Report - 4br.me/textura

Report Overview

Submitted URL
4br.me/textura_selfdoms
IP
104.21.54.192
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-05 23:23:08
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
4br.me	unknown	2020-04-20T15:20:46Z	2023-03-13T05:29:58Z	7.4 kB	136 kB	104.21.54.192
1.bp.blogspot.com	8403	2012-05-21T15:44:19Z	2023-03-13T08:43:54Z	491 B	7.3 kB	142.250.74.161
v1.addthisedge.com	1721	2019-05-22T20:56:22Z	2023-03-13T05:11:57Z	411 B	1.3 kB	2.18.172.123
www.recaptcha.net	2060	2012-07-11T16:32:37Z	2023-03-13T06:24:11Z	406 B	1.1 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	56 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
s7.addthis.com	1504	2012-05-21T05:34:04Z	2023-03-13T05:11:56Z	2.7 kB	176 kB	2.18.172.123
yonhelioliskor.com	153450	2021-06-25T11:08:22Z	2023-03-13T06:18:39Z	3.3 kB	54 kB	139.45.197.251
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.8 kB	60 kB	142.250.74.35
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	421 B	165 kB	142.250.74.35
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.4 kB	8.9 kB	95.101.11.115
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	682 B	994 B	93.184.220.29
z.moatads.com	374	2014-02-11T17:19:47Z	2023-03-13T05:10:11Z	380 B	1.4 kB	2.18.173.140
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.160.120.175
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.1 kB	4.2 kB	142.250.74.131
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	352 B	1.5 kB	142.250.74.106
blog.encurta.net	unknown	2017-03-01T20:24:10Z	2023-03-11T22:38:44Z	405 B	21 kB	172.67.169.12
m.addthis.com	1448	2013-11-06T21:12:22Z	2023-03-13T08:48:31Z	772 B	360 B	2.18.172.123
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-13T05:11:40Z	456 B	734 B	139.45.195.8
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-05 23:23:40	low	104.21.54.192	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (33)

	URL	Size	First Seen	Last Seen
	4br.me/textura_selfdoms	1.1 kB	2023-03-08	2023-03-26
Pretty URL 4br.me/textura_selfdoms IP 104.21.54.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:02:41 Last Seen2023-03-26 09:52:26 Times Seen3 Hash aad184a297ec34192723b5d14e03f569 636d7ba5c04a54c5e9e5c9d79ef0edc80b6c5bd8 95cfae85e61ecb1a993b656fb59f89ae2088c040763e2f18ae0d0104f2804a19 Loading...

	4br.me/js/ads.js	191 B	2023-03-07	2024-04-26
Pretty URL 4br.me/js/ads.js IP 104.21.54.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:37 Last Seen2024-04-26 00:35:29 Times Seen1171 Hash 17787a2eab84e597896283209c237ef4 8f981359046b81a2c99061fc68d7a6d214fc98bc 347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca Loading...

	www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit	921 B	2023-03-13	2023-03-13
Pretty URL www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP 142.250.74.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:51:35 Last Seen2023-03-13 20:29:22 Times Seen1 Hash fe9aa169004914895c60241a152957c0 0bf1d1d996838f9106210db863451dc3b57e179a 8cda5cccb88044c5add71002a4dff39ebdb349efd273d77b7010404db9a8c4e7 Loading...

	4br.me/textura_selfdoms	102 kB	2023-03-13	2023-03-13
Pretty URL 4br.me/textura_selfdoms IP 104.21.54.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:28:22 Last Seen2023-03-13 18:47:20 Times Seen1 Hash 6486e114fbb50d2a51410d1b815efca9 ed7dbe7163b58dc35aa1187cceee1f75e2fa11b6 d6722782df04c672031e5118f553aa8a562bb13075c989fc5c8d522d10a3c3ea Loading...

	www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJ2AYfAAAAAEThIOw_prAL10YazukIVFKI2D7U&co=aHR0cDovLzRici5tZTo4MA..&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=p15v8wywigb5	36 kB	2023-03-13	2023-03-13
Pretty URL www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJ2AYfAAAAAEThIOw_prAL10YazukIVFKI2D7U&co=aHR0cDovLzRici5tZTo4MA..&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=p15v8wywigb5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:01:03 Last Seen2023-03-13 18:01:03 Times Seen1 Hash 936b4b1347a53dc871b9ffbb5692ff45 fb7184cc94cdb23ea68a358a5cbf9427a3d688bb 9407e9dcd9f666f3b828aa458e68bc3052285894a5d0d86387f62ad6303a153e Loading...

	www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6LdJ2AYfAAAAAEThIOw_prAL10YazukIVFKI2D7U	181 B	2023-03-13	2023-03-29
Pretty URL www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6LdJ2AYfAAAAAEThIOw_prAL10YazukIVFKI2D7U IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:01:03 Last Seen2023-03-29 23:03:17 Times Seen5 Hash 848f26997d6434046f998370e11fe371 ddd75609a15c878f5f744db091c8f5cf855324d3 af29504f188104e541d60b295f152883f1ce8c983e3e5f48b0c7617c3d7c867c Loading...

	4br.me/vendor/jquery.min.js?ver=6.4.0	86 kB	2023-03-07	2024-04-27
Pretty URL 4br.me/vendor/jquery.min.js?ver=6.4.0 IP 104.21.54.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:18 Last Seen2024-04-27 01:54:47 Times Seen4082 Hash b354cc9d56a1da6b0c77604d1b153850 a3d8479f4d4e39b131bc9a53bbf53d1fbaa23732 fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46 Loading...

	4br.me/textura_selfdoms	94 B	2023-03-07	2024-04-24
Pretty URL 4br.me/textura_selfdoms IP 104.21.54.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-24 22:57:29 Times Seen1032 Hash 0e82f1e9f9f11642f57928c133254d46 8081b6d8caac03e0cb9baa3b47a533ef15bbe4a1 bd445588497980e8d05916507c7c4df59d0233242a35887c2a6dc8deeff2606c Loading...

	4br.me/textura_selfdoms	59 kB	2023-03-08	2023-03-29
Pretty URL 4br.me/textura_selfdoms IP 104.21.54.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:02:41 Last Seen2023-03-29 23:03:17 Times Seen10 Hash afbe1386ebde8cd50689f6143463be1c 611169ec22eb2364b3b4fadf4770ce4425bdd9bd 7833aa3de2b86b9b2b8fa1b2730c909811d24b3407ab780a38ac6765a247c505 Loading...

	4br.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-27
Pretty URL 4br.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.21.54.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-27 01:47:54 Times Seen55091 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html#rand=0.006037104753606415&iit=1675639420652&tmr=load%3D1675639420509%26core%3D1675639420532%26main%3D1675639420650%26ifr%3D1675639420654&cb=0&cdn=0&md=0&kw=Encurtador%20de%20links%20que%20paga%2CEncurtaNet%2C&ab=-&dh=4br.me&dr=&du=http%3A%2F%2F4br.me%2Ftextura_selfdoms&href=http%3A%2F%2F4br.me%2Ftextura_selfdoms&dt=Selfdoms%20Default%20%5B16x%5D&dbg=0&cap=tc%3D0%26ab%3D0&inst=1&jsl=1&prod=undefined&lng=pt&ogt=image%2Cdescription%2Ctitle&pc=men&pub=ra-5bec6c158c239b28&ssl=0&sid=63e03a7c33119208&srf=0.01&ver=300&xck=0&xtr=0&og=title%3DSelfdoms%2520Default%2520%255B16x%255D%26description%3DMediaFire%2520is%2520a%2520simple%2520to%2520use%2520free%2520service%2520that%2520lets%2520you%2520put%2520all%2520your%2520photos%252C%2520documents%252C%2520music%252C%2520and%2520video%2520in%2520a%2520single%2520place%2520so%2520you%2520can%2520access%2520them%2520anywhere%2520and%2520share%2520them%2520everywhere.%26image%3Dhttps%253A%252F%252Fstatic.mediafire.com%252Fimages%252Ffiletype%252Fdownload%252Fzip.jpg&csi=undefined&rev=v8.28.8-wp&ct=1&xld=1&xd=1	72 kB	2023-03-07	2023-05-06
Pretty URL s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html#rand=0.006037104753606415&iit=1675639420652&tmr=load%3D1675639420509%26core%3D1675639420532%26main%3D1675639420650%26ifr%3D1675639420654&cb=0&cdn=0&md=0&kw=Encurtador%20de%20links%20que%20paga%2CEncurtaNet%2C&ab=-&dh=4br.me&dr=&du=http%3A%2F%2F4br.me%2Ftextura_selfdoms&href=http%3A%2F%2F4br.me%2Ftextura_selfdoms&dt=Selfdoms%20Default%20%5B16x%5D&dbg=0&cap=tc%3D0%26ab%3D0&inst=1&jsl=1&prod=undefined&lng=pt&ogt=image%2Cdescription%2Ctitle&pc=men&pub=ra-5bec6c158c239b28&ssl=0&sid=63e03a7c33119208&srf=0.01&ver=300&xck=0&xtr=0&og=title%3DSelfdoms%2520Default%2520%255B16x%255D%26description%3DMediaFire%2520is%2520a%2520simple%2520to%2520use%2520free%2520service%2520that%2520lets%2520you%2520put%2520all%2520your%2520photos%252C%2520documents%252C%2520music%252C%2520and%2520video%2520in%2520a%2520single%2520place%2520so%2520you%2520can%2520access%2520them%2520anywhere%2520and%2520share%2520them%2520everywhere.%26image%3Dhttps%253A%252F%252Fstatic.mediafire.com%252Fimages%252Ffiletype%252Fdownload%252Fzip.jpg&csi=undefined&rev=v8.28.8-wp&ct=1&xld=1&xd=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-05-06 01:05:13 Times Seen3063 Hash 7d5b5e32745c7b2e10b41554f0dc4142 2fe0a408b06fb8a44f7c1b54ad4f1b70204584ab 7eae26867a4cf6c29d2fbc4cbf3a222058ba71a9ceb7ff0d6d96c3cfb462cc81 Loading...

