firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 10:12:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EXh3Se9IdHGoSE1rRMmjHXL90n2wAzlAsHrjVECYTcD6ZcOSjntH_g==
Age: 1410
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b0d651d83075c7a68e3c6a9204226150
294785e3f3a67cdd5f1a530b83a2cbd2c2cc0665
17cbb43fd6662576ba3fe8e06cf44247c903c1313cc419053599c41e286a2442
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17CBB43FD6662576BA3FE8E06CF44247C903C1313CC419053599C41E286A2442"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2399
Expires: Sun, 18 Sep 2022 11:15:33 GMT
Date: Sun, 18 Sep 2022 10:35:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 03:30:43 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TVHBd3bagY_ZpYUdpCySiaIfgiiOohSUYBYVwBH8o8pgh14J8Q7_nw==
age: 25491
X-Firefox-Spdy: h2
taraa.xyz/14455383/m.nyaal.com/goto/turb.pw/jnyi7NCuzFx8.rar
172.67.223.164200 OK 5.0 kB URL HTTP/1.1 taraa.xyz/14455383/m.nyaal.com/goto/turb.pw/jnyi7NCuzFx8.rar
IP 172.67.223.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 14aefaed3e7524b087175d4cfa3a5647
5d46a5dd18d2020bb8cf5faa5ea9630d1cf251a7
3f9ac54416e6f95b98862c2bd94532a84572293ccdcb459f396566921fba02a4
GET /14455383/m.nyaal.com/goto/turb.pw/jnyi7NCuzFx8.rar HTTP/1.1
Host: taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: adfly
strict-transport-security: max-age=0
p3p: policyref="http://adult.xyz/w3c/p3p_adult.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 18 Sep 2022 10:35:34 GMT
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Set-Cookie: FLYSESSID=a6rlvb0iqvv9hb36hivmt3dl6s; path=/; HttpOnly; SameSite=Lax
yp1=d6d3afbab59b819343f48548849260a7; expires=Mon, 19-Sep-2022 10:35:34 GMT; Max-Age=86400; path=/; domain=.taraa.xyz
yp2=530aaadfbd2c81e5bb513d9e6446395b; expires=Mon, 19-Sep-2022 10:35:34 GMT; Max-Age=86400; path=/; domain=.taraa.xyz
yp3=1532635802; expires=Mon, 19-Sep-2022 10:35:34 GMT; Max-Age=86400; path=/; domain=.taraa.xyz
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cC8WI6eQn6VdY%2BOQ5Dbxs6QPCFkL%2FHIT2w1nSlGi26dkhx1mEdRpioEzoWS12zAn0asZwKljAzoBvjvo%2Fci2g%2B%2FmqTWJIWmS7dBICq3sn%2BT1NcrkXyKIOCElIkY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74c96f825817b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:35:34 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdn.taraa.xyz/static/js/view118_bidshow.js
104.21.38.143200 OK 4.0 kB URL HTTP/1.1 cdn.taraa.xyz/static/js/view118_bidshow.js
IP 104.21.38.143:0
File type ASCII text, with very long lines (10991), with no line terminators
Hash 966f84aff8b7893cbf2b87da5a27f8a9
695e0fcb64fc820db2ca76e808136a3762ea3673
25c6680edff77f84bc5606fdd9f06116ec800f29173528135cb74d564f2732f9
GET /static/js/view118_bidshow.js HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/14455383/m.nyaal.com/goto/turb.pw/jnyi7NCuzFx8.rar
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:34 GMT
Content-Type: application/x-javascript
Content-Length: 4024
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:34:39 GMT
last-modified: Wed, 24 Aug 2022 10:51:38 GMT
etag: "2aef-630602ba-3bacd69da000f03;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 55
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YoHxwq7No59K5Xt3dYFOKQGxBt6TXNDMzpuHegfpxHiINS4M2ZlAUPJYaW6EC7%2BFvObztMPxoMDRzlrjzZZ78dctHn7PpmiRvOCACniFAU5ELJSApe7ADWEiSwKcAdMp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74c96f8508d50b41-OSL
alt-svc: h2=":443"; ma=60
cdn.taraa.xyz/static/css/adult/ad_default_2.css
104.21.38.143200 OK 1.0 kB URL HTTP/1.1 cdn.taraa.xyz/static/css/adult/ad_default_2.css
IP 104.21.38.143:0
File type ASCII text, with very long lines (3019), with no line terminators
Hash d71a21fe5c3144380a86fc92b3a1b1d8
2b38d6a0bc14cc7009813432a32be8fc33a6988d
89be7bfc0e11317964a8e7ea64c4a826393eeff08f373556628c1ddf8d03d475
GET /static/css/adult/ad_default_2.css HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/14455383/m.nyaal.com/goto/turb.pw/jnyi7NCuzFx8.rar
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:34 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=4230
cache-control: public, max-age=604800
etag: W/"1086-5faa60e6-1f0baddc216b902a;gz"
expires: Sun, 25 Sep 2022 10:34:39 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 55
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMKNOkV3xKA5PVjM18lTlqUJO59jpRvaOGBrlnmviYH6TnVLSUNRrQrQ1RsAo7tHNn6MU1t0OAgO%2BJb4slnutbn%2FISX7STt7sbs%2BIGpBBgXcL3E5pF9fXDRofqqzRJuv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74c96f84fae5fab4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
a.realsrv.com/ad-provider.js
205.185.216.42200 OK 24 kB URL HTTP/1.1 a.realsrv.com/ad-provider.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 46504668ecf4671f582f5ba93a2f3c6b
8b165c478da3dd4fd4df3b40745733049b5acb0c
5230c0e2745fedbf038f97e374a5b6ea033434301aa86ec545eae37b29350799
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:34 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 23726
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"2bf044048f482551901a41a7444"
X-HW: 1663497334.dop215.sk1.t,1663497334.cds207.sk1.c
Access-Control-Allow-Origin: *, *
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
142.250.74.138200 OK 33 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP 142.250.74.138:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0
GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33333
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 14 Sep 2022 08:25:28 GMT
Expires: Thu, 14 Sep 2023 08:25:28 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 353406
cdn.taraa.xyz/static/js/main.js?v=2022052901
104.21.38.143200 OK 705 B URL HTTP/1.1 cdn.taraa.xyz/static/js/main.js?v=2022052901
IP 104.21.38.143:0
Hash 5d2f026c4af9cf86a2ecb368dc1533d6
376ce5a73144b00dd162aa8524ac856b8db7a33e
0fd907185fe7d7610498d8d487449707fe4949c5c89a1028da380d2e5e862c3d
GET /static/js/main.js?v=2022052901 HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/14455383/m.nyaal.com/goto/turb.pw/jnyi7NCuzFx8.rar
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:34 GMT
Content-Type: application/x-javascript
Content-Length: 705
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:31:01 GMT
last-modified: Sun, 29 May 2022 07:10:19 GMT
etag: "7a0-62931c5b-8cbcca2019146215;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzcl5%2Bg0pzzxNnVzC2fwk7hNKyr0BLADQvNrVVTV0i7%2BUN3OmrnZ1v5%2BA28Jruo0fvrawQ0XA7izd3gdQkXpQFe2uICAzBmVCyNqt49%2FOFA0gmgkhiuHOSxn0pwkSgOB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74c96f850eddb503-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 18 Sep 2022 10:00:54 GMT
Expires: Sun, 18 Sep 2022 10:57:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cfvj5hLfq7AYvofkgE_4nc0pd1T--L-7TrmzRVIU9K14anDud8msAQ==
Age: 2080
d3t5ngjixpjdho.cloudfront.net/?jgntd=788614
54.230.245.220200 OK 36 kB URL HTTP/1.1 d3t5ngjixpjdho.cloudfront.net/?jgntd=788614
IP 54.230.245.220:0
File type Unicode text, UTF-8 text, with very long lines (15478)
Hash 5a9d72d018278919c2974f6b6ba703d2
beba5d43323ff2a25b8a92a2c7b528576296e1c8
2ac0ab13e4ce5d45def1f7c020d86abe6fed4ecdb5962b6caacc7f49e5a0d586
GET /?jgntd=788614 HTTP/1.1
Host: d3t5ngjixpjdho.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Content-Length: 36038
Connection: keep-alive
Date: Sun, 18 Sep 2022 10:35:34 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kvCl2iUnlNg-v4OCW0DE5bFDCoIoOWoS46-8rnHovkZ6gQ9hewx18Q==
cdn.taraa.xyz/static/image/logo_fb2.png
104.21.38.143200 OK 6.3 kB URL HTTP/1.1 cdn.taraa.xyz/static/image/logo_fb2.png
IP 104.21.38.143:0
File type PNG image data, 193 x 98, 8-bit colormap, non-interlaced\012- data
Hash 84a673a878949a7a8410199f5f8ea220
49cbc367cd9e0943df6d6e2180bb9a5771dbb208
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3
GET /static/image/logo_fb2.png HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/14455383/m.nyaal.com/goto/turb.pw/jnyi7NCuzFx8.rar
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:35 GMT
Content-Type: image/png
Content-Length: 6283
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:34:40 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "188b-5faa60e6-48354ceeda0c07b3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 55
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qODXjp7E1EE3O%2BGJDLaQmeyNju2dnrOUIn3U16F0FisAQTzWL3znYQ4wiPQJlHWcfhk1VV2UvmwzErDuot73VFwily9JLw4YBfNNi34GL6fddk1cRehAJLSEkIu9ZOGF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96f87eac6b503-OSL
alt-svc: h2=":443"; ma=60
cdn.taraa.xyz/static/image/adult/logo.png
104.21.38.143200 OK 6.6 kB URL HTTP/1.1 cdn.taraa.xyz/static/image/adult/logo.png
IP 104.21.38.143:0
File type PNG image data, 185 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash eba85b03dac77520a465167b5342cd8b
c262160125e6852f36eadfaaa114c22ec2637f63
24db3841268bf9a96b73062bf2a7d6e44b032fe0b842f6dea7889b86bd044d3f
GET /static/image/adult/logo.png HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/14455383/m.nyaal.com/goto/turb.pw/jnyi7NCuzFx8.rar
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:35 GMT
Content-Type: image/png
Content-Length: 6603
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:34:40 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "19cb-5faa60e6-9e10d0de5235b15d;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 55
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twDiePpUss487HGOMd5VUkloLKlP62ovPIuYwR%2FckcXovC%2B8yOUfXEASn8V%2FKvnTcKTvsv6AmNNNeHHw3j6B%2BQsOq0vRl9o3FBaoBsZN0%2BayW%2Bg6l5lOCs%2BICrWa0yNo"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96f87ecf0fab4-OSL
alt-svc: h2=":443"; ma=60
cdn.taraa.xyz/static/image/spinner.gif
104.21.38.143200 OK 36 kB URL HTTP/1.1 cdn.taraa.xyz/static/image/spinner.gif
IP 104.21.38.143:0
File type GIF image data, version 89a, 39 x 39\012- data
Hash 2055f195780b3e4c71b97c95fa97eab0
36c1138bdcccf116f1b9ee9effa3e5d13f1e6161
0a607f27600e85addcfd1415ee611a370a30dce3f53ac200d3e0e25d2bdc5157
GET /static/image/spinner.gif HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/14455383/m.nyaal.com/goto/turb.pw/jnyi7NCuzFx8.rar
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:35 GMT
Content-Type: image/gif
Content-Length: 35453
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:34:40 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "8a7d-5faa60e6-3361a662be6e6961;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 55
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ykZyUpaPJXjX%2FzPdWN0sh%2Bq8lbXhUZ%2BwPzy2H6cG5ppSnVF1iUMXy%2FMwQn0ZEhdF7xleQGIzKYfxWvMppjTdUVjVEvhcJmQQKkDfal6Q9IHc3YtGQYr%2F2RkY4zhUwH7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96f87ebad0b41-OSL
alt-svc: h2=":443"; ma=60
cdn.taraa.xyz/static/image/delete2.png
104.21.38.143200 OK 577 B URL HTTP/1.1 cdn.taraa.xyz/static/image/delete2.png
IP 104.21.38.143:0
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a612b41ba5d1cad10ae4c6660d8fda4
4006ab2bfe338d2d1f060c0486bad8e1b589ba44
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43
GET /static/image/delete2.png HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/14455383/m.nyaal.com/goto/turb.pw/jnyi7NCuzFx8.rar
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:35 GMT
Content-Type: image/png
Content-Length: 577
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:34:40 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "241-5faa60e6-657b5e5638f6aacc;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 55
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfm7JS4Wh0%2B609DHKs968yxlT7OUa5Z8f8n7ntYU9NCs05XoVlib7qxNyOQONXhs3ziatkOqSmgO5BXa%2Bw1m0lte5mbmyknm1a%2FdGzBU6bcor9gG7jd60%2Bh23bZtDxaE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96f87ebfcb515-OSL
alt-svc: h2=":443"; ma=60
taraa.xyz/js/display.js
172.67.223.164200 OK 5.8 kB IP 172.67.223.164:0
File type ASCII text, with very long lines (15999)
Hash e149217d65efcf53cc382af7c60f461c
6de97c3f773cf9b21e4373097f5f5cddf37d872e
4d30ac5f2c0ab10e25b4c39eb646e9cb86d66394775d77ba7b88a34720f85b27
GET /js/display.js HTTP/1.1
Host: taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/14455383/m.nyaal.com/goto/turb.pw/jnyi7NCuzFx8.rar
Connection: keep-alive
Cookie: FLYSESSID=a6rlvb0iqvv9hb36hivmt3dl6s; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:35 GMT
Content-Type: application/x-javascript
Content-Length: 5775
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:34:40 GMT
last-modified: Thu, 29 Jul 2021 14:08:58 GMT
etag: "3e81-6102b67a-b080f0a7a094466b;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 55
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pv3f3KBZ7%2FwqHNUBUCGqDucEjS0AwWeGkWX0xp%2FcS1VpybBUEOPMXWzLv0wS7%2B1obsa4ymxM71A8NYLx9l6V7NY5ZxPkvshj%2FtSAca07zRHsh4FbC6fJkT9NpPk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74c96f883ed0b524-OSL
alt-svc: h2=":443"; ma=60
nadiingsinsp.one/popunder.gif
104.21.19.218200 OK 58 B URL HTTP/1.1 nadiingsinsp.one/popunder.gif
IP 104.21.19.218:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 79c15b369d32d2f0f17c116f541b6df3
3039289d4d1f5bc7385a81621deb2614423b769b
e3a3c6b90f511e80a77636fdd4c6047336d4ed5b2c86adf74318a08142649e08
GET /popunder.gif HTTP/1.1
Host: nadiingsinsp.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:35 GMT
Content-Type: image/gif
Content-Length: 58
Connection: keep-alive
access-control-allow-origin: *
Pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
CF-Cache-Status: HIT
Age: 4114
Last-Modified: Sun, 18 Sep 2022 09:27:01 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovOSQUEh%2Bu7BaqIFrVFlnm4WWPcUeWjhhiGxPK3CQdbMPbOlj%2FrCBzvv4EYJt4OS2NDgNs0hCWn3LXxPk0haGEO9MoIVKKKDrXTjn%2FX8gDi2ovr71%2BwjLxtfdyzR%2FCFBIe2v"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96f883f19b506-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c7766b6a996c1294adcb11685b4cabd
5912e68d7fa6cdf821804b10cf623aa19d0703c6
bfbf9ce03cff63e709803f1b127a591ce0ff41f9d9a9b423b0fccd17afb21201
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BFBF9CE03CFF63E709803F1B127A591CE0FF41F9D9A9B423B0FCCD17AFB21201"
Last-Modified: Sun, 18 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17465
Expires: Sun, 18 Sep 2022 15:26:40 GMT
Date: Sun, 18 Sep 2022 10:35:35 GMT
Connection: keep-alive
cdn.taraa.xyz/static/image/d_top_bg.png
104.21.38.143200 OK 156 B URL HTTP/1.1 cdn.taraa.xyz/static/image/d_top_bg.png
IP 104.21.38.143:0
File type PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Hash 106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
GET /static/image/d_top_bg.png HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/14455383/m.nyaal.com/goto/turb.pw/jnyi7NCuzFx8.rar
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:35 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:34:40 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-4968c22d9bbfac4c;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 55
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPtPkZ0JcrWW%2BSt%2BYmt5qS4VB%2BvHMzQGDOLtSUDhJa0w9ZWsrh%2B6frXI3U7CafIi8jaOuCYaeJQz%2FQUgBNW2E%2BL8SX5DB8uEZQeY7Vq1hp3OWNqDtm5EvrYbOG9j4EQ3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96f886c630b41-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1696
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:35:35 GMT
Last-Modified: Sun, 18 Sep 2022 10:07:19 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
cdn.taraa.xyz/static/image/ad_top_bg2.png?&ad_box_=1
104.21.38.143200 OK 156 B URL HTTP/1.1 cdn.taraa.xyz/static/image/ad_top_bg2.png?&ad_box_=1
IP 104.21.38.143:0
File type PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Hash 106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
GET /static/image/ad_top_bg2.png?&ad_box_=1 HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/14455383/m.nyaal.com/goto/turb.pw/jnyi7NCuzFx8.rar
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:35 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:35:35 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-616091c58406c4e2;;;"
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4NgwAP18cAFtXTJFY%2Fhh7RApbjPfRJV4GgYL3c3PqBony1qk9XVGFpvkCKjrtXzV9zBRhbMGXSomLsGeZNTalS%2FT7KfTR%2F4eodzRplNkbkBgsBhuSHJjswKq24VsKPO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96f87ed7c0b39-OSL
alt-svc: h2=":443"; ma=60
nadiingsinsp.one/VnhPUDB5RywjDRgUDWFVATEOCWUcMRgnVDEsGhZmFxUNFmRnF2kkWTJFeGgIYEl7dkA/HHJiCXALOzFEIwtyYRY/Fik/DXAOcmEeZlZ6aR5nXjptAXAMPzFXa0lpIEQiFHJhBmBLe2kHZUl5aAhj
104.21.19.218204 No Content 0 B URL HTTP/2 nadiingsinsp.one/VnhPUDB5RywjDRgUDWFVATEOCWUcMRgnVDEsGhZmFxUNFmRnF2kkWTJFeGgIYEl7dkA/HHJiCXALOzFEIwtyYRY/Fik/DXAOcmEeZlZ6aR5nXjptAXAMPzFXa0lpIEQiFHJhBmBLe2kHZUl5aAhj
IP 104.21.19.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /VnhPUDB5RywjDRgUDWFVATEOCWUcMRgnVDEsGhZmFxUNFmRnF2kkWTJFeGgIYEl7dkA/HHJiCXALOzFEIwtyYRY/Fik/DXAOcmEeZlZ6aR5nXjptAXAMPzFXa0lpIEQiFHJhBmBLe2kHZUl5aAhj HTTP/1.1
Host: nadiingsinsp.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://taraa.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 18 Sep 2022 10:35:35 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4h1fsybMrOFszOVoKv6JS4%2FcX9TZaxJLIKYl51qvtiDw6r6LVd879EqKiedycvxMNv3vM%2BOz5%2FALHLnT6VRFfzSveVxd0SR30s7d5bXLnJsgbLQQ9NvepeoTLd3WBEEfQmne"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74c96f885e03b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c7766b6a996c1294adcb11685b4cabd
5912e68d7fa6cdf821804b10cf623aa19d0703c6
bfbf9ce03cff63e709803f1b127a591ce0ff41f9d9a9b423b0fccd17afb21201
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BFBF9CE03CFF63E709803F1B127A591CE0FF41F9D9A9B423B0FCCD17AFB21201"
Last-Modified: Sun, 18 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17465
Expires: Sun, 18 Sep 2022 15:26:40 GMT
Date: Sun, 18 Sep 2022 10:35:35 GMT
Connection: keep-alive
usinesmycete.xyz/bnh3d20PGhQaUg9FFVEYHBRKUl8oXUUxCV0MQhkKBBEPBwcKEBhZDgIXAhMLHBcZA0MAHQNSXyhBOSA4WjYxMTotFC0kDwU9Oi8sAhUzIV0hOiAiOSpIAxU9Xi4uFQMJCiIzN10pJAQsKEkuJCc7QDU1PDxLICY/OS1FADkvPi0vDy8qMyA7LwI0MSgLKTQxDCofISMkKBcvIQENXUUxOD82EzIEPC0gMTsMM0YAJzg+IUcvFzU5MAArKSEACg0zJiU4JikUIygoGz4gKQYaMjIsPCEAIgkvOT44LF89EzUVIykhAAUpMg81OgspRhkqXy0lMjojPjYbQF8gOBsdLzsZPQcsLiY+Lyk5MSEvXj8uISAjKxsyXjkQRxMvBhs6IhU3PRNHLzc7JlEHHRcZB1A4NA0SPiENDUIfAA
143.204.55.45200 OK 1.2 kB URL HTTP/1.1 usinesmycete.xyz/bnh3d20PGhQaUg9FFVEYHBRKUl8oXUUxCV0MQhkKBBEPBwcKEBhZDgIXAhMLHBcZA0MAHQNSXyhBOSA4WjYxMTotFC0kDwU9Oi8sAhUzIV0hOiAiOSpIAxU9Xi4uFQMJCiIzN10pJAQsKEkuJCc7QDU1PDxLICY/OS1FADkvPi0vDy8qMyA7LwI0MSgLKTQxDCofISMkKBcvIQENXUUxOD82EzIEPC0gMTsMM0YAJzg+IUcvFzU5MAArKSEACg0zJiU4JikUIygoGz4gKQYaMjIsPCEAIgkvOT44LF89EzUVIykhAAUpMg81OgspRhkqXy0lMjojPjYbQF8gOBsdLzsZPQcsLiY+Lyk5MSEvXj8uISAjKxsyXjkQRxMvBhs6IhU3PRNHLzc7JlEHHRcZB1A4NA0SPiENDUIfAA
IP 143.204.55.45:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3016), with no line terminators
Hash f26a46d9bab051afeee228c67055d87a
74f58a869b76bc9a5a771d235bc75c0f99446ad2
47ccffe74eb4e74ff7070afa6ebcc3d92d2f2f2647fe43a6bf9c724f4ea8137f
GET /bnh3d20PGhQaUg9FFVEYHBRKUl8oXUUxCV0MQhkKBBEPBwcKEBhZDgIXAhMLHBcZA0MAHQNSXyhBOSA4WjYxMTotFC0kDwU9Oi8sAhUzIV0hOiAiOSpIAxU9Xi4uFQMJCiIzN10pJAQsKEkuJCc7QDU1PDxLICY/OS1FADkvPi0vDy8qMyA7LwI0MSgLKTQxDCofISMkKBcvIQENXUUxOD82EzIEPC0gMTsMM0YAJzg+IUcvFzU5MAArKSEACg0zJiU4JikUIygoGz4gKQYaMjIsPCEAIgkvOT44LF89EzUVIykhAAUpMg81OgspRhkqXy0lMjojPjYbQF8gOBsdLzsZPQcsLiY+Lyk5MSEvXj8uISAjKxsyXjkQRxMvBhs6IhU3PRNHLzc7JlEHHRcZB1A4NA0SPiENDUIfAA HTTP/1.1
Host: usinesmycete.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1171
Connection: keep-alive
Date: Sun, 18 Sep 2022 10:35:35 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cmD-tTtvKvT7Y5NZKjuFENaeOxY2El_j-0l7AO-4JKlZWXXak5FKKQ==
syndication.realsrv.com/v1/api.php
95.211.229.248200 OK 1.1 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (1546), with no line terminators
Hash ec5ad537e56d5c35f00e5e25d1033047
8d7f6b5602691796b10d0d9931bc9b9ce77261eb
9693c5344b21cc4580e488d506a39fd88fee1a5a2227faaa14b54c11e29be27e
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 299
Origin: http://taraa.xyz
Connection: keep-alive
Referer: http://taraa.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:35 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://taraa.xyz
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
taraa.xyz/2market_bidshow.php?user_id=14455383&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=http%3A%2F%2Fm.nyaal.com%2Fgoto%2Fturb.pw%2Fjnyi7NCuzFx8.rar&url_id=0&t=27dd56fbd0bb6f0a11152bdb8611d663&w=3488e64db1de24a4485e24962ed580c3
172.67.223.164200 OK 150 B URL HTTP/1.1 taraa.xyz/2market_bidshow.php?user_id=14455383&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=http%3A%2F%2Fm.nyaal.com%2Fgoto%2Fturb.pw%2Fjnyi7NCuzFx8.rar&url_id=0&t=27dd56fbd0bb6f0a11152bdb8611d663&w=3488e64db1de24a4485e24962ed580c3
IP 172.67.223.164:0
File type JSON data\012- , ASCII text
Hash 15e7b14787ede9d344952f0295ac38b3
6cab1d6779fda6e417a36ed5edc70da5e28e1887
2e48f7eddbe89be6badf876ee6560baad495a9a4b73807709904367ec9dfea1b
GET /2market_bidshow.php?user_id=14455383&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=http%3A%2F%2Fm.nyaal.com%2Fgoto%2Fturb.pw%2Fjnyi7NCuzFx8.rar&url_id=0&t=27dd56fbd0bb6f0a11152bdb8611d663&w=3488e64db1de24a4485e24962ed580c3 HTTP/1.1
Host: taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/14455383/m.nyaal.com/goto/turb.pw/jnyi7NCuzFx8.rar
Connection: keep-alive
Cookie: FLYSESSID=a6rlvb0iqvv9hb36hivmt3dl6s; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:35 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.27
set-cookie: adult_ad_report=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
adult_1149829=4230549; expires=Mon, 19-Sep-2022 10:35:35 GMT; Max-Age=86400; path=/; domain=adult.xyz
market_1149829=4230549; expires=Sun, 18-Sep-2022 10:36:35 GMT; Max-Age=60; path=/
adult_ad_report=1149829_4230549; expires=Sun, 18-Sep-2022 10:45:35 GMT; Max-Age=600
p3p: policyref="http://adult.xyz/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4lYZT866jZ7tUgHZNj6wguQB8Qu3PGDAUpR3P4V%2BbXls19mQizPMPAOvm%2F77KKMZXJ5PKGf9ZGraPke0sR9WLGITkEkzRcCeh3PakQRJwmFB%2BFBsdoCu4uhCqM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74c96f885f01b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
34.215.91.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.91.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PqEEVD7k3euzO0Yv6phd6g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: COipDe3v48Uwpa8J4wi3Dnp1Tek=
cdn.taraa.xyz/static/image/adult/favicon.ico
104.21.38.143200 OK 596 B URL HTTP/1.1 cdn.taraa.xyz/static/image/adult/favicon.ico
IP 104.21.38.143:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 7c18a455efe09bb6a68e2de2e62e3270
74b9c6be7c12575ef8895c440354d1121d5f4a44
07b870872353c4d4f5c56b4ee7b42f462156377375691ebe973374a19ecdc3ea
GET /static/image/adult/favicon.ico HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/14455383/m.nyaal.com/goto/turb.pw/jnyi7NCuzFx8.rar
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:35 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:34:40 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: W/"3b3-5faa60e6-1d5653e30c9ea0ec;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 55
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CrpRC4UCJ0CgQ1%2Fmjq8QVi%2BxQDbiwp0FtjAPLxzRRMy1kztin9roIYP3rfqSVQeeCjuQNGgNaUiNDAiCCsp1qdIe2DQ0CyJwIEJLojCwvSl6rU4%2FrrxJNxmvNFZCkB4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96f8abf90fab4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.google-analytics.com/ga.js
142.250.74.174200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Sun, 18 Sep 2022 09:04:57 GMT
Expires: Sun, 18 Sep 2022 11:04:57 GMT
Cache-Control: public, max-age=7200
Age: 5438
Last-Modified: Wed, 13 Apr 2022 21:02:38 GMT
Content-Type: text/javascript
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 36d81c25a61ec123200fc144e8e74c50
51bb91ce0fb3d7ac9c173294afead1edf82f0207
c4d7a8b85d12226901897cfca65837f545d00fa10ba9e2ef37de252bbb3194ee
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C4D7A8B85D12226901897CFCA65837F545D00FA10BA9E2EF37DE252BBB3194EE"
Last-Modified: Sat, 17 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2993
Expires: Sun, 18 Sep 2022 11:25:28 GMT
Date: Sun, 18 Sep 2022 10:35:35 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 36d81c25a61ec123200fc144e8e74c50
51bb91ce0fb3d7ac9c173294afead1edf82f0207
c4d7a8b85d12226901897cfca65837f545d00fa10ba9e2ef37de252bbb3194ee
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C4D7A8B85D12226901897CFCA65837F545D00FA10BA9E2EF37DE252BBB3194EE"
Last-Modified: Sat, 17 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2993
Expires: Sun, 18 Sep 2022 11:25:28 GMT
Date: Sun, 18 Sep 2022 10:35:35 GMT
Connection: keep-alive
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02OwU4EMQiGX8UX2AlQoMWzZ000PkBntp6MB91NZs3/8NIxJvKVUKD8RUjkRHHidkd+XywPgpegRWVhUzw+PUMZ/Xx9vyz77RtF1atDVUICzZyjQl3C3WHUUKpWmjUirWIFbCigJBNVsBQ1SgMtxN4QhNeXh8M5UQGH7OmZzO8hhBwD7VMk2IgHcaXWxTRa487G423o1jaaCoRL/+z9WJd+WSS3yZb8FZITHyGNcNz61+1jA/49mdgxlLqqM0QbUb1yrGPlTVWtVdJ1nN03H8N/AKdX78hSAQAA
95.211.229.248200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02OwU4EMQiGX8UX2AlQoMWzZ000PkBntp6MB91NZs3/8NIxJvKVUKD8RUjkRHHidkd+XywPgpegRWVhUzw+PUMZ/Xx9vyz77RtF1atDVUICzZyjQl3C3WHUUKpWmjUirWIFbCigJBNVsBQ1SgMtxN4QhNeXh8M5UQGH7OmZzO8hhBwD7VMk2IgHcaXWxTRa487G423o1jaaCoRL/+z9WJd+WSS3yZb8FZITHyGNcNz61+1jA/49mdgxlLqqM0QbUb1yrGPlTVWtVdJ1nN03H8N/AKdX78hSAQAA
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02OwU4EMQiGX8UX2AlQoMWzZ000PkBntp6MB91NZs3/8NIxJvKVUKD8RUjkRHHidkd+XywPgpegRWVhUzw+PUMZ/Xx9vyz77RtF1atDVUICzZyjQl3C3WHUUKpWmjUirWIFbCigJBNVsBQ1SgMtxN4QhNeXh8M5UQGH7OmZzO8hhBwD7VMk2IgHcaXWxTRa487G423o1jaaCoRL/+z9WJd+WSS3yZb8FZITHyGNcNz61+1jA/49mdgxlLqqM0QbUb1yrGPlTVWtVdJ1nN03H8N/AKdX78hSAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://taraa.xyz
Connection: keep-alive
Referer: http://taraa.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://taraa.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226326f4778258d0.41940007240378249%22%3B%7D; expires=Tue, 17 Sep 2024 10:35:35 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%226326f4778258d0.41940007240378249%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Tue, 17 Sep 2024 10:35:35 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/images/close-icon.svg
185.76.9.19200 OK 190 B URL HTTP/1.1 s3t3d2y8.afcdn.net/images/close-icon.svg
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 45f51fdb3b9a323b19de207d8cea263a
07d30be9e7a83815dbe2984bd73971dc6c84081d
5ff2dc9d0193e409ebc640da00b1451d42e74af53d16d0083662d83dbce7ef35
GET /images/close-icon.svg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:35 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 13:13:10 GMT
ETag: W/"62bc4fe6-109"
Expires: Fri, 30 Jun 2023 18:46:40 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
X-Cache-OP: HIT
X-Accel-Expires: @1688195206
Server: CDN77-Turbo
X-77-NZT: AblMCQ1Is5r/cVdoAA
X-77-NZT-Ray: lf6VFZoa3ss
X-Cache: HIT
X-Age: 6838129
X-77-POP: stockholmSE
X-77-Cache: HIT
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/344676/8d56c5a4dc87f994b32a34cacb64fce1a8c10500.webp
185.76.9.19200 OK 3.2 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/344676/8d56c5a4dc87f994b32a34cacb64fce1a8c10500.webp
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c5b9eaabdf9d87a060447b064ce3fc15
8d56c5a4dc87f994b32a34cacb64fce1a8c10500
b1341b48d5719e5dd1b7a5ec8bb9b5748c26c0741aa6d2b12bb2344f77a131a0
GET /library/344676/8d56c5a4dc87f994b32a34cacb64fce1a8c10500.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://taraa.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:35 GMT
content-type: image/webp
content-length: 3208
last-modified: Wed, 03 Nov 2021 16:40:42 GMT
etag: "6182bb8a-c88"
expires: Fri, 30 Jun 2023 11:21:04 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195364
server: CDN77-Turbo
x-77-nzt: AblMCQ0m24H/01ZoAA
x-77-nzt-ray: E/CajxpAJLc
x-cache: HIT
x-age: 6837971
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 36d81c25a61ec123200fc144e8e74c50
51bb91ce0fb3d7ac9c173294afead1edf82f0207
c4d7a8b85d12226901897cfca65837f545d00fa10ba9e2ef37de252bbb3194ee
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C4D7A8B85D12226901897CFCA65837F545D00FA10BA9E2EF37DE252BBB3194EE"
Last-Modified: Sat, 17 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2993
Expires: Sun, 18 Sep 2022 11:25:28 GMT
Date: Sun, 18 Sep 2022 10:35:35 GMT
Connection: keep-alive
d3t5ngjixpjdho.cloudfront.net/9NWU4NFFWClZSbkEMXAlmDV0OBWUTD0tbP0VYbngrUDZ3QSsAF1YSJU8BBQR3WQRWU2wTAFZXbARDWVAzCFEeQCFaDgVTIFoXVlc/UQNdEiRUWFVbK1wJVFV0ByMNGmEQVwgcKQRUHQcTEFcIWDhbEEARYwUdAAIOA1EdBxMQVwhGJxBWeQ1nG1UREWMFAl-1XOlpACnJjBVQIBGAFVB0GYVMMSlE3Wh0dBhcMUxYEd0BYCQ
54.230.245.220200 OK 454 B URL HTTP/1.1 d3t5ngjixpjdho.cloudfront.net/9NWU4NFFWClZSbkEMXAlmDV0OBWUTD0tbP0VYbngrUDZ3QSsAF1YSJU8BBQR3WQRWU2wTAFZXbARDWVAzCFEeQCFaDgVTIFoXVlc/UQNdEiRUWFVbK1wJVFV0ByMNGmEQVwgcKQRUHQcTEFcIWDhbEEARYwUdAAIOA1EdBxMQVwhGJxBWeQ1nG1UREWMFAl-1XOlpACnJjBVQIBGAFVB0GYVMMSlE3Wh0dBhcMUxYEd0BYCQ
