| javuncen.xyz/d/g0go3agrx814.html |  172.67.216.112 | 301 Moved Permanently | 0 B |
URL HTTP/1.1javuncen.xyz/d/g0go3agrx814.html IP172.67.216.112:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d/g0go3agrx814.html HTTP/1.1
Host: javuncen.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 Feb 2023 10:57:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 03 Feb 2023 11:57:55 GMT
Location: https://javuncen.xyz/d/g0go3agrx814.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfS0KNqTHNd2bkv3ceuS5lsQ36EGTAkF%2BueOtiPe8DDoOSC9lS6xqkVgCPnbh0hdz1fgLbjHBanygkRoVu7RDT22fvPVTLu6GhLd7zwg49HPF3U%2Bm1vCuZ1WmjxyuLE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793aa6016d77b4f1-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ |  95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash81713f952b51a865ad9764cde68e3fdb 278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9129
Expires: Fri, 03 Feb 2023 13:30:04 GMT
Date: Fri, 03 Feb 2023 10:57:55 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashe935ea42be4feaed61a824b0b903913e f966cfa80d65a805cb9d7c6a53b3340865d7c51a eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10970
Expires: Fri, 03 Feb 2023 14:00:45 GMT
Date: Fri, 03 Feb 2023 10:57:55 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 10:43:35 GMT
content-type: application/json
age: 860
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash9a76feabb767086ae0fa54e0ffbf763f 3655d78994a1e9838340669462728b67c8c12e54 bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5284
Expires: Fri, 03 Feb 2023 12:25:59 GMT
Date: Fri, 03 Feb 2023 10:57:55 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vA6wt5G7wZGLAmB/9NU+SUAwYmL73r/VmP8HE4FKKJnBROnTwobOlCEEKVckhOsoon1SE5/FDuE=
x-amz-request-id: 13M2RP4P68N9JAKE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 10:23:30 GMT
age: 2065
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 10:57:55 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 346 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashfb9dc7226d26c317c0223bfe9c8d2357 e4597bcc95685cd2143dd376739dd1128135ab2a a9abe67cfb51a8f68857499acadcffa55761d13c477455b345bdec01df986881
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A9ABE67CFB51A8F68857499ACADCFFA55761D13C477455B345BDEC01DF986881"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11359
Expires: Fri, 03 Feb 2023 14:07:14 GMT
Date: Fri, 03 Feb 2023 10:57:55 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 10:49:06 GMT
age: 530
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 346 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashfb9dc7226d26c317c0223bfe9c8d2357 e4597bcc95685cd2143dd376739dd1128135ab2a a9abe67cfb51a8f68857499acadcffa55761d13c477455b345bdec01df986881
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A9ABE67CFB51A8F68857499ACADCFFA55761D13C477455B345BDEC01DF986881"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11358
Expires: Fri, 03 Feb 2023 14:07:14 GMT
Date: Fri, 03 Feb 2023 10:57:56 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash9c45ea25709afbea416f215ee34611b0 117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed 7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js | 151.101.65.229 | 200 OK | 23 kB |
URL HTTP/2cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js IP151.101.65.229:0
File typeASCII text, with very long lines (65299) Hashed5c6463c7bbe5b6a99a36ee500352b7 05dcf59651be45fa7079e4586cb36c625f4a859c e9c1ef143791a953e02f587edbddede54028c212954ec9daa5a789e79eb2e1cb
GET /npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.2.0
x-jsd-version-type: version
etag: W/"137ae-xmO6oFGFa2TXRmKalh4ju/D7r4w"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 03 Feb 2023 10:57:56 GMT
age: 1398303
x-served-by: cache-fra-eddf8230090-FRA, cache-bma1640-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23075
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 26 kB |
IP216.58.211.3:0
Hash732f9fee808a8ca4eacefbafc325bf52 4641a0f290d995109d536f5c302c4c7a640f291c 9a008a33bd543cc702247f22c7b5a8d615d93f157b954a9fcefad7cb21002bfa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| code.jquery.com/jquery-3.2.1.min.js | 69.16.175.10 | 200 OK | 30 kB |
URL HTTP/2code.jquery.com/jquery-3.2.1.min.js IP69.16.175.10:0
File typeASCII text, with very long lines (32058) Hash148f8d3ffd9cc02048c5f4d1cc83c407 9f2b89cfd151be6a29b4d43ad64d164fb8471046 4dc681da48ba2b417e613e8e027ff5322963c3a3697a8ba97973cfefb48def5e
GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:57:56 GMT
content-encoding: gzip
content-length: 30125
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15283"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675421876.dop065.sk1.t,1675421876.cds016.sk1.hn,1675421876.cds222.sk1.c
X-Firefox-Spdy: h2
|
|
| ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 |  104.18.20.226 | 200 OK | 1.5 kB |
URL HTTP/1.1ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 IP104.18.20.226:0
Hash09066df7c3af5665f15ea8cac2757e86 3db11ef9b3fa8306d72896c1a1a2d629ef059541 ca4023da85422a9e7b4681bf908637bf6fbc54c95d7101237946e0be9f6f4714
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 10:57:56 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "DED50D8C04A6B720870CE680AB7FE9DC00DD2CA1"
Expires: Fri, 03 Feb 2023 21:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 09:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3392
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793aa606db09b4f7-OSL
|
|
| www.googletagmanager.com/gtag/js?id=UA-166622646-1 | 142.250.74.168 | 200 OK | 45 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-166622646-1 IP142.250.74.168:0
File typeASCII text, with very long lines (1759) Hashdcd02200f5e477969573b803a9e3473f 234671a486c14624639328848989aee74c2a9b09 a7f59f18e6a79742abf3ce1265e1f6c80f38c36c4bf22a9e25b74cf8bef71ffc
GET /gtag/js?id=UA-166622646-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 10:57:56 GMT
expires: Fri, 03 Feb 2023 10:57:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44859
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash8913af0be619500295008bb91f506660 a7b8068ba9aa506205a295b24458c2616997a0d1 6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2869
Expires: Fri, 03 Feb 2023 11:45:45 GMT
Date: Fri, 03 Feb 2023 10:57:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash657ea5eaa35b99484db533d7edf26588 9ce8598dbac0090b86467a573ca661ffc960375a 8400e606ae44db1cceccf7bd2e16831e238492c595102fcb194906981e76d4a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8400E606AE44DB1CCECCF7BD2E16831E238492C595102FCB194906981E76D4A8"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6796
Expires: Fri, 03 Feb 2023 12:51:12 GMT
Date: Fri, 03 Feb 2023 10:57:56 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 1.6 kB |
IP216.58.211.3:0
Hash2f7bb8c06eec1913ff1a42b683e3f6d7 2b43455e26d3fcae46ab40bc6e8a57767b58e0ae e7bb7400130c0f4f54d2f3d391f5d72d73d178431d148fc07124bdc162edca01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 4.1 kB |
IP216.58.211.3:0
Hash9e6f1d8ec4b684b34706a4b9bc4794df ff3e7e7d17c8e825930cd438d414c605547b48f7 ea2b4ef1231cc59e4fcd026585583455b9c115a284dac921d7953e062017fb76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hashe3383a870b280d28b1d924543e6128af 0e9ccaf308e10ae68774fe0d32e10d063f379e7d 093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hashe3383a870b280d28b1d924543e6128af 0e9ccaf308e10ae68774fe0d32e10d063f379e7d 093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 | 142.250.74.35 | 200 OK | 7.8 kB |