	z.moatads.com/addthismoatframe568911941483/moatframe.js	1.7 kB	2023-03-07	2023-11-01
Pretty URL z.moatads.com/addthismoatframe568911941483/moatframe.js IP 2.18.173.140 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-11-01 14:42:28 Times Seen4278 Hash dd1a19cb8d13e4571d2b293c0a0d2ccf 18070dd5c894930a8aef7117bf8d49bd4922a723 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd Loading...

	s7.addthis.com/static/14.2dfb61b890959f78272d.js	397 B	2023-03-07	2023-05-03
Pretty URL s7.addthis.com/static/14.2dfb61b890959f78272d.js IP 2.18.172.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:54 Last Seen2023-05-03 23:47:28 Times Seen124 Hash 0cc2f1ab1c909fd8fee32a26d05819d4 81f95f27b3621d27c3f4637ee824419cdc50e797 6070049215ef9b98d1b389d67963816172ff29513d34335c5061cd9619a3ea17 Loading...

	4br.me/vendor/dashboard/js/app.min.js?ver=6.4.0	9.9 kB	2023-03-07	2024-04-26
Pretty URL 4br.me/vendor/dashboard/js/app.min.js?ver=6.4.0 IP 104.21.54.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:38:52 Last Seen2024-04-26 00:35:29 Times Seen195 Hash c97edde005d18d707bcf8f3185de7201 99e43178d50c0386a3b222551766cb08e81da1dd 7a67b6c4dba7eceb6504af73c37a21b1d92a86f7331c85d7024ba36fcaff6236 Loading...

	4br.me/vendor/bootstrap/js/bootstrap.min.js?ver=6.4.0	40 kB	2023-03-07	2024-04-26
Pretty URL 4br.me/vendor/bootstrap/js/bootstrap.min.js?ver=6.4.0 IP 104.21.54.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 20:43:18 Times Seen12224 Hash 2f34b630ffe30ba2ff2b91e3f3c322a1 b16fd8226bd6bfb08e568f1b1d0a21d60247cefb 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Loading...

	4br.me/vendor/clipboard.min.js?ver=6.4.0	11 kB	2023-03-07	2024-04-26
Pretty URL 4br.me/vendor/clipboard.min.js?ver=6.4.0 IP 104.21.54.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:37 Last Seen2024-04-26 00:35:29 Times Seen112 Hash 1278bec9125833f28c1e5d610748eee0 ce23374a9c33ff731ae1e616b5ca831357b50d84 a966b18ec6e3b2e6676df4cd8e274cfba051df4bc26ae0d783a978f5533d2bb4 Loading...

	v1.addthisedge.com/live/boost/ra-5bec6c158c239b28/_ate.track.config_resp	2.2 kB	2023-03-08	2023-04-14
Pretty URL v1.addthisedge.com/live/boost/ra-5bec6c158c239b28/_ate.track.config_resp IP 2.18.172.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:02:41 Last Seen2023-04-14 06:50:53 Times Seen12 Hash 98ced58b4d897c71e3ed562698e345e9 587b0cbd5ee989148afb76b034f3c4ee471a6a64 4d33e86a88755d62831a4fcb661f298394db866180ef0517cebd95934aa8fd45 Loading...

	www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJ2AYfAAAAAEThIOw_prAL10YazukIVFKI2D7U&co=aHR0cDovLzRici5tZTo4MA..&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=p15v8wywigb5	72 B	2023-03-07	2024-04-26
Pretty URL www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJ2AYfAAAAAEThIOw_prAL10YazukIVFKI2D7U&co=aHR0cDovLzRici5tZTo4MA..&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=p15v8wywigb5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:36 Last Seen2024-04-26 23:18:30 Times Seen3268 Hash 497770a2ab62f2aa5e9a92139301634d 49c10647ffe35e24f84f743006f162ff0fe16399 0663d282ac18b3e9d3e81725926a5310e5cae5e6954873f09b7ee193136fb5e4 Loading...

	4br.me/js/app.js?ver=6.4.0	29 kB	2023-03-08	2024-04-26
Pretty URL 4br.me/js/app.js?ver=6.4.0 IP 104.21.54.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:15:23 Last Seen2024-04-26 00:35:29 Times Seen79 Hash 3c6e1b5298af4be254a13e1503165465 92f547aac931bb4411cb0134adcff91781c78e78 f8f7883a3de9397521d2e218ee6ceb6b48ab58a17bb90f10171c75d5e92b5b78 Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 02:11:39 Times Seen37108654 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	yonhelioliskor.com/ntfc.php?p=3138250	14 kB	2023-03-13	2023-03-13
Pretty URL yonhelioliskor.com/ntfc.php?p=3138250 IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:45:30 Last Seen2023-03-13 18:39:11 Times Seen1 Hash 8d1efdb7dc760b8f1780daf94368b42a 30846594f03756ee4402308ba4be7380e61ec415 eee61d18d8aabfc809491d70fe2fb4668bcf6521f48c843cd6123d4e9614c54d Loading...

	m.addthis.com/live/red_lojson/300lo.json?si=63e03a7c33119208&bkl=0&bl=1&pdt=482&sid=63e03a7c33119208&pub=ra-5bec6c158c239b28&rev=v8.28.8-wp&ln=pt&pc=men&cb=0&ab=-&dp=4br.me&fp=textura_selfdoms&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Encurtador%20de%20links%20que%20paga%2CEncurtaNet%2C&colc=1675639420656&jsl=1&uvs=63e03a7cacc48be2000&skipb=1&callback=addthis.cbs.jsonp__88559053489728690	89 B	2023-03-13	2023-03-13
Pretty URL m.addthis.com/live/red_lojson/300lo.json?si=63e03a7c33119208&bkl=0&bl=1&pdt=482&sid=63e03a7c33119208&pub=ra-5bec6c158c239b28&rev=v8.28.8-wp&ln=pt&pc=men&cb=0&ab=-&dp=4br.me&fp=textura_selfdoms&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Encurtador%20de%20links%20que%20paga%2CEncurtaNet%2C&colc=1675639420656&jsl=1&uvs=63e03a7cacc48be2000&skipb=1&callback=addthis.cbs.jsonp__88559053489728690 IP 2.18.172.123 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:01:03 Last Seen2023-03-13 18:01:03 Times Seen1 Hash 02d3bed1c6e46bff879a2230bf0629fb ff5c0c828c2f973246a6eba174a9a2584ac5ff9f b290bb6ce7968325e5f1341c09783be68dba7f843ee35c2ecc72f21e0ef99e09 Loading...

	www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js	412 kB	2023-03-13	2023-03-14
Pretty URL www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:35:27 Last Seen2023-03-14 08:38:41 Times Seen1 Hash d2aff4cd4e40d9bfa2c1f818bcad7ce2 4cc960f771819bccd4783520506e3909e8ec0fcd d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba Loading...

	4br.me/textura_selfdoms	26 kB	2023-03-07	2024-04-26
Pretty URL 4br.me/textura_selfdoms IP 104.21.54.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:51 Last Seen2024-04-26 23:34:16 Times Seen2072 Hash a912e7afe74b51fdd03b28bf67e7d409 85004dfe087af5a730261c85262661d89b3d2516 706b3882753d8f81cfcf35aa2623303b1b380c8106686a4ad12a1fae23cf4650 Loading...

