR27w
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/bmiDRxqR27w
IP 142.250.74.35:0
Hash b6048b646139ddc5cbfa86a0117dfcfe
deaeae3de84e324b7062eb190daf184ea7254b69
e4adb7b8241681efe2409196c40482b21690d47587c8fdeb81153d5f56f608f0
POST /s/gts1p5/bmiDRxqR27w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:17 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
syndication.realsrv.com/v1/api.php
95.211.229.246200 OK 1.1 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP 95.211.229.246:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (1594), with no line terminators
Hash 5ffd1d5ae466e898879557b2f3a77873
08f8d65a15579efe17cf587964e8605935f7df64
a0cbf9fdfd283915b961214d675c37ebebf36c77f5844563405b9e5277b5c96c
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain
Content-Length: 253
Origin: http://taraa.xyz
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 03:46:17 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://taraa.xyz
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A31%3A%226358ad89461df8.8860288880235499%22%3B%7D; expires=Fri, 25-Oct-2024 03:46:17 GMT; Max-Age=63072000; path=/; domain=realsrv.com
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
cdn.taraa.xyz/static/image/ad_top_bg2.png?&ad_box_=1
172.67.223.164200 OK 156 B URL HTTP/1.1 cdn.taraa.xyz/static/image/ad_top_bg2.png?&ad_box_=1
IP 172.67.223.164:0
File type PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Hash 106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
GET /static/image/ad_top_bg2.png?&ad_box_=1 HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/9GuC
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:17 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 03:46:17 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-616091c58406c4e2;;;"
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXISCGU8qFvK7qLqLg9GKHPEinBO4yQ%2FsIXYpC58mXc3P6CVZ8k%2B9XYxnLiK9VY0nRVKt1G3K1nng7NyZHwYdnqgoCjZ%2BUuIM7Fx2NoFNLT%2FRTdYBIQ77rQTpjbrwYJc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760034393a19b524-OSL
alt-svc: h2=":443"; ma=60
chestfoollo.one/aFV4eTVHahsKCD8TNjpRAj0XIH0mFDwUBAY2PU1/ChIMT2cfEF4NXAxoT0ENXmRMX0UBMUVLDE4mDBhBHSZFSBMBOx4WCE4jRUgbWHtOSRtYcw1EBE4hCBhSVWReCUEcOUVIA15jT0wAUWJMSgRe
172.67.154.214204 No Content 0 B URL HTTP/2 chestfoollo.one/aFV4eTVHahsKCD8TNjpRAj0XIH0mFDwUBAY2PU1/ChIMT2cfEF4NXAxoT0ENXmRMX0UBMUVLDE4mDBhBHSZFSBMBOx4WCE4jRUgbWHtOSRtYcw1EBE4hCBhSVWReCUEcOUVIA15jT0wAUWJMSgRe
IP 172.67.154.214:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aFV4eTVHahsKCD8TNjpRAj0XIH0mFDwUBAY2PU1/ChIMT2cfEF4NXAxoT0ENXmRMX0UBMUVLDE4mDBhBHSZFSBMBOx4WCE4jRUgbWHtOSRtYcw1EBE4hCBhSVWReCUEcOUVIA15jT0wAUWJMSgRe HTTP/1.1
Host: chestfoollo.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://taraa.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 26 Oct 2022 03:46:17 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0PRJcICxVaeMgk2DbePxNyuj5%2B78V0LmWSL5CF55C7jN3CoSbXNIqYBlojQEZMLKYNhjFsPgC3o6UGS5YRMV1FCPEF0N8h9s%2BB0EJB8ZHfyq1cYqthwVWnEZWFATDLQbz0M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7600343a0debb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PS05DMRC7Chd40fyTdM0aJBAHSJPXFWIBrdQiH568V1Fbo5FnIjsjJLIwLeJPogeLA2dUTpWSSWI3vLy+wRhtXD7P6Xr7hZpFDphJlYriwTXDQmpEwKlAs2XaZkSWxRXsUNDkFGZgUXOaACXiKKiEj/fnvXjSBFzlOmuKLR5CsM3gSgj10kapFjxOJZUSJGWCRN1qBXVt3U/sWbn4cT12Lspq2WmM2jd/wrl9t7YfQ3cmoj1N/gdQNpX5k4UfwjBB2Nft5/bVgcfzO303mBlmW5PGvvYWrZXWs4jE4FHWNepxtuZ/icrEB3wBAAA=
95.211.229.246200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PS05DMRC7Chd40fyTdM0aJBAHSJPXFWIBrdQiH568V1Fbo5FnIjsjJLIwLeJPogeLA2dUTpWSSWI3vLy+wRhtXD7P6Xr7hZpFDphJlYriwTXDQmpEwKlAs2XaZkSWxRXsUNDkFGZgUXOaACXiKKiEj/fnvXjSBFzlOmuKLR5CsM3gSgj10kapFjxOJZUSJGWCRN1qBXVt3U/sWbn4cT12Lspq2WmM2jd/wrl9t7YfQ3cmoj1N/gdQNpX5k4UfwjBB2Nft5/bVgcfzO303mBlmW5PGvvYWrZXWs4jE4FHWNepxtuZ/icrEB3wBAAA=
IP 95.211.229.246:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PS05DMRC7Chd40fyTdM0aJBAHSJPXFWIBrdQiH568V1Fbo5FnIjsjJLIwLeJPogeLA2dUTpWSSWI3vLy+wRhtXD7P6Xr7hZpFDphJlYriwTXDQmpEwKlAs2XaZkSWxRXsUNDkFGZgUXOaACXiKKiEj/fnvXjSBFzlOmuKLR5CsM3gSgj10kapFjxOJZUSJGWCRN1qBXVt3U/sWbn4cT12Lspq2WmM2jd/wrl9t7YfQ3cmoj1N/gdQNpX5k4UfwjBB2Nft5/bVgcfzO303mBlmW5PGvvYWrZXWs4jE4FHWNepxtuZ/icrEB3wBAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://taraa.xyz
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 03:46:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://taraa.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226358ad89628d20.918002423959468498%22%3B%7D; expires=Fri, 25 Oct 2024 03:46:17 GMT; path=; domain=.realsrv.com;
__upt=%7B%22v%22%3A1%2C%22id%22%3A%226358ad89628d20.918002423959468498%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Fri, 25 Oct 2024 03:46:17 GMT; path=/; domain=.realsrv.com;
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
taraa.xyz/2market_bidshow.php?user_id=-1&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2FTopsexcamsites.com%2Ftag%2Fbest-porn-sights%2F&url_id=7158835241&t=ba64e5c75deba8280f7d12251e8be45e&w=28333f8ea3e86122c9fa41cd06902b18
104.21.38.143200 OK 143 B URL HTTP/1.1 taraa.xyz/2market_bidshow.php?user_id=-1&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2FTopsexcamsites.com%2Ftag%2Fbest-porn-sights%2F&url_id=7158835241&t=ba64e5c75deba8280f7d12251e8be45e&w=28333f8ea3e86122c9fa41cd06902b18
IP 104.21.38.143:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 41730b1fa98c827ae1bf4554add1adbb
16efe55e5db3da8ea12bab057f028e30d08f8539
55972bffc8bf7d67a5a740d8f80ab87f08ad0e4a52cbbd891732dba03ae66bfa
GET /2market_bidshow.php?user_id=-1&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2FTopsexcamsites.com%2Ftag%2Fbest-porn-sights%2F&url_id=7158835241&t=ba64e5c75deba8280f7d12251e8be45e&w=28333f8ea3e86122c9fa41cd06902b18 HTTP/1.1
Host: taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/9GuC
Connection: keep-alive
Cookie: FLYSESSID=oum83to0roh2mpbu2u23il6vbn; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:17 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.27
set-cookie: adult_ad_report=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
adult_1149829=4236229; expires=Thu, 27-Oct-2022 03:46:17 GMT; Max-Age=86400; path=/; domain=adult.xyz
market_1149829=4236229; expires=Wed, 26-Oct-2022 03:47:17 GMT; Max-Age=60; path=/
adult_ad_report=1149829_4236229; expires=Wed, 26-Oct-2022 03:56:17 GMT; Max-Age=600
p3p: policyref="http://adult.xyz/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4fBDIXsACeADUz0b2tDqHwBye5TYG3QhfWTSGaEBe9mEeBb6famlnFbPFyI2AeeyL7uLf0w2bK4755PrU6ndgsldasurEgqsjoiBbgm6tmwY4JpQ02ZOT5dBgQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76003439fb091c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
s3t3d2y8.afcdn.net/library/344676/8d56c5a4dc87f994b32a34cacb64fce1a8c10500.webp
185.76.9.23200 OK 3.2 kB URL HTTP/1.1 s3t3d2y8.afcdn.net/library/344676/8d56c5a4dc87f994b32a34cacb64fce1a8c10500.webp
IP 185.76.9.23:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c5b9eaabdf9d87a060447b064ce3fc15
8d56c5a4dc87f994b32a34cacb64fce1a8c10500
b1341b48d5719e5dd1b7a5ec8bb9b5748c26c0741aa6d2b12bb2344f77a131a0
GET /library/344676/8d56c5a4dc87f994b32a34cacb64fce1a8c10500.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:17 GMT
Content-Type: image/webp
Content-Length: 3208
Connection: keep-alive
Last-Modified: Wed, 03 Nov 2021 16:40:42 GMT
ETag: "6182bb8a-c88"
Expires: Fri, 30 Jun 2023 11:21:04 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
X-Cache-OP: HIT
X-Accel-Expires: @1688195238
Server: CDN77-Turbo
X-Robots-Tag: noindex, follow
X-77-NZT: AblMCRRJMBT/YxCaAA
X-77-NZT-Ray: ffffffff3dc6fcd489ad5863d9f67619
X-Cache: HIT
X-Age: 10096739
X-77-POP: stockholmSE
X-77-Cache: HIT
Accept-Ranges: bytes
s3t3d2y8.afcdn.net/images/close-icon.svg
185.76.9.23200 OK 190 B URL HTTP/1.1 s3t3d2y8.afcdn.net/images/close-icon.svg
IP 185.76.9.23:0
ASN #60068 Datacamp Limited
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 45f51fdb3b9a323b19de207d8cea263a
07d30be9e7a83815dbe2984bd73971dc6c84081d
5ff2dc9d0193e409ebc640da00b1451d42e74af53d16d0083662d83dbce7ef35
GET /images/close-icon.svg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:17 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 13:13:10 GMT
ETag: W/"62bc4fe6-109"
Expires: Fri, 30 Jun 2023 18:46:40 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
X-Cache-OP: HIT
X-Accel-Expires: @1688195204
Server: CDN77-Turbo
X-Robots-Tag: noindex, follow
X-77-NZT: AblMCRQD15n/hRCaAA
X-77-NZT-Ray: ffffffff2eb8fdd489ad586314f38819
X-Cache: HIT
X-Age: 10096773
X-77-POP: stockholmSE
X-77-Cache: HIT
Content-Encoding: gzip
htthereflewove.xyz/ejlLc1kbWygeZhsEKVUsCFV2Vms8HHk1PUlNfh0+EFAzAzMeUSRdOhZWPhc/CFYlB3cUXD9WazwIGCUXDVweBCgqe38VOgAJfTUcKA4oJC09agMbLzVoBiQQEFU+PA0dDgcnYTJpeABvNGsnIz84AXwlPkoLByRsO2EyMjYqay82OBNOcjZpKAApCRAvfng1YB5oGjkQA3M+MRs7DhsaOil/GDY2NQgSPhUiaG5BGzJOBh8TLgEZKxFOaREfbDBYEwczLXgNSjwyYw88axYOEgsuK3AhBCssbD9LFC1NDDk3CgAvGBRNWBMHMztecgM8EnMBJ2swDC4fdCx1LTBtSHwzOjMYfg5BCklBfyppOHAtOzFIaCAYKDN6DiURA3QzFzIzHHk1PSIAciIfQgwvNBBcUzgcNwoEAjIuHlU8NW4JXyJFaSxR
108.157.214.106200 OK 1.2 kB URL HTTP/1.1 htthereflewove.xyz/ejlLc1kbWygeZhsEKVUsCFV2Vms8HHk1PUlNfh0+EFAzAzMeUSRdOhZWPhc/CFYlB3cUXD9WazwIGCUXDVweBCgqe38VOgAJfTUcKA4oJC09agMbLzVoBiQQEFU+PA0dDgcnYTJpeABvNGsnIz84AXwlPkoLByRsO2EyMjYqay82OBNOcjZpKAApCRAvfng1YB5oGjkQA3M+MRs7DhsaOil/GDY2NQgSPhUiaG5BGzJOBh8TLgEZKxFOaREfbDBYEwczLXgNSjwyYw88axYOEgsuK3AhBCssbD9LFC1NDDk3CgAvGBRNWBMHMztecgM8EnMBJ2swDC4fdCx1LTBtSHwzOjMYfg5BCklBfyppOHAtOzFIaCAYKDN6DiURA3QzFzIzHHk1PSIAciIfQgwvNBBcUzgcNwoEAjIuHlU8NW4JXyJFaSxR
IP 108.157.214.106:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3025), with no line terminators
Hash 85f662446194f6a07421ed1fc22832ce
67e98be8965e2380adef6a6bb26a36ef9dca72f2
1da1cf2ad0c8545eaba90da98e5623fe38fee7e7e41c19967878ded6a8f3483f
GET /ejlLc1kbWygeZhsEKVUsCFV2Vms8HHk1PUlNfh0+EFAzAzMeUSRdOhZWPhc/CFYlB3cUXD9WazwIGCUXDVweBCgqe38VOgAJfTUcKA4oJC09agMbLzVoBiQQEFU+PA0dDgcnYTJpeABvNGsnIz84AXwlPkoLByRsO2EyMjYqay82OBNOcjZpKAApCRAvfng1YB5oGjkQA3M+MRs7DhsaOil/GDY2NQgSPhUiaG5BGzJOBh8TLgEZKxFOaREfbDBYEwczLXgNSjwyYw88axYOEgsuK3AhBCssbD9LFC1NDDk3CgAvGBRNWBMHMztecgM8EnMBJ2swDC4fdCx1LTBtSHwzOjMYfg5BCklBfyppOHAtOzFIaCAYKDN6DiURA3QzFzIzHHk1PSIAciIfQgwvNBBcUzgcNwoEAjIuHlU8NW4JXyJFaSxR HTTP/1.1
Host: htthereflewove.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1180
Connection: keep-alive
Date: Wed, 26 Oct 2022 03:46:17 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 94251f2595ef5679fba3c952e8743886.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: urEn0qaPSw34I78avFA5sfw77DKHlG30p2z7M8T7FbTXZDSDglbGYQ==
ocsp.pki.goog/s/gts1p5/bmiDRxqR27w
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/bmiDRxqR27w
IP 142.250.74.35:0
Hash b6048b646139ddc5cbfa86a0117dfcfe
deaeae3de84e324b7062eb190daf184ea7254b69
e4adb7b8241681efe2409196c40482b21690d47587c8fdeb81153d5f56f608f0
POST /s/gts1p5/bmiDRxqR27w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:17 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5040b632589b82748b074d300246ff4e
7a7bf55c6f30c9c3ffee86741c55baf81c28b213
c00028f324dd663e6f2997c1f921d8b57c496ce56621dacda803f058a7798da8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=114969
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:17 GMT
Etag: "6357cba2-117"
Expires: Thu, 27 Oct 2022 11:42:26 GMT
Last-Modified: Tue, 25 Oct 2022 11:42:26 GMT
Server: nginx
Content-Length: 279
cdn.taraa.xyz/static/image/adult/favicon.ico
172.67.223.164200 OK 596 B URL HTTP/1.1 cdn.taraa.xyz/static/image/adult/favicon.ico
IP 172.67.223.164:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 7c18a455efe09bb6a68e2de2e62e3270
74b9c6be7c12575ef8895c440354d1121d5f4a44
07b870872353c4d4f5c56b4ee7b42f462156377375691ebe973374a19ecdc3ea
GET /static/image/adult/favicon.ico HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/9GuC
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:17 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 03:32:18 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: W/"3b3-5faa60e6-1d5653e30c9ea0ec;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 839
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vraAFlWDlNuTgP%2FlE6uKurEPZyIbFtKt5GZAhWNeyeU%2FXv8qL9GrEtwsaVu4VijQ4LDdw72RWQz7xiT%2BtQAqR8Obkr6QcdHvEi3Z%2B0%2Bz9RXZFtT7vylJT9SUbiP65SSc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7600343b9eedb518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.google-analytics.com/ga.js
142.250.74.174200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Wed, 26 Oct 2022 03:05:34 GMT
Expires: Wed, 26 Oct 2022 05:05:34 GMT
Cache-Control: public, max-age=7200
Age: 2443
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
push.services.mozilla.com/
35.83.91.138101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.91.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3zH6JZHaMLhPNHzO/hXT3g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qHh0NLjGAUMd1v97jSf4IEsbQos=
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4198a55e59a5f8e03c148fb65922a0d2
dae87475f287c0354788add56d96c5a321c8fef0
b62f1d3050a164a5c6051174071d9b1a7d90bbd4206ac73dfe4f98b0f8774614
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B62F1D3050A164A5C6051174071D9B1A7D90BBD4206AC73DFE4F98B0F8774614"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7801
Expires: Wed, 26 Oct 2022 05:56:18 GMT
Date: Wed, 26 Oct 2022 03:46:17 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4198a55e59a5f8e03c148fb65922a0d2
dae87475f287c0354788add56d96c5a321c8fef0
b62f1d3050a164a5c6051174071d9b1a7d90bbd4206ac73dfe4f98b0f8774614
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B62F1D3050A164A5C6051174071D9B1A7D90BBD4206AC73DFE4F98B0F8774614"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7801
Expires: Wed, 26 Oct 2022 05:56:18 GMT
Date: Wed, 26 Oct 2022 03:46:17 GMT
Connection: keep-alive
taraa.xyz/rtb/validate/90e9598cfd5ddbadb91b34438ad89184/?type=1&p_id=2305&user_id=-1&tmp=0&k=936738&c=1
104.21.38.143200 OK 8.7 kB URL HTTP/1.1 taraa.xyz/rtb/validate/90e9598cfd5ddbadb91b34438ad89184/?type=1&p_id=2305&user_id=-1&tmp=0&k=936738&c=1
IP 104.21.38.143:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (26584)
Hash 91aa9e39928c642fcc9173fe69d92cf6
1f5ef150ef49d97e5e38fcabe65e245490a3fabb
60924ae22a1316716ecf2b46efff2c0e0261c8240a8ac82803b6db4dfbbfff7c
GET /rtb/validate/90e9598cfd5ddbadb91b34438ad89184/?type=1&p_id=2305&user_id=-1&tmp=0&k=936738&c=1 HTTP/1.1
Host: taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: FLYSESSID=oum83to0roh2mpbu2u23il6vbn; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; zone-cap-4629666=1; market_1149829=4236229; adult_ad_report=1149829_4236229
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.27
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMQ%2FiMGxmzauuud8Btsi%2F9ptFWXybdVFdiZjDD6EB6RZbrpt%2Fla2YJjo0oKWxAFxSC2uj0NUbUGoiA4HIX1R9ZL8horUhvPKnDFXYCcs4oZ19WroYLreL%2B8RR6Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7600343b6b621c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
taraa.xyz/static/js/encoding.js
104.21.38.143200 OK 2.9 kB URL HTTP/1.1 taraa.xyz/static/js/encoding.js
IP 104.21.38.143:0
File type ISO-8859 text, with very long lines (3561)
Hash 23401727e01779448e558f45d0199435
c150bcefd1ff63554f9e471d649e01ccf4a72d77
f0d288bfb114d4519ce9264885b1686c67d2c1427a48160f9baf852c9bd7a6da
GET /static/js/encoding.js HTTP/1.1
Host: taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/rtb/validate/90e9598cfd5ddbadb91b34438ad89184/?type=1&p_id=2305&user_id=-1&tmp=0&k=936738&c=1
Cookie: FLYSESSID=oum83to0roh2mpbu2u23il6vbn; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; zone-cap-4629666=1; market_1149829=4236229; adult_ad_report=1149829_4236229; __utma=15539635.1597053971.1666755975.1666755975.1666755975.1; __utmb=15539635.1.10.1666755975; __utmc=15539635; __utmz=15539635.1666755975.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:17 GMT
Content-Type: application/x-javascript
Content-Length: 2869
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 03:32:18 GMT
last-modified: Wed, 21 Jul 2021 19:37:10 GMT
etag: "240a-60f87766-1adea7f727beb226;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 839
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hjv%2FnX%2FR1bcc3Q%2BxhSRZ24YyaiAMukta%2BeYZF6yLJrjaca5HSInBcq5YSJh%2Bmi8ApQi5GbMXyPriHLlTlRlrzoyECAT%2Fg3AyvkAJnjerMZU2NZIl4COOAVt08tg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7600343c4ba31c02-OSL
alt-svc: h2=":443"; ma=60
htthereflewove.xyz/utx?cb=vl80ragSkBLm&top=taraa.xyz&tid=788614
108.157.214.106204 No Content 0 B URL HTTP/2 htthereflewove.xyz/utx?cb=vl80ragSkBLm&top=taraa.xyz&tid=788614
IP 108.157.214.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=vl80ragSkBLm&top=taraa.xyz&tid=788614 HTTP/1.1
Host: htthereflewove.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://taraa.xyz
Connection: keep-alive
Referer: http://taraa.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 26 Oct 2022 03:46:17 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://taraa.xyz
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 26 Oct 2022 03:47:17 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 94251f2595ef5679fba3c952e8743886.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: vETeTUzoUK1t-ttc1ejopxWimDy6S6iFbjvIdHX6XtHNAEWpcWBAqQ==
X-Firefox-Spdy: h2
htthereflewove.xyz/multi?cs=MloxZEECaQBSdwduA1xwBmIJVXg&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.60.0&sts=0&prn=0&emb=0&tid=788614&rxy=1280_1024&fs=1&ref=http%3A%2F%2Ftaraa.xyz%2F9GuC&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_uebg=1666755974408&crc=1
108.157.214.106200 OK 1.5 kB URL HTTP/2 htthereflewove.xyz/multi?cs=MloxZEECaQBSdwduA1xwBmIJVXg&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.60.0&sts=0&prn=0&emb=0&tid=788614&rxy=1280_1024&fs=1&ref=http%3A%2F%2Ftaraa.xyz%2F9GuC&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_uebg=1666755974408&crc=1
IP 108.157.214.106:0
File type ASCII text, with very long lines (3231), with no line terminators
Hash f134ac6f54d2cd98453335ed5868b043
160d0842110bc5c888ec89861547ac95ad16364d
600795a1d6f3e4923e6a278ea899fde6c11a3dcfd8dc0fba6f8094b141124372
GET /multi?cs=MloxZEECaQBSdwduA1xwBmIJVXg&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.60.0&sts=0&prn=0&emb=0&tid=788614&rxy=1280_1024&fs=1&ref=http%3A%2F%2Ftaraa.xyz%2F9GuC&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_uebg=1666755974408&crc=1 HTTP/1.1
Host: htthereflewove.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://taraa.xyz
Connection: keep-alive
Referer: http://taraa.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
content-length: 1520
date: Wed, 26 Oct 2022 03:46:17 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://taraa.xyz
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=e22eca3c-9967-4194-b623-a4866db6aa08
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 94251f2595ef5679fba3c952e8743886.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: IJ6-3Q1GUSUPPi8aP2pBweLrARIwD3OgRffO1GzoGcC0KqS8GW8EXA==
X-Firefox-Spdy: h2
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1581272161&utmhn=taraa.xyz&utme=8(User)9(-1)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=949198279&utmr=-&utmp=%2F9GuC&utmht=1666755974697&utmac=UA-6469700-20&utmcc=__utma%3D15539635.1597053971.1666755975.1666755975.1666755975.1%3B%2B__utmz%3D15539635.1666755975.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2050065027&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.174200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1581272161&utmhn=taraa.xyz&utme=8(User)9(-1)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=949198279&utmr=-&utmp=%2F9GuC&utmht=1666755974697&utmac=UA-6469700-20&utmcc=__utma%3D15539635.1597053971.1666755975.1666755975.1666755975.1%3B%2B__utmz%3D15539635.1666755975.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2050065027&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1581272161&utmhn=taraa.xyz&utme=8(User)9(-1)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=949198279&utmr=-&utmp=%2F9GuC&utmht=1666755974697&utmac=UA-6469700-20&utmcc=__utma%3D15539635.1597053971.1666755975.1666755975.1666755975.1%3B%2B__utmz%3D15539635.1666755975.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2050065027&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Wed, 26 Oct 2022 03:46:17 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
d3t5ngjixpjdho.cloudfront.net/1SVNweUwqPB4fcz06FER7cWtGSHhvOQMWIjluOTg7LT8HP3s6NRlPfB87Vg02LW5AXyAoPRdEaiw9E0R9bzIUG3F9dQQJIyJuBBA7PicSFSEoO1YMLXQ+HwMlJT8RXH4PZl5JaXtjWAF9eHZDO2l7YxwQIjwrVUt8MWtGJnp9dkM7aXtjAg9pehJJT2J5el-VLfC42ExIjbGE2S3x4Y0BIfHh2QkkqICEVHyMxdkI/dX99QF85dGI
54.230.245.226200 OK 445 B URL HTTP/1.1 d3t5ngjixpjdho.cloudfront.net/1SVNweUwqPB4fcz06FER7cWtGSHhvOQMWIjluOTg7LT8HP3s6NRlPfB87Vg02LW5AXyAoPRdEaiw9E0R9bzIUG3F9dQQJIyJuBBA7PicSFSEoO1YMLXQ+HwMlJT8RXH4PZl5JaXtjWAF9eHZDO2l7YxwQIjwrVUt8MWtGJnp9dkM7aXtjAg9pehJJT2J5el-VLfC42ExIjbGE2S3x4Y0BIfHh2QkkqICEVHyMxdkI/dX99QF85dGI
IP 54.230.245.226:0
File type ASCII text, with very long lines (595), with no line terminators
Hash 3b2bb8eb256e2b38f707319d4e951b32
4b00da22fa29cbe82211527017925090c347e463
3ba53b64c5ad64fce317c2f4058453d69c8d501f1d70cf638d2bff8cbb18475d
GET /1SVNweUwqPB4fcz06FER7cWtGSHhvOQMWIjluOTg7LT8HP3s6NRlPfB87Vg02LW5AXyAoPRdEaiw9E0R9bzIUG3F9dQQJIyJuBBA7PicSFSEoO1YMLXQ+HwMlJT8RXH4PZl5JaXtjWAF9eHZDO2l7YxwQIjwrVUt8MWtGJnp9dkM7aXtjAg9pehJJT2J5el-VLfC42ExIjbGE2S3x4Y0BIfHh2QkkqICEVHyMxdkI/dX99QF85dGI HTTP/1.1
Host: d3t5ngjixpjdho.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://htthereflewove.xyz/
HTTP/1.1 200 OK
Content-Length: 445
Connection: keep-alive
Date: Wed, 26 Oct 2022 03:46:17 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MV1BTAK5r3WeHCrtfmSvU5oq5bCQEF-FhwHEzXPUVLylrONX9cnpPw==
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4198a55e59a5f8e03c148fb65922a0d2
dae87475f287c0354788add56d96c5a321c8fef0
b62f1d3050a164a5c6051174071d9b1a7d90bbd4206ac73dfe4f98b0f8774614
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B62F1D3050A164A5C6051174071D9B1A7D90BBD4206AC73DFE4F98B0F8774614"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7801
Expires: Wed, 26 Oct 2022 05:56:18 GMT
Date: Wed, 26 Oct 2022 03:46:17 GMT
Connection: keep-alive
cdn.taraa.xyz/static/image/apple-touch-icon.png
172.67.223.164403 Forbidden 436 B URL HTTP/1.1 cdn.taraa.xyz/static/image/apple-touch-icon.png
IP 172.67.223.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash b112c984fdf3ae98cbf4bc84066cf619
e68cf1400ca02fc1b472c6f3a2cbb9c2234073c5
233729c945d3c6dc5a81cbf30abedd598a9927d141eda2e369aecd13a790938a
GET /static/image/apple-touch-icon.png HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/9GuC
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 403 Forbidden
Date: Wed, 26 Oct 2022 03:46:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2N7ErGNOnfxUoc6Q6xhdOjG1Vb8PyFeKCh78mO1fWhw3hGVT57mHf4mi8UVnu0ZuPVcQ6e3YjQwTOdpFdgzTvJ4KogIzJzEcS7N53s%2FxquN29HGWctgMUQZmsQlfzBi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7600343b9b6e1c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cf741ff74b4ecc380bf5f7e6ccca9e10