URL HTTP/2fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data Hash25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://javuncen.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 02:42:35 GMT
expires: Wed, 31 Jan 2024 02:42:35 GMT
cache-control: public, max-age=31536000
age: 288921
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 | 142.250.74.35 | 200 OK | 7.9 kB |
URL HTTP/2fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://javuncen.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 04:05:29 GMT
expires: Tue, 30 Jan 2024 04:05:29 GMT
cache-control: public, max-age=31536000
age: 370347
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hashe3383a870b280d28b1d924543e6128af 0e9ccaf308e10ae68774fe0d32e10d063f379e7d 093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:57:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash93c103b9587ad450de1882a44c9909fd b4cabd314316c2922b8031e67aac2b30c5950a7a c6c0da2c0204cb11493dcc33405e2e2b79e2aae756b3b0fd0b8ea10be2549bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6C0DA2C0204CB11493DCC33405E2E2B79E2AAE756B3B0FD0B8EA10BE2549BD8"
Last-Modified: Wed, 01 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20463
Expires: Fri, 03 Feb 2023 16:38:59 GMT
Date: Fri, 03 Feb 2023 10:57:56 GMT
Connection: keep-alive
|
|
| mc.bedeaflakism.com/t9WNUelxtRr3m2ZqB/55699 |  172.255.6.54 | 200 OK | 25 B |
URL HTTP/1.1mc.bedeaflakism.com/t9WNUelxtRr3m2ZqB/55699 IP172.255.6.54:0
File typeASCII text, with no line terminators Hashd488addc5df5fc9b9ff4135bb4e3a823 6ce56f48e851df4d562b43d3bc1269a504ae83fc d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /t9WNUelxtRr3m2ZqB/55699 HTTP/1.1
Host: mc.bedeaflakism.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 10:57:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://javuncen.xyz
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sat, 04-Feb-2023 10:57:56 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Sat, 04-Feb-2023 10:57:56 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| push.services.mozilla.com/ | 34.214.84.191 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.214.84.191:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: n9f7EEqwMisTm4hsCZLb/w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MVrX9WAnS6lbZlMEWDEBxnwxIdM=
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd0e6db2980856a94433d99c165f2ea36 ab6389e0125db223d98ada0b0706963690aefbe9 587d7188fc6788a95f6c621b3333722edd9cec13e03d0490a160bb9ba0e09271
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "587D7188FC6788A95F6C621B3333722EDD9CEC13E03D0490A160BB9BA0E09271"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6760
Expires: Fri, 03 Feb 2023 12:50:36 GMT
Date: Fri, 03 Feb 2023 10:57:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash583810dc105100c93f904d3a475feac4 20a80a0c1b7b04832bbd7e5d72d0e86fd0267616 c4f3c439a2a3b9e922925e3b255f41f1d8dca57f192ca3e44a1ed2234f83d77a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4F3C439A2A3B9E922925E3B255F41F1D8DCA57F192CA3E44A1ED2234F83D77A"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17127
Expires: Fri, 03 Feb 2023 15:43:23 GMT
Date: Fri, 03 Feb 2023 10:57:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash4c05080981bacce2fa070c1ca13d46b6 e78d0949a84104e2825709796741c4cb32c4fa46 08f2e397f8f7588740afd8e158ceeae3040cd6ba9651580f59bdd0c71194d0a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08F2E397F8F7588740AFD8E158CEEAE3040CD6BA9651580F59BDD0C71194D0A2"
Last-Modified: Wed, 01 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15204
Expires: Fri, 03 Feb 2023 15:11:20 GMT
Date: Fri, 03 Feb 2023 10:57:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashbb0e1ff82ab6199f715e00974b7f6957 74edba6943c202d060b471c30a3c626542bfac84 d982aa0ae1b32ffba27f789ad265b594dfef0bc4c55a0d0489d38b0827e6a7e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D982AA0AE1B32FFBA27F789AD265B594DFEF0BC4C55A0D0489D38B0827E6A7E2"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4194
Expires: Fri, 03 Feb 2023 12:07:50 GMT
Date: Fri, 03 Feb 2023 10:57:56 GMT
Connection: keep-alive
|
|
| my.rtmark.net/gid.js |  139.45.195.8 | 200 OK | 65 B |
IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hash56a76b8e31766a510983b498db3daa5a 2e9e725733ce218bfd2fbbdcfb672be1b5957759 6f71dc243c6c7dc317036cf3648f7844aa7ab54c7cb27633ff9f8767e3028cf0
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javuncen.xyz
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 10:57:56 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://javuncen.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=eae8c1ccd39a45bdb2d068af8b95f89f; expires=Sat, 03 Feb 2024 10:57:56 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashbdba08cf86a706059745d3513916cfee 16f4e0b1e848fdc817068788fa42d29847fd351a f939904dad506ef8821cd83639d0eeb8c24edd665c713a0f4bcac1989039b059
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F939904DAD506EF8821CD83639D0EEB8C24EDD665C713A0F4BCAC1989039B059"
Last-Modified: Wed, 01 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12510
Expires: Fri, 03 Feb 2023 14:26:26 GMT
Date: Fri, 03 Feb 2023 10:57:56 GMT
Connection: keep-alive
|
|
| privacywithholdrepose.com/54/42/5b/54425b8e8ac39b56c91d1586d719761f.js | 192.243.59.12 | 200 OK | 13 kB |
URL HTTP/1.1privacywithholdrepose.com/54/42/5b/54425b8e8ac39b56c91d1586d719761f.js IP192.243.59.12:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with very long lines (37137), with no line terminators Hash8d1ee968c0132b9641da69861d1798db 03cc7359aadf47ada616f8332c8c171327ef8677 10314c0c99f38a8ea334d3c46a9d65ccfee08eb0d2c8e45c48aeddb8966e04ed
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /54/42/5b/54425b8e8ac39b56c91d1586d719761f.js HTTP/1.1
Host: privacywithholdrepose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 03 Feb 2023 10:57:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 139301e4b81fd4e32156b2d12aed509b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash25983e831d541b70252e01caabe87858 3ef7be2bbc36775bca9538b8b9ccfc344a5f32d2 1cc055def67719e7fd57e25a56154067cd5c38cefb1745015018dd0436bb4fd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CC055DEF67719E7FD57E25A56154067CD5C38CEFB1745015018DD0436BB4FD1"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2626
Expires: Fri, 03 Feb 2023 11:41:43 GMT
Date: Fri, 03 Feb 2023 10:57:57 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash2abae108abe012df867dbaa20ed38e34 8a2317ffcf7f546fd094aac03f4e888d64f57c3f d16d2818518b18d1f4daab345c2c4a342526e76c46fb7f4c565a9ffb0300200e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16D2818518B18D1F4DAAB345C2C4A342526E76C46FB7F4C565A9FFB0300200E"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6473
Expires: Fri, 03 Feb 2023 12:45:50 GMT
Date: Fri, 03 Feb 2023 10:57:57 GMT
Connection: keep-alive
|
|
| inconceivableascertained.com/3c/17/ec/3c17ec5bddfd16075b379e926ef52c2d.json | 173.233.137.52 | 200 OK | 411 B |
URL HTTP/1.1inconceivableascertained.com/3c/17/ec/3c17ec5bddfd16075b379e926ef52c2d.json IP173.233.137.52:0