		Size	First Seen	Last Seen
	#1 Eval - eed16ff4b73849b2ea4fde6a4a10a729	22 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:06:48 Last Seen2023-03-14 07:43:08 Times Seen1 Hash eed16ff4b73849b2ea4fde6a4a10a729 9ba91162a36ca15781b19bfe8ae9a5e2df98d55b 971ac3be55ba44d48d62046dbf8373a0f48d762150a3d9e69744f95449a1911b Loading...

	#2 Eval - 78ba2d08f8b5f89c884aac245d3ad05d	19 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 18:01:03 Last Seen2023-03-13 18:01:03 Times Seen1 Hash 78ba2d08f8b5f89c884aac245d3ad05d 9cfaed2c10aa20bd3a453939d8f18e1cf2bfb05a 4b1d2ded786826c81a168ad70ee7e49389a30340e6c2cae4235bc4cd3e67fb45 Loading...

	#3 Eval - 062687690045026856f53e20000732e7	8 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 01:02:58 Last Seen2024-04-14 19:52:56 Times Seen3365 Hash 062687690045026856f53e20000732e7 907a784295139ac62a25fed0fe9636c8a3a5b3af 3c4b9b06fe520e9d07b2150eebd412a59c91d789706d99a2b2dc9bf217604d1f Loading...

	#4 Eval - 3fed29fb8d2a6fc3629afa56a810bce8	18 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 18:01:03 Last Seen2023-03-13 18:01:03 Times Seen1 Hash 3fed29fb8d2a6fc3629afa56a810bce8 30a4f4749aeeddd33b40b835fc2fddc578579f91 b1ec0bed7897e80906d9f84164ed178c56db043d5afd096948912702778aca1e Loading...

	#5 Eval - 54203d80fe39daeb129ac49dfa505647	62 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:06:48 Last Seen2023-03-14 07:43:08 Times Seen1 Hash 54203d80fe39daeb129ac49dfa505647 3afb4e397f319778b09eb79deb8fe5532db04f1e 0b0cbc8a00f6c0cd41604b5ab47421a48d6e68716c14d02fb593444c327540b0 Loading...

	#6 Eval - b5c61f793566b8c202d085b2b08770ba	16 kB	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:06:48 Last Seen2023-03-14 07:43:08 Times Seen1 Hash b5c61f793566b8c202d085b2b08770ba 3ebd7972ef7c752f5e5ee50aad7f3e8f7cd6f56e a6226fffc806e7350700ded0d0fd6197209384c7e441e441c2d1aadd5213e295 Loading...

	#7 Eval - 7b2eafe88ff7e98cc36c5c04b4ca0b2b	22 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:06:48 Last Seen2023-03-14 07:43:08 Times Seen1 Hash 7b2eafe88ff7e98cc36c5c04b4ca0b2b e5eb03ff52599fd6e9dfc5df7a84a4200939aaca 9046ff9b2d9db3cff99ee5340d7ef7e5b46e26790abfe59db85edb95245d1c6b Loading...

	#8 Eval - 449bf5704205ea90d9021bf85b4300cd	11 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 01:02:58 Last Seen2024-04-14 19:52:56 Times Seen3353 Hash 449bf5704205ea90d9021bf85b4300cd a8401782462f9e0afe2435dea38cb79ac66d83af 8ee784d797ce97ed9716bb42682346deb0c7ae8ff75d7ad8ae60508907054c16 Loading...

		Size	First Seen	Last Seen
	#1 Write - d27736da7e403d2816fe303761f71c9c	51 kB	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 02:02:41 Last Seen2023-03-26 09:52:26 Times Seen3 Hash d27736da7e403d2816fe303761f71c9c 6584e8a93a6474d25d8c45a3afcd7196195b0892 3f87095046317587f6bfde7081a0495e8d26a2bddf8d95c99edff09872976dd5 Loading...

HTTP Transactions (72)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8225
Expires: Mon, 06 Feb 2023 01:40:02 GMT
Date: Sun, 05 Feb 2023 23:22:57 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8660
Expires: Mon, 06 Feb 2023 01:47:17 GMT
Date: Sun, 05 Feb 2023 23:22:57 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 22:33:59 GMT
content-type: application/json
age: 2938
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16341
Expires: Mon, 06 Feb 2023 03:55:18 GMT
Date: Sun, 05 Feb 2023 23:22:57 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: +PIcoP8TQguOv6sXQWIsqk9mhEgVQgi9EVLOvQsYbxCvvHRABtuzpLiVdn9hZuBjoKsYZmUOPO8=
x-amz-request-id: PP7VZ260HQM9FEY3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 22:53:28 GMT
age: 1769
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

4br.me/textura_selfdoms

104.21.54.192

200 OK

22 kB

URL HTTP/1.1
4br.me/textura_selfdoms
IP
104.21.54.192:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (59160), with CRLF, LF line terminators
Size
22 kB (22292 bytes)
Hash
f71b925b6e08089fe693d8610b37d661
388a3d23e5315dde18ed801210bdc7ffe4e9d790
b755d11a3a17ed4cf742fdf7854d25695f403bfd72b4b09f36f4ae44db5e6812

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1

HTTP Headers

GET /textura_selfdoms HTTP/1.1
Host: 4br.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 23:22:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: AppSession=de142931f85b96136b6e346191dd0f25; path=/; HttpOnly
csrfToken=b238bf5db23e2fa71849b3355fd6b4e6ad32754b836db0f45d478d3c66e751520c3922a513bae77d232eb4a9ffc9eb05228398b7bfb3a8c6f0a74797d5d87801; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ov1ayrQ1ghfNzNSR38txgYbPLvUsuuMl%2FRikGAxz4KA%2FIs9ZdqpJuaoJUE%2FdAyGPzCqjrYnVtUjvlOj0eZJtARAZl7G5cRKB%2FVFmE3FpqGfjsEzJPcDBq5A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794f641cbeedb4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 23:22:57 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

4br.me/vendor/bootstrap/css/bootstrap.min.css?ver=6.4.0

104.21.54.192

200 OK

20 kB

URL HTTP/1.1
4br.me/vendor/bootstrap/css/bootstrap.min.css?ver=6.4.0
IP
104.21.54.192:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65369)
Size
20 kB (19710 bytes)
Hash
b154f3cd1d6d1a39bd2b5744951e705e
8cbb116b63d434a753be085041f3554f152fa0b1
53ee15614d6f2561b7ca4d3f7a57cd51c2ddf6a610ea84912b9f0b058abd3a10

HTTP Headers

GET /vendor/bootstrap/css/bootstrap.min.css?ver=6.4.0 HTTP/1.1
Host: 4br.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4br.me/textura_selfdoms
Cookie: AppSession=de142931f85b96136b6e346191dd0f25; csrfToken=b238bf5db23e2fa71849b3355fd6b4e6ad32754b836db0f45d478d3c66e751520c3922a513bae77d232eb4a9ffc9eb05228398b7bfb3a8c6f0a74797d5d87801

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 23:22:57 GMT
Content-Type: text/css
Content-Length: 19710
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Tue, 21 Feb 2023 20:52:36 GMT
last-modified: Fri, 20 Dec 2019 05:52:40 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1218621
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpS4EI6Z4c6SMdKQXNeaVZLj4R%2FGhS695UX1zoRn1z1OK395%2B5KryVq4aWkNt7c0Ww%2FKirbczkUWRjR%2B2MpoBZEzObrDPGDpH7KL0f2kkLv4ECZLDbRPvEo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794f641fb9c3b4ff-OSL
alt-svc: h2=":443"; ma=60

4br.me/vendor/dashboard/css/AdminLTE.min.css?ver=6.4.0

104.21.54.192

200 OK

15 kB

URL HTTP/1.1
4br.me/vendor/dashboard/css/AdminLTE.min.css?ver=6.4.0
IP
104.21.54.192:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65310)
Size
15 kB (14753 bytes)
Hash
324663ad4acdf1f6d822c8fafe58ff02
3fa0614d23e35a2ef02b3b8aef6ebac29a9c82aa
23e186501490432407acff3ad96f16d617737694a91d12bf80ccf6e43bd93801

HTTP Headers

GET /vendor/dashboard/css/AdminLTE.min.css?ver=6.4.0 HTTP/1.1
Host: 4br.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4br.me/textura_selfdoms
Cookie: AppSession=de142931f85b96136b6e346191dd0f25; csrfToken=b238bf5db23e2fa71849b3355fd6b4e6ad32754b836db0f45d478d3c66e751520c3922a513bae77d232eb4a9ffc9eb05228398b7bfb3a8c6f0a74797d5d87801