1b5da442d8ed487fa0a7815cf01f1de481eb4cc4
3b1408d5ec443166699e4031a54315162a24b4aed4b6611a45cab7ea38d56972
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=153152
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:18 GMT
Etag: "635860ca-117"
Expires: Thu, 27 Oct 2022 22:18:50 GMT
Last-Modified: Tue, 25 Oct 2022 22:18:50 GMT
Server: nginx
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4728
Expires: Wed, 26 Oct 2022 05:05:06 GMT
Date: Wed, 26 Oct 2022 03:46:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4728
Expires: Wed, 26 Oct 2022 05:05:06 GMT
Date: Wed, 26 Oct 2022 03:46:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2792ca2-a8f4-4e81-bcd4-6622a0af2bb5.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2792ca2-a8f4-4e81-bcd4-6622a0af2bb5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 09cb7bc8ddfe92c1130dbabd27512fc4
b8eec3e24a3960e1a65b8ae69a0e9648275d7af7
cd6b9cc817d8ce64a8a8f51cbee96343fc26b51d9f2dc8f905303c3c28f5b6da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2792ca2-a8f4-4e81-bcd4-6622a0af2bb5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6737
x-amzn-requestid: 7cc81b57-158b-4304-95dc-c0373f710537
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alL-kFQPoAMFt7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635859f6-5b43711d2040d32f7a7cfcbd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:49:42 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: v7QWR9jPfLG67Woq6TFAFpG2j82t7l2RCYtg_WXBZcgEIR7WuLrwuQ==
via: 1.1 94be61e339880d0097634de6934f7710.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:05:09 GMT
etag: "b8eec3e24a3960e1a65b8ae69a0e9648275d7af7"
content-type: image/jpeg
age: 20469
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc635673e-499c-4d9c-8bc5-a713fb19e221.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc635673e-499c-4d9c-8bc5-a713fb19e221.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b946c4f2f177828cf7b76c5764e97157
c3856686b98e1883133aa1824c496d34512769a0
be818a015fc9c745ea561a0b9c2aca6ba25ade24acd696fa651163d47b195371
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc635673e-499c-4d9c-8bc5-a713fb19e221.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13796
x-amzn-requestid: 90b1e032-78c6-499d-b564-f25c15e20304
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ2OG0SoAMFx-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358568e-599d0f526fc6a01f77b67dcf;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sVS9nFgRyVconkkFTOrCO2zA0cICFNQFB2E1q7SQcVQm5_Dm6khvrA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:48:40 GMT
age: 21458
etag: "c3856686b98e1883133aa1824c496d34512769a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NQJHFIbLMzw0aGwCkVGIEIHOMHprTpvLkLQRKgrGeVj35sk7sW4IUg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 00:36:34 GMT
age: 11384
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.172.27200 OK 114 kB IP 172.64.172.27:0
Size 114 kB (113524 bytes)
Hash fa7a9223070a99eba43af0da2e6c078a
a2d5900ed844d395694ab9c1caf16ae256c40626
f8e3ecfcefb2f13e68c281c1622ae493e0b9065355fe0282c77ecbe120bd1750
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://taraa.xyz
Connection: keep-alive
Referer: http://taraa.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:17 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://taraa.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Wed, 26 Oct 2022 01:11:32 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2Fflm71JBG2UKDHsRU%2Bk8haNuqPuETTH58Yu9aYpF8e7v8oCXiX6VDLtBeXzJeMjQAn9sAw7LWalxlKmsDtqjq46MF2OPN6dsD%2FjgZo8COVlRJzfp4Cc8nUzQXXEgC9v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7600343c2a8f8e38-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb59802-0d15-47b0-9824-34102fa77aeb.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb59802-0d15-47b0-9824-34102fa77aeb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffefed59982fc01dd8df2f14cea499ca
abab3e94679d0c3e2cbecbda2e9a789a7fe17873
0c9e876f3f638aa4148aecdd77722e5091a2bb47ac30e4367505a1ebe39535d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb59802-0d15-47b0-9824-34102fa77aeb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9355
x-amzn-requestid: eb558ca7-8a59-4135-85c8-f0fd5afd30fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ35EV2oAMF_4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585698-0ea5ca6a1f03dd6174ac208c;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:20 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ffqlvVBIZ_66jDf_4KtvieiOvJVgrlGqOY6VRWwf9iOi_KgcxbP5FA==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:53:43 GMT
age: 21155
etag: "abab3e94679d0c3e2cbecbda2e9a789a7fe17873"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7feebb27-e9c6-46cc-a15e-dfe7e14961be.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7feebb27-e9c6-46cc-a15e-dfe7e14961be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6908328a8d186075fa9e59a172c12913
73771b4bb2eb936ee8efd4039ee4913a51f94f3e
6d1e1ec3b1a3eec27056c711f5f2b957247c7d1e3be6d99c65bb96df74715446
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7feebb27-e9c6-46cc-a15e-dfe7e14961be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8187
x-amzn-requestid: 9f706dbe-6f9a-4839-9576-fcd45af05ccc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alLLKGUAoAMFiEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635858ad-1fdc6b1b07249d8501117cf1;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:44:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cxM0T_HLsSl-rXU-lmzlflC66GyChydnPjlAhnKJ4fFzysuyEI0rMQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:34:42 GMT
etag: "73771b4bb2eb936ee8efd4039ee4913a51f94f3e"
content-type: image/jpeg
age: 18696
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cf741ff74b4ecc380bf5f7e6ccca9e10
1b5da442d8ed487fa0a7815cf01f1de481eb4cc4
3b1408d5ec443166699e4031a54315162a24b4aed4b6611a45cab7ea38d56972
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=153152
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:18 GMT
Etag: "635860ca-117"
Expires: Thu, 27 Oct 2022 22:18:50 GMT
Last-Modified: Tue, 25 Oct 2022 22:18:50 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
ocsp.sectigo.com/
104.18.32.68200 OK 23 kB IP 104.18.32.68:0
Hash c1c38de51977b116135b2c421139c5b5
d6ab601081f6305ab296bda13c5c1d88678a649c
0c145a285ed909cf573e76f613f554ca7c0701c3009e0af463e6e5ca7601806a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 03:46:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 08:27:03 GMT
Expires: Tue, 01 Nov 2022 08:27:02 GMT
Etag: "9133524621940b0fb175706b7135a3864435574b"
Cache-Control: max-age=534643,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760034448dc6b512-OSL
poweredby.jads.co/js/jads.js
185.94.236.247301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 26 Oct 2022 03:46:19 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
poweredby.jads.co/js/jads2.js
185.94.236.247200 OK 2.4 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP 185.94.236.247:0
File type HTML document, ASCII text, with very long lines (3758)
Hash b2fbe3fbd23630525acf0520537dc167
4c53dd2bec9dfa5467f40dd453606988ba6d3b29
cd8f2156c688ef9f32651e516f7cd2644b767162d5312495f7e7e3e52a81b66b
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javflag.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 03:46:19 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip
javflag.com/cdn-cgi/apps/head/eqvK8VR8hiV-oWoKRWKnWSx24Hw.js
104.21.43.50200 OK 16 kB URL HTTP/2 javflag.com/cdn-cgi/apps/head/eqvK8VR8hiV-oWoKRWKnWSx24Hw.js
IP 104.21.43.50:0
Hash 84bf4559d2237d36fa7a3cb1fffa000f
7f95fa09638ccd384cdf335d424ee32dd9663437
467427a2788ee5d76218009bc281c60df88d363a5119272abe02ecc3ff4f7936
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/apps/head/eqvK8VR8hiV-oWoKRWKnWSx24Hw.js HTTP/1.1
Host: javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:18 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: /K1FYVadwW6NIpz3EL39isFe6g0I1RQZg/n2+oYiG5inQrSueR8XtDu7xQcU7HrksuPoa5w7qhE=
x-amz-request-id: 34VEK3YR0SFKVHHT
cache-control: public, max-age=31536000
last-modified: Sat, 05 Jun 2021 15:23:51 GMT
x-amz-version-id: BpzTvMe2uK2cEHeQ_WRpUBJ2uI.NQfVs
etag: W/"212edacc088d2662764eb3ea51ef5a4f"
cf-cache-status: HIT
age: 1063263
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BL3ZN1xGqHnO9Lews4VQpAlFUxcNFvpE1lQr6wNO0puMvON2yZ804gRSe5JszG02YV4rucjsv6a3zvUtrnlf2iJnQOOI4ByfHBYpDhl33p2VdOhyuFKB0XSLtLJRrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76003443ccaa1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=947353
185.94.236.247200 OK 1.5 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=947353
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (415), with CRLF, LF line terminators
Hash 055eb60a231feb9dfafd8b107cb630b9
bec24b79ed9f3cd71addec520d01bc5885a992f3
4f00196427386aede5f90b133311c7188100ad7f4cb0506d31e7200d1b585904
GET /adshow.php?adzone=947353 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 03:46:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=f692288e0494d5e65bf438d385d39561; expires=Thu, 26-Oct-2023 03:46:19 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps8666=1; expires=Thu, 27-Oct-2022 03:46:19 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEwMjE2OTI7aToxNjY3MDE1MTc5O30%3D; expires=Sat, 29-Oct-2022 03:46:19 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 29-Oct-2022 03:46:19 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
barnabaslinger.com/32ef2a2504620607fa5a59dd0d7fa048/invoke.js
192.243.59.12200 OK 9.3 kB URL HTTP/1.1 barnabaslinger.com/32ef2a2504620607fa5a59dd0d7fa048/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25070), with no line terminators
Hash b1d427f2dd78f35a6b5b16a243666e40
bb03be69d1cf007d3190a37d0f7dd0d56bc3301e
7efeb0aa93bf1397004e13d8a4e397c5c85bb57b5a9ecae58b2ece7d6fc6cb69
GET /32ef2a2504620607fa5a59dd0d7fa048/invoke.js HTTP/1.1
Host: barnabaslinger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 03:46:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 832e151446fc7146d9a205f4aef95ee6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
poweredby.jads.co/adshow.php?adzone=947358
185.94.236.247200 OK 5.8 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=947358
IP 185.94.236.247:0
Hash b9df4c16ffb645df55562e9132202c06
7edb14634fcb0d117873f5d2cae932f0dd85b23b
d0721c614ae9c82587d7134e564b23bc7eff09f16871f79e4ede169979cfbd36
GET /adshow.php?adzone=947358 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 03:46:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=f692288e0494d5e65bf438d385d39561; expires=Thu, 26-Oct-2023 03:46:19 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps8666=1; expires=Thu, 27-Oct-2022 03:46:19 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEwMjE3MDk7aToxNjY3MDE1MTc5O30%3D; expires=Sat, 29-Oct-2022 03:46:19 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 29-Oct-2022 03:46:19 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
poweredby.jads.co/adshow.php?adzone=947357
185.94.236.247200 OK 4.8 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=947357
IP 185.94.236.247:0
Hash 9654f61ee00af3af1cb946b5ea374d3f
172e3552d2ea476f3b3986d2d7f034f70d870d9b
a5c9d31952ed47977356abdfaa69c05a6471e8ff3d38cb6d5a353ad040e13aae
GET /adshow.php?adzone=947357 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 03:46:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=f692288e0494d5e65bf438d385d39561; expires=Thu, 26-Oct-2023 03:46:19 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps161=1; expires=Thu, 27-Oct-2022 03:46:19 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjExOTY3Mjg7aToxNjY3MDE1MTc5O30%3D; expires=Sat, 29-Oct-2022 03:46:19 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 29-Oct-2022 03:46:19 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
javflag.com/_next/static/chunks/framework-22e517ee0ba8263cb42d.js
104.21.43.50200 OK 390 kB URL HTTP/2 javflag.com/_next/static/chunks/framework-22e517ee0ba8263cb42d.js
IP 104.21.43.50:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 390 kB (389616 bytes)
Hash 067ef86f4dc245e3eac1fdca5ef4476d
f06588ae5746c37d0ecb744374febe57b4f16759
4b34d86e3c9728602b9f4ed4739749cee459eabff77a6f9d0261669c7d4b17cc
Analyzer Verdict Alert fortinet Malware
GET /_next/static/chunks/framework-22e517ee0ba8263cb42d.js HTTP/1.1
Host: javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:18 GMT
content-type: application/javascript
cache-control: max-age=2592000
cf-bgj: minify
etag: W/"62a8b159-1ffc1"
expires: Mon, 31 Oct 2022 04:14:04 GMT
last-modified: Tue, 14 Jun 2022 16:03:37 GMT
cf-cache-status: HIT
age: 559068
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkZ3n9UtTbLdR4gmJs2C6aKuPTy8fWSMkE5FT6Y%2FNofzzQOhhRtv97SO8obo22tdmG13UaLUVJoCSq37nGgGjuZFRcPxhoFPb7674LpnZSvcgp0vcapQGHhu9xQ7ug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76003443dcb71c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.jads.co/network/user152224/37612-1592933064-0908009001592933064.jpg
69.16.175.42200 OK 56 kB URL HTTP/2 i.jads.co/network/user152224/37612-1592933064-0908009001592933064.jpg
IP 69.16.175.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=16, height=3840, bps=206, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, width=5760], baseline, precision 8, 300x100, components 3\012- data
Hash 210cb09081cf807c823fa5bdc92ea6f4
601c200ecba513a9d64b22ee588c72f4256a51d2
149b38b9815e79e7591c9d7a447041e00ae057824c7f00b205c973113a073c3c
GET /network/user152224/37612-1592933064-0908009001592933064.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=f692288e0494d5e65bf438d385d39561; imps8666=1; juicy_data_1=YToxOntpOjEwMjE3MDk7aToxNjY3MDE1MTc5O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:19 GMT
etag: "1592933064"
cache-control: max-age=25668551
content-length: 55813
content-type: image/jpeg
last-modified: Tue, 23 Jun 2020 17:24:24 GMT
accept-ranges: bytes
x-hw: 1666755979.dop015.sk1.t,1666755979.cds247.sk1.hn,1666755979.cds221.sk1.c
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=947370
185.94.236.247200 OK 1.5 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=947370
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (415), with CRLF, LF line terminators
Hash 1f2e838086c3b0a68f8987634fea59a0
634dbc9fc90df36d55f5b3d678fd9889ef1d118d
587edb30aec9c58539dfbc69ce2972beb1e2d0ee3f50afdcac0728580297a18c
GET /adshow.php?adzone=947370 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 03:46:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=f692288e0494d5e65bf438d385d39561; expires=Thu, 26-Oct-2023 03:46:19 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps8666=1; expires=Thu, 27-Oct-2022 03:46:19 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEwMjE2OTk7aToxNjY3MDE1MTc5O30%3D; expires=Sat, 29-Oct-2022 03:46:19 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 29-Oct-2022 03:46:19 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/network/user1037/1-1621483200-0734682001621483200.gif
69.16.175.42200 OK 40 kB URL HTTP/2 i.jads.co/network/user1037/1-1621483200-0734682001621483200.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 250 x 250\012- data
Hash b36345b7f286b840911ad3ff6f2a5f48
99202769ae0f312e50818d11ca83df459ffb4e50
d415a2f565a7372d5a5479d2992448524dcc6a1396783e1cdf71fa0b59850b52
GET /network/user1037/1-1621483200-0734682001621483200.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=f692288e0494d5e65bf438d385d39561; imps8666=1; juicy_data_1=YToxOntpOjExOTY3Mjg7aToxNjY3MDE1MTc5O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps161=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:19 GMT
etag: "1621483200"
cache-control: max-age=17830191
content-length: 39983
content-type: image/gif
last-modified: Thu, 20 May 2021 04:00:00 GMT
accept-ranges: bytes
x-hw: 1666755979.dop015.sk1.t,1666755979.cds247.sk1.hn,1666755979.cds232.sk1.c
X-Firefox-Spdy: h2
barnabaslinger.com/2e/f4/1d/2ef41dd6bdb358bdf7d02bce45635537.js
192.243.59.12200 OK 13 kB URL HTTP/1.1 barnabaslinger.com/2e/f4/1d/2ef41dd6bdb358bdf7d02bce45635537.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37127), with no line terminators
Hash 6b498eb0fe1479c436c3710cbee0de68
3abe2a143c0f6022dfda1b19ccc09aa561b97da5
89f442cb8a42af7ce1a0f98802623a972e13c75fbc1b2a9f194825167c5bed15
GET /2e/f4/1d/2ef41dd6bdb358bdf7d02bce45635537.js HTTP/1.1
Host: barnabaslinger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 03:46:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e561811fe9b778b42cac05cdf2e488c6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 787b1fc5d5f4cff91f5aee14f0cc2abf
a27036e3eeb9e273c9d9b5175237ff400b341c92
02cf018bf2716a3128a827ea3cc1daca23e98e0469c0dd24807e140af1a8f7b2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122161
Date: Wed, 26 Oct 2022 03:46:19 GMT
Etag: "6357d705-1d7"
Expires: Thu, 27 Oct 2022 13:42:20 GMT
Last-Modified: Tue, 25 Oct 2022 12:31:01 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FSjxX7GGjdIBrj2lPRAQpjVR8vIhxyoZI5ZsmaLabcl2bcZCYe3PVQ==
Age: 4279
i.jads.co/network/user152224/37612-1592933029-0893120001592933029.gif
69.16.175.42200 OK 290 kB URL HTTP/2 i.jads.co/network/user152224/37612-1592933029-0893120001592933029.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 290 kB (290038 bytes)
Hash 9eae805c6f12fbf53984757c3cb58756
a76928e191cc9a5aa2695e7b5f8b991ca8694a5e
ba7c2c7892c6a97852014429308001ab62b256a7af84f51076c792ca3b402cf1
GET /network/user152224/37612-1592933029-0893120001592933029.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=f692288e0494d5e65bf438d385d39561; imps8666=1; juicy_data_1=YToxOntpOjEwMjE2OTk7aToxNjY3MDE1MTc5O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps161=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:19 GMT
etag: "1592933029"
cache-control: max-age=25668426
content-length: 290038
content-type: image/gif
last-modified: Tue, 23 Jun 2020 17:23:49 GMT
accept-ranges: bytes
x-hw: 1666755979.dop015.sk1.t,1666755979.cds247.sk1.hn,1666755979.cds205.sk1.c
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.193.142.27200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.193.142.27:0
File type ASCII text, with no line terminators
Hash 1bd8e383d73392699f6fbc117a90f9c7
ba9550afd261bc76f8bf07f8d28d701259819a85
4b95c42f16ebf608e99892ace777e1b84957d13465e95ba42987eed3e409d20c
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:19 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://javflag.com
access-control-allow-credentials: true
set-cookie: uid_id2=716b05d0-a755-43ab-b485-58f0bb6efcbe:3:1; expires=Sat, 23 Oct 2032 03:46:19 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2573550905bb712ff922038fa16f5ca5
4bafed709843fffe332a9e6c90582425486e8696
112bdaae9c41137e39113ae5154aa36e9842cefdecaf4dc76dc6db6c31706213
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "112BDAAE9C41137E39113AE5154AA36E9842CEFDECAF4DC76DC6DB6C31706213"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4675
Expires: Wed, 26 Oct 2022 05:04:15 GMT
Date: Wed, 26 Oct 2022 03:46:20 GMT
Connection: keep-alive
static.adxadserv.com/js/adserv-slider.js
185.76.9.24200 OK 2.6 kB URL HTTP/2 static.adxadserv.com/js/adserv-slider.js
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (544), with CRLF line terminators
Hash e9cd3d8d1c06c90d58694268a240013b
3a52d9042ba79b4c93c17347fae63e2f43d07f37
2b8dfe0e533778727b74e6cca76bdd89fdf0192ff8dbe40016a2175b86e34e81
GET /js/adserv-slider.js HTTP/1.1
Host: static.adxadserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:19 GMT
content-type: application/javascript
last-modified: Fri, 15 Nov 2019 09:32:36 GMT
etag: W/"5dce70b4-dae"
x-accel-expires: @1666797433
server: CDN77-Turbo
x-77-nzt: AblMCRRjk1j/EjAPAA
x-77-nzt-ray: ffffffff8db22ae08bad5863eeaf931b
x-cache: HIT
x-age: 995346
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=947353
185.94.236.247200 OK 12 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=947353
IP 185.94.236.247:0
Hash f7ba8edaaf9dfd21f240fd768dd0909b
1bb74fc1a0d8f30e899b1daeccf55241f330fc7c
d9b49556bfff738ad12a740780ff2fa3fb5104959410e25ef1a70f27d2dd9935
GET /adshow.php?adzone=947353 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 03:46:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=f692288e0494d5e65bf438d385d39561; expires=Thu, 26-Oct-2023 03:46:19 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps61=1; expires=Thu, 27-Oct-2022 03:46:20 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjExOTY5NTU7aToxNjY3MDE1MTc5O30%3D; expires=Sat, 29-Oct-2022 03:46:19 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 29-Oct-2022 03:46:19 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/network/user1037/131-1573234879-0672616001573234879.gif
69.16.175.42200 OK 55 kB URL HTTP/2 i.jads.co/network/user1037/131-1573234879-0672616001573234879.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 160 x 600\012- data
Hash 91ebc432ed4947d05bd7ca13cea1ef9e
a954283710f7ee1c374574164b5f52cd84ba1c76
06b58fb6d42894e3953f5f85fc9aa296e5dc774a1e272481f54a210d0118e1bb
GET /network/user1037/131-1573234879-0672616001573234879.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=f692288e0494d5e65bf438d385d39561; imps8666=1; juicy_data_1=YToxOntpOjExOTY5NTU7aToxNjY3MDE1MTc5O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps161=1; imps61=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:20 GMT
etag: "1573234879"
cache-control: max-age=20470492
content-length: 54567
content-type: image/gif
last-modified: Fri, 08 Nov 2019 17:41:19 GMT
accept-ranges: bytes
x-hw: 1666755980.dop015.sk1.t,1666755980.cds247.sk1.hn,1666755980.cds023.sk1.c
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=948378
185.94.236.247200 OK 20 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=948378
IP 185.94.236.247:0
Hash 0c52aacc59ca1463b1e1c6be6cb74c61
ba659dab204b278c5496dec9695f25ba659ab017
455e7cd2f8f86013303d8cc97ed4538cabd00dbc2134eb5c4549d98fc423a944
GET /adshow.php?adzone=948378 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 03:46:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=f692288e0494d5e65bf438d385d39561; expires=Thu, 26-Oct-2023 03:46:19 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Sat, 29-Oct-2022 03:46:19 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 29-Oct-2022 03:46:19 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a563d66ccc502242f03525021484c89f
d41383f84f7e7b7b1d1b35b378117c3fa52b3032
badc50bc09c304c16f062254b0158d1b623a0930b2553f34b1d3b6c1a1c7e207
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5561
Cache-Control: max-age=129909
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:20 GMT
Etag: "6357f048-118"
Expires: Thu, 27 Oct 2022 15:51:29 GMT
Last-Modified: Tue, 25 Oct 2022 14:18:48 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a563d66ccc502242f03525021484c89f
d41383f84f7e7b7b1d1b35b378117c3fa52b3032