File typeJSON data\012- , ASCII text, with very long lines (411), with no line terminators Hash941bf90b343e3ddf74125b6de0cd8f82 cd1e7135ed19de2c29cfe7ebd11e3ea553926c32 b4eb1c10523656835f2a989c3c6d54ffee516e34272b316c374ec9dec49e210e
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /3c/17/ec/3c17ec5bddfd16075b379e926ef52c2d.json HTTP/1.1
Host: inconceivableascertained.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javuncen.xyz
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 10:57:57 GMT
Content-Type: application/json
Content-Length: 411
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 05b7d13fc7329235f00c1b3748826cc7
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.uponelectabuzzor.club/1?z=4422977 | 139.45.197.239 | 200 OK | 137 kB |
URL HTTP/2cdn.uponelectabuzzor.club/1?z=4422977 IP139.45.197.239:0
File typeASCII text, with very long lines (47451) Size137 kB (137152 bytes) Hashc435b8708526d4b1bf03e6a6e2ba5624 b0a42b763847baab44a77667913c6615e10871f1 93358cc87e4469b2d2d715d8de0bcae08a95b2e38ee6b118830f6604d24cead1
GET /1?z=4422977 HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 10:57:56 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: f7adfa8e9dd49d8582eefbbba9ce2568
access-control-expose-headers: X-Sc
x-sc: SjD6W5Xy70AYT3nYWZrG8lR_C0AoIEWJEQ3PoUpQDT7WAl3D9JDKjE82TFUdocLZ3Rni86d1r5yuJXLF1pN8bQTfWgQ=
set-cookie: scm=1; expires=Sat, 03 Feb 2024 10:57:56 GMT; secure; SameSite=None
OAID=32fdc8a4668b4f7ea8989f90ca8908d4; expires=Sat, 03 Feb 2024 10:57:56 GMT; secure; SameSite=None
oaidts=1675421876; expires=Sat, 03 Feb 2024 10:57:56 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.itskiddien.club/?rb=At2aDj9QGICmp8tKzof5lvSBQLIglNQ26qTfiz97KMP2NoN7nceTiJzwoWWhHNV47w9QkvVbsTu-LGsDXvSbQ44rBQ-BohNY_gujHoLDVVHSvJ-e86iPDYMhCsc_eJ5AmYB8r-kbLPzEQeVbAwf0qzCarx_Wv_tkzZNyRI2Dlbzn3NYrD1wQuqe2WsnOXP_Kw6J81kKBJ7Sr4GBSvap-s9JIhYX3_SiJ5uQruA%3D%3D&request_ab2=0&zoneid=3785253&js_build=iclick-v1.479.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.479.0&bs=e340aa6b-063f-433d-8853-2024f3920a23&userId=eae8c1ccd39a45bdb2d068af8b95f89f&m=link | 139.45.197.236 | 200 OK | 1.6 kB |
URL HTTP/2cdn.itskiddien.club/?rb=At2aDj9QGICmp8tKzof5lvSBQLIglNQ26qTfiz97KMP2NoN7nceTiJzwoWWhHNV47w9QkvVbsTu-LGsDXvSbQ44rBQ-BohNY_gujHoLDVVHSvJ-e86iPDYMhCsc_eJ5AmYB8r-kbLPzEQeVbAwf0qzCarx_Wv_tkzZNyRI2Dlbzn3NYrD1wQuqe2WsnOXP_Kw6J81kKBJ7Sr4GBSvap-s9JIhYX3_SiJ5uQruA%3D%3D&request_ab2=0&zoneid=3785253&js_build=iclick-v1.479.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.479.0&bs=e340aa6b-063f-433d-8853-2024f3920a23&userId=eae8c1ccd39a45bdb2d068af8b95f89f&m=link IP139.45.197.236:0
File typeJSON data\012- , ASCII text, with very long lines (2169), with no line terminators Hash1ec5f11d18f43377db84db9711d25a26 926131f40983f8a33eeb2bec7db35ece45478c8e ec378db4b82be204b27121f92106fadc0f00c985bb684a374a1039c05faf140b
GET /?rb=At2aDj9QGICmp8tKzof5lvSBQLIglNQ26qTfiz97KMP2NoN7nceTiJzwoWWhHNV47w9QkvVbsTu-LGsDXvSbQ44rBQ-BohNY_gujHoLDVVHSvJ-e86iPDYMhCsc_eJ5AmYB8r-kbLPzEQeVbAwf0qzCarx_Wv_tkzZNyRI2Dlbzn3NYrD1wQuqe2WsnOXP_Kw6J81kKBJ7Sr4GBSvap-s9JIhYX3_SiJ5uQruA%3D%3D&request_ab2=0&zoneid=3785253&js_build=iclick-v1.479.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.479.0&bs=e340aa6b-063f-433d-8853-2024f3920a23&userId=eae8c1ccd39a45bdb2d068af8b95f89f&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javuncen.xyz/
Origin: https://javuncen.xyz
Connection: keep-alive
Cookie: OAID=4f8bf3b85e444f2f97e85bd2663e4dca; oaidts=1675421876
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 10:57:56 GMT
content-type: application/json
x-trace-id: 0bba8ffadff508649eadf69d92172339
access-control-allow-origin: https://javuncen.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=eae8c1ccd39a45bdb2d068af8b95f89f; expires=Sat, 03 Feb 2024 10:57:56 GMT; path=/; secure; SameSite=None
oaidts=1675421876; expires=Sat, 03 Feb 2024 10:57:56 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 10 Feb 2023 10:57:56 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| anymoresentencevirgin.com/pixel/pure | 173.233.137.36 | 204 No Content | 0 B |
URL HTTP/1.1anymoresentencevirgin.com/pixel/pure IP173.233.137.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /pixel/pure HTTP/1.1
Host: anymoresentencevirgin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://javuncen.xyz/
Origin: https://javuncen.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 10:57:57 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
|
|
| cdn.uponelectabuzzor.club/9?z=4422977&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=eae8c1ccd39a45bdb2d068af8b95f89f | 139.45.197.239 | 200 OK | 7 B |
URL HTTP/2cdn.uponelectabuzzor.club/9?z=4422977&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=eae8c1ccd39a45bdb2d068af8b95f89f IP139.45.197.239:0
File typeASCII text, with no line terminators Hasha97eb6fbe6f13b601d5d48c0eba8baae 736efb938caf3d0edec406932ada889f1a4f2268 a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
POST /9?z=4422977&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=eae8c1ccd39a45bdb2d068af8b95f89f HTTP/1.1
Host: cdn.uponelectabuzzor.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 249
Origin: https://javuncen.xyz
Connection: keep-alive
Referer: https://javuncen.xyz/
Cookie: scm=1; OAID=32fdc8a4668b4f7ea8989f90ca8908d4; oaidts=1675421876
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 10:57:57 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://javuncen.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: c8448d5b3178d6f40f8656cea8912849
access-control-expose-headers: X-Sc
set-cookie: OAID=eae8c1ccd39a45bdb2d068af8b95f89f; expires=Sat, 03 Feb 2024 10:57:57 GMT; secure; SameSite=None
oaidts=1675421876; expires=Sat, 03 Feb 2024 10:57:57 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 345 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashb5a404b308fa06356367c560e850e1bc 62a5d88a31451b0387e6444c079b6175fa8065a0 f0896232da72586ab3db7427040e653b271df7da7f4c192f44d1b38392702598
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F0896232DA72586AB3DB7427040E653B271DF7DA7F4C192F44D1B38392702598"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9352
Expires: Fri, 03 Feb 2023 13:33:49 GMT
Date: Fri, 03 Feb 2023 10:57:57 GMT
Connection: keep-alive
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-LKBMYHCW0K>m=45je3210&_p=37503406&cid=1145942276.1675421907&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675421907&sct=1&seg=0&dl=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&dt=StreamSB&en=page_view&_fv=1&_nsi=1&_ss=1 | 216.239.34.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-LKBMYHCW0K>m=45je3210&_p=37503406&cid=1145942276.1675421907&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675421907&sct=1&seg=0&dl=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&dt=StreamSB&en=page_view&_fv=1&_nsi=1&_ss=1 IP216.239.34.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LKBMYHCW0K>m=45je3210&_p=37503406&cid=1145942276.1675421907&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675421907&sct=1&seg=0&dl=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&dt=StreamSB&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javuncen.xyz
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://javuncen.xyz