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 23:22:57 GMT
Content-Type: text/css
Content-Length: 14753
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Tue, 21 Feb 2023 18:31:30 GMT
last-modified: Fri, 20 Dec 2019 05:52:46 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1227087
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93wlwfoFD5G8aAYEb%2FL3R9ofQOv41UE2UCE3dGvzinAv0eFch%2BsscxyvoEh8HgAgz2NQX3aFkmXtkgkVHMWRkxzmLpIgF%2Fr3HwOsRp8mGgabQZC6D44Zh6A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794f641fba14b503-OSL
alt-svc: h2=":443"; ma=60

4br.me/vendor/dashboard/css/skins/_all-skins.min.css?ver=6.4.0

104.21.54.192

200 OK

3.3 kB

URL HTTP/1.1
4br.me/vendor/dashboard/css/skins/_all-skins.min.css?ver=6.4.0
IP
104.21.54.192:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (40757), with no line terminators
Size
3.3 kB (3327 bytes)
Hash
222d4790ef03384d6a2cc00378f486da
9579ff128c2c5bb244c4de68e20abcc4df91f0a0
97fc179ba16df4f39bbd31b22f5f56ade96d906d6eb7521d7eb6bf48ddfc8d02

HTTP Headers

GET /vendor/dashboard/css/skins/_all-skins.min.css?ver=6.4.0 HTTP/1.1
Host: 4br.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4br.me/textura_selfdoms
Cookie: AppSession=de142931f85b96136b6e346191dd0f25; csrfToken=b238bf5db23e2fa71849b3355fd6b4e6ad32754b836db0f45d478d3c66e751520c3922a513bae77d232eb4a9ffc9eb05228398b7bfb3a8c6f0a74797d5d87801

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 23:22:57 GMT
Content-Type: text/css
Content-Length: 3327
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Tue, 21 Feb 2023 18:31:30 GMT
last-modified: Fri, 20 Dec 2019 05:52:54 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1227087
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9D4%2FCZLyjp4zAxbYlmDpgrxdQtUxczx%2B%2BhMfsFME%2B%2BM0S63JjSnbpHq3gPwma0pRurEGakcSgrm49IH14rYPk4DlBadNPqq5U1nJWzk0Dq4hlVgE4tiEcc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794f641fb920b51d-OSL
alt-svc: h2=":443"; ma=60

4br.me/css/app.css?ver=6.4.0

104.21.54.192

200 OK

1.5 kB

URL HTTP/1.1
4br.me/css/app.css?ver=6.4.0
IP
104.21.54.192:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.5 kB (1546 bytes)
Hash
cd9793683fa5304b8ba0358f1372b0fa
4e201294cbac40101dbfd41dc35f1190a312edcd
43ddbd9a4b1c4ffc17070086864f2512e2a2e0a36a1107bd13608a01c9e26ab0

HTTP Headers

GET /css/app.css?ver=6.4.0 HTTP/1.1
Host: 4br.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4br.me/textura_selfdoms
Cookie: AppSession=de142931f85b96136b6e346191dd0f25; csrfToken=b238bf5db23e2fa71849b3355fd6b4e6ad32754b836db0f45d478d3c66e751520c3922a513bae77d232eb4a9ffc9eb05228398b7bfb3a8c6f0a74797d5d87801

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 23:22:57 GMT
Content-Type: text/css
Content-Length: 1546
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Wed, 01 Mar 2023 21:32:23 GMT
last-modified: Fri, 20 Dec 2019 05:51:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 525034
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTKwgzeGSJJxyTft%2FFpwx3gU6LvHcxzLyyWHFXPlgOyoY7nnHditqDCH8hPcKJHgEGqudf9NIZYYHUvYYPiNDeiztmJY8ogBR1%2FarJyyVP%2F0pTuP61YMMzw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794f641fb992b52d-OSL
alt-svc: h2=":443"; ma=60

4br.me/vendor/font-awesome/css/font-awesome.min.css?ver=6.4.0

104.21.54.192

200 OK

7.0 kB

URL HTTP/1.1
4br.me/vendor/font-awesome/css/font-awesome.min.css?ver=6.4.0
IP
104.21.54.192:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30789)
Size
7.0 kB (6979 bytes)
Hash
a83eb857cd3ce2265642d4dfe8bcaf12
6ff801c6bd848c154648700375fa7d576c491bd2
76437ba558465a733f0b83726aea70daa48c17b1593011498d8df25b126f7850

HTTP Headers

GET /vendor/font-awesome/css/font-awesome.min.css?ver=6.4.0 HTTP/1.1
Host: 4br.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4br.me/textura_selfdoms
Cookie: AppSession=de142931f85b96136b6e346191dd0f25; csrfToken=b238bf5db23e2fa71849b3355fd6b4e6ad32754b836db0f45d478d3c66e751520c3922a513bae77d232eb4a9ffc9eb05228398b7bfb3a8c6f0a74797d5d87801

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 23:22:57 GMT
Content-Type: text/css
Content-Length: 6979
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Tue, 28 Feb 2023 01:53:17 GMT
last-modified: Fri, 20 Dec 2019 05:52:49 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 682180
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FsJIuHOrNEUV7XddepOEurWlEFEcvVwfXBleCLuLxD6rmcH2MjN6tbe2CNsBpiB2YmRIJx9nV0g5xxAQiwTIltbldIPWrSEf7opqdUXjaY7vXVm7KyfcbUg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794f641fbdb00b69-OSL
alt-svc: h2=":443"; ma=60

fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic

142.250.74.106

200 OK

917 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
917 B (917 bytes)
Hash
4ec1188ea373906a22215906f4444869
dca9bb4b1ff7fa20ee7f94892035fdf45165199f
07c731d8bb7c5921cc6e6c0a21525eba2e770c71d8bb0fb63211a38d5cb05e67

HTTP Headers

GET /css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4br.me/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 05 Feb 2023 23:22:57 GMT
Date: Sun, 05 Feb 2023 23:22:57 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

4br.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.21.54.192

200 OK

655 B

URL HTTP/1.1
4br.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.21.54.192:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (1238)
Size
655 B (655 bytes)
Hash
bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: 4br.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4br.me/textura_selfdoms
Cookie: AppSession=de142931f85b96136b6e346191dd0f25; csrfToken=b238bf5db23e2fa71849b3355fd6b4e6ad32754b836db0f45d478d3c66e751520c3922a513bae77d232eb4a9ffc9eb05228398b7bfb3a8c6f0a74797d5d87801

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 23:22:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 16:56:26 GMT
ETag: W/"63dd3cba-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XelaBZTu2wjnev4%2BkjQAxMFwsNGNNg81RZPq0907D%2BegWHVly1ypjrU9eO4EPhMQIISxtBQhQstb%2BAVVaNWlroR9SWy5gIO0AOQxZqgLoAu405bOOMIFPFk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794f64201a7eb503-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Tue, 07 Feb 2023 23:22:57 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip

4br.me/js/ads.js

104.21.54.192

200 OK

162 B

URL HTTP/1.1
4br.me/js/ads.js
IP
104.21.54.192:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
162 B (162 bytes)
Hash
19606e42047ff6fc62c605157dacf742
dc53398e76781c27eb48f7f948d35d3dacaf8a69
5c50a649421e815c40de836a05bf30d94daaeb9b4acf314b97db662eb8bdc4e1

HTTP Headers

GET /js/ads.js HTTP/1.1
Host: 4br.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4br.me/textura_selfdoms
Cookie: AppSession=de142931f85b96136b6e346191dd0f25; csrfToken=b238bf5db23e2fa71849b3355fd6b4e6ad32754b836db0f45d478d3c66e751520c3922a513bae77d232eb4a9ffc9eb05228398b7bfb3a8c6f0a74797d5d87801

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 23:22:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Tue, 28 Feb 2023 01:53:19 GMT
last-modified: Fri, 20 Dec 2019 05:51:28 GMT
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 682178
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTwmKqgHEH2zdVlo8mpkpfCpuGmODjv1dEKQUDy2Ls%2FFE1cAZWw7haadCAS4inqI3%2FoZWnzzZg3Fks1nn2B7op1uXmQ5L9%2BOnf6ThdNq4%2FYMXUGTvW5JXns%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794f64202de80b69-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