IP 54.230.245.220:0
File type ASCII text, with very long lines (595), with no line terminators
Hash db5284a580efb0b92d95fd1101060677
dc58e48ece56e9017d7b3f9bed3dcde45d19fa11
beaa630f54cf09b82ff5de84f41f122b6cd6e3dfcfc08351b726575d62023991
GET /9NWU4NFFWClZSbkEMXAlmDV0OBWUTD0tbP0VYbngrUDZ3QSsAF1YSJU8BBQR3WQRWU2wTAFZXbARDWVAzCFEeQCFaDgVTIFoXVlc/UQNdEiRUWFVbK1wJVFV0ByMNGmEQVwgcKQRUHQcTEFcIWDhbEEARYwUdAAIOA1EdBxMQVwhGJxBWeQ1nG1UREWMFAl-1XOlpACnJjBVQIBGAFVB0GYVMMSlE3Wh0dBhcMUxYEd0BYCQ HTTP/1.1
Host: d3t5ngjixpjdho.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://usinesmycete.xyz/
HTTP/1.1 200 OK
Content-Length: 454
Connection: keep-alive
Date: Sun, 18 Sep 2022 10:35:35 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gzt_oGAYwZrxZ4o4ZfMI2pqaakN4xRSyd4mRLE3nw5FmRwPYS_eEQA==
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1901208085&utmhn=taraa.xyz&utme=8(User)9(14455383)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1602487981&utmr=-&utmp=%2F14455383%2Fm.nyaal.com%2Fgoto%2Fturb.pw%2Fjnyi7NCuzFx8.rar&utmht=1663497317372&utmac=UA-6469700-20&utmcc=__utma%3D15539635.373561648.1663497317.1663497317.1663497317.1%3B%2B__utmz%3D15539635.1663497317.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1990573946&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.174200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1901208085&utmhn=taraa.xyz&utme=8(User)9(14455383)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1602487981&utmr=-&utmp=%2F14455383%2Fm.nyaal.com%2Fgoto%2Fturb.pw%2Fjnyi7NCuzFx8.rar&utmht=1663497317372&utmac=UA-6469700-20&utmcc=__utma%3D15539635.373561648.1663497317.1663497317.1663497317.1%3B%2B__utmz%3D15539635.1663497317.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1990573946&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1901208085&utmhn=taraa.xyz&utme=8(User)9(14455383)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1602487981&utmr=-&utmp=%2F14455383%2Fm.nyaal.com%2Fgoto%2Fturb.pw%2Fjnyi7NCuzFx8.rar&utmht=1663497317372&utmac=UA-6469700-20&utmcc=__utma%3D15539635.373561648.1663497317.1663497317.1663497317.1%3B%2B__utmz%3D15539635.1663497317.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1990573946&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 10:35:35 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
usinesmycete.xyz/utx?cb=BUtwx2zDLnr0&top=taraa.xyz&tid=788614
143.204.55.45204 No Content 0 B URL HTTP/2 usinesmycete.xyz/utx?cb=BUtwx2zDLnr0&top=taraa.xyz&tid=788614
IP 143.204.55.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=BUtwx2zDLnr0&top=taraa.xyz&tid=788614 HTTP/1.1
Host: usinesmycete.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://taraa.xyz
Connection: keep-alive
Referer: http://taraa.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 18 Sep 2022 10:35:35 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://taraa.xyz
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 18 Sep 2022 10:36:35 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UdTemnI8opYkaONIgWoB0-gtwKvRNga09xz9MEAOHi1eSrN77nO8XQ==
X-Firefox-Spdy: h2
usinesmycete.xyz/multi?cs=OXlvZjMPSFhXCghJV14EDUlfUAs&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.59.1&sts=0&prn=0&emb=0&tid=788614&fs=1&ref=http%3A%2F%2Ftaraa.xyz%2F14455383%2Fm.nyaal.com%2Fgoto%2Fturb.pw%2Fjnyi7NCuzFx8.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_v4DO=1663497316948&crc=1
143.204.55.45200 OK 1.5 kB URL HTTP/2 usinesmycete.xyz/multi?cs=OXlvZjMPSFhXCghJV14EDUlfUAs&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.59.1&sts=0&prn=0&emb=0&tid=788614&fs=1&ref=http%3A%2F%2Ftaraa.xyz%2F14455383%2Fm.nyaal.com%2Fgoto%2Fturb.pw%2Fjnyi7NCuzFx8.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_v4DO=1663497316948&crc=1
IP 143.204.55.45:0
File type ASCII text, with very long lines (3194), with no line terminators
Hash 1ce38c2dcacb6f7dd56165ee507795ca
1d9fa512679479a23138e42bff410d11f7be44e5
24d937745025b2a06b6e72e2d64d8582562eb151387559f8da5b168320f939e7
GET /multi?cs=OXlvZjMPSFhXCghJV14EDUlfUAs&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.59.1&sts=0&prn=0&emb=0&tid=788614&fs=1&ref=http%3A%2F%2Ftaraa.xyz%2F14455383%2Fm.nyaal.com%2Fgoto%2Fturb.pw%2Fjnyi7NCuzFx8.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_v4DO=1663497316948&crc=1 HTTP/1.1
Host: usinesmycete.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://taraa.xyz
Connection: keep-alive
Referer: http://taraa.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
content-length: 1468
date: Sun, 18 Sep 2022 10:35:35 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://taraa.xyz
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=96b03492-1354-43f3-ba67-b72d78fd31f3
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wUh6mI7jZK4IbrHCkzSe4H3rJMf0fc1Zn1IsYiFSdDwBNxJNaScOrQ==
X-Firefox-Spdy: h2
taraa.xyz/rtb/validate/79b0bc8eabc95d73d099abf0a3e0988f/?type=1&p_id=2305&user_id=14455383&tmp=0&k=129764&c=1
172.67.223.164200 OK 8.8 kB URL HTTP/1.1 taraa.xyz/rtb/validate/79b0bc8eabc95d73d099abf0a3e0988f/?type=1&p_id=2305&user_id=14455383&tmp=0&k=129764&c=1
IP 172.67.223.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (26584)
Hash 115e3e78d886f3efd3a40ce56ff0b36b
b84fc6f2844b4ea781bb98b22474d55fd0c5af9c
5cb52928a26e582cbcf982b35d3f1cad3f7766246b20701f8bc97c8dd7df8c19
GET /rtb/validate/79b0bc8eabc95d73d099abf0a3e0988f/?type=1&p_id=2305&user_id=14455383&tmp=0&k=129764&c=1 HTTP/1.1
Host: taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: FLYSESSID=a6rlvb0iqvv9hb36hivmt3dl6s; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; market_1149829=4230549; adult_ad_report=1149829_4230549; zone-cap-4629666=1; __utma=15539635.373561648.1663497317.1663497317.1663497317.1; __utmb=15539635.1.10.1663497317; __utmc=15539635; __utmz=15539635.1663497317.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.27
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RAz7GbyWkGVZSzpGqthTCECkZ4CourabqJJAMi5G5WsPtXTwK5SkQt2Ysb9Nb5j69TZHm65E%2FsbyjKWtDbU4TeMtIJF9Slycr0cQvfxii6MpNyGWjiZ5lBSMZGU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74c96f8b6ad3b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.taraa.xyz/static/image/apple-touch-icon.png
104.21.38.143403 Forbidden 436 B URL HTTP/1.1 cdn.taraa.xyz/static/image/apple-touch-icon.png
IP 104.21.38.143:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash b112c984fdf3ae98cbf4bc84066cf619
e68cf1400ca02fc1b472c6f3a2cbb9c2234073c5
233729c945d3c6dc5a81cbf30abedd598a9927d141eda2e369aecd13a790938a
GET /static/image/apple-touch-icon.png HTTP/1.1
Host: cdn.taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://taraa.xyz/14455383/m.nyaal.com/goto/turb.pw/jnyi7NCuzFx8.rar
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 403 Forbidden
Date: Sun, 18 Sep 2022 10:35:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkdIlRsUvm95Ob%2FmoU35abE2q8kVmYMlZLPApJMGbYynnI2J%2Fu%2B5VZqgz2%2FqnLiKXDxE%2Bkz6qGx2iKR9rl4HSE%2Fp%2B26q4V5mvAwTDodbZZblCRQLQz6ixDI5AWJBqmWJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96f8abea70b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
taraa.xyz/static/js/encoding.js
172.67.223.164200 OK 2.9 kB URL HTTP/1.1 taraa.xyz/static/js/encoding.js
IP 172.67.223.164:0
File type ISO-8859 text, with very long lines (3561)
Hash 23401727e01779448e558f45d0199435
c150bcefd1ff63554f9e471d649e01ccf4a72d77
f0d288bfb114d4519ce9264885b1686c67d2c1427a48160f9baf852c9bd7a6da
GET /static/js/encoding.js HTTP/1.1
Host: taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/rtb/validate/79b0bc8eabc95d73d099abf0a3e0988f/?type=1&p_id=2305&user_id=14455383&tmp=0&k=129764&c=1
Cookie: FLYSESSID=a6rlvb0iqvv9hb36hivmt3dl6s; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; market_1149829=4230549; adult_ad_report=1149829_4230549; zone-cap-4629666=1; __utma=15539635.373561648.1663497317.1663497317.1663497317.1; __utmb=15539635.1.10.1663497317; __utmc=15539635; __utmz=15539635.1663497317.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:35 GMT
Content-Type: application/x-javascript
Content-Length: 2869
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 10:34:40 GMT
last-modified: Wed, 21 Jul 2021 19:37:10 GMT
etag: "240a-60f87766-1adea7f727beb226;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 54
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdLapoDdXfRZrhRHgLdlZlUphq5L7riyvpdtNJX0D94263RWpq6HtvCGkcFvJRDfNgzsoD%2Fed2%2BPxW6SeMnetyU9MLg8IfiZXg6PRgdro1IcyGZHmhdizDAcXS4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74c96f8c4c4ab524-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3109
Expires: Sun, 18 Sep 2022 11:27:25 GMT
Date: Sun, 18 Sep 2022 10:35:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3109
Expires: Sun, 18 Sep 2022 11:27:25 GMT
Date: Sun, 18 Sep 2022 10:35:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3109
Expires: Sun, 18 Sep 2022 11:27:25 GMT
Date: Sun, 18 Sep 2022 10:35:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3109
Expires: Sun, 18 Sep 2022 11:27:25 GMT
Date: Sun, 18 Sep 2022 10:35:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f003d8b6e12692fb16dddd6827deead8
786c333cf08456aea446a55c547520572e1c2df9
d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Q6pjncaouCXUu0Pz7v6xF_8ClxxVypUSeggW23Z-UTsPamKCTgwjmA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:00:17 GMT
age: 45319
etag: "786c333cf08456aea446a55c547520572e1c2df9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
taraa.xyz/funcript1663497316908.php?pub=14455383&v=wMi4dMiTIN61MQiDwNixYo2jsIikOVnnRIysdIWCUMsuIYnTBOhvdgC3Ib6mNVDmIcspIZmEJIpxbAmTRMFwbAGTVMtwZIWz5L0vItj2oYilcd2EtIppcAFj9Li2dkTjJO02dJGH9Iu7IQijwNifaZGDFOz4aBCCIe61I5jWca2MYBTyNOhxOETDQW3oMAjCYM5uMUjzVLjhNxzGcb5pZpW3UbzNMJzicO5iOQDnUb4lNdjWBYkyYVW2Vcl1IJny0ey=
172.67.223.164200 OK 44 kB URL HTTP/2 taraa.xyz/funcript1663497316908.php?pub=14455383&v=wMi4dMiTIN61MQiDwNixYo2jsIikOVnnRIysdIWCUMsuIYnTBOhvdgC3Ib6mNVDmIcspIZmEJIpxbAmTRMFwbAGTVMtwZIWz5L0vItj2oYilcd2EtIppcAFj9Li2dkTjJO02dJGH9Iu7IQijwNifaZGDFOz4aBCCIe61I5jWca2MYBTyNOhxOETDQW3oMAjCYM5uMUjzVLjhNxzGcb5pZpW3UbzNMJzicO5iOQDnUb4lNdjWBYkyYVW2Vcl1IJny0ey=
IP 172.67.223.164:0
File type ISO-8859 text, with very long lines (32042)
Hash 80ea7537cabefff4f76432bc12752a04
392275eaef772cf28e4da63d55025fc00a1769df
d35614c6d6b6f43ca48dcecaceb5b0952da2078ada0c5f4e94259c74da1de6a0
GET /funcript1663497316908.php?pub=14455383&v=wMi4dMiTIN61MQiDwNixYo2jsIikOVnnRIysdIWCUMsuIYnTBOhvdgC3Ib6mNVDmIcspIZmEJIpxbAmTRMFwbAGTVMtwZIWz5L0vItj2oYilcd2EtIppcAFj9Li2dkTjJO02dJGH9Iu7IQijwNifaZGDFOz4aBCCIe61I5jWca2MYBTyNOhxOETDQW3oMAjCYM5uMUjzVLjhNxzGcb5pZpW3UbzNMJzicO5iOQDnUb4lNdjWBYkyYVW2Vcl1IJny0ey= HTTP/1.1
Host: taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://taraa.xyz/14455383/m.nyaal.com/goto/turb.pw/jnyi7NCuzFx8.rar
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:35 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.27
p3p: policyref="http://adf.ly/w3c/p3p_adult.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMBvMaz7fxTD4hncwWr1tZXeDk%2B0NSxIABSp75YDEr9%2Fr%2BFcyoU4IaSNBhOa0KJAmhZrlQhDlNAOwwUTQaS%2Fx5374fL1kMEbRuJTozG5mYPAY4rerV%2FB0jqYSJk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74c96f886d59fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3efedbe-a04d-4b8e-9793-441b538b63e7.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3efedbe-a04d-4b8e-9793-441b538b63e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37262c30eae5fbad1c94dad74fafb802
be5af1c71574128a2e8a7ed2a71c16e22e4c3df3
1a3ea1fbf9379db8e4c76299359bfd7a8b4a4d6b742cb9a46cea59ba6e008b62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3efedbe-a04d-4b8e-9793-441b538b63e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7908
x-amzn-requestid: 6aeb2a22-5a83-4738-85d5-5531bab6a0f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tkHO6IAMFuQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbd-6e32c6ee146890770e01f6fc;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: oJsi2PuZYOeOcoG2r6UKObAncQ60Mn4xKNbH_SczH8B-AZHPqC_NdQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:49 GMT
age: 45947
etag: "be5af1c71574128a2e8a7ed2a71c16e22e4c3df3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
104.21.86.231200 OK 108 kB IP 104.21.86.231:0
Size 108 kB (107848 bytes)
Hash a052baa5e313e71e623d42fa94141421
2cc41bfe138c17478ca23d2bfa7b60c7e4fe8a4b
38022a982f8993e11aadc593603f134ab8d2551d2554d3ae1d794014d20a5b3a
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://taraa.xyz
Connection: keep-alive
Referer: http://taraa.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:35 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://taraa.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 55
last-modified: Sun, 18 Sep 2022 10:34:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OwFb6aFwNMXz302o%2FBMKQClSKhRFWhiG9UtyK7omgqZwpgMngJ%2Bo%2BSZG1bRKf9CWdgpBDBP4xIlaDg9w%2BVAhbFrRCe7wdcBj9kDxUKdbiocGyyz9CA%2BBvWHuVh4I0xd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96f8b1dd7b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7334a6bdb209350f41e4640960c9ce2a
0b00e1a594dc88c8fb05044a69cc0ba1eafc4946
bf946afeb52d95f27e2a271486accf87a0c169e5e78f6d57cace80564e2ed668
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10554
x-amzn-requestid: 07497447-33e7-4f60-a3ff-974f581c5704
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tlG_7IAMFaIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbd-1964dc6548cb5f7c09f65b78;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4c7A4n-fW5-zEG1OjjUo8zWdY80KTpzwJdfKuDT0OjW5NpkZxxWB-A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:35 GMT
age: 45961
etag: "0b00e1a594dc88c8fb05044a69cc0ba1eafc4946"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5531644b-8a26-4e13-bc0d-3df548aa5f59.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5531644b-8a26-4e13-bc0d-3df548aa5f59.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce3fbaae74c92406582fdcf366dd21d7
b44e3a6a6c6e7dc4b3657a22d94092dcf3147cb9
26c426c5cc8ff86f2fb24239902a0f5092140ceaf767c130b786549c7b443262
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5531644b-8a26-4e13-bc0d-3df548aa5f59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7554
x-amzn-requestid: 0272c6ab-a749-4e67-b8c7-d9cd1246dd05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn65pFClIAMFj9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263ea3-38fbfbfb0789868d572c1e21;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VJe4TFRsd9Fl8sJlm39yRyNKuNfa56h3KsIgVCIbfj-wa6OD_lBg4w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:14 GMT
age: 45982
etag: "b44e3a6a6c6e7dc4b3657a22d94092dcf3147cb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 9a4776674e5cee18cb29fa9f3f9c1a5b
7838ffadbf3d6fdd7d51be2da2350608911978f5
1576aa4647b0651ddc2e023d7e642757949443093bb66907d873b5bbd53852ad
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:37 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 20:27:06 GMT
Expires: Fri, 23 Sep 2022 20:27:05 GMT
Etag: "7838ffadbf3d6fdd7d51be2da2350608911978f5"
Cache-Control: max-age=466887,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74c96f947aaa0b02-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 9a4776674e5cee18cb29fa9f3f9c1a5b
7838ffadbf3d6fdd7d51be2da2350608911978f5
1576aa4647b0651ddc2e023d7e642757949443093bb66907d873b5bbd53852ad
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:37 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 20:27:06 GMT
Expires: Fri, 23 Sep 2022 20:27:05 GMT
Etag: "7838ffadbf3d6fdd7d51be2da2350608911978f5"
Cache-Control: max-age=466887,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74c96f947c8cb4f9-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 9a4776674e5cee18cb29fa9f3f9c1a5b
7838ffadbf3d6fdd7d51be2da2350608911978f5
1576aa4647b0651ddc2e023d7e642757949443093bb66907d873b5bbd53852ad
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:37 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 20:27:06 GMT
Expires: Fri, 23 Sep 2022 20:27:05 GMT
Etag: "7838ffadbf3d6fdd7d51be2da2350608911978f5"
Cache-Control: max-age=466887,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74c96f947ee91c0e-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 9a4776674e5cee18cb29fa9f3f9c1a5b
7838ffadbf3d6fdd7d51be2da2350608911978f5
1576aa4647b0651ddc2e023d7e642757949443093bb66907d873b5bbd53852ad
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:37 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 20:27:06 GMT
Expires: Fri, 23 Sep 2022 20:27:05 GMT
Etag: "7838ffadbf3d6fdd7d51be2da2350608911978f5"
Cache-Control: max-age=466887,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74c96f94882ab51b-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 9a4776674e5cee18cb29fa9f3f9c1a5b
7838ffadbf3d6fdd7d51be2da2350608911978f5
1576aa4647b0651ddc2e023d7e642757949443093bb66907d873b5bbd53852ad
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:37 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 20:27:06 GMT
Expires: Fri, 23 Sep 2022 20:27:05 GMT
Etag: "7838ffadbf3d6fdd7d51be2da2350608911978f5"
Cache-Control: max-age=466887,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74c96f947b590afe-OSL
poweredby.jads.co/js/jads.js
185.94.236.246301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 18 Sep 2022 10:35:37 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
poweredby.jads.co/js/jads2.js
185.94.236.246200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP 185.94.236.246:0
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javflag.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:37 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 59ae5774e84419fafa8a436c39d3e223
451916163f52305a603c419351272c1c040a5e13
d72dc6a9b3b1c21ed45747ea67ea5ad473e6ba61ea1991bb102266a41023b0f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D72DC6A9B3B1C21ED45747EA67EA5AD473E6BA61EA1991BB102266A41023B0F4"
Last-Modified: Sat, 17 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17345
Expires: Sun, 18 Sep 2022 15:24:42 GMT
Date: Sun, 18 Sep 2022 10:35:37 GMT
Connection: keep-alive
barnabaslinger.com/32ef2a2504620607fa5a59dd0d7fa048/invoke.js
192.243.61.225200 OK 9.3 kB URL HTTP/1.1 barnabaslinger.com/32ef2a2504620607fa5a59dd0d7fa048/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25062), with no line terminators
Hash a41bb11534edc3db531ff710ef20b656
5d8ce3929e79b8660056b8cbf8a4f59fa53fb58e
389e6dd50f36aaeb173265a6a8aa3d5773ed470604abc8179bf70d5ac9aff65a
GET /32ef2a2504620607fa5a59dd0d7fa048/invoke.js HTTP/1.1
Host: barnabaslinger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 10:35:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a4435ea9703bd8bf7801dc9701eec364
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
barnabaslinger.com/2e/f4/1d/2ef41dd6bdb358bdf7d02bce45635537.js
192.243.61.225200 OK 26 kB URL HTTP/1.1 barnabaslinger.com/2e/f4/1d/2ef41dd6bdb358bdf7d02bce45635537.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash 4724f6da8a459592abf6fd62ba780a50
5a17a2b44fad9e08fa4caee4f44fecd16f658c6b
03a144b11234b4b85e6da21868bf56fe13583a188a31ee10a333b4b7882e445e
GET /2e/f4/1d/2ef41dd6bdb358bdf7d02bce45635537.js HTTP/1.1
Host: barnabaslinger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 10:35:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3d2820e74d1435103223f439dc1aac32
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 00c95eb6c121f588bce2d57f05e0d3a7
991d70116ded7f77387434472ecc3c423392338d
7a0c1c29f7bc58531435aef553adc87bd9b1c553c6cbac189e5b713971d7e00e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 10:35:37 GMT
Last-Modified: Sun, 18 Sep 2022 08:47:05 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: N8YKdbZC6YLF_6CcAXgKg5zBU54hyT_xnqvcOhIOuZkVZyuZLjKkvQ==
Age: 6512
simplewebanalysis.com/stats
35.157.30.157200 OK 8.9 kB URL HTTP/2 simplewebanalysis.com/stats
IP 35.157.30.157:0
Hash 12de443e33fb15940dfd56f3873933fe
f602c2d5f66396f12f785882a4c9b6822086a362
5630aa244a9b009a16ad74dcb156b7966f9f7ccf6b9df873e713a72853da6556
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:38 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://javflag.com
access-control-allow-credentials: true
set-cookie: uid_id2=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b:1:1; expires=Wed, 15 Sep 2032 10:35:38 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=948378
185.94.236.246200 OK 1.6 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=948378
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (301), with CRLF, LF line terminators
Hash 59303b16b60552f2138eddcb3c1d5134
b0227777fe5e23f0cf8f708823976a763445c16e
da09b08073b3308c7dff371bd24ed37e24d1c00345d18684e919fcc1fc578813
GET /adshow.php?adzone=948378 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=774ad11af43694622c025e063ac737f2; expires=Mon, 18-Sep-2023 10:35:37 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Wed, 21-Sep-2022 10:35:37 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 21-Sep-2022 10:35:37 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 26 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55502a786ba43378dccf9de5d0f8b5fd
cf2ee0881fd6bdcf920d088f0acc274fe1341f36
f58a62cefaa7e6d247c45022be87482a12f02b92435f4d6275de49f54a5866d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "363FFD1D5722A0B24DF95C4C0073CC169A0C7C8576E759483120027D54D2CC8B"
Last-Modified: Fri, 16 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17469
Expires: Sun, 18 Sep 2022 15:26:47 GMT
Date: Sun, 18 Sep 2022 10:35:38 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 74fb0236adf501d971c771280c7918e8
56cff708122383fe762f7d7d40245ca224bedbb6
12b0b2630cff9f118fc6938f80c28a7d7bd73f10e247f2aeec6dc0f6b6b23457
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "12B0B2630CFF9F118FC6938F80C28A7D7BD73F10E247F2AEEC6DC0F6B6B23457"
Last-Modified: Fri, 16 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2516
Expires: Sun, 18 Sep 2022 11:17:34 GMT
Date: Sun, 18 Sep 2022 10:35:38 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 74fb0236adf501d971c771280c7918e8
56cff708122383fe762f7d7d40245ca224bedbb6
12b0b2630cff9f118fc6938f80c28a7d7bd73f10e247f2aeec6dc0f6b6b23457
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "12B0B2630CFF9F118FC6938F80C28A7D7BD73F10E247F2AEEC6DC0F6B6B23457"
Last-Modified: Fri, 16 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2516
Expires: Sun, 18 Sep 2022 11:17:34 GMT
Date: Sun, 18 Sep 2022 10:35:38 GMT
Connection: keep-alive
main.realsrv.com/tag.php?goal=3498327ae8564a1191c4243b38616bf7
95.211.229.247200 OK 3.4 kB URL HTTP/1.1 main.realsrv.com/tag.php?goal=3498327ae8564a1191c4243b38616bf7
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash 52f63714ab7e538b54c1d9a9417a3646
5ccb30f3dbc411f108612154ec28cb1e238e7756
e5ab5e682f1b08973a1cff984819d115f56456f1e63bad9f99c0f5dda2170574
GET /tag.php?goal=3498327ae8564a1191c4243b38616bf7 HTTP/1.1
Host: main.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226326f4778258d0.41940007240378249%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%226326f4778258d0.41940007240378249%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A48723%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-18%22%3B%7D%7D; expires=Mon, 18 Sep 2023 10:35:38 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 74fb0236adf501d971c771280c7918e8
56cff708122383fe762f7d7d40245ca224bedbb6
12b0b2630cff9f118fc6938f80c28a7d7bd73f10e247f2aeec6dc0f6b6b23457
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "12B0B2630CFF9F118FC6938F80C28A7D7BD73F10E247F2AEEC6DC0F6B6B23457"
Last-Modified: Fri, 16 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2516
Expires: Sun, 18 Sep 2022 11:17:34 GMT
Date: Sun, 18 Sep 2022 10:35:38 GMT
Connection: keep-alive
main.realsrv.com/tag.php?goal=f84a30695485b0b005f7984d20b6af81
95.211.229.247200 OK 20 B URL HTTP/1.1 main.realsrv.com/tag.php?goal=f84a30695485b0b005f7984d20b6af81
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=f84a30695485b0b005f7984d20b6af81 HTTP/1.1
Host: main.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226326f4778258d0.41940007240378249%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%226326f4778258d0.41940007240378249%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A83749%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-18%22%3B%7D%7D; expires=Mon, 18 Sep 2023 10:35:38 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
main.exdynsrv.com/tag.php?goal=05f747f9753a0b4172a8faf1128a78e1
95.211.229.248200 OK 20 B URL HTTP/1.1 main.exdynsrv.com/tag.php?goal=05f747f9753a0b4172a8faf1128a78e1
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=05f747f9753a0b4172a8faf1128a78e1 HTTP/1.1
Host: main.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A43686%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-18%22%3B%7D%7D; expires=Mon, 18 Sep 2023 10:35:38 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
main.realsrv.com/tag.php?goal=05f747f9753a0b4172a8faf1128a78e1
95.211.229.247200 OK 20 B URL HTTP/1.1 main.realsrv.com/tag.php?goal=05f747f9753a0b4172a8faf1128a78e1
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=05f747f9753a0b4172a8faf1128a78e1 HTTP/1.1
Host: main.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226326f4778258d0.41940007240378249%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%226326f4778258d0.41940007240378249%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A43686%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-18%22%3B%7D%7D; expires=Mon, 18 Sep 2023 10:35:38 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
main.exdynsrv.com/tag.php?goal=f84a30695485b0b005f7984d20b6af81
95.211.229.248200 OK 20 B URL HTTP/1.1 main.exdynsrv.com/tag.php?goal=f84a30695485b0b005f7984d20b6af81
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=f84a30695485b0b005f7984d20b6af81 HTTP/1.1
Host: main.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A83749%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-18%22%3B%7D%7D; expires=Mon, 18 Sep 2023 10:35:38 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
main.exdynsrv.com/tag.php?goal=3498327ae8564a1191c4243b38616bf7
95.211.229.248200 OK 11 kB URL HTTP/1.1 main.exdynsrv.com/tag.php?goal=3498327ae8564a1191c4243b38616bf7
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash 08a576a71e21b974de26fbc1773d0f18
9832a36328af1e47cdf45b6f26192efa65cc74a2
6129555f439db4ac300f4afdf8f0f225809bfa94e28bd9aa664c7d1f6bb05415
GET /tag.php?goal=3498327ae8564a1191c4243b38616bf7 HTTP/1.1
Host: main.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A48723%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-18%22%3B%7D%7D; expires=Mon, 18 Sep 2023 10:35:38 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
taraa.xyz/rtb/show/79b0bc8eabc95d73d099abf0a3e0988f/?k=129764&cs=IgizwMi1dUjDINi0OEjjAIs6IImCZZm1ZJiCIL6iMAjjEL52MkTzcLw4M9zmMZxlNJCXwaiGZB2SdMnwIEjDoMzwLECDJMyyc8nyIbirONjWAZsHIBnScKxwI4jioNx5MojjgdwyLBCyJO30MYizIX62OgDDUewgLgCXJd3uMlyGIT6gMsTTIM4xMgCFwKigdAzjQLi1O8jSEYwsMxjWQas6I9nWcT1iIojjoIw0L5CWJZ3nNFimIc6lMNCXwdiidwjiMIivO5jkEIs6IInyNc0vY9XVRZlsMlVm9Ymvb12mNI1scA2jVOkiIUjGobwpLJC2JbrtZJXClLfiYYSGIO64IkjDUM5lNN2TYYxwNYWmYYwhZljTROhwZQT2IM03NQjWQNx5MMzmYY2hMVjGEO3jYJzGdMmiOlDzJNjiNoWjJIm0IJny0ez=
172.67.223.164302 Found 689 kB URL HTTP/2 taraa.xyz/rtb/show/79b0bc8eabc95d73d099abf0a3e0988f/?k=129764&cs=IgizwMi1dUjDINi0OEjjAIs6IImCZZm1ZJiCIL6iMAjjEL52MkTzcLw4M9zmMZxlNJCXwaiGZB2SdMnwIEjDoMzwLECDJMyyc8nyIbirONjWAZsHIBnScKxwI4jioNx5MojjgdwyLBCyJO30MYizIX62OgDDUewgLgCXJd3uMlyGIT6gMsTTIM4xMgCFwKigdAzjQLi1O8jSEYwsMxjWQas6I9nWcT1iIojjoIw0L5CWJZ3nNFimIc6lMNCXwdiidwjiMIivO5jkEIs6IInyNc0vY9XVRZlsMlVm9Ymvb12mNI1scA2jVOkiIUjGobwpLJC2JbrtZJXClLfiYYSGIO64IkjDUM5lNN2TYYxwNYWmYYwhZljTROhwZQT2IM03NQjWQNx5MMzmYY2hMVjGEO3jYJzGdMmiOlDzJNjiNoWjJIm0IJny0ez=
IP 172.67.223.164:0
Size 689 kB (689039 bytes)
Hash 2e2456589f9826e6d2e4792b5d2a724f
95ad68e876a6e01f44024bf42a15145ca8683788
5ccb2e85eb202823f433ef62af81419de2ec0ef4f03f358e3c6b0f9768df7455
GET /rtb/show/79b0bc8eabc95d73d099abf0a3e0988f/?k=129764&cs=IgizwMi1dUjDINi0OEjjAIs6IImCZZm1ZJiCIL6iMAjjEL52MkTzcLw4M9zmMZxlNJCXwaiGZB2SdMnwIEjDoMzwLECDJMyyc8nyIbirONjWAZsHIBnScKxwI4jioNx5MojjgdwyLBCyJO30MYizIX62OgDDUewgLgCXJd3uMlyGIT6gMsTTIM4xMgCFwKigdAzjQLi1O8jSEYwsMxjWQas6I9nWcT1iIojjoIw0L5CWJZ3nNFimIc6lMNCXwdiidwjiMIivO5jkEIs6IInyNc0vY9XVRZlsMlVm9Ymvb12mNI1scA2jVOkiIUjGobwpLJC2JbrtZJXClLfiYYSGIO64IkjDUM5lNN2TYYxwNYWmYYwhZljTROhwZQT2IM03NQjWQNx5MMzmYY2hMVjGEO3jYJzGdMmiOlDzJNjiNoWjJIm0IJny0ez= HTTP/1.1
Host: taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://taraa.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 18 Sep 2022 10:35:35 GMT
content-type: text/html; charset=UTF-8
location: https://javflag.com/en
x-powered-by: PHP/7.3.27
access-control-allow-origin: *
referrer-policy: origin
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8Y7yDW8dIqpqktuy8cS1t3EtFFjSH%2FRNia6nRET30fMEWV%2FFdPY%2FLDIcCy0qcYiaijCQ4x5vUpBaOUUcdggLSidLC6VJ%2FGJStpgF%2FoZPUcDPwj%2FD26gAy6idNo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74c96f8c78acfab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firearmtire.com/ntv.json?key=32ef2a2504620607fa5a59dd0d7fa048&vstc=3