date: Fri, 03 Feb 2023 10:57:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| anymoresentencevirgin.com/pixel/pure | 173.233.137.36 | 200 OK | 0 B |
URL HTTP/1.1anymoresentencevirgin.com/pixel/pure IP173.233.137.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pixel/pure HTTP/1.1
Host: anymoresentencevirgin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://javuncen.xyz
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 10:57:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hash3f11c62617c2bee07a8ed3cf82151243 ba58aa99e6fda4e73216a5b6a382dfd4f1f5b33a a0b39826bd54ed8244e2c90f71d51146feaba0b9100446256479344837c50228
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100616
Date: Fri, 03 Feb 2023 10:57:57 GMT
Etag: "63dbbb1a-1d7"
Expires: Sat, 04 Feb 2023 14:54:53 GMT
Last-Modified: Thu, 02 Feb 2023 13:31:06 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JsV3uREmryMbL-loe8MChI3yRDWDZG5mz3k1v4efLhgmlJCcSodlkQ==
Age: 5027
|
|
| simplewebanalysis.com/stats |  3.120.47.42 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP3.120.47.42:0
File typeASCII text, with no line terminators Hashd3f2c6b9d90d4c5badb885fed5f3d2c3 cfbbf985721e403ecc607b0e15d01a1ff446d9aa 2f0feec7db2c73635021a954914cbc53f8a81cda0f9aaf4b1a5f93e16d24c574
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javuncen.xyz
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:57:57 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://javuncen.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=8e9a4b9a-39c1-4ac2-ad16-b37da63e593c:3:1; expires=Mon, 31 Jan 2033 10:57:57 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 345 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashb5a404b308fa06356367c560e850e1bc 62a5d88a31451b0387e6444c079b6175fa8065a0 f0896232da72586ab3db7427040e653b271df7da7f4c192f44d1b38392702598
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F0896232DA72586AB3DB7427040E653B271DF7DA7F4C192F44D1B38392702598"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9352
Expires: Fri, 03 Feb 2023 13:33:49 GMT
Date: Fri, 03 Feb 2023 10:57:57 GMT
Connection: keep-alive
|
|
| friendshipmale.com/sfp.js | 172.64.203.23 | 200 OK | 39 kB |
URL HTTP/2friendshipmale.com/sfp.js IP172.64.203.23:0
File typeUnicode text, UTF-8 text, with very long lines (65529), with no line terminators Hash65fb205e850a3e424cb3196bcb94c6af 878f403503e097d741339b3fca81df9e170d5948 bdb8d734e3285c6267ee1f89f5d2a57202f223995bada45519ad4fea62623875
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:57:57 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f33a141673a9e88a6f0e0c54f12c1b07
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 03 Feb 2023 10:57:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPhTv1ipiS0RfJotyv4W4ShW7eVmSsZjT3XMS6adEZ1hy2tNnwwkMSi7wy6M3zyKo4EDd61IOkfA6%2B4v48e1u6bg1J5SEmQ6IJE8R23XSIpISvxLFV28eQdSvhLkZBulRXdXykk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793aa60c9ab923f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd6742c7572f09dabd5444424ca66705d 00e8b8e4fb4b5b6bcfa50ef44e56091c3c065d77 4d1431f1cdaf0f9e20b7379bdf77a7f7911dd9970dfe7537c92d0a7269564ff1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D1431F1CDAF0F9E20B7379BDF77A7F7911DD9970DFE7537C92D0A7269564FF1"
Last-Modified: Tue, 31 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2200
Expires: Fri, 03 Feb 2023 11:34:37 GMT
Date: Fri, 03 Feb 2023 10:57:57 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashc14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6405
Expires: Fri, 03 Feb 2023 12:44:42 GMT
Date: Fri, 03 Feb 2023 10:57:57 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashc14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6405
Expires: Fri, 03 Feb 2023 12:44:42 GMT
Date: Fri, 03 Feb 2023 10:57:57 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashc14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6405
Expires: Fri, 03 Feb 2023 12:44:42 GMT
Date: Fri, 03 Feb 2023 10:57:57 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashc14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6405
Expires: Fri, 03 Feb 2023 12:44:42 GMT
Date: Fri, 03 Feb 2023 10:57:57 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3490571dd2de0a747987b9a0e18cccc8 18e9f8f160d3515f1cb31fc7538ac762a6cab344 1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vUJO-Pt9Hi1ndrCQQT1nNCGT7oDOYBpA8-EawHanESoZAsZv32dQdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 00:25:04 GMT
age: 37973
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg | 34.120.237.76 | 200 OK | 5.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd4041f3b5316bc84c9e6d88ddbc85b89 4978a4a20836b6f5d863d331bcedad782b7b4ac6 549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:28:50 GMT
age: 44947
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg | 34.120.237.76 | 200 OK | 9.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash02123eef9faa8560ff66b058d4e13a28 decf26282993d7f0b14cf4112d14fa39c97fa89f 28889ff20f1b2fe0b73f8f97e6569f1d68d77fe436eeb47cc06ee4f0822ff239
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9130
x-amzn-requestid: 09ad3fbb-1e71-4455-82df-6e59f65239a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuxiYEkqIAMFVZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2fa8-1dca116e4317f9bd14f6d45a;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:48:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _Bc2svrG-wX63DK9RPUyjh-n6AHVHaQe3QRmEL27L-amwCH2I_f_9g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:05:17 GMT
age: 46360
etag: "decf26282993d7f0b14cf4112d14fa39c97fa89f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2a6aaf87a867f93dc9268a8b27973b97 f52ccbe6cbced1994acb13a00b05436553b6813e 3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G0R-0w9HtLB5OXb-w-RyR9QCnrddkS29FqF_GeAQa1CRWkqaUJwQoA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:27:53 GMT
age: 45004
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe366b32074025aaf60bbae8bdb08d330 a52c2883bad98fa20333aa639a5dd3a5bf544c8e 9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 04:53:21 GMT
age: 21876
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e690e4c-e16d-49e9-ac12-24a092d6a60c.jpeg | 34.120.237.76 | 200 OK | 8.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e690e4c-e16d-49e9-ac12-24a092d6a60c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha1d6fa4715c4e78250b2f72ddd2706f1 be04ac3a50aa6f1b349a2410ad386d92de3222be d1c3c1b7016428bf2a085b71ca0d1e215a64b3d31ff15b0ef8bf5a78f11d9ae5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e690e4c-e16d-49e9-ac12-24a092d6a60c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8543
x-amzn-requestid: 3dc0960e-97db-42c8-99ac-623a44e8bb3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuv0wGJhIAMFaTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ceb-5ad3ef033a62559762db42b9;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EKWOeGruQEm9HuSlJMiEEw_gN1p37qTTIhYqaiQ6bFaCF65kUfmMtA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:55:01 GMT
age: 46976
etag: "be04ac3a50aa6f1b349a2410ad386d92de3222be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash052cb8827f858f75f0c39dd30a1bd043 047fee4a417462d0602351a092ba7ae98175afd7 01138809419aca77eaf2a223e4743bd127f04386b62a9b5fcd53f932d312fc04
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01138809419ACA77EAF2A223E4743BD127F04386B62A9B5FCD53F932D312FC04"
Last-Modified: Thu, 02 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1670
Expires: Fri, 03 Feb 2023 11:25:48 GMT
Date: Fri, 03 Feb 2023 10:57:58 GMT
Connection: keep-alive
|
|
| www.google-analytics.com/analytics.js | 216.239.38.178 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP216.239.38.178:0
File typeASCII text, with very long lines (1490) Hashca7fbbfd120e3e329633044190bbf134 d17f81e03dd827554ddd207ea081fb46b3415445 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 03 Feb 2023 09:44:08 GMT
expires: Fri, 03 Feb 2023 11:44:08 GMT
cache-control: public, max-age=7200
age: 4430
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| peevishchasingstir.com/sbar.json?key=54425b8e8ac39b56c91d1586d719761f&uuid=8e9a4b9a-39c1-4ac2-ad16-b37da63e593c%3A3%3A1 | 173.233.139.164 | 200 OK | 4.3 kB |
URL HTTP/1.1peevishchasingstir.com/sbar.json?key=54425b8e8ac39b56c91d1586d719761f&uuid=8e9a4b9a-39c1-4ac2-ad16-b37da63e593c%3A3%3A1 IP173.233.139.164:0
File typeJSON data\012- , ASCII text, with very long lines (6159), with no line terminators Hash98059e5511a8920ed1f1891965eade7f 0466145a6d149f1daf31c2f95060954bb2b6f8c7 8272e38d283268b6119cac2d7542bc49e5ffe65b974c1b2cbbf81ee800584110
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /sbar.json?key=54425b8e8ac39b56c91d1586d719761f&uuid=8e9a4b9a-39c1-4ac2-ad16-b37da63e593c%3A3%3A1 HTTP/1.1
Host: peevishchasingstir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javuncen.xyz
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 10:57:58 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://javuncen.xyz
Access-Control-Allow-Origin: https://javuncen.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16479293; expires=Sat, 04 Feb 2023 10:57:57 GMT; secure; SameSite=None
uid_id2=8e9a4b9a-39c1-4ac2-ad16-b37da63e593c:3:1; expires=Fri, 10 Feb 2023 10:57:57 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 10:57:58 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 10:57:58 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 04 Feb 2023 10:57:58 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 04 Feb 2023 10:57:58 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 55a9e9b96460f7a7fa880ce63df7ab60
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| clenchedyouthmatching.com/advertisers.js | 142.0.204.220 | 200 OK | 0 B |
URL HTTP/1.1clenchedyouthmatching.com/advertisers.js IP142.0.204.220:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /advertisers.js HTTP/1.1
Host: clenchedyouthmatching.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 03 Feb 2023 10:57:58 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
|
|
| ocsp.globalsign.com/gseccovsslca2018 | 104.18.20.226 | 200 OK | 940 B |
URL HTTP/1.1ocsp.globalsign.com/gseccovsslca2018 IP104.18.20.226:0
Hashf19be6c6ea6e78ea3623ce688af03b96 1227f36a08300fb1a8b2d3cf435edff76713c915 0e85fd1742cf3ac98a4f5fc95a02655e4741aa3a8cb6878cfc423c38c341de5d
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 10:57:58 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Tue, 07 Feb 2023 07:36:24 GMT
ETag: "1227f36a08300fb1a8b2d3cf435edff76713c915"
Last-Modified: Fri, 03 Feb 2023 07:36:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2919
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793aa612abf3b4f7-OSL
|
|
| mc.yandex.ru/metrika/tag.js |  87.250.251.119 | 200 OK | 74 kB |
URL HTTP/2mc.yandex.ru/metrika/tag.js IP87.250.251.119:0
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (659) Hasha236c7014c1f1a1e52d356f59e5d665a b66c638eb2346287364c37725819bbab1f409d66 ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73769
date: Fri, 03 Feb 2023 10:57:58 GMT
access-control-allow-origin: *
etag: "63c93a4b-12029"
expires: Fri, 03 Feb 2023 11:57:58 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd62d6b1aa5d380b6cdbfae5d3dca5421 f715b643ffd374ace9695098eb3ed3a70de0fde1 04f32494a66d0cd2ed4b1a8078b86edcfca40190fedcf0334d9cd62ca2ca6d19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04F32494A66D0CD2ED4B1A8078B86EDCFCA40190FEDCF0334D9CD62CA2CA6D19"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5962
Expires: Fri, 03 Feb 2023 12:37:20 GMT
Date: Fri, 03 Feb 2023 10:57:58 GMT
Connection: keep-alive
|
|
| peevishchasingstir.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSP2wcRRTGZxOnIQ0gJEQBXAESIHzevb29u42FIkxwZBFsKwlYokHzb8%2BD93ZWM7u3ZyuFRQRKg3SpoFx%2FZ8cCLEQaOqToTINc%2BSiQJTAtPRINDbrzSQev2Pfefq%2F4vW%2Fe53v5OXGR07P19%2FWOimO6EFTdymsbKhG6sJXVuxXPrbqLlQ2VNOqLld74Y7rXPDeouq9Xbkq%2BpRdqrue6nutVlpWRke4tTFSo9Cj0qqFbrdeqXlBHz%2Fy%2Ft7kDSx2I7jl5FkqMrmz%2B%2FBiKD5F0vr8h7Vam0zff7eQxzbRBVxx%2BkGwlukjQmZWRcRAlh9NpaDsi5KtL0MnhdAPo7v54AzA1Is6vHlhyOMUE6x5ckLIYMgETV1F0h5DxEIoOwfV9KHFKAC6wuoak82hVm4JuX6h0rI7I3N9%2FQRUjMvf7c0g63y3Fqle5o%2BM8Uzqx6EUlVG8I1R4izY%2BR7ThQxTF49imUIEg6JZQ4e6UlQ1pnIZ33Q%2B7N1ymvzVPhNeaZ3xS04csg9PnEGqWGUNEQseyD2svIrYNcOcgjB3nqoCPOKjQII9dtRizy%2FVadc%2B77nAethgiEX29FLnI%2BZu8jS%2FvgcR%2Fc7CI1u9hSD09vPoHJn8BulrDCgc0IuqJEIQkKS1BQgkIRFBlB0S0PRGxrtnwkYpszb5pr0%2ByXA5219%2BiBztoyIXvpOXlm4tk%2F2VvYkmeVoF6vBawlW5T7IQsaPPSENwZtemGz4UWwqoSyl0Ctgx01Is%2B%2F8TRSNSJzn70ERo9h42Nw9Spo%2FiJoMWjWXNDNQb3lYic5spmRtGNZNZEZhC6RZleQbTt78Tl5YcJx7WoAyU%2Buf%2FnF2h%2BL4iNwUyI1JT5RPxG04weD27og%2B7d1YcnjtTRTHbVDx%2B96J6OZvPzNe3K70Eas3LD9r9%2FmY2FcHt2VNrtFE6GStiXfLikhpFnWhkvy44rdkGw9t5tLuUny9Nb6O8srndRIa5VOhqDq9MN74GpEnrr38eRiX3aOoMwQJi%2FRyU%2FINKD0EDzdhU1n9FYTmHg2w1IHRV4OTI3NfsaKIJaznrIS9j89m9V79gHaxgHN7k%2FutGtKdOMSNO7D5pcHWWpOrv%2FiTwIsdgYsNs4%2Bi0388MJaq84qMojcSLo1yaKQRU3qijCqh4yGnmyygHrI7Ij%2F9ucP%2FwIAAP%2F%2FAQAA%2F%2F9qhleniQQAAA%3D%3D | 173.233.139.164 | 200 OK | 7 B |
URL HTTP/1.1peevishchasingstir.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSP2wcRRTGZxOnIQ0gJEQBXAESIHzevb29u42FIkxwZBFsKwlYokHzb8%2BD93ZWM7u3ZyuFRQRKg3SpoFx%2FZ8cCLEQaOqToTINc%2BSiQJTAtPRINDbrzSQev2Pfefq%2F4vW%2Fe53v5OXGR07P19%2FWOimO6EFTdymsbKhG6sJXVuxXPrbqLlQ2VNOqLld74Y7rXPDeouq9Xbkq%2BpRdqrue6nutVlpWRke4tTFSo9Cj0qqFbrdeqXlBHz%2Fy%2Ft7kDSx2I7jl5FkqMrmz%2B%2FBiKD5F0vr8h7Vam0zff7eQxzbRBVxx%2BkGwlukjQmZWRcRAlh9NpaDsi5KtL0MnhdAPo7v54AzA1Is6vHlhyOMUE6x5ckLIYMgETV1F0h5DxEIoOwfV9KHFKAC6wuoak82hVm4JuX6h0rI7I3N9%2FQRUjMvf7c0g63y3Fqle5o%2BM8Uzqx6EUlVG8I1R4izY%2BR7ThQxTF49imUIEg6JZQ4e6UlQ1pnIZ33Q%2B7N1ymvzVPhNeaZ3xS04csg9PnEGqWGUNEQseyD2svIrYNcOcgjB3nqoCPOKjQII9dtRizy%2FVadc%2B77nAethgiEX29FLnI%2BZu8jS%2FvgcR%2Fc7CI1u9hSD09vPoHJn8BulrDCgc0IuqJEIQkKS1BQgkIRFBlB0S0PRGxrtnwkYpszb5pr0%2ByXA5219%2BiBztoyIXvpOXlm4tk%2F2VvYkmeVoF6vBawlW5T7IQsaPPSENwZtemGz4UWwqoSyl0Ctgx01Is%2B%2F8TRSNSJzn70ERo9h42Nw9Spo%2FiJoMWjWXNDNQb3lYic5spmRtGNZNZEZhC6RZleQbTt78Tl5YcJx7WoAyU%2Buf%2FnF2h%2BL4iNwUyI1JT5RPxG04weD27og%2B7d1YcnjtTRTHbVDx%2B96J6OZvPzNe3K70Eas3LD9r9%2FmY2FcHt2VNrtFE6GStiXfLikhpFnWhkvy44rdkGw9t5tLuUny9Nb6O8srndRIa5VOhqDq9MN74GpEnrr38eRiX3aOoMwQJi%2FRyU%2FINKD0EDzdhU1n9FYTmHg2w1IHRV4OTI3NfsaKIJaznrIS9j89m9V79gHaxgHN7k%2FutGtKdOMSNO7D5pcHWWpOrv%2FiTwIsdgYsNs4%2Bi0388MJaq84qMojcSLo1yaKQRU3qijCqh4yGnmyygHrI7Ij%2F9ucP%2FwIAAP%2F%2FAQAA%2F%2F9qhleniQQAAA%3D%3D IP173.233.139.164:0
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSP2wcRRTGZxOnIQ0gJEQBXAESIHzevb29u42FIkxwZBFsKwlYokHzb8%2BD93ZWM7u3ZyuFRQRKg3SpoFx%2FZ8cCLEQaOqToTINc%2BSiQJTAtPRINDbrzSQev2Pfefq%2F4vW%2Fe53v5OXGR07P19%2FWOimO6EFTdymsbKhG6sJXVuxXPrbqLlQ2VNOqLld74Y7rXPDeouq9Xbkq%2BpRdqrue6nutVlpWRke4tTFSo9Cj0qqFbrdeqXlBHz%2Fy%2Ft7kDSx2I7jl5FkqMrmz%2B%2FBiKD5F0vr8h7Vam0zff7eQxzbRBVxx%2BkGwlukjQmZWRcRAlh9NpaDsi5KtL0MnhdAPo7v54AzA1Is6vHlhyOMUE6x5ckLIYMgETV1F0h5DxEIoOwfV9KHFKAC6wuoak82hVm4JuX6h0rI7I3N9%2FQRUjMvf7c0g63y3Fqle5o%2BM8Uzqx6EUlVG8I1R4izY%2BR7ThQxTF49imUIEg6JZQ4e6UlQ1pnIZ33Q%2B7N1ymvzVPhNeaZ3xS04csg9PnEGqWGUNEQseyD2svIrYNcOcgjB3nqoCPOKjQII9dtRizy%2FVadc%2B77nAethgiEX29FLnI%2BZu8jS%2FvgcR%2Fc7CI1u9hSD09vPoHJn8BulrDCgc0IuqJEIQkKS1BQgkIRFBlB0S0PRGxrtnwkYpszb5pr0%2ByXA5219%2BiBztoyIXvpOXlm4tk%2F2VvYkmeVoF6vBawlW5T7IQsaPPSENwZtemGz4UWwqoSyl0Ctgx01Is%2B%2F8TRSNSJzn70ERo9h42Nw9Spo%2FiJoMWjWXNDNQb3lYic5spmRtGNZNZEZhC6RZleQbTt78Tl5YcJx7WoAyU%2Buf%2FnF2h%2BL4iNwUyI1JT5RPxG04weD27og%2B7d1YcnjtTRTHbVDx%2B96J6OZvPzNe3K70Eas3LD9r9%2FmY2FcHt2VNrtFE6GStiXfLikhpFnWhkvy44rdkGw9t5tLuUny9Nb6O8srndRIa5VOhqDq9MN74GpEnrr38eRiX3aOoMwQJi%2FRyU%2FINKD0EDzdhU1n9FYTmHg2w1IHRV4OTI3NfsaKIJaznrIS9j89m9V79gHaxgHN7k%2FutGtKdOMSNO7D5pcHWWpOrv%2FiTwIsdgYsNs4%2Bi0388MJaq84qMojcSLo1yaKQRU3qijCqh4yGnmyygHrI7Ij%2F9ucP%2FwIAAP%2F%2FAQAA%2F%2F9qhleniQQAAA%3D%3D HTTP/1.1
Host: peevishchasingstir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javuncen.xyz/
Cookie: u_pl=16479293; uid_id2=8e9a4b9a-39c1-4ac2-ad16-b37da63e593c:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 10:57:58 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 54b27fc0e182f3721429c69e6d1a74f9
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hashdd3ecc2b0ec33bb211d9dbb65094b1f9 ec9bdb65c44665d6d322d816c051fc5d3fe68527 070627370037a357bed7d1ca8af8ee03bb26b10d8a502aec7daddde951428f67
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 10:57:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 17:29:19 GMT
Expires: Tue, 07 Feb 2023 17:29:18 GMT
Etag: "ec9bdb65c44665d6d322d816c051fc5d3fe68527"
Cache-Control: max-age=368479,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793aa6124e4db523-OSL
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 346 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashde26603d2dd53bbc97ab84a98a423fc8 0ef00c310251712fe1993300278436541a835629 a751738f67caaaf0a6be71b9a542dc444fe76fa18cadbaa963090627d01e894d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A751738F67CAAAF0A6BE71B9A542DC444FE76FA18CADBAA963090627D01E894D"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10434
Expires: Fri, 03 Feb 2023 13:51:52 GMT
Date: Fri, 03 Feb 2023 10:57:58 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 346 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashde26603d2dd53bbc97ab84a98a423fc8 0ef00c310251712fe1993300278436541a835629 a751738f67caaaf0a6be71b9a542dc444fe76fa18cadbaa963090627d01e894d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A751738F67CAAAF0A6BE71B9A542DC444FE76FA18CADBAA963090627D01E894D"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10434
Expires: Fri, 03 Feb 2023 13:51:52 GMT
Date: Fri, 03 Feb 2023 10:57:58 GMT
Connection: keep-alive
|
|
| cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/img/close.png | 172.64.167.9 | 200 OK | 2.0 kB |
URL HTTP/2cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/img/close.png IP172.64.167.9:0
File typePNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data Hash2cecae5111d5ff932a996679215ad573 f4c63abb5dc373aba5bc144c3831d98516cc7cc9 31f6aad6a88eca32f245dc6d0e030ef422f306b4f8479855b30e59b6dc134ebc
GET /sb/ssp/in-page_push/os/android/2/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:57:58 GMT
content-type: image/png
content-length: 2005
last-modified: Wed, 11 May 2022 09:01:03 GMT
etag: "627b7b4f-7d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6901619
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EnKQs2NgTZK3O5M3mxmfLZ0JKmUhWReJrwyFl0SUzae1Il19VFBlFoK0ydlgr6XlKpKgIP8WQX%2BGtLsdx%2FkunCjJX2s6qemAXPfpJZfbiXyAl92EcatXuuE8HiBs%2Fm6%2BZE5xm9eW4LiM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793aa615a93671bc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 346 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashde26603d2dd53bbc97ab84a98a423fc8 0ef00c310251712fe1993300278436541a835629 a751738f67caaaf0a6be71b9a542dc444fe76fa18cadbaa963090627d01e894d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A751738F67CAAAF0A6BE71B9A542DC444FE76FA18CADBAA963090627D01E894D"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10434
Expires: Fri, 03 Feb 2023 13:51:52 GMT
Date: Fri, 03 Feb 2023 10:57:58 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash604c3cbda1f304eef93aa15329e8e7ac d9f25abc81500d2740265d4a2b11fa7e2d251d1f 5b0938197333a46575fa5d665e649f70b3268e27d0f3cbcac04065cc70acf9c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B0938197333A46575FA5D665E649F70B3268E27D0F3CBCAC04065CC70ACF9C5"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4324
Expires: Fri, 03 Feb 2023 12:10:02 GMT
Date: Fri, 03 Feb 2023 10:57:58 GMT
Connection: keep-alive
|
|
| cdn.cloudimagesb.com/si/89/9f/8a/899f8a5bb7132795d339610f52f16dad/1667589937.png | 45.133.44.10 | 200 OK | 33 kB |
URL HTTP/2cdn.cloudimagesb.com/si/89/9f/8a/899f8a5bb7132795d339610f52f16dad/1667589937.png IP45.133.44.10:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data Hash2cb2500acb00f247ef19403c3a0f89e1 7c57e8b84b2bb0003810ffae7a14e24869155464 7efcd5082673b787603d2a0b8d768fb26807cf2ab79771a69886a916d0cda3ce
GET /si/89/9f/8a/899f8a5bb7132795d339610f52f16dad/1667589937.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:57:58 GMT
content-type: image/png
content-length: 32763
server: nginx/1.17.6
last-modified: Fri, 04 Nov 2022 19:25:45 GMT
etag: "63656739-7ffb"
expires: Sun, 05 Feb 2023 10:57:58 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/js/script.js | 172.64.167.9 | 200 OK | 16 kB |
URL HTTP/2cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/js/script.js IP172.64.167.9:0
Hash8146975c8d21e7fb590c66b46a92bff5 8b872b73398db8283ae71d9c81eea060e2173931 4aab85a795f8bf91f2b3ea1ccb5a2f303569e56dee346a11eb80fd09d2b1ad5c
GET /sb/ssp/in-page_push/os/android/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javuncen.xyz
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:57:58 GMT
content-type: application/javascript
last-modified: Wed, 11 May 2022 09:01:04 GMT
etag: W/"627b7b50-194"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7C3lLTqwPCG8NICPyoq2aKSiodLxJ54AUxs5eTY4jU7WSf6tL8P%2FjFNrY4qjlx%2BkUL%2F9QRkzFIKQHaHTIkSMFOKUZchRCZe%2BjWZyAKn5e889XzBiXj5P1Qx999SdzAQRsADp94qBDFb0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793aa61578ee71bc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 | 142.250.74.35 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data Hashb9c29351c46f3e8c8631c4002457f48a e57e59c5780995ff2937ab2b511a769212974a87 f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://javuncen.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 10:26:49 GMT
expires: Sun, 28 Jan 2024 10:26:49 GMT
cache-control: public, max-age=31536000
age: 520270
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| akamai-images-content.com/g0go3agrx814_xt.jpg | 104.21.235.172 | 200 OK | 68 kB |