4br.me/vendor/jquery.min.js?ver=6.4.0

104.21.54.192

200 OK

30 kB

URL HTTP/1.1
4br.me/vendor/jquery.min.js?ver=6.4.0
IP
104.21.54.192:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32065)
Size
30 kB (29906 bytes)
Hash
a1dd1493bdf258e4dbf6dc07ed7308f6
650e73419cbdae0965313bc7fb1f6b22769215cd
163e1d87f980cd471550eed01b33398e9d29778b23bba65f861a2b23bc71f99a

HTTP Headers

GET /vendor/jquery.min.js?ver=6.4.0 HTTP/1.1
Host: 4br.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4br.me/textura_selfdoms
Cookie: AppSession=de142931f85b96136b6e346191dd0f25; csrfToken=b238bf5db23e2fa71849b3355fd6b4e6ad32754b836db0f45d478d3c66e751520c3922a513bae77d232eb4a9ffc9eb05228398b7bfb3a8c6f0a74797d5d87801

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 23:22:57 GMT
Content-Type: application/javascript
Content-Length: 29906
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Mon, 27 Feb 2023 23:32:57 GMT
last-modified: Fri, 20 Dec 2019 05:51:31 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 690600
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evf7eD1zW3BOjzSo%2B63Txajxrqu2rBJ4S3K2hxwfAoAPcKfBkDTuI0dps%2F%2Bg59awnL0CTDE1Lx0tkYSn6WsnsIrvh94myWSXojdOk5jEtdfv%2Bi1fN9n%2FqIg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794f64202979b51d-OSL
alt-svc: h2=":443"; ma=60

4br.me/vendor/bootstrap/js/bootstrap.min.js?ver=6.4.0

104.21.54.192

200 OK

11 kB

URL HTTP/1.1
4br.me/vendor/bootstrap/js/bootstrap.min.js?ver=6.4.0
IP
104.21.54.192:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (39553)
Size
11 kB (10952 bytes)
Hash
73a8ec641af288a817a749efad5f0f33
5c17c6af1c288ca780738af7f23784e2a6f7697f
4a72330fd2395601c98468a7db0aeaec4352a9625d55328ba86a3d8b5d80d8b3

HTTP Headers

GET /vendor/bootstrap/js/bootstrap.min.js?ver=6.4.0 HTTP/1.1
Host: 4br.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4br.me/textura_selfdoms
Cookie: AppSession=de142931f85b96136b6e346191dd0f25; csrfToken=b238bf5db23e2fa71849b3355fd6b4e6ad32754b836db0f45d478d3c66e751520c3922a513bae77d232eb4a9ffc9eb05228398b7bfb3a8c6f0a74797d5d87801

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 23:22:57 GMT
Content-Type: application/javascript
Content-Length: 10952
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Tue, 21 Feb 2023 20:52:37 GMT
last-modified: Fri, 20 Dec 2019 05:52:44 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1218620
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FyWHH58REozlr6SnJ81G6XX9QqcqdaGXvi2efMHURYyIqlud6WQ4muCGnWd4V4VYBVjb176YB%2FfmT%2FmrzIYwCVRlk1kzwCC1ku%2BGNbF5MT4QmV8jiweXCBA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794f64202a8cb503-OSL
alt-svc: h2=":443"; ma=60

4br.me/vendor/clipboard.min.js?ver=6.4.0

104.21.54.192

200 OK

3.4 kB

URL HTTP/1.1
4br.me/vendor/clipboard.min.js?ver=6.4.0
IP
104.21.54.192:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (10645)
Size
3.4 kB (3350 bytes)
Hash
b815f0ccc02820cdfdbfd6691717f1cb
68319410eae8acebfa5c8f3c935734394936013f
c91851de9dc2901cdd88ae6ab0228e74bd4cdee79db66f48fb54d1583c7b4b7c

HTTP Headers

GET /vendor/clipboard.min.js?ver=6.4.0 HTTP/1.1
Host: 4br.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4br.me/textura_selfdoms
Cookie: AppSession=de142931f85b96136b6e346191dd0f25; csrfToken=b238bf5db23e2fa71849b3355fd6b4e6ad32754b836db0f45d478d3c66e751520c3922a513bae77d232eb4a9ffc9eb05228398b7bfb3a8c6f0a74797d5d87801

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 23:22:57 GMT
Content-Type: application/javascript
Content-Length: 3350
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Tue, 21 Feb 2023 20:52:37 GMT
last-modified: Fri, 20 Dec 2019 05:51:30 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1218620
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lThH6DL6yWqj14mqxh4g8oMc2JmrHd8QUR51AHBAEcPFI4byHZTD%2FLodjs4mq%2B%2FKTzrpnEkVGWb86qxHOsrbnU%2FS%2B9A28drtS78l8Ej%2FgBidporo5X1zAas%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794f642029ecb52d-OSL
alt-svc: h2=":443"; ma=60

4br.me/vendor/dashboard/js/app.min.js?ver=6.4.0

104.21.54.192

200 OK

3.1 kB

URL HTTP/1.1
4br.me/vendor/dashboard/js/app.min.js?ver=6.4.0
IP
104.21.54.192:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (9522)
Size
3.1 kB (3055 bytes)
Hash
c04b9cb357a0cecd3a806a5ea64c5ed9
d07973db9ebde7479a170f1c4f90d3176676a08d
ca06ed014b391ca8a0608c6c8ef1ef342763af55bb8e666be248b2c899ca1de3

HTTP Headers

GET /vendor/dashboard/js/app.min.js?ver=6.4.0 HTTP/1.1
Host: 4br.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4br.me/textura_selfdoms
Cookie: AppSession=de142931f85b96136b6e346191dd0f25; csrfToken=b238bf5db23e2fa71849b3355fd6b4e6ad32754b836db0f45d478d3c66e751520c3922a513bae77d232eb4a9ffc9eb05228398b7bfb3a8c6f0a74797d5d87801

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 23:22:57 GMT
Content-Type: application/javascript
Content-Length: 3055
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Sat, 25 Feb 2023 16:25:20 GMT
last-modified: Fri, 20 Dec 2019 05:52:48 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 889057
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bpv5W9MfU%2BFUF9Tqq2PvdbOpFFdwsDJEcQIJ7bUsSO%2B4PoX3aiOvM9S46zzFJlQj8tbdZ9KW0whF8xm0YP%2ByTes1nXLeol7WCHHo0yMZyoSDlnexDIoqfVY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794f64203df40b69-OSL
alt-svc: h2=":443"; ma=60

4br.me/js/app.js?ver=6.4.0

104.21.54.192

200 OK

5.9 kB

URL HTTP/1.1
4br.me/js/app.js?ver=6.4.0
IP
104.21.54.192:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
5.9 kB (5920 bytes)
Hash
c7e77d1961cec6c6541162d99ccc4cdf
09131601d1f47ec3c296cffe0f56d7fb2128b3c7
14e0bfc29ee020431b0f73b524771db997b5295f28f446cdfc5fddb258cf70db

HTTP Headers

GET /js/app.js?ver=6.4.0 HTTP/1.1
Host: 4br.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4br.me/textura_selfdoms
Cookie: AppSession=de142931f85b96136b6e346191dd0f25; csrfToken=b238bf5db23e2fa71849b3355fd6b4e6ad32754b836db0f45d478d3c66e751520c3922a513bae77d232eb4a9ffc9eb05228398b7bfb3a8c6f0a74797d5d87801

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 23:22:57 GMT
Content-Type: application/javascript
Content-Length: 5920
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Sat, 18 Feb 2023 06:47:44 GMT
last-modified: Fri, 20 Dec 2019 05:51:28 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1528512
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6x%2BNbC5IeZ3JOWF9qZQyk43sGkjwUSLsEMS5x6jzc3gdj3un4fNWW30JvBGVnFsKHn%2FCyI8TK%2BJwfnmljTSQBqvXXhOWzHN07n6T8ZDobW24L6wHU77ajs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794f64203989b51d-OSL
alt-svc: h2=":443"; ma=60

s7.addthis.com/js/300/addthis_widget.js

2.18.172.123

308 Permanent Redirect

171 B

URL HTTP/1.1
s7.addthis.com/js/300/addthis_widget.js
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
171 B (171 bytes)
Hash
3c417e9efbcaeb3bf7e7df75cf3b22fd
00465aec6b8ec302eae8abb99678fc5c09c3f343
21bd143d38dbbae427615a7266a86a18dc95c417f3e510632d7a9180d98d3571

HTTP Headers

GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4br.me/

HTTP/1.1 308 Permanent Redirect
Server: nginx/1.15.8
Content-Type: text/html
Content-Length: 171
Location: https://s7.addthis.com/js/300/addthis_widget.js
Date: Sun, 05 Feb 2023 23:22:57 GMT
Connection: keep-alive
X-Distribution: 99
X-Host: s7.addthis.com