192.243.61.227200 OK 28 kB URL HTTP/1.1 firearmtire.com/ntv.json?key=32ef2a2504620607fa5a59dd0d7fa048&vstc=3
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash 4f2fbdcec970f2d22f759d78abf253ed
788246ccfece129ff5aae98f59cfc41bd86e1b9e
a0c19c5dabb7654d54e8d113ebe3b073e08e7f6595258651a34ee9094eacdc3e
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=32ef2a2504620607fa5a59dd0d7fa048&vstc=3 HTTP/1.1
Host: firearmtire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 10:35:38 GMT
Content-Type: application/json
Content-Length: 12403
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://javflag.com
Access-Control-Allow-Origin: https://javflag.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16241006; expires=Mon, 19 Sep 2022 10:35:38 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 19 Sep 2022 10:35:38 GMT; secure; SameSite=None
uncs=1; expires=Mon, 19 Sep 2022 10:35:38 GMT; secure; SameSite=None
pdhtkv49=true; expires=Mon, 19 Sep 2022 10:35:38 GMT; secure; SameSite=None
uncs49=1; expires=Mon, 19 Sep 2022 10:35:38 GMT; secure; SameSite=None
nlec32ef2a2504620607fa5a59dd0d7fa048=[2229213,3637745,2229212]; expires=Sun, 18 Sep 2022 10:35:43 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e8e0e93d8be307d09dadf06cdccdab9a
Strict-Transport-Security: max-age=0; includeSubdomains
poweredby.jads.co/adshow.php?adzone=947358
185.94.236.246200 OK 1.5 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=947358
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (301), with CRLF, LF line terminators
Hash 533c882c20d586be89b0947284b8d217
82c7e24f3d3ea9a63684444a9d5f2abc900b11df
b70cd3dfd00d76ce2d5aa1175df02c0820a206043614fe26e00e8f5d613155e7
GET /adshow.php?adzone=947358 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=774ad11af43694622c025e063ac737f2; expires=Mon, 18-Sep-2023 10:35:37 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Wed, 21-Sep-2022 10:35:37 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 21-Sep-2022 10:35:37 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
poweredby.jads.co/adshow.php?adzone=947370
185.94.236.246200 OK 1.5 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=947370
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (416), with CRLF, LF line terminators
Hash 968fffa396494d4f7665daaebf20e5bd
c16c52f51bc9fa33360a69503ba68011313d142d
f661215f0f2af72dbc5a7cb49e2c0daaee360a1f8f7f028dad5a9d85b7bd63ce
GET /adshow.php?adzone=947370 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=774ad11af43694622c025e063ac737f2; expires=Mon, 18-Sep-2023 10:35:37 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps9996=1; expires=Mon, 19-Sep-2022 10:35:38 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjk3MTQ3MjtpOjE2NjM3NTY1Mzc7fQ%3D%3D; expires=Wed, 21-Sep-2022 10:35:37 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 21-Sep-2022 10:35:37 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
goplayhere.com/iframe/62dfeb373f7d6?iframe&ag_custom_domain=javflag.com
172.67.187.242200 OK 1.4 kB URL HTTP/2 goplayhere.com/iframe/62dfeb373f7d6?iframe&ag_custom_domain=javflag.com
IP 172.67.187.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3271)
Hash 3c53e159a4ee14cfdfaf0fb3a76684e2
9bfb9daa6b617a5d4681c1a1fabfd57580d9607e
7cfa4f5ec60e91bb17a1c20d03562dc4ba266bc759f1867684e1c37cd44952a7
GET /iframe/62dfeb373f7d6?iframe&ag_custom_domain=javflag.com HTTP/1.1
Host: goplayhere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:38 GMT
content-type: text/html
set-cookie: c_850eb59fca5f11e0a7f9584c4ed337a3=1; Expires=Mon, 19-Sep-22 10:35:38 GMT; Domain=goplayhere.com; Path=/; Secure; SameSite=None
z_976b88f2c525bc4f8bf178a12d4b912c=1; Expires=Mon, 19-Sep-22 10:35:38 GMT; Domain=goplayhere.com; Path=/; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGknZEraXNtIBP6zyTQzfFHdxOJ2F%2BSQLPEfX52E4LOsX3bS2ApWF2%2BOxrA009Vu7zg2dmk%2FdYo3XCIse4uI%2FKbA5ulAbzXz9%2Bt8FDR2ip%2FAJmT%2FlaQUEwlZ0WS3HtI9cA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74c96f9c79010b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
151.101.85.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.85.140:0
File type ASCII text, with very long lines (25224)
Hash 95212d33cfff78ad59f5af5b20c48c53
9b99a4091a6eb716bc68f1428e3c86eca068b25b
bd69f250efa08cb2c0a06c35d91fda762779820d87779019c25211f4559ebb1d
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
etag: "95212d33cfff78ad59f5af5b20c48c53"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 18 Sep 2022 10:35:38 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
i.jads.co/network/user4341/25008-1589657612-0640143001589657612.jpg
69.16.175.42200 OK 59 kB URL HTTP/2 i.jads.co/network/user4341/25008-1589657612-0640143001589657612.jpg
IP 69.16.175.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Hash cf5d9d8f3e9c7a31b0eee4f07729e245
549bdf00d9b7956e2e4f5e88b959fa0e6332cd0a
7e8403b454fc6eb20c48d34eaa9652649ca70fe820c2642d61fa8ecf0be795ab
GET /network/user4341/25008-1589657612-0640143001589657612.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=774ad11af43694622c025e063ac737f2; juicy_data_1=YToxOntpOjk3MTQ3MjtpOjE2NjM3NTY1Mzc7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps9996=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:38 GMT
etag: "1589657612"
cache-control: max-age=16151533
content-length: 58605
content-type: image/jpeg
last-modified: Sat, 16 May 2020 19:33:32 GMT
accept-ranges: bytes
x-hw: 1663497338.dop067.sk1.t,1663497338.cds242.sk1.hn,1663497338.cds201.sk1.c
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash c5f23f94270a39081bb9d749a97d5704
97e18938c56b7d7c43bddac19abc7dbd2eccc952
dfefc859840a50bfc0eaa8e38dadae38a65514f0060af98cad8c1ab0892b1330
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 18:25:20 GMT
Expires: Thu, 22 Sep 2022 18:25:19 GMT
Etag: "97e18938c56b7d7c43bddac19abc7dbd2eccc952"
Cache-Control: max-age=373180,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74c96f9e2d820b02-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 6a04e6bda8741e82fbfb1ec3a73001d3
81c3ca21d6e227ae919e637b8f9fda7f09c66f33
8dcb8a71218d6dbd2ea9e86d84560bc503e979b7c9eb234fa0c6457ad3840e7e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 10:35:38 GMT
Last-Modified: Sun, 18 Sep 2022 09:48:44 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZJCj6m7M89Ou1oOfurd-U4ighwJ5Ha8SIOG1tJYbXRbv_jQyCiWZiQ==
Age: 2814
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0eef005c73f63709e07f5cc8e75b9b35
1b997e5be07d0ad97429473aeab4804474217ae7
80aeae8b168ba62088159dcd0c41cee1fcea3598a1d0ee9f17215a5e4b82331d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80AEAE8B168BA62088159DCD0C41CEE1FCEA3598A1D0EE9F17215A5E4B82331D"
Last-Modified: Sat, 17 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3360
Expires: Sun, 18 Sep 2022 11:31:38 GMT
Date: Sun, 18 Sep 2022 10:35:38 GMT
Connection: keep-alive
my.rtmark.net/img.gif?f=sync&lr=1&partner=306f137c13013ee4f568122355835e079f577844602bde9f161b0a61a23db502
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&lr=1&partner=306f137c13013ee4f568122355835e079f577844602bde9f161b0a61a23db502
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&lr=1&partner=306f137c13013ee4f568122355835e079f577844602bde9f161b0a61a23db502 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:35:38 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=db6bafca588747c39daf40fd693b5dfa; expires=Mon, 18 Sep 2023 10:35:38 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
firearmtire.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGqzc5iF5WWRDBw%2BBhUZBJd89M94x7WIwxEoybdVfRm1R3dU9qU93VVHV1T%2BaUuCg5DnjSU%2BebZIO7QfQPMMhkQSR4yHgKuLl7FEU9yoyDow%2Ba973%2B3uH3Xr1P980lsWHoxco7ss%2BFoEutul17%2BUPHuVFb56np1Xpt7yOveaOmitc6Xt1%2BpfZWFG7JJdd2bNuxndoqV1Ese0sTEzw77jj1jl1vunWn1URP%2Fb%2FWxoKmFlhxSZ4DZ%2BPFx9Y18HCENPl6JdJbucxefTMxguZSoWBH76dbqSxTJHMZKwtxejTrhtTnqyeQ6eEUF7L4tzHgY2J9f4IgPZpBIigOppyBQJQiYM%2BgLEaIxAicjhDK%2B%2BDsnAAhw60NpMmDW1KVdPsfl07cMVn84zfwckwWn1xDmny1LHivdlcKk3OZavTiCrw3Au%2BOkJlT5P0r4OUpwvxjcEaQJhU4q6Yzcz4Cj0cQ0QBUWzCTj1swsQWTWUjYRS10HMe3WUjtdicMG8yPAo%2FZDvVjhzq214YJJ1gD5NkAoRggVDvI1A62%2BADKfAe9WUEzCzofE%2BvdHRSsQhkRlJqgpAQlJyhzgrKoDpnQrq4eMKFN4MyyO8uNaijz7j49lHk3Ssl%2Bdkmene7jz%2FMUW9FFreFGsUvdlt30XNuz%2FZi2aKvDmM38mNrNNjSvwPWV6ah9PibPr%2B4i42OyuPcTAnoKLU4R8qugxgEth75rg24Om20b%2FfTRPVrEgnbroUzAZIUsX0S%2Bbe2LS%2FLCFOOlhSeIwrObD188fsq5%2FgtCVSFTFe7xxwRdsTe8I0tycEeWmnyzkeU84X06ebK7Oc2jhYdvR9ulVGxtRQ%2B%2BfD2cGBN5%2FF6k83WaMp52NXm0zBmL1KpUYUS%2BXdMfRMFtozeXjUpNtn77jdW1JFOR1lymI1B%2BvvEXwsl8uyfTW7z64yfgagRlKiTmjMwCXJ4izHagszm9lgtQYt4TZBZKUw2VG8x%2FCk4gonlNgwr6P3Uw1%2Ft6D13lgub3pydYqAqFqEDFANo8PcwzdXbzh88n8QUCsTAMhFo4CIQSn01XOyb%2B7q8T9TM0v6j5jYZNvU7L8X0a%2BUHTbceewyh1m57rebSBXI%2FD67%2F3%2FwYAAP%2F%2FAQAA%2F%2F%2BIngi3YAQAAA%3D%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 firearmtire.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGqzc5iF5WWRDBw%2BBhUZBJd89M94x7WIwxEoybdVfRm1R3dU9qU93VVHV1T%2BaUuCg5DnjSU%2BebZIO7QfQPMMhkQSR4yHgKuLl7FEU9yoyDow%2Ba973%2B3uH3Xr1P980lsWHoxco7ss%2BFoEutul17%2BUPHuVFb56np1Xpt7yOveaOmitc6Xt1%2BpfZWFG7JJdd2bNuxndoqV1Ese0sTEzw77jj1jl1vunWn1URP%2Fb%2FWxoKmFlhxSZ4DZ%2BPFx9Y18HCENPl6JdJbucxefTMxguZSoWBH76dbqSxTJHMZKwtxejTrhtTnqyeQ6eEUF7L4tzHgY2J9f4IgPZpBIigOppyBQJQiYM%2BgLEaIxAicjhDK%2B%2BDsnAAhw60NpMmDW1KVdPsfl07cMVn84zfwckwWn1xDmny1LHivdlcKk3OZavTiCrw3Au%2BOkJlT5P0r4OUpwvxjcEaQJhU4q6Yzcz4Cj0cQ0QBUWzCTj1swsQWTWUjYRS10HMe3WUjtdicMG8yPAo%2FZDvVjhzq214YJJ1gD5NkAoRggVDvI1A62%2BADKfAe9WUEzCzofE%2BvdHRSsQhkRlJqgpAQlJyhzgrKoDpnQrq4eMKFN4MyyO8uNaijz7j49lHk3Ssl%2Bdkmene7jz%2FMUW9FFreFGsUvdlt30XNuz%2FZi2aKvDmM38mNrNNjSvwPWV6ah9PibPr%2B4i42OyuPcTAnoKLU4R8qugxgEth75rg24Om20b%2FfTRPVrEgnbroUzAZIUsX0S%2Bbe2LS%2FLCFOOlhSeIwrObD188fsq5%2FgtCVSFTFe7xxwRdsTe8I0tycEeWmnyzkeU84X06ebK7Oc2jhYdvR9ulVGxtRQ%2B%2BfD2cGBN5%2FF6k83WaMp52NXm0zBmL1KpUYUS%2BXdMfRMFtozeXjUpNtn77jdW1JFOR1lymI1B%2BvvEXwsl8uyfTW7z64yfgagRlKiTmjMwCXJ4izHagszm9lgtQYt4TZBZKUw2VG8x%2FCk4gonlNgwr6P3Uw1%2Ft6D13lgub3pydYqAqFqEDFANo8PcwzdXbzh88n8QUCsTAMhFo4CIQSn01XOyb%2B7q8T9TM0v6j5jYZNvU7L8X0a%2BUHTbceewyh1m57rebSBXI%2FD67%2F3%2FwYAAP%2F%2FAQAA%2F%2F%2BIngi3YAQAAA%3D%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskRRTGqzc5iF5WWRDBw%2BBhUZBJd89M94x7WIwxEoybdVfRm1R3dU9qU93VVHV1T%2BaUuCg5DnjSU%2BebZIO7QfQPMMhkQSR4yHgKuLl7FEU9yoyDow%2Ba973%2B3uH3Xr1P980lsWHoxco7ss%2BFoEutul17%2BUPHuVFb56np1Xpt7yOveaOmitc6Xt1%2BpfZWFG7JJdd2bNuxndoqV1Ese0sTEzw77jj1jl1vunWn1URP%2Fb%2FWxoKmFlhxSZ4DZ%2BPFx9Y18HCENPl6JdJbucxefTMxguZSoWBH76dbqSxTJHMZKwtxejTrhtTnqyeQ6eEUF7L4tzHgY2J9f4IgPZpBIigOppyBQJQiYM%2BgLEaIxAicjhDK%2B%2BDsnAAhw60NpMmDW1KVdPsfl07cMVn84zfwckwWn1xDmny1LHivdlcKk3OZavTiCrw3Au%2BOkJlT5P0r4OUpwvxjcEaQJhU4q6Yzcz4Cj0cQ0QBUWzCTj1swsQWTWUjYRS10HMe3WUjtdicMG8yPAo%2FZDvVjhzq214YJJ1gD5NkAoRggVDvI1A62%2BADKfAe9WUEzCzofE%2BvdHRSsQhkRlJqgpAQlJyhzgrKoDpnQrq4eMKFN4MyyO8uNaijz7j49lHk3Ssl%2Bdkmene7jz%2FMUW9FFreFGsUvdlt30XNuz%2FZi2aKvDmM38mNrNNjSvwPWV6ah9PibPr%2B4i42OyuPcTAnoKLU4R8qugxgEth75rg24Om20b%2FfTRPVrEgnbroUzAZIUsX0S%2Bbe2LS%2FLCFOOlhSeIwrObD188fsq5%2FgtCVSFTFe7xxwRdsTe8I0tycEeWmnyzkeU84X06ebK7Oc2jhYdvR9ulVGxtRQ%2B%2BfD2cGBN5%2FF6k83WaMp52NXm0zBmL1KpUYUS%2BXdMfRMFtozeXjUpNtn77jdW1JFOR1lymI1B%2BvvEXwsl8uyfTW7z64yfgagRlKiTmjMwCXJ4izHagszm9lgtQYt4TZBZKUw2VG8x%2FCk4gonlNgwr6P3Uw1%2Ft6D13lgub3pydYqAqFqEDFANo8PcwzdXbzh88n8QUCsTAMhFo4CIQSn01XOyb%2B7q8T9TM0v6j5jYZNvU7L8X0a%2BUHTbceewyh1m57rebSBXI%2FD67%2F3%2FwYAAP%2F%2FAQAA%2F%2F%2BIngi3YAQAAA%3D%3D HTTP/1.1
Host: firearmtire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Cookie: u_pl=16241006; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec32ef2a2504620607fa5a59dd0d7fa048=[2229213,3637745,2229212]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 10:35:38 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 903d16514674f432e725845744a639a1
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/51/bb/80/51bb807c8b914e3cc08eace2b0587473/1628586935.jpg
45.133.44.9200 OK 30 kB URL HTTP/2 cdn.cloudimagesb.com/cti/51/bb/80/51bb807c8b914e3cc08eace2b0587473/1628586935.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash a87779ccaaa4021b0b4f33812742679a
87322480f885dc0b6463c182b7bdb3eb60ab2592
a8f8dbc930527f94496d5a9883b6034e27a673090a89b518596d6e2b656df96f
GET /cti/51/bb/80/51bb807c8b914e3cc08eace2b0587473/1628586935.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:38 GMT
content-type: image/jpeg
content-length: 30127
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:15:44 GMT
etag: "611243c0-75af"
expires: Tue, 20 Sep 2022 10:35:38 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg
45.133.44.9200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 4452445afb73fab8af9ff308eb667024
130401c47d822426e1cce9981c30d775cba1b576
923b0ac505decd181f473f1fa460f21590777993c3581723f127b032d8c45bdd
GET /cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:38 GMT
content-type: image/jpeg
content-length: 22987
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:16:05 GMT
etag: "611243d5-59cb"
expires: Tue, 20 Sep 2022 10:35:38 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg
45.133.44.9200 OK 21 kB URL HTTP/2 cdn.cloudimagesb.com/si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 8f4953c1b8baece7bb7d226247561ce2
da5d440970606602026d7900a55ae2fd27a3f170
8fd9df7d8e48ff2519631e82e01519d4f1c65abd41ec977c18abb58df9832919
GET /si/b9/5d/e2/b95de288caeec55111c172964c8a9c84/1662036680.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:38 GMT
content-type: image/jpeg
content-length: 20566
server: nginx/1.17.6
last-modified: Thu, 01 Sep 2022 12:51:28 GMT
etag: "6310aad0-5056"
expires: Tue, 20 Sep 2022 10:35:38 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=947423
185.94.236.246200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=947423
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1617), with CRLF, LF line terminators
Hash 8d459d986626469857e49594d63cac3e
23d7e9493c1637442299d105b22ccc71de64467c
1cd0b1165d6650b3d6e9eb7feeeeae45be5d89a6d17f4f62c400616ebd24d39f
GET /adshow.php?adzone=947423 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=883e11884b5b21c6e2b84b475287b044; expires=Mon, 18-Sep-2023 10:35:38 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Wed, 21-Sep-2022 10:35:38 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 21-Sep-2022 10:35:38 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/1x1.gif
69.16.175.42200 OK 43 B IP 69.16.175.42:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /1x1.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=883e11884b5b21c6e2b84b475287b044; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps9996=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:38 GMT
etag: "1457030838"
cache-control: max-age=23727928
content-length: 43
content-type: image/gif
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
accept-ranges: bytes
x-hw: 1663497338.dop067.sk1.t,1663497338.cds242.sk1.hn,1663497338.cds217.sk1.c
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=947353
185.94.236.246200 OK 1.5 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=947353
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (400), with CRLF, LF line terminators
Hash 6f4e08d8e958b8c308db5ecdca89eac2
6b30eb13f5dedc0f1039487b8bef876073502ab4
95baa447b10724a75f4e760a855e8f1405337e9a2155207604bc484554898f7b
GET /adshow.php?adzone=947353 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=774ad11af43694622c025e063ac737f2; expires=Mon, 18-Sep-2023 10:35:37 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps8605=1; expires=Mon, 19-Sep-2022 10:35:38 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjg4NDM5OTtpOjE2NjM3NTY1Mzc7fQ%3D%3D; expires=Wed, 21-Sep-2022 10:35:37 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 21-Sep-2022 10:35:37 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/network/user47819/8605-1583019937-0419205001583019937.gif
69.16.175.42200 OK 1.1 MB URL HTTP/2 i.jads.co/network/user47819/8605-1583019937-0419205001583019937.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 160 x 600\012- data
Size 1.1 MB (1056226 bytes)
Hash d539f7b68039f13ef2bf52cf1b2de5f9
fb9b7897fd77443aa15246cfbb440283402d475d
00abbe0f8a345185a8222edc20b9e97a76bfcbba268f280508e3df79fd685ff9
GET /network/user47819/8605-1583019937-0419205001583019937.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=774ad11af43694622c025e063ac737f2; juicy_data_1=YToxOntpOjg4NDM5OTtpOjE2NjM3NTY1Mzc7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps9996=1; imps8605=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:38 GMT
etag: "1583019937"
cache-control: max-age=29951110
content-length: 1056226
content-type: image/gif
last-modified: Sat, 29 Feb 2020 23:45:37 GMT
accept-ranges: bytes
x-hw: 1663497338.dop067.sk1.t,1663497338.cds242.sk1.hn,1663497338.cds227.sk1.c
X-Firefox-Spdy: h2
firearmtire.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
192.243.61.227200 OK 29 kB URL HTTP/1.1 firearmtire.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 786ee890a0cbab4a6eac74d7546bb173
abf923e0d07c8e1a042e499a035ee21c6d782c17
266aa1fd3f66b901ad343d6a00d6e66b718c888cf9e09aace178fb65e75264ef
Analyzer Verdict Alert quad9 Sinkholed
GET /65/aa/28/65aa283021630dfd9030555c4c61a78c.js HTTP/1.1
Host: firearmtire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Cookie: u_pl=16241006; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec32ef2a2504620607fa5a59dd0d7fa048=[2229213,3637745,2229212]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 10:35:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bc0b91736ea967b2936ce4dacff4d1a7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
firearmtire.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHq3dy%2BPHzssqCCB4GD4uCTLp7Zrpn3MNijJFg3Ky7it6kuqt7Upvqrqaqq3syp8QVyXHAk54630k2uBtE%2FwCDTBZEgoeMp4Cbu0dR1KPMbHD0QfPe6%2B87fN633qd75oLYMPR8%2BR054ELQxXbDrr%2F8oePcqK%2Fx1PTr%2FY73kde6UVfFa12vYb9SfysKN%2BWiazu27dhOfYWrKJb9xakInh11nUbXbrTchtNuoa%2F%2B22tjQVMLrLggz4GzycJj6xp4OEaafL0c6c1cZq%2B%2BmRhBc6lQsMP3081UlimSeRkrC3F6eDkNqc9WjiHTgxkuZPHPYMAnxPr%2BGEF6eAmJoNifcQYCUYqAPYOyGCMSY3A6Rijvg7MzAoQMt9aRJg9uSVXSracqnaoTsvDHb%2BDlhCw8uYY0%2BWpJ8H79rhQm5zLV6McVeH8M3hsjMyfIB1fAyxOE%2BcfgjCBNKnBWzXbmfAwejyGiIai2YKYft2BiCyazkLDzeug4jm%2BzkNqdbhg2mR8FHrMd6scOdWyvAxNOsYbIsyFCMUSotpGpbWzyIZT5DnqjgmYWdD4h1rvbKFiFMiIoNUFJCUpOUOYEZVEdMKFdXT1gQpvAuczuZW5WI5n39uiBzHtRSvayC%2FLszI8%2Fz1JsRuf1phvFLnXbdstzbc%2F2Y9qm7S5jNvNjarc60LwC11dmqw74hDy%2FsoOMT8jC7k8I6Am0OEHIr4IaB7Qc%2Ba4NujFqdWwM0kf3aBEL2muEMgGTFbJ8AfmWtScuyAszjJdqPyMKT28%2BfPHof871XxCqCpmqcI8%2FJuiJ3dEdWZL9O7LU5Jv1LOcJH9Dpk93NaR7VHr4dbZVSsdVlPfzy9XAqTMuj9yKdr9GU8bSnyaMlzlikVqQKI%2FLtqv4gCm4bvbFkVGqytdtvrKwmmYq05jIdg%2FKz9b8QTvfbOZ7d4tUfPwFXYyhTITGn5DLA5QnCbBs6m9NrWYMS85kgq6E01Ui5wfyn4AQimvc0qKD%2F1Qfzek%2Fvoqdc0Pz%2B7AQLVaEQFagYQpv%2Fj%2FJMnd784fNpfIFA1EaBULX9QCjx2dTaJxPi7%2Fz61GTNz%2Bt%2Bs2lTr9t2fJ9GftByO7HnMErdlud6Hm0i15Pw%2Bu%2BDvwEAAP%2F%2FAQAA%2F%2F8qZeSBYAQAAA%3D%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 firearmtire.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHq3dy%2BPHzssqCCB4GD4uCTLp7Zrpn3MNijJFg3Ky7it6kuqt7Upvqrqaqq3syp8QVyXHAk54630k2uBtE%2FwCDTBZEgoeMp4Cbu0dR1KPMbHD0QfPe6%2B87fN633qd75oLYMPR8%2BR054ELQxXbDrr%2F8oePcqK%2Fx1PTr%2FY73kde6UVfFa12vYb9SfysKN%2BWiazu27dhOfYWrKJb9xakInh11nUbXbrTchtNuoa%2F%2B22tjQVMLrLggz4GzycJj6xp4OEaafL0c6c1cZq%2B%2BmRhBc6lQsMP3081UlimSeRkrC3F6eDkNqc9WjiHTgxkuZPHPYMAnxPr%2BGEF6eAmJoNifcQYCUYqAPYOyGCMSY3A6Rijvg7MzAoQMt9aRJg9uSVXSracqnaoTsvDHb%2BDlhCw8uYY0%2BWpJ8H79rhQm5zLV6McVeH8M3hsjMyfIB1fAyxOE%2BcfgjCBNKnBWzXbmfAwejyGiIai2YKYft2BiCyazkLDzeug4jm%2BzkNqdbhg2mR8FHrMd6scOdWyvAxNOsYbIsyFCMUSotpGpbWzyIZT5DnqjgmYWdD4h1rvbKFiFMiIoNUFJCUpOUOYEZVEdMKFdXT1gQpvAuczuZW5WI5n39uiBzHtRSvayC%2FLszI8%2Fz1JsRuf1phvFLnXbdstzbc%2F2Y9qm7S5jNvNjarc60LwC11dmqw74hDy%2FsoOMT8jC7k8I6Am0OEHIr4IaB7Qc%2Ba4NujFqdWwM0kf3aBEL2muEMgGTFbJ8AfmWtScuyAszjJdqPyMKT28%2BfPHof871XxCqCpmqcI8%2FJuiJ3dEdWZL9O7LU5Jv1LOcJH9Dpk93NaR7VHr4dbZVSsdVlPfzy9XAqTMuj9yKdr9GU8bSnyaMlzlikVqQKI%2FLtqv4gCm4bvbFkVGqytdtvrKwmmYq05jIdg%2FKz9b8QTvfbOZ7d4tUfPwFXYyhTITGn5DLA5QnCbBs6m9NrWYMS85kgq6E01Ui5wfyn4AQimvc0qKD%2F1Qfzek%2Fvoqdc0Pz%2B7AQLVaEQFagYQpv%2Fj%2FJMnd784fNpfIFA1EaBULX9QCjx2dTaJxPi7%2Fz61GTNz%2Bt%2Bs2lTr9t2fJ9GftByO7HnMErdlud6Hm0i15Pw%2Bu%2BDvwEAAP%2F%2FAQAA%2F%2F8qZeSBYAQAAA%3D%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHq3dy%2BPHzssqCCB4GD4uCTLp7Zrpn3MNijJFg3Ky7it6kuqt7Upvqrqaqq3syp8QVyXHAk54630k2uBtE%2FwCDTBZEgoeMp4Cbu0dR1KPMbHD0QfPe6%2B87fN633qd75oLYMPR8%2BR054ELQxXbDrr%2F8oePcqK%2Fx1PTr%2FY73kde6UVfFa12vYb9SfysKN%2BWiazu27dhOfYWrKJb9xakInh11nUbXbrTchtNuoa%2F%2B22tjQVMLrLggz4GzycJj6xp4OEaafL0c6c1cZq%2B%2BmRhBc6lQsMP3081UlimSeRkrC3F6eDkNqc9WjiHTgxkuZPHPYMAnxPr%2BGEF6eAmJoNifcQYCUYqAPYOyGCMSY3A6Rijvg7MzAoQMt9aRJg9uSVXSracqnaoTsvDHb%2BDlhCw8uYY0%2BWpJ8H79rhQm5zLV6McVeH8M3hsjMyfIB1fAyxOE%2BcfgjCBNKnBWzXbmfAwejyGiIai2YKYft2BiCyazkLDzeug4jm%2BzkNqdbhg2mR8FHrMd6scOdWyvAxNOsYbIsyFCMUSotpGpbWzyIZT5DnqjgmYWdD4h1rvbKFiFMiIoNUFJCUpOUOYEZVEdMKFdXT1gQpvAuczuZW5WI5n39uiBzHtRSvayC%2FLszI8%2Fz1JsRuf1phvFLnXbdstzbc%2F2Y9qm7S5jNvNjarc60LwC11dmqw74hDy%2FsoOMT8jC7k8I6Am0OEHIr4IaB7Qc%2Ba4NujFqdWwM0kf3aBEL2muEMgGTFbJ8AfmWtScuyAszjJdqPyMKT28%2BfPHof871XxCqCpmqcI8%2FJuiJ3dEdWZL9O7LU5Jv1LOcJH9Dpk93NaR7VHr4dbZVSsdVlPfzy9XAqTMuj9yKdr9GU8bSnyaMlzlikVqQKI%2FLtqv4gCm4bvbFkVGqytdtvrKwmmYq05jIdg%2FKz9b8QTvfbOZ7d4tUfPwFXYyhTITGn5DLA5QnCbBs6m9NrWYMS85kgq6E01Ui5wfyn4AQimvc0qKD%2F1Qfzek%2Fvoqdc0Pz%2B7AQLVaEQFagYQpv%2Fj%2FJMnd784fNpfIFA1EaBULX9QCjx2dTaJxPi7%2Fz61GTNz%2Bt%2Bs2lTr9t2fJ9GftByO7HnMErdlud6Hm0i15Pw%2Bu%2BDvwEAAP%2F%2FAQAA%2F%2F8qZeSBYAQAAA%3D%3D HTTP/1.1
Host: firearmtire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Cookie: u_pl=16241006; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec32ef2a2504620607fa5a59dd0d7fa048=[2229213,3637745,2229212]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 10:35:39 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cdb9343658acf3c7a776116ec81eb7a3
Strict-Transport-Security: max-age=0; includeSubdomains
firearmtire.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHqzc5iF5WWRDBw%2BBhUZDZ7s78intYXGMkGDfrrqI3qa6qntSmuqup6uqezClxUXIc8KSnzneSDe4G0T%2FAIJMFkeAh4yng5u5RFPUoMwZHHzTv%2B%2Fr7Dp%2F36n26686JD0fPlt7RfakUvdas%2B7WXPwyC67VVmbperddpfdRqXK%2BZ4rXFVt1%2FpfaWYBv6WugHvh%2F4QW1ZGhHr3rWJCZkdLgb1Rb%2FeCOtBs4Ge%2BX9tnQdLPfDinDwHycfzj70rkGyENPl6SdiNXGevvpk4RXNtUPCD99ONVJcpkpmMjYc4Pbjohrany0fQ6f4UF7r4tzGSY%2BJ9f4QoPbiARFTsTTkjBZEi4s%2BgLEYQagRJR2D6PiQ%2FJQDjuLWGNHlwS5uSbv7j0ok7JvN%2F%2FAZZjsn8kytIk69uKtmr3dXK5VKnFr24guyNILsjZO4Yef8SZHkMln8MyQnSpILk1XRmKUeQ8QhKDECtBzf5pAcXe3CZh4Sf1VgQBG2fM%2Bp3Fhlb4G0Rtbgf0HYc0MBvdeDYBGuAPBuAqQGY2UJmtrAhBzDuO9j1CpZ7sPmYeO9uoeAVSkFQWoKSEpSSoMwJyqLa58qGtnrAlXVRcJHDi7xQDXXe3aX7Ou%2BKlOxm5%2BTZ6T7%2BPE2xIc5qC6GIQxo2%2FUYr9Ft%2BO6ZN2lzk3OftmPqNDqysIO2l6ah9OSbPL28jk2Myv%2FMTInoMq47B5GVQF4CWw3bog64PGx0f%2FfTRPVrEinbrTCfgukKWzyPf9HbVOXlhivHS3BMIdnLj4YuHTwVXfwEzFTJT4Z58TNBVO8M7uiR7d3RpyTdrWS4T2aeTJ7ub01zMPXxbbJba8JUlO%2FjydTYxJvLwPWHzVZpymXYteXRTci7MsjZMkG9X7Aciuu3s%2Bk1nUpet3n5jeSXJjLBW6nQEKk%2FX%2FgKbzLd9NL3Fyz9%2BAmlGMK5C4k7IRUDqY7BsCzab0Vs9B6NmPVHmoXTV0ITR7KeSBErMahpVsP%2Bpo5netTvomhA0vz89wcJUKFQFqgaw7ulhnpmTGz98PokvEKm5YaTM3F6kjPpsutoxaW%2F%2FOlE%2Fw8qz2oLP25GIRTsSjWYjFoxHzWbks5hFC7zTYcjtmF39vf83AAAA%2F%2F8BAAD%2F%2FwhK3V9gBAAA
192.243.61.227200 OK 7 B URL HTTP/1.1 firearmtire.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHqzc5iF5WWRDBw%2BBhUZDZ7s78intYXGMkGDfrrqI3qa6qntSmuqup6uqezClxUXIc8KSnzneSDe4G0T%2FAIJMFkeAh4yng5u5RFPUoMwZHHzTv%2B%2Fr7Dp%2F36n26686JD0fPlt7RfakUvdas%2B7WXPwyC67VVmbperddpfdRqXK%2BZ4rXFVt1%2FpfaWYBv6WugHvh%2F4QW1ZGhHr3rWJCZkdLgb1Rb%2FeCOtBs4Ge%2BX9tnQdLPfDinDwHycfzj70rkGyENPl6SdiNXGevvpk4RXNtUPCD99ONVJcpkpmMjYc4Pbjohrany0fQ6f4UF7r4tzGSY%2BJ9f4QoPbiARFTsTTkjBZEi4s%2BgLEYQagRJR2D6PiQ%2FJQDjuLWGNHlwS5uSbv7j0ok7JvN%2F%2FAZZjsn8kytIk69uKtmr3dXK5VKnFr24guyNILsjZO4Yef8SZHkMln8MyQnSpILk1XRmKUeQ8QhKDECtBzf5pAcXe3CZh4Sf1VgQBG2fM%2Bp3Fhlb4G0Rtbgf0HYc0MBvdeDYBGuAPBuAqQGY2UJmtrAhBzDuO9j1CpZ7sPmYeO9uoeAVSkFQWoKSEpSSoMwJyqLa58qGtnrAlXVRcJHDi7xQDXXe3aX7Ou%2BKlOxm5%2BTZ6T7%2BPE2xIc5qC6GIQxo2%2FUYr9Ft%2BO6ZN2lzk3OftmPqNDqysIO2l6ah9OSbPL28jk2Myv%2FMTInoMq47B5GVQF4CWw3bog64PGx0f%2FfTRPVrEinbrTCfgukKWzyPf9HbVOXlhivHS3BMIdnLj4YuHTwVXfwEzFTJT4Z58TNBVO8M7uiR7d3RpyTdrWS4T2aeTJ7ub01zMPXxbbJba8JUlO%2FjydTYxJvLwPWHzVZpymXYteXRTci7MsjZMkG9X7Aciuu3s%2Bk1nUpet3n5jeSXJjLBW6nQEKk%2FX%2FgKbzLd9NL3Fyz9%2BAmlGMK5C4k7IRUDqY7BsCzab0Vs9B6NmPVHmoXTV0ITR7KeSBErMahpVsP%2Bpo5netTvomhA0vz89wcJUKFQFqgaw7ulhnpmTGz98PokvEKm5YaTM3F6kjPpsutoxaW%2F%2FOlE%2Fw8qz2oLP25GIRTsSjWYjFoxHzWbks5hFC7zTYcjtmF39vf83AAAA%2F%2F8BAAD%2F%2FwhK3V9gBAAA
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz2skRRTHqzc5iF5WWRDBw%2BBhUZDZ7s78intYXGMkGDfrrqI3qa6qntSmuqup6uqezClxUXIc8KSnzneSDe4G0T%2FAIJMFkeAh4yng5u5RFPUoMwZHHzTv%2B%2Fr7Dp%2F36n26686JD0fPlt7RfakUvdas%2B7WXPwyC67VVmbperddpfdRqXK%2BZ4rXFVt1%2FpfaWYBv6WugHvh%2F4QW1ZGhHr3rWJCZkdLgb1Rb%2FeCOtBs4Ge%2BX9tnQdLPfDinDwHycfzj70rkGyENPl6SdiNXGevvpk4RXNtUPCD99ONVJcpkpmMjYc4Pbjohrany0fQ6f4UF7r4tzGSY%2BJ9f4QoPbiARFTsTTkjBZEi4s%2BgLEYQagRJR2D6PiQ%2FJQDjuLWGNHlwS5uSbv7j0ok7JvN%2F%2FAZZjsn8kytIk69uKtmr3dXK5VKnFr24guyNILsjZO4Yef8SZHkMln8MyQnSpILk1XRmKUeQ8QhKDECtBzf5pAcXe3CZh4Sf1VgQBG2fM%2Bp3Fhlb4G0Rtbgf0HYc0MBvdeDYBGuAPBuAqQGY2UJmtrAhBzDuO9j1CpZ7sPmYeO9uoeAVSkFQWoKSEpSSoMwJyqLa58qGtnrAlXVRcJHDi7xQDXXe3aX7Ou%2BKlOxm5%2BTZ6T7%2BPE2xIc5qC6GIQxo2%2FUYr9Ft%2BO6ZN2lzk3OftmPqNDqysIO2l6ah9OSbPL28jk2Myv%2FMTInoMq47B5GVQF4CWw3bog64PGx0f%2FfTRPVrEinbrTCfgukKWzyPf9HbVOXlhivHS3BMIdnLj4YuHTwVXfwEzFTJT4Z58TNBVO8M7uiR7d3RpyTdrWS4T2aeTJ7ub01zMPXxbbJba8JUlO%2FjydTYxJvLwPWHzVZpymXYteXRTci7MsjZMkG9X7Aciuu3s%2Bk1nUpet3n5jeSXJjLBW6nQEKk%2FX%2FgKbzLd9NL3Fyz9%2BAmlGMK5C4k7IRUDqY7BsCzab0Vs9B6NmPVHmoXTV0ITR7KeSBErMahpVsP%2Bpo5netTvomhA0vz89wcJUKFQFqgaw7ulhnpmTGz98PokvEKm5YaTM3F6kjPpsutoxaW%2F%2FOlE%2Fw8qz2oLP25GIRTsSjWYjFoxHzWbks5hFC7zTYcjtmF39vf83AAAA%2F%2F8BAAD%2F%2FwhK3V9gBAAA HTTP/1.1
Host: firearmtire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Cookie: u_pl=16241006; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec32ef2a2504620607fa5a59dd0d7fa048=[2229213,3637745,2229212]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 10:35:39 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 188158709df5b9956cad66bd5fb7f4de
Strict-Transport-Security: max-age=0; includeSubdomains
firearmtire.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3uTgr4PKgggKg4dlF2TS3ZlfcQ%2FBGEeCcXfdVfQgSHVV9aQ21V1NVf%2BYzCnrguTmgCc9dd4kG9wNon%2BAi3QWRHLKeAq4uXsUf11lxuDoB833Xr93eN9X36e72RlxkdHT1Xf0QCpFF5p1t3b5Q8%2B7WluXcdav9Tutj1uNqzWTv7bUqrtXam8JtqkXfNdzXc%2F1al1pRKj7CxMRMjlc8upLbr3h171mA33zf24zB5Y64PkZeR6Sj%2BcfORchWYU4%2BmZV2M1UJ6%2B%2BGWWKptog5wfvx5uxLmJEMxgaB2F8cO6Gtifdh9Dx%2FjQudP6vMZBj4vzwEEF8cB4SQb43zRkoiBgBfxpFXkGoCpJWYPouJD8hAOO4dh1xdO%2BaNgXd%2BkelE3VM5v%2F8DbIYk%2FnHFxFHX68o2a%2Fd0ipLpY4t%2BmEJ2a8gexWS7Ajp4AJkcQSWfgLJCeKohOTldGYpK8iwghJDUOsgm3zSQRY6yBIHET%2BtMc%2Fz2i5n1O0sMbbI2yJocdej7dCjntvqIGOTWEOkyRBMDcHMNhKzjU05hMm%2Bh90oYbkDm46J8%2B42cl6iEASFJSgoQSEJipSgyMt9rqxvy3tc2Szwzrt%2F3hfLkU57u3Rfpz0Rk93kjDw33cdfJzE2xWlt0RehT%2F2m22j5bstth7RJm0ucu7wdUrfRgZUlpL0wHXUgx%2BSF7h0kckzmd35CQI9g1RGYfBY080CLUdt3QTdGjY6LQfzgNs1DRXt1piNwXSJJ55FuObvqjLw4jdG%2B8ysEO14%2BvPxH9dlHV8BMicSUuC0fEfTUzuimLsjeTV1Y8u31JJWRHNDJk91KaSrm7r8ttgpt%2BNqqHX71OpsIE3j4nrDpOo25jHuWPFiRnAvT1YYJ8t2a%2FUAENzK7sZKZOEvWb7zRXYsSI6yVOq5A5ckzFZgckyePV6e3%2BHJ3A9JUMFmJKDsm5wWpj8CSbdjkePn%2BS4dPeJd%2BgdVzMGrmCZILKLJyZPxg9lNJAiVmnAYl7H94MMO7dgc944Omd6cnmJsSuSpB1RA2e2qUJuZ4%2BccvJvUlAjU3CpSZ2wuUUZ%2BPyStzj6f7naCfYeVpbdHl7UCEoh2IRrMRCsaDZjNwWciCRd7pMKR2zC79PvgbAAD%2F%2FwEAAP%2F%2FK9M4WmAEAAA%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 firearmtire.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3uTgr4PKgggKg4dlF2TS3ZlfcQ%2FBGEeCcXfdVfQgSHVV9aQ21V1NVf%2BYzCnrguTmgCc9dd4kG9wNon%2BAi3QWRHLKeAq4uXsUf11lxuDoB833Xr93eN9X36e72RlxkdHT1Xf0QCpFF5p1t3b5Q8%2B7WluXcdav9Tutj1uNqzWTv7bUqrtXam8JtqkXfNdzXc%2F1al1pRKj7CxMRMjlc8upLbr3h171mA33zf24zB5Y64PkZeR6Sj%2BcfORchWYU4%2BmZV2M1UJ6%2B%2BGWWKptog5wfvx5uxLmJEMxgaB2F8cO6Gtifdh9Dx%2FjQudP6vMZBj4vzwEEF8cB4SQb43zRkoiBgBfxpFXkGoCpJWYPouJD8hAOO4dh1xdO%2BaNgXd%2BkelE3VM5v%2F8DbIYk%2FnHFxFHX68o2a%2Fd0ipLpY4t%2BmEJ2a8gexWS7Ajp4AJkcQSWfgLJCeKohOTldGYpK8iwghJDUOsgm3zSQRY6yBIHET%2BtMc%2Fz2i5n1O0sMbbI2yJocdej7dCjntvqIGOTWEOkyRBMDcHMNhKzjU05hMm%2Bh90oYbkDm46J8%2B42cl6iEASFJSgoQSEJipSgyMt9rqxvy3tc2Szwzrt%2F3hfLkU57u3Rfpz0Rk93kjDw33cdfJzE2xWlt0RehT%2F2m22j5bstth7RJm0ucu7wdUrfRgZUlpL0wHXUgx%2BSF7h0kckzmd35CQI9g1RGYfBY080CLUdt3QTdGjY6LQfzgNs1DRXt1piNwXSJJ55FuObvqjLw4jdG%2B8ysEO14%2BvPxH9dlHV8BMicSUuC0fEfTUzuimLsjeTV1Y8u31JJWRHNDJk91KaSrm7r8ttgpt%2BNqqHX71OpsIE3j4nrDpOo25jHuWPFiRnAvT1YYJ8t2a%2FUAENzK7sZKZOEvWb7zRXYsSI6yVOq5A5ckzFZgckyePV6e3%2BHJ3A9JUMFmJKDsm5wWpj8CSbdjkePn%2BS4dPeJd%2BgdVzMGrmCZILKLJyZPxg9lNJAiVmnAYl7H94MMO7dgc944Omd6cnmJsSuSpB1RA2e2qUJuZ4%2BccvJvUlAjU3CpSZ2wuUUZ%2BPyStzj6f7naCfYeVpbdHl7UCEoh2IRrMRCsaDZjNwWciCRd7pMKR2zC79PvgbAAD%2F%2FwEAAP%2F%2FK9M4WmAEAAA%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3uTgr4PKgggKg4dlF2TS3ZlfcQ%2FBGEeCcXfdVfQgSHVV9aQ21V1NVf%2BYzCnrguTmgCc9dd4kG9wNon%2BAi3QWRHLKeAq4uXsUf11lxuDoB833Xr93eN9X36e72RlxkdHT1Xf0QCpFF5p1t3b5Q8%2B7WluXcdav9Tutj1uNqzWTv7bUqrtXam8JtqkXfNdzXc%2F1al1pRKj7CxMRMjlc8upLbr3h171mA33zf24zB5Y64PkZeR6Sj%2BcfORchWYU4%2BmZV2M1UJ6%2B%2BGWWKptog5wfvx5uxLmJEMxgaB2F8cO6Gtifdh9Dx%2FjQudP6vMZBj4vzwEEF8cB4SQb43zRkoiBgBfxpFXkGoCpJWYPouJD8hAOO4dh1xdO%2BaNgXd%2BkelE3VM5v%2F8DbIYk%2FnHFxFHX68o2a%2Fd0ipLpY4t%2BmEJ2a8gexWS7Ajp4AJkcQSWfgLJCeKohOTldGYpK8iwghJDUOsgm3zSQRY6yBIHET%2BtMc%2Fz2i5n1O0sMbbI2yJocdej7dCjntvqIGOTWEOkyRBMDcHMNhKzjU05hMm%2Bh90oYbkDm46J8%2B42cl6iEASFJSgoQSEJipSgyMt9rqxvy3tc2Szwzrt%2F3hfLkU57u3Rfpz0Rk93kjDw33cdfJzE2xWlt0RehT%2F2m22j5bstth7RJm0ucu7wdUrfRgZUlpL0wHXUgx%2BSF7h0kckzmd35CQI9g1RGYfBY080CLUdt3QTdGjY6LQfzgNs1DRXt1piNwXSJJ55FuObvqjLw4jdG%2B8ysEO14%2BvPxH9dlHV8BMicSUuC0fEfTUzuimLsjeTV1Y8u31JJWRHNDJk91KaSrm7r8ttgpt%2BNqqHX71OpsIE3j4nrDpOo25jHuWPFiRnAvT1YYJ8t2a%2FUAENzK7sZKZOEvWb7zRXYsSI6yVOq5A5ckzFZgckyePV6e3%2BHJ3A9JUMFmJKDsm5wWpj8CSbdjkePn%2BS4dPeJd%2BgdVzMGrmCZILKLJyZPxg9lNJAiVmnAYl7H94MMO7dgc944Omd6cnmJsSuSpB1RA2e2qUJuZ4%2BccvJvUlAjU3CpSZ2wuUUZ%2BPyStzj6f7naCfYeVpbdHl7UCEoh2IRrMRCsaDZjNwWciCRd7pMKR2zC79PvgbAAD%2F%2FwEAAP%2F%2FK9M4WmAEAAA%3D HTTP/1.1
Host: firearmtire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Cookie: u_pl=16241006; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec32ef2a2504620607fa5a59dd0d7fa048=[2229213,3637745,2229212]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 10:35:39 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d8b07e80d1d8e623004bbe1d2f7bee3b
Strict-Transport-Security: max-age=0; includeSubdomains
poweredby.jads.co/adshow.php?adzone=947357
185.94.236.246200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=947357
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1332), with CRLF, LF line terminators
Hash b6769fa4cb45cd0a11e0e01b56f63076
56185522febd06e97caeea545f71c12701fda829
80d09b3770748566b841f60a879732e02bb0510d0e2ef62d9c0757fbfe0da93c
GET /adshow.php?adzone=947357 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=774ad11af43694622c025e063ac737f2; expires=Mon, 18-Sep-2023 10:35:37 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps161=1; expires=Mon, 19-Sep-2022 10:35:38 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjExOTY3Mjg7aToxNjYzNzU2NTM3O30%3D; expires=Wed, 21-Sep-2022 10:35:37 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 21-Sep-2022 10:35:37 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
simplewebanalysis.com/stats
35.157.30.157200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.157.30.157:0
File type ASCII text, with no line terminators
Hash 847ab23c8aaf6a2003a5ce2a610ab0fa
e70d298e1a59b18e99627abb9e55517e4e3011be
cf2ec2a0c72efa13185d549119dcb4b0f2140f0a3e795162174c45278492eb1f
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Connection: keep-alive
Referer: https://javflag.com/
Cookie: uid_id2=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://javflag.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/riw/hannahjames710.jpg?1663497330
104.19.241.83200 OK 9.7 kB URL HTTP/2 roomimg.stream.highwebmedia.com/riw/hannahjames710.jpg?1663497330
IP 104.19.241.83:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 480x270, components 3\012- data
Hash a8aec035342a12d9fead7ad386b22dcb
790d34839ff40647bec36ec1d82f82205a042249
56222243b747bdefe7341e6fd2f65fc165846092b295743c54e456bc70d6ea89
GET /riw/hannahjames710.jpg?1663497330 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:39 GMT
content-type: image/jpeg
content-length: 9716
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 19
last-modified: Sun, 18 Sep 2022 10:35:20 GMT
expires: Sun, 18 Sep 2022 10:36:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwgeg74xicdObv57RS1vQdyaoRKFs3b03glAzK0H00%2BFEXjefmyEhj9l4Bp5MJZIt1FSWvVend2e%2BXJ3qO%2FOSp8JQBSS%2F6L8BJPi9wbj9%2Bfe1qpb6mDR6GB%2BmaMW09FLEmzh1dHx4toZ9HmKnitaAUs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=KrjJDTz9CJUQRz9zhRVwhlg3h0JwTvWBNFxj535IthY-1663497339157-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74c96fa1ab750b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/riw/miu_mur.jpg?1663497330
104.19.241.83200 OK 8.1 kB URL HTTP/2 roomimg.stream.highwebmedia.com/riw/miu_mur.jpg?1663497330
IP 104.19.241.83:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 480x270, components 3\012- data
Hash 2c8fd311d2b51ff2d045f6825c3261a8
cb82ddb29d93e650901b5461a69d8aefebe86788
a7ed27a791526666c9d6e6a497c08f202cd05057062b3719e6f4ab04c2b9741f
GET /riw/miu_mur.jpg?1663497330 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:39 GMT
content-type: image/jpeg
content-length: 8142
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27
last-modified: Sun, 18 Sep 2022 10:35:12 GMT
expires: Sun, 18 Sep 2022 10:36:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7yf9pqHtJWTKvA%2Bf3DfTnxI6dZfbStQ3C0gtFj6Ddkf2Ei4AgLj32CpJqZLWahS%2BLU%2B%2Fi4WCPH7GhTqHdhLxzpP3lx25jtl%2B7%2B1OaGPajGUbB8RDHhyx%2FeBzokbL6w5PYWLRwbIhKdRiUG2d0pEDts%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=KrjJDTz9CJUQRz9zhRVwhlg3h0JwTvWBNFxj535IthY-1663497339157-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74c96fa1bb780b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.jads.co/network/user1037/1-1621483200-0734682001621483200.gif
69.16.175.42200 OK 40 kB URL HTTP/2 i.jads.co/network/user1037/1-1621483200-0734682001621483200.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 250 x 250\012- data
Hash b36345b7f286b840911ad3ff6f2a5f48
99202769ae0f312e50818d11ca83df459ffb4e50
d415a2f565a7372d5a5479d2992448524dcc6a1396783e1cdf71fa0b59850b52
GET /network/user1037/1-1621483200-0734682001621483200.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=774ad11af43694622c025e063ac737f2; juicy_data_1=YToxOntpOjExOTY3Mjg7aToxNjYzNzU2NTM3O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps9996=1; imps8605=1; imps161=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:39 GMT
etag: "1621483200"
cache-control: max-age=21088831
content-length: 39983
content-type: image/gif
last-modified: Thu, 20 May 2021 04:00:00 GMT
accept-ranges: bytes
x-hw: 1663497339.dop067.sk1.t,1663497339.cds242.sk1.hn,1663497339.cds232.sk1.c
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/riw/_meganmeow_.jpg?1663497330
104.19.241.83200 OK 11 kB URL HTTP/2 roomimg.stream.highwebmedia.com/riw/_meganmeow_.jpg?1663497330
IP 104.19.241.83:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 480x270, components 3\012- data
Hash dae9402915aaca986905f2b0a81c71d4
e5aa5c5ae3e63969cd76bee4c654ee9b1ac7d25d
468643978218b4acd80d373e30c5a7e6072c0de0a44f7922c895cbfbc4fa4dce
GET /riw/_meganmeow_.jpg?1663497330 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:39 GMT
content-type: image/jpeg
content-length: 11033
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 16
last-modified: Sun, 18 Sep 2022 10:35:23 GMT
expires: Sun, 18 Sep 2022 10:36:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRnVkpAQwDg%2Fklrd%2FOnpCShMRaMmHSHIe7MyqpZdkondFpHpHJUkz4h%2F3uJHTKRoB1mECfN%2BZ1vnijeKt0PFBpk5mdZ8%2FMiIqBtJohjKguWINhzaTyR0oZuVB0eGWa9yIszmk39hlQ8aQZqqVSbG5sg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=VCul.KmppHtnfrEUwwpOjd9gq_b4LIQfcwk.d8LzhkY-1663497339158-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74c96fa1ab730b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/riw/juicyandthepussyblvd.jpg?1663497330
104.19.241.83200 OK 14 kB URL HTTP/2 roomimg.stream.highwebmedia.com/riw/juicyandthepussyblvd.jpg?1663497330
IP 104.19.241.83:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Hash bc317e59200dbfcb69648b09735f7b3f
c58d385895a1b77d1f0493e36a9fe81551835f21
323497681677123df6b8184eaf40469503a2f6dd571048fc7b82154f6391e859
GET /riw/juicyandthepussyblvd.jpg?1663497330 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:39 GMT
content-type: image/jpeg
content-length: 13981
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=14001
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 23
last-modified: Sun, 18 Sep 2022 10:35:16 GMT
expires: Sun, 18 Sep 2022 10:36:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wjKGfHP%2FCyXT%2F%2BqxoiQfoBxaAWHVTobteyNOtctLJofG75OudA9et59mu523%2BsZrQSisUWPTJJnsRwFrCW1oygv48s8FLoUhPRLRazgs2WtizuhrlF5X5jCnevw%2FbCzswtuq9pLnTjRIRwk2uQKrdM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=GhoXr2h08A.JO8YEJHk7mCjtw1qxku.1tpex3PfI_lk-1663497339168-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74c96fa1ab740b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4f1279d861b2cb6f3c18f0ce4de4982d
044a5b0ba123756d3fe7fd880d43b7f8b308546b
803ad388b1ab775256ca84493cc1d2786f5c9c368092efbcff089d3e4bf6725f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "803AD388B1AB775256CA84493CC1D2786F5C9C368092EFBCFF089D3E4BF6725F"
Last-Modified: Fri, 16 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15724
Expires: Sun, 18 Sep 2022 14:57:43 GMT
Date: Sun, 18 Sep 2022 10:35:39 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9b19d20af774aa4c4de18c09845d54b9
cd0d41b4957edf5b2f7f66df082b7d1010acceb8
067f454a8ba17fba5f10b67b6a594edd9d9775beb5fb87cb6c98ff462a9f2fe1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:35:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1676347d939ffb3f9fbc756634868886
19f1e3aa1b38d90b4339306e2ed8363495bd3cc2
a5590094ba5f8bb5b0ea041f8836ee06c653085b4df6ecd27fac8bebfb030318
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4579
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:35:39 GMT
Last-Modified: Sun, 18 Sep 2022 09:19:20 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sun, 18 Sep 2022 08:41:12 GMT
expires: Sun, 18 Sep 2022 10:41:12 GMT
cache-control: public, max-age=7200
age: 6867
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 67efdbf28a797466b405a5a582cbf93b
62ff6b5a8a0612c004d53a4ee75b85b991d0bf47
e5adc3657009f518a1ca8287faa3fcd5aecc9bf058846536be1de4fd2ad85ec1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E5ADC3657009F518A1CA8287FAA3FCD5AECC9BF058846536BE1DE4FD2AD85EC1"
Last-Modified: Fri, 16 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18296
Expires: Sun, 18 Sep 2022 15:40:35 GMT
Date: Sun, 18 Sep 2022 10:35:39 GMT
Connection: keep-alive
www.facebook.com/tr?id=501600588008038&ev=PageView&noscript=1
157.240.200.35200 OK 15 kB URL HTTP/2 www.facebook.com/tr?id=501600588008038&ev=PageView&noscript=1
IP 157.240.200.35:0
Hash c46f08ee939513186e3a913e1999d7aa
b5fa29de0f25bfdbe4435dfcc2100940a47c2339
baddf5eeb3a136ed71d001a03ddd687ff9ca385cab8254584134c3696dd39f83
GET /tr?id=501600588008038&ev=PageView&noscript=1 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Sun, 18 Sep 2022 10:35:39 GMT
expires: Sun, 18 Sep 2022 10:35:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
main.exoclick.com/tag.php?goal=05f747f9753a0b4172a8faf1128a78e1
95.211.229.247200 OK 20 B URL HTTP/1.1 main.exoclick.com/tag.php?goal=05f747f9753a0b4172a8faf1128a78e1
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=05f747f9753a0b4172a8faf1128a78e1 HTTP/1.1
Host: main.exoclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A43686%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-18%22%3B%7D%7D; expires=Mon, 18 Sep 2023 10:35:39 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
main.exoclick.com/tag.php?goal=3498327ae8564a1191c4243b38616bf7
95.211.229.247200 OK 20 B URL HTTP/1.1 main.exoclick.com/tag.php?goal=3498327ae8564a1191c4243b38616bf7
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=3498327ae8564a1191c4243b38616bf7 HTTP/1.1
Host: main.exoclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A48723%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-18%22%3B%7D%7D; expires=Mon, 18 Sep 2023 10:35:39 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
main.exoclick.com/tag.php?goal=f84a30695485b0b005f7984d20b6af81
95.211.229.247200 OK 20 B URL HTTP/1.1 main.exoclick.com/tag.php?goal=f84a30695485b0b005f7984d20b6af81
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=f84a30695485b0b005f7984d20b6af81 HTTP/1.1
Host: main.exoclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A83749%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-18%22%3B%7D%7D; expires=Mon, 18 Sep 2023 10:35:39 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9b19d20af774aa4c4de18c09845d54b9
cd0d41b4957edf5b2f7f66df082b7d1010acceb8
067f454a8ba17fba5f10b67b6a594edd9d9775beb5fb87cb6c98ff462a9f2fe1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:35:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1676347d939ffb3f9fbc756634868886
19f1e3aa1b38d90b4339306e2ed8363495bd3cc2
a5590094ba5f8bb5b0ea041f8836ee06c653085b4df6ecd27fac8bebfb030318
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4579
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:35:39 GMT
Last-Modified: Sun, 18 Sep 2022 09:19:20 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 18 Sep 2022 10:35:39 GMT
via: 1.1 varnish
x-served-by: cache-bma1629-BMA
x-cache: HIT
x-cache-hits: 3147
x-timer: S1663497339.372027,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1663497320505&id=t2_a7co1m6o&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=7f8e3dcd-a144-45f6-bc2d-e23012ed3e0e&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
151.101.85.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1663497320505&id=t2_a7co1m6o&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=7f8e3dcd-a144-45f6-bc2d-e23012ed3e0e&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6
IP 151.101.85.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1663497320505&id=t2_a7co1m6o&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=7f8e3dcd-a144-45f6-bc2d-e23012ed3e0e&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Sun, 18 Sep 2022 10:35:39 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=947353
185.94.236.246200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=947353
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1332), with CRLF, LF line terminators
Hash d0c67b372302d8a513f031eef3887c66
da6e0ad38fcca1f480e15ac56cdf7e4130c27e97
dcd906be869a0f5d3c0cb69bbc95c95ee8b9f9878ce12fa7dc97afd85ab69237
GET /adshow.php?adzone=947353 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=e6df88dac37610c6735857ce4645ee03; expires=Mon, 18-Sep-2023 10:35:39 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps8605=1; expires=Mon, 19-Sep-2022 10:35:39 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjg4NDM5OTtpOjE2NjM3NTY1Mzk7fQ%3D%3D; expires=Wed, 21-Sep-2022 10:35:39 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 21-Sep-2022 10:35:39 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d447b5a4b23c8ce88d90c044cd026904
ca48b0b1d92d0718412b33eefe79bd231723821e
b494dd369813797dfa62a353fd26cfb2afd48ccb6006ff352aaf036585a584b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2456
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:35:39 GMT
Last-Modified: Sun, 18 Sep 2022 09:54:43 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
poweredby.jads.co/adshow.php?adzone=947353
185.94.236.246200 OK 1.5 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=947353
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (400), with CRLF, LF line terminators
Hash ddac321472ad1e3e4910761ee4629bc8
ddebb348655ea9a730f6042e4c9f60374430fe38
0a2fc4ac0a2ff0b5236d011c4cc8c62a1d49e7bc2c9c5fc6e0445b1be38f08fd
GET /adshow.php?adzone=947353 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=e6df88dac37610c6735857ce4645ee03; expires=Mon, 18-Sep-2023 10:35:39 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps8605=1; expires=Mon, 19-Sep-2022 10:35:39 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjg4NDM5OTtpOjE2NjM3NTY1Mzk7fQ%3D%3D; expires=Wed, 21-Sep-2022 10:35:39 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 21-Sep-2022 10:35:39 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
syndication.traffichaus.com/adserve/r.php?k=HAT&adv_id=94511&exp=25920000&dh=969205b0247754250d921d8da45875fa&bh=48c011d2648afe0455d203967aa130a5&dom=&cb=1606322079002
66.254.114.233200 OK 95 B URL HTTP/1.1 syndication.traffichaus.com/adserve/r.php?k=HAT&adv_id=94511&exp=25920000&dh=969205b0247754250d921d8da45875fa&bh=48c011d2648afe0455d203967aa130a5&dom=&cb=1606322079002
IP 66.254.114.233:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /adserve/r.php?k=HAT&adv_id=94511&exp=25920000&dh=969205b0247754250d921d8da45875fa&bh=48c011d2648afe0455d203967aa130a5&dom=&cb=1606322079002 HTTP/1.1
Host: syndication.traffichaus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:35:39 GMT
content-type: image/png
transfer-encoding: chunked
set-cookie: re_94511_SEFU=eyJ0IjoiSEFUIiwiYSI6Ijk0NTExIiwiZCI6IiIsImRoIjoiOTY5MjA1YjAyNDc3NTQyNTBkOTIxZDhkYTQ1ODc1ZmEiLCJiaCI6IjQ4YzAxMWQyNjQ4YWZlMDQ1NWQyMDM5NjdhYTEzMGE1IiwiaXAiOiI5MS45MC40Mi4xNTQiLCJlIjoxNjg5NDE3MzM5fQ%3D%3D; expires=Sat, 15-Jul-2023 10:35:39 GMT; Max-Age=25920000; path=/
RNLBSERVERID=ded4398; path=/
x-request-id: 6326F47B-42FE72E901BBA0A4-175CD76A
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 800468db07080b445e518dbd1440d97f
9a3a4e077111aab062843d7a8a1870e8ba8d5432
bcfc17d6ff1c8669a3bf17f1c1fce48da19e7b06a497a8d05f7431926fd1cff8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BCFC17D6FF1C8669A3BF17F1C1FCE48DA19E7B06A497A8D05F7431926FD1CFF8"
Last-Modified: Sat, 17 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4656
Expires: Sun, 18 Sep 2022 11:53:15 GMT
Date: Sun, 18 Sep 2022 10:35:39 GMT
Connection: keep-alive
bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=716&ck=1&ref=https://chaturbate.com/tours/3/&ap=25&be=421&fe=623&dc=502&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1663497320508,%22n%22:0,%22r%22:0,%22re%22:176,%22f%22:176,%22dn%22:176,%22dne%22:176,%22c%22:176,%22s%22:176,%22ce%22:176,%22rq%22:178,%22rp%22:366,%22rpe%22:367,%22dl%22:393,%22di%22:501,%22ds%22:501,%22de%22:506,%22dc%22:623,%22l%22:623,%22le%22:624%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFJaDA9XWFdcA1ZXBlZWChh2Yi0TFUMhJTshCU0XAwhRHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbE1pVVlAGVV9fGFxUBwcUVVIHXU5fCVQAHFIBX1VSBVxVXgsACRNNE0sEBAYWBhQbDxtZFUVJElhMSxMJTlBLVAVTQE8IAgAQSFpaFhNNE0sEExYBEBJmWFxFCV5dQ1hBIyYyGxkbQRhFUQ4MPBIGFEpcVl9DCxtSTFRGT0RMVGZVBEdQAgc8AgILUFlAE1sTdhUKBhZBShtAWG4FVE8IAQY7Fx9JUBsLQ1VcEgkXCxNEFRdMUD5eSj4EAgkKCkAXAxMtWFcUGkFIQRNYalZCPkdcExEKCw1EAxcbHUNEWD4AEQsUFVxHZlcAXFANG0FeQSBQR1xXDkkbTUAWBTwES1pOQgRDZhcHERcKCVcXAxNYBxdRQE9GFgdmRk1DCF9eQ1hBKQwcUFlVUE4EF1FCSzxSVwIVdVgPREFBGltSPFANDhlDFwsAV0xTTUMhXFZSXk4DCVBSU1VTVxlzUEMEV1YZTVpSTVYbGRtWCEVmAg0OCQoSGw8bBwAJClYHWwBbXwoDGx1DQVgTAw4XQVwbTmUTFV5MEz5BXkM6G00IYwVtG01CP0YAB1RFWFgGX2VDWEM4QShadEBkPRMVQT5BBz9EAxVlE1VtG01CP0YTOhsPGW1DAWVDTkM4QQFcW11UE20bW0I/RgU6GxkZbUNVUBIDAQgGOUpaTF8FbRtbQj9GUzobSBsdQ1RVCAUKBg8DZkZJXQhFZhUHEBAQRAMXGXMNREstBQoKISEZcUpSF0N7UEInFwAQS3cLESVCWhcQIVdDIkpWT0MjBRlDTkEBDw9eXFtdBG5KEQ4KEDwSXEZNQj5fSkNYQUQhCkxHS1QFfVYGCw0rFQNLWVhIQVVQEgEMEgYUQGpJUAZUGUNOQQUAElBDXG4SQVUIFjwQBhVNRhsLQxF7DRcRKAQPV3d%2BESVCWhcQIVBDRBUXWFIVWE8EPRAUDw9Nak1UEkVKPgwQRllEGXdVRBNDXAUuDAMKCHZDXEMNUEBBBgoXAAlPUEtIPkFYBgdDRh4b&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=716&ck=1&ref=https://chaturbate.com/tours/3/&ap=25&be=421&fe=623&dc=502&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1663497320508,%22n%22:0,%22r%22:0,%22re%22:176,%22f%22:176,%22dn%22:176,%22dne%22:176,%22c%22:176,%22s%22:176,%22ce%22:176,%22rq%22:178,%22rp%22:366,%22rpe%22:367,%22dl%22:393,%22di%22:501,%22ds%22:501,%22de%22:506,%22dc%22:623,%22l%22:623,%22le%22:624%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFJaDA9XWFdcA1ZXBlZWChh2Yi0TFUMhJTshCU0XAwhRHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbE1pVVlAGVV9fGFxUBwcUVVIHXU5fCVQAHFIBX1VSBVxVXgsACRNNE0sEBAYWBhQbDxtZFUVJElhMSxMJTlBLVAVTQE8IAgAQSFpaFhNNE0sEExYBEBJmWFxFCV5dQ1hBIyYyGxkbQRhFUQ4MPBIGFEpcVl9DCxtSTFRGT0RMVGZVBEdQAgc8AgILUFlAE1sTdhUKBhZBShtAWG4FVE8IAQY7Fx9JUBsLQ1VcEgkXCxNEFRdMUD5eSj4EAgkKCkAXAxMtWFcUGkFIQRNYalZCPkdcExEKCw1EAxcbHUNEWD4AEQsUFVxHZlcAXFANG0FeQSBQR1xXDkkbTUAWBTwES1pOQgRDZhcHERcKCVcXAxNYBxdRQE9GFgdmRk1DCF9eQ1hBKQwcUFlVUE4EF1FCSzxSVwIVdVgPREFBGltSPFANDhlDFwsAV0xTTUMhXFZSXk4DCVBSU1VTVxlzUEMEV1YZTVpSTVYbGRtWCEVmAg0OCQoSGw8bBwAJClYHWwBbXwoDGx1DQVgTAw4XQVwbTmUTFV5MEz5BXkM6G00IYwVtG01CP0YAB1RFWFgGX2VDWEM4QShadEBkPRMVQT5BBz9EAxVlE1VtG01CP0YTOhsPGW1DAWVDTkM4QQFcW11UE20bW0I/RgU6GxkZbUNVUBIDAQgGOUpaTF8FbRtbQj9GUzobSBsdQ1RVCAUKBg8DZkZJXQhFZhUHEBAQRAMXGXMNREstBQoKISEZcUpSF0N7UEInFwAQS3cLESVCWhcQIVdDIkpWT0MjBRlDTkEBDw9eXFtdBG5KEQ4KEDwSXEZNQj5fSkNYQUQhCkxHS1QFfVYGCw0rFQNLWVhIQVVQEgEMEgYUQGpJUAZUGUNOQQUAElBDXG4SQVUIFjwQBhVNRhsLQxF7DRcRKAQPV3d%2BESVCWhcQIVBDRBUXWFIVWE8EPRAUDw9Nak1UEkVKPgwQRllEGXdVRBNDXAUuDAMKCHZDXEMNUEBBBgoXAAlPUEtIPkFYBgdDRh4b&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=716&ck=1&ref=https://chaturbate.com/tours/3/&ap=25&be=421&fe=623&dc=502&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1663497320508,%22n%22:0,%22r%22:0,%22re%22:176,%22f%22:176,%22dn%22:176,%22dne%22:176,%22c%22:176,%22s%22:176,%22ce%22:176,%22rq%22:178,%22rp%22:366,%22rpe%22:367,%22dl%22:393,%22di%22:501,%22ds%22:501,%22de%22:506,%22dc%22:623,%22l%22:623,%22le%22:624%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFJaDA9XWFdcA1ZXBlZWChh2Yi0TFUMhJTshCU0XAwhRHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbE1pVVlAGVV9fGFxUBwcUVVIHXU5fCVQAHFIBX1VSBVxVXgsACRNNE0sEBAYWBhQbDxtZFUVJElhMSxMJTlBLVAVTQE8IAgAQSFpaFhNNE0sEExYBEBJmWFxFCV5dQ1hBIyYyGxkbQRhFUQ4MPBIGFEpcVl9DCxtSTFRGT0RMVGZVBEdQAgc8AgILUFlAE1sTdhUKBhZBShtAWG4FVE8IAQY7Fx9JUBsLQ1VcEgkXCxNEFRdMUD5eSj4EAgkKCkAXAxMtWFcUGkFIQRNYalZCPkdcExEKCw1EAxcbHUNEWD4AEQsUFVxHZlcAXFANG0FeQSBQR1xXDkkbTUAWBTwES1pOQgRDZhcHERcKCVcXAxNYBxdRQE9GFgdmRk1DCF9eQ1hBKQwcUFlVUE4EF1FCSzxSVwIVdVgPREFBGltSPFANDhlDFwsAV0xTTUMhXFZSXk4DCVBSU1VTVxlzUEMEV1YZTVpSTVYbGRtWCEVmAg0OCQoSGw8bBwAJClYHWwBbXwoDGx1DQVgTAw4XQVwbTmUTFV5MEz5BXkM6G00IYwVtG01CP0YAB1RFWFgGX2VDWEM4QShadEBkPRMVQT5BBz9EAxVlE1VtG01CP0YTOhsPGW1DAWVDTkM4QQFcW11UE20bW0I/RgU6GxkZbUNVUBIDAQgGOUpaTF8FbRtbQj9GUzobSBsdQ1RVCAUKBg8DZkZJXQhFZhUHEBAQRAMXGXMNREstBQoKISEZcUpSF0N7UEInFwAQS3cLESVCWhcQIVdDIkpWT0MjBRlDTkEBDw9eXFtdBG5KEQ4KEDwSXEZNQj5fSkNYQUQhCkxHS1QFfVYGCw0rFQNLWVhIQVVQEgEMEgYUQGpJUAZUGUNOQQUAElBDXG4SQVUIFjwQBhVNRhsLQxF7DRcRKAQPV3d%2BESVCWhcQIVBDRBUXWFIVWE8EPRAUDw9Nak1UEkVKPgwQRllEGXdVRBNDXAUuDAMKCHZDXEMNUEBBBgoXAAlPUEtIPkFYBgdDRh4b&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:39 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74c96fa378b51bfe-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=672173acafd4c28d; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=480&ck=1&ref=https://chaturbate.com/tours/3/&ap=24&be=386&fe=461&dc=414&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1663497320765,%22n%22:0,%22r%22:0,%22re%22:174,%22f%22:174,%22dn%22:174,%22dne%22:174,%22c%22:174,%22s%22:174,%22ce%22:174,%22rq%22:181,%22rp%22:362,%22rpe%22:364,%22dl%22:373,%22di%22:414,%22ds%22:414,%22de%22:420,%22dc%22:460,%22l%22:460,%22le%22:461%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFJaDA9XAAABAFRUVAFSDBh2Yi0TFUMhJTshCU0XAwhRHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEwhTBgBQAVAPGAECWQgUVQAHUk4HAQQJHFIHDgRbVV1VBwoFXxNNE0sEBAYWBhQbDxtZFUVJElhMSxMJTlBLVAVTQE8IAgAQSFpaFhNNE0sEExYBEBJmWFxFCV5dQ1hBIyYyGxkbQRhFUQ4MPBIGFEpcVl9DCxtSTFRGT0RMVGZVBEdQAgc8AgILUFlAE1sTdhUKBhZBShtAWG4FVE8IAQY7Fx9JUBsLQ1VcEgkXCxNEFRdMUD5eSj4EAgkKCkAXAxMtWFcUGkFIQRNYalZCPkdcExEKCw1EAxcbHUNEWD4AEQsUFVxHZlcAXFANG0FeQSBQR1xXDkkbTUAWBTwES1pOQgRDZhcHERcKCVcXAxNYBxdRQE9GFgdmRk1DCF9eQ1hBKQwcUFlVUE4EF1FCSzxSVwIVdVgPREFBGltSPFANDhlDFwsAV0xTTUMhXFZSXk4DCVBSU1VTVxlzUEMEV1YZTVpSTVYbGRtWCEVmAg0OCQoSGw8bBwAJClYHWwBbXwoDGx1DQVgTAw4XQVwbTmUTFV5MEz5BXkM6G00IYwVtG01CP0YAB1RFWFgGX2VDWEM4QShadEBkPRMVQT5BBz9EAxVlE1VtG01CP0YTOhsPGW1DAWVDTkM4QQFcW11UE20bW0I/RgU6GxkZbUNVUBIDAQgGOUpaTF8FbRtbQj9GUzobSBsdQ1RVCAUKBg8DZkZJXQhFZhUHEBAQRAMXGXMNREstBQoKISEZcUpSF0N7UEInFwAQS3cLESVCWhcQIVdDIkpWT0MjBRlDTkEBDw9eXFtdBG5KEQ4KEDwSXEZNQj5fSkNYQUQhCkxHS1QFfVYGCw0rFQNLWVhIQVVQEgEMEgYUQGpJUAZUGUNOQQUAElBDXG4SQVUIFjwQBhVNRhsLQxF7DRcRKAQPV3d%2BESVCWhcQIVBDRBUXWFIVWE8EPRAUDw9Nak1UEkVKPgwQRllEGXdVRBNDXAUuDAMKCHZDXEMNUEBBBgoXAAlPUEtIPkFYBgdDRh4b&jsonp=NREUM.setToken
162.247.241.14200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=480&ck=1&ref=https://chaturbate.com/tours/3/&ap=24&be=386&fe=461&dc=414&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1663497320765,%22n%22:0,%22r%22:0,%22re%22:174,%22f%22:174,%22dn%22:174,%22dne%22:174,%22c%22:174,%22s%22:174,%22ce%22:174,%22rq%22:181,%22rp%22:362,%22rpe%22:364,%22dl%22:373,%22di%22:414,%22ds%22:414,%22de%22:420,%22dc%22:460,%22l%22:460,%22le%22:461%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFJaDA9XAAABAFRUVAFSDBh2Yi0TFUMhJTshCU0XAwhRHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEwhTBgBQAVAPGAECWQgUVQAHUk4HAQQJHFIHDgRbVV1VBwoFXxNNE0sEBAYWBhQbDxtZFUVJElhMSxMJTlBLVAVTQE8IAgAQSFpaFhNNE0sEExYBEBJmWFxFCV5dQ1hBIyYyGxkbQRhFUQ4MPBIGFEpcVl9DCxtSTFRGT0RMVGZVBEdQAgc8AgILUFlAE1sTdhUKBhZBShtAWG4FVE8IAQY7Fx9JUBsLQ1VcEgkXCxNEFRdMUD5eSj4EAgkKCkAXAxMtWFcUGkFIQRNYalZCPkdcExEKCw1EAxcbHUNEWD4AEQsUFVxHZlcAXFANG0FeQSBQR1xXDkkbTUAWBTwES1pOQgRDZhcHERcKCVcXAxNYBxdRQE9GFgdmRk1DCF9eQ1hBKQwcUFlVUE4EF1FCSzxSVwIVdVgPREFBGltSPFANDhlDFwsAV0xTTUMhXFZSXk4DCVBSU1VTVxlzUEMEV1YZTVpSTVYbGRtWCEVmAg0OCQoSGw8bBwAJClYHWwBbXwoDGx1DQVgTAw4XQVwbTmUTFV5MEz5BXkM6G00IYwVtG01CP0YAB1RFWFgGX2VDWEM4QShadEBkPRMVQT5BBz9EAxVlE1VtG01CP0YTOhsPGW1DAWVDTkM4QQFcW11UE20bW0I/RgU6GxkZbUNVUBIDAQgGOUpaTF8FbRtbQj9GUzobSBsdQ1RVCAUKBg8DZkZJXQhFZhUHEBAQRAMXGXMNREstBQoKISEZcUpSF0N7UEInFwAQS3cLESVCWhcQIVdDIkpWT0MjBRlDTkEBDw9eXFtdBG5KEQ4KEDwSXEZNQj5fSkNYQUQhCkxHS1QFfVYGCw0rFQNLWVhIQVVQEgEMEgYUQGpJUAZUGUNOQQUAElBDXG4SQVUIFjwQBhVNRhsLQxF7DRcRKAQPV3d%2BESVCWhcQIVBDRBUXWFIVWE8EPRAUDw9Nak1UEkVKPgwQRllEGXdVRBNDXAUuDAMKCHZDXEMNUEBBBgoXAAlPUEtIPkFYBgdDRh4b&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=480&ck=1&ref=https://chaturbate.com/tours/3/&ap=24&be=386&fe=461&dc=414&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1663497320765,%22n%22:0,%22r%22:0,%22re%22:174,%22f%22:174,%22dn%22:174,%22dne%22:174,%22c%22:174,%22s%22:174,%22ce%22:174,%22rq%22:181,%22rp%22:362,%22rpe%22:364,%22dl%22:373,%22di%22:414,%22ds%22:414,%22de%22:420,%22dc%22:460,%22l%22:460,%22le%22:461%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFJaDA9XAAABAFRUVAFSDBh2Yi0TFUMhJTshCU0XAwhRHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEwhTBgBQAVAPGAECWQgUVQAHUk4HAQQJHFIHDgRbVV1VBwoFXxNNE0sEBAYWBhQbDxtZFUVJElhMSxMJTlBLVAVTQE8IAgAQSFpaFhNNE0sEExYBEBJmWFxFCV5dQ1hBIyYyGxkbQRhFUQ4MPBIGFEpcVl9DCxtSTFRGT0RMVGZVBEdQAgc8AgILUFlAE1sTdhUKBhZBShtAWG4FVE8IAQY7Fx9JUBsLQ1VcEgkXCxNEFRdMUD5eSj4EAgkKCkAXAxMtWFcUGkFIQRNYalZCPkdcExEKCw1EAxcbHUNEWD4AEQsUFVxHZlcAXFANG0FeQSBQR1xXDkkbTUAWBTwES1pOQgRDZhcHERcKCVcXAxNYBxdRQE9GFgdmRk1DCF9eQ1hBKQwcUFlVUE4EF1FCSzxSVwIVdVgPREFBGltSPFANDhlDFwsAV0xTTUMhXFZSXk4DCVBSU1VTVxlzUEMEV1YZTVpSTVYbGRtWCEVmAg0OCQoSGw8bBwAJClYHWwBbXwoDGx1DQVgTAw4XQVwbTmUTFV5MEz5BXkM6G00IYwVtG01CP0YAB1RFWFgGX2VDWEM4QShadEBkPRMVQT5BBz9EAxVlE1VtG01CP0YTOhsPGW1DAWVDTkM4QQFcW11UE20bW0I/RgU6GxkZbUNVUBIDAQgGOUpaTF8FbRtbQj9GUzobSBsdQ1RVCAUKBg8DZkZJXQhFZhUHEBAQRAMXGXMNREstBQoKISEZcUpSF0N7UEInFwAQS3cLESVCWhcQIVdDIkpWT0MjBRlDTkEBDw9eXFtdBG5KEQ4KEDwSXEZNQj5fSkNYQUQhCkxHS1QFfVYGCw0rFQNLWVhIQVVQEgEMEgYUQGpJUAZUGUNOQQUAElBDXG4SQVUIFjwQBhVNRhsLQxF7DRcRKAQPV3d%2BESVCWhcQIVBDRBUXWFIVWE8EPRAUDw9Nak1UEkVKPgwQRllEGXdVRBNDXAUuDAMKCHZDXEMNUEBBBgoXAAlPUEtIPkFYBgdDRh4b&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:39 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74c96fa38ec9b4fd-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=96b3d64e3f638268; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4f1279d861b2cb6f3c18f0ce4de4982d
044a5b0ba123756d3fe7fd880d43b7f8b308546b
803ad388b1ab775256ca84493cc1d2786f5c9c368092efbcff089d3e4bf6725f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "803AD388B1AB775256CA84493CC1D2786F5C9C368092EFBCFF089D3E4BF6725F"
Last-Modified: Fri, 16 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15724
Expires: Sun, 18 Sep 2022 14:57:43 GMT
Date: Sun, 18 Sep 2022 10:35:39 GMT
Connection: keep-alive
poweredby.jads.co/adshow.php?adzone=947366
185.94.236.246200 OK 2.0 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=947366
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1617), with CRLF, LF line terminators
Hash 600142fe1781ac2ffbe65ee24d8159c7
447412f2f6be0f71f02d06e13edac4e28a185d3f
13c4de4d44768dfa09967b1d59ae1733d0e6d77edd56cddabab0bab320042c11
GET /adshow.php?adzone=947366 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Sep 2022 10:35:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=774ad11af43694622c025e063ac737f2; expires=Mon, 18-Sep-2023 10:35:37 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps30216=1; expires=Mon, 19-Sep-2022 10:35:38 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
imps30216=1; expires=Mon, 19-Sep-2022 10:35:38 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
imps30216=1; expires=Mon, 19-Sep-2022 10:35:38 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
imps30216=1; expires=Mon, 19-Sep-2022 10:35:38 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTo0OntpOjc3NzYyMjtpOjE2NjM3NTY1Mzc7aTo3Nzc2MjM7aToxNjYzNzU2NTM3O2k6ODE2ODU2O2k6MTY2Mzc1NjUzNztpOjc3NzYzMjtpOjE2NjM3NTY1Mzc7fQ%3D%3D; expires=Wed, 21-Sep-2022 10:35:37 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 21-Sep-2022 10:35:37 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/network/user500/22249-1520958964.jpg
69.16.175.42200 OK 18 kB URL HTTP/2 i.jads.co/network/user500/22249-1520958964.jpg
IP 69.16.175.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 74842a677370f375f743a79a6eb44587
8159ca32bc7d00ccfca2bdcc9d0768a67ffb16ee
d52bb2d9afcce812fa00b905c7543b6f9f01132d43cfec0dc5e92958f59d21f5
GET /network/user500/22249-1520958964.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=774ad11af43694622c025e063ac737f2; juicy_data_1=YTo0OntpOjc3NzYyMjtpOjE2NjM3NTY1Mzc7aTo3Nzc2MjM7aToxNjYzNzU2NTM3O2k6ODE2ODU2O2k6MTY2Mzc1NjUzNztpOjc3NzYzMjtpOjE2NjM3NTY1Mzc7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps9996=1; imps8605=1; imps161=1; imps30216=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:39 GMT
etag: "1520958964"
cache-control: max-age=20924991
content-length: 17956
content-type: image/jpeg
last-modified: Tue, 13 Mar 2018 16:36:04 GMT
accept-ranges: bytes
x-hw: 1663497339.dop067.sk1.t,1663497339.cds242.sk1.hn,1663497339.cds230.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user500/22249-1520958951.jpg
69.16.175.42200 OK 31 kB URL HTTP/2 i.jads.co/network/user500/22249-1520958951.jpg
IP 69.16.175.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Hash bd8e5923a39bcfa739d75ac48cad9895
e13eb5ce8b622b3ffd1ce148d25e51e119a20ff2
b70db931b5bff2ea75c6160e402a10677592f54764c272fff80c98d0397f2e0a
GET /network/user500/22249-1520958951.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=774ad11af43694622c025e063ac737f2; juicy_data_1=YTo0OntpOjc3NzYyMjtpOjE2NjM3NTY1Mzc7aTo3Nzc2MjM7aToxNjYzNzU2NTM3O2k6ODE2ODU2O2k6MTY2Mzc1NjUzNztpOjc3NzYzMjtpOjE2NjM3NTY1Mzc7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps9996=1; imps8605=1; imps161=1; imps30216=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:39 GMT
etag: "1520958951"
cache-control: max-age=4517122
content-length: 31309
content-type: image/jpeg
last-modified: Tue, 13 Mar 2018 16:35:51 GMT
accept-ranges: bytes
x-hw: 1663497339.dop067.sk1.t,1663497339.cds242.sk1.hn,1663497339.cds230.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user500/30216-1574364969-0523738001574364969.jpg
69.16.175.42200 OK 30 kB URL HTTP/2 i.jads.co/network/user500/30216-1574364969-0523738001574364969.jpg
IP 69.16.175.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Cropped with ezgif.com GIF maker", Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 2e1079085e74730d3a749202053e9838
98f625a559963991f06c08a5124dc8479a494a67
021592f369d9c8e8e93b722cfbd80f385706de45c8f46a98e907a78a6ec67e78
GET /network/user500/30216-1574364969-0523738001574364969.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=774ad11af43694622c025e063ac737f2; juicy_data_1=YTo0OntpOjc3NzYyMjtpOjE2NjM3NTY1Mzc7aTo3Nzc2MjM7aToxNjYzNzU2NTM3O2k6ODE2ODU2O2k6MTY2Mzc1NjUzNztpOjc3NzYzMjtpOjE2NjM3NTY1Mzc7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps9996=1; imps8605=1; imps161=1; imps30216=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:39 GMT
etag: "1574364969"
cache-control: max-age=11770887
content-length: 29969
content-type: image/jpeg
last-modified: Thu, 21 Nov 2019 19:36:09 GMT
accept-ranges: bytes
x-hw: 1663497339.dop067.sk1.t,1663497339.cds242.sk1.hn,1663497339.cds240.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user500/27357-1524742191.jpg
69.16.175.42200 OK 33 kB URL HTTP/2 i.jads.co/network/user500/27357-1524742191.jpg
IP 69.16.175.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=ACDSee Pro 9, datetime=2018:04:26 13:56:03], baseline, precision 8, 300x300, components 3\012- data
Hash 0add2634873656c669cc5bda7481ae42
0754107e9679a4a46743af11bcc3cf27e28973b2
34db2ebc642424e0efdf303dff47516f536f54c15222e177254aa1e4686c275d
GET /network/user500/27357-1524742191.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=774ad11af43694622c025e063ac737f2; juicy_data_1=YTo0OntpOjc3NzYyMjtpOjE2NjM3NTY1Mzc7aTo3Nzc2MjM7aToxNjYzNzU2NTM3O2k6ODE2ODU2O2k6MTY2Mzc1NjUzNztpOjc3NzYzMjtpOjE2NjM3NTY1Mzc7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps9996=1; imps8605=1; imps161=1; imps30216=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:39 GMT
etag: "1524742191"
cache-control: max-age=10153979
content-length: 33359
content-type: image/jpeg
last-modified: Thu, 26 Apr 2018 11:29:51 GMT
accept-ranges: bytes
x-hw: 1663497339.dop067.sk1.t,1663497339.cds242.sk1.hn,1663497339.cds242.sk1.c
X-Firefox-Spdy: h2
iadoremakingpics.com/bnr/4/057/d853a2/057d853a2d53fa78342fbaec834b9712.gif
104.21.65.147200 OK 870 kB URL HTTP/2 iadoremakingpics.com/bnr/4/057/d853a2/057d853a2d53fa78342fbaec834b9712.gif
IP 104.21.65.147:0
Size 870 kB (869815 bytes)
Hash 603a40023954c0a3fb7bb0f29f359738
036036acafbb4ae373a30cf4f890a336654ffd52
d4b88d533e66758632ab016767ae36f1ef2f7e6a31a1788cc65302ffb3ab7c33
GET /bnr/4/057/d853a2/057d853a2d53fa78342fbaec834b9712.gif HTTP/1.1
Host: iadoremakingpics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:38 GMT
content-type: image/gif
content-length: 855736
last-modified: Sun, 18 Aug 2019 19:08:47 GMT
etag: "5d59a23f-d0eb8"
expires: Mon, 19 Sep 2022 10:35:38 GMT
cache-control: max-age=1382400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fh%2F7dw1GivqEoMycYhlvxRXFTx0uqpyDdkQe3tJOoCPA%2FNxvNlCIZkMdzVqjpu6Uo4j7yBi2umCblX4sVA9TYwDpWOQQBzYwRfYqSt0jfPrfT3aUUPD5oAi8uo98cPg7Rh6AHXHqjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96f9dba0cb4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=905&ck=1&ref=https://chaturbate.com/tours/3/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=905&ck=1&ref=https://chaturbate.com/tours/3/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=905&ck=1&ref=https://chaturbate.com/tours/3/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 1986
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:39 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 74c96fa489ed1bfe-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=658&ck=1&ref=https://chaturbate.com/tours/3/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=658&ck=1&ref=https://chaturbate.com/tours/3/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=658&ck=1&ref=https://chaturbate.com/tours/3/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 1986
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 10:35:39 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 74c96fa4980bb4fd-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
perryvolleyball.com/pixel/purst?dl=0&th=0&sc=0&rs=3299&rd=3299&fd=328&bv=22.8.v.2&tmpl=136
192.243.59.12200 OK 0 B URL HTTP/1.1 perryvolleyball.com/pixel/purst?dl=0&th=0&sc=0&rs=3299&rd=3299&fd=328&bv=22.8.v.2&tmpl=136
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3299&rd=3299&fd=328&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: perryvolleyball.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 18 Sep 2022 10:35:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
simplewebanalysis.com/stats
35.157.30.157200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.157.30.157:0
File type ASCII text, with no line terminators
Hash 847ab23c8aaf6a2003a5ce2a610ab0fa
e70d298e1a59b18e99627abb9e55517e4e3011be
cf2ec2a0c72efa13185d549119dcb4b0f2140f0a3e795162174c45278492eb1f
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Connection: keep-alive
Referer: https://javflag.com/
Cookie: uid_id2=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://javflag.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 1.3 kB IP 93.184.220.29:0
Hash e614fd7e8e203e98a37ad99000756e7e
dd8493587efba0626c4a73ab9a6316aecbe1d255
6910ac4bc16e4fc2377398dea863eeaafe9ecff76dc5222ac2838d9bc0c913c0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6566
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:35:39 GMT
Last-Modified: Sun, 18 Sep 2022 08:46:13 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
www.googletagmanager.com/gtm.js?id=GTM-T7RJTBH
142.250.74.72200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-T7RJTBH
IP 142.250.74.72:0
File type ASCII text, with very long lines (1767)
Hash f846a2f9d950c865b2e1ad844061b5b4
c2c83b51f6f6704baab4de40fbf45e57fbc88567
a0af5835ad7b7b4c6d1521735734346f0611ed9022d681c9c3abccdbd54d241c
GET /gtm.js?id=GTM-T7RJTBH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Sep 2022 10:35:39 GMT
expires: Sun, 18 Sep 2022 10:35:39 GMT
cache-control: private, max-age=900
last-modified: Sun, 18 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
barnabaslinger.com/e92baac9f9527ad976b281842138525b/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 barnabaslinger.com/e92baac9f9527ad976b281842138525b/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26947), with no line terminators
Hash 143b22836ff4b1fa91a94e45474dce86
9efb55435860e9796d4256c96d00d0d861ad0a53
6133709751d4aa136914f02e8ec489f534808b386061e6e472476f18c0d1ec18
GET /e92baac9f9527ad976b281842138525b/invoke.js HTTP/1.1
Host: barnabaslinger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 10:35:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 423a267061787174744eff0db673c8a9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
35.157.30.157200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.157.30.157:0
File type ASCII text, with no line terminators
Hash 847ab23c8aaf6a2003a5ce2a610ab0fa
e70d298e1a59b18e99627abb9e55517e4e3011be
cf2ec2a0c72efa13185d549119dcb4b0f2140f0a3e795162174c45278492eb1f
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Connection: keep-alive
Referer: https://javflag.com/
Cookie: uid_id2=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://javflag.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
highlevelcount.com/index.min.js?pk=135245fd163282a65181f02743b60cc2
104.21.30.122404 Not Found 4.3 kB URL HTTP/2 highlevelcount.com/index.min.js?pk=135245fd163282a65181f02743b60cc2
IP 104.21.30.122:0
File type ASCII text, with very long lines (11569), with no line terminators
Hash 7016a73bf4f10be9c6b6c0392448a5e1
b22bdfd6b7513afed08b4f88a8a5c098e4646079
485d096d5599d190304c994508353ef18ea7fedeeb692e77005e7f1af7a6099c
GET /index.min.js?pk=135245fd163282a65181f02743b60cc2 HTTP/1.1
Host: highlevelcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sun, 18 Sep 2022 10:35:39 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIoIbZ3vfXk5UAdVBC0BmdgaZtcgbn%2F0eIGcGli3guIIdJmEroa0j3cQGTI36vbyzk5xDVWYK87JZe8p22nnPpED5I0ijwthK6CTLlp6Q8R%2F%2FquM7fkk3ZZGSkl1Xb2WOT7aJfA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96f9ded71b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1173167019&utmhn=taraa.xyz&utmt=event&utme=5(Ad*Paid*Success)(1)8(User)9(14455383)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1602487981&utmr=-&utmp=%2F14455383%2Fm.nyaal.com%2Fgoto%2Fturb.pw%2Fjnyi7NCuzFx8.rar&utmht=1663497321938&utmac=UA-6469700-20&utmcc=__utma%3D15539635.373561648.1663497317.1663497317.1663497317.1%3B%2B__utmz%3D15539635.1663497317.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.174200 OK 35 B URL HTTP/1.1 www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1173167019&utmhn=taraa.xyz&utmt=event&utme=5(Ad*Paid*Success)(1)8(User)9(14455383)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1602487981&utmr=-&utmp=%2F14455383%2Fm.nyaal.com%2Fgoto%2Fturb.pw%2Fjnyi7NCuzFx8.rar&utmht=1663497321938&utmac=UA-6469700-20&utmcc=__utma%3D15539635.373561648.1663497317.1663497317.1663497317.1%3B%2B__utmz%3D15539635.1663497317.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /__utm.gif?utmwv=5.7.2&utms=2&utmn=1173167019&utmhn=taraa.xyz&utmt=event&utme=5(Ad*Paid*Success)(1)8(User)9(14455383)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1602487981&utmr=-&utmp=%2F14455383%2Fm.nyaal.com%2Fgoto%2Fturb.pw%2Fjnyi7NCuzFx8.rar&utmht=1663497321938&utmac=UA-6469700-20&utmcc=__utma%3D15539635.373561648.1663497317.1663497317.1663497317.1%3B%2B__utmz%3D15539635.1663497317.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://taraa.xyz/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Sun, 18 Sep 2022 08:57:57 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 5863
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
creepingbrings.com/sfp.js
104.21.234.233200 OK 23 kB URL HTTP/2 creepingbrings.com/sfp.js
IP 104.21.234.233:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 8a8bf7b37a982faa30955ebfa41101b5
ab36f8de160837b4da971c9b3214238bc5d456e8
651efad12f00881503df9169c7f57d8c52de7b67edd7ad696a03b1bc6dcba074
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f583923c20703a172823644f769d7692
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 18 Sep 2022 10:35:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0z76EvatgPNy3pBEls6Wcv%2BV4gwmcn6Dhsnzs9KkCm2%2BRFthBlXD3gmUlwDXmB04q7HR02z05qXHJ3Oet8ae3hHE%2BHdSK89cu8GUZjziE4INRWjAlDynYqdP4T9RxTHraWWiNA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fa68a5edc41-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3e2e577a7fc4970376dbfd80a995d44b
eefb3005508254330ba450114b18c07f940b99e9
741d21141f4e333de1c0b43c01ead62830134ff415602f9bde6057410e25e203
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741D21141F4E333DE1C0B43C01EAD62830134FF415602F9BDE6057410E25E203"
Last-Modified: Fri, 16 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14568
Expires: Sun, 18 Sep 2022 14:38:28 GMT
Date: Sun, 18 Sep 2022 10:35:40 GMT
Connection: keep-alive
perryvolleyball.com/watch.1534025342355.js?key=e92baac9f9527ad976b281842138525b&kw=%5B%22javflag%22%2C%22-%22%2C%22japanese%22%2C%22porn%22%2C%22asian%22%2C%22porn%22%2C%22porn%22%2C%22torrent%22%2C%22javjunkies%22%2C%22javdb%22%2C%22bt%22%2C%22av%22%2C%22jav%22%5D&refer=http%3A%2F%2Ftaraa.xyz%2F&tz=0&dev=r&res=12.29&uuid=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b%3A1%3A1
192.243.59.12307 Temporary Redirect 0 B URL HTTP/1.1 perryvolleyball.com/watch.1534025342355.js?key=e92baac9f9527ad976b281842138525b&kw=%5B%22javflag%22%2C%22-%22%2C%22japanese%22%2C%22porn%22%2C%22asian%22%2C%22porn%22%2C%22porn%22%2C%22torrent%22%2C%22javjunkies%22%2C%22javdb%22%2C%22bt%22%2C%22av%22%2C%22jav%22%5D&refer=http%3A%2F%2Ftaraa.xyz%2F&tz=0&dev=r&res=12.29&uuid=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b%3A1%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1534025342355.js?key=e92baac9f9527ad976b281842138525b&kw=%5B%22javflag%22%2C%22-%22%2C%22japanese%22%2C%22porn%22%2C%22asian%22%2C%22porn%22%2C%22porn%22%2C%22torrent%22%2C%22javjunkies%22%2C%22javdb%22%2C%22bt%22%2C%22av%22%2C%22jav%22%5D&refer=http%3A%2F%2Ftaraa.xyz%2F&tz=0&dev=r&res=12.29&uuid=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b%3A1%3A1 HTTP/1.1
Host: perryvolleyball.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Sun, 18 Sep 2022 10:35:40 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://javflag.com
Access-Control-Allow-Origin: https://javflag.com
Access-Control-Allow-Credentials: true
Location: https://perryvolleyball.com/watch.1534025342355.js?key=e92baac9f9527ad976b281842138525b&kw=%5B%22javflag%22%2C%22-%22%2C%22japanese%22%2C%22porn%22%2C%22asian%22%2C%22porn%22%2C%22porn%22%2C%22torrent%22%2C%22javjunkies%22%2C%22javdb%22%2C%22bt%22%2C%22av%22%2C%22jav%22%5D&refer=http%3A%2F%2Ftaraa.xyz%2F&tz=0&dev=r&res=12.29&uuid=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b%3A1%3A1&shu=4866636f3d79a260313fb206d6b58ebc63e090cbd9d0acc07dcdd763d366334ec9330a7a0dbb224515761ee245ab73a7bf65fef74dd5629b644c680dd27cb71edf60c6be4e42bf5519efb58185a7063e782d2fae&pst=1663497400&rmtc=t
Set-Cookie: u_pl=16240982; expires=Mon, 19 Sep 2022 10:35:40 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI0MDk4MiwiayI6ImU5MmJhYWM5Zjk1MjdhZDk3NmIyODE4NDIxMzg1MjViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTI1Mzc3LCJwaWQiOjI5NzE3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJxaDNhdnkxYSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3RhcmFhLnh5ei8ifX0.S6cniQTwW6tL1EC6UH59KoWwDTMJ83Jw6GCEtSpTsTs; expires=Sun, 18 Sep 2022 10:36:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7f02020fed6aa26a2c9bf2d7f4e97fcb
Strict-Transport-Security: max-age=0; includeSubdomains
panel.javflag.com/storage/3YQmj1AQOwcUXPeh1EQxyJLQZcXlYlFOChmKVxAV.jpg
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/3YQmj1AQOwcUXPeh1EQxyJLQZcXlYlFOChmKVxAV.jpg
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/3YQmj1AQOwcUXPeh1EQxyJLQZcXlYlFOChmKVxAV.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 10:35:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 11:35:40 GMT
Location: https://panel.javflag.com/storage/3YQmj1AQOwcUXPeh1EQxyJLQZcXlYlFOChmKVxAV.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwjN%2FaFJjywsaFPvpJp680iw%2BYprB8PO9JEQIcDfeMdgI0tIn62evTpjhELrA1RPElnAO%2FsVoaKarczW%2BsPix7DlucBaZikh8nt9eUsC95tPs5wM36k3FfFXVt0er3f1BUbMCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96fa9ad84b50f-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/PoRin55x9bUP9E1DHKoFVDZX9MekYIabk46kInQm.jpg
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/PoRin55x9bUP9E1DHKoFVDZX9MekYIabk46kInQm.jpg
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/PoRin55x9bUP9E1DHKoFVDZX9MekYIabk46kInQm.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 10:35:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 11:35:40 GMT
Location: https://panel.javflag.com/storage/PoRin55x9bUP9E1DHKoFVDZX9MekYIabk46kInQm.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2Bf2dj1n%2FWr3ZuumJkEYGVuV%2Bv11C%2F5atQ%2FKSb%2BJi9rFrncIBN1%2FE8GHFhkj1fTpSCo42XbdO6ZjazaXGJQHO8ZkEQGwQWVUDQ1I6Z7XM4jmGQl72PtcpbOvRSVnOTNo5g6OFg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96fa9bbbfb527-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/eY2fCOHVZ9wcS9KtCSnYXPifxvkR8WFjQZRw4ZiH.jpg
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/eY2fCOHVZ9wcS9KtCSnYXPifxvkR8WFjQZRw4ZiH.jpg
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/eY2fCOHVZ9wcS9KtCSnYXPifxvkR8WFjQZRw4ZiH.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 10:35:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 11:35:40 GMT
Location: https://panel.javflag.com/storage/eY2fCOHVZ9wcS9KtCSnYXPifxvkR8WFjQZRw4ZiH.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRQkXO32FiWyAa2TdVa9aSTcpoDVaD2%2BVmLji8%2BmCikvVzJLutCgOFZkg0ivulrN5rpTSqKU4o%2BZi8nL%2FncT9WeQD%2BPRoXzRj0CgbTbjn2GPLxuCKDQA5SUD2vtCGULnqmZeoA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96fa9cd97b50f-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/xzlMAZmVIB750NLh6tAFhe0xEzgLxmeglbPQ1W2f.jpg
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/xzlMAZmVIB750NLh6tAFhe0xEzgLxmeglbPQ1W2f.jpg
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/xzlMAZmVIB750NLh6tAFhe0xEzgLxmeglbPQ1W2f.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 10:35:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 11:35:40 GMT
Location: https://panel.javflag.com/storage/xzlMAZmVIB750NLh6tAFhe0xEzgLxmeglbPQ1W2f.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4uUfJTXmuzehkKagUGyweYdLe9puOdRmc13xEg8YNw7dKIAd751xTvunTsGxMLQjVKwgyvAREgSU5TQNCu2p1adcnUtxb2K1EtqID89atQ5LZ6n%2B4ZTsWbkdfsxGBoTeIRrmA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96fa9b9e1b4ee-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/qUw1O2CUHvqxCbRTO6WBq94mT28j8qw3x9fxtmfq.jpg
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/qUw1O2CUHvqxCbRTO6WBq94mT28j8qw3x9fxtmfq.jpg
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/qUw1O2CUHvqxCbRTO6WBq94mT28j8qw3x9fxtmfq.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 10:35:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 11:35:40 GMT
Location: https://panel.javflag.com/storage/qUw1O2CUHvqxCbRTO6WBq94mT28j8qw3x9fxtmfq.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5r9N7VKvlZOisZ3Ad3OKkb424rhVkHXu8jyqGbzPDipz%2Bf53Utk7QFEwcqyEgN8JVzrkoprNPfDOW2UprmgJsQkLRkB5MDcYV5Wt3mzXgOd7ZxbMvIdht%2BqQzNrhsMR6Pa4aDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96fa9b832b51e-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/yG77Cn1Prr8IDpzwDCTgk8uEVkZSj8ExieiLHwD9.jpg
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/yG77Cn1Prr8IDpzwDCTgk8uEVkZSj8ExieiLHwD9.jpg
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/yG77Cn1Prr8IDpzwDCTgk8uEVkZSj8ExieiLHwD9.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 10:35:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 11:35:40 GMT
Location: https://panel.javflag.com/storage/yG77Cn1Prr8IDpzwDCTgk8uEVkZSj8ExieiLHwD9.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5BMycAO%2ByARvHzdnggww1cxvNNT0zkXjpSuqwBsAmnrwhjDe%2BY0KvmQwOBd1t1eO24ifls9LiD8b7XqBfP9mQjNAvkysdfaxawYzPvsB3ljKD31JNmlUOnvDKNbzoXmUYPzog%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96fa9cbdbb527-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/K0FUKQx9jng8MHxNEcgvF8eeyZqddE7WfrC6RcLS.jpg
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/K0FUKQx9jng8MHxNEcgvF8eeyZqddE7WfrC6RcLS.jpg
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/K0FUKQx9jng8MHxNEcgvF8eeyZqddE7WfrC6RcLS.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 10:35:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 11:35:40 GMT
Location: https://panel.javflag.com/storage/K0FUKQx9jng8MHxNEcgvF8eeyZqddE7WfrC6RcLS.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQUyx%2FKuPn7YGmdHbwsOsQYiBBsYLuoS4bE5obdu%2FRGaW7u9U3z6tJzCfJLyXKNnQGZa0DfY9itJspwxoECZ5iH2ylyXw5pOMcsriBQgb6stEnhlb5axx8JAbFR9Bp%2B%2BjZ0Wvw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96fa9c9f4b4ee-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/Tyn20wOBFCRuO6WgzSJcjDEoz4DH3vDQ0CxumB7e.jpg
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/Tyn20wOBFCRuO6WgzSJcjDEoz4DH3vDQ0CxumB7e.jpg
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/Tyn20wOBFCRuO6WgzSJcjDEoz4DH3vDQ0CxumB7e.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 10:35:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 11:35:40 GMT
Location: https://panel.javflag.com/storage/Tyn20wOBFCRuO6WgzSJcjDEoz4DH3vDQ0CxumB7e.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vd%2BrJct56wR5auEuM1FMGLftcNsNftIevJxYaXGzNw4siA%2FfdKNSjVM%2F%2FN2reBcFfOz6jUbbG9hb79IoWfPp7XPB1biqy6IcJt%2FM7RMY8RuTeGOApEm7dWlR%2Fyvx5yJ2w%2BQfhg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96fa9cda7b50f-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/1ZZSxkd9T8nVzVvogGqwALtoS3iHJxyGXBQlAeul.jpg
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/1ZZSxkd9T8nVzVvogGqwALtoS3iHJxyGXBQlAeul.jpg
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/1ZZSxkd9T8nVzVvogGqwALtoS3iHJxyGXBQlAeul.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 10:35:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 11:35:40 GMT
Location: https://panel.javflag.com/storage/1ZZSxkd9T8nVzVvogGqwALtoS3iHJxyGXBQlAeul.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJRsR3h%2Bw88VUlOVG3IThAI83nSZhIdgluu%2BuzkuHtY%2FGiee8bAX5wUYcQsfAy8nkHWABePMrGLlQ2gfLADJbUc3rmSeqxlQjL%2BAODrPo%2F9TmS6v0nDggMkGrMkNHR1soegvpA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96fa9ba49b51d-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/b6vOoZJFB7X2jTJUHyGINrlL2IBTx41mqDrS6evR.png
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/b6vOoZJFB7X2jTJUHyGINrlL2IBTx41mqDrS6evR.png
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/b6vOoZJFB7X2jTJUHyGINrlL2IBTx41mqDrS6evR.png HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 10:35:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 11:35:40 GMT
Location: https://panel.javflag.com/storage/b6vOoZJFB7X2jTJUHyGINrlL2IBTx41mqDrS6evR.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7jcocUZrEhwbCub70vaNsefcazbTEWoXuy5XIo%2FIulbvjqo5fRebc0e3b7mcj0DGs8Wpi3hXXvXw%2BklhEdLPE6cykq3Jsuh5e4pJL55ZncdzqLQOwDr5OIMm%2FGNeI8uUlUGhA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96fa9dbf2b527-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/myQS65RwwRqywcSLlnmWCCSyicFgGWlzLzDfkdb5.jpg
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/myQS65RwwRqywcSLlnmWCCSyicFgGWlzLzDfkdb5.jpg
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/myQS65RwwRqywcSLlnmWCCSyicFgGWlzLzDfkdb5.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 10:35:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 11:35:40 GMT
Location: https://panel.javflag.com/storage/myQS65RwwRqywcSLlnmWCCSyicFgGWlzLzDfkdb5.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1kx3tL2KO%2BB5cQ85FCICGVZC%2BLgzNRKAvtJM%2F0xmjYzQEYMRvFnzrSijepbKkxybrxOHWjmA2Os%2BsaGaq4yG3UkcYMwg8JxI4LB4Kkl8TF8dgRO%2BIEeGGQh7FVGhAY62UMPQg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96fa9ddb7b50f-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/KPVsD1WW4yq2NUwe0gx3qET8P59XT0q0zlZTZ7mb.jpg
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/KPVsD1WW4yq2NUwe0gx3qET8P59XT0q0zlZTZ7mb.jpg
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/KPVsD1WW4yq2NUwe0gx3qET8P59XT0q0zlZTZ7mb.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 10:35:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 11:35:40 GMT
Location: https://panel.javflag.com/storage/KPVsD1WW4yq2NUwe0gx3qET8P59XT0q0zlZTZ7mb.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIs0eJg8GDTuSFAAJk8XzAzrKqAOMftTbAjKFUaTDfWeBr%2BnYQqcPA4E0hifxOaYai%2Fs7MyKbi%2BcKS21vfwwvS%2F%2F%2FYSVAWPy5Bjx%2FBSlys%2BsyFhQQ8fTStCRafCQwH9yQcWZkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96fa9d859b51e-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/A6IpM5FHh1p9Ai4zrcMWTlW73Zhj9KauiRMOymRj.png
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/A6IpM5FHh1p9Ai4zrcMWTlW73Zhj9KauiRMOymRj.png
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/A6IpM5FHh1p9Ai4zrcMWTlW73Zhj9KauiRMOymRj.png HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 10:35:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 11:35:40 GMT
Location: https://panel.javflag.com/storage/A6IpM5FHh1p9Ai4zrcMWTlW73Zhj9KauiRMOymRj.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxUd0NeOXSPSvCFqiEQkZ8aIdQwbIsai7rrrAJ48bIiSUy7G6vPWsM1I5HqXmMvVgn3PKmfkXvF%2BvOKP%2BAJDla0BtmzaHnW2i61dKQIqO9yNWetQPSbGoAH8YgtKsqh4EyjZ%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96fa9d9fcb4ee-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/E4Lt5dzPSN3EBGxTcyyKEBYRqezboTHUEtc53vrU.jpg
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/E4Lt5dzPSN3EBGxTcyyKEBYRqezboTHUEtc53vrU.jpg
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/E4Lt5dzPSN3EBGxTcyyKEBYRqezboTHUEtc53vrU.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 10:35:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 11:35:40 GMT
Location: https://panel.javflag.com/storage/E4Lt5dzPSN3EBGxTcyyKEBYRqezboTHUEtc53vrU.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msScBxkrP%2F3Zw0KhSrq8P1Fii7TdS6SSjdQtOwotCpOE3hVi8xhwEI15xN13xvk6MohCFTSGU1y44MGZWGOxor10v0hxbufn9NTBxlDkl3CpQnCa0vdSG8M2sf%2B%2FJf5nhqhIZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96fa9dbfeb527-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/RRibWBxPi06SBYnglcc2wLsk3WwoqAsEzGZBtSKE.jpg
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/RRibWBxPi06SBYnglcc2wLsk3WwoqAsEzGZBtSKE.jpg
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/RRibWBxPi06SBYnglcc2wLsk3WwoqAsEzGZBtSKE.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 10:35:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 11:35:40 GMT
Location: https://panel.javflag.com/storage/RRibWBxPi06SBYnglcc2wLsk3WwoqAsEzGZBtSKE.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRB7TDNvsKk8tQZxYADznO0N%2BJhT4J7ro0WrQkkxOA1tSKiE96W5GkCyAYOtazjgolPRqDqiPp0XPm5QqZpfU9tHJm4NUWGz8U0ileMPA8G9VAuXa4f%2B%2F%2B%2FILSBbj%2Fokydn11A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96fa9da73b51d-OSL
alt-svc: h2=":443"; ma=60
panel.javflag.com/storage/ug6k7XiAmR6EZWo5a6qICLugor2fCY5S2ujk4ugg.jpg
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 panel.javflag.com/storage/ug6k7XiAmR6EZWo5a6qICLugor2fCY5S2ujk4ugg.jpg
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /storage/ug6k7XiAmR6EZWo5a6qICLugor2fCY5S2ujk4ugg.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 10:35:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 11:35:40 GMT
Location: https://panel.javflag.com/storage/ug6k7XiAmR6EZWo5a6qICLugor2fCY5S2ujk4ugg.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3ktRFayKVT1giwPLrkygp0dcxgyCvbxvows8n%2Fra9GbTavDYVO8ZXpC7gKfEBxUvkapJ0D5uyaqHynH1JCZ5d%2Fuuv%2FpDn8y94EmpON9MFnLBEvqvVAKTlITu13%2B9WhD3HZ1Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c96fa9add50b69-OSL
alt-svc: h2=":443"; ma=60
c0.jdbstatic.com/covers/ak/akBaBp.jpg
172.64.201.23200 OK 144 kB URL HTTP/2 c0.jdbstatic.com/covers/ak/akBaBp.jpg
IP 172.64.201.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x535, components 3\012- data
Size 144 kB (144362 bytes)
Hash fb09942746a5bb689d9f4cb5a12691c1
8d6707904474533bccf9dd66bdce91aa277067a4
6c1df91a61313d0ae22bc9ee5b0cedc52cf4eef4c1c62267a37d46831f45e6c8
GET /covers/ak/akBaBp.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: image/jpeg
content-length: 144362
last-modified: Wed, 07 Sep 2022 09:20:16 GMT
etag: "fb09942746a5bb689d9f4cb5a12691c1"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 952108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzV%2BQo9x7LbhtuE%2BKjAY28MzNSGpmlD5mk9DP8CsGg2wYAii4xuRZx7RMr34dVr29%2BQHW2nQVXtYiljNqeuOWUXY425PA9eOT%2F%2BA%2BBGXtsyj0tCW%2Bbts0qsnGVZ1vyTfBZ1V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 74c96faa593c75e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/covers/yr/yr0VPA.jpg
172.64.201.23200 OK 138 kB URL HTTP/2 c0.jdbstatic.com/covers/yr/yr0VPA.jpg
IP 172.64.201.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x535, components 3\012- data
Size 138 kB (138501 bytes)
Hash e784aab115d3b7091def75c55bcd8329
c12451d87a88df4d4acef1dda1d8e77aaa9e6e52
e26e72484be41c7679d1e53ae8929359ecdacd144b50ce64d915604baf409892
GET /covers/yr/yr0VPA.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: image/jpeg
content-length: 138501
last-modified: Tue, 06 Sep 2022 09:16:19 GMT
etag: "e784aab115d3b7091def75c55bcd8329"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1038653
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwhJc51GDE%2F%2BsGUFWJglZrucLjE4keASPdGgEXVQ9CcMjJ433GXIGhKtSl0g%2FWrLabsLsVFmpB0T5ldrmxCC8f99SWTwyg4WwrAiF9H%2F%2FeYX6R%2BZXJtPlJOXNzGP0F2ooeJT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 74c96faa796d75e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/ek/eKpmmM_l_1.jpg
172.64.201.23200 OK 75 kB URL HTTP/2 c0.jdbstatic.com/samples/ek/eKpmmM_l_1.jpg
IP 172.64.201.23:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x534, components 3\012- data
Hash eac26cb8864617c6c5a3fa82359ef58f
981bdb2b77ba062a735e6d201e2a3eb31fab1b28
a432a9f0e04fd879b6e0cdfb99d0a7c15de2862cf649a74cf275209a7ee71598
GET /samples/ek/eKpmmM_l_1.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: image/jpeg
content-length: 75290
last-modified: Mon, 22 Aug 2022 09:31:35 GMT
etag: "eac26cb8864617c6c5a3fa82359ef58f"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1353826
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Hi6WvT5xm3EcdxhLtgHD46YIZ7awPl1kuU0kQEbM9arRqnl42JDFKtTs%2B8hZU%2FJryqRczXKerHAS16b4gcGLEw3eZh6cZhm5aPrWo3Zlx8Hz7T9vJV%2F%2FBOx3Ws0ptKpqHhk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 74c96faa696975e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/ek/eKpmmM_l_0.jpg
172.64.201.23200 OK 86 kB URL HTTP/2 c0.jdbstatic.com/samples/ek/eKpmmM_l_0.jpg
IP 172.64.201.23:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x534, components 3\012- data
Hash 3f65f5207da9d56a1146e838b01b6607
55507623e20ad434402037bfb46de850732acff8
1e1c38780e03d11dec02d6c4bd9f92c04db7a0cdfd30014a57c5f822845b8366
GET /samples/ek/eKpmmM_l_0.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: image/jpeg
content-length: 85594
last-modified: Mon, 22 Aug 2022 09:31:33 GMT
etag: "3f65f5207da9d56a1146e838b01b6607"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1353826
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KN3h7%2F%2FbIhO3QLzP%2B%2FtN6TkQA8R5wdx34sXKFG02rZE6IOWDEepVRIQKjR4SdWj72761w7%2B%2FkGICVxzSDGPmY8kkxxKdIIVmPpvIfvbzCZr4pVgYe4OC9zk3FM9pEyRzKNtA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 74c96faa696875e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/covers/e2/E2dadA.jpg
172.64.201.23200 OK 134 kB URL HTTP/2 c0.jdbstatic.com/covers/e2/E2dadA.jpg
IP 172.64.201.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x535, components 3\012- data
Size 134 kB (133935 bytes)
Hash 6d55943fdc9333706d106d0017d99fae
d5c7286a5ea3a34de8c096d6c1caa5fe95cd141e
92101fa30c3dfdf2199605724db016aaf897e12807f6af9bcdc8049e6af11d6b
GET /covers/e2/E2dadA.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: image/jpeg
content-length: 133935
last-modified: Wed, 07 Sep 2022 09:19:44 GMT
etag: "6d55943fdc9333706d106d0017d99fae"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 952107
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifSFRo2Wx1JGX83bIcdFiEMVBbCf8n1WE8uf9nKQQSflHK7QUXW561wde34czvzQLKVsOvIf7pIr%2FbY0dmJQHQ2%2BbNw64%2B8CxRr9%2F%2BIvosUHzw65FzqvRePPecSkAZNhyf3%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 74c96faa594375e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/b8/B8KXy9_l_1.jpg
172.64.201.23200 OK 135 kB URL HTTP/2 c0.jdbstatic.com/samples/b8/B8KXy9_l_1.jpg
IP 172.64.201.23:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Size 135 kB (134828 bytes)
Hash 5562ada171608dac28f1a76f6a889aab
072df3176ebc2684b7081ab8b766a09385cae14b
ebdaf0d1d647a530b62f3f51ca8664637db70410681c0323ad085620a16e28d3
GET /samples/b8/B8KXy9_l_1.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: image/jpeg
content-length: 134828
last-modified: Thu, 15 Sep 2022 21:05:27 GMT
etag: "5562ada171608dac28f1a76f6a889aab"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 31536
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKPX2DwyxVBU8LLEfL5lOmBqSfc6PtKVNIHeCEtC3MTzpS%2BEUky2RcGlrn8in7hl1D0Zq6gAPiOu0An8EHmTqeuM3xVf0obCfHzMAN6pBXeOaJxR7HwUDYD69BXHsbmt%2B3fI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 74c96faa594b75e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/covers/1b/1Bydyw.jpg
172.64.201.23200 OK 152 kB URL HTTP/2 c0.jdbstatic.com/covers/1b/1Bydyw.jpg
IP 172.64.201.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x535, components 3\012- data
Size 152 kB (152404 bytes)
Hash b588a0af8abb667f48917d06e47c469f
15bab121995059c356090364d90bafc1ef52eb40
bff2abca76f7c78e0a437cdd7a7211cf376c3ee379ad8ae670cdd7c6d78a8668
GET /covers/1b/1Bydyw.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: image/jpeg
content-length: 152404
last-modified: Wed, 07 Sep 2022 09:21:02 GMT
etag: "b588a0af8abb667f48917d06e47c469f"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 952110
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWi%2FD1QjwX5Xvql0614%2F6WfTvXR2mSkZqv%2FSmQfKJ0%2BcnvZE0T7Zq7cR5iqKO07iWs%2FQGEpdYpfr7L3XPu3ns%2F3Zc5L1XXi43IZ%2Bjp1xyiiNQSg1yo74v0yDN2VpGEQPllYP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 74c96faa594075e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/covers/vd/vDZEZG.jpg
172.64.201.23200 OK 142 kB URL HTTP/2 c0.jdbstatic.com/covers/vd/vDZEZG.jpg
IP 172.64.201.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x535, components 3\012- data
Size 142 kB (141790 bytes)
Hash a9beb8a8b71aa25365144706f975fb87
c7fcae5f329d1695d7ac48de0b89ca6f4d3b3061
a37baba8f9ac9ef6e9ab2293a288f36620f67aa272532395e97593a08f25f9a4
GET /covers/vd/vDZEZG.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: image/jpeg
content-length: 141790
last-modified: Wed, 07 Sep 2022 09:21:16 GMT
etag: "a9beb8a8b71aa25365144706f975fb87"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 875520
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wwzwr2LqDlWOo82aB5Wvxy6D6pme3CaEvUUZYI3AUo6aV2JOT5gLMf7vyy1cQaWFcp9woRVbqOPwoZF5uXz7UhjYdOtO%2BNxDW3CWUGQZ3u1naK%2FmmCKXb%2FhIAmxrxB1VYTx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 74c96faa594275e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/d4/d4Rq85_l_1.jpg
172.64.201.23200 OK 132 kB URL HTTP/2 c0.jdbstatic.com/samples/d4/d4Rq85_l_1.jpg
IP 172.64.201.23:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Size 132 kB (132368 bytes)
Hash 9ab50897e5f87061c867c1eafac2c6c5
591893fff800e7892628c8a65c5488766689b09c
983941adc121e5181a53406d59327109b133cac7740bb937917bf8ee055f0c1a
GET /samples/d4/d4Rq85_l_1.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: image/jpeg
content-length: 132368
last-modified: Thu, 15 Sep 2022 21:04:45 GMT
etag: "9ab50897e5f87061c867c1eafac2c6c5"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 79076
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZonzY9obTjvii9lx3zhDCQ3tzOki41XvHSZypIop4SBOVc0wiND3TwNN5i2S8zTUfchhuXkI7fD%2BXmqufdjiOO707uVUUAzLT9Fb7WUvEDf4clanGqqp8VGPaBzdrssE1VJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 74c96faa696675e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/d4/d4Rq85_l_0.jpg
172.64.201.23200 OK 137 kB URL HTTP/2 c0.jdbstatic.com/samples/d4/d4Rq85_l_0.jpg
IP 172.64.201.23:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Size 137 kB (136684 bytes)
Hash cf54fb65e04e7ded0aa26e54aff57ab5
21b1848c9eaf92611a4972a49f4f8aa420ae1ae8
0f7f9b8470b2ae1330844ed3e19a871293a7fbf443b79e000324bd52ac9176c0
GET /samples/d4/d4Rq85_l_0.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: image/jpeg
content-length: 136684
last-modified: Thu, 15 Sep 2022 21:04:43 GMT
etag: "cf54fb65e04e7ded0aa26e54aff57ab5"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 79076
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxJjfUgEhxC3Z3c8SyNIppe7n9P%2F99uHI9JwBFAfXh6i5bBfCeO7eVt2vMcAACD27ock2nbV6esVG3GEkxOUcDIWYnJvmkUl65vr9V0%2BuSUsJ0xes49rTtIW6FEEsQuqq6PM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 74c96faa696375e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/covers/65/65ere9.jpg
172.64.201.23200 OK 133 kB URL HTTP/2 c0.jdbstatic.com/covers/65/65ere9.jpg
IP 172.64.201.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x535, components 3\012- data
Size 133 kB (132842 bytes)
Hash cf18b157a630c1f28f7f9b539c436585
7db08c81efd34b9f5ae09be8c4ffc8aa6099be86
4c848e9c128f947160d51cce94a1aa292f1cf2e11c0770768649dc55b26922a2
GET /covers/65/65ere9.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: image/jpeg
content-length: 132842
last-modified: Wed, 07 Sep 2022 09:19:27 GMT
etag: "cf18b157a630c1f28f7f9b539c436585"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 952107
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDcaIpQT1fgCfZb5HKtjvbHmXonYMWVTATSpPs%2FKVZQwSfQvwlBoF8jihwFxBLU%2FwRS3L8lrQW9jqXCI6w2aCkeBmxfN6ZK7GcmYyNBk66IerApTYraITcMudvuvqpa1O%2FK0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 74c96faa797275e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/covers/ek/eKpmmM.jpg
172.64.201.23200 OK 147 kB URL HTTP/2 c0.jdbstatic.com/covers/ek/eKpmmM.jpg
IP 172.64.201.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x535, components 3\012- data
Size 147 kB (147378 bytes)
Hash 2c949b970c0be93075a4997b114f5bb7
5b0f407aacb300db6418e1875a883d1ebc8edf0c
d508e084ee8be11ecaf05dc9274a4cb24e20fd0ebfc1410e8a065c85a9d456bf
GET /covers/ek/eKpmmM.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: image/jpeg
content-length: 147378
last-modified: Mon, 22 Aug 2022 09:31:31 GMT
etag: "2c949b970c0be93075a4997b114f5bb7"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1362170
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4ErHHnJWNGtEEf82BSrQ9o0VUQ%2FGRm2gZD2ywLWalPoI3tg9hKggow3LSKv1PILeeqFyOvzQonvW%2BynfsDPAjA7%2FfWVAPVniI9CethTTlxlJNQuNFEq2ScdqDOr6lNFpgVB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 74c96faa696775e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/covers/b8/B8KXy9.jpg
172.64.201.23200 OK 196 kB URL HTTP/2 c0.jdbstatic.com/covers/b8/B8KXy9.jpg
IP 172.64.201.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x536, components 3\012- data
Size 196 kB (196518 bytes)
Hash f283da9e23ce3500545d7b9b987966d7
b2ad56472e7cc49e8cd40f1c4e52f3359e1037dd
d49cfd3ea2a05cc9e0f08a055c5f393c8fbdad539eeb7189d516812967feb4dc
GET /covers/b8/B8KXy9.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: image/jpeg
content-length: 196518
last-modified: Wed, 31 Aug 2022 09:47:40 GMT
etag: "f283da9e23ce3500545d7b9b987966d7"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 66215
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39cHo5AVG2M5xH7TXQlStI85FwhJe5hfLDny%2FUh23ESRZlc40dCTyzzrnqBIoXB0JlQ3%2F7uyaBPHYdyuMIEWOXQ7dPXuW8jTKzAqheQ75B75XYuE4xzlSHMmeJBOGYeOoZ4X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 74c96faa594675e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/covers/d4/d4Rq85.jpg
172.64.201.23200 OK 189 kB URL HTTP/2 c0.jdbstatic.com/covers/d4/d4Rq85.jpg
IP 172.64.201.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x536, components 3\012- data
Size 189 kB (188565 bytes)
Hash 9a58e68ffe7e8015f94c12cdf95e9ae2
3ea3a55d367b7cad58a3ffbe0b95d0dca674beaa
d69ef254ac90d7589220861e247fc895d4fac1785d50d20dd4190dcbd598f217
GET /covers/d4/d4Rq85.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: image/jpeg
content-length: 188565
last-modified: Wed, 31 Aug 2022 09:47:31 GMT
etag: "9a58e68ffe7e8015f94c12cdf95e9ae2"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 79828
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipOjK2g53Nm3W8Opth7YGyWc6H7Pn25XO1u5%2FD186Wdad1mTss03tTzlsCCUoC8oEJ4on5C5l3pX4dUbJUtmZqmb%2B8znkzmxIYF3CY6AyLz9W4CBD6AYBgCLoSP9Ygy7XfpC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 74c96faa594c75e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/covers/d2/D24q4a.jpg
172.64.201.23200 OK 164 kB URL HTTP/2 c0.jdbstatic.com/covers/d2/D24q4a.jpg
IP 172.64.201.23:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x535, components 3\012- data
Size 164 kB (163620 bytes)
Hash e575cea15681d456b03da75036d2060c
fa380ad564b207a9e81e5972eebd227ddeb1f6fa
ac79b2486193a5a5b82cc3403e50c5859410aeb58d69ccdc480d0cca0322ab41
GET /covers/d2/D24q4a.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: image/jpeg
content-length: 163620
last-modified: Wed, 07 Sep 2022 09:20:47 GMT
etag: "e575cea15681d456b03da75036d2060c"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 952109
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXtw%2FeNKwQO6QzptRaHBmet338A45AMNyaRZMcSexHne5wK5JEGF6caRItZv9%2BsriQwg4ZPDdLN9SEX2xuLRHkSktCqWyhJYdI6SSy%2F1R1ETRf9af0Y%2BY4GqevTg8bs1nAzR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 74c96faa797775e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.jdbstatic.com/samples/b8/B8KXy9_l_0.jpg
172.64.201.23200 OK 216 kB URL HTTP/2 c0.jdbstatic.com/samples/b8/B8KXy9_l_0.jpg
IP 172.64.201.23:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 566x800, components 3\012- data
Size 216 kB (216348 bytes)
Hash 15a8377d6f6ce4f618c2af646633316a
395a10e5f72610d72cfad5dd7a9359c009f93611
d2de1392a595fb71f3646adb944edcb1245a4db98143579ae93926870c907cc5
GET /samples/b8/B8KXy9_l_0.jpg HTTP/1.1
Host: c0.jdbstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: image/jpeg
content-length: 216348
last-modified: Thu, 15 Sep 2022 21:05:25 GMT
etag: "15a8377d6f6ce4f618c2af646633316a"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 28750
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNM0o4LwfcQ%2FZ7340BwEt%2BRrrM7bw0ajg7FXIWdAgpHB1AD3y2naSlnNvwuOFxXNEmG509vHFZdr2tPmMKOGRBNGBUKB0UfulQ9%2F57yEpdmvAgGXdbIyE3FyfHGU1q5UB4PH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 74c96faa594975e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
perryvolleyball.com/watch.1534025342355.js?key=e92baac9f9527ad976b281842138525b&kw=%5B%22javflag%22%2C%22-%22%2C%22japanese%22%2C%22porn%22%2C%22asian%22%2C%22porn%22%2C%22porn%22%2C%22torrent%22%2C%22javjunkies%22%2C%22javdb%22%2C%22bt%22%2C%22av%22%2C%22jav%22%5D&refer=http%3A%2F%2Ftaraa.xyz%2F&tz=0&dev=r&res=12.29&uuid=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b%3A1%3A1&shu=4866636f3d79a260313fb206d6b58ebc63e090cbd9d0acc07dcdd763d366334ec9330a7a0dbb224515761ee245ab73a7bf65fef74dd5629b644c680dd27cb71edf60c6be4e42bf5519efb58185a7063e782d2fae&pst=1663497400&rmtc=t
192.243.59.12200 OK 2.4 kB URL HTTP/1.1 perryvolleyball.com/watch.1534025342355.js?key=e92baac9f9527ad976b281842138525b&kw=%5B%22javflag%22%2C%22-%22%2C%22japanese%22%2C%22porn%22%2C%22asian%22%2C%22porn%22%2C%22porn%22%2C%22torrent%22%2C%22javjunkies%22%2C%22javdb%22%2C%22bt%22%2C%22av%22%2C%22jav%22%5D&refer=http%3A%2F%2Ftaraa.xyz%2F&tz=0&dev=r&res=12.29&uuid=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b%3A1%3A1&shu=4866636f3d79a260313fb206d6b58ebc63e090cbd9d0acc07dcdd763d366334ec9330a7a0dbb224515761ee245ab73a7bf65fef74dd5629b644c680dd27cb71edf60c6be4e42bf5519efb58185a7063e782d2fae&pst=1663497400&rmtc=t
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (3076)
Hash 740da537d600d424936730ec8aab92af
90d797c5d84423b39512ec642bb079d566b33057
ca4d6fde343411662e122ac7b981ef6b85555572c0456c79ea8e0a6f9af3388e
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1534025342355.js?key=e92baac9f9527ad976b281842138525b&kw=%5B%22javflag%22%2C%22-%22%2C%22japanese%22%2C%22porn%22%2C%22asian%22%2C%22porn%22%2C%22porn%22%2C%22torrent%22%2C%22javjunkies%22%2C%22javdb%22%2C%22bt%22%2C%22av%22%2C%22jav%22%5D&refer=http%3A%2F%2Ftaraa.xyz%2F&tz=0&dev=r&res=12.29&uuid=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b%3A1%3A1&shu=4866636f3d79a260313fb206d6b58ebc63e090cbd9d0acc07dcdd763d366334ec9330a7a0dbb224515761ee245ab73a7bf65fef74dd5629b644c680dd27cb71edf60c6be4e42bf5519efb58185a7063e782d2fae&pst=1663497400&rmtc=t HTTP/1.1
Host: perryvolleyball.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Referer: https://javflag.com/
Connection: keep-alive
Cookie: u_pl=16240982; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI0MDk4MiwiayI6ImU5MmJhYWM5Zjk1MjdhZDk3NmIyODE4NDIxMzg1MjViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTI1Mzc3LCJwaWQiOjI5NzE3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJxaDNhdnkxYSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3RhcmFhLnh5ei8ifX0.S6cniQTwW6tL1EC6UH59KoWwDTMJ83Jw6GCEtSpTsTs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 18 Sep 2022 10:35:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://javflag.com
Access-Control-Allow-Origin: https://javflag.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b:1:1; expires=Sun, 25 Sep 2022 10:35:40 GMT; secure; SameSite=None
iprc3e3c42540839109ce60ce276fd628ea4=3569681; expires=Sun, 18 Sep 2022 14:35:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 19 Sep 2022 10:35:40 GMT; secure; SameSite=None
uncs=1; expires=Mon, 19 Sep 2022 10:35:40 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 19 Sep 2022 10:35:40 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 19 Sep 2022 10:35:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f624b163dfaedc206f25635b04300e48
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
panel.javflag.com/storage/1ZZSxkd9T8nVzVvogGqwALtoS3iHJxyGXBQlAeul.jpg
188.114.97.1200 OK 57 kB URL HTTP/2 panel.javflag.com/storage/1ZZSxkd9T8nVzVvogGqwALtoS3iHJxyGXBQlAeul.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 377x538, components 3\012- data
Hash 0dd7201fb4a0a133a822958207d15a73
b003bd5a0b7c45e153b12445236937a77b40a692
e5e40f177efff59a13c4bae295b2f797f8098d41ac4f631fa6fcd19353335c41
GET /storage/1ZZSxkd9T8nVzVvogGqwALtoS3iHJxyGXBQlAeul.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=E915d0MYXA1iROJp55NGSQxsawhtKVFoIBln6Hk1ZuE-1663497340-0-AT3MXY31o2QpoxR3T9iJnIEKvAqvd2/OPMTm9xbW0VF+n8hHD0NGooNzSSbdX9HtO8z4R2xoETfoYOymN53PnFtB+Xx1wg41Dw8eGNAHXwaZQ51+c0MIK4s1UujmudxuaQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 56768
last-modified: Sat, 02 Oct 2021 14:57:48 GMT
etag: "6158736c-ddc0"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlIOcRHQ3aQAMrMfGoXmj3fuYlK76yDOGUqvpf%2Fz2MPKKibnM49cEOZX%2BnTYkBgcEJx4sBea%2BpiBvzu98T9Sig6FbcpCd5qgRCVsqV12lX76qB8FEiWCWXaD1Etiwv7iKOVZsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fad1b750b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
panel.javflag.com/storage/KPVsD1WW4yq2NUwe0gx3qET8P59XT0q0zlZTZ7mb.jpg
188.114.97.1200 OK 96 kB URL HTTP/2 panel.javflag.com/storage/KPVsD1WW4yq2NUwe0gx3qET8P59XT0q0zlZTZ7mb.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 377x538, components 3\012- data
Hash f31e94ef8eb9f2f931b9e1befdf8e19c
e3670ce0b059805e41e58c1b347a558469c2c0b4
c8ab155b1a64578b6ad8af6889d49ef3175a5b1803298da0851458b65deb3a2a
GET /storage/KPVsD1WW4yq2NUwe0gx3qET8P59XT0q0zlZTZ7mb.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=E915d0MYXA1iROJp55NGSQxsawhtKVFoIBln6Hk1ZuE-1663497340-0-AT3MXY31o2QpoxR3T9iJnIEKvAqvd2/OPMTm9xbW0VF+n8hHD0NGooNzSSbdX9HtO8z4R2xoETfoYOymN53PnFtB+Xx1wg41Dw8eGNAHXwaZQ51+c0MIK4s1UujmudxuaQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 96496
last-modified: Wed, 01 Sep 2021 16:11:15 GMT
etag: "612fa623-178f0"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFcZP37zcpjXWxh%2Fk39iK1sjtwpbLRFFSsEIMKZHXjaKVZfsD1WbwCo65S%2B9R9p0S%2BivO2md2eON4zuYQCHQRvKSlPrbK%2BqjCaECPiNOEYvFb%2FsAex2VhMuUYWr2OhEst5%2FdzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fad1b760b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
panel.javflag.com/storage/xzlMAZmVIB750NLh6tAFhe0xEzgLxmeglbPQ1W2f.jpg
188.114.97.1200 OK 58 kB URL HTTP/2 panel.javflag.com/storage/xzlMAZmVIB750NLh6tAFhe0xEzgLxmeglbPQ1W2f.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 375x538, components 3\012- data
Hash 48f9f0d5e0fa6ed65b5a10fa9f392e7e
c8adbc3217acfcd594b37d906d5a2ef1631d54c8
ac8e02ad59edf5ecf88a4e645ff3fc0fa424c5b2930439e618091d87961eb201
GET /storage/xzlMAZmVIB750NLh6tAFhe0xEzgLxmeglbPQ1W2f.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=E915d0MYXA1iROJp55NGSQxsawhtKVFoIBln6Hk1ZuE-1663497340-0-AT3MXY31o2QpoxR3T9iJnIEKvAqvd2/OPMTm9xbW0VF+n8hHD0NGooNzSSbdX9HtO8z4R2xoETfoYOymN53PnFtB+Xx1wg41Dw8eGNAHXwaZQ51+c0MIK4s1UujmudxuaQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 58526
last-modified: Sat, 02 Oct 2021 14:59:03 GMT
etag: "615873b7-e49e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixbMoUqjUxpmNzE8K9%2F33WU3LU1ml3VRvXixNbRyZX%2BUmFe0aXKzo%2FUwR6iCzHZydXHvuOzx22b7cR76DNW4BE6vR%2FO7LglS7AbzFF6FLBk2inBYvHBEaLXrMWJNTUtoN%2FeMCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fad1b6e0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
panel.javflag.com/storage/qUw1O2CUHvqxCbRTO6WBq94mT28j8qw3x9fxtmfq.jpg
188.114.97.1200 OK 62 kB URL HTTP/2 panel.javflag.com/storage/qUw1O2CUHvqxCbRTO6WBq94mT28j8qw3x9fxtmfq.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 376x535, components 3\012- data
Hash e60289d817fa0943ed64aeb973e61728
f0652f1bcee311083d3cf8d0d89d0a7f40957d4b
2c2a3d3c77139dc7f4c6b9b34e0bc8d0319ed7526624bd7461d2f83a53b33646
GET /storage/qUw1O2CUHvqxCbRTO6WBq94mT28j8qw3x9fxtmfq.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=E915d0MYXA1iROJp55NGSQxsawhtKVFoIBln6Hk1ZuE-1663497340-0-AT3MXY31o2QpoxR3T9iJnIEKvAqvd2/OPMTm9xbW0VF+n8hHD0NGooNzSSbdX9HtO8z4R2xoETfoYOymN53PnFtB+Xx1wg41Dw8eGNAHXwaZQ51+c0MIK4s1UujmudxuaQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 61575
last-modified: Sun, 12 Sep 2021 15:23:39 GMT
etag: "613e1b7b-f087"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ED7sVOsUDX5BFUOsgAqfYzVaD9%2BHIEY4%2Bm106go2gHQcK%2F64Sie7d3yNo%2BTZn6WpV4RBNZkK60UASOb%2B57vdxZhMP%2BpaUbBoLHInXme%2F%2BLfS49Z3iq%2F0MKv8Fp2RZcXdwwxhiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fad1b700b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
panel.javflag.com/storage/yG77Cn1Prr8IDpzwDCTgk8uEVkZSj8ExieiLHwD9.jpg
188.114.97.1200 OK 63 kB URL HTTP/2 panel.javflag.com/storage/yG77Cn1Prr8IDpzwDCTgk8uEVkZSj8ExieiLHwD9.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 377x538, components 3\012- data
Hash 16d28979de224d50ce9d1010a924ef62
e48e2705ea1e2f6540ba92b77727699876543901
9e60f8f3178cc67af5025e9ebcf35329778ab60a080718206ff9fec983248d74
GET /storage/yG77Cn1Prr8IDpzwDCTgk8uEVkZSj8ExieiLHwD9.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=E915d0MYXA1iROJp55NGSQxsawhtKVFoIBln6Hk1ZuE-1663497340-0-AT3MXY31o2QpoxR3T9iJnIEKvAqvd2/OPMTm9xbW0VF+n8hHD0NGooNzSSbdX9HtO8z4R2xoETfoYOymN53PnFtB+Xx1wg41Dw8eGNAHXwaZQ51+c0MIK4s1UujmudxuaQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 63322
last-modified: Sat, 18 Sep 2021 16:17:05 GMT
etag: "61461101-f75a"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7Qv1Vcam7JnMRob9Y5rG%2Bvq5eJjYsDvKxd3TuOFcCakiC31P35IEId3Qzu1ld5t0ipq1%2F2cNYJq4ZzO8EjB%2Fb2nvMlrM3cPvh%2BR%2FAb3ju1W%2BN%2BzQc6KzzL%2BdTLUTIgFem%2FDAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fad1b710b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
panel.javflag.com/storage/E4Lt5dzPSN3EBGxTcyyKEBYRqezboTHUEtc53vrU.jpg
188.114.97.1200 OK 84 kB URL HTTP/2 panel.javflag.com/storage/E4Lt5dzPSN3EBGxTcyyKEBYRqezboTHUEtc53vrU.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 354x538, components 3\012- data
Hash d25f845d57d3773e55a0fd259f85273e
228bb2c955d64c954541eb5c4da1f5614326e258
ca7dfc33f10e3c60b50a26a8bfa28147b5e933472b43e704738f804eb2fef297
GET /storage/E4Lt5dzPSN3EBGxTcyyKEBYRqezboTHUEtc53vrU.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=E915d0MYXA1iROJp55NGSQxsawhtKVFoIBln6Hk1ZuE-1663497340-0-AT3MXY31o2QpoxR3T9iJnIEKvAqvd2/OPMTm9xbW0VF+n8hHD0NGooNzSSbdX9HtO8z4R2xoETfoYOymN53PnFtB+Xx1wg41Dw8eGNAHXwaZQ51+c0MIK4s1UujmudxuaQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 84268
last-modified: Sat, 02 Oct 2021 14:51:25 GMT
etag: "615871ed-1492c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jR2fC9DlMFD497NtUIAl9t9fAao3pLfZ3tn%2FqENrkOBkVoFVu9NFMjI5AwdTkaZ8i%2F6HMH3rfC3XKmjUE9Jp0EY8iS9am2OOW2WUeCRRJQ2b1DxBjSV0FYaQuWKkVYvYFTG4mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fad1b7c0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
panel.javflag.com/storage/RRibWBxPi06SBYnglcc2wLsk3WwoqAsEzGZBtSKE.jpg
188.114.97.1200 OK 74 kB URL HTTP/2 panel.javflag.com/storage/RRibWBxPi06SBYnglcc2wLsk3WwoqAsEzGZBtSKE.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 376x538, components 3\012- data
Hash a177fcb2069ecd0f40405036100cefa0
7ef219cf8f3d2318fb40c9545faa9cdcbea20483
bca0462c642544fe955eafe78461a1f163823940e36cb2f35b59339e8ac82786
GET /storage/RRibWBxPi06SBYnglcc2wLsk3WwoqAsEzGZBtSKE.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=E915d0MYXA1iROJp55NGSQxsawhtKVFoIBln6Hk1ZuE-1663497340-0-AT3MXY31o2QpoxR3T9iJnIEKvAqvd2/OPMTm9xbW0VF+n8hHD0NGooNzSSbdX9HtO8z4R2xoETfoYOymN53PnFtB+Xx1wg41Dw8eGNAHXwaZQ51+c0MIK4s1UujmudxuaQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 73812
last-modified: Sat, 02 Oct 2021 14:50:04 GMT
etag: "6158719c-12054"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzuJOk2Ut3i%2BlhVzmGmQpFINnYHbhf%2Fqd6MfNNcqQ%2BkKtcCFlxaq%2B3ztyHCifgZRQfuwGqqOicbhrhfktuvrDDMppyQfp9EEDFo3ULZvls4Xh6xkDVPb7csmg3qMRyklqA0WFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fad2b800b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
panel.javflag.com/storage/eY2fCOHVZ9wcS9KtCSnYXPifxvkR8WFjQZRw4ZiH.jpg
188.114.97.1200 OK 101 kB URL HTTP/2 panel.javflag.com/storage/eY2fCOHVZ9wcS9KtCSnYXPifxvkR8WFjQZRw4ZiH.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 379x538, components 3\012- data
Size 101 kB (101237 bytes)
Hash ceb9e47f03a7517db7a1d6c9669a48bf
b8f9810dbaa19f040c2b3464966c6f758bc08b3b
b691cb9b4261b66d36a594715e0c3e08f1836cc56dd59a75a7cc5d6e78d079a0
GET /storage/eY2fCOHVZ9wcS9KtCSnYXPifxvkR8WFjQZRw4ZiH.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=E915d0MYXA1iROJp55NGSQxsawhtKVFoIBln6Hk1ZuE-1663497340-0-AT3MXY31o2QpoxR3T9iJnIEKvAqvd2/OPMTm9xbW0VF+n8hHD0NGooNzSSbdX9HtO8z4R2xoETfoYOymN53PnFtB+Xx1wg41Dw8eGNAHXwaZQ51+c0MIK4s1UujmudxuaQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 101237
last-modified: Sat, 18 Sep 2021 16:13:14 GMT
etag: "6146101a-18b75"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FvDA8z37lNuOn4sqAaaZ5cr6DjspFAAR3vUQp6dgLRVxb1HqKFfboPkaRIdur2X4y1eqLPj51cXeCudar4w7lGIKzzPs%2B580vNZolnqIp2odH%2BWI2jdPo7NNT%2Bg8kPduITxiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fad2b8b0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b417168037cd02cb414797a2fe8a898f
504f56151849a7bfcd36d7e72b39ead79a69bfe8
39238b70192886874fc0362dbf5e2b017f71760665c5d1025d75e4a304ded1f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:35:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
panel.javflag.com/storage/myQS65RwwRqywcSLlnmWCCSyicFgGWlzLzDfkdb5.jpg
188.114.97.1200 OK 70 kB URL HTTP/2 panel.javflag.com/storage/myQS65RwwRqywcSLlnmWCCSyicFgGWlzLzDfkdb5.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 374x538, components 3\012- data
Hash 0ebaed9e64bd55ccbf4467f789c4acbd
15f68bb404044411cfb391bf4300b745b2f31b15
be2b999669f9fe8e96c6e8d7c02a6ea7d4e74dd52dc85f137282abaae7ac74f2
GET /storage/myQS65RwwRqywcSLlnmWCCSyicFgGWlzLzDfkdb5.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=E915d0MYXA1iROJp55NGSQxsawhtKVFoIBln6Hk1ZuE-1663497340-0-AT3MXY31o2QpoxR3T9iJnIEKvAqvd2/OPMTm9xbW0VF+n8hHD0NGooNzSSbdX9HtO8z4R2xoETfoYOymN53PnFtB+Xx1wg41Dw8eGNAHXwaZQ51+c0MIK4s1UujmudxuaQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 69663
last-modified: Sat, 02 Oct 2021 14:48:01 GMT
etag: "61587121-1101f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67%2BKrEzjYFLxJ2gSI%2FWWm0yNdjRFuokLKMrhsbyudL7aN5ihe67BtHVwNJo48RYJDJDT0kpGC227KXa6ZHQSxZoyCeEEbDLkcMqqXbmy893ZoErxhfDPeDMKij1Vc7O%2BS9mFOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fad1b6c0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
panel.javflag.com/storage/K0FUKQx9jng8MHxNEcgvF8eeyZqddE7WfrC6RcLS.jpg
188.114.97.1200 OK 71 kB URL HTTP/2 panel.javflag.com/storage/K0FUKQx9jng8MHxNEcgvF8eeyZqddE7WfrC6RcLS.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 393x566, components 3\012- data
Hash c42aad0fd71e3c3dbc80b82e275b04d7
1c0bc88cb89b12d29e285a736c46f3e2be7aba7d
ff9f67583f0b9aecc859f1d2c20bbbdda06c9a8a7eae8e78897c23b25dc2578d
GET /storage/K0FUKQx9jng8MHxNEcgvF8eeyZqddE7WfrC6RcLS.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=E915d0MYXA1iROJp55NGSQxsawhtKVFoIBln6Hk1ZuE-1663497340-0-AT3MXY31o2QpoxR3T9iJnIEKvAqvd2/OPMTm9xbW0VF+n8hHD0NGooNzSSbdX9HtO8z4R2xoETfoYOymN53PnFtB+Xx1wg41Dw8eGNAHXwaZQ51+c0MIK4s1UujmudxuaQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 71154
last-modified: Wed, 01 Sep 2021 16:10:23 GMT
etag: "612fa5ef-115f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQSvFqALQo0TOTm0KbgJ17dDe6IqXx87I%2BehR2s0gUbfe1RC1tic37UQ5P9sssCsaI2Hf6qnZu7jjsaMp13svAZqUJmac%2BcTBHLu%2FGEUE%2B6gnFS0g%2FfYoiejmCzxkSloSACXFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fad1b720b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
panel.javflag.com/storage/ug6k7XiAmR6EZWo5a6qICLugor2fCY5S2ujk4ugg.jpg
188.114.97.1200 OK 76 kB URL HTTP/2 panel.javflag.com/storage/ug6k7XiAmR6EZWo5a6qICLugor2fCY5S2ujk4ugg.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 377x538, components 3\012- data
Hash 426e2a059f24520284dd5f6e6c785537
aef1a6a9254e957e1e1ee2b286a8df61b96ee09b
78d9e5f38e6e6a376cf285980c2efadedadeb095225fc284414e1a5578f6aa6d
GET /storage/ug6k7XiAmR6EZWo5a6qICLugor2fCY5S2ujk4ugg.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=E915d0MYXA1iROJp55NGSQxsawhtKVFoIBln6Hk1ZuE-1663497340-0-AT3MXY31o2QpoxR3T9iJnIEKvAqvd2/OPMTm9xbW0VF+n8hHD0NGooNzSSbdX9HtO8z4R2xoETfoYOymN53PnFtB+Xx1wg41Dw8eGNAHXwaZQ51+c0MIK4s1UujmudxuaQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 75591
last-modified: Sat, 18 Sep 2021 16:10:53 GMT
etag: "61460f8d-12747"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVd4NoP%2F0ITtoZmktaeOJNIXlhE7c3nWTl6O7gI3U0Rs0%2FJ8Y8MKsaZbU5cb8LAlcEmGpHCDQm2qJF7Lq9FjqpDpISMcs1S0zX%2BxMJGXuwpyXu89WDoYr4WfbcYef5XAK957bA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fad2b810b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
panel.javflag.com/storage/3YQmj1AQOwcUXPeh1EQxyJLQZcXlYlFOChmKVxAV.jpg
188.114.97.1200 OK 67 kB URL HTTP/2 panel.javflag.com/storage/3YQmj1AQOwcUXPeh1EQxyJLQZcXlYlFOChmKVxAV.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 375x538, components 3\012- data
Hash d76ab6014d104288c59496bf03642de9
91ca25b2b0aed9b11f401cc87e07fc88e8564dff
645601c8d5fae0e8d74063307117c281325fef15896a34d360e1ce18c67e1ece
GET /storage/3YQmj1AQOwcUXPeh1EQxyJLQZcXlYlFOChmKVxAV.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=E915d0MYXA1iROJp55NGSQxsawhtKVFoIBln6Hk1ZuE-1663497340-0-AT3MXY31o2QpoxR3T9iJnIEKvAqvd2/OPMTm9xbW0VF+n8hHD0NGooNzSSbdX9HtO8z4R2xoETfoYOymN53PnFtB+Xx1wg41Dw8eGNAHXwaZQ51+c0MIK4s1UujmudxuaQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 66729
last-modified: Sat, 02 Oct 2021 14:53:40 GMT
etag: "61587274-104a9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sngmfOmsqyFWgPDNX7J5HE3TCl3Det6BP6sNtpZZ8LZInFmp7QhLeZJ6OYy3ZYkjoqcrAcCpiY%2BDRMDHR943dDH6s9TeRgm45pGsiU6k7lOsxP%2BmnjZJBNiT2Ma1r8CJDH5rhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fad1b670b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
panel.javflag.com/storage/Tyn20wOBFCRuO6WgzSJcjDEoz4DH3vDQ0CxumB7e.jpg
188.114.97.1200 OK 79 kB URL HTTP/2 panel.javflag.com/storage/Tyn20wOBFCRuO6WgzSJcjDEoz4DH3vDQ0CxumB7e.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 377x538, components 3\012- data
Hash 038046f97f8037354b04c0e8e2d56a02
e1f642e8a6f5562c6543b0b3c86e54d93b6cd362
f8e90bacf892f1cdcc243ad69fdad53e41d22dcc68c67e937a67db8ca92d9a77
GET /storage/Tyn20wOBFCRuO6WgzSJcjDEoz4DH3vDQ0CxumB7e.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=E915d0MYXA1iROJp55NGSQxsawhtKVFoIBln6Hk1ZuE-1663497340-0-AT3MXY31o2QpoxR3T9iJnIEKvAqvd2/OPMTm9xbW0VF+n8hHD0NGooNzSSbdX9HtO8z4R2xoETfoYOymN53PnFtB+Xx1wg41Dw8eGNAHXwaZQ51+c0MIK4s1UujmudxuaQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 79131
last-modified: Sat, 18 Sep 2021 16:15:39 GMT
etag: "614610ab-1351b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFUv7pIOLRW%2B5HsrhCLfzd63xfYk4gthzcnywlAdmmUODxZDiyKRlCcXwhliUJkKC%2FhiWKIOk%2FSUyQbGpSqh%2FXoSQws9egtcp3rjPEt4yO7Sbn%2BTeG81T%2Fm3gZLnbWjNkYKvew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fad1b740b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png
45.133.44.9200 OK 145 kB URL HTTP/2 cdn.cloudimagesb.com/cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 145 kB (145012 bytes)
Hash 620dee7dda3ab0a55fef5e66735e48e1
c03458e7950bed758e4352ec7a78bb434a3164b1
8552142726040854ba6a1d57037aa513e8cb424e3e5b96f017fb742f7c9255c3
GET /cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/png
content-length: 145012
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 09:52:06 GMT
etag: "62e10ac6-23674"
expires: Tue, 20 Sep 2022 10:35:41 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
panel.javflag.com/storage/b6vOoZJFB7X2jTJUHyGINrlL2IBTx41mqDrS6evR.png
188.114.97.1200 OK 200 kB URL HTTP/2 panel.javflag.com/storage/b6vOoZJFB7X2jTJUHyGINrlL2IBTx41mqDrS6evR.png
IP 188.114.97.1:0
File type PNG image data, 400 x 535, 8-bit/color RGBA, non-interlaced\012- data
Size 200 kB (199960 bytes)
Hash b3c19c933e977c9c2ec459dfef0b991a
5376aab1dbe53dc294dccb9dfe0e48f171bd73d6
af5db47d1f17810ba839ef96ca2ef19afad4c827eaee9349a7e64e1cf064dbc7
GET /storage/b6vOoZJFB7X2jTJUHyGINrlL2IBTx41mqDrS6evR.png HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=E915d0MYXA1iROJp55NGSQxsawhtKVFoIBln6Hk1ZuE-1663497340-0-AT3MXY31o2QpoxR3T9iJnIEKvAqvd2/OPMTm9xbW0VF+n8hHD0NGooNzSSbdX9HtO8z4R2xoETfoYOymN53PnFtB+Xx1wg41Dw8eGNAHXwaZQ51+c0MIK4s1UujmudxuaQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/png
content-length: 199960
last-modified: Tue, 17 Aug 2021 16:16:17 GMT
etag: "611be0d1-30d18"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYT7b4lfK52YwDYzWbvxOZ%2BxRCWPzv8AEk6FxqBSMEh9HwOkhlnxL6ucN%2Bq4A304FIojwFZh4xguf8ZBqg9xAIZr04Ll%2BP2LAUdzhc%2FeB3kosOPyIcjl5ByRmZlbivCA4lQ4fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fad1b690b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
panel.javflag.com/storage/A6IpM5FHh1p9Ai4zrcMWTlW73Zhj9KauiRMOymRj.png
188.114.97.1200 OK 205 kB URL HTTP/2 panel.javflag.com/storage/A6IpM5FHh1p9Ai4zrcMWTlW73Zhj9KauiRMOymRj.png
IP 188.114.97.1:0
File type PNG image data, 400 x 535, 8-bit/color RGBA, non-interlaced\012- data
Size 205 kB (204982 bytes)
Hash 38487893c7a98cb7aaa397d0104df2d4
8fe610efeca34840ab30923e429a4af92861a9d7
f823a7e57ecda2c7957ee3ca5940b138b1845b6528c116c1de050fb077e69ac6
GET /storage/A6IpM5FHh1p9Ai4zrcMWTlW73Zhj9KauiRMOymRj.png HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=E915d0MYXA1iROJp55NGSQxsawhtKVFoIBln6Hk1ZuE-1663497340-0-AT3MXY31o2QpoxR3T9iJnIEKvAqvd2/OPMTm9xbW0VF+n8hHD0NGooNzSSbdX9HtO8z4R2xoETfoYOymN53PnFtB+Xx1wg41Dw8eGNAHXwaZQ51+c0MIK4s1UujmudxuaQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/png
content-length: 204982
last-modified: Mon, 21 Jun 2021 20:15:51 GMT
etag: "60d0f377-320b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8xZoFHGLl3dtUsbQK5xWAAVmGA2tD%2FBjHSk0xgI2guT1LcBV%2Fko0Ms%2FdmUH0ImVKc4L%2BLIe4GmxDOZpdwLKEcAiUqzh9raL2a3un0%2F%2BdFHcFgD4uuzPmcEhok40NBCovwxahA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fad1b7a0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
panel.javflag.com/storage/PoRin55x9bUP9E1DHKoFVDZX9MekYIabk46kInQm.jpg
188.114.97.1200 OK 73 kB URL HTTP/2 panel.javflag.com/storage/PoRin55x9bUP9E1DHKoFVDZX9MekYIabk46kInQm.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 377x538, components 3\012- data
Hash 87a7552acbacfb5604344392ff8f417d
e1ef7639f1fe56b0f8963c5d2e71ac1a02dcae7e
332d698e56eecb3cef6db4ef067251c630c521879a2645f717964cbc7e1a804a
GET /storage/PoRin55x9bUP9E1DHKoFVDZX9MekYIabk46kInQm.jpg HTTP/1.1
Host: panel.javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=E915d0MYXA1iROJp55NGSQxsawhtKVFoIBln6Hk1ZuE-1663497340-0-AT3MXY31o2QpoxR3T9iJnIEKvAqvd2/OPMTm9xbW0VF+n8hHD0NGooNzSSbdX9HtO8z4R2xoETfoYOymN53PnFtB+Xx1wg41Dw8eGNAHXwaZQ51+c0MIK4s1UujmudxuaQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/jpeg
content-length: 72575
last-modified: Sat, 02 Oct 2021 14:55:30 GMT
etag: "615872e2-11b7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ugrXU9VWC6nyrdPpfx7EWBFI9z7mOzzwqJe9UchaBg0AVLsnbppP2aQHpN0PofHrbb2r4TRISfzVDUmoZhIi7D9q%2BvHNIm9irtCuDrxMD42KA6f2%2FfZZiVmtkCLqbNImru1NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fad2b820b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Ubuntu&display=swap
142.250.74.10200 OK 938 B URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu&display=swap
IP 142.250.74.10:0
Hash 2246a8ea64fac80b51e4cbde7ec2a030
adb4abdb14284380036f6c69db6cf90dc1d645f0
52ced7d14ca379c98b1642c50112012d2028989acd357029b84a50f011ee0c37
GET /css?family=Ubuntu&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.adxadserv.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Sep 2022 10:35:41 GMT
date: Sun, 18 Sep 2022 10:35:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab87e1e4dc6abd919cf683dff901fe8
07cfbf03a72cb316844c48669a10484e63b7f887
d68b40168e5c06bd69b83e8529ea0b15996e7124d2c8b3c5b0be81c8946f04c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:35:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
142.250.74.163200 OK 35 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.adxadserv.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:28:55 GMT
expires: Thu, 14 Sep 2023 19:28:55 GMT
cache-control: public, max-age=31536000
age: 313606
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 3.1 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 58af7c10180e8a3157f319f544548d1b
c69061e5b7fc6bdaa4526e67d9fbfeb3f535d5bc
495e7cb97076d02baa30c2025bffc9daf8503b8d9a1d09addd292ede0ef50830
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "95DAB4572044E3C1014C879FF3FF50E76FC219212033C47C951F1DC35D05155A"
Last-Modified: Sat, 17 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4362
Expires: Sun, 18 Sep 2022 11:48:23 GMT
Date: Sun, 18 Sep 2022 10:35:41 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab87e1e4dc6abd919cf683dff901fe8
07cfbf03a72cb316844c48669a10484e63b7f887
d68b40168e5c06bd69b83e8529ea0b15996e7124d2c8b3c5b0be81c8946f04c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 10:35:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r.trwl1.com/s1/71ecf247-65a7-4be4-8c6d-e8e2855141c9?externalId=a4016188-373d-11ed-bed6-52ca5d2668e1&cv1=a4016188-373d-11ed-bed6-52ca5d2668e1&cv2=4982d74cc5945eb5f443cbeab8c29c8c&cv3=desktop&cv4=623c966461d6e2757e4d7921&cv5=623c962a61d6e2790d5b93d2&cv6=en&cv7=Javflag&cv8=Firefox&cv9=60fa6cc461d6e22a417e5fc1&cv10=exim_adxad_stub2_300x250_
185.98.53.17200 OK 911 B URL HTTP/1.1 r.trwl1.com/s1/71ecf247-65a7-4be4-8c6d-e8e2855141c9?externalId=a4016188-373d-11ed-bed6-52ca5d2668e1&cv1=a4016188-373d-11ed-bed6-52ca5d2668e1&cv2=4982d74cc5945eb5f443cbeab8c29c8c&cv3=desktop&cv4=623c966461d6e2757e4d7921&cv5=623c962a61d6e2790d5b93d2&cv6=en&cv7=Javflag&cv8=Firefox&cv9=60fa6cc461d6e22a417e5fc1&cv10=exim_adxad_stub2_300x250_
IP 185.98.53.17:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (715)
Hash e5f1f40cdd6efb5f50acb3ea3453220f
bc64c931b82e3fea045efee726f20dfecc04c07e
3f66a2c0c3292a8b9931770984ba1af4d1043cdbe8ee8b2e0f35c6774a6543fa
GET /s1/71ecf247-65a7-4be4-8c6d-e8e2855141c9?externalId=a4016188-373d-11ed-bed6-52ca5d2668e1&cv1=a4016188-373d-11ed-bed6-52ca5d2668e1&cv2=4982d74cc5945eb5f443cbeab8c29c8c&cv3=desktop&cv4=623c966461d6e2757e4d7921&cv5=623c962a61d6e2790d5b93d2&cv6=en&cv7=Javflag&cv8=Firefox&cv9=60fa6cc461d6e22a417e5fc1&cv10=exim_adxad_stub2_300x250_ HTTP/1.1
Host: r.trwl1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 18 Sep 2022 10:35:41 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 911
Connection: close
Set-Cookie: uid=oWPm_S4tMp; Path=/; Domain=trwl1.com; Expires=Mon, 19 Sep 2022 10:35:41 GMT; HttpOnly
X-Request-Id: 5c8f9bbe-e85d-4386-9b18-49910923c120
adxadserv.com/ascripts/gcr.js
185.98.53.29200 OK 23 kB URL HTTP/1.1 adxadserv.com/ascripts/gcr.js
IP 185.98.53.29:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (48738)
Hash 4bcc622fafa6d39f3d41ee9e46b585f5
f4870a326a8c0f449cbcd79673406ac1d5e6f6c8
c7ef60433000d6807163ee4643bd7774e783e4d0711513d134ae008f04f4a8e9
GET /ascripts/gcr.js HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 18 Sep 2022 10:35:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Dec 2021 16:04:11 GMT
ETag: W/"61bb637b-1434f"
Expires: Mon, 19 Sep 2022 08:32:07 GMT
Cache-Control: max-age=86400, public
X-77-NZT: AblMCgrdjIL/9hwAAA
X-77-NZT-Ray: Uwzj8E58HLw
X-Cache: HIT
X-Age: 7414
X-77-POP: amsterdamNL
X-77-Cache: HIT
Content-Encoding: br
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 33da5e70243cef1b382e1f7477bb4a82
91323f0eac7e6b17386e307968669bd72de4a34e
c868687f56a945fb83522d147b5395844c2a31899280be3c11e77fb4bdc4ec17
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C868687F56A945FB83522D147B5395844C2A31899280BE3C11E77FB4BDC4EC17"
Last-Modified: Fri, 16 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16917
Expires: Sun, 18 Sep 2022 15:17:38 GMT
Date: Sun, 18 Sep 2022 10:35:41 GMT
Connection: keep-alive
adxadserv.com/ascripts/pxl.js
185.98.53.29200 OK 23 kB URL HTTP/1.1 adxadserv.com/ascripts/pxl.js
IP 185.98.53.29:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (36114)
Hash 72d1139e9f2e6ebe3f51c9193edb4439
cd356eb9eaab433ac792406ba36d4304b6450571
74553d0effe74cd6a4f1424940f7fd133c5457ff1d5c53030e651ec6612bec88
GET /ascripts/pxl.js HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 18 Sep 2022 10:35:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Sep 2020 09:55:41 GMT
ETag: W/"5f6dbe9d-12fee"
Expires: Mon, 19 Sep 2022 08:31:58 GMT
Cache-Control: max-age=86400, public
X-77-NZT: Abk73hGYShn//xwAAA
X-77-NZT-Ray: kk+LwHXMAOU
X-Cache: HIT
X-Age: 7423
X-77-POP: amsterdamNL
X-77-Cache: HIT
Content-Encoding: br
adxadserv.com/px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D60fa6cc461d6e22a417e5fc1%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttp%25253A%252F%252Ftaraa.xyz%252F%2526dt%253D1663497321651%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fjavflag.com%252F&d_r=1&d_s=1280x1024&d_w=300x250&t_s=1663497322736&t_i=1663497323010&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=f6b6c3e0-a42d-4c7e-8786-a76bdbcb15ba&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=a4016188-373d-11ed-bed6-52ca5d2668e1&spid=60fa6cc461d6e22a417e5fc1&fpid_sa=1663497323010&fpid=&feid_sa=1663497323010&sid_sa=1663497323010&feid=d8920db7e4f73c9ee7901479a8bb5b87&sid=646f35e6bce92d05dba782d4fc333dca&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=javflag.com&s_rst=1&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=0&lb=0&cd=24&hc=16&dm=-1&dt=2&ed=-1&sr=5497558139882&e_d=%7B%22isResetRequired%22%3Atrue%7D&t_op=0.292
185.98.53.29200 OK 0 B URL HTTP/1.1 adxadserv.com/px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D60fa6cc461d6e22a417e5fc1%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttp%25253A%252F%252Ftaraa.xyz%252F%2526dt%253D1663497321651%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fjavflag.com%252F&d_r=1&d_s=1280x1024&d_w=300x250&t_s=1663497322736&t_i=1663497323010&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=f6b6c3e0-a42d-4c7e-8786-a76bdbcb15ba&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=a4016188-373d-11ed-bed6-52ca5d2668e1&spid=60fa6cc461d6e22a417e5fc1&fpid_sa=1663497323010&fpid=&feid_sa=1663497323010&sid_sa=1663497323010&feid=d8920db7e4f73c9ee7901479a8bb5b87&sid=646f35e6bce92d05dba782d4fc333dca&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=javflag.com&s_rst=1&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=0&lb=0&cd=24&hc=16&dm=-1&dt=2&ed=-1&sr=5497558139882&e_d=%7B%22isResetRequired%22%3Atrue%7D&t_op=0.292
IP 185.98.53.29:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D60fa6cc461d6e22a417e5fc1%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttp%25253A%252F%252Ftaraa.xyz%252F%2526dt%253D1663497321651%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fjavflag.com%252F&d_r=1&d_s=1280x1024&d_w=300x250&t_s=1663497322736&t_i=1663497323010&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=f6b6c3e0-a42d-4c7e-8786-a76bdbcb15ba&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=a4016188-373d-11ed-bed6-52ca5d2668e1&spid=60fa6cc461d6e22a417e5fc1&fpid_sa=1663497323010&fpid=&feid_sa=1663497323010&sid_sa=1663497323010&feid=d8920db7e4f73c9ee7901479a8bb5b87&sid=646f35e6bce92d05dba782d4fc333dca&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=javflag.com&s_rst=1&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=0&lb=0&cd=24&hc=16&dm=-1&dt=2&ed=-1&sr=5497558139882&e_d=%7B%22isResetRequired%22%3Atrue%7D&t_op=0.292 HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 18 Sep 2022 10:35:41 GMT
Content-Length: 0
Connection: keep-alive
adxadserv.com/t/re/v4?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D60fa6cc461d6e22a417e5fc1%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttp%25253A%252F%252Ftaraa.xyz%252F%2526dt%253D1663497321651%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fjavflag.com%252F&d_r=1&d_s=1280x1024&d_w=300x250&t_s=1663497322736&t_i=1663497323008&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=8fe06767-7da8-491b-8abd-36e58c41774c&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_s=GUEST&fpid_sa=null&fpid=&feid_sa=null&sid_sa=null&feid=4356a901db2ef77b44e3c9dd2402dc1e&sid=43c512a474e33439e5abc1b59ccb9fa3&u_adb=0&vn=R-1.0&utm_typ=referral&utm_src=javflag.com&s_rst=1&st_d=%7B%7D&e_d=%7B%22spotId%22%3A%2260fa6cc461d6e22a417e5fc1%22%2C%22impressionId%22%3A%22a4016188-373d-11ed-bed6-52ca5d2668e1%22%7D&t_op=0.389&cb=gl.cb.pv
185.98.53.29200 OK 65 B URL HTTP/1.1 adxadserv.com/t/re/v4?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D60fa6cc461d6e22a417e5fc1%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttp%25253A%252F%252Ftaraa.xyz%252F%2526dt%253D1663497321651%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fjavflag.com%252F&d_r=1&d_s=1280x1024&d_w=300x250&t_s=1663497322736&t_i=1663497323008&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=8fe06767-7da8-491b-8abd-36e58c41774c&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_s=GUEST&fpid_sa=null&fpid=&feid_sa=null&sid_sa=null&feid=4356a901db2ef77b44e3c9dd2402dc1e&sid=43c512a474e33439e5abc1b59ccb9fa3&u_adb=0&vn=R-1.0&utm_typ=referral&utm_src=javflag.com&s_rst=1&st_d=%7B%7D&e_d=%7B%22spotId%22%3A%2260fa6cc461d6e22a417e5fc1%22%2C%22impressionId%22%3A%22a4016188-373d-11ed-bed6-52ca5d2668e1%22%7D&t_op=0.389&cb=gl.cb.pv
IP 185.98.53.29:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 76c491a33ff3ce67d241fdc7100d812c
d7819cc5aac79473a35a0841e3bf63edc5fcc79a
b0d4c323a99b7f823d3d9c540eace7b0a75aac5561e24f4ab563e9e8b15e0039
GET /t/re/v4?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D60fa6cc461d6e22a417e5fc1%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttp%25253A%252F%252Ftaraa.xyz%252F%2526dt%253D1663497321651%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fjavflag.com%252F&d_r=1&d_s=1280x1024&d_w=300x250&t_s=1663497322736&t_i=1663497323008&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=8fe06767-7da8-491b-8abd-36e58c41774c&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_s=GUEST&fpid_sa=null&fpid=&feid_sa=null&sid_sa=null&feid=4356a901db2ef77b44e3c9dd2402dc1e&sid=43c512a474e33439e5abc1b59ccb9fa3&u_adb=0&vn=R-1.0&utm_typ=referral&utm_src=javflag.com&s_rst=1&st_d=%7B%7D&e_d=%7B%22spotId%22%3A%2260fa6cc461d6e22a417e5fc1%22%2C%22impressionId%22%3A%22a4016188-373d-11ed-bed6-52ca5d2668e1%22%7D&t_op=0.389&cb=gl.cb.pv HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 18 Sep 2022 10:35:41 GMT
Content-Type: text/javascript
Content-Length: 65
Connection: keep-alive
Set-Cookie: xfeid=9953c6c5733bef353186cbbc97f21c79; expires=Tue, 01 Jan 2030 00:00:00 GMT; path=/; domain=.adxadserv.com
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: content-type
Access-Control-Max-Age: 864000
static.javhd.com/h5/files/16514/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3Da4016188-373d-11ed-bed6-52ca5d2668e1%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3DJavflag%26cv8%3DFirefox%26cv9%3D60fa6cc461d6e22a417e5fc1%26externalId%3Da4016188-373d-11ed-bed6-52ca5d2668e1%26p%3DeyJiIjoyNzgzMjcsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI1MzE5fQ
185.76.9.26200 OK 2.5 kB URL HTTP/2 static.javhd.com/h5/files/16514/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3Da4016188-373d-11ed-bed6-52ca5d2668e1%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3DJavflag%26cv8%3DFirefox%26cv9%3D60fa6cc461d6e22a417e5fc1%26externalId%3Da4016188-373d-11ed-bed6-52ca5d2668e1%26p%3DeyJiIjoyNzgzMjcsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI1MzE5fQ
IP 185.76.9.26:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d1bfd58b060ae7f9455f006cb211441f
58488ff973012f0cf510624ae5258575467d9bec
85bece4e1f4c82bff31223aa3be5f2add0ef361bab8ff99733b6a0c40d1d00d1
GET /h5/files/16514/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3Da4016188-373d-11ed-bed6-52ca5d2668e1%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3DJavflag%26cv8%3DFirefox%26cv9%3D60fa6cc461d6e22a417e5fc1%26externalId%3Da4016188-373d-11ed-bed6-52ca5d2668e1%26p%3DeyJiIjoyNzgzMjcsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI1MzE5fQ HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trwl1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: text/html
last-modified: Tue, 23 Aug 2022 14:31:42 GMT
etag: W/"6304e4ce-c86"
expires: Tue, 18 Oct 2022 10:35:41 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1666089341
server: CDN77-Turbo
x-77-nzt: AblMCRQ9SQ+h
x-77-nzt-ray: InGISVOWNDY
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
static.javhd.com/h5/files/overlay/1602-overlay.png
185.76.9.26200 OK 1.8 kB URL HTTP/2 static.javhd.com/h5/files/overlay/1602-overlay.png
IP 185.76.9.26:0
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash f4403fc07b7c414db6ec613317885035
457d3e8f9e9fb0456292efdbd5f18b318e804ea7
00ffbfa9483f4a6e8b85b6ab368a9547cf29e54c1aeb2bfcf81f34ec2bf50ee7
GET /h5/files/overlay/1602-overlay.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/16514/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3Da4016188-373d-11ed-bed6-52ca5d2668e1%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3DJavflag%26cv8%3DFirefox%26cv9%3D60fa6cc461d6e22a417e5fc1%26externalId%3Da4016188-373d-11ed-bed6-52ca5d2668e1%26p%3DeyJiIjoyNzgzMjcsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI1MzE5fQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/png
content-length: 1839
last-modified: Wed, 20 Apr 2022 13:56:47 GMT
etag: "6260111f-72f"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRTJ9v3/LIqbAA
x-77-nzt-ray: 52r5uDW2I3k
x-cache: HIT
x-age: 10193452
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhd.com/h5/files/button/29-button.png
185.76.9.26200 OK 733 B URL HTTP/2 static.javhd.com/h5/files/button/29-button.png
IP 185.76.9.26:0
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 82a66a2d222379716ca9a03ff50d8f42
ae43d917ff791f9172edc527baa6266416182aaa
cc5da7b40e498d30bf5eaae43e59cae32202737076422676489dd8d3030803de
GET /h5/files/button/29-button.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/16514/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3Da4016188-373d-11ed-bed6-52ca5d2668e1%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3DJavflag%26cv8%3DFirefox%26cv9%3D60fa6cc461d6e22a417e5fc1%26externalId%3Da4016188-373d-11ed-bed6-52ca5d2668e1%26p%3DeyJiIjoyNzgzMjcsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI1MzE5fQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: image/png
content-length: 733
last-modified: Tue, 22 Dec 2015 18:41:22 GMT
etag: "56799952-2dd"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRTTCIH/LIqbAA
x-77-nzt-ray: o8qdD5qPqeU
x-cache: HIT
x-age: 10193452
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a011b019490039edfdd836d06fc34974
cb8109fb94033bd318d760cc3813d4cfc27e852b
04a98f19d87141066b7b89b412983f3843a65f2c67712dd1d3f23f2b1fec5a91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04A98F19D87141066B7B89B412983F3843A65F2C67712DD1D3F23F2B1FEC5A91"
Last-Modified: Thu, 15 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2020
Expires: Sun, 18 Sep 2022 11:09:21 GMT
Date: Sun, 18 Sep 2022 10:35:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7ab5908da2e371c2247e15eeb8a6692e
45f4d38f7cf9ec48bc3762f14512413c93267123
45a1e1013ebf1e438337538801b6123a42bb60ce89ca2c6099d061787ea9ab20
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45A1E1013EBF1E438337538801B6123A42BB60CE89CA2C6099D061787EA9AB20"
Last-Modified: Fri, 16 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2112
Expires: Sun, 18 Sep 2022 11:10:53 GMT
Date: Sun, 18 Sep 2022 10:35:41 GMT
Connection: keep-alive
grandsupple.com/sbar.json?key=2ef41dd6bdb358bdf7d02bce45635537&uuid=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b%3A1%3A1
192.243.61.227200 OK 4.3 kB URL HTTP/1.1 grandsupple.com/sbar.json?key=2ef41dd6bdb358bdf7d02bce45635537&uuid=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b%3A1%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash 373024020a15b3fbdddaaa644c4ca0ac
f69ff7423020b68c05340747919a94256a8faf39
89358ef1df800d445222c2a4802978d7ce925e8a13c0fb6fb639d18b69730477
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=2ef41dd6bdb358bdf7d02bce45635537&uuid=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b%3A1%3A1 HTTP/1.1
Host: grandsupple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 10:35:41 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://javflag.com
Access-Control-Allow-Origin: https://javflag.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16353405; expires=Mon, 19 Sep 2022 10:35:41 GMT; secure; SameSite=None
uid_id2=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b:1:1; expires=Sun, 25 Sep 2022 10:35:41 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 19 Sep 2022 10:35:41 GMT; secure; SameSite=None
uncs=1; expires=Mon, 19 Sep 2022 10:35:41 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 19 Sep 2022 10:35:41 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 19 Sep 2022 10:35:41 GMT; secure; SameSite=None
slec2ef41dd6bdb358bdf7d02bce45635537=[3520332]; expires=Sun, 18 Sep 2022 10:35:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b765cf3aba477bcceb8506e65f179fde
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
static.javhd.com/h5/files/video/6519-14405-300x250.medium.mp4
185.76.9.26206 Partial Content 530 kB URL HTTP/2 static.javhd.com/h5/files/video/6519-14405-300x250.medium.mp4
IP 185.76.9.26:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 530 kB (529848 bytes)
Hash 657dbf85d9c9049da5fb7f35f5a96eff
df2cc330065ca5f097961d91ac13305185991a5f
ea12964d3bb4c25f82b054bd449efaabd12c100784af1b6472092ff1f0fc1c91
GET /h5/files/video/6519-14405-300x250.medium.mp4 HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/16514/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3Da4016188-373d-11ed-bed6-52ca5d2668e1%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3DJavflag%26cv8%3DFirefox%26cv9%3D60fa6cc461d6e22a417e5fc1%26externalId%3Da4016188-373d-11ed-bed6-52ca5d2668e1%26p%3DeyJiIjoyNzgzMjcsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI1MzE5fQ
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: video/mp4
content-length: 529848
last-modified: Tue, 23 Aug 2022 14:31:41 GMT
etag: "6304e4cd-815b8"
expires: Fri, 26 Aug 2022 15:48:48 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-accel-expires: @1663521741
server: CDN77-Turbo
x-77-nzt: AblMCRR8mYf/MPIAAA
x-77-nzt-ray: sXq0/PtVB4c
x-cache: HIT
x-age: 62000
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-529847/529848
X-Firefox-Spdy: h2
analitits.com/t/xfeid?cb=gl.cb.xf
31.220.24.19200 OK 65 B URL HTTP/1.1 analitits.com/t/xfeid?cb=gl.cb.xf
IP 31.220.24.19:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 1cbba8ba1c41bb221abb2a5050af3f72
93134ea01098b3170667e852d3b9d1eba2cb9f95
02807f057f861568a61375c4fce31fb3852a4c59d8d0d4afc98e6a3fa81ca879
GET /t/xfeid?cb=gl.cb.xf HTTP/1.1
Host: analitits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sun, 18 Sep 2022 10:35:41 GMT
Content-Type: application/octet-stream
Content-Length: 65
Connection: keep-alive
Set-Cookie: xfeid=58fdf30e04d49cdbc1a4e197231ba08c; expires=Tue, 01 Jan 2030 00:00:00 GMT; path=/; domain=.analitits.com
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: content-type
Access-Control-Max-Age: 864000
grandsupple.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2tc1RvGz22y%2BfLdqBSKoDILERUzuffOzJ0ZuwjGGAnGtrYW3cn5dSenOXPP5Zx7504ChdiCRHAxXerq5pmkobYUXbmyyKQgGjeZrrIw%2F0RFcCczDUZfOLzvOc974HOe836xk58QHzk9XvrQbCqt6Xyj6lde%2FzQILlZWVZL3K%2F1W9FlUv1ixvbfbUdV%2Fo%2FK%2B5OtmPvQD3w%2F8oLKsrIxNf34iQqUP2kG17VfrYTVo1NG3%2F9273IOjHkTvhLwAJcazj73zUHyEpPvdknTrmUnfeq%2Bba5oZi57Yv56sJ6ZI0D0rY%2BshTvZPu2Hc0fIjmGRvigvT%2B6eRqTHxfn4EluyfQoL1dqecTEMmYOL%2FKHojSD2CoiNwcxtKHBGAC1y6jKR795KxBd14ptKJOiazfz6FKsZk9vfzSLoPF7XqV64ZnWfKJA79uITqj6A6I6T5AbLNc1DFAXh2C0oQJN0SShy%2F2gp4jfpxe074IpirMxHP0aaM56RoRa16q8badTY1RqkRVDyClgNQ5yGfLOUhjz3kqYeuOK7wIAiavuDUb7U5r4mmZJHwA9qMAxr4UQs5n7APkKUDcD0At1tI7RbW1QA2%2FwlurYQT5%2BCyMfE%2BuoWeKFFIgsIRFJSgUARFRlD0yj2hXejKu0K7nAWnOTzNtXJoss4O3TNZRyZkJz0hz09N%2B2v7JtblcSWUcT0QImKC1RotJuKm8EPGZb0R1RqNWhNOlVDu3PSpm2pMLix%2FjlSNyez2EzB6AKcPwNVzoPnLoMWwGfqga8N6y8dmcv8G7cWadqrcdCFMiTSbRbbh7egT8uIUo%2FHDKiQ%2FXPjl60l8A25LpLbEDfWYoKO3h1dNQXavmsKR7y%2BnmeqqTTr512sZzeTMtx%2FIjcJYsbLkBvfe4RNhUj74WLpslSZCJR1H7i8qIaRdNpZL8uOK%2B0SyK7lbW8xtkqerV95dXummVjqnTDICVUfuK3A1Jv%2BjZjqwL134EsqOYPMS3fyQnAaUOQBPt%2BDSM3pnZmD1WQ9LPRR5ObQhOzvUakzCp79Cy8OFh9ffvPfb6A4oK%2BHkvy6e1TtuGx37Cmh2ezqrPVuip0tQPYDLZ4ZZag8XntSmAaa9IdPW22Xa6jvP7HXquNKs1XwatRtBs0llk9XDVhwFgtKwHoVRRGvI3Ji%2F9sfNvwEAAP%2F%2FAQAA%2F%2F%2Fo5YVAfwQAAA%3D%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 grandsupple.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz2tc1RvGz22y%2BfLdqBSKoDILERUzuffOzJ0ZuwjGGAnGtrYW3cn5dSenOXPP5Zx7504ChdiCRHAxXerq5pmkobYUXbmyyKQgGjeZrrIw%2F0RFcCczDUZfOLzvOc974HOe836xk58QHzk9XvrQbCqt6Xyj6lde%2FzQILlZWVZL3K%2F1W9FlUv1ixvbfbUdV%2Fo%2FK%2B5OtmPvQD3w%2F8oLKsrIxNf34iQqUP2kG17VfrYTVo1NG3%2F9273IOjHkTvhLwAJcazj73zUHyEpPvdknTrmUnfeq%2Bba5oZi57Yv56sJ6ZI0D0rY%2BshTvZPu2Hc0fIjmGRvigvT%2B6eRqTHxfn4EluyfQoL1dqecTEMmYOL%2FKHojSD2CoiNwcxtKHBGAC1y6jKR795KxBd14ptKJOiazfz6FKsZk9vfzSLoPF7XqV64ZnWfKJA79uITqj6A6I6T5AbLNc1DFAXh2C0oQJN0SShy%2F2gp4jfpxe074IpirMxHP0aaM56RoRa16q8badTY1RqkRVDyClgNQ5yGfLOUhjz3kqYeuOK7wIAiavuDUb7U5r4mmZJHwA9qMAxr4UQs5n7APkKUDcD0At1tI7RbW1QA2%2FwlurYQT5%2BCyMfE%2BuoWeKFFIgsIRFJSgUARFRlD0yj2hXejKu0K7nAWnOTzNtXJoss4O3TNZRyZkJz0hz09N%2B2v7JtblcSWUcT0QImKC1RotJuKm8EPGZb0R1RqNWhNOlVDu3PSpm2pMLix%2FjlSNyez2EzB6AKcPwNVzoPnLoMWwGfqga8N6y8dmcv8G7cWadqrcdCFMiTSbRbbh7egT8uIUo%2FHDKiQ%2FXPjl60l8A25LpLbEDfWYoKO3h1dNQXavmsKR7y%2BnmeqqTTr512sZzeTMtx%2FIjcJYsbLkBvfe4RNhUj74WLpslSZCJR1H7i8qIaRdNpZL8uOK%2B0SyK7lbW8xtkqerV95dXummVjqnTDICVUfuK3A1Jv%2BjZjqwL134EsqOYPMS3fyQnAaUOQBPt%2BDSM3pnZmD1WQ9LPRR5ObQhOzvUakzCp79Cy8OFh9ffvPfb6A4oK%2BHkvy6e1TtuGx37Cmh2ezqrPVuip0tQPYDLZ4ZZag8XntSmAaa9IdPW22Xa6jvP7HXquNKs1XwatRtBs0llk9XDVhwFgtKwHoVRRGvI3Ji%2F9sfNvwEAAP%2F%2FAQAA%2F%2F%2Fo5YVAfwQAAA%3D%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz2tc1RvGz22y%2BfLdqBSKoDILERUzuffOzJ0ZuwjGGAnGtrYW3cn5dSenOXPP5Zx7504ChdiCRHAxXerq5pmkobYUXbmyyKQgGjeZrrIw%2F0RFcCczDUZfOLzvOc974HOe836xk58QHzk9XvrQbCqt6Xyj6lde%2FzQILlZWVZL3K%2F1W9FlUv1ixvbfbUdV%2Fo%2FK%2B5OtmPvQD3w%2F8oLKsrIxNf34iQqUP2kG17VfrYTVo1NG3%2F9273IOjHkTvhLwAJcazj73zUHyEpPvdknTrmUnfeq%2Bba5oZi57Yv56sJ6ZI0D0rY%2BshTvZPu2Hc0fIjmGRvigvT%2B6eRqTHxfn4EluyfQoL1dqecTEMmYOL%2FKHojSD2CoiNwcxtKHBGAC1y6jKR795KxBd14ptKJOiazfz6FKsZk9vfzSLoPF7XqV64ZnWfKJA79uITqj6A6I6T5AbLNc1DFAXh2C0oQJN0SShy%2F2gp4jfpxe074IpirMxHP0aaM56RoRa16q8badTY1RqkRVDyClgNQ5yGfLOUhjz3kqYeuOK7wIAiavuDUb7U5r4mmZJHwA9qMAxr4UQs5n7APkKUDcD0At1tI7RbW1QA2%2FwlurYQT5%2BCyMfE%2BuoWeKFFIgsIRFJSgUARFRlD0yj2hXejKu0K7nAWnOTzNtXJoss4O3TNZRyZkJz0hz09N%2B2v7JtblcSWUcT0QImKC1RotJuKm8EPGZb0R1RqNWhNOlVDu3PSpm2pMLix%2FjlSNyez2EzB6AKcPwNVzoPnLoMWwGfqga8N6y8dmcv8G7cWadqrcdCFMiTSbRbbh7egT8uIUo%2FHDKiQ%2FXPjl60l8A25LpLbEDfWYoKO3h1dNQXavmsKR7y%2BnmeqqTTr512sZzeTMtx%2FIjcJYsbLkBvfe4RNhUj74WLpslSZCJR1H7i8qIaRdNpZL8uOK%2B0SyK7lbW8xtkqerV95dXummVjqnTDICVUfuK3A1Jv%2BjZjqwL134EsqOYPMS3fyQnAaUOQBPt%2BDSM3pnZmD1WQ9LPRR5ObQhOzvUakzCp79Cy8OFh9ffvPfb6A4oK%2BHkvy6e1TtuGx37Cmh2ezqrPVuip0tQPYDLZ4ZZag8XntSmAaa9IdPW22Xa6jvP7HXquNKs1XwatRtBs0llk9XDVhwFgtKwHoVRRGvI3Ji%2F9sfNvwEAAP%2F%2FAQAA%2F%2F%2Fo5YVAfwQAAA%3D%3D HTTP/1.1
Host: grandsupple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Cookie: u_pl=16353405; uid_id2=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec2ef41dd6bdb358bdf7d02bce45635537=[3520332]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 10:35:41 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 039f950a999c1fdc91fa012710959710
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.29&b_frame=1&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.29&b_frame=1&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.29&b_frame=1&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 10:35:41 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 72adeab88a13f19bf549d7e9feb5918e
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.29&b_frame=1&pk=2ef41dd6bdb358bdf7d02bce45635537&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.29&b_frame=1&pk=2ef41dd6bdb358bdf7d02bce45635537&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.29&b_frame=1&pk=2ef41dd6bdb358bdf7d02bce45635537&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 10:35:41 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5cdf7ecd3d5f9e0bd8c95952a31c3ea3
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 64d69e742cb5fd08fa9409c7e744c857
7fcdc72d34398e91c0a5945bca4240107de78d2c
1d3680b708271ab120fddd9a32c3ac833cef3758437ee1a3912645c6bb91a80a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D3680B708271AB120FDDD9A32C3AC833CEF3758437EE1A3912645C6BB91A80A"
Last-Modified: Sat, 17 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4621
Expires: Sun, 18 Sep 2022 11:52:43 GMT
Date: Sun, 18 Sep 2022 10:35:42 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 97e623faff05dd776d3d8f4269afc438
c830b4d80c73ab8ec3863aad6fe4652ed822d8d0
2870cb445ba53a56b1f540234539ed6195a8b2296f3589bf3797e95c834e13a1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "2870CB445BA53A56B1F540234539ED6195A8B2296F3589BF3797E95C834E13A1"
Last-Modified: Fri, 16 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11340
Expires: Sun, 18 Sep 2022 13:44:42 GMT
Date: Sun, 18 Sep 2022 10:35:42 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 97e623faff05dd776d3d8f4269afc438
c830b4d80c73ab8ec3863aad6fe4652ed822d8d0
2870cb445ba53a56b1f540234539ed6195a8b2296f3589bf3797e95c834e13a1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "2870CB445BA53A56B1F540234539ED6195A8B2296F3589BF3797E95C834E13A1"
Last-Modified: Fri, 16 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11340
Expires: Sun, 18 Sep 2022 13:44:42 GMT
Date: Sun, 18 Sep 2022 10:35:42 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 97e623faff05dd776d3d8f4269afc438
c830b4d80c73ab8ec3863aad6fe4652ed822d8d0
2870cb445ba53a56b1f540234539ed6195a8b2296f3589bf3797e95c834e13a1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "2870CB445BA53A56B1F540234539ED6195A8B2296F3589BF3797E95C834E13A1"
Last-Modified: Fri, 16 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11340
Expires: Sun, 18 Sep 2022 13:44:42 GMT
Date: Sun, 18 Sep 2022 10:35:42 GMT
Connection: keep-alive
taraa.xyz/rtb/show/79b0bc8eabc95d73d099abf0a3e0988f/?ref=1&k=129764&type=show_skip&cs=ICsMIunYJTyOcvigI36bMmCVwmicdpWZQEiIOxiAITxMNwDAQT1MNwTIMz4LMvytI2sYIlmdsEiIOpiAIjxLM2jkkj3ON2jJQHiIL7CQJjzNdfGZFD0OZ4TBFCfeZ1m59WjadMXBNylOZxCEID6WNoSAwCiMbuTUEziLOhjxEGsbIpmp03ybINjJoiwOLiCQJn2bMlydIW6YMySVw2ica12JVC5LXi2YEGiOO4ikIDyMZlTNdThYYwTYVmjYNhzlMT4OZwjQU21MY3jQRWjNO5GMRmiYNhzVUGwOYj2JMGzMZiTlJzkNMi2oMj0IN0SJJy9e
172.67.223.164200 OK 7.2 kB URL HTTP/2 taraa.xyz/rtb/show/79b0bc8eabc95d73d099abf0a3e0988f/?ref=1&k=129764&type=show_skip&cs=ICsMIunYJTyOcvigI36bMmCVwmicdpWZQEiIOxiAITxMNwDAQT1MNwTIMz4LMvytI2sYIlmdsEiIOpiAIjxLM2jkkj3ON2jJQHiIL7CQJjzNdfGZFD0OZ4TBFCfeZ1m59WjadMXBNylOZxCEID6WNoSAwCiMbuTUEziLOhjxEGsbIpmp03ybINjJoiwOLiCQJn2bMlydIW6YMySVw2ica12JVC5LXi2YEGiOO4ikIDyMZlTNdThYYwTYVmjYNhzlMT4OZwjQU21MY3jQRWjNO5GMRmiYNhzVUGwOYj2JMGzMZiTlJzkNMi2oMj0IN0SJJy9e
IP 172.67.223.164:0
File type ASCII text, with very long lines (19100), with no line terminators
Hash 88d724d4bd8c8cad1c13543dc6394387
00f29cd166dd49946273ad59b8a4def26b8141af
f3e2129d9139f88c030a9fe4c5cc1dba0f93831292781c1c6a12a14fd87f07d9
GET /rtb/show/79b0bc8eabc95d73d099abf0a3e0988f/?ref=1&k=129764&type=show_skip&cs=ICsMIunYJTyOcvigI36bMmCVwmicdpWZQEiIOxiAITxMNwDAQT1MNwTIMz4LMvytI2sYIlmdsEiIOpiAIjxLM2jkkj3ON2jJQHiIL7CQJjzNdfGZFD0OZ4TBFCfeZ1m59WjadMXBNylOZxCEID6WNoSAwCiMbuTUEziLOhjxEGsbIpmp03ybINjJoiwOLiCQJn2bMlydIW6YMySVw2ica12JVC5LXi2YEGiOO4ikIDyMZlTNdThYYwTYVmjYNhzlMT4OZwjQU21MY3jQRWjNO5GMRmiYNhzVUGwOYj2JMGzMZiTlJzkNMi2oMj0IN0SJJy9e HTTP/1.1
Host: taraa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://taraa.xyz
Connection: keep-alive
Referer: http://taraa.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:42 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.27
access-control-allow-origin: *
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywdA3gsL21lK2K0T3CtqPqt5p6cInJfaf6YW8Fgj5F3GygrSeqkU%2Fbh0Y%2FhvMF6PNlyO%2BpRFS%2BNhIPnQuRYoyQ0A3JeqwMCXX7xw1i62EvhSP3sZvgVbNtZgZUE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74c96fb24c01fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 1.0 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, max compression\012- data
Hash c4d6dca4373b0211199fef5d69520a7e
f64b4e94b3c69987a9a77c395f8b7aaf0c3716a5
c5a24837a8616b8d9e1cf1f569f37e93c237105632d3686c49023ad1b164da3d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "2870CB445BA53A56B1F540234539ED6195A8B2296F3589BF3797E95C834E13A1"
Last-Modified: Fri, 16 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11340
Expires: Sun, 18 Sep 2022 13:44:42 GMT
Date: Sun, 18 Sep 2022 10:35:42 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/e2/d0/7c/e2d07cfc54a4a2629ecb06a4ac9d023c/1658144633.jpg
45.133.44.9200 OK 13 kB URL HTTP/2 cdn.cloudimagesb.com/si/e2/d0/7c/e2d07cfc54a4a2629ecb06a4ac9d023c/1658144633.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 9a26092fd440aa10142a9e87e8370c2c
b1c33219c136dc2ee76d081d02f0cb9c15032f41
ef6e3d4a4df9d2c4f104857ab7b5b545e6f3e6c0dda989d6fcd0707513136445
GET /si/e2/d0/7c/e2d07cfc54a4a2629ecb06a4ac9d023c/1658144633.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:42 GMT
content-type: image/jpeg
content-length: 12632
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:44:01 GMT
etag: "62d54781-3158"
expires: Tue, 20 Sep 2022 10:35:42 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
grandsupple.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fanimate.css&l=79245&fd=343
192.243.61.227200 OK 0 B URL HTTP/1.1 grandsupple.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fanimate.css&l=79245&fd=343
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fanimate.css&l=79245&fd=343 HTTP/1.1
Host: grandsupple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Cookie: u_pl=16353405; uid_id2=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec2ef41dd6bdb358bdf7d02bce45635537=[3520332]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 10:35:42 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://javflag.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 313294
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://javflag.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 313294
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css
104.21.51.177200 OK 1.5 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css
IP 104.21.51.177:0
Hash 908dce303e802b45f99455bfa3c26ef2
2f064693d34a6eac3903455fc3de8477c4554e40
60eed66130c70fbeb214c6ab5a7f747cfaaad001a5f10d33d3da7d57f70d6f98
GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:42 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:19:14 GMT
etag: W/"6128d842-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5KItbBelvnvcpxELuqSJ9mr9a8uIRUonT08lE%2B8U57QAdFgJ1GVcUmuwJ8rbRe8p8xxdDx0S8%2F2NHBDfLWqvoz453xBLpfVO3%2FtAXACQld4tcmbEGgKzbxIX6ut69o%2F0Bk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fb4f9610b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
grandsupple.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSzWtdxRvH5zTZ%2FPhtVApFULkLERVzc859v3YRjDESjG1tLbqTeTs308w9c5g5LzeBQmxBIri4Xerq5HuThtpSdOXKIicF0bjJ7SoL809UBHdyb4PRB4bnmfk%2BA5%2F5zvPFTnpCfKT0eOlDs6m0pvPNql95%2FdMguFhZVVE6qAw6rc9ajYsVm73dbVX9NyrvS75u5mt%2B4PuBH1SWlZWhGcxPRKj4QTeodv1qo1YNmg0M7H%2F3LvXgqAeRnZAXoMR49rF3HoqXiPrfLUm3npj4rff6qaaJscjE%2FvVoPTJ5hP5ZGVoPYbR%2F2g3jjpYfwUR7U1yY7J9GpsbE%2B%2FkRWLR%2FCgmW7U45mYaMwMT%2FkWclpC6haAlubkOJIwJwgUuXEfXvXjI2pxvPVDpRx2T2z6dQ%2BZjM%2Fn4eUf%2FholaDyjWj00SZyGEQFlCDEqpXIk4PkGyeg8oPwJNbUIIg6hdQ4vjVTsDr1A%2B7c8IXwVyDiXCOtmU4J0Wn1Wl06qzbYFNjlCqhwhJaDkGdh3SylIc09JDGHvriuMKDIGj7glO%2F0%2BW8LtqStYQf0HYY0MBvdZDyCfsQSTwE10Nwu4XYbmFdDWHTn%2BDWCjhxDi4ZE%2B%2BjW8hEgVwS5I4gpwS5IsgTgjwr9oR2NVfcFdqlLDjNtdNcL0Ym6e3QPZP0ZER24hPy%2FNS0v7ZvYl0eV2oybARCtJhg9WaHibAt%2FBrjstFs1ZvNehtOFVDu3PSpm2pMLix%2FjliNyez2EzB6AKcPwNVzoOnLoPmoXfNB10aNjo%2FN6P4NmoWa9qrc9CFMgTiZRbLh7egT8uIUo%2FnDKiQ%2FXPjl60l8A24LxLbADfWYoKe3R1dNTnavmtyR7y%2FHieqrTTr512sJTeTMtx%2FIjdxYsbLkhvfe4RNhUj74WLpklUZCRT1H7i8qIaRdNpZL8uOK%2B0SyK6lbW0xtlMarV95dXunHVjqnTFSCqiP3Fbgak%2F9RMx3Yly58CWVL2LRAPz0kpwFlDsDjLbj4jN6ZGVh91sNiD3lajGyNnR1qNSa1p79Cy8OFh9ffvPdbeQeUFXDyXxfP6h23jZ59BTS5PZ3VzBbIdAGqh3DpzCiJ7eHCk%2Fo0wLQ3Ytp6u0xbfeeZvU4dV%2Bq%2BaDMZyjaTjWYjlFywZpP5POSsLjodjsSN%2BWt%2F3PwbAAD%2F%2FwEAAP%2F%2FaDFQqH8EAAA%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 grandsupple.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSzWtdxRvH5zTZ%2FPhtVApFULkLERVzc859v3YRjDESjG1tLbqTeTs308w9c5g5LzeBQmxBIri4Xerq5HuThtpSdOXKIicF0bjJ7SoL809UBHdyb4PRB4bnmfk%2BA5%2F5zvPFTnpCfKT0eOlDs6m0pvPNql95%2FdMguFhZVVE6qAw6rc9ajYsVm73dbVX9NyrvS75u5mt%2B4PuBH1SWlZWhGcxPRKj4QTeodv1qo1YNmg0M7H%2F3LvXgqAeRnZAXoMR49rF3HoqXiPrfLUm3npj4rff6qaaJscjE%2FvVoPTJ5hP5ZGVoPYbR%2F2g3jjpYfwUR7U1yY7J9GpsbE%2B%2FkRWLR%2FCgmW7U45mYaMwMT%2FkWclpC6haAlubkOJIwJwgUuXEfXvXjI2pxvPVDpRx2T2z6dQ%2BZjM%2Fn4eUf%2FholaDyjWj00SZyGEQFlCDEqpXIk4PkGyeg8oPwJNbUIIg6hdQ4vjVTsDr1A%2B7c8IXwVyDiXCOtmU4J0Wn1Wl06qzbYFNjlCqhwhJaDkGdh3SylIc09JDGHvriuMKDIGj7glO%2F0%2BW8LtqStYQf0HYY0MBvdZDyCfsQSTwE10Nwu4XYbmFdDWHTn%2BDWCjhxDi4ZE%2B%2BjW8hEgVwS5I4gpwS5IsgTgjwr9oR2NVfcFdqlLDjNtdNcL0Ym6e3QPZP0ZER24hPy%2FNS0v7ZvYl0eV2oybARCtJhg9WaHibAt%2FBrjstFs1ZvNehtOFVDu3PSpm2pMLix%2FjliNyez2EzB6AKcPwNVzoOnLoPmoXfNB10aNjo%2FN6P4NmoWa9qrc9CFMgTiZRbLh7egT8uIUo%2FnDKiQ%2FXPjl60l8A24LxLbADfWYoKe3R1dNTnavmtyR7y%2FHieqrTTr512sJTeTMtx%2FIjdxYsbLkhvfe4RNhUj74WLpklUZCRT1H7i8qIaRdNpZL8uOK%2B0SyK6lbW0xtlMarV95dXunHVjqnTFSCqiP3Fbgak%2F9RMx3Yly58CWVL2LRAPz0kpwFlDsDjLbj4jN6ZGVh91sNiD3lajGyNnR1qNSa1p79Cy8OFh9ffvPdbeQeUFXDyXxfP6h23jZ59BTS5PZ3VzBbIdAGqh3DpzCiJ7eHCk%2Fo0wLQ3Ytp6u0xbfeeZvU4dV%2Bq%2BaDMZyjaTjWYjlFywZpP5POSsLjodjsSN%2BWt%2F3PwbAAD%2F%2FwEAAP%2F%2FaDFQqH8EAAA%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSzWtdxRvH5zTZ%2FPhtVApFULkLERVzc859v3YRjDESjG1tLbqTeTs308w9c5g5LzeBQmxBIri4Xerq5HuThtpSdOXKIicF0bjJ7SoL809UBHdyb4PRB4bnmfk%2BA5%2F5zvPFTnpCfKT0eOlDs6m0pvPNql95%2FdMguFhZVVE6qAw6rc9ajYsVm73dbVX9NyrvS75u5mt%2B4PuBH1SWlZWhGcxPRKj4QTeodv1qo1YNmg0M7H%2F3LvXgqAeRnZAXoMR49rF3HoqXiPrfLUm3npj4rff6qaaJscjE%2FvVoPTJ5hP5ZGVoPYbR%2F2g3jjpYfwUR7U1yY7J9GpsbE%2B%2FkRWLR%2FCgmW7U45mYaMwMT%2FkWclpC6haAlubkOJIwJwgUuXEfXvXjI2pxvPVDpRx2T2z6dQ%2BZjM%2Fn4eUf%2FholaDyjWj00SZyGEQFlCDEqpXIk4PkGyeg8oPwJNbUIIg6hdQ4vjVTsDr1A%2B7c8IXwVyDiXCOtmU4J0Wn1Wl06qzbYFNjlCqhwhJaDkGdh3SylIc09JDGHvriuMKDIGj7glO%2F0%2BW8LtqStYQf0HYY0MBvdZDyCfsQSTwE10Nwu4XYbmFdDWHTn%2BDWCjhxDi4ZE%2B%2BjW8hEgVwS5I4gpwS5IsgTgjwr9oR2NVfcFdqlLDjNtdNcL0Ym6e3QPZP0ZER24hPy%2FNS0v7ZvYl0eV2oybARCtJhg9WaHibAt%2FBrjstFs1ZvNehtOFVDu3PSpm2pMLix%2FjliNyez2EzB6AKcPwNVzoOnLoPmoXfNB10aNjo%2FN6P4NmoWa9qrc9CFMgTiZRbLh7egT8uIUo%2FnDKiQ%2FXPjl60l8A24LxLbADfWYoKe3R1dNTnavmtyR7y%2FHieqrTTr512sJTeTMtx%2FIjdxYsbLkhvfe4RNhUj74WLpklUZCRT1H7i8qIaRdNpZL8uOK%2B0SyK6lbW0xtlMarV95dXunHVjqnTFSCqiP3Fbgak%2F9RMx3Yly58CWVL2LRAPz0kpwFlDsDjLbj4jN6ZGVh91sNiD3lajGyNnR1qNSa1p79Cy8OFh9ffvPdbeQeUFXDyXxfP6h23jZ59BTS5PZ3VzBbIdAGqh3DpzCiJ7eHCk%2Fo0wLQ3Ytp6u0xbfeeZvU4dV%2Bq%2BaDMZyjaTjWYjlFywZpP5POSsLjodjsSN%2BWt%2F3PwbAAD%2F%2FwEAAP%2F%2FaDFQqH8EAAA%3D HTTP/1.1
Host: grandsupple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Cookie: u_pl=16353405; uid_id2=81c3a0f9-d0d1-4bdf-a7ef-ed868483b94b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec2ef41dd6bdb358bdf7d02bce45635537=[3520332]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 10:35:42 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b4141949237829994a934171d3897d9
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/animate.css
104.21.51.177200 OK 4.8 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP 104.21.51.177:0
Hash 21eb7a65c17a2c22ba104a7ecbf1dc0f
ea8c53be54889c7489aed04e30e3eb83af64dec9
090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237
GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:42 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BMh1OK3K69aHZ4IiaoACH%2FfFq7mXJmkhB5CEF1Nh6eGy0S3C8u%2FN6%2BXCaMKhY1oTJrYNMwUIWfvGTVYLocAiLe%2FUkmw7zSyeXAggXtOIfmv2JgkZZe6LT1MfedED8S2Hqo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fb4e9570b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/js/script.js
104.21.51.177200 OK 210 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/js/script.js
IP 104.21.51.177:0
Hash 14c6a15c2c7729c885b33c990f37d2a5
865d9621a3a4c2b446ec535471412bf491a1e60e
bd7b0405bc197d2564e68c4366fdbfc06c0711a10231877d33c8c6cdd05fe7f0
GET /sb/ssp/utility/social-media/facebook/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:42 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BE0mKR1qQ%2FgUc0mQSCBu2dIJC3m6404tZVmKlSsRQqkmcO2NklOxq8kTEB28f%2Bvf7Fvr9IW4DCgBZo9vMJOFekHUNArb1ytFG0t3Pw2E5kT7FFcGOcWME%2BwygcFXhWMCNIo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fb4f95e0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.adxadserv.com/ad?spotid=60fa6cc461d6e22a417e5fc1&type=300x250&output=html&extra1=0&ref=http%3A//taraa.xyz/&dt=1663497321651&screen=1280x1024&tags=
185.98.53.2200 OK 0 B URL HTTP/2 ads.adxadserv.com/ad?spotid=60fa6cc461d6e22a417e5fc1&type=300x250&output=html&extra1=0&ref=http%3A//taraa.xyz/&dt=1663497321651&screen=1280x1024&tags=
IP 185.98.53.2:0
ASN #39572 DataWeb Global Group B.V.
GET /ad?spotid=60fa6cc461d6e22a417e5fc1&type=300x250&output=html&extra1=0&ref=http%3A//taraa.xyz/&dt=1663497321651&screen=1280x1024&tags= HTTP/1.1
Host: ads.adxadserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 10:35:40 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
X-Firefox-Spdy: h2
pogothere.xyz/
104.21.86.231200 OK 0 B IP 104.21.86.231:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://taraa.xyz
Connection: keep-alive
Referer: http://taraa.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:35 GMT
content-type: text/plain
set-cookie: csu=1393831158313354@1@1663497335; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://taraa.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irQKdRPAP8OazRPbW8nULr0ZbegXmuWPGCeGqPrUwXVu7cTic8AV4Jql8239tRmAymcH9E8iJUQomchXow8qCaA3VZcpXGmSfGadS0jbJvR65XOMcSljum6%2F%2FkFMB1NJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74c96f8b2de2b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javflag.com
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:42 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 18 Sep 2022 11:35:42 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
javflag.com/cdn-cgi/apps/head/eqvK8VR8hiV-oWoKRWKnWSx24Hw.js
104.21.43.50200 OK 0 B URL HTTP/2 javflag.com/cdn-cgi/apps/head/eqvK8VR8hiV-oWoKRWKnWSx24Hw.js
IP 104.21.43.50:0
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/apps/head/eqvK8VR8hiV-oWoKRWKnWSx24Hw.js HTTP/1.1
Host: javflag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:36 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: oDDTxHD+zc50pQT2cKQQvADuw99RIghEHCdtEBxMsEIo3UOJjwIJtLC9ezSNvlS03ryb9cFbmaE=
x-amz-request-id: PZ582H7T9PM8M3RD
cache-control: public, max-age=31536000
last-modified: Sat, 05 Jun 2021 15:23:51 GMT
x-amz-version-id: BpzTvMe2uK2cEHeQ_WRpUBJ2uI.NQfVs
etag: W/"212edacc088d2662764eb3ea51ef5a4f"
cf-cache-status: HIT
age: 8265027
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfTdszjeh4VCp8a7afuD03nJpBM3cijnAmFRnGAj7hzn%2BlR3j5ns0znXyQI%2FP7GOM5C%2F5zB6N1W%2FU2LCVxJN811dZOYtaWaQ1BJiiNR825TBk8hOcTxSotgcKQ5mAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96f938e351c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.adxadserv.com/js/adserv-slider.js
185.76.9.21200 OK 0 B URL HTTP/2 static.adxadserv.com/js/adserv-slider.js
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /js/adserv-slider.js HTTP/1.1
Host: static.adxadserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:37 GMT
content-type: application/javascript
last-modified: Fri, 15 Nov 2019 09:32:36 GMT
etag: W/"5dce70b4-dae"
x-accel-expires: @1663686382
server: CDN77-Turbo
x-77-nzt: AblMCRTzZvX/i+8MAA
x-77-nzt-ray: crbSoNCzUnY
x-cache: HIT
x-age: 847755
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
chaturbate.com/in/?track=juicy300100-272262&tour=x1Rd&campaign=NcAyU&c=4&p=0&gender=f
104.18.100.40302 Found 0 B URL HTTP/2 chaturbate.com/in/?track=juicy300100-272262&tour=x1Rd&campaign=NcAyU&c=4&p=0&gender=f
IP 104.18.100.40:0
GET /in/?track=juicy300100-272262&tour=x1Rd&campaign=NcAyU&c=4&p=0&gender=f HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 18 Sep 2022 10:35:38 GMT
content-type: text/html; charset=utf-8
location: /tours/3/?tour=x1Rd&campaign=NcAyU&c=4&p=0&gender=f&disable_sound=0
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
set-cookie: u_x1Rd=1; expires=Fri, 23-Sep-2022 10:35:38 GMT; Max-Age=432000; Path=/
us_x1Rd=1; Path=/
affkey="eJwdjUEKgzAQAL8ie27NZgUt3voBD0IfEJOIWoIhiTSh+HdZj8MMzB8S9BVkORp4VKCdZxz0u3yYU/gyb8eqS4MoEZ/UEbXEMrBaUvKxF8LvPxusmUq9KRNrvQtO1Dxz5FTO2VmzKkL5YnFvSMJ5AevbI50="; Domain=.chaturbate.com; expires=Tue, 18-Oct-2022 10:35:38 GMT; Max-Age=2592000; Path=/
fromaffiliate=1; Domain=.chaturbate.com; Path=/
noads=1; expires=Sun, 18-Sep-2022 16:35:38 GMT; Max-Age=21600; Path=/
stcki="pOtSwZ=1\054FqPd9a=0\0546pduSG=0\054aDBbcK=0"; expires=Tue, 18-Oct-2022 10:35:38 GMT; Max-Age=2592000; Path=/
sbr=sec:sbrda7d1a13-0650-404e-b7f0-02abc7fc30ec:1oZreE:KhYEi_zmr3bscBCFMwNwjMYJxys; Domain=.chaturbate.com; expires=Fri, 13-Jun-2025 10:35:38 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
__cf_bm=5KGDd8lcigKtDv8S5UzgOx9XxJsRwxZz1pLa3CZmf5M-1663497338-0-AacGJdI0WND0H5d8cxJkV8XekUk10DiOMsqZuhB+Qwxirbz+EYXCpZtDE3S3n7LlKcNdkfLB/YYzZlH/J6x/TfQ=; path=/; expires=Sun, 18-Sep-22 11:05:38 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74c96f9ee9ecb503-OSL
X-Firefox-Spdy: h2
chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=4&p=0&gender=f&disable_sound=0
104.18.100.40200 OK 0 B URL HTTP/2 chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=4&p=0&gender=f&disable_sound=0
IP 104.18.100.40:0
GET /tours/3/?tour=x1Rd&campaign=NcAyU&c=4&p=0&gender=f&disable_sound=0 HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poweredby.jads.co/
Connection: keep-alive
Cookie: __cf_bm=5KGDd8lcigKtDv8S5UzgOx9XxJsRwxZz1pLa3CZmf5M-1663497338-0-AacGJdI0WND0H5d8cxJkV8XekUk10DiOMsqZuhB+Qwxirbz+EYXCpZtDE3S3n7LlKcNdkfLB/YYzZlH/J6x/TfQ=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:39 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Language, Cookie
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
cache-control: no-cache
set-cookie: stcki="pOtSwZ=0\054FqPd9a=0\0546pduSG=0\054aDBbcK=1"; expires=Tue, 18-Oct-2022 10:35:38 GMT; Max-Age=2592000; Path=/
affkey="eJyrVipSslJQyigpKSi20tcvyC9PLUpNSarUy0pMKdZLztdXqgUA0FML6A=="; Domain=.chaturbate.com; expires=Tue, 18-Oct-2022 10:35:38 GMT; Max-Age=2592000; Path=/
sbr=sec:sbrc443b69f-eef6-40d9-90a9-30f40f868250:1oZreE:0CnogGLaNmN3oeY6_olKyy8vMPA; Domain=.chaturbate.com; expires=Fri, 13-Jun-2025 10:35:38 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74c96f9feb44b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
104.16.93.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
IP 104.16.93.42:0
GET /CACHE/js/output.6f6724a00cb8.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:39 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"a708027bfbbde438a72a93082d4bc4b5"
last-modified: Thu, 24 Jun 2021 21:24:05 GMT
x-amz-id-2: JSy2VAlm3gAahvlCm5/iqNOQuasckcIrq13CGup8iDmNjJ/I2mSXsAw6q4OzSeK3RH88h3oFZ3U=
x-amz-meta-s3cmd-attrs: md5:a708027bfbbde438a72a93082d4bc4b5
x-amz-request-id: 2D5V5B3Y2TWH6PZC
cf-cache-status: HIT
age: 47298
expires: Tue, 18 Oct 2022 10:35:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2B57sIBYwUhRLh0wYai3A76xtT%2BXHIZw%2BqacfCa75hGT7R35OrS0I7O3l3Iia6hHcW9O6OmRGjbxXkZMuL6TYJQRiZbTJLgQeWj2Fg11EnW6Mq8RwkggaAeAfBMTM1KpZ6ffZ4bHsFzx6HU7aIP0%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=KrjJDTz9CJUQRz9zhRVwhlg3h0JwTvWBNFxj535IthY-1663497339157-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74c96fa1a8910b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.traffichunt.com/adv_ret/?adv_pixel_id=535&nid=3
34.226.235.252200 OK 0 B URL HTTP/2 ads.traffichunt.com/adv_ret/?adv_pixel_id=535&nid=3
IP 34.226.235.252:0
GET /adv_ret/?adv_pixel_id=535&nid=3 HTTP/1.1
Host: ads.traffichunt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:38 GMT
server: nginx
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
set-cookie: new_adx_profile_guid=cf377b40-598e-42aa-8098-f0602eaba8b6;Max-Age=7776000;Path=/;SameSite=None; Secure
new_3.adx_rt_0=535;Max-Age=7776000;Path=/;SameSite=None; Secure
new_3.adx_daily_rt_0=535;Max-Age=48261;Path=/;SameSite=None; Secure
new_3.adx_rt_0=535;Max-Age=7776000;Path=/;SameSite=None; Secure
adx_profile_guid=cf377b40-598e-42aa-8098-f0602eaba8b6; Max-Age=7776000; Expires=Sat, 17 Dec 2022 10:35:38 GMT; Path=/
3.adx_rt_0=535; Max-Age=7776000; Expires=Sat, 17 Dec 2022 10:35:38 GMT; Path=/
3.adx_daily_rt_0=535; Max-Age=48261; Expires=Sun, 18 Sep 2022 23:59:59 GMT; Path=/
X-Firefox-Spdy: h2
static.javhd.com/h5/files/css/style.css
185.76.9.26200 OK 0 B URL HTTP/2 static.javhd.com/h5/files/css/style.css
IP 185.76.9.26:0
ASN #60068 Datacamp Limited
GET /h5/files/css/style.css HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/16514/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3Da4016188-373d-11ed-bed6-52ca5d2668e1%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3DJavflag%26cv8%3DFirefox%26cv9%3D60fa6cc461d6e22a417e5fc1%26externalId%3Da4016188-373d-11ed-bed6-52ca5d2668e1%26p%3DeyJiIjoyNzgzMjcsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI1MzE5fQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:41 GMT
content-type: text/css
last-modified: Wed, 25 May 2016 08:29:12 GMT
etag: W/"57456258-7bd"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRQ60Vj/LIqbAA
x-77-nzt-ray: RG71p7FspIU
x-cache: HIT
x-age: 10193452
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
104.21.234.254200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.234.254:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:39 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e25461e0f2e8b5c4ad939a38dccf5ba8
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 18 Sep 2022 10:35:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwpjcnXQiJw1p78mEC6sv2ERJiUDzArW%2Bo6kFv%2FNPKHHSzl%2FIH8rvoNdQTSUYMCqqmlMTODKMvJNJUj%2BVLn3%2Fs2Od8wh6ZLx4wnSM9XHwU2K%2FlIiP9TcQWFUYnUWZ8w2XxJ2MWE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fa20ea6769e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.juicyads.com/jp.php?c=34b42323u274u4q2v284z2b434&u=http%3A%2F%2Fwww.juicyads.rocks
143.204.55.92200 OK 0 B URL HTTP/2 js.juicyads.com/jp.php?c=34b42323u274u4q2v284z2b434&u=http%3A%2F%2Fwww.juicyads.rocks
IP 143.204.55.92:0
GET /jp.php?c=34b42323u274u4q2v284z2b434&u=http%3A%2F%2Fwww.juicyads.rocks HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javflag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
date: Sun, 18 Sep 2022 10:21:58 GMT
expires: Sun, 18 Sep 2022 10:36:58 GMT
pragma: cache
server: nginx
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _gCouCEeW5m0ZF0dEO6BvEm9yk04Xq0z18XWM3z101gpyZE9T8immA==
age: 819
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/img/close.svg
104.21.51.177200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/img/close.svg
IP 104.21.51.177:0
GET /sb/ssp/utility/social-media/facebook/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 10:35:42 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:13:59 GMT
etag: W/"602549b7-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3976284
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEdXvLMaMcBYo%2FMpr2LMckMJ7eKbauuFkyJ7J5CyaUuTtRZKKhAdG8iI2LGIdsrfn1nS2jPMn9SFZWOXPagJYqb7JtgTL32rgVDenXMtYRaQSiXMAbKlK1L5nWHakswpapQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96fb539920b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
highlevelcount.com/index.min.js?pk=e39a6a46f15b8ccd52813778a058820a
104.21.30.122404 Not Found 0 B URL HTTP/2 highlevelcount.com/index.min.js?pk=e39a6a46f15b8ccd52813778a058820a
IP 104.21.30.122:0
GET /index.min.js?pk=e39a6a46f15b8ccd52813778a058820a HTTP/1.1
Host: highlevelcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goplayhere.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sun, 18 Sep 2022 10:35:38 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: HIT
age: 104
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKS7Mh12ZcRsTjW7IzbA7kiXI9bTJW6Lh0XILot5G4WbwDyd1kTPYodSRFdB05uM%2BwlS%2BFl0dW00vsguxsowRxUB%2FQcMNdQ%2FTW5hceRvQiHV%2FndoLcybNNIkgIqx4IaiENUzF3g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c96f9e1da7b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2