URL HTTP/2akamai-images-content.com/g0go3agrx814_xt.jpg IP104.21.235.172:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 875x495, components 3\012- data Hash66235dd31e421cc97bce18115ed0ce68 0e3a96a6355c8cab38a778ac59127dc36c90dc6a 0b31ba5680ce0dc64d9ef0ac7c82e905f73202d34717a54a61d25fad3e592752
GET /g0go3agrx814_xt.jpg HTTP/1.1
Host: akamai-images-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:57:59 GMT
content-type: image/jpeg
content-length: 67537
last-modified: Wed, 14 Dec 2022 12:23:30 GMT
etag: "6399c042-107d1"
expires: Fri, 17 Feb 2023 10:57:58 GMT
cache-control: max-age=1209600
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FC0NROn75Yh3lnXwv3RdU7Up3ar5OBI8yeLiBxx%2B6c5yYZq61eFvAtWWN3P%2BVKucNy346duXzCGPhgqCKGy1qBDJXvdSOM4B7gWVB3Dl%2BlIR8Or%2FUsEIM4Kqgmvb4xv%2BbiWYEIbWLBLYi6h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793aa606790676ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/style.css | 172.64.167.9 | 200 OK | 1.3 kB |
URL HTTP/2cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/style.css IP172.64.167.9:0
Hash08125e09d3519e1760111e715880cd92 86f2d69fd39d8fdc5e2e984d01a898c5422bc73e 1c10ec5049243d8007cda2718a9e71cc5be24dd70a0f926eb8c9d8ca39b445f5
GET /sb/ssp/in-page_push/os/android/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javuncen.xyz
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:57:58 GMT
content-type: text/css
last-modified: Wed, 11 May 2022 09:01:01 GMT
etag: W/"627b7b4d-126c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFGFifSrpnQ%2B6OmdeKnou%2FOgW7XfqZZzzeDwOFaTAQN%2B4kfa0qOJ27EliZUL6LIVKr7wGP2tjNZ2ewsK8fRKbcAaSnfe3kvlgRpXQ8FyPK9FUhS8qnzq2CasTATni7fDTsCxB5NvOsbl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793aa61578f071bc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/animate.css | 172.64.167.9 | 200 OK | 4.8 kB |
URL HTTP/2cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/animate.css IP172.64.167.9:0
Hash21eb7a65c17a2c22ba104a7ecbf1dc0f ea8c53be54889c7489aed04e30e3eb83af64dec9 090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237
GET /sb/ssp/in-page_push/os/android/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javuncen.xyz
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:57:58 GMT
content-type: text/css
last-modified: Wed, 11 May 2022 09:01:02 GMT
etag: W/"627b7b4e-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=locXriPviU5r%2Bl6Onr8lnoPPCGTR%2FO8e4J71xe0hr3rWv7z4O4Qw%2FJiIZHbBHm7bL6sw69Ko4juH52f5OMtI%2BRBnSi6M1nyUPvnJ4BvaZvg8TOzF395j2ickptvewIzWEVq1HQ3xUoXh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793aa61578e971bc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/metrika/advert.gif | 87.250.251.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/metrika/advert.gif IP87.250.251.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 03 Feb 2023 10:57:59 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Fri, 03 Feb 2023 11:57:59 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| widgets.amung.us/small/55/5533.png | 172.67.8.141 | 200 OK | 332 B |
URL HTTP/2widgets.amung.us/small/55/5533.png IP172.67.8.141:0
File typePNG image data, 80 x 15, 8-bit colormap, non-interlaced\012- data Hasha97a6f89bc8b4dd93569e448d369d859 a9ce112c6899655c44ce7ff427e03c5ea5dc5a99 d4d374febba37dccf02933fcc30f4b802c3be1857cac896de98ac9bb9647c505
GET /small/55/5533.png HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javuncen.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:57:59 GMT
content-type: image/png
content-length: 332
last-modified: Sun, 13 Jun 2010 09:48:34 GMT
etag: "4c14a972-14c"
expires: Thu, 02 Feb 2023 08:53:44 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 180255
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 793aa61b1fe8b4fa-OSL
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1033%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1432989943149%3Ahid%3A574910601%3Az%3A0%3Ai%3A20230203105828%3Aet%3A1675421909%3Ac%3A1%3Arn%3A316804800%3Arqn%3A1%3Au%3A1675421909694967275%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C180%2C162%2C0%2C281%2C0%2C%2C1074%2C5%2C%2C%2C%2C1735%3Aco%3A0%3Ans%3A1675421905879%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675421909%3At%3AStreamSB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 | 87.250.251.119 | 200 OK | 419 B |
URL HTTP/2mc.yandex.ru/watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1033%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1432989943149%3Ahid%3A574910601%3Az%3A0%3Ai%3A20230203105828%3Aet%3A1675421909%3Ac%3A1%3Arn%3A316804800%3Arqn%3A1%3Au%3A1675421909694967275%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C180%2C162%2C0%2C281%2C0%2C%2C1074%2C5%2C%2C%2C%2C1735%3Aco%3A0%3Ans%3A1675421905879%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675421909%3At%3AStreamSB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 IP87.250.251.119:0
File typeJSON data\012- , ASCII text, with very long lines (419), with no line terminators Hash23c3aa997607ecabeecb66ecfc5675cf c7769061743ef4da85a54ca17bafde3bed0a10e8 7a87b16c6c9cc04ecdad49f3f23055742129a838f638b3b70c2b18dd969126c7
GET /watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1033%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1432989943149%3Ahid%3A574910601%3Az%3A0%3Ai%3A20230203105828%3Aet%3A1675421909%3Ac%3A1%3Arn%3A316804800%3Arqn%3A1%3Au%3A1675421909694967275%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C180%2C162%2C0%2C281%2C0%2C%2C1074%2C5%2C%2C%2C%2C1735%3Aco%3A0%3Ans%3A1675421905879%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675421909%3At%3AStreamSB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javuncen.xyz
Referer: https://javuncen.xyz/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Fri, 03 Feb 2023 10:57:59 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://javuncen.xyz
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 03-Feb-2023 10:57:59 GMT
last-modified: Fri, 03-Feb-2023 10:57:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap IP142.250.74.106:0
GET /css2?family=Poppins:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 10:57:56 GMT
date: Fri, 03 Feb 2023 10:57:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| inrhyhorntor.com/500/3766241?excludes=&oaid=eae8c1ccd39a45bdb2d068af8b95f89f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2inrhyhorntor.com/500/3766241?excludes=&oaid=eae8c1ccd39a45bdb2d068af8b95f89f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /500/3766241?excludes=&oaid=eae8c1ccd39a45bdb2d068af8b95f89f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inrhyhorntor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://javuncen.xyz
Connection: keep-alive
Referer: https://javuncen.xyz/
Cookie: OAID=069d8bf4daa34aa49a4338f7ca26adbd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 10:57:57 GMT
content-type: application/javascript
x-trace-id: 28bd3af713c8431028e445d09426d3b0
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://javuncen.xyz
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=eae8c1ccd39a45bdb2d068af8b95f89f; expires=Sat, 03 Feb 2024 10:57:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.barscreative1.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html | 45.133.44.3 | 200 OK | 0 B |
URL HTTP/2cdn.barscreative1.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html IP45.133.44.3:0 ASN#39572 DataWeb Global Group B.V.
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javuncen.xyz
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:57:58 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Tue, 07 Jun 2022 15:37:00 GMT
etag: W/"629f709c-40e"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 03 Feb 2023 11:57:58 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/64815175?wmode=7&page-url=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1033%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1432989943149%3Ahid%3A574910601%3Az%3A0%3Ai%3A20230203105828%3Aet%3A1675421909%3Ac%3A1%3Arn%3A316804800%3Arqn%3A1%3Au%3A1675421909694967275%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C180%2C162%2C0%2C281%2C0%2C%2C1074%2C5%2C%2C%2C%2C1735%3Aco%3A0%3Ans%3A1675421905879%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675421909%3At%3AStreamSB&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) | 87.250.251.119 | 302 Found | 0 B |
URL HTTP/2mc.yandex.ru/watch/64815175?wmode=7&page-url=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1033%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1432989943149%3Ahid%3A574910601%3Az%3A0%3Ai%3A20230203105828%3Aet%3A1675421909%3Ac%3A1%3Arn%3A316804800%3Arqn%3A1%3Au%3A1675421909694967275%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C180%2C162%2C0%2C281%2C0%2C%2C1074%2C5%2C%2C%2C%2C1735%3Aco%3A0%3Ans%3A1675421905879%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675421909%3At%3AStreamSB&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) IP87.250.251.119:0
GET /watch/64815175?wmode=7&page-url=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1033%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1432989943149%3Ahid%3A574910601%3Az%3A0%3Ai%3A20230203105828%3Aet%3A1675421909%3Ac%3A1%3Arn%3A316804800%3Arqn%3A1%3Au%3A1675421909694967275%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C180%2C162%2C0%2C281%2C0%2C%2C1074%2C5%2C%2C%2C%2C1735%3Aco%3A0%3Ans%3A1675421905879%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675421909%3At%3AStreamSB&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javuncen.xyz
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fjavuncen.xyz%2Fd%2Fg0go3agrx814.html&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1033%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1432989943149%3Ahid%3A574910601%3Az%3A0%3Ai%3A20230203105828%3Aet%3A1675421909%3Ac%3A1%3Arn%3A316804800%3Arqn%3A1%3Au%3A1675421909694967275%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C180%2C162%2C0%2C281%2C0%2C%2C1074%2C5%2C%2C%2C%2C1735%3Aco%3A0%3Ans%3A1675421905879%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675421909%3At%3AStreamSB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 03 Feb 2023 10:57:59 GMT
access-control-allow-origin: https://javuncen.xyz
set-cookie: yabs-sid=2303500821675421879; Path=/; SameSite=None; Secure
i=0auwAbhe0JblYIRCOEJYd1d9VnfLxS+NA8f/RniZbxqPNjmkLWSaFN+H5KUvr0vTDZcMQi/I/ni5qHMjKNxV1Isgo8I=; Expires=Mon, 31-Jan-2033 10:57:56 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=5547616981675421879; Expires=Sat, 03-Feb-2024 10:57:59 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5547616981675421879; Expires=Sat, 03-Feb-2024 10:57:59 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706957879.yc.1675421879#1706957879.yrts.1675421879#1706957879.yrtsi.1675421879; Expires=Sat, 03-Feb-2024 10:57:59 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 03-Feb-2023 10:57:59 GMT
last-modified: Fri, 03-Feb-2023 10:57:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| inrhyhorntor.com/400/3766241 | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2inrhyhorntor.com/400/3766241 IP139.45.197.237:0
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /400/3766241 HTTP/1.1
Host: inrhyhorntor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 10:57:56 GMT
content-type: application/javascript
x-trace-id: 62c22ebe25fbef1b65e3ddc1ba018ad1
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=069d8bf4daa34aa49a4338f7ca26adbd; expires=Sat, 03 Feb 2024 10:57:56 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.itskiddien.club/apu.php?zoneid=3785253 | 139.45.197.236 | 200 OK | 0 B |
URL HTTP/2cdn.itskiddien.club/apu.php?zoneid=3785253 IP139.45.197.236:0
GET /apu.php?zoneid=3785253 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 10:57:56 GMT
content-type: application/javascript
x-trace-id: 3a17205fcbd56032a5b5ba7d410cce7d
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=4f8bf3b85e444f2f97e85bd2663e4dca; expires=Sat, 03 Feb 2024 10:57:56 GMT; path=/; secure; SameSite=None
oaidts=1675421876; expires=Sat, 03 Feb 2024 10:57:56 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| whos.amung.us/swidget/streamsbdl | 172.67.8.141 | 307 Temporary Redirect | 0 B |
URL HTTP/2whos.amung.us/swidget/streamsbdl IP172.67.8.141:0
GET /swidget/streamsbdl HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javuncen.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Fri, 03 Feb 2023 10:57:58 GMT
content-type: text/html; charset=UTF-8
location: https://widgets.amung.us/small/55/5533.png
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 793aa613dd4cb4fa-OSL
X-Firefox-Spdy: h2
|
|
| javuncen.xyz/d/g0go3agrx814.html | 172.67.216.112 | 200 OK | 0 B |
URL HTTP/2javuncen.xyz/d/g0go3agrx814.html IP172.67.216.112:0
GET /d/g0go3agrx814.html HTTP/1.1
Host: javuncen.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:57:56 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 02 Feb 2023 10:57:55 GMT
set-cookie: lang=1; domain=.javuncen.xyz; path=/; HttpOnly
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5alakzHxQyFxcwp8HQMExzJZZgvs8KxPBmhgayDfqKNRXTeoMU9Y82NJbmn8PnmIrRbZHkrBB65hyijvjzIW2Uj6cwSiciheIt%2BDhFim1Po87BUn6GxCzk%2BdN14lRw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793aa6042db0b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|