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
728b0e450f36f363294871aee5a68d2f
a19d5eb6fffe1b76d71ae8b1b1027897f53f2bb5
6d29f8f75af08ee1b5bea80558e9883bc69c555b53bd4f465c6ca30f4213c5c9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 23:22:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

yonhelioliskor.com/ntfc.php?p=3138250

139.45.197.251

200 OK

5.9 kB

URL HTTP/1.1
yonhelioliskor.com/ntfc.php?p=3138250
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
C source, ASCII text, with very long lines (14324), with no line terminators
Size
5.9 kB (5903 bytes)
Hash
b5f1ce6ad306807085d94576e1bae02a
dbd684ea5d4bf1b6126f1b7139bf6308d1fe28f8
65423936450d3e2794f6ad502f4ba8bd8975032b2a653e5af35f6381cead90b1

HTTP Headers

GET /ntfc.php?p=3138250 HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4br.me/

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 23:22:58 GMT
Content-Type: application/javascript
Last-Modified: Fri, 27 Jan 2023 11:03:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63d3af98-37f4"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip

1.bp.blogspot.com/-kcTGwNfMBUA/XY4pBKoksTI/AAAAAAAAIlY/TsAXaSyXjbIDmh1PynFyoXBAhtS56J44QCPcBGAYYCw/s640/Continuar%2B%25282%2529.png

142.250.74.161

200 OK

6.7 kB

URL HTTP/2
1.bp.blogspot.com/-kcTGwNfMBUA/XY4pBKoksTI/AAAAAAAAIlY/TsAXaSyXjbIDmh1PynFyoXBAhtS56J44QCPcBGAYYCw/s640/Continuar%2B%25282%2529.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 250 x 400, 8-bit/color RGB, non-interlaced\012- data
Size
6.7 kB (6725 bytes)
Hash
4434678a022143a10f10c4da0fb35235
4c024d3d586abe08b91e98b8a97eb0b6dd6c781b
63aecc1fcc3b836462906c0f57ea36a4f7391c6af6260481dc6b4fae3047b2b5

HTTP Headers

GET /-kcTGwNfMBUA/XY4pBKoksTI/AAAAAAAAIlY/TsAXaSyXjbIDmh1PynFyoXBAhtS56J44QCPcBGAYYCw/s640/Continuar%2B%25282%2529.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4br.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Continuar (2).png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6725
x-xss-protection: 0
date: Sun, 05 Feb 2023 21:02:12 GMT
expires: Sat, 28 Jan 2023 02:36:37 GMT
cache-control: public, max-age=86400, no-transform
age: 8446
etag: "v2256"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s7.addthis.com/js/300/addthis_widget.js

2.18.172.123

200 OK

116 kB

URL HTTP/2
s7.addthis.com/js/300/addthis_widget.js
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (54602)
Size
116 kB (116423 bytes)
Hash
d5b9b7a3accd3b7b7de639c072ae3ee2
9583b5c046d78af5c6379d844219f828aa2222d0
648dad6716bb917c7d981e7772fca499d9583717fd83ffef47b0534cb9132b60

HTTP Headers

GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4br.me/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116423
date: Sun, 05 Feb 2023 23:22:58 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
728b0e450f36f363294871aee5a68d2f
a19d5eb6fffe1b76d71ae8b1b1027897f53f2bb5
6d29f8f75af08ee1b5bea80558e9883bc69c555b53bd4f465c6ca30f4213c5c9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 23:22:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

142.250.74.35

200 OK

13 kB

URL HTTP/1.1
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Size
13 kB (13036 bytes)
Hash
0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

HTTP Headers

GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://4br.me
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 13036
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 30 Jan 2023 12:46:38 GMT
Expires: Tue, 30 Jan 2024 12:46:38 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:04:42 GMT
Content-Type: font/woff2
Age: 556580

s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

2.18.172.123

200 OK

26 kB

URL HTTP/2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Size
26 kB (26421 bytes)
Hash
707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051

HTTP Headers

GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4br.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sun, 05 Feb 2023 23:22:58 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

142.250.74.35

200 OK

13 kB

URL HTTP/1.1
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Size
13 kB (12924 bytes)
Hash
4610010f425c140b99c88b6819ce1c02
a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

HTTP Headers

GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://4br.me
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 12924
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 05 Feb 2023 10:36:21 GMT
Expires: Mon, 05 Feb 2024 10:36:21 GMT
Cache-Control: public, max-age=31536000
Age: 45997
Last-Modified: Wed, 27 Apr 2022 16:02:31 GMT
Content-Type: font/woff2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 22:51:16 GMT
age: 1902
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
4586570416e1c8e1a4658913b18528ed
1046d86df19fc603623535c2b10295877b794159
4341f1f8b8e2a4992d60c825d0690fad9962c2b570e4a55709a0737ebb242192

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 23:22:58 GMT
Server: ECS (amb/6BA6)
Content-Length: 279

4br.me/textura_selfdoms

104.21.54.192

200 OK

0 B

URL HTTP/1.1
4br.me/textura_selfdoms
IP
104.21.54.192:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1

HTTP Headers

HEAD /textura_selfdoms HTTP/1.1
Host: 4br.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4br.me/textura_selfdoms
Cookie: AppSession=de142931f85b96136b6e346191dd0f25; csrfToken=b238bf5db23e2fa71849b3355fd6b4e6ad32754b836db0f45d478d3c66e751520c3922a513bae77d232eb4a9ffc9eb05228398b7bfb3a8c6f0a74797d5d87801

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 23:22:58 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2F85N3rNrrmSV%2BYp518kmgZVsRqS%2BOIbNgi%2FPhh2519ziG%2F78drVnDyynofk8GS8OUCx5hqbvX2OPNvbVi6tLznsvL2cGzhtt%2FyHXRdmzvpNVQzofhpdEZ0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794f6421eb15b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

blog.encurta.net/wp-content/uploads/2017/02/Logo-Nova-2.png

172.67.169.12

200 OK

20 kB

URL HTTP/2
blog.encurta.net/wp-content/uploads/2017/02/Logo-Nova-2.png
IP
172.67.169.12:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 720 x 245, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19763 bytes)
Hash
bb9befcf2032aa148b00cca9510b2c05
1e62ed5a487d9f13e1a3bc0e1afc54bde750a55b
4b5419da69b46c79af03f015c77aa26599869034c95ce63b2a4b8f3975b2593a

HTTP Headers

GET /wp-content/uploads/2017/02/Logo-Nova-2.png HTTP/1.1
Host: blog.encurta.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4br.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 05 Feb 2023 23:22:58 GMT
content-type: image/png
content-length: 19763
cache-control: public, max-age=604800
expires: Tue, 07 Feb 2023 13:25:23 GMT
last-modified: Thu, 02 Feb 2017 14:44:09 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 467855
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkqLXPA3xIr%2BIBgHfQdj1M0hHzcYy%2BoaKh3ovb%2FYYM333qzjJLK7d712ITMT8Ot2Me%2FcgLm91utCcfNJV%2BIzqjkyw1bAmORchX3Tma7JX9yUkH15X4rkUB1grzcZxmNQH%2B2R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794f6423ae95b4ee-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e227c4c4838d5c980098b522e05a27e8
28faf0787c59c350ae32667ea6bb4a95d3f23ffa
8c595d9412ddf0032a7c2ec8dc4ea6d3ddba0d4486bdc08e3a06d297ae053b11

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C595D9412DDF0032A7C2EC8DC4EA6D3DDBA0D4486BDC08E3A06D297AE053B11"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9759
Expires: Mon, 06 Feb 2023 02:05:37 GMT
Date: Sun, 05 Feb 2023 23:22:58 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e227c4c4838d5c980098b522e05a27e8
28faf0787c59c350ae32667ea6bb4a95d3f23ffa
8c595d9412ddf0032a7c2ec8dc4ea6d3ddba0d4486bdc08e3a06d297ae053b11

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C595D9412DDF0032A7C2EC8DC4EA6D3DDBA0D4486BDC08E3A06D297AE053B11"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5772
Expires: Mon, 06 Feb 2023 00:59:10 GMT
Date: Sun, 05 Feb 2023 23:22:58 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
4586570416e1c8e1a4658913b18528ed
1046d86df19fc603623535c2b10295877b794159
4341f1f8b8e2a4992d60c825d0690fad9962c2b570e4a55709a0737ebb242192

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 23:22:58 GMT
Last-Modified: Sun, 05 Feb 2023 23:22:58 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6144
Expires: Mon, 06 Feb 2023 01:05:22 GMT
Date: Sun, 05 Feb 2023 23:22:58 GMT
Connection: keep-alive

yonhelioliskor.com/zone?pub=0&zone_id=3138250&is_mobile=false&domain=4br.me&var=&ymid=&var_3=