badc50bc09c304c16f062254b0158d1b623a0930b2553f34b1d3b6c1a1c7e207
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5561
Cache-Control: max-age=129909
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:20 GMT
Etag: "6357f048-118"
Expires: Thu, 27 Oct 2022 15:51:29 GMT
Last-Modified: Tue, 25 Oct 2022 14:18:48 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
taraa.xyz/funcript1666755974362.php?pub=-1&v=Id6iMwiSwMitYo2jsIikOVnnRIysdIWCUMsuIYnTBOhvdgC3Ib6mNVDmIcspIZmEJIpxbAmTRMFwbAGTVMtwZIWz5L0vItj2oYilcd2EtIppcAFj9Li2dkTjJO02dJGH9Iu7IQijwNifaZGDFOz4aBCCIe61I5mWYa1MYBTyhOhxMEzDhWmoMAzCYMxuNUDzIL4hYxWGUb0pNpm3NbiNYJjiZOhiOQWnRbllNdjWFYkyMVm2Mc21IJny0ei=
104.21.38.143200 OK 14 kB URL HTTP/2 taraa.xyz/funcript1666755974362.php?pub=-1&v=Id6iMwiSwMitYo2jsIikOVnnRIysdIWCUMsuIYnTBOhvdgC3Ib6mNVDmIcspIZmEJIpxbAmTRMFwbAGTVMtwZIWz5L0vItj2oYilcd2EtIppcAFj9Li2dkTjJO02dJGH9Iu7IQijwNifaZGDFOz4aBCCIe61I5mWYa1MYBTyhOhxMEzDhWmoMAzCYMxuNUDzIL4hYxWGUb0pNpm3NbiNYJjiZOhiOQWnRbllNdjWFYkyMVm2Mc21IJny0ei=
IP 104.21.38.143:0
Hash 17f9f5279aded00df0b61a3766d10311
37cae0e6278cde2a3b5568c6d71b507e36b7b92b
fee276c055bd82d0b0b6bb73b72324e608bde7b382537079f193d256c656f247
GET /funcript1666755974362.php?pub=-1&v=Id6iMwiSwMitYo2jsIikOVnnRIysdIWCUMsuIYnTBOhvdgC3Ib6mNVDmIcspIZmEJIpxbAmTRMFwbAGTVMtwZIWz5L0vItj2oYilcd2EtIppcAFj9Li2dkTjJO02dJGH9Iu7IQijwNifaZGDFOz4aBCCIe61I5mWYa1MYBTyhOhxMEzDhWmoMAzCYMxuNUDzIL4hYxWGUb0pNpm3NbiNYJjiZOhiOQWnRbllNdjWFYkyMVm2Mc21IJny0ei= HTTP/1.1
Host: taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://taraa.xyz/9GuC
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:17 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.27
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3PNS7vFIG7A1AowUPhIL4IWUyCsklFvMfOooz%2BqBRrYgFoHwgPoYsVmUWCQb54oSfzkdseTPe7z0g0xho9GLfaG1ENWm0fkFrt8P10AWdwEt4E6o51R%2BWAOec0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7600343b3984b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a5143688d4d5ea90abac81004bc93cd1
ec23a8670934c65c48bb65e045b319d05054460b
9d7efe22bb0ca5cb010a5168a84495fbecf8d81f3cb4418a1f0c61cbb89d3c01
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4636
Cache-Control: max-age=113866
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:20 GMT
Etag: "6357b53a-117"
Expires: Thu, 27 Oct 2022 11:24:06 GMT
Last-Modified: Tue, 25 Oct 2022 10:06:50 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 499c4aa22f79613865de599e9170f891
f830b51aea0ec98ecd8dd4cda33225d2dfbf1250
5feb31b7bda422222b720adf3f695b14248b6aa3d93ae5c7ab012f1cc85d2d2e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5FEB31B7BDA422222B720ADF3F695B14248B6AA3D93AE5C7AB012F1CC85D2D2E"
Last-Modified: Mon, 24 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7158
Expires: Wed, 26 Oct 2022 05:45:38 GMT
Date: Wed, 26 Oct 2022 03:46:20 GMT
Connection: keep-alive
main.exdynsrv.com/tag.php?goal=3498327ae8564a1191c4243b38616bf7
95.211.229.246200 OK 20 B URL HTTP/1.1 main.exdynsrv.com/tag.php?goal=3498327ae8564a1191c4243b38616bf7
IP 95.211.229.246:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=3498327ae8564a1191c4243b38616bf7 HTTP/1.1
Host: main.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 03:46:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A48723%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-10-25%22%3B%7D%7D; expires=Thu, 26 Oct 2023 03:46:20 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
main.realsrv.com/tag.php?goal=3498327ae8564a1191c4243b38616bf7
95.211.229.247200 OK 20 B URL HTTP/1.1 main.realsrv.com/tag.php?goal=3498327ae8564a1191c4243b38616bf7
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=3498327ae8564a1191c4243b38616bf7 HTTP/1.1
Host: main.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 03:46:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A48723%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-10-25%22%3B%7D%7D; expires=Thu, 26 Oct 2023 03:46:20 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
burlydeclined.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxRut3uTw%2B6kHlQURFAYPsgsy6e6Z6Z5xD4trHAnGzbqruAdBqru6J7Wp7mqquronOWVdkBwEBzzpqfMm2eBuFP0DXKSzIBIQMp5y2Hj2KOJ6lRmD0Q%2B6v%2FfqvcP7vqqPt80JsWHo8eLbcoMLQRc6Tbtx4abjXGos89QMG8Ou96HXvtRQxas9r2lfbLwZhWtywbUd23Zsp9HnKorlcGEqgmf7PafZs5ttt%2Bl02hiq%2F3JtLGhqgRUn5FlwNpl%2FaJ0HD2ukyTeLkV7LZfbKG4kRNJcKBdt7L11LZZkiOYOxshCne6duSH3UfwCZ7s7iQhb%2FGAM%2BIdYPDxCke6chERQ7s5yBQJQiYE%2BiLGpEoganNUJ5B5wdESBkuLqCNLl7VaqSrv%2Bt0qk6IfOPfwcvJ2T%2B0XmkyddXBB82bkhhci5TjWFcgQ9r8EGNzBwg3zgHXh4gzD8CZz%2BRhcfLSJOdFS0kOKtms3Neg8c1RDQC1RbM9OMWTGzBZBYSdtwIHcfxbRZSu9sLwxbzo8BjtkP92KGO7XVhwmm8EfJshFCMEKpNZGoTa3wEZb6HXq2gmQWdT4j1ziYKVqGMCEpNUFKCkhOUOUFZVLtMaFdXd5nQJnBOu3vaW9VY5oNtuivzQZSS7eyEPDPby59HKdai40bLjWKXuh277bm2Z%2Fsx7dBOjzGb%2BTG1211oXoHrc7NRN%2FiEPNe%2FjYxPyPzWzwjoAbQ4QMifBjUOaDn2XRt0ddzu2thI79%2BiRSzooBnKBExWyPJ55OvWtjghz89i%2BLd%2FQxQeXt6%2F8Ef96QcXEaoKmapwiz8kGIit8XVZkp3rstTk25Us5wnfoNOru5HTPJq791a0XkrFlhb16MvXwqkwhfvvRjpfpinj6UCT%2B1c4Y5HqSxVG5Lsl%2FX4UXDN69YpRqcmWr73eX0oyFWnNZVqD8qOnaoR8Qv5%2FuDh7ky%2F2V8FVDWUqJOaQnBa4PECYbUJnh5fvvbD%2FP%2BflX6ElgRJnniCzUJpqrNzg7FBwAhGdcRpU0P%2FiwRne1lsYqDnQ%2FA7SpEKhKhSiAhUjaPPEOM%2FU4eUfP5%2FWFwjE3DgQam4nEEp8NlvthLw092j6%2BwWaHzf8VsumXq%2Fj%2BD6N%2FKDtdmPPYZS6bc%2F1PNpCrifhza8%2B%2BQsAAP%2F%2FAQAA%2F%2F87pz6IaAQAAA%3D%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 burlydeclined.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxRut3uTw%2B6kHlQURFAYPsgsy6e6Z6Z5xD4trHAnGzbqruAdBqru6J7Wp7mqquronOWVdkBwEBzzpqfMm2eBuFP0DXKSzIBIQMp5y2Hj2KOJ6lRmD0Q%2B6v%2FfqvcP7vqqPt80JsWHo8eLbcoMLQRc6Tbtx4abjXGos89QMG8Ou96HXvtRQxas9r2lfbLwZhWtywbUd23Zsp9HnKorlcGEqgmf7PafZs5ttt%2Bl02hiq%2F3JtLGhqgRUn5FlwNpl%2FaJ0HD2ukyTeLkV7LZfbKG4kRNJcKBdt7L11LZZkiOYOxshCne6duSH3UfwCZ7s7iQhb%2FGAM%2BIdYPDxCke6chERQ7s5yBQJQiYE%2BiLGpEoganNUJ5B5wdESBkuLqCNLl7VaqSrv%2Bt0qk6IfOPfwcvJ2T%2B0XmkyddXBB82bkhhci5TjWFcgQ9r8EGNzBwg3zgHXh4gzD8CZz%2BRhcfLSJOdFS0kOKtms3Neg8c1RDQC1RbM9OMWTGzBZBYSdtwIHcfxbRZSu9sLwxbzo8BjtkP92KGO7XVhwmm8EfJshFCMEKpNZGoTa3wEZb6HXq2gmQWdT4j1ziYKVqGMCEpNUFKCkhOUOUFZVLtMaFdXd5nQJnBOu3vaW9VY5oNtuivzQZSS7eyEPDPby59HKdai40bLjWKXuh277bm2Z%2Fsx7dBOjzGb%2BTG1211oXoHrc7NRN%2FiEPNe%2FjYxPyPzWzwjoAbQ4QMifBjUOaDn2XRt0ddzu2thI79%2BiRSzooBnKBExWyPJ55OvWtjghz89i%2BLd%2FQxQeXt6%2F8Ef96QcXEaoKmapwiz8kGIit8XVZkp3rstTk25Us5wnfoNOru5HTPJq791a0XkrFlhb16MvXwqkwhfvvRjpfpinj6UCT%2B1c4Y5HqSxVG5Lsl%2FX4UXDN69YpRqcmWr73eX0oyFWnNZVqD8qOnaoR8Qv5%2FuDh7ky%2F2V8FVDWUqJOaQnBa4PECYbUJnh5fvvbD%2FP%2BflX6ElgRJnniCzUJpqrNzg7FBwAhGdcRpU0P%2FiwRne1lsYqDnQ%2FA7SpEKhKhSiAhUjaPPEOM%2FU4eUfP5%2FWFwjE3DgQam4nEEp8NlvthLw092j6%2BwWaHzf8VsumXq%2Fj%2BD6N%2FKDtdmPPYZS6bc%2F1PNpCrifhza8%2B%2BQsAAP%2F%2FAQAA%2F%2F87pz6IaAQAAA%3D%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxRut3uTw%2B6kHlQURFAYPsgsy6e6Z6Z5xD4trHAnGzbqruAdBqru6J7Wp7mqquronOWVdkBwEBzzpqfMm2eBuFP0DXKSzIBIQMp5y2Hj2KOJ6lRmD0Q%2B6v%2FfqvcP7vqqPt80JsWHo8eLbcoMLQRc6Tbtx4abjXGos89QMG8Ou96HXvtRQxas9r2lfbLwZhWtywbUd23Zsp9HnKorlcGEqgmf7PafZs5ttt%2Bl02hiq%2F3JtLGhqgRUn5FlwNpl%2FaJ0HD2ukyTeLkV7LZfbKG4kRNJcKBdt7L11LZZkiOYOxshCne6duSH3UfwCZ7s7iQhb%2FGAM%2BIdYPDxCke6chERQ7s5yBQJQiYE%2BiLGpEoganNUJ5B5wdESBkuLqCNLl7VaqSrv%2Bt0qk6IfOPfwcvJ2T%2B0XmkyddXBB82bkhhci5TjWFcgQ9r8EGNzBwg3zgHXh4gzD8CZz%2BRhcfLSJOdFS0kOKtms3Neg8c1RDQC1RbM9OMWTGzBZBYSdtwIHcfxbRZSu9sLwxbzo8BjtkP92KGO7XVhwmm8EfJshFCMEKpNZGoTa3wEZb6HXq2gmQWdT4j1ziYKVqGMCEpNUFKCkhOUOUFZVLtMaFdXd5nQJnBOu3vaW9VY5oNtuivzQZSS7eyEPDPby59HKdai40bLjWKXuh277bm2Z%2Fsx7dBOjzGb%2BTG1211oXoHrc7NRN%2FiEPNe%2FjYxPyPzWzwjoAbQ4QMifBjUOaDn2XRt0ddzu2thI79%2BiRSzooBnKBExWyPJ55OvWtjghz89i%2BLd%2FQxQeXt6%2F8Ef96QcXEaoKmapwiz8kGIit8XVZkp3rstTk25Us5wnfoNOru5HTPJq791a0XkrFlhb16MvXwqkwhfvvRjpfpinj6UCT%2B1c4Y5HqSxVG5Lsl%2FX4UXDN69YpRqcmWr73eX0oyFWnNZVqD8qOnaoR8Qv5%2FuDh7ky%2F2V8FVDWUqJOaQnBa4PECYbUJnh5fvvbD%2FP%2BflX6ElgRJnniCzUJpqrNzg7FBwAhGdcRpU0P%2FiwRne1lsYqDnQ%2FA7SpEKhKhSiAhUjaPPEOM%2FU4eUfP5%2FWFwjE3DgQam4nEEp8NlvthLw092j6%2BwWaHzf8VsumXq%2Fj%2BD6N%2FKDtdmPPYZS6bc%2F1PNpCrifhza8%2B%2BQsAAP%2F%2FAQAA%2F%2F87pz6IaAQAAA%3D%3D HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Cookie: u_pl=16241006; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec32ef2a2504620607fa5a59dd0d7fa048=[3637745,2229213,2229215]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 26 Oct 2022 03:46:20 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 69cac26f48d52317ccfcc7bf1213cd0b
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 380e7faa2a3932803d3733d161018673
671bbc32cbc3ea575f244c175a1ca175196a3735
22d6ef29a9d8ea66a602103f9a9cbadf3eae78e38436a8476e75b6925eb6e4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22D6EF29A9D8EA66A602103F9A9CBADF3EAE78E38436A8476E75B6925EB6E4BB"
Last-Modified: Tue, 25 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8620
Expires: Wed, 26 Oct 2022 06:10:00 GMT
Date: Wed, 26 Oct 2022 03:46:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 380e7faa2a3932803d3733d161018673
671bbc32cbc3ea575f244c175a1ca175196a3735
22d6ef29a9d8ea66a602103f9a9cbadf3eae78e38436a8476e75b6925eb6e4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22D6EF29A9D8EA66A602103F9A9CBADF3EAE78E38436A8476E75B6925EB6E4BB"
Last-Modified: Tue, 25 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8620
Expires: Wed, 26 Oct 2022 06:10:00 GMT
Date: Wed, 26 Oct 2022 03:46:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 380e7faa2a3932803d3733d161018673
671bbc32cbc3ea575f244c175a1ca175196a3735
22d6ef29a9d8ea66a602103f9a9cbadf3eae78e38436a8476e75b6925eb6e4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22D6EF29A9D8EA66A602103F9A9CBADF3EAE78E38436A8476E75B6925EB6E4BB"
Last-Modified: Tue, 25 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8620
Expires: Wed, 26 Oct 2022 06:10:00 GMT
Date: Wed, 26 Oct 2022 03:46:20 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg
45.133.44.9200 OK 21 kB URL HTTP/2 cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 8f4953c1b8baece7bb7d226247561ce2
da5d440970606602026d7900a55ae2fd27a3f170
8fd9df7d8e48ff2519631e82e01519d4f1c65abd41ec977c18abb58df9832919
GET /si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:21 GMT
content-type: image/jpeg
content-length: 20566
server: nginx/1.17.6
last-modified: Thu, 01 Sep 2022 12:51:28 GMT
etag: "6310aad0-5056"
expires: Fri, 28 Oct 2022 03:46:21 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 3d638e1effd3b31b4236198c385a94ab
b1aa48cb7ab0797adbece2d71aff633887762abc
41cfc49734488bf7f27d9dde7606182e739b2755480330504e5b3ee07f86e264
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=132142
Date: Wed, 26 Oct 2022 03:46:21 GMT
Etag: "6357fe62-1d7"
Expires: Thu, 27 Oct 2022 16:28:43 GMT
Last-Modified: Tue, 25 Oct 2022 15:18:58 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HJiW66Azbsl2zCt2T3i6LqmBtrQeYzaYFS3T-NnCd16p8boiY1ob9g==
Age: 4185
pogothere.xyz/
172.64.172.27200 OK 23 kB IP 172.64.172.27:0
File type ASCII text, with no line terminators
Hash ff6a2a3a6c73b8a866d5d42dcbf10e8e
7c15c9b022cffc9696b24129c1ad6e9a0b4b4fc0
ec641942c22d30b8037db6318fdd2c5374b6051919f497675723b800017e3284
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://taraa.xyz
Connection: keep-alive
Referer: http://taraa.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:17 GMT
content-type: text/plain
set-cookie: csu=2004674591237691@1@1666755977; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://taraa.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZ2R9Ptj9uq2%2FRiuf5tZnohvNFrypRFVBukhXLM9glMVglcwVTduAxG7%2BMCcRfq%2FGkeZNw%2FeqCDMv17kruc3PdYvSPWFyeROjmT%2BwJMaZWl2YaFX4t70EHKNQSeFPSvJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7600343c2a928e38-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg
45.133.44.9200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 4452445afb73fab8af9ff308eb667024
130401c47d822426e1cce9981c30d775cba1b576
923b0ac505decd181f473f1fa460f21590777993c3581723f127b032d8c45bdd
GET /cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:21 GMT
content-type: image/jpeg
content-length: 22987
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:16:05 GMT
etag: "611243d5-59cb"
expires: Fri, 28 Oct 2022 03:46:21 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=947366
185.94.236.247200 OK 1.9 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=947366
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (502), with CRLF, LF line terminators
Hash 36620af7cc1c1189dffa5ff4a27d7b23
e736eb0cfe0c4b4f29b9724efe98f77649f3d63a
c101c33a6de0fd5e59bd7cf22e984d09a92597d8f328c5785c3284ab06058c73
GET /adshow.php?adzone=947366 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 03:46:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=f692288e0494d5e65bf438d385d39561; expires=Thu, 26-Oct-2023 03:46:19 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps203=1; expires=Thu, 27-Oct-2022 03:46:19 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
imps43654=1; expires=Thu, 27-Oct-2022 03:46:19 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
imps203=1; expires=Thu, 27-Oct-2022 03:46:19 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
imps203=1; expires=Thu, 27-Oct-2022 03:46:19 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTo0OntpOjYzMTM3MjtpOjE2NjcwMTUxNzk7aToxMjA0MzAxO2k6MTY2NzAxNTE3OTtpOjYzMTM3MztpOjE2NjcwMTUxNzk7aTo2MzEzNzY7aToxNjY3MDE1MTc5O30%3D; expires=Sat, 29-Oct-2022 03:46:19 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 29-Oct-2022 03:46:19 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
poweredby.jads.co/adshow.php?adzone=947423
185.94.236.247200 OK 1.6 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=947423
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (415), with CRLF, LF line terminators
Hash 0b338bbb5388009cd07c8caefe3827e3
4204ee02ba1b770df4b0d52f3b6e345cf61533b8
9f87754e74c9bcafd4f6711362fc4b0720c13be667bfb1d7fc57ab615aa8bd04
GET /adshow.php?adzone=947423 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 03:46:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=f692288e0494d5e65bf438d385d39561; expires=Thu, 26-Oct-2023 03:46:19 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps8666=1; expires=Thu, 27-Oct-2022 03:46:19 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEwMjE3MTg7aToxNjY3MDE1MTc5O30%3D; expires=Sat, 29-Oct-2022 03:46:19 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 29-Oct-2022 03:46:19 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/network/user1037/203-1520185101.jpg
69.16.175.42200 OK 24 kB URL HTTP/2 i.jads.co/network/user1037/203-1520185101.jpg
IP 69.16.175.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 9d43d8ef4d6605e218bf318e21923b8c
e8cae62be698d197f2f23ad36815f4e2d3f45881
11114dddf1cf3603f2782c8b8ba1d5dd4403147e9030053c6e268819f56f2f64
GET /network/user1037/203-1520185101.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=f692288e0494d5e65bf438d385d39561; imps8666=1; juicy_data_1=YToxOntpOjEwMjE3MTg7aToxNjY3MDE1MTc5O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps161=1; imps61=1; imps203=1; imps43654=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:21 GMT
etag: "1520185101"
cache-control: max-age=17681773
content-length: 23898
content-type: image/jpeg
last-modified: Sun, 04 Mar 2018 17:38:21 GMT
accept-ranges: bytes
x-hw: 1666755981.dop015.sk1.t,1666755981.cds247.sk1.hn,1666755981.cds068.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user1037/203-1520185104.jpg
69.16.175.42200 OK 22 kB URL HTTP/2 i.jads.co/network/user1037/203-1520185104.jpg
IP 69.16.175.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 9578b899df11d053eb3a839aab4beb52
a8475c1fa0a6697c29d1803ba363d9a13ada5cf1
fa9ac7faf6266b1c75a90b16bb5e86bde3b70fe5934306646d3364b4097d7144
GET /network/user1037/203-1520185104.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=f692288e0494d5e65bf438d385d39561; imps8666=1; juicy_data_1=YToxOntpOjEwMjE3MTg7aToxNjY3MDE1MTc5O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps161=1; imps61=1; imps203=1; imps43654=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:21 GMT
etag: "1520185104"
cache-control: max-age=6879609
content-length: 22297
content-type: image/jpeg
last-modified: Sun, 04 Mar 2018 17:38:24 GMT
accept-ranges: bytes
x-hw: 1666755981.dop015.sk1.t,1666755981.cds247.sk1.hn,1666755981.cds251.sk1.c
X-Firefox-Spdy: h2
khekwufgwbl.com/bnr/4/bdd/55b5f2/bdd55b5f26d0c29f131dd05c823ef1f9.jpg
172.67.185.189200 OK 32 kB URL HTTP/2 khekwufgwbl.com/bnr/4/bdd/55b5f2/bdd55b5f26d0c29f131dd05c823ef1f9.jpg
IP 172.67.185.189:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 900x250, components 3\012- data
Hash 3a1f2da5f30c8b1a3cb838444ec49d99
ea94d12b4f9db07f9198005af01905e2ffbd765e
d7a723a76679bec969c1a7f42486825ad2189e235fac417c8fdfd13ef163821a
GET /bnr/4/bdd/55b5f2/bdd55b5f26d0c29f131dd05c823ef1f9.jpg HTTP/1.1
Host: khekwufgwbl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:21 GMT
content-type: image/jpeg
content-length: 31742
last-modified: Fri, 16 Jul 2021 12:56:57 GMT
etag: "60f18219-7bfe"
expires: Thu, 27 Oct 2022 03:46:20 GMT
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hCOgMrhDfllnpXmirfiN5nqFsyoDc0LbdOkQfv3rawasmJ%2BNKFOkI2XM13Qt2M4WNMVzNBYcvZkmC%2BSKT%2BY%2FmW%2BmD0rlQKwULVhPjKuHEz86qcBYbv2DZpGdW%2FNZCxvlek%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760034500e7d0b65-OSL
X-Firefox-Spdy: h2
i.jads.co/network/user500/25313-1582977328-0927700001582977328.jpg
69.16.175.42200 OK 41 kB URL HTTP/2 i.jads.co/network/user500/25313-1582977328-0927700001582977328.jpg
IP 69.16.175.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Resized on https://ezgif.com/resize", Exif Standard: [TIFF image data, little-endian, direntries=12, height=600, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=800], baseline, precision 8, 300x300, components 3\012- data
Hash 577ef9d976ede74ea1bcf58d45e824cb
b0148a2f6ee4d37dd61db16184ceea24909f450f
e2ebc001dbb15f91f4e50ca0008d66cc953a94418fbb312ae3617b7eb610d17d
GET /network/user500/25313-1582977328-0927700001582977328.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=f692288e0494d5e65bf438d385d39561; imps8666=1; juicy_data_1=YToxOntpOjEwMjE3MTg7aToxNjY3MDE1MTc5O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps161=1; imps61=1; imps203=1; imps43654=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:21 GMT
etag: "1582977328"
cache-control: max-age=20916962
content-length: 40692
content-type: image/jpeg
last-modified: Sat, 29 Feb 2020 11:55:28 GMT
accept-ranges: bytes
x-hw: 1666755981.dop015.sk1.t,1666755981.cds247.sk1.hn,1666755981.cds228.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user1037/203-1520185127.jpg
69.16.175.42200 OK 30 kB URL HTTP/2 i.jads.co/network/user1037/203-1520185127.jpg
IP 69.16.175.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 5153395ceb5b97cc63647493fe3e0b5f
898b03efa630962bcbe57a3d7ae1fa7fd8eef43f
697ff3220e066681fcc5a07508173fa26f2fd880a40a0b0c5bb43b0764b62ae3
GET /network/user1037/203-1520185127.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=f692288e0494d5e65bf438d385d39561; imps8666=1; juicy_data_1=YToxOntpOjEwMjE3MTg7aToxNjY3MDE1MTc5O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps161=1; imps61=1; imps203=1; imps43654=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:21 GMT
etag: "1520185127"
cache-control: max-age=6887555
content-length: 30519
content-type: image/jpeg
last-modified: Sun, 04 Mar 2018 17:38:47 GMT
accept-ranges: bytes
x-hw: 1666755981.dop015.sk1.t,1666755981.cds247.sk1.hn,1666755981.cds251.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user152224/37612-1592933064-0021635001592933064.gif
69.16.175.42200 OK 110 kB URL HTTP/2 i.jads.co/network/user152224/37612-1592933064-0021635001592933064.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 300 x 100\012- data
Size 110 kB (110391 bytes)
Hash 57ceaa95c15fa592509f6892e9ea0092
c8458841084508d12f64acdbcc08b6430350054d
6044a3dc6bdfc4a79ea9ba10ef96a886e64f492add849fcbd5a6e540c7db7b39
GET /network/user152224/37612-1592933064-0021635001592933064.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=f692288e0494d5e65bf438d385d39561; imps8666=1; juicy_data_1=YToxOntpOjEwMjE3MTg7aToxNjY3MDE1MTc5O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps161=1; imps61=1; imps203=1; imps43654=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:21 GMT
etag: "1592933064"
cache-control: max-age=25668548
content-length: 110391
content-type: image/gif
last-modified: Tue, 23 Jun 2020 17:24:24 GMT
accept-ranges: bytes
x-hw: 1666755981.dop015.sk1.t,1666755981.cds247.sk1.hn,1666755981.cds216.sk1.c
X-Firefox-Spdy: h2
burlydeclined.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHq5Mcfvy8rLIggofBgyjIpLtnpnvGPSzGGAnGzbqruDep7uqe1Ka6q6nq6p7klLgoOXgY8KSnzneSDe5G0T%2FAIJMFkaCQ8ZTDxrNHEVaPMuPg6IPu91593%2BHzfVUf75tLYsPQi%2BW35TYXgi626nbtpTuOc622xlPTq%2FXa3gde81pNFa92vLr9cu3NKNyUi67t2LZjO7UVrqJY9hbHInh23HHqHbvedOtOq4me%2Bm%2BvjQVNLbDikjwDzkYLj6yr4OEQafL1cqQ3c5m98kZiBM2lQsGO3ks3U1mmSGZlrCzE6dF0GlKfr5xApocTXMjin8GAj4j1%2FQmC9GgKiaA4mHAGAlGKgD2FshgiEkNwOkQo74GzcwKEDDfWkSb3b0hV0q2%2FVTpWR2Thye%2Fg5YgsPL6KNPlqSfBe7bYUJucy1ejFFXhvCN4dIjOnyLfnwMtThPmH4OwnsvhkDWlysK6FBGfVxDvnQ%2FB4CBH1QbUFM%2F64BRNbMJmFhF3UQsdxfJuF1G53wrDB%2FCjwmO1QP3aoY3ttmHCM10ee9RGKPkK1g0ztYJP3ocx30BsVNLOg8xGx3tlBwSqUEUGpCUpKUHKCMicoi%2BqQCe3q6j4T2gTONLvT3KgGMu%2Fu00OZd6OU7GeX5OnJXv44T7EZXdQabhS71G3ZTc%2B1PduPaYu2OozZzI%2Bp3WxD8wpcz02sbvMReXZlFxkfkYW9nxHQU2hxipBfATUOaDnwXRt0Y9Bs29hOH96lRSxotx7KBExWyPIF5FvWvrgkz00wXph%2FjCg8u%2F7g%2BeP%2FOS%2F%2BilBVyFSFu%2FwRQVfsDW7JkhzckqUm36xnOU%2F4Nh1f3e2c5tH8g7eirVIqtrqs%2B1%2B8Fo6FcXn8bqTzNZoynnY1ebjEGYvUilRhRL5d1e9HwU2jN5aMSk22dvP1ldUkU5HWXKZDUH6%2B%2FifCsb%2Fdk8mbvPLjR%2BBqCGUqJOaMTANcniLMdqCzGb2WBErMZoJsDqWpBsoNZoeCE4ho1tOggv5XH8zqfb2HrpoHze8hTSoUqkIhKlDRhzb%2FH%2BSZOrv%2Bw2fj%2BByBmB8EQs0fBEKJT0fE3%2F1tst%2Fx7xdoflHzGw2bep2W4%2Fs08oOm2449h1HqNj3X82gDuR6Fd7785C8AAAD%2F%2FwEAAP%2F%2FGD7bjWgEAAA%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 burlydeclined.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHq5Mcfvy8rLIggofBgyjIpLtnpnvGPSzGGAnGzbqruDep7uqe1Ka6q6nq6p7klLgoOXgY8KSnzneSDe5G0T%2FAIJMFkaCQ8ZTDxrNHEVaPMuPg6IPu91593%2BHzfVUf75tLYsPQi%2BW35TYXgi626nbtpTuOc622xlPTq%2FXa3gde81pNFa92vLr9cu3NKNyUi67t2LZjO7UVrqJY9hbHInh23HHqHbvedOtOq4me%2Bm%2BvjQVNLbDikjwDzkYLj6yr4OEQafL1cqQ3c5m98kZiBM2lQsGO3ks3U1mmSGZlrCzE6dF0GlKfr5xApocTXMjin8GAj4j1%2FQmC9GgKiaA4mHAGAlGKgD2FshgiEkNwOkQo74GzcwKEDDfWkSb3b0hV0q2%2FVTpWR2Thye%2Fg5YgsPL6KNPlqSfBe7bYUJucy1ejFFXhvCN4dIjOnyLfnwMtThPmH4OwnsvhkDWlysK6FBGfVxDvnQ%2FB4CBH1QbUFM%2F64BRNbMJmFhF3UQsdxfJuF1G53wrDB%2FCjwmO1QP3aoY3ttmHCM10ee9RGKPkK1g0ztYJP3ocx30BsVNLOg8xGx3tlBwSqUEUGpCUpKUHKCMicoi%2BqQCe3q6j4T2gTONLvT3KgGMu%2Fu00OZd6OU7GeX5OnJXv44T7EZXdQabhS71G3ZTc%2B1PduPaYu2OozZzI%2Bp3WxD8wpcz02sbvMReXZlFxkfkYW9nxHQU2hxipBfATUOaDnwXRt0Y9Bs29hOH96lRSxotx7KBExWyPIF5FvWvrgkz00wXph%2FjCg8u%2F7g%2BeP%2FOS%2F%2BilBVyFSFu%2FwRQVfsDW7JkhzckqUm36xnOU%2F4Nh1f3e2c5tH8g7eirVIqtrqs%2B1%2B8Fo6FcXn8bqTzNZoynnY1ebjEGYvUilRhRL5d1e9HwU2jN5aMSk22dvP1ldUkU5HWXKZDUH6%2B%2FifCsb%2Fdk8mbvPLjR%2BBqCGUqJOaMTANcniLMdqCzGb2WBErMZoJsDqWpBsoNZoeCE4ho1tOggv5XH8zqfb2HrpoHze8hTSoUqkIhKlDRhzb%2FH%2BSZOrv%2Bw2fj%2BByBmB8EQs0fBEKJT0fE3%2F1tst%2Fx7xdoflHzGw2bep2W4%2Fs08oOm2449h1HqNj3X82gDuR6Fd7785C8AAAD%2F%2FwEAAP%2F%2FGD7bjWgEAAA%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHq5Mcfvy8rLIggofBgyjIpLtnpnvGPSzGGAnGzbqruDep7uqe1Ka6q6nq6p7klLgoOXgY8KSnzneSDe5G0T%2FAIJMFkaCQ8ZTDxrNHEVaPMuPg6IPu91593%2BHzfVUf75tLYsPQi%2BW35TYXgi626nbtpTuOc622xlPTq%2FXa3gde81pNFa92vLr9cu3NKNyUi67t2LZjO7UVrqJY9hbHInh23HHqHbvedOtOq4me%2Bm%2BvjQVNLbDikjwDzkYLj6yr4OEQafL1cqQ3c5m98kZiBM2lQsGO3ks3U1mmSGZlrCzE6dF0GlKfr5xApocTXMjin8GAj4j1%2FQmC9GgKiaA4mHAGAlGKgD2FshgiEkNwOkQo74GzcwKEDDfWkSb3b0hV0q2%2FVTpWR2Thye%2Fg5YgsPL6KNPlqSfBe7bYUJucy1ejFFXhvCN4dIjOnyLfnwMtThPmH4OwnsvhkDWlysK6FBGfVxDvnQ%2FB4CBH1QbUFM%2F64BRNbMJmFhF3UQsdxfJuF1G53wrDB%2FCjwmO1QP3aoY3ttmHCM10ee9RGKPkK1g0ztYJP3ocx30BsVNLOg8xGx3tlBwSqUEUGpCUpKUHKCMicoi%2BqQCe3q6j4T2gTONLvT3KgGMu%2Fu00OZd6OU7GeX5OnJXv44T7EZXdQabhS71G3ZTc%2B1PduPaYu2OozZzI%2Bp3WxD8wpcz02sbvMReXZlFxkfkYW9nxHQU2hxipBfATUOaDnwXRt0Y9Bs29hOH96lRSxotx7KBExWyPIF5FvWvrgkz00wXph%2FjCg8u%2F7g%2BeP%2FOS%2F%2BilBVyFSFu%2FwRQVfsDW7JkhzckqUm36xnOU%2F4Nh1f3e2c5tH8g7eirVIqtrqs%2B1%2B8Fo6FcXn8bqTzNZoynnY1ebjEGYvUilRhRL5d1e9HwU2jN5aMSk22dvP1ldUkU5HWXKZDUH6%2B%2FifCsb%2Fdk8mbvPLjR%2BBqCGUqJOaMTANcniLMdqCzGb2WBErMZoJsDqWpBsoNZoeCE4ho1tOggv5XH8zqfb2HrpoHze8hTSoUqkIhKlDRhzb%2FH%2BSZOrv%2Bw2fj%2BByBmB8EQs0fBEKJT0fE3%2F1tst%2Fx7xdoflHzGw2bep2W4%2Fs08oOm2449h1HqNj3X82gDuR6Fd7785C8AAAD%2F%2FwEAAP%2F%2FGD7bjWgEAAA%3D HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Cookie: u_pl=16241006; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec32ef2a2504620607fa5a59dd0d7fa048=[3637745,2229213,2229215]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 26 Oct 2022 03:46:21 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fb68dea36c4b80e0d9a930cee722c486
Strict-Transport-Security: max-age=0; includeSubdomains
burlydeclined.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
192.243.61.225200 OK 37 kB URL HTTP/1.1 burlydeclined.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash 1007a75d51bd7681b3ed1e0e766f2f1c
4beeebda1fee170d2796f3d7e3e25101708edbc3
b5200e583d6b8855effa2844a9e3f8c16b05e5c5bd876850d03433ce1d56f661
Analyzer Verdict Alert quad9 Sinkholed
GET /65/aa/28/65aa283021630dfd9030555c4c61a78c.js HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Cookie: u_pl=16241006; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec32ef2a2504620607fa5a59dd0d7fa048=[3637745,2229213,2229215]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 26 Oct 2022 03:46:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3d5a097a715aaaaa4ce022970b7ec3c2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
burlydeclined.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Bt3uTw%2FaoHlQURFAYPsgsy6Z7Mr7iHxTWOBONm3VXcgyDVVdWT2lR3NVVd3ZOcsi5IDoIDnvTUeZNscDeK%2FgEu0lkQCQgZTzlsPHsUcb3KjMHoB7o%2F79V7h%2Ff5VH287U6ID0ePF9%2FWG1IpOteq%2B7ULN4PgUm1ZJm5QG3TbH7abl2omf3WhXfcv1t4UbE3PNfzA9wM%2FqPWkEZEezE1EyHR%2FIagv%2BPVmox60mhiY%2F3LrPFjqgecn5FlIPp596J2HZBWS%2BJtFYdcynb7yRuwUzbRBzvfeS9YSXSSIz2BkPETJ3qkb2h71HkAnu9O40Pk%2FxlCOiffDA4TJ3mlIhPnONGeoIBKE%2FEkUeQWhKkhagek7kPyIAIzj6gqS%2BO5VbQq6%2FrdKJ%2BqYzD7%2BHbIYk9lH55HEX19RclC7oZXLpE4sBlEJOagg%2BxVSd4Bs4xxkcQCWfQTJfyJzj5eRxDsrVmlIXk5nl7KCjCooMQS1Htzkkx5c5MGlHmJ%2BXGNBEHR8zqjfXWBsnndE2OZ%2BQDtRQAO%2F3YVjk3hDZOkQTA3BzCZSs4k1OYRx38OulrDcg83GxHtnEzkvUQiCwhIUlKCQBEVGUOTlLle2Ycu7XFkXBqe9cdrny5HO%2Btt0V2d9kZDt9IQ8M93Ln0cJ1sRxbb4hogZttPxmu%2BG3%2FU5EW7S1wLnPOxH1m11YWULac9NRN%2BSYPNe7jVSOyezWzwjpAaw6AJNPg7oAtBh1Gj7o6qjZ9bGR3L9F80jRfp3pGFyXSLNZZOvetjohz09jdG7%2FBsEOL%2B9f%2BKP69IOLYKZEakrckg8J%2BmprdF0XZOe6Liz5diXNZCw36OTqbmQ0EzP33hLrhTZ8adEOv3yNTYQJ3H9X2GyZJlwmfUvuX5GcC9PThgny3ZJ9X4TXnF294kzi0uVrr%2FeW4tQIa6VOKlB59FQFJsfk%2F4eL0zf5Ym8V0lQwrkTsDslpQeoDsHQTNj28fO%2BF%2Ff8FL%2F8KqwmMOvOEqYfClSPTCM8OlSRQ4ozTsIT9Fw%2FP8LbdQt%2FMgGZ3kMQlclMiVyWoGsK6J0ZZag4v%2F%2Fj5pL5AqGZGoTIzO6Ey6rPpasfkpZlHk98vsPK4Nu%2FzTigi0QlFs9WMBONhqxX6LGLhPO92GTI7Zje%2F%2BuQvAAAA%2F%2F8BAAD%2F%2F7tz62BoBAAA
192.243.61.225200 OK 7 B URL HTTP/1.1 burlydeclined.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Bt3uTw%2FaoHlQURFAYPsgsy6Z7Mr7iHxTWOBONm3VXcgyDVVdWT2lR3NVVd3ZOcsi5IDoIDnvTUeZNscDeK%2FgEu0lkQCQgZTzlsPHsUcb3KjMHoB7o%2F79V7h%2Ff5VH287U6ID0ePF9%2FWG1IpOteq%2B7ULN4PgUm1ZJm5QG3TbH7abl2omf3WhXfcv1t4UbE3PNfzA9wM%2FqPWkEZEezE1EyHR%2FIagv%2BPVmox60mhiY%2F3LrPFjqgecn5FlIPp596J2HZBWS%2BJtFYdcynb7yRuwUzbRBzvfeS9YSXSSIz2BkPETJ3qkb2h71HkAnu9O40Pk%2FxlCOiffDA4TJ3mlIhPnONGeoIBKE%2FEkUeQWhKkhagek7kPyIAIzj6gqS%2BO5VbQq6%2FrdKJ%2BqYzD7%2BHbIYk9lH55HEX19RclC7oZXLpE4sBlEJOagg%2BxVSd4Bs4xxkcQCWfQTJfyJzj5eRxDsrVmlIXk5nl7KCjCooMQS1Htzkkx5c5MGlHmJ%2BXGNBEHR8zqjfXWBsnndE2OZ%2BQDtRQAO%2F3YVjk3hDZOkQTA3BzCZSs4k1OYRx38OulrDcg83GxHtnEzkvUQiCwhIUlKCQBEVGUOTlLle2Ycu7XFkXBqe9cdrny5HO%2Btt0V2d9kZDt9IQ8M93Ln0cJ1sRxbb4hogZttPxmu%2BG3%2FU5EW7S1wLnPOxH1m11YWULac9NRN%2BSYPNe7jVSOyezWzwjpAaw6AJNPg7oAtBh1Gj7o6qjZ9bGR3L9F80jRfp3pGFyXSLNZZOvetjohz09jdG7%2FBsEOL%2B9f%2BKP69IOLYKZEakrckg8J%2BmprdF0XZOe6Liz5diXNZCw36OTqbmQ0EzP33hLrhTZ8adEOv3yNTYQJ3H9X2GyZJlwmfUvuX5GcC9PThgny3ZJ9X4TXnF294kzi0uVrr%2FeW4tQIa6VOKlB59FQFJsfk%2F4eL0zf5Ym8V0lQwrkTsDslpQeoDsHQTNj28fO%2BF%2Ff8FL%2F8KqwmMOvOEqYfClSPTCM8OlSRQ4ozTsIT9Fw%2FP8LbdQt%2FMgGZ3kMQlclMiVyWoGsK6J0ZZag4v%2F%2Fj5pL5AqGZGoTIzO6Ey6rPpasfkpZlHk98vsPK4Nu%2FzTigi0QlFs9WMBONhqxX6LGLhPO92GTI7Zje%2F%2BuQvAAAA%2F%2F8BAAD%2F%2F7tz62BoBAAA
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Bt3uTw%2FaoHlQURFAYPsgsy6Z7Mr7iHxTWOBONm3VXcgyDVVdWT2lR3NVVd3ZOcsi5IDoIDnvTUeZNscDeK%2FgEu0lkQCQgZTzlsPHsUcb3KjMHoB7o%2F79V7h%2Ff5VH287U6ID0ePF9%2FWG1IpOteq%2B7ULN4PgUm1ZJm5QG3TbH7abl2omf3WhXfcv1t4UbE3PNfzA9wM%2FqPWkEZEezE1EyHR%2FIagv%2BPVmox60mhiY%2F3LrPFjqgecn5FlIPp596J2HZBWS%2BJtFYdcynb7yRuwUzbRBzvfeS9YSXSSIz2BkPETJ3qkb2h71HkAnu9O40Pk%2FxlCOiffDA4TJ3mlIhPnONGeoIBKE%2FEkUeQWhKkhagek7kPyIAIzj6gqS%2BO5VbQq6%2FrdKJ%2BqYzD7%2BHbIYk9lH55HEX19RclC7oZXLpE4sBlEJOagg%2BxVSd4Bs4xxkcQCWfQTJfyJzj5eRxDsrVmlIXk5nl7KCjCooMQS1Htzkkx5c5MGlHmJ%2BXGNBEHR8zqjfXWBsnndE2OZ%2BQDtRQAO%2F3YVjk3hDZOkQTA3BzCZSs4k1OYRx38OulrDcg83GxHtnEzkvUQiCwhIUlKCQBEVGUOTlLle2Ycu7XFkXBqe9cdrny5HO%2Btt0V2d9kZDt9IQ8M93Ln0cJ1sRxbb4hogZttPxmu%2BG3%2FU5EW7S1wLnPOxH1m11YWULac9NRN%2BSYPNe7jVSOyezWzwjpAaw6AJNPg7oAtBh1Gj7o6qjZ9bGR3L9F80jRfp3pGFyXSLNZZOvetjohz09jdG7%2FBsEOL%2B9f%2BKP69IOLYKZEakrckg8J%2BmprdF0XZOe6Liz5diXNZCw36OTqbmQ0EzP33hLrhTZ8adEOv3yNTYQJ3H9X2GyZJlwmfUvuX5GcC9PThgny3ZJ9X4TXnF294kzi0uVrr%2FeW4tQIa6VOKlB59FQFJsfk%2F4eL0zf5Ym8V0lQwrkTsDslpQeoDsHQTNj28fO%2BF%2Ff8FL%2F8KqwmMOvOEqYfClSPTCM8OlSRQ4ozTsIT9Fw%2FP8LbdQt%2FMgGZ3kMQlclMiVyWoGsK6J0ZZag4v%2F%2Fj5pL5AqGZGoTIzO6Ey6rPpasfkpZlHk98vsPK4Nu%2FzTigi0QlFs9WMBONhqxX6LGLhPO92GTI7Zje%2F%2BuQvAAAA%2F%2F8BAAD%2F%2F7tz62BoBAAA HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Cookie: u_pl=16241006; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec32ef2a2504620607fa5a59dd0d7fa048=[3637745,2229213,2229215]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 26 Oct 2022 03:46:21 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0ccdc62a384add12ba9751c70d431d96
Strict-Transport-Security: max-age=0; includeSubdomains
burlydeclined.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGq3dyEL2ssiCCh8GDKMiku2eme8Y9LMYYCcbNuqu4N6nu6p7UprqrqerqnuSUuKA5eBjwpKfON8kGd6PoH2CQyYJIUMh4ymHj2aMIq0eZ2eDog%2BK9V987%2FN5X9cmuOSc2DD1bfFduciHofLth11%2B57ThX6ys8Nf16v%2BN95LWu1lXxetdr2K%2FW347CdTnv2o5tO7ZTX%2BIqimV%2FfiKCZ4ddp9G1Gy234bRb6Kv%2F99pY0NQCK87Jc%2BBsPPfQugIejpAm3y5Gej2X2WtvJUbQXCoU7OCDdD2VZYpkVsbKQpweXExD6tOlI8h0f4oLWfw7GPAxsX48QpAeXEAiKPamnIFAlCJgz6AsRojECJyOEMq74OyUACHD9VWkyb3rUpV044lKJ%2BqYzD3%2BE7wck7lHV5Am3ywI3q%2FfksLkXKYa%2FbgC74%2FAeyNk5hj55iXw8hhh%2FjE4%2B4XMP15BmuytaiHBWTXdnfMReDyCiAag2oKZHG7BxBZMZiFhZ%2FXQcRzfZiG1O90wbDI%2FCjxmO9SPHerYXgcmnOANkGcDhGKAUG0hU1tY5wMo8wP0WgXNLOh8TKz3tlCwCmVEUGqCkhKUnKDMCcqi2mdCu7q6x4Q2gXOR3YvcrIYy7%2B3SfZn3opTsZufk2akvf52mWI%2FO6k03il3qtu2W59qe7ce0Tdtdxmzmx9RudaB5Ba4vTVfd5GPy%2FNI2Mj4mczu%2FIqDH0OIYIb8MahzQcui7NujasNWxsZk%2BuEOLWNBeI5QJmKyQ5XPIN6xdcU5emGK8VPsNUXhy7f6Lh085L%2F%2BOUFXIVIU7%2FCFBT%2BwMb8qS7N2UpSbfrWY5T%2FgmnTzdrZzmUe3%2BO9FGKRVbXtSDr94IJ8KkPHw%2F0vkKTRlPe5o8WOCMRWpJqjAi3y%2FrD6PghtFrC0alJlu58ebScpKpSGsu0xEoP139G%2BFkv%2B2j6Z%2B8%2FPOn4GoEZSok5oRcBLg8RphtQWczei0JlJjNBFkNpamGyg1ml4ITiGjW06CC%2Fk8fzOpdvYOeqoHmd5EmFQpVoRAVqBhAm6eHeaZOrv30xSS%2BRCBqw0Co2l4glPh8TPztPyb%2BPnpisuZndb%2FZtKnXbTu%2BTyM%2FaLmd2HMYpW7Lcz2PNpHrcXj768%2F%2BAQAA%2F%2F8BAAD%2F%2F4yNHTdoBAAA
192.243.61.225200 OK 7 B URL HTTP/1.1 burlydeclined.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGq3dyEL2ssiCCh8GDKMiku2eme8Y9LMYYCcbNuqu4N6nu6p7UprqrqerqnuSUuKA5eBjwpKfON8kGd6PoH2CQyYJIUMh4ymHj2aMIq0eZ2eDog%2BK9V987%2FN5X9cmuOSc2DD1bfFduciHofLth11%2B57ThX6ys8Nf16v%2BN95LWu1lXxetdr2K%2FW347CdTnv2o5tO7ZTX%2BIqimV%2FfiKCZ4ddp9G1Gy234bRb6Kv%2F99pY0NQCK87Jc%2BBsPPfQugIejpAm3y5Gej2X2WtvJUbQXCoU7OCDdD2VZYpkVsbKQpweXExD6tOlI8h0f4oLWfw7GPAxsX48QpAeXEAiKPamnIFAlCJgz6AsRojECJyOEMq74OyUACHD9VWkyb3rUpV044lKJ%2BqYzD3%2BE7wck7lHV5Am3ywI3q%2FfksLkXKYa%2FbgC74%2FAeyNk5hj55iXw8hhh%2FjE4%2B4XMP15BmuytaiHBWTXdnfMReDyCiAag2oKZHG7BxBZMZiFhZ%2FXQcRzfZiG1O90wbDI%2FCjxmO9SPHerYXgcmnOANkGcDhGKAUG0hU1tY5wMo8wP0WgXNLOh8TKz3tlCwCmVEUGqCkhKUnKDMCcqi2mdCu7q6x4Q2gXOR3YvcrIYy7%2B3SfZn3opTsZufk2akvf52mWI%2FO6k03il3qtu2W59qe7ce0Tdtdxmzmx9RudaB5Ba4vTVfd5GPy%2FNI2Mj4mczu%2FIqDH0OIYIb8MahzQcui7NujasNWxsZk%2BuEOLWNBeI5QJmKyQ5XPIN6xdcU5emGK8VPsNUXhy7f6Lh085L%2F%2BOUFXIVIU7%2FCFBT%2BwMb8qS7N2UpSbfrWY5T%2FgmnTzdrZzmUe3%2BO9FGKRVbXtSDr94IJ8KkPHw%2F0vkKTRlPe5o8WOCMRWpJqjAi3y%2FrD6PghtFrC0alJlu58ebScpKpSGsu0xEoP139G%2BFkv%2B2j6Z%2B8%2FPOn4GoEZSok5oRcBLg8RphtQWczei0JlJjNBFkNpamGyg1ml4ITiGjW06CC%2Fk8fzOpdvYOeqoHmd5EmFQpVoRAVqBhAm6eHeaZOrv30xSS%2BRCBqw0Co2l4glPh8TPztPyb%2BPnpisuZndb%2FZtKnXbTu%2BTyM%2FaLmd2HMYpW7Lcz2PNpHrcXj768%2F%2BAQAA%2F%2F8BAAD%2F%2F4yNHTdoBAAA
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGq3dyEL2ssiCCh8GDKMiku2eme8Y9LMYYCcbNuqu4N6nu6p7UprqrqerqnuSUuKA5eBjwpKfON8kGd6PoH2CQyYJIUMh4ymHj2aMIq0eZ2eDog%2BK9V987%2FN5X9cmuOSc2DD1bfFduciHofLth11%2B57ThX6ys8Nf16v%2BN95LWu1lXxetdr2K%2FW347CdTnv2o5tO7ZTX%2BIqimV%2FfiKCZ4ddp9G1Gy234bRb6Kv%2F99pY0NQCK87Jc%2BBsPPfQugIejpAm3y5Gej2X2WtvJUbQXCoU7OCDdD2VZYpkVsbKQpweXExD6tOlI8h0f4oLWfw7GPAxsX48QpAeXEAiKPamnIFAlCJgz6AsRojECJyOEMq74OyUACHD9VWkyb3rUpV044lKJ%2BqYzD3%2BE7wck7lHV5Am3ywI3q%2FfksLkXKYa%2FbgC74%2FAeyNk5hj55iXw8hhh%2FjE4%2B4XMP15BmuytaiHBWTXdnfMReDyCiAag2oKZHG7BxBZMZiFhZ%2FXQcRzfZiG1O90wbDI%2FCjxmO9SPHerYXgcmnOANkGcDhGKAUG0hU1tY5wMo8wP0WgXNLOh8TKz3tlCwCmVEUGqCkhKUnKDMCcqi2mdCu7q6x4Q2gXOR3YvcrIYy7%2B3SfZn3opTsZufk2akvf52mWI%2FO6k03il3qtu2W59qe7ce0Tdtdxmzmx9RudaB5Ba4vTVfd5GPy%2FNI2Mj4mczu%2FIqDH0OIYIb8MahzQcui7NujasNWxsZk%2BuEOLWNBeI5QJmKyQ5XPIN6xdcU5emGK8VPsNUXhy7f6Lh085L%2F%2BOUFXIVIU7%2FCFBT%2BwMb8qS7N2UpSbfrWY5T%2FgmnTzdrZzmUe3%2BO9FGKRVbXtSDr94IJ8KkPHw%2F0vkKTRlPe5o8WOCMRWpJqjAi3y%2FrD6PghtFrC0alJlu58ebScpKpSGsu0xEoP139G%2BFkv%2B2j6Z%2B8%2FPOn4GoEZSok5oRcBLg8RphtQWczei0JlJjNBFkNpamGyg1ml4ITiGjW06CC%2Fk8fzOpdvYOeqoHmd5EmFQpVoRAVqBhAm6eHeaZOrv30xSS%2BRCBqw0Co2l4glPh8TPztPyb%2BPnpisuZndb%2FZtKnXbTu%2BTyM%2FaLmd2HMYpW7Lcz2PNpHrcXj768%2F%2BAQAA%2F%2F8BAAD%2F%2F4yNHTdoBAAA HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Cookie: u_pl=16241006; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec32ef2a2504620607fa5a59dd0d7fa048=[3637745,2229213,2229215]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 26 Oct 2022 03:46:21 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cce38597b1ea232b695f9e9623c39e92
Strict-Transport-Security: max-age=0; includeSubdomains
burlydeclined.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGq5Mcvny9rLIggofBgyjIpHsyv%2BIeFmOMBONm3VXcm1RXVU9qU93VVHV1T3JKXJQcPAx40lPnmWSDu1H0DzDIZEEkKGQ85bDx7FGE1aPMODj6Qvf7vvW8h8%2FzVn287y6JD0cvlt%2FW21IpOt%2Bo%2BpWX7gTBtcqaTFy30m03P2jWr1VM%2Fupis%2Bq%2FXHlTsE09X%2FMD3w%2F8oLIijYh0d34kQqbHi0F10a%2FWa9WgUUfX%2FLe3zoOlHnh%2BSZ6B5MO5R95VSDZAEn%2B9LOxmptNX3oidopk2yPnRe8lmoosE8bSMjIcoOZpMQ9vzlRPo5HCMC53%2FMxjKIfG%2BP0GYHE0gEeYHY85QQSQI%2BVMo8gGEGkDSAZi%2BB8nPCcA4bqwjie%2Ff0KagW3%2BrdKQOydyT3yGLIZl7fBVJ%2FNWSkt3Kba1cJnVi0Y1KyO4AsjNA6k6Rbc9AFqdg2YeQ%2FCcy%2F2QNSXywbpWG5OXYu5QDyGgAJXqg1oMbfdKDizy41EPMLyosCIKWzxn124uMLfCWCJvcD2grCmjgN9twbITXQ5b2wFQPzOwgNTvYlD0Y9x3sRgnLPdhsSLx3dpDzEoUgKCxBQQkKSVBkBEVeHnJla7a8z5V1YTDJtUleKPs66%2BzTQ511REL200vy9Hgvf5wn2BQXlYWaiGq01vDrzZrf9FsRbdDGIuc%2Bb0XUr7dhZQlpZ8ZWt%2BWQPLuyi1QOydzezwjpKaw6BZNXQF0AWvRbNR90o19v%2B9hOHt6leaRop8p0DK5LpNkcsi1vX12S58YYL8w%2BhmBn1x88f%2Fy%2F4MVfwUyJ1JS4Kx8RdNRe%2F5YuyMEtXVjyzXqayVhu09HV3c5oJmYfvCW2Cm346rLtffEaGwmj8vhdYbM1mnCZdCx5uCQ5F2ZFGybIt6v2fRHedHZjyZnEpWs3X19ZjVMjrJU6GYDK8%2FU%2FwUb%2Bdk%2FGb%2FLKjx9BmgGMKxG7MzIJSH0Klu7AplN6qwmMms6E6QwKV%2FZNLZweKkmgxLSnYQn7rz6c1vt2Dx0zC5rdQxKXyE2JXJWgqgfr%2Ft%2FPUnN2%2FYfPRvE5QjXbD5WZPQiVUZ8OSWv3t%2FF%2BR79fYOVFZcHnrVBEohWKeqMeCcbDRiP0WcTCBd5uM2R2yO58%2BclfAAAA%2F%2F8BAAD%2F%2F5jqDmVoBAAA
192.243.61.225200 OK 7 B URL HTTP/1.1 burlydeclined.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGq5Mcvny9rLIggofBgyjIpHsyv%2BIeFmOMBONm3VXcm1RXVU9qU93VVHV1T3JKXJQcPAx40lPnmWSDu1H0DzDIZEEkKGQ85bDx7FGE1aPMODj6Qvf7vvW8h8%2FzVn287y6JD0cvlt%2FW21IpOt%2Bo%2BpWX7gTBtcqaTFy30m03P2jWr1VM%2Fupis%2Bq%2FXHlTsE09X%2FMD3w%2F8oLIijYh0d34kQqbHi0F10a%2FWa9WgUUfX%2FLe3zoOlHnh%2BSZ6B5MO5R95VSDZAEn%2B9LOxmptNX3oidopk2yPnRe8lmoosE8bSMjIcoOZpMQ9vzlRPo5HCMC53%2FMxjKIfG%2BP0GYHE0gEeYHY85QQSQI%2BVMo8gGEGkDSAZi%2BB8nPCcA4bqwjie%2Ff0KagW3%2BrdKQOydyT3yGLIZl7fBVJ%2FNWSkt3Kba1cJnVi0Y1KyO4AsjNA6k6Rbc9AFqdg2YeQ%2FCcy%2F2QNSXywbpWG5OXYu5QDyGgAJXqg1oMbfdKDizy41EPMLyosCIKWzxn124uMLfCWCJvcD2grCmjgN9twbITXQ5b2wFQPzOwgNTvYlD0Y9x3sRgnLPdhsSLx3dpDzEoUgKCxBQQkKSVBkBEVeHnJla7a8z5V1YTDJtUleKPs66%2BzTQ511REL200vy9Hgvf5wn2BQXlYWaiGq01vDrzZrf9FsRbdDGIuc%2Bb0XUr7dhZQlpZ8ZWt%2BWQPLuyi1QOydzezwjpKaw6BZNXQF0AWvRbNR90o19v%2B9hOHt6leaRop8p0DK5LpNkcsi1vX12S58YYL8w%2BhmBn1x88f%2Fy%2F4MVfwUyJ1JS4Kx8RdNRe%2F5YuyMEtXVjyzXqayVhu09HV3c5oJmYfvCW2Cm346rLtffEaGwmj8vhdYbM1mnCZdCx5uCQ5F2ZFGybIt6v2fRHedHZjyZnEpWs3X19ZjVMjrJU6GYDK8%2FU%2FwUb%2Bdk%2FGb%2FLKjx9BmgGMKxG7MzIJSH0Klu7AplN6qwmMms6E6QwKV%2FZNLZweKkmgxLSnYQn7rz6c1vt2Dx0zC5rdQxKXyE2JXJWgqgfr%2Ft%2FPUnN2%2FYfPRvE5QjXbD5WZPQiVUZ8OSWv3t%2FF%2BR79fYOVFZcHnrVBEohWKeqMeCcbDRiP0WcTCBd5uM2R2yO58%2BclfAAAA%2F%2F8BAAD%2F%2F5jqDmVoBAAA
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGq5Mcvny9rLIggofBgyjIpHsyv%2BIeFmOMBONm3VXcm1RXVU9qU93VVHV1T3JKXJQcPAx40lPnmWSDu1H0DzDIZEEkKGQ85bDx7FGE1aPMODj6Qvf7vvW8h8%2FzVn287y6JD0cvlt%2FW21IpOt%2Bo%2BpWX7gTBtcqaTFy30m03P2jWr1VM%2Fupis%2Bq%2FXHlTsE09X%2FMD3w%2F8oLIijYh0d34kQqbHi0F10a%2FWa9WgUUfX%2FLe3zoOlHnh%2BSZ6B5MO5R95VSDZAEn%2B9LOxmptNX3oidopk2yPnRe8lmoosE8bSMjIcoOZpMQ9vzlRPo5HCMC53%2FMxjKIfG%2BP0GYHE0gEeYHY85QQSQI%2BVMo8gGEGkDSAZi%2BB8nPCcA4bqwjie%2Ff0KagW3%2BrdKQOydyT3yGLIZl7fBVJ%2FNWSkt3Kba1cJnVi0Y1KyO4AsjNA6k6Rbc9AFqdg2YeQ%2FCcy%2F2QNSXywbpWG5OXYu5QDyGgAJXqg1oMbfdKDizy41EPMLyosCIKWzxn124uMLfCWCJvcD2grCmjgN9twbITXQ5b2wFQPzOwgNTvYlD0Y9x3sRgnLPdhsSLx3dpDzEoUgKCxBQQkKSVBkBEVeHnJla7a8z5V1YTDJtUleKPs66%2BzTQ511REL200vy9Hgvf5wn2BQXlYWaiGq01vDrzZrf9FsRbdDGIuc%2Bb0XUr7dhZQlpZ8ZWt%2BWQPLuyi1QOydzezwjpKaw6BZNXQF0AWvRbNR90o19v%2B9hOHt6leaRop8p0DK5LpNkcsi1vX12S58YYL8w%2BhmBn1x88f%2Fy%2F4MVfwUyJ1JS4Kx8RdNRe%2F5YuyMEtXVjyzXqayVhu09HV3c5oJmYfvCW2Cm346rLtffEaGwmj8vhdYbM1mnCZdCx5uCQ5F2ZFGybIt6v2fRHedHZjyZnEpWs3X19ZjVMjrJU6GYDK8%2FU%2FwUb%2Bdk%2FGb%2FLKjx9BmgGMKxG7MzIJSH0Klu7AplN6qwmMms6E6QwKV%2FZNLZweKkmgxLSnYQn7rz6c1vt2Dx0zC5rdQxKXyE2JXJWgqgfr%2Ft%2FPUnN2%2FYfPRvE5QjXbD5WZPQiVUZ8OSWv3t%2FF%2BR79fYOVFZcHnrVBEohWKeqMeCcbDRiP0WcTCBd5uM2R2yO58%2BclfAAAA%2F%2F8BAAD%2F%2F5jqDmVoBAAA HTTP/1.1
Host: burlydeclined.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Cookie: u_pl=16241006; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec32ef2a2504620607fa5a59dd0d7fa048=[3637745,2229213,2229215]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 26 Oct 2022 03:46:21 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c644b0a6b4d08bd1aaa650c155e6851b
Strict-Transport-Security: max-age=0; includeSubdomains
simplewebanalysis.com/stats
18.193.142.27200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.193.142.27:0
File type ASCII text, with no line terminators
Hash 1bd8e383d73392699f6fbc117a90f9c7
ba9550afd261bc76f8bf07f8d28d701259819a85
4b95c42f16ebf608e99892ace777e1b84957d13465e95ba42987eed3e409d20c
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Connection: keep-alive
Referer: https://javflag.com/
Cookie: uid_id2=716b05d0-a755-43ab-b485-58f0bb6efcbe:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:21 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://javflag.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 13c51695bfc0986bc4e4efc19d0845f1
431a0175f4735f8fa8c0e54eba8d2515fcf22d76
a0b6128d03df09119f28ea616e0442d008b708922c173fdfc4824f86c11a8296
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A0B6128D03DF09119F28EA616E0442D008B708922C173FDFC4824F86C11A8296"
Last-Modified: Mon, 24 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9992
Expires: Wed, 26 Oct 2022 06:32:53 GMT
Date: Wed, 26 Oct 2022 03:46:21 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 499c4aa22f79613865de599e9170f891
f830b51aea0ec98ecd8dd4cda33225d2dfbf1250
5feb31b7bda422222b720adf3f695b14248b6aa3d93ae5c7ab012f1cc85d2d2e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5FEB31B7BDA422222B720ADF3F695B14248B6AA3D93AE5C7AB012F1CC85D2D2E"
Last-Modified: Mon, 24 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7157
Expires: Wed, 26 Oct 2022 05:45:38 GMT
Date: Wed, 26 Oct 2022 03:46:21 GMT
Connection: keep-alive
main.exoclick.com/tag.php?goal=3498327ae8564a1191c4243b38616bf7
95.211.229.246200 OK 20 B URL HTTP/1.1 main.exoclick.com/tag.php?goal=3498327ae8564a1191c4243b38616bf7
IP 95.211.229.246:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=3498327ae8564a1191c4243b38616bf7 HTTP/1.1
Host: main.exoclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 26 Oct 2022 03:46:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A48723%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-10-25%22%3B%7D%7D; expires=Thu, 26 Oct 2023 03:46:21 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 13c51695bfc0986bc4e4efc19d0845f1
431a0175f4735f8fa8c0e54eba8d2515fcf22d76
a0b6128d03df09119f28ea616e0442d008b708922c173fdfc4824f86c11a8296
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A0B6128D03DF09119F28EA616E0442D008B708922C173FDFC4824F86C11A8296"
Last-Modified: Mon, 24 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9992
Expires: Wed, 26 Oct 2022 06:32:53 GMT
Date: Wed, 26 Oct 2022 03:46:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c34f682c39cacca2491ccd6e9ea602fd
92a78f653f047f6bd5dc12d731a56b824916f0b1
9f23a87bd6434966f5cd1f0b67d8babe3dde313a47dd342680cd382fe21bef72
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9F23A87BD6434966F5CD1F0B67D8BABE3DDE313A47DD342680CD382FE21BEF72"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8619
Expires: Wed, 26 Oct 2022 06:10:00 GMT
Date: Wed, 26 Oct 2022 03:46:21 GMT
Connection: keep-alive
naturalistsbumpmystic.com/pixel/purst?dl=0&th=0&sc=0&rs=3524&rd=3524&fd=353&bv=22.8.v.2&tmpl=136
173.233.137.44200 OK 0 B URL HTTP/1.1 naturalistsbumpmystic.com/pixel/purst?dl=0&th=0&sc=0&rs=3524&rd=3524&fd=353&bv=22.8.v.2&tmpl=136
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3524&rd=3524&fd=353&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: naturalistsbumpmystic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 26 Oct 2022 03:46:21 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
simplewebanalysis.com/stats
18.193.142.27200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.193.142.27:0
File type ASCII text, with no line terminators
Hash 1bd8e383d73392699f6fbc117a90f9c7
ba9550afd261bc76f8bf07f8d28d701259819a85
4b95c42f16ebf608e99892ace777e1b84957d13465e95ba42987eed3e409d20c
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Connection: keep-alive
Referer: https://javflag.com/
Cookie: uid_id2=716b05d0-a755-43ab-b485-58f0bb6efcbe:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:21 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://javflag.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f1ae675435a8f16bc0b04ec012c41979
182f87a81464c80b0b25fb524c59592cd40b0ef4
9191ced121d8740b4ed3af75db3033e72c0c44c0b45004abd714583deaa749a4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d46412e137b72a88f9f2c116138aecee
d7591c45dd83f85b906a6181caa0196d530edccb
e835bc4ec062f3e17bff3863087a6c7b9efe9e9ef787d72e5560480e9c782fda
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E835BC4EC062F3E17BFF3863087A6C7B9EFE9E9EF787D72E5560480E9C782FDA"
Last-Modified: Sun, 23 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18846
Expires: Wed, 26 Oct 2022 09:00:28 GMT
Date: Wed, 26 Oct 2022 03:46:22 GMT
Connection: keep-alive
www.googletagmanager.com/gtm.js?id=GTM-T7RJTBH
142.250.74.168200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-T7RJTBH
IP 142.250.74.168:0
File type ASCII text, with very long lines (1767)
Hash 6bad9dc26b2de7e9d03b0743c2ef9186
85ed7d110042c8598b10163b1de78996a9806ba8
5c28d161e6568102d58095106698e90534b14cd6c638089962e2655de0b51274
GET /gtm.js?id=GTM-T7RJTBH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 26 Oct 2022 03:46:22 GMT
expires: Wed, 26 Oct 2022 03:46:22 GMT
cache-control: private, max-age=900
last-modified: Wed, 26 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45968
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f1ae675435a8f16bc0b04ec012c41979
182f87a81464c80b0b25fb524c59592cd40b0ef4
9191ced121d8740b4ed3af75db3033e72c0c44c0b45004abd714583deaa749a4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
barnabaslinger.com/e92baac9f9527ad976b281842138525b/invoke.js
192.243.59.12403 Forbidden 0 B URL HTTP/1.1 barnabaslinger.com/e92baac9f9527ad976b281842138525b/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e92baac9f9527ad976b281842138525b/invoke.js HTTP/1.1
Host: barnabaslinger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 03:46:22 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
simplewebanalysis.com/stats
18.193.142.27200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.193.142.27:0
File type ASCII text, with no line terminators
Hash 1bd8e383d73392699f6fbc117a90f9c7
ba9550afd261bc76f8bf07f8d28d701259819a85
4b95c42f16ebf608e99892ace777e1b84957d13465e95ba42987eed3e409d20c
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Connection: keep-alive
Referer: https://javflag.com/
Cookie: uid_id2=716b05d0-a755-43ab-b485-58f0bb6efcbe:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:22 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://javflag.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d46412e137b72a88f9f2c116138aecee
d7591c45dd83f85b906a6181caa0196d530edccb
e835bc4ec062f3e17bff3863087a6c7b9efe9e9ef787d72e5560480e9c782fda
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E835BC4EC062F3E17BFF3863087A6C7B9EFE9E9EF787D72E5560480E9C782FDA"
Last-Modified: Sun, 23 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18846
Expires: Wed, 26 Oct 2022 09:00:28 GMT
Date: Wed, 26 Oct 2022 03:46:22 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 26 Oct 2022 02:41:09 GMT
expires: Wed, 26 Oct 2022 04:41:09 GMT
cache-control: public, max-age=7200
age: 3913
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6fd8c397dcb857a604f842841139e24d
a07ced5c9111d0637c1fdae32717f6c1d65c268c
2580ba2c833a9b1f2580d448110a0b82c374d094b3be728fe8a6e861c08b89f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2580BA2C833A9B1F2580D448110A0B82C374D094B3BE728FE8A6E861C08B89F2"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7793
Expires: Wed, 26 Oct 2022 05:56:15 GMT
Date: Wed, 26 Oct 2022 03:46:22 GMT
Connection: keep-alive
panel.javflag.com/storage/PoRin55x9bUP9E1DHKoFVDZX9MekYIabk46kInQm.jpg
172.67.220.12301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/PoRin55x9bUP9E1DHKoFVDZX9MekYIabk46kInQm.jpg
IP 172.67.220.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/PoRin55x9bUP9E1DHKoFVDZX9MekYIabk46kInQm.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 26 Oct 2022 03:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 26 Oct 2022 04:46:22 GMT
Location: https://panel.javflag.com/storage/PoRin55x9bUP9E1DHKoFVDZX9MekYIabk46kInQm.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHu2yPYmQKMUZ0jvFqkzSf2K4QfydtxtuGm2KkCKRIY63DD9NaBrCC3LQrRUbNMrGFK%2F7kz5DHFecIrJObIj1TOwfefV5QH7J9jxu%2FLXr7bp2cWMvEPavxYROCmkUo8vxFwrUA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7600345b2e92b4f3-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/ug6k7XiAmR6EZWo5a6qICLugor2fCY5S2ujk4ugg.jpg
172.67.220.12301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/ug6k7XiAmR6EZWo5a6qICLugor2fCY5S2ujk4ugg.jpg
IP 172.67.220.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/ug6k7XiAmR6EZWo5a6qICLugor2fCY5S2ujk4ugg.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 26 Oct 2022 03:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 26 Oct 2022 04:46:22 GMT
Location: https://panel.javflag.com/storage/ug6k7XiAmR6EZWo5a6qICLugor2fCY5S2ujk4ugg.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSdsfjedB53YwXZatHER4vFciNaEouuujgnIprlHlnXbfgGsBI5WdCpY66%2FcbofywwvBusp0t5N87GrcbseqghqfzVCIeOE9GfnRF0q%2BtfPCDJF%2BrIgnE%2FZkzEW8onEUxack8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7600345b28450b55-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/3YQmj1AQOwcUXPeh1EQxyJLQZcXlYlFOChmKVxAV.jpg
172.67.220.12301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/3YQmj1AQOwcUXPeh1EQxyJLQZcXlYlFOChmKVxAV.jpg
IP 172.67.220.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/3YQmj1AQOwcUXPeh1EQxyJLQZcXlYlFOChmKVxAV.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 26 Oct 2022 03:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 26 Oct 2022 04:46:22 GMT
Location: https://panel.javflag.com/storage/3YQmj1AQOwcUXPeh1EQxyJLQZcXlYlFOChmKVxAV.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EY%2FmZS4kJX9kKENGDujnf5W7aKbq8MQXwohiHOfpW2Z%2B1ViZUyQY3F0R89WD2KkYNYmdp8UprT7TFFzi%2FJgIkU8YOaeU6euOK6erMHQ9657XOiWo1M20T%2FUl%2FuRSL8xk1g6CdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7600345b29f7b517-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/eY2fCOHVZ9wcS9KtCSnYXPifxvkR8WFjQZRw4ZiH.jpg
172.67.220.12301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/eY2fCOHVZ9wcS9KtCSnYXPifxvkR8WFjQZRw4ZiH.jpg
IP 172.67.220.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/eY2fCOHVZ9wcS9KtCSnYXPifxvkR8WFjQZRw4ZiH.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 26 Oct 2022 03:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 26 Oct 2022 04:46:22 GMT
Location: https://panel.javflag.com/storage/eY2fCOHVZ9wcS9KtCSnYXPifxvkR8WFjQZRw4ZiH.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whatXMLEFJVkmdbucNq5js2bs5vINDeIrkLXmGHYBk0UInXhk5RYctefjZiEs5VeawWMiKZTaY1sPtQjHBFLlWuPErPC5ymJ6R6X6KcJyfDHVrAhPhgx5d8NQekmomNvx8B%2Fkg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7600345b484a0b55-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/xzlMAZmVIB750NLh6tAFhe0xEzgLxmeglbPQ1W2f.jpg
172.67.220.12301 Moved Permanently 272 B URL HTTP/1.1 panel.javflag.com/storage/xzlMAZmVIB750NLh6tAFhe0xEzgLxmeglbPQ1W2f.jpg
IP 172.67.220.12:0
Hash 4fa4d802360c1eb24815cac6b718e692
0bdfea4f60e877d1042da3f929c4639b803d3a8c
53528f3e79330ac14cdf0c944a8248d56e3a718e420add239e404912414d4fe4
GET /storage/xzlMAZmVIB750NLh6tAFhe0xEzgLxmeglbPQ1W2f.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 26 Oct 2022 03:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 26 Oct 2022 04:46:22 GMT
Location: https://panel.javflag.com/storage/xzlMAZmVIB750NLh6tAFhe0xEzgLxmeglbPQ1W2f.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFqO8D%2FeeyPklybscFUdNmVoPk%2Fqi0w%2BP70UyLSrwtCE80K2MXM%2FHcsNMd6wBObvqmbQub%2BDwulIOcz6sxXaEYRBd%2FsSlua8xte57%2FJ%2FOTIVjtMkIHiEkt86J%2F4IEScn7pjS1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7600345b3e98b4f3-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/qUw1O2CUHvqxCbRTO6WBq94mT28j8qw3x9fxtmfq.jpg
172.67.220.12301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/qUw1O2CUHvqxCbRTO6WBq94mT28j8qw3x9fxtmfq.jpg
IP 172.67.220.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/qUw1O2CUHvqxCbRTO6WBq94mT28j8qw3x9fxtmfq.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 26 Oct 2022 03:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 26 Oct 2022 04:46:22 GMT
Location: https://panel.javflag.com/storage/qUw1O2CUHvqxCbRTO6WBq94mT28j8qw3x9fxtmfq.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWrm9hgXdjPFwzlUB9nb18qye%2F4Vig77Np2ES94%2BNMxJZZWSaISQuIKwPEeEJ00gwW7e3jkqy3qcoWvroUyBawSa2HMTv087Nioc%2BFeEJYdHYeeOTkdqD0ScCJqfdPYa5tt0hg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7600345b3e6cb50b-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/Tyn20wOBFCRuO6WgzSJcjDEoz4DH3vDQ0CxumB7e.jpg
172.67.220.12301 Moved Permanently 307 B URL HTTP/1.1 panel.javflag.com/storage/Tyn20wOBFCRuO6WgzSJcjDEoz4DH3vDQ0CxumB7e.jpg
IP 172.67.220.12:0
Hash e88be468ed179352669932664a6b86e9
54f9ce378c4bcf6d5775eac4c6e47ea243d56dc9
d3c200c6b82e9fdecc04d46ea0987456fc8ce83ff83aad87a1799cbdac273743
GET /storage/Tyn20wOBFCRuO6WgzSJcjDEoz4DH3vDQ0CxumB7e.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 26 Oct 2022 03:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 26 Oct 2022 04:46:22 GMT
Location: https://panel.javflag.com/storage/Tyn20wOBFCRuO6WgzSJcjDEoz4DH3vDQ0CxumB7e.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLyNQkGg6dN7nXoihpgg%2FF%2BFudyjQ94HkTId6ObRhkanAEAOlPb2k6HNRrJ5%2BIu8E7%2FPuUqUAqArjzSKenMWWrsgAYh9u9vwyEB1hXbfm06sqz8C8x1UFBBZ5PjLBc9VFbDLTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7600345b4a04b517-OSL
alt-svc: h2=":443"; ma=60
javflag.com/_next/static/chunks/commons-d26294306f8886ab045a.js
104.21.43.50200 OK 17 kB URL HTTP/2 javflag.com/_next/static/chunks/commons-d26294306f8886ab045a.js
IP 104.21.43.50:0
File type ASCII text, with very long lines (51390), with no line terminators
Hash 79faee7716320f2333706e383b4818df
2133158712843de8cffad0953b422479a3da1740
22b4cd19ec748f1635c57f4e5e0fd5a65e26c7a50c963c2b2cd693f7905ec7b8
Analyzer Verdict Alert fortinet Malware
GET /_next/static/chunks/commons-d26294306f8886ab045a.js HTTP/1.1
Host: javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:18 GMT
content-type: application/javascript
cache-control: max-age=2592000
cf-bgj: minify
etag: W/"62a8b159-c8be"
expires: Sat, 05 Nov 2022 23:14:35 GMT
last-modified: Tue, 14 Jun 2022 16:03:37 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwKLHeTZlXAg2fS%2BzRyvm7MCJDTXjydp073mwhdduN499OrjiLWA22CjRnno7rgEPRaprqw0nJfqMF0mbx%2FUCjklUbMQw3obhAn8qDV5QKzqKnNfm%2Fg1BWkl4BhG3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76003443dcb81c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
panel.javflag.com/storage/yG77Cn1Prr8IDpzwDCTgk8uEVkZSj8ExieiLHwD9.jpg
172.67.220.12301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/yG77Cn1Prr8IDpzwDCTgk8uEVkZSj8ExieiLHwD9.jpg
IP 172.67.220.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/yG77Cn1Prr8IDpzwDCTgk8uEVkZSj8ExieiLHwD9.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 26 Oct 2022 03:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 26 Oct 2022 04:46:22 GMT
Location: https://panel.javflag.com/storage/yG77Cn1Prr8IDpzwDCTgk8uEVkZSj8ExieiLHwD9.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrbW7xDskcfn0txSGmLvWbQ1nsaWmHM6Y629XmLm5DzuU5ujeXjAXR1KUaJ6mvUSYA8oylumlrdVU2NrLcKtoVqpBDYoORnjmGNT%2BtiP28gVUHPjgAy%2FpRa3iyBwyOdJSO2s8w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7600345b4959b527-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/K0FUKQx9jng8MHxNEcgvF8eeyZqddE7WfrC6RcLS.jpg
172.67.220.12301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/K0FUKQx9jng8MHxNEcgvF8eeyZqddE7WfrC6RcLS.jpg
IP 172.67.220.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/K0FUKQx9jng8MHxNEcgvF8eeyZqddE7WfrC6RcLS.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 26 Oct 2022 03:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 26 Oct 2022 04:46:22 GMT
Location: https://panel.javflag.com/storage/K0FUKQx9jng8MHxNEcgvF8eeyZqddE7WfrC6RcLS.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FmxQx%2B7lLvvCq9PqEmyBIcZU70g6Nx70QJm%2Fxtjt4%2FEOGox81zwre%2B%2FVAJtSU0sWg0om2hFiNCX0%2Byt5zoR6xj4zUwVYtI%2BZLMp8IAXFSY5YSp%2BUAIEjabxpIPKTBGadtRymw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7600345b48500b55-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/KPVsD1WW4yq2NUwe0gx3qET8P59XT0q0zlZTZ7mb.jpg
172.67.220.12301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/KPVsD1WW4yq2NUwe0gx3qET8P59XT0q0zlZTZ7mb.jpg
IP 172.67.220.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/KPVsD1WW4yq2NUwe0gx3qET8P59XT0q0zlZTZ7mb.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 26 Oct 2022 03:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 26 Oct 2022 04:46:22 GMT
Location: https://panel.javflag.com/storage/KPVsD1WW4yq2NUwe0gx3qET8P59XT0q0zlZTZ7mb.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdqh6RwdPsvVm%2FXiVrUiBZFJ6tfUp0GKNq2MVffJZXKPjJeDuh9mF2%2F3aRAU%2B%2FjHIE38fcqup%2BntNHFmJCAs7l2AbOIH%2FSlK%2Fw1%2FNn%2FMDNSAgRaVHxy5eUia73FGVvs6awjkgg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7600345b5e9cb4f3-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/b6vOoZJFB7X2jTJUHyGINrlL2IBTx41mqDrS6evR.png
172.67.220.12301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/b6vOoZJFB7X2jTJUHyGINrlL2IBTx41mqDrS6evR.png
IP 172.67.220.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/b6vOoZJFB7X2jTJUHyGINrlL2IBTx41mqDrS6evR.png HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 26 Oct 2022 03:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 26 Oct 2022 04:46:22 GMT
Location: https://panel.javflag.com/storage/b6vOoZJFB7X2jTJUHyGINrlL2IBTx41mqDrS6evR.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pj0gKGxWOhNiwIXLqpEZTG94bJbY3HSnbGGG2Khio6vuSazLG3Tdg%2B3kQTWDQ7EMazYx4H5VH8dCJIAREOZOxvQ5Bs761raGr9PhbPL9z5e5MUX%2BEgE5wqEU%2FRVGazefzmTcEA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7600345b5e81b50b-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/myQS65RwwRqywcSLlnmWCCSyicFgGWlzLzDfkdb5.jpg
172.67.220.12301 Moved Permanently 12 kB URL HTTP/1.1 panel.javflag.com/storage/myQS65RwwRqywcSLlnmWCCSyicFgGWlzLzDfkdb5.jpg
IP 172.67.220.12:0
Hash bd2b1dbb3fecf73bc2d51dba74562c68
8261216fd7ca7bb96b9cadecc0bdf47b631fbb45
82a21009d7fdd840922856fe5ebfc61691d8a3b3244607b56256f811cee67c88
GET /storage/myQS65RwwRqywcSLlnmWCCSyicFgGWlzLzDfkdb5.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 26 Oct 2022 03:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 26 Oct 2022 04:46:22 GMT
Location: https://panel.javflag.com/storage/myQS65RwwRqywcSLlnmWCCSyicFgGWlzLzDfkdb5.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Icvj6VG0Ib1fhGr7wsJDBrwCM2XRg3cslZAihuhDvgaqfKX1GA5z0DLlw2vjAeQuuulh6r3G%2F4gJIN0uuEndlWMFmCEOvC6YbLjQEK0cgGPI%2B8BQD1zcc5RxJ6dA2WLCJySTSg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7600345b6a42b518-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/A6IpM5FHh1p9Ai4zrcMWTlW73Zhj9KauiRMOymRj.png
172.67.220.12301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/A6IpM5FHh1p9Ai4zrcMWTlW73Zhj9KauiRMOymRj.png
IP 172.67.220.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/A6IpM5FHh1p9Ai4zrcMWTlW73Zhj9KauiRMOymRj.png HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 26 Oct 2022 03:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 26 Oct 2022 04:46:22 GMT
Location: https://panel.javflag.com/storage/A6IpM5FHh1p9Ai4zrcMWTlW73Zhj9KauiRMOymRj.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZChjVAnItaY4vFwcko2gS99sD5UW0sy4%2BTOW%2BG1sA9SwPQyuRa%2Bc57APl7efT8TN83y1E0FGgSNMmJJnLZtLvVto%2BPJFeeH52SO1v3Ot1S08SCSHJoXDjB2b7MXQUNBHsiLNg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7600345b6a17b517-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/RRibWBxPi06SBYnglcc2wLsk3WwoqAsEzGZBtSKE.jpg
172.67.220.12301 Moved Permanently 784 B URL HTTP/1.1 panel.javflag.com/storage/RRibWBxPi06SBYnglcc2wLsk3WwoqAsEzGZBtSKE.jpg
IP 172.67.220.12:0
Hash f22d3d3807a098e2b08ebfd9452c146f
9031fae88baf4536b8c4a731899a031e9019caf5
cab85aaada7d9affc6bceb74c303ebd35941e3e10c48080e9949116fe276446f
GET /storage/RRibWBxPi06SBYnglcc2wLsk3WwoqAsEzGZBtSKE.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 26 Oct 2022 03:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 26 Oct 2022 04:46:22 GMT
Location: https://panel.javflag.com/storage/RRibWBxPi06SBYnglcc2wLsk3WwoqAsEzGZBtSKE.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6EBItW797nAYsyYA1j33ZFmh4Gz4vIdfN4t6YbJO1rrM5CcXSU2dSrUCukLSWgKxsq8ZhQZ%2FxCeYG%2BSNTu5ARtT90uP0Xciw0UGzTruza3JmFAe3qzuH%2BLCqbyAasSesHCqmA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7600345b6979b527-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/E4Lt5dzPSN3EBGxTcyyKEBYRqezboTHUEtc53vrU.jpg
172.67.220.12301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/E4Lt5dzPSN3EBGxTcyyKEBYRqezboTHUEtc53vrU.jpg
IP 172.67.220.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/E4Lt5dzPSN3EBGxTcyyKEBYRqezboTHUEtc53vrU.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 26 Oct 2022 03:46:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 26 Oct 2022 04:46:22 GMT
Location: https://panel.javflag.com/storage/E4Lt5dzPSN3EBGxTcyyKEBYRqezboTHUEtc53vrU.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snPzh2U1kCTS7xyyCD36U6Jwy%2ByMyeXXedNHnb4DN4Z%2B2dxiirB3WI2mBEpNdJBIBKbm6HDWB03IxeXPdMne6z0KZsdXcYhL6x8VfH8RVcDBdAsCAbb1BIY5yj9NLTFUaVC59g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7600345b78630b55-OSL
alt-svc: h2=":443"; ma=60
www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=636580670&utmhn=taraa.xyz&utmt=event&utme=5(Ad*Paid*Success)(1)8(User)9(-1)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=949198279&utmr=-&utmp=%2F9GuC&utmht=1666755979722&utmac=UA-6469700-20&utmcc=__utma%3D15539635.1597053971.1666755975.1666755975.1666755975.1%3B%2B__utmz%3D15539635.1666755975.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.174200 OK 35 B URL HTTP/1.1 www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=636580670&utmhn=taraa.xyz&utmt=event&utme=5(Ad*Paid*Success)(1)8(User)9(-1)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=949198279&utmr=-&utmp=%2F9GuC&utmht=1666755979722&utmac=UA-6469700-20&utmcc=__utma%3D15539635.1597053971.1666755975.1666755975.1666755975.1%3B%2B__utmz%3D15539635.1666755975.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /__utm.gif?utmwv=5.7.2&utms=2&utmn=636580670&utmhn=taraa.xyz&utmt=event&utme=5(Ad*Paid*Success)(1)8(User)9(-1)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=949198279&utmr=-&utmp=%2F9GuC&utmht=1666755979722&utmac=UA-6469700-20&utmcc=__utma%3D15539635.1597053971.1666755975.1666755975.1666755975.1%3B%2B__utmz%3D15539635.1666755975.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Tue, 25 Oct 2022 06:14:29 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 77514
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
ocsp.pki.goog/s/gts1p5/oGC9E37D8FQ
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/oGC9E37D8FQ
IP 142.250.74.35:0
Hash b6f276eac08fb87043e4f6785cfb2af0
7564b99963976f8f4454c67d1f7a60f31c4701ab
3b16690606c327f9da7be05dcc655f12036d2eb14a35bb8224795ae24f26e998
POST /s/gts1p5/oGC9E37D8FQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.jdbstatic.com/covers/qd/qDd58r.jpg
172.67.68.71200 OK 185 kB URL HTTP/2 c0.jdbstatic.com/covers/qd/qDd58r.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x539, components 3\012- data
Size 185 kB (185151 bytes)
Hash 5d95c9b680e7c38acc37c3ede79dd510
c7045c8597ca39089aec452d549f42a92eb910ba
882058fe781211a90a4b8d7047eae9a980aed5f0a022541e6d3b44245a274ce8
GET /covers/qd/qDd58r.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 185151
last-modified: Sat, 08 Oct 2022 03:20:34 GMT
etag: "5d95c9b680e7c38acc37c3ede79dd510"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1064636
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WlgYZ2CDbRxtBqGXgfOOXJWDT5o%2F%2FoW%2FtYRBTHJw%2Be7cpa4TFUcm2u3PGloek6F4R%2Bo9VvuvNkArg3hmDJJHozsLA0hn2LwTuHgpj136BAfmV4dKvqg7QzQ4O5S4uhMCPKVe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e7de60b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/8v/8V4qmE_l_1.jpg
172.67.68.71200 OK 62 kB URL HTTP/2 c0.jdbstatic.com/samples/8v/8V4qmE_l_1.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Hash 419a855b42d42c77a7fb40c4a334852c
32be6eae44c2e12a92fb7c172e46372c8e6abc66
8457f56739e08f18c520fdb2e5c46221672609000cf08ef209aecfd81966b9de
GET /samples/8v/8V4qmE_l_1.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 61483
last-modified: Tue, 27 Sep 2022 09:36:57 GMT
etag: "419a855b42d42c77a7fb40c4a334852c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 365766
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6nLa95MF5xawZtiYq%2BUJt9eWQheBP4c8IJAZ8iaoTuX6NcdIl10GS%2F%2BVrhThJqnSMoqTqUbvaG%2Fb8C%2BfIYqCymd8R2Vv1YcnYN5Zy4TDD2OqTJozGdZHzxutQZC%2BvhSKr%2BQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e7de90b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/mm/Mm4qgJ_l_1.jpg
172.67.68.71200 OK 58 kB URL HTTP/2 c0.jdbstatic.com/samples/mm/Mm4qgJ_l_1.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Hash 4debeadf02caa4faedca508c49a6d678
e21d9822f15662092126db779ab6ffb3b1beddbc
f3bf714d666a2590657175faa8794ee0387e1c348940f099582ee23ed1399296
GET /samples/mm/Mm4qgJ_l_1.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 57992
last-modified: Tue, 27 Sep 2022 09:29:59 GMT
etag: "4debeadf02caa4faedca508c49a6d678"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 208873
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEd6iN8uaeFAS9%2BlSM5cC1x62g0qSwytl5OhCZOhbsSo%2Buj%2FCJtXfnW7D8jg8ueL0achNJVTR9PKKHmSmcNvIjrlZ85sFS2Bv09xydu60LG0tbz69hFqzf%2FepsvjfCBP6FiK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e7df60b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/65/654q6K_l_1.jpg
172.67.68.71200 OK 60 kB URL HTTP/2 c0.jdbstatic.com/samples/65/654q6K_l_1.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Hash d2ced358cb91202e976571ebf3b0224e
c74157ccbec701c5f54f4b67ee198b2fd3ff2b90
7c7157340591927e7db0b75d0c9edf2c77f2c6ff4e72e50f02a98b4e20f22144
GET /samples/65/654q6K_l_1.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 59684
last-modified: Tue, 27 Sep 2022 09:20:23 GMT
etag: "d2ced358cb91202e976571ebf3b0224e"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 237130
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FacjYmSFiBAQ3cPzCfCqXFWkB9Q0Mm0BnnHfPvZ1ic6zrYDhRD0wMdBse6ZiVXAMA9AfOxTmWucvI1GQ7GkQV6lUjspe4lICeWTEyiRY0tIFthAZA1cN8L5A%2BmTTBBC9caVm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e7df30b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/mm/Mm4qgJ_l_0.jpg
172.67.68.71200 OK 50 kB URL HTTP/2 c0.jdbstatic.com/samples/mm/Mm4qgJ_l_0.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Hash 6b6929d5be455b856209f645b65de5cb
dcc8063dee2d4957b8c862824ed0f19a01c8b681
4791d3bab7f3d0e236edccd36bc73e7fc2ba909e96caf498184cf723a82a3dc4
GET /samples/mm/Mm4qgJ_l_0.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 50394
last-modified: Tue, 27 Sep 2022 09:29:57 GMT
etag: "6b6929d5be455b856209f645b65de5cb"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 208873
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNSoSRAofhRBIASUF1a4O8akmaiWbUWdaW561v427vN61QikRM4owWvz3fCidEzVRhV6cX8C6A0syRm9RB8XLSYU2ljiYGsIYF%2Fn4zJOfc%2F6iEE4z8QChdKiXqZ%2BWYNtliHT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e7df50b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/ak/akqyxR_l_1.jpg
172.67.68.71200 OK 70 kB URL HTTP/2 c0.jdbstatic.com/samples/ak/akqyxR_l_1.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Hash 93a122fb5e45701170af603d34e79745
e8e0d5dcf5d680f8de86ccf0a8bb4abfc70f46db
0a2209ae91306f605989588c0188916202e057e0b11f04a059cf85979126dafb
GET /samples/ak/akqyxR_l_1.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 69889
last-modified: Tue, 27 Sep 2022 09:23:30 GMT
etag: "93a122fb5e45701170af603d34e79745"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 237130
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zn7cJ0WZsXFosuZKZms%2Fg0vmon2lW8PXR%2F6jMI0h%2B3rjJFpIp5aP5lX%2BtDhakg6kg8bg6t3qNb5%2F4uGmJV4zd1C0yK28bSRHBoyP10mdGZuq44UBR5Kmr2Qr3vS%2FsHd%2F2goi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e7ded0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/ak/akqyxR_l_0.jpg
172.67.68.71200 OK 90 kB URL HTTP/2 c0.jdbstatic.com/samples/ak/akqyxR_l_0.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Hash 75e420604335f40e1faeb657afe88b05
4602e2985ce2d5a2cab05f0ebe2a4302fe1a242f
5a802720ea574b95ca66c17dd800276ddf9ac9762291cd9d16de48a007182b02
GET /samples/ak/akqyxR_l_0.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 89586
last-modified: Tue, 27 Sep 2022 09:23:28 GMT
etag: "75e420604335f40e1faeb657afe88b05"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 237130
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfksP3zKCWG7Q3tmlyUncQSXDXwkxxYl1sFoBT%2BacLsgyJi6lbiAyvLx%2Ffnl82IHdPf63a%2BoyEOhYyuaZAx9VE6IHUpsEUGvAhcp3a1GSD3SYYwo0dhrr0i2bL1eFSiLm%2BsW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e7dec0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/ek/eK2OZz_l_1.jpg
172.67.68.71200 OK 67 kB URL HTTP/2 c0.jdbstatic.com/samples/ek/eK2OZz_l_1.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Hash 32e11c5336d1645ea1abb979d8c0af44
e27b849d87961dee4cb2adb37564036ab084bee1
8b1047ef689206fb133fdb5c30596a51d50b85c0edf7fbb3d015deb7236bb4ef
GET /samples/ek/eK2OZz_l_1.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 66816
last-modified: Tue, 27 Sep 2022 09:15:58 GMT
etag: "32e11c5336d1645ea1abb979d8c0af44"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 237130
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BVdleNQbxojObBZPl99negw8VO93bjowguOAe%2Fsk6E8%2Bgc0As3zAHF9QAJyEmG1fsjxY5VADBHIzRzdAdjUMkZOlSLkeoKWfsKJR41C6nwrF9ec4z6PIvPeJMDUVTW21XRf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e7df00b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/65/654q6K_l_0.jpg
172.67.68.71200 OK 74 kB URL HTTP/2 c0.jdbstatic.com/samples/65/654q6K_l_0.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Hash fc0819b242a4893893ef35238fdfe5e5
5062e065f3acddfa76543e67d1048d1c048c9d64
7b263ceb37873095bc8192294b51d5bc8c491f8ed89dfdfdf2bfe70a46eb40f4
GET /samples/65/654q6K_l_0.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 73893
last-modified: Tue, 27 Sep 2022 09:20:20 GMT
etag: "fc0819b242a4893893ef35238fdfe5e5"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 237130
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHgrhrc%2BtSoJflk%2B%2FaspyBMIHwK2XHDC2DY6Z0C2v0IV5xP8tEEUnWMmj4xvSkUgLqpgzVHOCsH4HXYuRlFlXRjHdTZv%2F4B8urGG%2B%2FhDa%2Bif1PDX2uUG9eQH1QsH0d%2FZzjX2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e7df20b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/ek/eK2OZz_l_0.jpg
172.67.68.71200 OK 84 kB URL HTTP/2 c0.jdbstatic.com/samples/ek/eK2OZz_l_0.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Hash 0684a3817ad4702cb21a91c6352cd8f1
fcd93e8cb5ac8bad503d19bdab9cf8c0ceab79ef
57a73dc972e935314c91b2f21abd8755c5c11d080e3d9febd09c1605d759267c
GET /samples/ek/eK2OZz_l_0.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 84211
last-modified: Tue, 27 Sep 2022 09:15:56 GMT
etag: "0684a3817ad4702cb21a91c6352cd8f1"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 237130
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDQDEZbYL599iMuEsPaxZHJt0N%2F9Zjcouzo3qiCSySWzeBmZU4BwP6l%2FjwkyXnNVrp3sdR3i72%2Fpg%2FCO2A%2BcaolFxJe8rK1vvZrvaLWlIYOBgpDCRNIWxKt0VzOv1X5y%2Bqsg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e7def0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/az/AzkKwq_l_1.jpg
172.67.68.71200 OK 54 kB URL HTTP/2 c0.jdbstatic.com/samples/az/AzkKwq_l_1.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Hash ee6356fa1fabb9ac395c7aaf62a75b9e
084dfae8fb824f9e0eba005974a298f91e64f847
b4d4c924d821e9e758daae359f5ad09e2a8a93cab98e7c8a826b4f9119acc7e6
GET /samples/az/AzkKwq_l_1.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 54415
last-modified: Tue, 27 Sep 2022 09:33:00 GMT
etag: "ee6356fa1fabb9ac395c7aaf62a75b9e"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 234554
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkMT34RVASdCpjmBK0it8KvbMqknhWnc8xCu1ObYlN5owrD8q3H4UCUDP%2B70%2FqpQ5Gw43AACGBne8byWXZN1YF2dM2pwhQS3O6AtYymembE4C8BJSMAHEIzJ72L116rAppAF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e8dfa0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/az/AzkKwq_l_0.jpg
172.67.68.71200 OK 65 kB URL HTTP/2 c0.jdbstatic.com/samples/az/AzkKwq_l_0.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Hash 32e465c861f50bdeec4ac49ac1e643e4
e53dcbfefc80bcd21b72295327dacd2c0e6d172a
e6dd553d7b10091121fa58f0424c58dcd12388e22ae6d4d002028fb5f2fd0ec3
GET /samples/az/AzkKwq_l_0.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 65025
last-modified: Tue, 27 Sep 2022 09:32:58 GMT
etag: "32e465c861f50bdeec4ac49ac1e643e4"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 234555
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTnkIzciWuFD8XNKqx2y29A9BFnjDK2jbe76z%2FJxS%2B8sTORdY492c56PC%2BuL%2BRlsJXMQoTDmwXbfh%2F0ITAr2tfyaFf7iw2nqFnbbMZQRB6P2HKYY9D1kalF6Po9N1Ih00ol7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e8df80b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/covers/ak/akqyxR.jpg
172.67.68.71200 OK 179 kB URL HTTP/2 c0.jdbstatic.com/covers/ak/akqyxR.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 179 kB (178798 bytes)
Hash 6daa3580d06aef6f7650db9279938164
0c139057f09fe1bd56d6519b403f4fc89543f256
146afed09525d4b23fe3b5ce1863443ee384e4409f07dff5d6a96e756cbc552d
GET /covers/ak/akqyxR.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 178798
last-modified: Tue, 27 Sep 2022 09:23:26 GMT
etag: "6daa3580d06aef6f7650db9279938164"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 371225
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvysxbVpquVIAuIyj987POVmGmyJkGE1q30e126AsH2xRZztxCMmiABEy%2Bmy8C8b5eK4pDHnWJ%2FJp7JGWN0TTJxSVjw05242HMYmbMDxQnyZbF2mwjrV%2FSs4pM2LH3%2BZ6z%2BY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e7dea0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/covers/65/654q6K.jpg
172.67.68.71200 OK 181 kB URL HTTP/2 c0.jdbstatic.com/covers/65/654q6K.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 181 kB (180778 bytes)
Hash ed82f8c649bb37dc2c5b7b54a683ecb2
41a18daf83b2ddfd0f51d2a8c3b4c01eb63a941d
6adae32503b9bcef80f65721d853896104b4bffc526806fb6de53a8b2f27e344
GET /covers/65/654q6K.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 180778
last-modified: Tue, 27 Sep 2022 09:20:19 GMT
etag: "ed82f8c649bb37dc2c5b7b54a683ecb2"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 329889
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AaEQfS3SL9mdSm0nqS69NCjhzbiFocrtqfgudJkVfxU9Xka6G8zN2%2BRhmgnnwixgMndaE5OE4PA2yde50lcZJZI94lACiUS0JUTQM7Iucc7WN8%2FYTPMvg%2FLR7RYkVxpdp7J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e7df10b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/covers/ek/eK2OZz.jpg
172.67.68.71200 OK 170 kB URL HTTP/2 c0.jdbstatic.com/covers/ek/eK2OZz.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 170 kB (170372 bytes)
Hash d28ff402b2d3e5ab051b8ca159c35513
a7607038b390523d2e23db830b815c61df80dfe3
5aa1cf41ad7822d8602bf6fb96e7ab831a0a26660d3b3ff5b049890714138af7
GET /covers/ek/eK2OZz.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 170372
last-modified: Tue, 27 Sep 2022 09:15:54 GMT
etag: "d28ff402b2d3e5ab051b8ca159c35513"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 315526
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ts5BVJiaJEk5%2B7oRS%2BhzPYpIHLLtc9fj866wgU8DqJdmH6AtM%2F%2BTXQo0pw%2FCSu%2FYQ3OBScjo4sUhMTqujDhjJbTknsX8W3BV249JHT0a8BsG6M1aCqLtzLbxt%2BVDv5tGrBbG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e7dee0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/oGC9E37D8FQ
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/oGC9E37D8FQ
IP 142.250.74.35:0
Hash b6f276eac08fb87043e4f6785cfb2af0
7564b99963976f8f4454c67d1f7a60f31c4701ab
3b16690606c327f9da7be05dcc655f12036d2eb14a35bb8224795ae24f26e998
POST /s/gts1p5/oGC9E37D8FQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/oGC9E37D8FQ
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/oGC9E37D8FQ
IP 142.250.74.35:0
Hash b6f276eac08fb87043e4f6785cfb2af0
7564b99963976f8f4454c67d1f7a60f31c4701ab
3b16690606c327f9da7be05dcc655f12036d2eb14a35bb8224795ae24f26e998
POST /s/gts1p5/oGC9E37D8FQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/oGC9E37D8FQ
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/oGC9E37D8FQ
IP 142.250.74.35:0
Hash b6f276eac08fb87043e4f6785cfb2af0
7564b99963976f8f4454c67d1f7a60f31c4701ab
3b16690606c327f9da7be05dcc655f12036d2eb14a35bb8224795ae24f26e998
POST /s/gts1p5/oGC9E37D8FQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/oGC9E37D8FQ
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/oGC9E37D8FQ
IP 142.250.74.35:0
Hash b6f276eac08fb87043e4f6785cfb2af0
7564b99963976f8f4454c67d1f7a60f31c4701ab
3b16690606c327f9da7be05dcc655f12036d2eb14a35bb8224795ae24f26e998
POST /s/gts1p5/oGC9E37D8FQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.jdbstatic.com/covers/35/35arq0.jpg
172.67.68.71200 OK 190 kB URL HTTP/2 c0.jdbstatic.com/covers/35/35arq0.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 190 kB (190106 bytes)
Hash cf44370c217ab10d3b9cb5f28215c78f
4700418812fc3f4ab1d8854081b837c4581f7634
f61d1f63c7164c10b57fea0e0b924538adae2d6feb97a54d75e32bd3bd127261
GET /covers/35/35arq0.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 190106
last-modified: Tue, 27 Sep 2022 09:19:14 GMT
etag: "cf44370c217ab10d3b9cb5f28215c78f"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 294866
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QeOCUtbStC8yante5teNfiO7ZXwxrM4mY9Fkup2alM6sZULMnXyE29MxIeI3It%2F4LFbhRRD6DoXbYxmY7jWZ1Pl2yj14IgFJ4UZZW4IBhBygPDyH5kiMZ%2Bbft2qeGRdWL6p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e8dfc0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/covers/az/AzkKwq.jpg
172.67.68.71200 OK 168 kB URL HTTP/2 c0.jdbstatic.com/covers/az/AzkKwq.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x536, components 3\012- data
Size 168 kB (168168 bytes)
Hash d7daacad7727d5d9149af69720c931b1
b867460c58dd7343acd66f6b70380502e7e277e0
77e6074ed02aea7c50204274691cc8cf8dae98350e001a089bb97db30cf10fe4
GET /covers/az/AzkKwq.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 168168
last-modified: Tue, 27 Sep 2022 09:32:56 GMT
etag: "d7daacad7727d5d9149af69720c931b1"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 309419
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBB9yUtNMHVAP9rKABcsz0goFG7nRUVCD1Rr78944Wob2gL3Zw7U59l1Lf%2FDBwkyrM3Gm%2BxtDtdx2e1iyJ7wpMs%2Fn1ac7g%2Bxt9WJyIBM%2BPEjGUNcm3Afwj9%2B6cp7r6%2B4LtRX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e8df70b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/35/35arq0_l_0.jpg
172.67.68.71200 OK 61 kB URL HTTP/2 c0.jdbstatic.com/samples/35/35arq0_l_0.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Hash 65ada99a963ac37cb45629d5f0ec4884
99829e3b2a4b054d718ee1d05fe11d25d138a77f
22e13426e005cb4c00d62ad8dcc6ae2a8f640d73f2211fc61b5f18ac60c3b71e
GET /samples/35/35arq0_l_0.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 60744
last-modified: Tue, 27 Sep 2022 09:19:15 GMT
etag: "65ada99a963ac37cb45629d5f0ec4884"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 63229
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKJNskUOr6IbWxbxJXYgBa1uZvkzM0QIUl0AJSZp6YraTIwJW%2FjJD7UN5ujBcz0Wotd7ydxEQMSAH52u4jO%2B9fmLTlXrp1bkh6kuOLYvVLv%2FZeEq9JVc8g5k14mycls4X7rm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345efe350b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/35/35arq0_l_1.jpg
172.67.68.71200 OK 74 kB URL HTTP/2 c0.jdbstatic.com/samples/35/35arq0_l_1.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Hash 1128f03b27a69080f3c3d64a592d4745
6aa17e82f07e7aed8df6cc7c826989599026077b
f01e3387a7b8cae7679396351594f91d08d93be1195823f063ca30c29478d06b
GET /samples/35/35arq0_l_1.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 74473
last-modified: Tue, 27 Sep 2022 09:19:17 GMT
etag: "1128f03b27a69080f3c3d64a592d4745"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 63229
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JulkGxWTYRzHmK%2BCo1FFjD3ShP8XXM1RF7qxxtNCuoMeni6IsgIiNCdmN%2BKErIm14%2FcPcKllb1c%2BH8frc0ANM3GpWjry%2BGdhoDcJ8BGd6lTK%2Bs7ai%2FgaFs7%2FSCkOw3%2FtDnbd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345efe360b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/covers/45/458d2Z.jpg
172.67.68.71200 OK 169 kB URL HTTP/2 c0.jdbstatic.com/covers/45/458d2Z.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Size 169 kB (168713 bytes)
Hash 2b85bed9093d434628350d1c04e4cb3c
e1f4cf8f6abc65be9082843a0e0e0e914e824a69
de2d263b004cb98240707defa62bd3668e00f26594a062fa6565d61123bb06db
GET /covers/45/458d2Z.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 168713
last-modified: Tue, 27 Sep 2022 09:24:27 GMT
etag: "2b85bed9093d434628350d1c04e4cb3c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 162492
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaC8j1tPGLiRY6gdAUDEh6qnVXab8XQEsmovqKCi1DB0dgDnQPu73brrI3TybQ5IuaOPOK8M68i4T2Cj05kqSB%2BbO90Xi%2BEEzPLd9gkQ34Ln26n8U2IRgsuohD%2BVTyDwnEkD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345f1e3f0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/45/458aRZ_l_1.jpg
172.67.68.71200 OK 50 kB URL HTTP/2 c0.jdbstatic.com/samples/45/458aRZ_l_1.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 350x350, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=14, height=5400, bps=182, PhotometricIntepretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON Z 7_2, orientation=upper-left, width=3600], baseline, precision 8, 640x480, components 3\012- data
Hash 9b97d4a2bc30caadd39efdb82e93a9ec
bee8916661c0a995e2b04019ab9a90f616e8ba4f
c84127052f1a5e701f163427426e83ccfa73078dc88546826be7f33d35081369
GET /samples/45/458aRZ_l_1.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 50344
last-modified: Sat, 08 Oct 2022 03:23:06 GMT
etag: "9b97d4a2bc30caadd39efdb82e93a9ec"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 79324
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVQYBKcbvt9Nyi%2BtICZ9nrEm4joQMorQuUqA97pI7Nk7621sH8rX8LVKcy2T4KYzTkgnMZKE4Q8Z1BQg0y804OdztpsT5TTTA%2FbBOUvsReEod29SKOlhwtxFJurgbOjhkbDa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345f3e560b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/oGC9E37D8FQ
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/oGC9E37D8FQ
IP 142.250.74.35:0
Hash b6f276eac08fb87043e4f6785cfb2af0
7564b99963976f8f4454c67d1f7a60f31c4701ab
3b16690606c327f9da7be05dcc655f12036d2eb14a35bb8224795ae24f26e998
POST /s/gts1p5/oGC9E37D8FQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.jdbstatic.com/covers/45/458aRZ.jpg
172.67.68.71200 OK 161 kB URL HTTP/2 c0.jdbstatic.com/covers/45/458aRZ.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x539, components 3\012- data
Size 161 kB (160661 bytes)
Hash 99aa00848cf5610826c7643dfef24f03
e056420705c7eebce9634203e2954340202db37b
f0949c099500115634ebbcd2b544831e988f3472fd44116f29aabe4455cbd79f
GET /covers/45/458aRZ.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 160661
last-modified: Sat, 08 Oct 2022 03:23:04 GMT
etag: "99aa00848cf5610826c7643dfef24f03"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 260432
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSLL1L6zx%2Fr1Lf8WFmtrqOAT5gGC7fnacsJOyxdLHbOt6SPFyJp5hLn9P9E8J3mdCFM%2FpA6cRGFceBI5eea4K3%2BF8iUQ3yh%2Bn55Zl%2FFwjPzpBuo6QL9B3ifaTy2Oj5iNlpdA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345f7e740b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/qd/qDd58r_l_1.jpg
172.67.68.71200 OK 68 kB URL HTTP/2 c0.jdbstatic.com/samples/qd/qDd58r_l_1.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 350x350, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=18, height=3456, bps=230, PhotometricIntepretation=RGB, manufacturer=Panasonic, model=DMC-GX8, orientation=upper-left, width=5184], baseline, precision 8, 640x480, components 3\012- data
Hash 18612def843ed461144eed3f5da17171
caf393605fc6c84ca06c114e3d29fa674f9ad37d
c87f67bcad483b8a6ead96fe656422e57eabb8ff221dfd54abfe3eb2d8a956e9
GET /samples/qd/qDd58r_l_1.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 67543
last-modified: Sat, 08 Oct 2022 03:20:36 GMT
etag: "18612def843ed461144eed3f5da17171"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 63234
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZTITKJlEbjFtTjWW5T214FtG2tTc5uwTIiEPPz9r5VwawGyuL5glHtjOE2Ztq7lSyjdNKxa3CRS2%2F5ljFKCkNKO3J06WgJ9ovq4RbUOLwagrDxKqAhPAxTjuM7vXoMKuqPm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345f7e7a0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/qd/qDd58r_l_0.jpg
172.67.68.71200 OK 81 kB URL HTTP/2 c0.jdbstatic.com/samples/qd/qDd58r_l_0.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 350x350, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=3625, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=5100], baseline, precision 8, 640x480, components 3\012- data
Hash 2aa2828b5ba5a948f908d51a85bcee03
fc5ac2bcadb89c53602d9cffe833a38a21f62164
470c6981adb7747e14943f7ea6f44e6d13f0c721959220e4b6eb1eefdcf3cf6b
GET /samples/qd/qDd58r_l_0.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 81280
last-modified: Sat, 08 Oct 2022 03:20:35 GMT
etag: "2aa2828b5ba5a948f908d51a85bcee03"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 63234
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wxeg0YqWrxenejTXLZau4IOKlldiVzwITS6l%2BmdJQmCi641WPbL8xITwyQLKRRhuDzzfNmoPM%2FGrNsnpWyOh%2Fbd4q75utz7%2F1phYfO9o42%2BkyB6I8V6bsOJo%2Bz6tGmiUNqxT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345f7e770b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/45/458aRZ_l_0.jpg
172.67.68.71200 OK 59 kB URL HTTP/2 c0.jdbstatic.com/samples/45/458aRZ_l_0.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 350x350, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=3625, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=5099], baseline, precision 8, 640x480, components 3\012- data
Hash c2099dd383dd0f3e6e3c2d8e2c0cd320
a14a8893ff08260d9ecadc5fe9b6c594db00de1d
9ebea6bf92c025f05b2a8841a640534320539b1ddd39cd80b406916afb1ced8e
GET /samples/45/458aRZ_l_0.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/jpeg
content-length: 59033
last-modified: Sat, 08 Oct 2022 03:23:05 GMT
etag: "c2099dd383dd0f3e6e3c2d8e2c0cd320"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 79324
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYDrND%2BrThYRuskZIUXUplCqrlfO9Gi7JzVO2M5iHiCwrxvtOhzZJ9S6vfkuw3B6ClRclbBYKRS%2F0jGjvdOlkGU4SNQ4SthBgUFHGZFTtYbjPUr0O0hcpA1%2FuUl%2FWZ1k1Tvo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345f7e750b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 19132f29a8811a10f90eca2d81e5deb8
3b9e0bbf9f40f46b57dad5567b008e58b5770565
708aeab241760b108d60c1462b1979e59cf473242222e9270705ba70642b04f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.adxadserv.com/ad?spotid=60fa6cc461d6e22a417e5fc1&type=300x250&output=html&extra1=0&ref=http%3A//taraa.xyz/&dt=1666755979071&screen=1280x1024&tags=
185.98.53.2200 OK 76 kB URL HTTP/2 ads.adxadserv.com/ad?spotid=60fa6cc461d6e22a417e5fc1&type=300x250&output=html&extra1=0&ref=http%3A//taraa.xyz/&dt=1666755979071&screen=1280x1024&tags=
IP 185.98.53.2:0
ASN #39572 DataWeb Global Group B.V.
Hash 02f4c810e9bb93d3b11ac4f2b308954d
258f8227d9c752c1f32ec2f55861760ce7f57f08
037a814478af699bf4ce4d5a45da7be48b658dd9dd9c83f5bddccdf5470d81ce
GET /ad?spotid=60fa6cc461d6e22a417e5fc1&type=300x250&output=html&extra1=0&ref=http%3A//taraa.xyz/&dt=1666755979071&screen=1280x1024&tags= HTTP/1.1
Host: ads.adxadserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 03:46:22 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Ubuntu&display=swap
142.250.74.10200 OK 938 B URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu&display=swap
IP 142.250.74.10:0
Hash f4c6f42c5d9c1692b682421e53d1cc11
566c7976f4529afea9dc54860a289ee961728754
305f5e230a8151050961f012b8dbd051e79b2799a7c4cda999c6ace51f7659c4
GET /css?family=Ubuntu&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.adxadserv.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 26 Oct 2022 03:46:23 GMT
date: Wed, 26 Oct 2022 03:46:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
216.58.207.195200 OK 35 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.adxadserv.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:28:55 GMT
expires: Thu, 19 Oct 2023 19:28:55 GMT
cache-control: public, max-age=31536000
age: 548248
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.adxadserv.com/css/wm.css
185.76.9.24200 OK 1.1 kB URL HTTP/2 static.adxadserv.com/css/wm.css
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
File type ASCII text, with CRLF line terminators
Hash 6034f1f5828d0b8cf5a3511c76c47920
6338577c29abe1c39fb13243f1293bac6c363eae
c8b4d3fb6d0dd93b9e865daac672b78c61c44924e740dc6174af736d65fdea1e
GET /css/wm.css HTTP/1.1
Host: static.adxadserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: text/css
last-modified: Mon, 03 Aug 2020 09:41:06 GMT
etag: W/"5f27dbb2-711"
x-accel-expires: @1666782462
server: CDN77-Turbo
x-77-nzt: AblMCRQsu3j/kWoPAA
x-77-nzt-ray: ffffffff8db22ae08fad586383f2e608
x-cache: HIT
x-age: 1010321
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 03:46:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
javflag.com/_next/static/css/84aee5c14f65a18b4255.css
104.21.43.50200 OK 75 kB URL HTTP/2 javflag.com/_next/static/css/84aee5c14f65a18b4255.css
IP 104.21.43.50:0
File type ASCII text, with very long lines (12020), with no line terminators
Hash 76b31c0b578fe546eaafae4c9f00b558
b60c42154d19e547258fd9500fbd376eac70efef
6427de0d02238cf12c9149544871b23b69bf9188b625c9417b6f3e85aec520ac
GET /_next/static/css/84aee5c14f65a18b4255.css HTTP/1.1
Host: javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:18 GMT
content-type: text/css
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=12033
etag: W/"62a8b159-2f01"
expires: Fri, 11 Nov 2022 18:40:18 GMT
last-modified: Tue, 14 Jun 2022 16:03:37 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fn7iN6BM0jEuxp14OeXfWmK6HYMtUcBz52z55CQfUCxKhO62eFaKWx5RIhCEwLwEK6sLiJTHRpLJfCTBd5XotAixyAR9hzFnOC9jMggmpe0FPE5UcvyyAL29VQJ85g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76003443ccae1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 351384ffc7c7daed258f3e50068a4d48
9485de7ac9d2df674a88a43e9494f24a9f510794
89185cc9342e3feff268c091653109f70ef012d0a13f2d0421f6c0eda88a45ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89185CC9342E3FEFF268C091653109F70EF012D0A13F2D0421F6C0EDA88A45EC"
Last-Modified: Tue, 25 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12557
Expires: Wed, 26 Oct 2022 07:15:40 GMT
Date: Wed, 26 Oct 2022 03:46:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 46aa43b9899b994f8415b685c0b7b670
a6393407d13c56881fa2bcc9838cf96ca7b734f6
5c5680eaeb44172df0c2f19906052f4732aa56304149db7be325c1cb28e21687
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C5680EAEB44172DF0C2F19906052F4732AA56304149DB7BE325C1CB28E21687"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11880
Expires: Wed, 26 Oct 2022 07:04:23 GMT
Date: Wed, 26 Oct 2022 03:46:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 46aa43b9899b994f8415b685c0b7b670
a6393407d13c56881fa2bcc9838cf96ca7b734f6
5c5680eaeb44172df0c2f19906052f4732aa56304149db7be325c1cb28e21687
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C5680EAEB44172DF0C2F19906052F4732AA56304149DB7BE325C1CB28E21687"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11880
Expires: Wed, 26 Oct 2022 07:04:23 GMT
Date: Wed, 26 Oct 2022 03:46:23 GMT
Connection: keep-alive
r.trwl1.com/s1/71ecf247-65a7-4be4-8c6d-e8e2855141c9?externalId=c2291663-54e0-11ed-b055-e2e38133f3a0&cv1=c2291663-54e0-11ed-b055-e2e38133f3a0&cv2=4982d74cc5945eb5f443cbeab8c29c8c&cv3=desktop&cv4=623c966461d6e2757e4d7921&cv5=623c962a61d6e2790d5b93d2&cv6=en&cv7=Javflag&cv8=Firefox&cv9=60fa6cc461d6e22a417e5fc1&cv10=exim_adxad_stub2_300x250_
185.98.53.17200 OK 907 B URL HTTP/1.1 r.trwl1.com/s1/71ecf247-65a7-4be4-8c6d-e8e2855141c9?externalId=c2291663-54e0-11ed-b055-e2e38133f3a0&cv1=c2291663-54e0-11ed-b055-e2e38133f3a0&cv2=4982d74cc5945eb5f443cbeab8c29c8c&cv3=desktop&cv4=623c966461d6e2757e4d7921&cv5=623c962a61d6e2790d5b93d2&cv6=en&cv7=Javflag&cv8=Firefox&cv9=60fa6cc461d6e22a417e5fc1&cv10=exim_adxad_stub2_300x250_
IP 185.98.53.17:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (711)
Hash 8f347ddc2a60041e49a001267ffd8178
5928f74d3b5583a40ab2fc890a91de355fd4d07a
7f56d31cc9375e6e54d61fb24222fc52f512064deb3178678edf2cb6a6910057
GET /s1/71ecf247-65a7-4be4-8c6d-e8e2855141c9?externalId=c2291663-54e0-11ed-b055-e2e38133f3a0&cv1=c2291663-54e0-11ed-b055-e2e38133f3a0&cv2=4982d74cc5945eb5f443cbeab8c29c8c&cv3=desktop&cv4=623c966461d6e2757e4d7921&cv5=623c962a61d6e2790d5b93d2&cv6=en&cv7=Javflag&cv8=Firefox&cv9=60fa6cc461d6e22a417e5fc1&cv10=exim_adxad_stub2_300x250_ HTTP/1.1
Host: r.trwl1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 26 Oct 2022 03:46:23 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 907
Connection: close
Set-Cookie: uid=Xzzuygrapp; Path=/; Domain=trwl1.com; Expires=Thu, 27 Oct 2022 03:46:23 GMT; HttpOnly
X-Request-Id: 672886a9-8f80-4492-9f7c-550c38e0a5b3
adxadserv.com/ascripts/gcr.js
185.98.53.29200 OK 23 kB URL HTTP/1.1 adxadserv.com/ascripts/gcr.js
IP 185.98.53.29:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (48738)
Hash 4bcc622fafa6d39f3d41ee9e46b585f5
f4870a326a8c0f449cbcd79673406ac1d5e6f6c8
c7ef60433000d6807163ee4643bd7774e783e4d0711513d134ae008f04f4a8e9
GET /ascripts/gcr.js HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 26 Oct 2022 03:46:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Dec 2021 16:04:11 GMT
ETag: W/"61bb637b-1434f"
Expires: Fri, 21 Oct 2022 08:32:39 GMT
Cache-Control: max-age=86400, public
X-77-NZT: AblMCgonAiz/Yw4BAA
X-77-NZT-Ray: ffffffffde35b3498fad58630b5e8523
X-Cache: HIT
X-Age: 69219
X-77-POP: amsterdamNL
X-77-Cache: HIT
Content-Encoding: br
adxadserv.com/ascripts/pxl.js
185.98.53.29200 OK 23 kB URL HTTP/1.1 adxadserv.com/ascripts/pxl.js
IP 185.98.53.29:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (36114)
Hash 72d1139e9f2e6ebe3f51c9193edb4439
cd356eb9eaab433ac792406ba36d4304b6450571
74553d0effe74cd6a4f1424940f7fd133c5457ff1d5c53030e651ec6612bec88
GET /ascripts/pxl.js HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 26 Oct 2022 03:46:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Sep 2020 09:55:41 GMT
ETag: W/"5f6dbe9d-12fee"
Expires: Mon, 24 Oct 2022 08:32:43 GMT
Cache-Control: max-age=86400, public
X-77-NZT: AblMCgpm3vj/Yg4BAA
X-77-NZT-Ray: ffffffff573ab7498fad58637c77d523
X-Cache: HIT
X-Age: 69218
X-77-POP: amsterdamNL
X-77-Cache: HIT
Content-Encoding: br
unseenreport.com/pxf.gif?uuid=716b05d0-a755-43ab-b485-58f0bb6efcbe&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.285&b_frame=1&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=716b05d0-a755-43ab-b485-58f0bb6efcbe&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.285&b_frame=1&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=716b05d0-a755-43ab-b485-58f0bb6efcbe&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.285&b_frame=1&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 03:46:23 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d9dfd98c20865fa20fcb2d5642d240b1
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=716b05d0-a755-43ab-b485-58f0bb6efcbe&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.285&b_frame=1&pk=2ef41dd6bdb358bdf7d02bce45635537&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=716b05d0-a755-43ab-b485-58f0bb6efcbe&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.285&b_frame=1&pk=2ef41dd6bdb358bdf7d02bce45635537&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=716b05d0-a755-43ab-b485-58f0bb6efcbe&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.285&b_frame=1&pk=2ef41dd6bdb358bdf7d02bce45635537&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 26 Oct 2022 03:46:23 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4c59b4df8ffa3a8cf99c046e30cd6de3
Strict-Transport-Security: max-age=0; includeSubdomains
static.javhd.com/h5/files/10432/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3Dc2291663-54e0-11ed-b055-e2e38133f3a0%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3DJavflag%26cv8%3DFirefox%26cv9%3D60fa6cc461d6e22a417e5fc1%26externalId%3Dc2291663-54e0-11ed-b055-e2e38133f3a0%26p%3DeyJiIjoyOTUsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI1MzE5fQ
185.76.9.16200 OK 1.6 kB URL HTTP/2 static.javhd.com/h5/files/10432/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3Dc2291663-54e0-11ed-b055-e2e38133f3a0%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3DJavflag%26cv8%3DFirefox%26cv9%3D60fa6cc461d6e22a417e5fc1%26externalId%3Dc2291663-54e0-11ed-b055-e2e38133f3a0%26p%3DeyJiIjoyOTUsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI1MzE5fQ
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1416), with CRLF line terminators
Hash b59f9024f28c00f407df56ec99c0fc96
ff43f8e5ac2f9c101093f1f11f7ae1e0b026d5ba
325217b7251322a78d688abd9d44a3b71e8ad95f2f5fb1b7fc75edd4a4125ac7
GET /h5/files/10432/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3Dc2291663-54e0-11ed-b055-e2e38133f3a0%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3DJavflag%26cv8%3DFirefox%26cv9%3D60fa6cc461d6e22a417e5fc1%26externalId%3Dc2291663-54e0-11ed-b055-e2e38133f3a0%26p%3DeyJiIjoyOTUsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI1MzE5fQ HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trwl1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: text/html
last-modified: Mon, 25 Mar 2019 12:46:39 GMT
etag: W/"5c98cdaf-11e4"
expires: Fri, 25 Nov 2022 03:46:23 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1669347983
server: CDN77-Turbo
x-77-nzt: AblMCQ03wYmh
x-77-nzt-ray: ffffffff1e761f0d8fad586323f45329
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
static.javhd.com/h5/files/overlay/1008-overlay-preview.png
185.76.9.16200 OK 1.7 kB URL HTTP/2 static.javhd.com/h5/files/overlay/1008-overlay-preview.png
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type PNG image data, 315 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash c2aea5fec0422e7884ce101b7173e4b2
3ddab7f0acb5c2fdc4e34f5a5683602f689471db
dbdc556177a5b6acc00668e4ab8a956f2941d1c6467ad1cef90baa89b45c598d
GET /h5/files/overlay/1008-overlay-preview.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/10432/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3Dc2291663-54e0-11ed-b055-e2e38133f3a0%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3DJavflag%26cv8%3DFirefox%26cv9%3D60fa6cc461d6e22a417e5fc1%26externalId%3Dc2291663-54e0-11ed-b055-e2e38133f3a0%26p%3DeyJiIjoyOTUsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI1MzE5fQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/png
content-length: 1688
last-modified: Wed, 28 Nov 2018 13:40:15 GMT
etag: "5bfe9abf-698"
expires: Tue, 23 May 2023 11:06:09 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839969
server: CDN77-Turbo
x-77-nzt: AblMCQ18Cof/7kLNAA
x-77-nzt-ray: ffffffff1e761f0d8fad5863c9ffc634
x-cache: HIT
x-age: 13452014
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhd.com/h5/files/overlay/1008-overlay.gif
185.76.9.16200 OK 4.1 kB URL HTTP/2 static.javhd.com/h5/files/overlay/1008-overlay.gif
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type GIF image data, version 89a, 300 x 250\012- data
Hash 70bd93b1be91a693b8ab49b92111206c
a342dd6e52ae6c9b8e1b0850d4c6c605942eb686
647a347b3284577e87852b63003ebf9f5b0f7ba09ad6694c4a5564d65ef4f7f2
GET /h5/files/overlay/1008-overlay.gif HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/10432/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3Dc2291663-54e0-11ed-b055-e2e38133f3a0%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3DJavflag%26cv8%3DFirefox%26cv9%3D60fa6cc461d6e22a417e5fc1%26externalId%3Dc2291663-54e0-11ed-b055-e2e38133f3a0%26p%3DeyJiIjoyOTUsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI1MzE5fQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/gif
content-length: 4146
last-modified: Wed, 28 Nov 2018 13:42:51 GMT
etag: "5bfe9b5b-1032"
expires: Tue, 23 May 2023 11:06:09 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839969
server: CDN77-Turbo
x-77-nzt: AblMCQ06Ht3/7kLNAA
x-77-nzt-ray: ffffffff1e761f0d8fad5863b452ca34
x-cache: HIT
x-age: 13452014
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhd.com/h5/files/button/29-button.png
185.76.9.16200 OK 733 B URL HTTP/2 static.javhd.com/h5/files/button/29-button.png
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 82a66a2d222379716ca9a03ff50d8f42
ae43d917ff791f9172edc527baa6266416182aaa
cc5da7b40e498d30bf5eaae43e59cae32202737076422676489dd8d3030803de
GET /h5/files/button/29-button.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/10432/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3Dc2291663-54e0-11ed-b055-e2e38133f3a0%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3DJavflag%26cv8%3DFirefox%26cv9%3D60fa6cc461d6e22a417e5fc1%26externalId%3Dc2291663-54e0-11ed-b055-e2e38133f3a0%26p%3DeyJiIjoyOTUsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI1MzE5fQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: image/png
content-length: 733
last-modified: Tue, 22 Dec 2015 18:41:22 GMT
etag: "56799952-2dd"
expires: Tue, 23 May 2023 11:04:47 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839887
server: CDN77-Turbo
x-77-nzt: AblMCQ39qNj/QEPNAA
x-77-nzt-ray: ffffffff1e761f0d8fad5863c45acd34
x-cache: HIT
x-age: 13452096
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhd.com/h5/files/css/style.css
185.76.9.16200 OK 529 B URL HTTP/2 static.javhd.com/h5/files/css/style.css
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
Hash d8a0ab921e500f9ca41d44cc61621725
b3ebd5f3648c2153b83d6823d3721c93fc7ffee4
5179a18ccd0f163b67869208358d5c024722cddd27a69dfc5b46f9fe8281ef57
GET /h5/files/css/style.css HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/10432/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3Dc2291663-54e0-11ed-b055-e2e38133f3a0%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3DJavflag%26cv8%3DFirefox%26cv9%3D60fa6cc461d6e22a417e5fc1%26externalId%3Dc2291663-54e0-11ed-b055-e2e38133f3a0%26p%3DeyJiIjoyOTUsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI1MzE5fQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: text/css
last-modified: Wed, 25 May 2016 08:29:12 GMT
etag: W/"57456258-7bd"
expires: Tue, 23 May 2023 11:04:47 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839887
server: CDN77-Turbo
x-77-nzt: AblMCQ2VswL/QEPNAA
x-77-nzt-ray: ffffffff1e761f0d8fad58630136e733
x-cache: HIT
x-age: 13452096
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
indoorsbeliefgrew.com/sbar.json?key=2ef41dd6bdb358bdf7d02bce45635537&uuid=716b05d0-a755-43ab-b485-58f0bb6efcbe%3A3%3A1
173.233.137.60200 OK 4.5 kB URL HTTP/1.1 indoorsbeliefgrew.com/sbar.json?key=2ef41dd6bdb358bdf7d02bce45635537&uuid=716b05d0-a755-43ab-b485-58f0bb6efcbe%3A3%3A1
IP 173.233.137.60:0
Hash cdb6713885f6de306fe70d31517e910f
e11e1ee8a6f9d7dd5f750640783abcdf466af8c9
41a30595c4d8274c8bebc7ef993a582c9cc44b6e653ffce8d855e622cdd87186
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=2ef41dd6bdb358bdf7d02bce45635537&uuid=716b05d0-a755-43ab-b485-58f0bb6efcbe%3A3%3A1 HTTP/1.1
Host: indoorsbeliefgrew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 26 Oct 2022 03:46:23 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://javflag.com
Access-Control-Allow-Origin: https://javflag.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16353405; expires=Thu, 27 Oct 2022 03:46:23 GMT; secure; SameSite=None
uid_id2=716b05d0-a755-43ab-b485-58f0bb6efcbe:3:1; expires=Wed, 02 Nov 2022 03:46:23 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 27 Oct 2022 03:46:23 GMT; secure; SameSite=None
uncs=1; expires=Thu, 27 Oct 2022 03:46:23 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 27 Oct 2022 03:46:23 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 27 Oct 2022 03:46:23 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 56e6f2de55e99789c114f2e9d8100fcf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
c0.jdbstatic.com/samples/8v/8V4qmE_l_0.jpg
172.67.68.71200 OK 57 kB URL HTTP/2 c0.jdbstatic.com/samples/8v/8V4qmE_l_0.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Hash 8e34198f2b0cffa07a9731c8590a971e
8d4befdaee61caaff5a69c285a0b1669d3903a6e
1c8fd3d08a62c627e7f71ea86121cb494c9b3659823b01c970a669edbde8614a
GET /samples/8v/8V4qmE_l_0.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:24 GMT
content-type: image/jpeg
content-length: 56852
last-modified: Tue, 27 Sep 2022 09:36:55 GMT
etag: "8e34198f2b0cffa07a9731c8590a971e"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMjrhqr9zvFXNBjYGFoYgFBJmuP7bDG1U1xDPbJfeMcld9aRkypqP%2FGqkIofRcrDwU9uhXizWcbUMoZkuZkGIJcSluV0V6HYRgnVmOQfc4O6kCbd%2Bc9B03XKi8iZf%2BBw9y5m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e7de80b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 52d587367a9374435dec28fc2f353cd0
cd3c8d612a291ffef15cac13d30442186a425147
5d8d93301bf482a59a3068d755b49ae22d4c692c9976edd2d3bb0daf96f41718
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D8D93301BF482A59A3068D755B49AE22D4C692C9976EDD2D3BB0DAF96F41718"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5125
Expires: Wed, 26 Oct 2022 05:11:49 GMT
Date: Wed, 26 Oct 2022 03:46:24 GMT
Connection: keep-alive
analitits.com/t/xfeid?cb=gl.cb.xf
31.220.24.19200 OK 65 B URL HTTP/1.1 analitits.com/t/xfeid?cb=gl.cb.xf
IP 31.220.24.19:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash feccd01ded7e12c83dc48b4c496f65d3
a24cff6640b7f2133f95175045494866f033b8f6
5eeeedd73a9eb4fb13443caab7716ae1c1fa1e7524ac2c24bc45eb62db2d4fd7
GET /t/xfeid?cb=gl.cb.xf HTTP/1.1
Host: analitits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Wed, 26 Oct 2022 03:46:24 GMT
Content-Type: application/octet-stream
Content-Length: 65
Connection: keep-alive
Set-Cookie: xfeid=348e59ccb89f33d63320d6571be2c2a8; expires=Tue, 01 Jan 2030 00:00:00 GMT; path=/; domain=.analitits.com
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: content-type
Access-Control-Max-Age: 864000
indoorsbeliefgrew.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwYscRRvGq5O9fHwXlYAICnPwEMGd7e6Z7p41h2CMK8E1CYliDoJUdVVPare6q63qnp5dEFYDsgch49lL7zO7WTSJ6MmTQXojggviTk57cP%2BJYMSbzGRx9b28b9XzFPzqqfpsqzwiLkp6ePEdvS6VogtB222dveF551rLMiuHrWEv%2FDDsnmuZwWuLYdt9pfWWiFf1gu96ruu5XmtJGpHo4cJUhMzvLXrtRbfd9dte0MXQ%2FHdtSweWOuCDI%2FIcJJ%2FMPXTOQMYNsvTbi8KuFjp%2F9c20VLTQBgO%2B%2B162mukqQ3oyJsZBku0eu6HtwdID6Gxnhgs9%2BMfI5IQ4Pz8Ay3aPIcEG2zNOpiAyMP5%2FVIMGQjWQtEGsb0HyAwLEHJevIEvvXNamomtPVTpVJ2TuyWPIakLmfj%2BDLP3mgpLD1nWtykLqzGKY1JDDBrLfIC%2F3UKyfgqz2EBefQvJfycKTZWTp9hWrNCQ%2FfDnyQuYG3J2nURDMdzuUzbNuL5gPeonLWCiSmIlZQFI2kEkDJUag9jRK66CUDsrEQZk7SPlhK%2FY8L3J5TN3eYhx3eCRYyF2PRolHPTfsoYyndxihyEeI1Qix2UBuNrAqRzDlj7A3a1juwBYEA16jEgSVJagoQSUJqoKgGtQ7XFnf1ne4siXzjrt%2F3Dv1WBf9Lbqji77IyFZ%2BRJ6dBffX5sdYFYctXyRdj%2FOQcdYJeownEXd9FotuEHaCoBPByhrSngK1DtblhDy%2F9AlyOSFzm4%2FA6B6s2kMsnwEtXwKtxpHvgt4cd3su1rO7K3SQKNpvxzoF1zXyYg7FmrOljsgLM4zQ%2FxMi3j%2F%2FU3P7g7N%2F7CE2NXJTY0U%2BJOirzfE1XZHta7qy5LsreSFTuU6nb3u9oIU4%2FfXbYq3Shl%2B6aEdfvR5Phel4711hi2WacZn1Lbl7QXIuzJI2sSA%2FXLLvC3a1tDcvlCYr8%2BWrbyxdSnMjrJU6a0Dlgf0csZyQ%2F1E9%2B7QvrnwPaRqYskZa7pPjgtQN4nwDNj%2Bht5rAqBMPyx1UZT02PjvZVHJC%2FMe%2FQIn98zu%2FLdxvvvwIlNWw4l8HT%2BYtu4m%2BcUCLW8jSGgNTY6BqUDWCLU%2BPi9zsn3%2FUmRWYcsZMGWebKaO%2BeBqvlYetqNNxabgYeFFERcS6fi8JPU6p3w39MKQdFHYS37h%2F%2B28AAAD%2F%2FwEAAP%2F%2FP5cbq4MEAAA%3D
173.233.137.60200 OK 7 B URL HTTP/1.1 indoorsbeliefgrew.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwYscRRvGq5O9fHwXlYAICnPwEMGd7e6Z7p41h2CMK8E1CYliDoJUdVVPare6q63qnp5dEFYDsgch49lL7zO7WTSJ6MmTQXojggviTk57cP%2BJYMSbzGRx9b28b9XzFPzqqfpsqzwiLkp6ePEdvS6VogtB222dveF551rLMiuHrWEv%2FDDsnmuZwWuLYdt9pfWWiFf1gu96ruu5XmtJGpHo4cJUhMzvLXrtRbfd9dte0MXQ%2FHdtSweWOuCDI%2FIcJJ%2FMPXTOQMYNsvTbi8KuFjp%2F9c20VLTQBgO%2B%2B162mukqQ3oyJsZBku0eu6HtwdID6Gxnhgs9%2BMfI5IQ4Pz8Ay3aPIcEG2zNOpiAyMP5%2FVIMGQjWQtEGsb0HyAwLEHJevIEvvXNamomtPVTpVJ2TuyWPIakLmfj%2BDLP3mgpLD1nWtykLqzGKY1JDDBrLfIC%2F3UKyfgqz2EBefQvJfycKTZWTp9hWrNCQ%2FfDnyQuYG3J2nURDMdzuUzbNuL5gPeonLWCiSmIlZQFI2kEkDJUag9jRK66CUDsrEQZk7SPlhK%2FY8L3J5TN3eYhx3eCRYyF2PRolHPTfsoYyndxihyEeI1Qix2UBuNrAqRzDlj7A3a1juwBYEA16jEgSVJagoQSUJqoKgGtQ7XFnf1ne4siXzjrt%2F3Dv1WBf9Lbqji77IyFZ%2BRJ6dBffX5sdYFYctXyRdj%2FOQcdYJeownEXd9FotuEHaCoBPByhrSngK1DtblhDy%2F9AlyOSFzm4%2FA6B6s2kMsnwEtXwKtxpHvgt4cd3su1rO7K3SQKNpvxzoF1zXyYg7FmrOljsgLM4zQ%2FxMi3j%2F%2FU3P7g7N%2F7CE2NXJTY0U%2BJOirzfE1XZHta7qy5LsreSFTuU6nb3u9oIU4%2FfXbYq3Shl%2B6aEdfvR5Phel4711hi2WacZn1Lbl7QXIuzJI2sSA%2FXLLvC3a1tDcvlCYr8%2BWrbyxdSnMjrJU6a0Dlgf0csZyQ%2F1E9%2B7QvrnwPaRqYskZa7pPjgtQN4nwDNj%2Bht5rAqBMPyx1UZT02PjvZVHJC%2FMe%2FQIn98zu%2FLdxvvvwIlNWw4l8HT%2BYtu4m%2BcUCLW8jSGgNTY6BqUDWCLU%2BPi9zsn3%2FUmRWYcsZMGWebKaO%2BeBqvlYetqNNxabgYeFFERcS6fi8JPU6p3w39MKQdFHYS37h%2F%2B28AAAD%2F%2FwEAAP%2F%2FP5cbq4MEAAA%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwYscRRvGq5O9fHwXlYAICnPwEMGd7e6Z7p41h2CMK8E1CYliDoJUdVVPare6q63qnp5dEFYDsgch49lL7zO7WTSJ6MmTQXojggviTk57cP%2BJYMSbzGRx9b28b9XzFPzqqfpsqzwiLkp6ePEdvS6VogtB222dveF551rLMiuHrWEv%2FDDsnmuZwWuLYdt9pfWWiFf1gu96ruu5XmtJGpHo4cJUhMzvLXrtRbfd9dte0MXQ%2FHdtSweWOuCDI%2FIcJJ%2FMPXTOQMYNsvTbi8KuFjp%2F9c20VLTQBgO%2B%2B162mukqQ3oyJsZBku0eu6HtwdID6Gxnhgs9%2BMfI5IQ4Pz8Ay3aPIcEG2zNOpiAyMP5%2FVIMGQjWQtEGsb0HyAwLEHJevIEvvXNamomtPVTpVJ2TuyWPIakLmfj%2BDLP3mgpLD1nWtykLqzGKY1JDDBrLfIC%2F3UKyfgqz2EBefQvJfycKTZWTp9hWrNCQ%2FfDnyQuYG3J2nURDMdzuUzbNuL5gPeonLWCiSmIlZQFI2kEkDJUag9jRK66CUDsrEQZk7SPlhK%2FY8L3J5TN3eYhx3eCRYyF2PRolHPTfsoYyndxihyEeI1Qix2UBuNrAqRzDlj7A3a1juwBYEA16jEgSVJagoQSUJqoKgGtQ7XFnf1ne4siXzjrt%2F3Dv1WBf9Lbqji77IyFZ%2BRJ6dBffX5sdYFYctXyRdj%2FOQcdYJeownEXd9FotuEHaCoBPByhrSngK1DtblhDy%2F9AlyOSFzm4%2FA6B6s2kMsnwEtXwKtxpHvgt4cd3su1rO7K3SQKNpvxzoF1zXyYg7FmrOljsgLM4zQ%2FxMi3j%2F%2FU3P7g7N%2F7CE2NXJTY0U%2BJOirzfE1XZHta7qy5LsreSFTuU6nb3u9oIU4%2FfXbYq3Shl%2B6aEdfvR5Phel4711hi2WacZn1Lbl7QXIuzJI2sSA%2FXLLvC3a1tDcvlCYr8%2BWrbyxdSnMjrJU6a0Dlgf0csZyQ%2F1E9%2B7QvrnwPaRqYskZa7pPjgtQN4nwDNj%2Bht5rAqBMPyx1UZT02PjvZVHJC%2FMe%2FQIn98zu%2FLdxvvvwIlNWw4l8HT%2BYtu4m%2BcUCLW8jSGgNTY6BqUDWCLU%2BPi9zsn3%2FUmRWYcsZMGWebKaO%2BeBqvlYetqNNxabgYeFFERcS6fi8JPU6p3w39MKQdFHYS37h%2F%2B28AAAD%2F%2FwEAAP%2F%2FP5cbq4MEAAA%3D HTTP/1.1
Host: indoorsbeliefgrew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Cookie: u_pl=16353405; uid_id2=716b05d0-a755-43ab-b485-58f0bb6efcbe:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 26 Oct 2022 03:46:24 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 95e62c75e5f3e306375d1d06f6f2e489
Strict-Transport-Security: max-age=0; includeSubdomains
c0.jdbstatic.com/covers/8v/8V4qmE.jpg
172.67.68.71200 OK 118 kB URL HTTP/2 c0.jdbstatic.com/covers/8v/8V4qmE.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x439, components 3\012- data
Size 118 kB (117855 bytes)
Hash 41f26a45a4061e77611cffb76ea9ee66
3a26484d604ec22c3b25d1ba7be690c7b5744e9a
2b8fcba59e88fa6cca73458cc7a819d89887359786e534201fea516143665b4b
GET /covers/8v/8V4qmE.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:24 GMT
content-type: image/jpeg
content-length: 117855
last-modified: Tue, 27 Sep 2022 09:36:54 GMT
etag: "41f26a45a4061e77611cffb76ea9ee66"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkhnj5V9seL8IYfIiGyWE17MzegcPsj4yCg38dmDxwj45kTtOo%2BZsDYFSl6czIXnAcryga6oU0d8vWz4JsBKWp3vJle6fpSMLxkdwO0GSdKezMazPVu0DUV3MViNqJySQH9B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e7de70b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/45/458d2Z_l_0.jpg
172.67.68.71200 OK 63 kB URL HTTP/2 c0.jdbstatic.com/samples/45/458d2Z_l_0.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Hash 58110991fc630c223158f6309bc27871
fe87e08ef62a35b7245afd42f57acf28d14ecd55
7f43afd7809a13cdfe2ba83599cfcb280b06b24e02b4637c0acbad294d7e9cd6
GET /samples/45/458d2Z_l_0.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:24 GMT
content-type: image/jpeg
content-length: 63038
last-modified: Tue, 27 Sep 2022 09:24:28 GMT
etag: "58110991fc630c223158f6309bc27871"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQhxKPLqpQF3nhwx9g8DwwaTmuFNOJnrBfmMollzYHIgKy7ETDd6wLaW3guDlLHjeKlJ0tnG9RnJ1G5DSEDjkgEJdsTX0sFu%2B%2FadkZ0kNCIRuADJu7uYCvMIROhOPbNAxJzo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345f1e400b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/45/458d2Z_l_1.jpg
172.67.68.71200 OK 64 kB URL HTTP/2 c0.jdbstatic.com/samples/45/458d2Z_l_1.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Hash d073e66a332512806fe49b849a5706fb
778106bf5906ea750b516e1f1e9bdf9a71e67b71
48d80e154991c568c29bd532891070b22582a2e82c31c6d55ec644c5a30f6c8d
GET /samples/45/458d2Z_l_1.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:24 GMT
content-type: image/jpeg
content-length: 63515
last-modified: Tue, 27 Sep 2022 09:24:31 GMT
etag: "d073e66a332512806fe49b849a5706fb"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1lb9%2BpcCzBHefBS9d1C0vsN6maqPT1eto3aZA1LSxxkFro5Rm10yIySC0PN1i3kV83WD8lO48mVXhcSCoOXGNn0eMUpgVEkI4ZNOxwOhAKhNhF%2BFatv7OcZ86SBzFXy0G2v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345f1e410b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/covers/mm/Mm4qgJ.jpg
172.67.68.71200 OK 145 kB URL HTTP/2 c0.jdbstatic.com/covers/mm/Mm4qgJ.jpg
IP 172.67.68.71:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x539, components 3\012- data
Size 145 kB (144668 bytes)
Hash 8f478510b7b795461ec16e2cb95dc3f8
3091f997b6df10681b05e5215b19ab37c0de11c3
3a6faa0bcedae882c59765bcfe47191537d1d35a52bdfd22ce27e89993b72080
GET /covers/mm/Mm4qgJ.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:24 GMT
content-type: image/jpeg
content-length: 144668
last-modified: Tue, 27 Sep 2022 09:29:55 GMT
etag: "8f478510b7b795461ec16e2cb95dc3f8"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wR0ZKApzPM7DXzbdoRVk0Xb8UM4e7Us1pCWylZdjjNmKNhH0NgsZ1rJlQ%2FgmdO3i7G%2BMUyesdL%2BXIvSGeE7vp3qMDkt1JT14Awd0hds2trFxtmXLP1K4cdUvh732FxGQycsf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7600345e7df40b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f48778a5fcbc4a835f8c5575e4ac2c9a
7a6b2b9f0faa5f332c23aa41cd7522f0bc54870e
6f211a0cc0c1c5a9ebd8210f6c752f3d990595241eea2e686605a5a56652bfb6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F211A0CC0C1C5A9EBD8210F6C752F3D990595241EEA2E686605A5A56652BFB6"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8972
Expires: Wed, 26 Oct 2022 06:15:56 GMT
Date: Wed, 26 Oct 2022 03:46:24 GMT
Connection: keep-alive
indoorsbeliefgrew.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=460
173.233.137.60200 OK 0 B URL HTTP/1.1 indoorsbeliefgrew.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=460
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=460 HTTP/1.1
Host: indoorsbeliefgrew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Cookie: u_pl=16353405; uid_id2=716b05d0-a755-43ab-b485-58f0bb6efcbe:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 26 Oct 2022 03:46:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 828e18f94b117185ae1741950339f151
9e5be482e5cb0e4b214b064b936b15d2718d1c99
add008da2c5eff2e1e787e88d616cc7f3003c4ea5a5e81b9158dfa64ce290199
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "ADD008DA2C5EFF2E1E787E88D616CC7F3003C4EA5A5E81B9158DFA64CE290199"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9261
Expires: Wed, 26 Oct 2022 06:20:45 GMT
Date: Wed, 26 Oct 2022 03:46:24 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 828e18f94b117185ae1741950339f151
9e5be482e5cb0e4b214b064b936b15d2718d1c99
add008da2c5eff2e1e787e88d616cc7f3003c4ea5a5e81b9158dfa64ce290199
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "ADD008DA2C5EFF2E1E787E88D616CC7F3003C4EA5A5E81B9158DFA64CE290199"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9261
Expires: Wed, 26 Oct 2022 06:20:45 GMT
Date: Wed, 26 Oct 2022 03:46:24 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 828e18f94b117185ae1741950339f151
9e5be482e5cb0e4b214b064b936b15d2718d1c99
add008da2c5eff2e1e787e88d616cc7f3003c4ea5a5e81b9158dfa64ce290199
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "ADD008DA2C5EFF2E1E787E88D616CC7F3003C4EA5A5E81B9158DFA64CE290199"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9261
Expires: Wed, 26 Oct 2022 06:20:45 GMT
Date: Wed, 26 Oct 2022 03:46:24 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/5d/16/8b/5d168b4c2466b189729f9f9e72ff9e4a/1658144882.jpg
45.133.44.9200 OK 11 kB URL HTTP/2 cdn.cloudimagesb.com/si/5d/16/8b/5d168b4c2466b189729f9f9e72ff9e4a/1658144882.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 62eb9d272cfc03bdc42f5abd423d2dcd
8436ae8ad0ac45946b1bf0fe5768cd868cd8c6a2
0a52e8bbbbe749849d27811ef7404a6623f8908ca7d00f902fc927dab7b828a2
GET /si/5d/16/8b/5d168b4c2466b189729f9f9e72ff9e4a/1658144882.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:24 GMT
content-type: image/jpeg
content-length: 11151
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:48:10 GMT
etag: "62d5487a-2b8f"
expires: Fri, 28 Oct 2022 03:46:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 828e18f94b117185ae1741950339f151
9e5be482e5cb0e4b214b064b936b15d2718d1c99
add008da2c5eff2e1e787e88d616cc7f3003c4ea5a5e81b9158dfa64ce290199
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "ADD008DA2C5EFF2E1E787E88D616CC7F3003C4EA5A5E81B9158DFA64CE290199"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9261
Expires: Wed, 26 Oct 2022 06:20:45 GMT
Date: Wed, 26 Oct 2022 03:46:24 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/animate.css
172.64.110.27200 OK 4.8 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP 172.64.110.27:0
Hash 21eb7a65c17a2c22ba104a7ecbf1dc0f
ea8c53be54889c7489aed04e30e3eb83af64dec9
090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237
GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:24 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpAXU77Iim7CCS4QrEUZQC1aJ%2FbsK4iDpWSTbU4A0LY%2BfgNZyVd%2B2I90Ygj9iojMfxmEDeqN%2BzQBN02TPFOXTDXdJBNliirlkBEqIacLcGZ8gHRSZKo4a9HecG%2BVsGEV0LE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76003467ec1571ae-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
indoorsbeliefgrew.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=363
173.233.137.60200 OK 0 B URL HTTP/1.1 indoorsbeliefgrew.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=363
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=363 HTTP/1.1
Host: indoorsbeliefgrew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Cookie: u_pl=16353405; uid_id2=716b05d0-a755-43ab-b485-58f0bb6efcbe:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 26 Oct 2022 03:46:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
taraa.xyz/rtb/show/90e9598cfd5ddbadb91b34438ad89184/?ref=1&k=936738&type=show_skip&cs=YOuvMgC3IbsmIVnmJcypcZiEII6xMACTwMiwdAWTQMiwOIizILxvIti2wYiladyEII6pIAjjkLz2NkjjcOz2OJCHIIs7IQnjNN0fYZXDROl4MBVC9em1b52WNa1McB2yVOkxIEjDoW1oLACCJMtuMUSzIL6hMxSGwbipbpT3IbiNOJjiAOsiIQnnYbzlIdjWoYxyLVC2Jcr1ZJXClLfiYQSDIO6xIkjDIO2kMFDGZOlzYQ2DMN2zZITWdMk5YI2GZZihNJmGFZkkZVGDYZ2mNNmGIOz5YUjTkO3lMB2TUO0iYomjFIj0IJny0eT=
104.21.38.143200 OK 211 B URL HTTP/2 taraa.xyz/rtb/show/90e9598cfd5ddbadb91b34438ad89184/?ref=1&k=936738&type=show_skip&cs=YOuvMgC3IbsmIVnmJcypcZiEII6xMACTwMiwdAWTQMiwOIizILxvIti2wYiladyEII6pIAjjkLz2NkjjcOz2OJCHIIs7IQnjNN0fYZXDROl4MBVC9em1b52WNa1McB2yVOkxIEjDoW1oLACCJMtuMUSzIL6hMxSGwbipbpT3IbiNOJjiAOsiIQnnYbzlIdjWoYxyLVC2Jcr1ZJXClLfiYQSDIO6xIkjDIO2kMFDGZOlzYQ2DMN2zZITWdMk5YI2GZZihNJmGFZkkZVGDYZ2mNNmGIOz5YUjTkO3lMB2TUO0iYomjFIj0IJny0eT=
IP 104.21.38.143:0
Hash ccaf2b4ef1c043efd909f55d1f316e59
dbb1b5f7ed2669970816ac5cccf33b849f1aa869
5e0e13a4f44aa87992bf988ab4350b301855d1f3a404de2cd7a5701e3c7a4897
GET /rtb/show/90e9598cfd5ddbadb91b34438ad89184/?ref=1&k=936738&type=show_skip&cs=YOuvMgC3IbsmIVnmJcypcZiEII6xMACTwMiwdAWTQMiwOIizILxvIti2wYiladyEII6pIAjjkLz2NkjjcOz2OJCHIIs7IQnjNN0fYZXDROl4MBVC9em1b52WNa1McB2yVOkxIEjDoW1oLACCJMtuMUSzIL6hMxSGwbipbpT3IbiNOJjiAOsiIQnnYbzlIdjWoYxyLVC2Jcr1ZJXClLfiYQSDIO6xIkjDIO2kMFDGZOlzYQ2DMN2zZITWdMk5YI2GZZihNJmGFZkkZVGDYZ2mNNmGIOz5YUjTkO3lMB2TUO0iYomjFIj0IJny0eT= HTTP/1.1
Host: taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://taraa.xyz
Connection: keep-alive
Referer: http://taraa.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.27
access-control-allow-origin: *
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMC%2BlYP8GzYulNndKSK6L7grYMnbphMlvXuXRlx08JlqOjPGOIkDs6P%2FIbeMgi2QU4fGa6BEuy0ujqB%2F8X4bp4UmTV3PUue85O2BndgOmg7Z%2Bk7XdJOS7K61Cyo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76003461fbe2b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://javflag.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 547937
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
Hash 12b738fd7f9ddc14e445ed8e3a18fadd
7a79ac245808393ab825bf3b7ab24f7713ea4a3f
47373ffc28f6e0cf83f26d194d248cfff43a48e8ca1bfaea4246e0f86d514c19
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://javflag.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 547937
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css
172.64.110.27200 OK 1.5 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css
IP 172.64.110.27:0
Hash 908dce303e802b45f99455bfa3c26ef2
2f064693d34a6eac3903455fc3de8477c4554e40
60eed66130c70fbeb214c6ab5a7f747cfaaad001a5f10d33d3da7d57f70d6f98
GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:24 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:19:14 GMT
etag: W/"6128d842-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icpcAKw3fzzS7YSMF1rq3EMP0mzmhNRTv%2FJqfoUUWvy86awXaUB%2F6eo8m4VCth%2F%2FE1xgK21BXoqvpwv0q3Di3SGksGAVMCDoyDkEMIwn%2FSavj7k7ikfs9OPRkcXxEIp%2Fpys%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76003467fc2a71ae-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
indoorsbeliefgrew.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGq3dz%2BfK9qCyIoDAHDyuYSffM9MzEPSyuMRKMm2VXcQ%2BC1K%2BeVFLd1VZ1T08CQnRBchB2PHvpPJNs0N0VPXlykc6KYEDM7CkH808srniTmQ1G38v7Vj1Pwaeeqs928hPiI6fHC%2B%2BYTaU1nQvrfu3izSC4VFtWST6oDbrtD9utSzXbf22%2BXfdfqb0l%2BbqZa%2FiB7wd%2BUFtUVkZmMDcRodJ780F93q%2B3GvUgbGFg%2F7t2uQdHPYj%2BCXkOSoxnHnoXoHiFJP52Qbr1zKSvvhnnmmbGoi%2F230vWE1MkiM%2FGyHqIkv1TN4w7WnwAk%2BxNcWH6%2FxiZGhPv5wdgyf4pJFh%2Fd8rJNGQCJv6Pol9B6gqKVuDmFpQ4IgAXuLqCJL5z1diCbjxV6UQdk5knj6GKMZn5%2FQKS%2BJsrWg1qN4zOM2USh0FUQg0qqF6FND9AtnkOqjgAzz6FEr%2BSuSfLSOLdFacNlDh%2BuRO0mR8Kf5Z2wnC21aRslrW64WzYjXzG2jLiTE4DUqqCiipoOQR155E7D7nykEce8tRDLI5rPAiCji849bvznDdFR7K28APaiQIa%2BO0ucj65wxBZOgTXQ3C7hdRuYV0NYfMf4VZLOOHBZQR9UaKQBIUjKChBoQiKjKDol3tCu4Yr7wjtchac9sZpb5Yjk%2FV26J7JejIhO%2BkJeXYa3F%2FbH2NdHtcaMmoFQrSZYM2wy0TUEX6DcdkK280wbHbgVAnlzoE6D5tqTJ5f%2FASpGpOZ7Udg9ABOH4CrZ0Dzl0CLUafhg66OWl0fm8ndNdqPNO3VuYkhTIk0m0G24e3oE%2FLCFKPd%2BBOSH17%2Bqbr9wcU%2FDsBtidSWWFMPCXp6e3TdFGT3uikc%2BW4lzVSsNunkbW9kNJPnv35bbhTGiqUFN%2FzqdT4RJuO9d6XLlmkiVNJz5O4VJYS0i8ZySX5Ycu9Ldi13q1dym%2BTp8rU3Fpfi1ErnlEkqUHXkPgdXY%2FI%2Faqaf9sW176FsBZuXiPNDclpQpgJPt%2BDSM3pnCKw%2B87DUQ5GXI9tgZ5tajUnj8S%2FQ8vDy3m9z96svPwJlJZz818Gzecdto2c90OwWkrhE35bo6xJUD%2BHy86MstYeXHzWnBaa9EdPW22Xa6i%2BexuvUca3piw6Tkeww2QpbkeSChSHzecRZU3S7HJkb85v3b%2F8NAAD%2F%2FwEAAP%2F%2Fv0POQ4MEAAA%3D
173.233.137.60200 OK 7 B URL HTTP/1.1 indoorsbeliefgrew.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGq3dz%2BfK9qCyIoDAHDyuYSffM9MzEPSyuMRKMm2VXcQ%2BC1K%2BeVFLd1VZ1T08CQnRBchB2PHvpPJNs0N0VPXlykc6KYEDM7CkH808srniTmQ1G38v7Vj1Pwaeeqs928hPiI6fHC%2B%2BYTaU1nQvrfu3izSC4VFtWST6oDbrtD9utSzXbf22%2BXfdfqb0l%2BbqZa%2FiB7wd%2BUFtUVkZmMDcRodJ780F93q%2B3GvUgbGFg%2F7t2uQdHPYj%2BCXkOSoxnHnoXoHiFJP52Qbr1zKSvvhnnmmbGoi%2F230vWE1MkiM%2FGyHqIkv1TN4w7WnwAk%2BxNcWH6%2FxiZGhPv5wdgyf4pJFh%2Fd8rJNGQCJv6Pol9B6gqKVuDmFpQ4IgAXuLqCJL5z1diCbjxV6UQdk5knj6GKMZn5%2FQKS%2BJsrWg1qN4zOM2USh0FUQg0qqF6FND9AtnkOqjgAzz6FEr%2BSuSfLSOLdFacNlDh%2BuRO0mR8Kf5Z2wnC21aRslrW64WzYjXzG2jLiTE4DUqqCiipoOQR155E7D7nykEce8tRDLI5rPAiCji849bvznDdFR7K28APaiQIa%2BO0ucj65wxBZOgTXQ3C7hdRuYV0NYfMf4VZLOOHBZQR9UaKQBIUjKChBoQiKjKDol3tCu4Yr7wjtchac9sZpb5Yjk%2FV26J7JejIhO%2BkJeXYa3F%2FbH2NdHtcaMmoFQrSZYM2wy0TUEX6DcdkK280wbHbgVAnlzoE6D5tqTJ5f%2FASpGpOZ7Udg9ABOH4CrZ0Dzl0CLUafhg66OWl0fm8ndNdqPNO3VuYkhTIk0m0G24e3oE%2FLCFKPd%2BBOSH17%2Bqbr9wcU%2FDsBtidSWWFMPCXp6e3TdFGT3uikc%2BW4lzVSsNunkbW9kNJPnv35bbhTGiqUFN%2FzqdT4RJuO9d6XLlmkiVNJz5O4VJYS0i8ZySX5Ycu9Ldi13q1dym%2BTp8rU3Fpfi1ErnlEkqUHXkPgdXY%2FI%2Faqaf9sW176FsBZuXiPNDclpQpgJPt%2BDSM3pnCKw%2B87DUQ5GXI9tgZ5tajUnj8S%2FQ8vDy3m9z96svPwJlJZz818Gzecdto2c90OwWkrhE35bo6xJUD%2BHy86MstYeXHzWnBaa9EdPW22Xa6i%2BexuvUca3piw6Tkeww2QpbkeSChSHzecRZU3S7HJkb85v3b%2F8NAAD%2F%2FwEAAP%2F%2Fv0POQ4MEAAA%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skxRvGq3dz%2BfK9qCyIoDAHDyuYSffM9MzEPSyuMRKMm2VXcQ%2BC1K%2BeVFLd1VZ1T08CQnRBchB2PHvpPJNs0N0VPXlykc6KYEDM7CkH808srniTmQ1G38v7Vj1Pwaeeqs928hPiI6fHC%2B%2BYTaU1nQvrfu3izSC4VFtWST6oDbrtD9utSzXbf22%2BXfdfqb0l%2BbqZa%2FiB7wd%2BUFtUVkZmMDcRodJ780F93q%2B3GvUgbGFg%2F7t2uQdHPYj%2BCXkOSoxnHnoXoHiFJP52Qbr1zKSvvhnnmmbGoi%2F230vWE1MkiM%2FGyHqIkv1TN4w7WnwAk%2BxNcWH6%2FxiZGhPv5wdgyf4pJFh%2Fd8rJNGQCJv6Pol9B6gqKVuDmFpQ4IgAXuLqCJL5z1diCbjxV6UQdk5knj6GKMZn5%2FQKS%2BJsrWg1qN4zOM2USh0FUQg0qqF6FND9AtnkOqjgAzz6FEr%2BSuSfLSOLdFacNlDh%2BuRO0mR8Kf5Z2wnC21aRslrW64WzYjXzG2jLiTE4DUqqCiipoOQR155E7D7nykEce8tRDLI5rPAiCji849bvznDdFR7K28APaiQIa%2BO0ucj65wxBZOgTXQ3C7hdRuYV0NYfMf4VZLOOHBZQR9UaKQBIUjKChBoQiKjKDol3tCu4Yr7wjtchac9sZpb5Yjk%2FV26J7JejIhO%2BkJeXYa3F%2FbH2NdHtcaMmoFQrSZYM2wy0TUEX6DcdkK280wbHbgVAnlzoE6D5tqTJ5f%2FASpGpOZ7Udg9ABOH4CrZ0Dzl0CLUafhg66OWl0fm8ndNdqPNO3VuYkhTIk0m0G24e3oE%2FLCFKPd%2BBOSH17%2Bqbr9wcU%2FDsBtidSWWFMPCXp6e3TdFGT3uikc%2BW4lzVSsNunkbW9kNJPnv35bbhTGiqUFN%2FzqdT4RJuO9d6XLlmkiVNJz5O4VJYS0i8ZySX5Ycu9Ldi13q1dym%2BTp8rU3Fpfi1ErnlEkqUHXkPgdXY%2FI%2Faqaf9sW176FsBZuXiPNDclpQpgJPt%2BDSM3pnCKw%2B87DUQ5GXI9tgZ5tajUnj8S%2FQ8vDy3m9z96svPwJlJZz818Gzecdto2c90OwWkrhE35bo6xJUD%2BHy86MstYeXHzWnBaa9EdPW22Xa6i%2BexuvUca3piw6Tkeww2QpbkeSChSHzecRZU3S7HJkb85v3b%2F8NAAD%2F%2FwEAAP%2F%2Fv0POQ4MEAAA%3D HTTP/1.1
Host: indoorsbeliefgrew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Cookie: u_pl=16353405; uid_id2=716b05d0-a755-43ab-b485-58f0bb6efcbe:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 26 Oct 2022 03:46:25 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7fbd22ff6d326e87ba09f15760282198
Strict-Transport-Security: max-age=0; includeSubdomains
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07cdd29-ee8b-472d-b3da-06fd7cf4b919.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07cdd29-ee8b-472d-b3da-06fd7cf4b919.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ede92f4ba3d143b6ffbc90a77541894c
ccca9cdf92ffc3fb01b9b383c1b08c62e4af8f10
3615e4cec3c5e87e7922726c1e224ae48856f07fdda0550846dbc896a802660b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07cdd29-ee8b-472d-b3da-06fd7cf4b919.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 2dedd2f7-6368-44ca-866b-6da5fff10435
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ2hF1noAMFmsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358568f-288edd872d82b906349d8b1b;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:11 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vo6C0hehsVzDTbhfeJ2AHXhecgLf_dxR_3j_BexwZmqCya7bFgdWQA==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:09:09 GMT
age: 20236
etag: "ccca9cdf92ffc3fb01b9b383c1b08c62e4af8f10"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
172.64.193.5200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP 172.64.193.5:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:21 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: a8d24c15f5e976e5e00113846be98cdd
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 26 Oct 2022 03:46:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hi9Zg1AHZ8p6PhZduyvoz8zG48sGpPf54HNfOdrivq2lG0BNgT1tqe7126f0M7VlGICSLdjh5tCzn9JfiSHEQqglVF9mq99b03bW2%2FjVijYeap18M5If2aom2Y6JwXz5Ub4TZOA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76003453399a7747-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.203.23200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.203.23:0
Analyzer Verdict Alert quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:22 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 996f4143d01f4f9cbd450b364ab616b7
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 26 Oct 2022 03:46:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TEKINAO0iyVd8nSablMDnNRcNs4QCIECTHhBIgjmTegnAGRCpWemG67M4wEgpSQivcyKqYKAN7JwOpKduSwwrPXihi384yaKV1Pkvwh%2FURG%2FEvO7O81V8DOqkbswmeqDk7w%2F1k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76003457dac0bc87-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.javhd.com/h5/files/js/video.js
185.76.9.16200 OK 0 B URL HTTP/2 static.javhd.com/h5/files/js/video.js
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
GET /h5/files/js/video.js HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/10432/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3Dc2291663-54e0-11ed-b055-e2e38133f3a0%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3DJavflag%26cv8%3DFirefox%26cv9%3D60fa6cc461d6e22a417e5fc1%26externalId%3Dc2291663-54e0-11ed-b055-e2e38133f3a0%26p%3DeyJiIjoyOTUsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI1MzE5fQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: application/x-javascript
last-modified: Tue, 10 Nov 2015 10:24:20 GMT
etag: W/"5641c5d4-1cf02"
expires: Tue, 23 May 2023 11:05:24 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839924
server: CDN77-Turbo
x-77-nzt: AblMCQ01bOX/G0PNAA
x-77-nzt-ray: ffffffff1e761f0d8fad58638b776534
x-cache: HIT
x-age: 13452059
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
js.juicyads.com/jp.php?c=34b42323u274u4q2v284z2b434&u=http%3A%2F%2Fwww.juicyads.rocks
143.204.55.92200 OK 0 B URL HTTP/2 js.juicyads.com/jp.php?c=34b42323u274u4q2v284z2b434&u=http%3A%2F%2Fwww.juicyads.rocks
IP 143.204.55.92:0
GET /jp.php?c=34b42323u274u4q2v284z2b434&u=http%3A%2F%2Fwww.juicyads.rocks HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
date: Wed, 26 Oct 2022 03:35:35 GMT
expires: Wed, 26 Oct 2022 03:50:35 GMT
pragma: cache
server: nginx
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ne-_S1l1-odXlxstw6ups1o1ah3HbhslNfOwobBrgxN-oR-YABXITQ==
age: 644
X-Firefox-Spdy: h2
goplayhere.com/iframe/62dfeb373f7d6?iframe&ag_custom_domain=javflag.com
172.67.187.242200 OK 0 B URL HTTP/2 goplayhere.com/iframe/62dfeb373f7d6?iframe&ag_custom_domain=javflag.com
IP 172.67.187.242:0
GET /iframe/62dfeb373f7d6?iframe&ag_custom_domain=javflag.com HTTP/1.1
Host: goplayhere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:20 GMT
content-type: text/html
set-cookie: c_c37920348cf4789083339dca12802dce=1; Expires=Thu, 27-Oct-22 03:46:20 GMT; Domain=goplayhere.com; Path=/; Secure; SameSite=None
z_2001dbe6daa31a9a4d22763fbaa0e4a2=1; Expires=Thu, 27-Oct-22 03:46:20 GMT; Domain=goplayhere.com; Path=/; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9gdcgF6IlrEfay6hUVm9Xam%2B1VNTa%2B%2BiiMSVoeH3y2b4faOsAsKsjR89kEySneEDwUGogy%2FhVWOBLXahb3716heQbeaPAC8BjxsBVtbpEm%2Fb53C9qZi4YmJs0XjBhbPdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7600344ebff5b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
iadoremakingpics.com/bnr/4/bdd/55b5f2/bdd55b5f26d0c29f131dd05c823ef1f9.mp4
172.67.164.27206 Partial Content 0 B URL HTTP/2 iadoremakingpics.com/bnr/4/bdd/55b5f2/bdd55b5f26d0c29f131dd05c823ef1f9.mp4
IP 172.67.164.27:0
GET /bnr/4/bdd/55b5f2/bdd55b5f26d0c29f131dd05c823ef1f9.mp4 HTTP/1.1
Host: iadoremakingpics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Wed, 26 Oct 2022 03:46:21 GMT
content-type: video/mp4
content-length: 276265
last-modified: Fri, 16 Jul 2021 12:56:57 GMT
etag: "60f18219-43729"
cache-control: max-age=1382400
cf-cache-status: REVALIDATED
content-range: bytes 0-276264/276265
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVkBKvkj6ouCjKfgn7Wrn76evk8QOygeScqhvoTJxbi3VFL3k0%2Bm%2BA17RKr1B%2Fe52SKIm88naLSAAos%2B1e4D6fjC%2BmfPxc9SjDci6UKnN18mB3dlpDnbJh0WoOrhSHzv3VGpZqy7HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760034502f041c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.javhd.com/h5/files/js/mobile_video_player.min.js
185.76.9.16200 OK 0 B URL HTTP/2 static.javhd.com/h5/files/js/mobile_video_player.min.js
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
GET /h5/files/js/mobile_video_player.min.js HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/10432/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3Dc2291663-54e0-11ed-b055-e2e38133f3a0%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3DJavflag%26cv8%3DFirefox%26cv9%3D60fa6cc461d6e22a417e5fc1%26externalId%3Dc2291663-54e0-11ed-b055-e2e38133f3a0%26p%3DeyJiIjoyOTUsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI1MzE5fQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:23 GMT
content-type: application/x-javascript
last-modified: Tue, 12 Jan 2016 11:55:17 GMT
etag: W/"5694e9a5-7636"
expires: Tue, 23 May 2023 11:05:24 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839924
server: CDN77-Turbo
x-77-nzt: AblMCQ2rddL/G0PNAA
x-77-nzt-ray: ffffffff1e761f0d8fad586351ad4234
x-cache: HIT
x-age: 13452059
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
taraa.xyz/rtb/show/90e9598cfd5ddbadb91b34438ad89184/?k=936738&cs=2JMCiLIi6EMjCIw6iIZCmZZ1mJICjLoiyAMjTLk2xkNzzLA4z9MmzZEl0JLXCaJGnBZS2McwiEODjMMwsEIDnMJyy8cyibIr6NMWCZwHiBdSzKEwi4OijNE5yoOjDdAysBIynOc0yYIzjXo24gNDTeAgsgIXndcuzlIGjTogxsMTjMgxwgLFCKJg3ANjCLI168MSTYAsyxNWCaw6i9dWzTUiioOjjIA0s5IWnZcn2FImjcolwNLXCdJi2wMiyIIv65MkSIw6iIcy3cRvh9dVGZUsxlXm2YZvv1Ym3IVszAZjWOQiiUOGjbApsJI2mbttlJeCVL9ihQIDjOoxikNDzOEkwFNGjOUzyQMDDNgz1IOWDMZ5mIZGTZQhzJYGTZUkzVZDTZNmlNOGGOU53UNTDOAl4BZTDOki0oNjGIQ0iJfyQe==
104.21.38.143302 Found 0 B URL HTTP/2 taraa.xyz/rtb/show/90e9598cfd5ddbadb91b34438ad89184/?k=936738&cs=2JMCiLIi6EMjCIw6iIZCmZZ1mJICjLoiyAMjTLk2xkNzzLA4z9MmzZEl0JLXCaJGnBZS2McwiEODjMMwsEIDnMJyy8cyibIr6NMWCZwHiBdSzKEwi4OijNE5yoOjDdAysBIynOc0yYIzjXo24gNDTeAgsgIXndcuzlIGjTogxsMTjMgxwgLFCKJg3ANjCLI168MSTYAsyxNWCaw6i9dWzTUiioOjjIA0s5IWnZcn2FImjcolwNLXCdJi2wMiyIIv65MkSIw6iIcy3cRvh9dVGZUsxlXm2YZvv1Ym3IVszAZjWOQiiUOGjbApsJI2mbttlJeCVL9ihQIDjOoxikNDzOEkwFNGjOUzyQMDDNgz1IOWDMZ5mIZGTZQhzJYGTZUkzVZDTZNmlNOGGOU53UNTDOAl4BZTDOki0oNjGIQ0iJfyQe==
IP 104.21.38.143:0
GET /rtb/show/90e9598cfd5ddbadb91b34438ad89184/?k=936738&cs=2JMCiLIi6EMjCIw6iIZCmZZ1mJICjLoiyAMjTLk2xkNzzLA4z9MmzZEl0JLXCaJGnBZS2McwiEODjMMwsEIDnMJyy8cyibIr6NMWCZwHiBdSzKEwi4OijNE5yoOjDdAysBIynOc0yYIzjXo24gNDTeAgsgIXndcuzlIGjTogxsMTjMgxwgLFCKJg3ANjCLI168MSTYAsyxNWCaw6i9dWzTUiioOjjIA0s5IWnZcn2FImjcolwNLXCdJi2wMiyIIv65MkSIw6iIcy3cRvh9dVGZUsxlXm2YZvv1Ym3IVszAZjWOQiiUOGjbApsJI2mbttlJeCVL9ihQIDjOoxikNDzOEkwFNGjOUzyQMDDNgz1IOWDMZ5mIZGTZQhzJYGTZUkzVZDTZNmlNOGGOU53UNTDOAl4BZTDOki0oNjGIQ0iJfyQe== HTTP/1.1
Host: taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://taraa.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 26 Oct 2022 03:46:18 GMT
content-type: text/html; charset=UTF-8
location: https://javflag.com/en
x-powered-by: PHP/7.3.27
access-control-allow-origin: *
referrer-policy: origin
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Y%2FIcTJocJcuziOWH7JcDaUe6J0LuhM6Ub3I0Jq0x2RkgfHfRj0SOdAMZlpAmRlaC5uHLeRHICHBVR%2FBKc%2FhPY62ipZQYxdNqOpjRsvdePKGvKER1T5O8XqKmaw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7600343c8a5ab523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
highlevelcount.com/index.min.js?pk=135245fd163282a65181f02743b60cc2
104.21.30.122404 Not Found 0 B URL HTTP/2 highlevelcount.com/index.min.js?pk=135245fd163282a65181f02743b60cc2
IP 104.21.30.122:0
GET /index.min.js?pk=135245fd163282a65181f02743b60cc2 HTTP/1.1
Host: highlevelcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 26 Oct 2022 03:46:21 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILTsLtaEs8TcNFVkzI40hSwy%2F9o2%2FkQvz%2B6Ycj0xXWNq82nLKc5rN0tjknMsqzCtziKzdhVrzxDdtZ6aiPZSvIohWK1o%2Fas0Fm%2FM0Vss5nSn73ybNbWGCiX1KugfavUJINaJO2E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7600345008aab521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
javflag.com/_next/static/chunks/main-1e26b85ce0e87daf93d6.js
104.21.43.50200 OK 0 B URL HTTP/2 javflag.com/_next/static/chunks/main-1e26b85ce0e87daf93d6.js
IP 104.21.43.50:0
Analyzer Verdict Alert fortinet Malware
GET /_next/static/chunks/main-1e26b85ce0e87daf93d6.js HTTP/1.1
Host: javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:18 GMT
content-type: application/javascript
cache-control: max-age=2592000
cf-bgj: minify
etag: W/"62a8b159-4a9c"
expires: Tue, 08 Nov 2022 03:38:22 GMT
last-modified: Tue, 14 Jun 2022 16:03:37 GMT
cf-cache-status: HIT
age: 1063263
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOX3qzCEQ9utnnfcrq2KXqC6jCTJCHJ7lurjfNkie9A4v0APDxArJ%2FYuyioWRQYzIYVZQ2Eo27YycFhXXKSy5BPPjc2T%2FIeGPt1TaWqwB5GbnlcxDosATFhYmyOLsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76003443dcba1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
javflag.com/_next/static/chunks/a00da3a2-99ba11ce2617a9b60d65.js
104.21.43.50200 OK 0 B URL HTTP/2 javflag.com/_next/static/chunks/a00da3a2-99ba11ce2617a9b60d65.js
IP 104.21.43.50:0
Analyzer Verdict Alert fortinet Malware
GET /_next/static/chunks/a00da3a2-99ba11ce2617a9b60d65.js HTTP/1.1
Host: javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:18 GMT
content-type: application/javascript
cache-control: max-age=2592000
cf-bgj: minify
etag: W/"62a8b159-11e18"
expires: Mon, 31 Oct 2022 04:15:17 GMT
last-modified: Tue, 14 Jun 2022 16:03:37 GMT
cf-cache-status: HIT
age: 1063263
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4MW1HxqhFbGC9qNTPxPjCzdB8%2BJjETUXnYQiQpemsinvUjqQcf1IEPIH1jITEG17L0KkRmZ7aKLDtb%2FOT9DN%2FXFtibktJ86k5iZnpwmtQuPPwE5NyPEtTUjzT%2BvbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76003443ecbb1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
javflag.com/en
104.21.43.50200 OK 0 B IP 104.21.43.50:0
Analyzer Verdict Alert fortinet Malware
GET /en HTTP/1.1
Host: javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://taraa.xyz/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:18 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oD%2FXEGqtWthFO%2B2xqeh1AqaucZN95WRpDiQjGGd8Eu%2FAtXGwX8mZ4XBAhkzQErEXz%2FBIq2ozgellj4iWrZij0RoQPy8y78vUVRmaFsp79GNBMNS7JTJOibfyXHMSnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760034403bad1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
javflag.com/_next/static/css/e8aa9fd894472a74d5f3.css
104.21.43.50200 OK 0 B URL HTTP/2 javflag.com/_next/static/css/e8aa9fd894472a74d5f3.css
IP 104.21.43.50:0
GET /_next/static/css/e8aa9fd894472a74d5f3.css HTTP/1.1
Host: javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 03:46:18 GMT
content-type: text/css
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=13886
etag: W/"62a8b159-363e"
expires: Fri, 11 Nov 2022 18:41:23 GMT
last-modified: Tue, 14 Jun 2022 16:03:37 GMT
cf-cache-status: HIT
age: 1063264
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BiML0N5AlMQCtfaRsfD0m4%2BXRjfzJ8C78cBvVvs5wIlkL6Nb4KwAO7dw5eFzRNZ6eA0%2FtnQy%2BfKZ05Q8p823%2FCcfr5ICkr7iF7G12THj7qnrIjEY%2BEui8T70TjM3Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76003443ccad1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2