139.45.197.251

200 OK

798 B

URL HTTP/2
yonhelioliskor.com/zone?pub=0&zone_id=3138250&is_mobile=false&domain=4br.me&var=&ymid=&var_3=
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (797)
Size
798 B (798 bytes)
Hash
e62747247dd3170a18587fbf5c2986c6
2813f49766e0abcfd9b75c50440d32fbc7cef386
945033f21b056886f2d6d63d684999c0c46e2937391b66376629549a6e4c234d

HTTP Headers

GET /zone?pub=0&zone_id=3138250&is_mobile=false&domain=4br.me&var=&ymid=&var_3= HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4br.me/
Origin: http://4br.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 23:22:58 GMT
content-type: application/json; charset=utf-8
content-length: 798
x-trace-id: 8482cddf028d16f5cd8ca81a85c2b6d2
access-control-allow-origin: http://4br.me
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

4br.me/favicon.ico

104.21.54.192

200 OK

64 B

URL HTTP/1.1
4br.me/favicon.ico
IP
104.21.54.192:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 1 icon, 16x16, 2 colors\012- data
Size
64 B (64 bytes)
Hash
ce2521545b94598ae74196ee9ea9daf9
f9d08c84152378ca6472d760579d0ce67ab57f96
78f59a0a147d8844b82ae42a90c6a4614d90d50c65415464ecfbae4d1bc01c66

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 4br.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4br.me/textura_selfdoms
Cookie: AppSession=de142931f85b96136b6e346191dd0f25; csrfToken=b238bf5db23e2fa71849b3355fd6b4e6ad32754b836db0f45d478d3c66e751520c3922a513bae77d232eb4a9ffc9eb05228398b7bfb3a8c6f0a74797d5d87801; ab=2; __atuvc=1%7C6; __atuvs=63e03a7cacc48be2000

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 23:22:58 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=31536000
expires: Fri, 19 Jan 2024 16:03:38 GMT
last-modified: Fri, 20 Dec 2019 05:51:23 GMT
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1495160
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2M2cBke%2B3%2BhNyACxuQr5XswqSVXS2e1FJGGMZVa%2FLehHxNh9da%2Bqc7eCvbLktcAvtqnsbXgM%2FV7k%2FmzDKRhGmYNJLGLPCckAgsfyrIz%2BuJk23KTVa5gLaV8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794f64245d21b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

s7.addthis.com/l10n/client.pt.min.json

2.18.172.123

200 OK

1.7 kB

URL HTTP/2
s7.addthis.com/l10n/client.pt.min.json
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (3560), with no line terminators
Size
1.7 kB (1747 bytes)
Hash
19a54a750c49510d0f4479d3aaa1d948
9f69430fe22676a26581cfeab7f79f7352b81fb0
cf281750841886c252bab68854486331fed3798014c49c9c24e024416477b6b6

HTTP Headers

GET /l10n/client.pt.min.json HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://4br.me
Connection: keep-alive
Referer: http://4br.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
etag: W/"5d77be05-e24"
cache-control: public, s-maxage=604800
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 1747
date: Sun, 05 Feb 2023 23:22:58 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2

z.moatads.com/addthismoatframe568911941483/moatframe.js

2.18.173.140

200 OK

948 B

URL HTTP/2
z.moatads.com/addthismoatframe568911941483/moatframe.js
IP
2.18.173.140:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (523)
Size
948 B (948 bytes)
Hash
f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac

HTTP Headers

GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4br.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TYrAmp44ddThNKrHeBmfOrJOox8ItZdAJeP4Uj7Uut6T7Jvp1PpX/XFzXT0gU1oJH/SwK8Irisw=
x-amz-request-id: 598E0BAF9E725A50
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
unused62: 8096267
cache-control: max-age=49849
date: Sun, 05 Feb 2023 23:22:58 GMT
X-Firefox-Spdy: h2

v1.addthisedge.com/live/boost/ra-5bec6c158c239b28/_ate.track.config_resp

2.18.172.123

200 OK

954 B

URL HTTP/2
v1.addthisedge.com/live/boost/ra-5bec6c158c239b28/_ate.track.config_resp
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (2231), with no line terminators
Size
954 B (954 bytes)
Hash
eec2bbb8bfc87a617c9ca7855aa81328
5b76db3b90d961613a25ff070bbe1dab3553cfac
e40ffa9bde7e24c485cd84edb00dacbed50ca664678f4f19f5d1cbec187b1037

HTTP Headers

GET /live/boost/ra-5bec6c158c239b28/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4br.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 954
etag: 1298577078--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=48, s-maxage=86400
date: Sun, 05 Feb 2023 23:22:58 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js

2.18.172.123

200 OK

28 kB

URL HTTP/2
s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (60526)
Size
28 kB (28546 bytes)
Hash
52bcf6a645211d0d5422a508ff3d0311
9c47c99a0ab39fa9dd11d05440c5b3d25c8d3bf7
aa393590ea92c4e96713996b7df36673dc5afb3c78f85a02393fda179df5cbe4

HTTP Headers

GET /static/custom-messages.5799ddf75a30812a3d49.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4br.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-1c9fc"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 28546
date: Sun, 05 Feb 2023 23:22:58 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 23:22:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

142.250.74.3

200 OK

584 B

URL HTTP/2
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (921), with no line terminators
Size
584 B (584 bytes)
Hash
1c85a36998a092d37c3b8ce77bfe8f0e
ed157ea89b61501303c4cab5078676be9ecaa2f9
693af892a5ec0e0c91ecb568effdace49dac9fe828242cce46776dbeb8270967

HTTP Headers

GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4br.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Sun, 05 Feb 2023 23:22:58 GMT
date: Sun, 05 Feb 2023 23:22:58 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

m.addthis.com/live/red_lojson/300lo.json?si=63e03a7c33119208&bkl=0&bl=1&pdt=482&sid=63e03a7c33119208&pub=ra-5bec6c158c239b28&rev=v8.28.8-wp&ln=pt&pc=men&cb=0&ab=-&dp=4br.me&fp=textura_selfdoms&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Encurtador%20de%20links%20que%20paga%2CEncurtaNet%2C&colc=1675639420656&jsl=1&uvs=63e03a7cacc48be2000&skipb=1&callback=addthis.cbs.jsonp__88559053489728690

2.18.172.123

200 OK

89 B

URL HTTP/2
m.addthis.com/live/red_lojson/300lo.json?si=63e03a7c33119208&bkl=0&bl=1&pdt=482&sid=63e03a7c33119208&pub=ra-5bec6c158c239b28&rev=v8.28.8-wp&ln=pt&pc=men&cb=0&ab=-&dp=4br.me&fp=textura_selfdoms&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Encurtador%20de%20links%20que%20paga%2CEncurtaNet%2C&colc=1675639420656&jsl=1&uvs=63e03a7cacc48be2000&skipb=1&callback=addthis.cbs.jsonp__88559053489728690
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
89 B (89 bytes)
Hash
02d3bed1c6e46bff879a2230bf0629fb
ff5c0c828c2f973246a6eba174a9a2584ac5ff9f
b290bb6ce7968325e5f1341c09783be68dba7f843ee35c2ecc72f21e0ef99e09

HTTP Headers

GET /live/red_lojson/300lo.json?si=63e03a7c33119208&bkl=0&bl=1&pdt=482&sid=63e03a7c33119208&pub=ra-5bec6c158c239b28&rev=v8.28.8-wp&ln=pt&pc=men&cb=0&ab=-&dp=4br.me&fp=textura_selfdoms&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Encurtador%20de%20links%20que%20paga%2CEncurtaNet%2C&colc=1675639420656&jsl=1&uvs=63e03a7cacc48be2000&skipb=1&callback=addthis.cbs.jsonp__88559053489728690 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4br.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Sun, 05 Feb 2023 23:22:58 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
36363a5a058b9cae8a8a6705bdc0602b
45a99476a49cb3e0b273f03db250421a991299f9
4b26a8d36ddef0145641e003ff9d0bb3eff1903ba683ac8319a727f8d51f36e4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 23:22:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 23:22:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

142.250.74.35

200 OK

164 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (633)
Size
164 kB (163841 bytes)
Hash
fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a

HTTP Headers

GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://4br.me
Connection: keep-alive
Referer: http://4br.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 08:53:11 GMT
expires: Wed, 31 Jan 2024 08:53:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 484187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s7.addthis.com/static/14.2dfb61b890959f78272d.js

2.18.172.123

200 OK

304 B

URL HTTP/2
s7.addthis.com/static/14.2dfb61b890959f78272d.js
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (397), with no line terminators
Size
304 B (304 bytes)
Hash
ca0f404238de96a7e72a7412a43229ba
4f73f2828bffb15fe09660886210e4ec40eeaa8b
d44d9599170c634d819deecceaa0e7964c0eab00f2e424e882c2840b1363dd36

HTTP Headers

GET /static/14.2dfb61b890959f78272d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4br.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-18d"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 304
date: Sun, 05 Feb 2023 23:22:58 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.160.120.175

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.160.120.175:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ProgxwnyexSEq+/36L9lKQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: V+BA1D2TdT2KOs6YQwAySmzQxQY=

yonhelioliskor.com/custom

139.45.197.251

200 OK

0 B

URL HTTP/2
yonhelioliskor.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://4br.me/
Origin: http://4br.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 23:22:58 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://4br.me
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

yonhelioliskor.com/custom

139.45.197.251

200 OK

39 B

URL HTTP/2
yonhelioliskor.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4br.me/
Content-Type: application/json
Origin: http://4br.me
Content-Length: 360
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 23:22:58 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 6e872b3c0b49e21056a75b5f066485b4
access-control-allow-origin: http://4br.me
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3f42c0d1cd34dd1d6e27d8d13e2034fa
aee1e48ed0450d58d165714bec4be7307eede096
8c057825608d7e340ab1b69839c5a73316162b0afbea1f759c2d6acb6e3f9035

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C057825608D7E340AB1B69839C5A73316162B0AFBEA1F759C2D6ACB6E3F9035"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6580
Expires: Mon, 06 Feb 2023 01:12:39 GMT
Date: Sun, 05 Feb 2023 23:22:59 GMT
Connection: keep-alive

my.rtmark.net/gid.js?pub=0&userId=c70e847105e841ac9e145ba66d750838&zoneId=3138250&checkDuplicate=true&ymid=&var=

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=c70e847105e841ac9e145ba66d750838&zoneId=3138250&checkDuplicate=true&ymid=&var=
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
6f861975e2c94e106060ba319d63a70a
e7800b34e33cd347ea3f4c5f0b3eca85e1e1e579
07f281b2fb4238aef014f6aac81deff91f8fc603d8420c27dc7d3813dea467a4

HTTP Headers

GET /gid.js?pub=0&userId=c70e847105e841ac9e145ba66d750838&zoneId=3138250&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4br.me/
Origin: http://4br.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 23:22:59 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://4br.me
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c70e847105e841ac9e145ba66d750838; expires=Mon, 05 Feb 2024 23:22:59 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

yonhelioliskor.com/pfe/current/universal.min.js?v=3.1.415

139.45.197.251

200 OK

44 kB

URL HTTP/2
yonhelioliskor.com/pfe/current/universal.min.js?v=3.1.415
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
data
Size
44 kB (43940 bytes)
Hash
d4fa30e7d6d419f87ccb6bfce8e7b624
7f45817afb983e1577863444e2a10fd0b2d69435
bec9cc6b9adc91d75999ea2db46f304acb1ae7ee73c2917a49c3107b5e224ca5

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.415 HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4br.me/
Origin: http://4br.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 23:22:58 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 11:03:52 GMT
etag: W/"63d3af98-18c6c"
access-control-allow-origin: http://4br.me
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 23:22:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.recaptcha.net
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:48:03 GMT
expires: Fri, 02 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 264896
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.recaptcha.net
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 16:40:43 GMT
expires: Fri, 02 Feb 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 283336
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

yonhelioliskor.com/custom

139.45.197.251

200 OK

39 B

URL HTTP/2
yonhelioliskor.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4br.me/
Content-Type: application/json
Origin: http://4br.me
Content-Length: 593
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 23:22:59 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 15097fa448fc3087cd3558e803a8580d
access-control-allow-origin: http://4br.me
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

yonhelioliskor.com/custom

139.45.197.251

200 OK

39 B

URL HTTP/2
yonhelioliskor.com/custom
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4br.me/
Content-Type: application/json
Origin: http://4br.me
Content-Length: 361
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 23:22:59 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: d77b0c41c41a666a00faae7fb4d85d9b
access-control-allow-origin: http://4br.me
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3485
Expires: Mon, 06 Feb 2023 00:21:05 GMT
Date: Sun, 05 Feb 2023 23:23:00 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3485
Expires: Mon, 06 Feb 2023 00:21:05 GMT
Date: Sun, 05 Feb 2023 23:23:00 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3485
Expires: Mon, 06 Feb 2023 00:21:05 GMT
Date: Sun, 05 Feb 2023 23:23:00 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9808 bytes)
Hash
ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:54 GMT
age: 4326
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9809 bytes)
Hash
5f54c8725e5dab88b12d42876fa61b12
89c734d690981e30f9d566a7763a1870724d65aa
b8cc5148ae01e1a1fe32f56bdce71de086da320cdd8a55a746609c9773fdaf77

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cf5553-4c3f-4c6d-8dfb-d292e38275bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9809
x-amzn-requestid: 60ff8265-45f4-445b-bf49-e0f1ba4cc3da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzRVKFf7IAMF9hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddfc20-3390f67342da01416e720af6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:33:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3ven3rHNpHQ94K0pntkthMllzUZIpGAGGNe_-zGTmYTtIhuQ3tZ7rQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 17:57:59 GMT
age: 19501
etag: "89c734d690981e30f9d566a7763a1870724d65aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e717762-1012-4c44-9171-7c40ae8127ca.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6116 bytes)
Hash
5c145b7d4f95cca98f9b942a291c9d60
967e1da2df2ce864b1c67e28099c8b161810e240
01f3a9d99b735eb512dd8a251b926eccb05a960e03056fe0a50d4bad7fc4b5b5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e717762-1012-4c44-9171-7c40ae8127ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6116
x-amzn-requestid: d6d032ad-c788-4b63-aab5-fdb9f110f86a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4okcGmOoAMFp-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0214f-172d50bc478a1fac5d4442cd;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2Hl7AlAxp405wt3wk8fRiEr3xMyslJjpKXgSlyU8Hvv23HogWQFvUg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:45 GMT
age: 4335
etag: "967e1da2df2ce864b1c67e28099c8b161810e240"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13230 bytes)
Hash
a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 5577
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d7cf8da-65c4-43dc-af2a-18f03b8da137.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.4 kB (2443 bytes)
Hash
ac3c07c326869964cf6a5ddb153d9587
dcf6f03648c20c9c5c0d6688c766d7e2f943b4cb
55548e23c11dfcd8ef3a5a4e000c041c1b6cfe423f4aed0df6fbb23dbed5f337

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d7cf8da-65c4-43dc-af2a-18f03b8da137.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2443
x-amzn-requestid: 9286f232-d186-458a-b956-fc919f1baf89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pDxEcWIAMFhOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02217-473937042af885b73a64632f;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:39:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AysPcQKKPCBmnBiZlH8u_Zv62m8TuhJXwzjgIokCmaq-J_LfaeBicA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:51:02 GMT
age: 5518
etag: "dcf6f03648c20c9c5c0d6688c766d7e2f943b4cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe482817c-a09c-4952-a819-3ff2f99810ae.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8039 bytes)
Hash
336b665bfad04ec8ed14b01bbf17566d
92102d4c75d2c7efd8197be88e3cb467d2682190
1e21687a242c058a3b442909b168c5e706175b1e93e51cfce691c6f033f795d7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe482817c-a09c-4952-a819-3ff2f99810ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8039
x-amzn-requestid: b36a6062-0676-4abc-820c-959bc02810f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pkoECwIAMF4hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e022ea-52faddc079b7107004e8cfea;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:43:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MOgI0aopvRaUSJ-YFH6QFNpGxhUNlpnLk7VeCeOsmcrGTUYIESN2Hg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:13:33 GMT
age: 4167
etag: "92102d4c75d2c7efd8197be88e3cb467d2682190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

yonhelioliskor.com/pfe/current/defaultSkin.min.js

139.45.197.251

200 OK

0 B

URL HTTP/2
yonhelioliskor.com/pfe/current/defaultSkin.min.js
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pfe/current/defaultSkin.min.js HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4br.me/
Origin: http://4br.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 23:22:59 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 11:03:52 GMT
etag: W/"63d3af98-df63"
access-control-allow-origin: http://4br.me
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

2.18.172.123

200 OK

0 B

URL HTTP/2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP
2.18.172.123:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4br.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77691
date: Sun, 05 Feb 2023 23:22:58 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (33)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML