www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/
301 Moved Permanently 0 B URL HTTP/1.1 www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/ HTTP/1.1
Host: www4.bestjavporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 22:27:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 24 Nov 2022 23:27:20 GMT
Location: https://www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMOoPKHgLk0HZqky3%2F8TH0XzcLRuP7%2BYX%2F8a2IouAKVWLqEpNGc3yixwTohD490EBVcTJPiF5AGGtxYdVBmzgkR5HlzUf21qlmj%2BcFqlxvY7ICVFAD%2B08rQvXTuI1IzPTChNz5l1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f592444ad5b523-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6060
Expires: Fri, 25 Nov 2022 00:08:20 GMT
Date: Thu, 24 Nov 2022 22:27:20 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4289
Cache-Control: max-age=134120
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:27:20 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:42:40 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3622
Expires: Thu, 24 Nov 2022 23:27:42 GMT
Date: Thu, 24 Nov 2022 22:27:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 22:17:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 600
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sFFvu8r93HvyA/T3y1i4+fcrvDuqPxj3+tv3fwGntDE350pPjqbePrFNkYXY8nJobIkCGpeDJ2M=
x-amz-request-id: WM80MTPG1Q470N36
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 21:40:33 GMT
age: 2807
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 22:27:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 785123cfb0a1deb1324ca4832d335433
3ca9e916584615e5629a24d27440277e46e8b44a
6acf0e1447efa0715caeee93a14585030ea123d51b36ce5495d8160d79f05e94
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=106770
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:27:20 GMT
Etag: "637eedda-116"
Expires: Sat, 26 Nov 2022 04:06:50 GMT
Last-Modified: Thu, 24 Nov 2022 04:06:50 GMT
Server: nginx
Content-Length: 278
www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/
200 OK 93 kB URL HTTP/2 www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7423), with CRLF, LF line terminators
Hash 6d33ae98226d4e0ec6b2ff4f6e9d1006
e18fe0618fb8c56fd67ec955f9de32e4383f5f93
c2f07bae85d0be8580334855ba21581c5c19a7d8e3235b0dc018c3e74d550a29
GET /video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/ HTTP/1.1
Host: www4.bestjavporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: text/html; charset=UTF-8
cf-ray: 76f592472949b50c-OSL
cache-control: max-age=3600
last-modified: Thu, 24 Nov 2022 09:12:05 GMT
link: <https://www4.bestjavporn.com/wp-json/>; rel="https://api.w.org/", <https://www4.bestjavporn.com/?p=362393>; rel=shortlink
vary: Accept-Encoding
cf-cache-status: HIT
cf-apo-via: tcache
cf-connecting-ip: 186.178.121.231
cf-edge-cache: cache,platform=wordpress
x-frame-options: SAMEORIGIN
x-rocket-nginx-serving-static: No
x-rocket-uri: /index.php
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfQ5lMF3p%2B84%2FAxLzVKkpmk7C9f3qk21eaDExxj6m%2Bzmrq%2Buijo%2FsaniO5jogef6XcB1pUc3yY5sBXK1NX17nVlaCK%2BCxha2%2FJFzGe1c664el71xuy7i9tVnxRtnhW%2Bj%2BQp%2F2nIg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
200 OK 5.1 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
IP
File type ASCII text, with very long lines (17660)
Hash abe1df98b6ab4644bd567e6669d0da03
27e3bf22ef08b7ca0090721ed31b4f921d278e7c
cd40ba7dbf63d67511c0fd56b7e5327dbedb43d15c439d79a8aacb6377059540
GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 5117
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-45f4"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 14610503
expires: Tue, 14 Nov 2023 22:27:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhaRqfgAArZ8tfgTJF%2BaYv%2BiQcQ24Yx1tw4kCxxyA24n3mD2aq4HePMvWOjtEma8F2Amhh41tXhxfoakqpjcdBc73EvL%2Fpqhhwsw9VK2jMfQVrV8kvH71oYgJP8maRAHasVmB5j6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76f5924a194bb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www4.bestjavporn.com/wp-content/themes/retrotube/assets/js/jquery.touchSwipe.min.js?ver=1.6.18
200 OK 5.8 kB URL HTTP/2 www4.bestjavporn.com/wp-content/themes/retrotube/assets/js/jquery.touchSwipe.min.js?ver=1.6.18
IP
File type ASCII text, with very long lines (20018), with CRLF line terminators
Hash 465f48fc6eccd8eb3121e462e2f34820
0cc24b8bef3c82e30c54819c77615cd1b46bcdf1
c2b1a69dd3ff0ae4449db9b098afb105ac24687dc223999bf3df5bb65cb85556
GET /wp-content/themes/retrotube/assets/js/jquery.touchSwipe.min.js?ver=1.6.18 HTTP/1.1
Host: www4.bestjavporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: application/javascript
last-modified: Fri, 15 Jan 2021 20:53:56 GMT
vary: Accept-Encoding
etag: W/"600200e4-4fdb"
cf-connecting-ip: 88.195.172.127
x-frame-options: SAMEORIGIN
x-rocket-nginx-serving-static: No
x-rocket-args: ver=1.6.18
x-rocket-uri: /wp-content/themes/retrotube/assets/js/jquery.touchSwipe.min.js
cache-control: max-age=3600
cf-cache-status: HIT
age: 43407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpaFJ93%2FGSIn2xFZs3z8wnNEgJrYkcysOZ6b3bhLQrWpLelXj3DRgzSrXWjwQjPxJm3GgsKaA%2F4e044SsaejUBoJ2W0Irh3b1m6mSkEQD4FeWKvos4CiV%2FO4mNsdWyjAfV4WZGAJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f592494c49b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www4.bestjavporn.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 933 B URL HTTP/2 www4.bestjavporn.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
Hash 97698e681f664aeef4fd3caa47f048b1
095771c7e548a1c08f0c3abde9d4a9e2d60611d4
f8452529cf429c899821469821d06b154d7b4a19af0938d62e2f68cf526aa7e0
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: www4.bestjavporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 13:35:09 GMT
etag: W/"637cd00d-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAL2TalA3MCXUukKsPsov3UKYWedyQmN81I1JPUAZPxaf9r6e8prOwi0l6NSZ9L7A%2FSBMM%2FWQN3RblNaFBK5awWuY4pRA8NL4m08JJGwJJi3tOHIbnxa%2B9qioRmLBvKIEO1D3VhQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f592494c44b50c-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 26 Nov 2022 22:27:21 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
www4.bestjavporn.com/wp-content/themes/retrotube/assets/js/navigation.js?ver=1.1.0
200 OK 1.1 kB URL HTTP/2 www4.bestjavporn.com/wp-content/themes/retrotube/assets/js/navigation.js?ver=1.1.0
IP
File type ASCII text, with very long lines (529)
Hash 5c75dea5e19f187713323c46af29869d
7ea7c5a1c6532419d0555db023361a182438923a
b5e26a182c0f6e6492f630a17b766f455ec4ebeb412886828bb8bfe76cf78ba0
GET /wp-content/themes/retrotube/assets/js/navigation.js?ver=1.1.0 HTTP/1.1
Host: www4.bestjavporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: application/javascript
cf-connecting-ip: 88.195.172.127
cf-bgj: minify
cf-polished: origSize=6149
etag: W/"635fdc2f-1805"
last-modified: Mon, 31 Oct 2022 14:31:11 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-rocket-args: ver=1.1.0
x-rocket-nginx-serving-static: No
x-rocket-uri: /wp-content/themes/retrotube/assets/js/navigation.js
cache-control: max-age=3600
cf-cache-status: HIT
age: 43407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BoKuxIsp2%2FlxARSD2ZBLNeczxil6YRLXtPLRQJ%2F%2F7npBEFZi3VoVq%2F88aMhMj9Oe8iwTzjzOZeBqyl1fCxoWDU3Zqb21OZv8qx2JkD7QnrOxagOjwzuj2HOQX7apIa2MjtB%2B0Gtt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f592494c47b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4901
Cache-Control: max-age=129669
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:27:21 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:28:30 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4
IP
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 16:36:02 GMT
expires: Thu, 23 Nov 2023 16:36:02 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 107479
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-124653024-3
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-124653024-3
IP
File type ASCII text, with very long lines (1921)
Hash 9e862464251391f2655f8977ee9d28e2
14760819b23095bb8769a0eeca2af4e5f707cb9c
cb8d0ea9059784ba36b88ae47079fc5b683de5bcda1559cebcdb4c2aa2cac6da
GET /gtag/js?id=UA-124653024-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 22:27:21 GMT
expires: Thu, 24 Nov 2022 22:27:21 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43622
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 22:08:53 GMT
cache-control: public,max-age=3600
age: 1108
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
theporndude.com/favicon-32x32.png
200 OK 1.6 kB URL HTTP/2 theporndude.com/favicon-32x32.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash e05d03cbbf9dc784d2f4a3ecb4ad6987
113aaa3555a1e3646fbfd19b4eb8156084e14db3
fadc546b6a83cd7a968038d42d7dc6b98b25f4c535d95e0607877faaceaa4bad
GET /favicon-32x32.png HTTP/1.1
Host: theporndude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: image/webp
content-length: 1576
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1823
content-disposition: inline; filename="favicon-32x32.webp"
vary: Accept
cache-control: public, max-age=31536000
etag: "71f-5dbddefb-94cda11995fd4df4;;;"
expires: Fri, 24 Nov 2023 22:27:21 GMT
last-modified: Sat, 02 Nov 2019 19:54:35 GMT
strict-transport-security: max-age=31536000
x-frame-options: allow-from https://webvisor.com/
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 172778
accept-ranges: bytes
server: cloudflare
cf-ray: 76f5924b9f6fb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www4.bestjavporn.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:53:39 GMT
expires: Tue, 21 Nov 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 272022
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aTpqY2nyEXGCukGnvp3mEQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rSupqtRv8FIq0lWapoV1RpuQcm0=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 22:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 472 B IP
Hash e238b3d81c4cebbbdef2975be450bec0
ca3c31ff2418da628f98ad427af626b6db3477f7
3d5213a5052d7090676e7a13ec0c5807f370aa58eed4855de838c457b04efa79
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 22:27:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 08:27:05 GMT
Expires: Tue, 29 Nov 2022 08:27:04 GMT
Etag: "ca3c31ff2418da628f98ad427af626b6db3477f7"
Cache-Control: max-age=380982,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f5924dfae2b518-OSL
poweredby.jads.co/js/jads.js
301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 24 Nov 2022 22:27:21 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
poweredby.jads.co/js/jads2.js
200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www4.bestjavporn.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 22:27:22 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8238cbd5194b287b529f5734044ea942
21bb49f195712b26ccc2e33eb5a9683506d0223c
c3f41a14af693c4f27e3d726f59f6d77b0be9e6cf9d96a9f582453b406d92508
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C3F41A14AF693C4F27E3D726F59F6D77B0BE9E6CF9D96A9F582453B406D92508"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2549
Expires: Thu, 24 Nov 2022 23:09:51 GMT
Date: Thu, 24 Nov 2022 22:27:22 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 20:41:08 GMT
expires: Thu, 24 Nov 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 6374
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=498602866&t=pageview&_s=1&dl=https%3A%2F%2Fwww4.bestjavporn.com%2Fvideo%2Fmuch-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours%2F&ul=en-us&de=UTF-8&dt=MUCH-110%20Misaki%20Hinata%20Shizuka%20Ishikawa%20Everyone%20Is%20Over%20G-cup!%20Chubby%20Girls%20With%20Collosal%20Tits%20Have%20Sex%20With%2010%20People%20In%20A%20Row%20-%208%20Hours%2C%20-%20BestJavPorn&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=944436607&gjid=1909852488&cid=1417177667.1669328842&tid=UA-124653024-3&_gid=564256866.1669328842&_r=1>m=2oub90&z=1143591579
200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=498602866&t=pageview&_s=1&dl=https%3A%2F%2Fwww4.bestjavporn.com%2Fvideo%2Fmuch-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours%2F&ul=en-us&de=UTF-8&dt=MUCH-110%20Misaki%20Hinata%20Shizuka%20Ishikawa%20Everyone%20Is%20Over%20G-cup!%20Chubby%20Girls%20With%20Collosal%20Tits%20Have%20Sex%20With%2010%20People%20In%20A%20Row%20-%208%20Hours%2C%20-%20BestJavPorn&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=944436607&gjid=1909852488&cid=1417177667.1669328842&tid=UA-124653024-3&_gid=564256866.1669328842&_r=1>m=2oub90&z=1143591579
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=498602866&t=pageview&_s=1&dl=https%3A%2F%2Fwww4.bestjavporn.com%2Fvideo%2Fmuch-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours%2F&ul=en-us&de=UTF-8&dt=MUCH-110%20Misaki%20Hinata%20Shizuka%20Ishikawa%20Everyone%20Is%20Over%20G-cup!%20Chubby%20Girls%20With%20Collosal%20Tits%20Have%20Sex%20With%2010%20People%20In%20A%20Row%20-%208%20Hours%2C%20-%20BestJavPorn&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=944436607&gjid=1909852488&cid=1417177667.1669328842&tid=UA-124653024-3&_gid=564256866.1669328842&_r=1>m=2oub90&z=1143591579 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www4.bestjavporn.com
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www4.bestjavporn.com
date: Thu, 24 Nov 2022 22:27:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 06f83c7b75d1d39c741a93c0dfd5d1a0
b18b777dbba703d12de85e55d555a05f3e3a7791
8c526161d955fd423f2ecfe78863ba2ab8984508086264e655a46bd8a38ce5f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C526161D955FD423F2ECFE78863BA2AB8984508086264E655A46BD8A38CE5F2"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2767
Expires: Thu, 24 Nov 2022 23:13:29 GMT
Date: Thu, 24 Nov 2022 22:27:22 GMT
Connection: keep-alive
r.trackwilltrk.com/s1/e1ce8edc-bc88-4852-876e-2bf610b566ce?externalId=2a20b1c0-6c47-11ed-9b66-52ca5d2668e1&cv1=2a20b1c0-6c47-11ed-9b66-52ca5d2668e1&cv2=0c1c5c30286e1db21a741e4b62c8b6e4&cv3=desktop&cv4=62fe933961d6e278cd572307&cv5=62fe933061d6e278cd572305&cv6=en&cv7=NTVA-Bestjavporn&cv8=Firefox&cv9=62fe56a361d6e272ea2a6a61&cv10=62fe56a361d6e272ea2a6a61
200 OK 931 B URL HTTP/1.1 r.trackwilltrk.com/s1/e1ce8edc-bc88-4852-876e-2bf610b566ce?externalId=2a20b1c0-6c47-11ed-9b66-52ca5d2668e1&cv1=2a20b1c0-6c47-11ed-9b66-52ca5d2668e1&cv2=0c1c5c30286e1db21a741e4b62c8b6e4&cv3=desktop&cv4=62fe933961d6e278cd572307&cv5=62fe933061d6e278cd572305&cv6=en&cv7=NTVA-Bestjavporn&cv8=Firefox&cv9=62fe56a361d6e272ea2a6a61&cv10=62fe56a361d6e272ea2a6a61
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (735)
Hash f68b3b325688d8beece05591a379a217
cf5e498b3b017212e48643a6e28b0376c6dd58ac
78cdbf6b22e2e2b57556c237284812ec58835d8f23e91f2818df715748ead6d3
GET /s1/e1ce8edc-bc88-4852-876e-2bf610b566ce?externalId=2a20b1c0-6c47-11ed-9b66-52ca5d2668e1&cv1=2a20b1c0-6c47-11ed-9b66-52ca5d2668e1&cv2=0c1c5c30286e1db21a741e4b62c8b6e4&cv3=desktop&cv4=62fe933961d6e278cd572307&cv5=62fe933061d6e278cd572305&cv6=en&cv7=NTVA-Bestjavporn&cv8=Firefox&cv9=62fe56a361d6e272ea2a6a61&cv10=62fe56a361d6e272ea2a6a61 HTTP/1.1
Host: r.trackwilltrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 24 Nov 2022 22:27:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 931
Connection: close
Set-Cookie: uid=CJqcqIZap; Path=/; Domain=trackwilltrk.com; Expires=Fri, 25 Nov 2022 22:27:22 GMT; HttpOnly
X-Request-Id: 3b6cffef-a9f3-4af2-a7e9-5df85cfe148c
static.adxadserv.com/js/adb.js
200 OK 24 kB URL HTTP/2 static.adxadserv.com/js/adb.js
IP
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (511), with CRLF line terminators
Hash 125f13c8e01773c098bb01fa2202939a
295e1d85429a2931592e772bef0fc8111828822b
2fc2ea4593d283620c2e489f5ead6e0fd5041eefd2e0ca585b40229f55d55aff
GET /js/adb.js HTTP/1.1
Host: static.adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:22 GMT
content-type: application/javascript
last-modified: Tue, 24 Mar 2020 11:15:59 GMT
etag: W/"5e79ebef-532"
x-accel-expires: @1669892817
server: CDN77-Turbo
x-77-nzt: AblMCQ3ZFyr/+TYHAA
x-77-nzt-ray: c0a4cc28d1c9f87ccaef7f63f983f709
x-cache: HIT
x-age: 472825
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
adxadserv.com/ascripts/pxl.js
200 OK 23 kB URL HTTP/1.1 adxadserv.com/ascripts/pxl.js
IP
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (36114)
Hash 72d1139e9f2e6ebe3f51c9193edb4439
cd356eb9eaab433ac792406ba36d4304b6450571
74553d0effe74cd6a4f1424940f7fd133c5457ff1d5c53030e651ec6612bec88
GET /ascripts/pxl.js HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 24 Nov 2022 22:27:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Sep 2020 09:55:41 GMT
ETag: W/"5f6dbe9d-12fee"
Expires: Thu, 24 Nov 2022 08:33:14 GMT
Cache-Control: max-age=86400, public
X-77-NZT: AblMCgq12Rj/f8MAAA
X-77-NZT-Ray: 2109d11066f2265ccaef7f634a705621
X-Cache: HIT
X-Age: 50047
X-77-POP: amsterdamNL
X-77-Cache: HIT
Content-Encoding: br
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 72c39a3f3615820ecd69b78e061a1a35
c964f4b8a506d07842659ad49f1378b590768ae2
6bc79bb6868429611d809fbfa9fcda496088f1547418b7f261744251ab0c41cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC79BB6868429611D809FBFA9FCDA496088F1547418B7F261744251AB0C41CD"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4729
Expires: Thu, 24 Nov 2022 23:46:11 GMT
Date: Thu, 24 Nov 2022 22:27:22 GMT
Connection: keep-alive
adxadserv.com/px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D62fe56a361d6e272ea2a6a61%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww4.bestjavporn.com%252Fvideo%252Fmuch-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours%252F%2526dt%253D1669328841762%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww4.bestjavporn.com%252F&d_r=1&d_s=1280x1024&d_w=293x250&t_s=1669328841970&t_i=1669328841992&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=68dbe6f1-f6f4-4d27-81bf-e75d46472c16&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=2a20b1c0-6c47-11ed-9b66-52ca5d2668e1&spid=62fe56a361d6e272ea2a6a61&fpid_sa=1669328841992&fpid=&feid_sa=1669328841992&sid_sa=1669328841992&feid=ecd85a23db36212fbabb7d27826ca198&sid=d3e495942cd5e2e55b51bf388a6935b7&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www4.bestjavporn.com&s_rst=1&e_d=%7B%22isResetRequired%22%3Atrue%7D&t_op=0.322
200 OK 0 B URL HTTP/1.1 adxadserv.com/px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D62fe56a361d6e272ea2a6a61%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww4.bestjavporn.com%252Fvideo%252Fmuch-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours%252F%2526dt%253D1669328841762%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww4.bestjavporn.com%252F&d_r=1&d_s=1280x1024&d_w=293x250&t_s=1669328841970&t_i=1669328841992&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=68dbe6f1-f6f4-4d27-81bf-e75d46472c16&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=2a20b1c0-6c47-11ed-9b66-52ca5d2668e1&spid=62fe56a361d6e272ea2a6a61&fpid_sa=1669328841992&fpid=&feid_sa=1669328841992&sid_sa=1669328841992&feid=ecd85a23db36212fbabb7d27826ca198&sid=d3e495942cd5e2e55b51bf388a6935b7&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www4.bestjavporn.com&s_rst=1&e_d=%7B%22isResetRequired%22%3Atrue%7D&t_op=0.322
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D62fe56a361d6e272ea2a6a61%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww4.bestjavporn.com%252Fvideo%252Fmuch-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours%252F%2526dt%253D1669328841762%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww4.bestjavporn.com%252F&d_r=1&d_s=1280x1024&d_w=293x250&t_s=1669328841970&t_i=1669328841992&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=68dbe6f1-f6f4-4d27-81bf-e75d46472c16&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=2a20b1c0-6c47-11ed-9b66-52ca5d2668e1&spid=62fe56a361d6e272ea2a6a61&fpid_sa=1669328841992&fpid=&feid_sa=1669328841992&sid_sa=1669328841992&feid=ecd85a23db36212fbabb7d27826ca198&sid=d3e495942cd5e2e55b51bf388a6935b7&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www4.bestjavporn.com&s_rst=1&e_d=%7B%22isResetRequired%22%3Atrue%7D&t_op=0.322 HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 24 Nov 2022 22:27:22 GMT
Content-Length: 0
Connection: keep-alive
static.javhd.com/h5/files/overlay/1602-overlay-preview.png
200 OK 1.5 kB URL HTTP/2 static.javhd.com/h5/files/overlay/1602-overlay-preview.png
IP
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 7083a71bc40e5d85670940c518cacca2
a2caeb7c6ca3960af2881434fb0df0c2241d7288
7c4049c76ecd35b05855df0c6ce7e1157213d9fb92c3b2b05ebf9b5d9bdff03a
GET /h5/files/overlay/1602-overlay-preview.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhdhello.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:22 GMT
content-type: image/png
content-length: 1546
last-modified: Wed, 20 Apr 2022 13:56:48 GMT
etag: "62601120-60a"
expires: Tue, 23 May 2023 11:04:47 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839887
server: CDN77-Turbo
x-77-nzt: AblMCQ39qOL/e4X0AA
x-77-nzt-ray: c0a4cc287fcbad80caef7f633161da2c
x-cache: HIT
x-age: 16024955
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhd.com/h5/files/overlay/1602-overlay.png
200 OK 1.8 kB URL HTTP/2 static.javhd.com/h5/files/overlay/1602-overlay.png
IP
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash f4403fc07b7c414db6ec613317885035
457d3e8f9e9fb0456292efdbd5f18b318e804ea7
00ffbfa9483f4a6e8b85b6ab368a9547cf29e54c1aeb2bfcf81f34ec2bf50ee7
GET /h5/files/overlay/1602-overlay.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhdhello.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:22 GMT
content-type: image/png
content-length: 1839
last-modified: Wed, 20 Apr 2022 13:56:47 GMT
etag: "6260111f-72f"
expires: Tue, 23 May 2023 11:04:47 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839887
server: CDN77-Turbo
x-77-nzt: AblMCQ33eyT/e4X0AA
x-77-nzt-ray: c0a4cc287fcbad80caef7f6364a2de2c
x-cache: HIT
x-age: 16024955
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhd.com/h5/files/button/29-button.png
200 OK 733 B URL HTTP/2 static.javhd.com/h5/files/button/29-button.png
IP
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 82a66a2d222379716ca9a03ff50d8f42
ae43d917ff791f9172edc527baa6266416182aaa
cc5da7b40e498d30bf5eaae43e59cae32202737076422676489dd8d3030803de
GET /h5/files/button/29-button.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhdhello.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:22 GMT
content-type: image/png
content-length: 733
last-modified: Tue, 22 Dec 2015 18:41:22 GMT
etag: "56799952-2dd"
expires: Tue, 23 May 2023 11:04:47 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839887
server: CDN77-Turbo
x-77-nzt: AblMCQ3hWcH/e4X0AA
x-77-nzt-ray: c0a4cc287fcbad80caef7f63f6d0382d
x-cache: HIT
x-age: 16024955
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhd.com/h5/files/video/2317-18818-300x250.medium.mp4
206 Partial Content 637 kB URL HTTP/2 static.javhd.com/h5/files/video/2317-18818-300x250.medium.mp4
IP
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 637 kB (636818 bytes)
Hash c99a2a921083f2059a462a98598a605c
2568d959336cedad0a659ab2bc1414a928d5798c
0b46308ffc756133dcab008861f8553ef5a8b33e9f5739ded9ddbc89e2708668
GET /h5/files/video/2317-18818-300x250.medium.mp4 HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://static.javhdhello.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Thu, 24 Nov 2022 22:27:22 GMT
content-type: video/mp4
content-length: 636818
last-modified: Mon, 07 Feb 2022 07:41:37 GMT
etag: "6200cd31-9b792"
expires: Tue, 24 May 2022 11:05:38 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-accel-expires: @1669379557
server: CDN77-Turbo
x-77-nzt: AblMCQ1pq4T/ZYsAAA
x-77-nzt-ray: c0a4cc287fcbad80caef7f632b5cf82f
x-cache: HIT
x-age: 35685
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-636817/636818
X-Firefox-Spdy: h2
adxadserv.com/t/re/v4?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D62fe56a361d6e272ea2a6a61%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww4.bestjavporn.com%252Fvideo%252Fmuch-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours%252F%2526dt%253D1669328841762%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww4.bestjavporn.com%252F&d_r=1&d_s=1280x1024&d_w=293x250&t_s=1669328841970&t_i=1669328841990&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=9f255f0e-134c-4559-8352-dfb65d79434d&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_s=GUEST&fpid_sa=null&fpid=&feid_sa=null&sid_sa=null&feid=ed166e00fb0d2955709304d0456de139&sid=7f5ab4b83038ebd39dd56479e25c8012&u_adb=0&vn=R-1.0&utm_typ=referral&utm_src=www4.bestjavporn.com&s_rst=1&st_d=%7B%7D&e_d=%7B%22spotId%22%3A%2262fe56a361d6e272ea2a6a61%22%2C%22impressionId%22%3A%222a20b1c0-6c47-11ed-9b66-52ca5d2668e1%22%7D&t_op=0.538&cb=gl.cb.pv
200 OK 65 B URL HTTP/1.1 adxadserv.com/t/re/v4?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D62fe56a361d6e272ea2a6a61%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww4.bestjavporn.com%252Fvideo%252Fmuch-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours%252F%2526dt%253D1669328841762%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww4.bestjavporn.com%252F&d_r=1&d_s=1280x1024&d_w=293x250&t_s=1669328841970&t_i=1669328841990&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=9f255f0e-134c-4559-8352-dfb65d79434d&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_s=GUEST&fpid_sa=null&fpid=&feid_sa=null&sid_sa=null&feid=ed166e00fb0d2955709304d0456de139&sid=7f5ab4b83038ebd39dd56479e25c8012&u_adb=0&vn=R-1.0&utm_typ=referral&utm_src=www4.bestjavporn.com&s_rst=1&st_d=%7B%7D&e_d=%7B%22spotId%22%3A%2262fe56a361d6e272ea2a6a61%22%2C%22impressionId%22%3A%222a20b1c0-6c47-11ed-9b66-52ca5d2668e1%22%7D&t_op=0.538&cb=gl.cb.pv
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash c7d2ccb409b54b825018fef5da97cac3
e95761a948ce8c837b1aba9c7c38e120f8e58279
1780c57708178f6f84ce8829089cda4219cf0052bf9e7ce7862382232fbee697
GET /t/re/v4?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D62fe56a361d6e272ea2a6a61%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww4.bestjavporn.com%252Fvideo%252Fmuch-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours%252F%2526dt%253D1669328841762%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww4.bestjavporn.com%252F&d_r=1&d_s=1280x1024&d_w=293x250&t_s=1669328841970&t_i=1669328841990&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=9f255f0e-134c-4559-8352-dfb65d79434d&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_s=GUEST&fpid_sa=null&fpid=&feid_sa=null&sid_sa=null&feid=ed166e00fb0d2955709304d0456de139&sid=7f5ab4b83038ebd39dd56479e25c8012&u_adb=0&vn=R-1.0&utm_typ=referral&utm_src=www4.bestjavporn.com&s_rst=1&st_d=%7B%7D&e_d=%7B%22spotId%22%3A%2262fe56a361d6e272ea2a6a61%22%2C%22impressionId%22%3A%222a20b1c0-6c47-11ed-9b66-52ca5d2668e1%22%7D&t_op=0.538&cb=gl.cb.pv HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 24 Nov 2022 22:27:22 GMT
Content-Type: text/javascript
Content-Length: 65
Connection: keep-alive
Set-Cookie: xfeid=15e88bbdfb15e6cbb8211cf365294e68; expires=Tue, 01 Jan 2030 00:00:00 GMT; path=/; domain=.adxadserv.com
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: content-type
Access-Control-Max-Age: 864000
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5668
Expires: Fri, 25 Nov 2022 00:01:51 GMT
Date: Thu, 24 Nov 2022 22:27:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5668
Expires: Fri, 25 Nov 2022 00:01:51 GMT
Date: Thu, 24 Nov 2022 22:27:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5668
Expires: Fri, 25 Nov 2022 00:01:51 GMT
Date: Thu, 24 Nov 2022 22:27:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5668
Expires: Fri, 25 Nov 2022 00:01:51 GMT
Date: Thu, 24 Nov 2022 22:27:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f59a591b222397ff0f01c22a0786e660
6a8504212141af411a18ce58960c8bb52e8116ac
624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: e84a5668-cd91-42af-b6de-5eb694ea56e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-KFtmIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38d-64513fb257d83b9847c82929;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rIKW7gaK37mlbk_TUo63AH9-XDOoF3Z-5mGaeOkzmESFLJ3GHz60lA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:10 GMT
etag: "6a8504212141af411a18ce58960c8bb52e8116ac"
content-type: image/jpeg
age: 3133
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c67bf2eb6ca2d7e2b34df1dbe8e7b36
cdacea802c72450973140387aafacae9df78b0aa
52c1b293ec45c98077953699dcc48d77d4aee2bb12f38ef21c692af9171b6db2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8275
x-amzn-requestid: 350ffdb7-723f-4dfc-95e8-e76364d1313d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xGPAoAMFbWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-10d4c566779b9b9f4bb9112d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Uj2zluKZJzwlcymflJicV2rFLgOEYzWuhZsThZPRbCwiNoYxCgbEwg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "cdacea802c72450973140387aafacae9df78b0aa"
content-type: image/jpeg
age: 3142
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba7b9c131ab7e5998f25b069ba3860a0
0214fc0deecb1115766802f42cfd256e3c479490
717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
content-type: image/jpeg
age: 3142
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 54796
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5863138af1ddbba34a7856242a7b3a06
2eba66ff6539388c48562503e8d11ff0e060350a
d1543e1b803a07095148b743925eebbbf21f566a2df9b785a1a9d48c5604496c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8917
x-amzn-requestid: 10f3b269-9437-476d-ae4f-a0ac3fb78491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wEIwoAMF8uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4cfeecf4553b26381ed11875;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6ibPrCdDNQqWzxiVYDsl87yUfTP8sUmu22GbhBdDHJruil0qxbw7Fw==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:00 GMT
etag: "2eba66ff6539388c48562503e8d11ff0e060350a"
content-type: image/jpeg
age: 3143
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68dc3a7e-f975-440d-a07f-305243b24788.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68dc3a7e-f975-440d-a07f-305243b24788.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c71b83b77af9bb19b3845048a3008b43
050da47a42e16a83c1d59419055961fe9f1f4cc0
cb36e84116edbaa02347bc53611a8318ac8284ac71346006cb95688a6a08f662
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68dc3a7e-f975-440d-a07f-305243b24788.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10531
x-amzn-requestid: aa926e70-4b20-40ba-849d-50e96cab8bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICPAHoqoAMFXHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3f9-28cdb407069866236c99a0c7;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:36:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vfNXShGI5ZxOg8GVHCvI-6hGwZ-Vh-iVmO9YoCneZU05m8f3fiIl0w==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:38 GMT
age: 1965
etag: "050da47a42e16a83c1d59419055961fe9f1f4cc0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0adda2ac7c68f298d33342886acd56da
60874a49b4d892e330d5a8875790ae76b124dd50
16514de0d6d33785b738aff44f5a9d5a3d16572068ed1945d42b2bed2bfa4fd3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16514DE0D6D33785B738AFF44F5A9D5A3D16572068ED1945D42B2BED2BFA4FD3"
Last-Modified: Tue, 22 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2421
Expires: Thu, 24 Nov 2022 23:07:44 GMT
Date: Thu, 24 Nov 2022 22:27:23 GMT
Connection: keep-alive
liaisondegreedaughters.com/2b/d8/d3/2bd8d300136a6fd50bcb5a7f3f4a12fa.js
200 OK 13 kB URL HTTP/1.1 liaisondegreedaughters.com/2b/d8/d3/2bd8d300136a6fd50bcb5a7f3f4a12fa.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37131), with no line terminators
Hash 56fedd79ddb4fb0a3eea50de468752ab
73ea436921cf18e6ba2624d5740e092bc82ea3ec
3357f5be6390bb8a5e5d8cd2d2b18e0b16cff58d6ca35c2682117d9e73fe054c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /2b/d8/d3/2bd8d300136a6fd50bcb5a7f3f4a12fa.js HTTP/1.1
Host: liaisondegreedaughters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 22:27:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 900620a99af449631fa99eccddeff673
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
analitits.com/t/xfeid?cb=gl.cb.xf
200 OK 65 B URL HTTP/1.1 analitits.com/t/xfeid?cb=gl.cb.xf
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 2a76ba925f104450ca30b5cec7d157fe
e20b662c420a2299470860a01b9fef3473b1702c
c4a0a957d4bad7405c42f62d5d49a3f7de396ee1b1622853b9cd51f91a76aca2
GET /t/xfeid?cb=gl.cb.xf HTTP/1.1
Host: analitits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Thu, 24 Nov 2022 22:27:23 GMT
Content-Type: application/octet-stream
Content-Length: 65
Connection: keep-alive
Set-Cookie: xfeid=b3f514bf49a039af64a737414eb5e6f9; expires=Tue, 01 Jan 2030 00:00:00 GMT; path=/; domain=.analitits.com
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: content-type
Access-Control-Max-Age: 864000
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash daedbf6ef8bc447ac2d08a42d4c4bf9f
2864128c9304bd42925932eda5b14ab62f805081
3d745fbf6d7563deeac08ec38de8db388536ff113a89fd20e8e51d9fd6f200d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3D745FBF6D7563DEEAC08EC38DE8DB388536FF113A89FD20E8E51D9FD6F200D1"
Last-Modified: Tue, 22 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5722
Expires: Fri, 25 Nov 2022 00:02:45 GMT
Date: Thu, 24 Nov 2022 22:27:23 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 5348b4ee74a9c894db836c2b61cc7086
9a65195ea94f2f7326007ad86ca1675010f4c00e
d2c786795613bca9a9bee9143dc278307b828a07b40880cfa20e087895aa359a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 22:27:23 GMT
Last-Modified: Thu, 24 Nov 2022 21:18:38 GMT
Server: ECS (bsa/EB18)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HO4GOLIJ-qgH_xu87YmV9_Dhtu4BGjUSs_iY2iFTTVlvsM4sKBPzyw==
Age: 4125
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 540050d3ea4dd5c025e4480149a64564
ac84d67d3e941ae92e25d43bce7851049f8cba77
e82e34d8117899fd46a184b7cd6b2e7e88a2acd44d9cbb57d8c6b385f0a126e9
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.bestjavporn.com
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:23 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www4.bestjavporn.com
access-control-allow-credentials: true
set-cookie: uid_id2=62af6b28-a97a-47b5-aead-45f6343310b5:3:1; expires=Sun, 21 Nov 2032 22:27:23 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash daedbf6ef8bc447ac2d08a42d4c4bf9f
2864128c9304bd42925932eda5b14ab62f805081
3d745fbf6d7563deeac08ec38de8db388536ff113a89fd20e8e51d9fd6f200d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3D745FBF6D7563DEEAC08EC38DE8DB388536FF113A89FD20E8E51D9FD6F200D1"
Last-Modified: Tue, 22 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5722
Expires: Fri, 25 Nov 2022 00:02:45 GMT
Date: Thu, 24 Nov 2022 22:27:23 GMT
Connection: keep-alive
poweredby.jads.co/adshow.php?adzone=784300
200 OK 1.5 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=784300
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358), with CRLF, LF line terminators
Hash 7874beed51eeaa00832e380f63bffc3a
ffd30c48d73e9e4802c030fbb2ed6c1b59f2919a
537f49721f3fef421c26640c2012d63ed12b798f3ef62a23fe3e02ac22b52d9a
GET /adshow.php?adzone=784300 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 22:27:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=35d19c6bf7661766dc1d68c67692de06; expires=Fri, 24-Nov-2023 22:27:22 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Sun, 27-Nov-2022 22:27:22 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sun, 27-Nov-2022 22:27:22 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
poweredby.jads.co/adshow.php?adzone=794135
200 OK 1.5 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=794135
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (352), with CRLF, LF line terminators
Hash bf0832f0fb2242c8588c858d0e2dd6cd
e58bbed1fb3d854235412827a620d17e3185b6a6
80d48912ae79d39a8143e452cbdb449d0ebfe862fe8f56f28739949b89ab4610
GET /adshow.php?adzone=794135 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 24 Nov 2022 22:27:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=35d19c6bf7661766dc1d68c67692de06; expires=Fri, 24-Nov-2023 22:27:22 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Sun, 27-Nov-2022 22:27:22 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sun, 27-Nov-2022 22:27:22 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
r.trackwilltrk.com/s1/4121eca0-ff5a-4c89-9772-768fbbfd1900?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=126401&cv4=237443&cv5=784300&cv6=
200 OK 757 B URL HTTP/1.1 r.trackwilltrk.com/s1/4121eca0-ff5a-4c89-9772-768fbbfd1900?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=126401&cv4=237443&cv5=784300&cv6=
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (561)
Hash c3fddc2aa86ebae4829bcace27e4d071
708ad3a303653fb648cd2248484e3cdcfca34397
3e50328da97cb1e94a4e3ceb7f513a0d32564bdf5bf835ddda4ce4358b74184f
GET /s1/4121eca0-ff5a-4c89-9772-768fbbfd1900?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=126401&cv4=237443&cv5=784300&cv6= HTTP/1.1
Host: r.trackwilltrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 24 Nov 2022 22:27:23 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 757
Connection: close
Set-Cookie: uid=cVvcuIStM; Path=/; Domain=trackwilltrk.com; Expires=Fri, 25 Nov 2022 22:27:23 GMT; HttpOnly
X-Request-Id: 4f66f1f1-32fa-4679-8b98-ece96d943db0
static.javhdhello.com/h5/files/15541/728x90.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2F71c4b258-85d7-4b68-903c-9b5137533963%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D126401%26cv4%3D237443%26cv5%3D784300%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NTYsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjEwMzR9
200 OK 1.5 kB URL HTTP/2 static.javhdhello.com/h5/files/15541/728x90.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2F71c4b258-85d7-4b68-903c-9b5137533963%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D126401%26cv4%3D237443%26cv5%3D784300%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NTYsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjEwMzR9
IP
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 476df416d630ba069cf2f2fdf278edf8
9ca7d06f845dec8e95e77ca2fb7860cf92a3ef2d
f1e3d2ecdcbad9e7a3997a963269262b0951a9dcf903ab26005649f094dd9a7a
GET /h5/files/15541/728x90.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2F71c4b258-85d7-4b68-903c-9b5137533963%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D126401%26cv4%3D237443%26cv5%3D784300%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NTYsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjEwMzR9 HTTP/1.1
Host: static.javhdhello.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trackwilltrk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:23 GMT
content-type: text/html
last-modified: Mon, 07 Feb 2022 07:41:28 GMT
etag: W/"6200cd28-c7f"
expires: Sat, 24 Dec 2022 13:10:48 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1671887448
server: CDN77-Turbo
x-77-nzt: AblMCQ0TUMT/c4IAAA
x-77-nzt-ray: c0a4cc287fcbad80cbef7f63f0431c25
x-cache: HIT
x-age: 33395
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
static.javhd.com/h5/files/overlay/16-overlay.png
200 OK 4.2 kB URL HTTP/2 static.javhd.com/h5/files/overlay/16-overlay.png
IP
ASN #60068 Datacamp Limited
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash d66274c14945df9c552f3f29b2edb39e
ab31d71d26c8486aa6e5662459341e1db4171ecb
eca2a576dcb0e650c0701e96f1d4e7336cd0adc970cedbc7e8a72638ca2aa43e
GET /h5/files/overlay/16-overlay.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhdhello.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:23 GMT
content-type: image/png
content-length: 4224
last-modified: Tue, 06 Feb 2018 18:15:47 GMT
etag: "5a79f0d3-1080"
expires: Tue, 23 May 2023 11:06:55 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684840015
server: CDN77-Turbo
x-77-nzt: AblMCQ1tzDP//IT0AA
x-77-nzt-ray: c0a4cc287fcbad80cbef7f632eb63126
x-cache: HIT
x-age: 16024828
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhd.com/h5/files/button/19-button.png
200 OK 504 B URL HTTP/2 static.javhd.com/h5/files/button/19-button.png
IP
ASN #60068 Datacamp Limited
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 6b9292b2f016f0dca094f08e98b10e4f
032fb37c0956d518c289b727d4f2b1f7d300f9e1
549b9bd0060e105223af22424e20b6dce5b9276b90bda0af13a1b0fc503bd673
GET /h5/files/button/19-button.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhdhello.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:23 GMT
content-type: image/png
content-length: 504
last-modified: Fri, 11 Dec 2015 19:04:22 GMT
etag: "566b1e36-1f8"
expires: Tue, 23 May 2023 11:05:44 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839944
server: CDN77-Turbo
x-77-nzt: AblMCQ1Pl1r/Q4X0AA
x-77-nzt-ray: c0a4cc287fcbad80cbef7f63427a4026
x-cache: HIT
x-age: 16024899
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 44771b180b2dd756dea6310c74b37fa6
d49e297df28dddc108f47c1cc25a435e20b5ab32
5a6eaed387aa416b015c6e859dcdaef6d58a4fd029f102fa1c2d9276fd196fac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A6EAED387AA416B015C6E859DCDAEF6D58A4FD029F102FA1C2D9276FD196FAC"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11725
Expires: Fri, 25 Nov 2022 01:42:48 GMT
Date: Thu, 24 Nov 2022 22:27:23 GMT
Connection: keep-alive
static.javhd.com/h5/files/video/1934-18586-728x90.medium.mp4
206 Partial Content 430 kB URL HTTP/2 static.javhd.com/h5/files/video/1934-18586-728x90.medium.mp4
IP
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 430 kB (429648 bytes)
Hash 1b43621d87c60ea606c14ea425205a50
5216be9ada04594ace6a2d719fd641c56b1231fb
f0e48a2bf05f1a29981edc57035ecf4ee7d5e507927d8c3bde0d8c93c237bc04
GET /h5/files/video/1934-18586-728x90.medium.mp4 HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://static.javhdhello.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Thu, 24 Nov 2022 22:27:23 GMT
content-type: video/mp4
content-length: 429648
last-modified: Mon, 07 Feb 2022 07:41:26 GMT
etag: "6200cd26-68e50"
expires: Tue, 24 May 2022 11:15:59 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-accel-expires: @1669387116
server: CDN77-Turbo
x-77-nzt: AblMCQ2zxUb/320AAA
x-77-nzt-ray: c0a4cc287fcbad80cbef7f633c11c726
x-cache: HIT
x-age: 28127
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-429647/429648
X-Firefox-Spdy: h2
r.trwl1.com/s1/5146bd48-0d31-4836-a052-4f7292431eec?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=126401&cv4=237443&cv5=794135&cv6=
200 OK 749 B URL HTTP/1.1 r.trwl1.com/s1/5146bd48-0d31-4836-a052-4f7292431eec?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=126401&cv4=237443&cv5=794135&cv6=
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (553)
Hash a649d5028f6d43b60cecbcbb51b0bcd0
e306c388e27a2507188bf6c0de78ab7b48c23a1e
8c49fabaf598acff54cbca93d9313a2ef9a409938dd0ad42bc5a71a5843fb97a
GET /s1/5146bd48-0d31-4836-a052-4f7292431eec?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=126401&cv4=237443&cv5=794135&cv6= HTTP/1.1
Host: r.trwl1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 24 Nov 2022 22:27:23 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 749
Connection: close
Set-Cookie: uid=9LXcuUStM; Path=/; Domain=trwl1.com; Expires=Fri, 25 Nov 2022 22:27:23 GMT; HttpOnly
X-Request-Id: ce35c6db-d553-4ac6-97cf-834478678857
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 540050d3ea4dd5c025e4480149a64564
ac84d67d3e941ae92e25d43bce7851049f8cba77
e82e34d8117899fd46a184b7cd6b2e7e88a2acd44d9cbb57d8c6b385f0a126e9
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.bestjavporn.com
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Cookie: uid_id2=62af6b28-a97a-47b5-aead-45f6343310b5:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:23 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www4.bestjavporn.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4ef75fcea13092be20b3fdea1a1d0797
d509e59d1d06577d84491687167bba4884404a18
98c6ffd282eae8de84bb66b55c3c4c5077aae2f5bcfec1e31ec81320fad627db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98C6FFD282EAE8DE84BB66B55C3C4C5077AAE2F5BCFEC1E31EC81320FAD627DB"
Last-Modified: Tue, 22 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14483
Expires: Fri, 25 Nov 2022 02:28:47 GMT
Date: Thu, 24 Nov 2022 22:27:24 GMT
Connection: keep-alive
asg.phukienthoitranggiare.com/api/spots/184920?host=www4.bestjavporn.com&ev=197&wh=939&ww=1280&uuid=
200 OK 909 B URL HTTP/2 asg.phukienthoitranggiare.com/api/spots/184920?host=www4.bestjavporn.com&ev=197&wh=939&ww=1280&uuid=
IP
ASN #24940 Hetzner Online GmbH
Hash 3cc09404290c0bb45a183bc4cdb11c37
c7808fe0307ed3c8a03736c2f085b8bfa4eee84e
f2e945e6cdb4fb4f5d7941f5037e48ab3cf357deeb5984c9ebe812745dd67917
GET /api/spots/184920?host=www4.bestjavporn.com&ev=197&wh=939&ww=1280&uuid= HTTP/1.1
Host: asg.phukienthoitranggiare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 22:27:23 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=Dps2WHfiL166dRNkqoSB; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
static.javhd.com/h5/files/16738/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff194c970-bc2d-4827-8b0a-7f39df13c295%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D126401%26cv4%3D237443%26cv5%3D794135%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzg4OTksImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIxOTM5fQ
200 OK 976 B URL HTTP/2 static.javhd.com/h5/files/16738/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff194c970-bc2d-4827-8b0a-7f39df13c295%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D126401%26cv4%3D237443%26cv5%3D794135%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzg4OTksImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIxOTM5fQ
IP
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6831bd8c781e6c86ec9d4c004bb60e32
a23527d8ae171d1e2a6f1075453bac08d0a21442
28a846238450537452fde7202e4f3161daaeac6688894314b6c4ffcdbf6649fe
GET /h5/files/16738/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff194c970-bc2d-4827-8b0a-7f39df13c295%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D126401%26cv4%3D237443%26cv5%3D794135%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzg4OTksImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIxOTM5fQ HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trwl1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:23 GMT
content-type: text/html
last-modified: Wed, 23 Nov 2022 13:08:06 GMT
etag: W/"637e1b36-c86"
expires: Sat, 24 Dec 2022 16:17:35 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1671898655
server: CDN77-Turbo
x-77-nzt: AblMCQ32nyX/rFYAAA
x-77-nzt-ray: c0a4cc287fcbad80cbef7f63d8b8dd2a
x-cache: HIT
x-age: 22188
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
parkingridiculous.com/sbar.json?key=2bd8d300136a6fd50bcb5a7f3f4a12fa&uuid=62af6b28-a97a-47b5-aead-45f6343310b5%3A3%3A1
200 OK 4.3 kB URL HTTP/1.1 parkingridiculous.com/sbar.json?key=2bd8d300136a6fd50bcb5a7f3f4a12fa&uuid=62af6b28-a97a-47b5-aead-45f6343310b5%3A3%3A1
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (6045), with no line terminators
Hash 10c0bbd62c7719df05c58270f5dc228c
383897545fc8eff37768c1557140abd8a80190ca
529f1219cc9eaab2c214ada2a6d4a2deb5e6ec3b09e78f407762620a7068e5e7
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=2bd8d300136a6fd50bcb5a7f3f4a12fa&uuid=62af6b28-a97a-47b5-aead-45f6343310b5%3A3%3A1 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.bestjavporn.com
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 22:27:24 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www4.bestjavporn.com
Access-Control-Allow-Origin: https://www4.bestjavporn.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17179025; expires=Fri, 25 Nov 2022 22:27:24 GMT; secure; SameSite=None
uid_id2=62af6b28-a97a-47b5-aead-45f6343310b5:3:1; expires=Thu, 01 Dec 2022 22:27:24 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 25 Nov 2022 22:27:24 GMT; secure; SameSite=None
uncs=1; expires=Fri, 25 Nov 2022 22:27:24 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 25 Nov 2022 22:27:24 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 25 Nov 2022 22:27:24 GMT; secure; SameSite=None
slec2bd8d300136a6fd50bcb5a7f3f4a12fa=[3789938]; expires=Thu, 24 Nov 2022 22:27:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 007c1c3e8fd9cbbe273538b488b9fb9c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b6600618d25a3e9acc27391d3f680d2b
4b416cee1249ac910f6fb8225e17390a644e3628
213d66ef9ad1f59458b0a4e68bb1b23c8fd349e0ee3010445000a2de12165127
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "213D66EF9AD1F59458B0A4E68BB1B23C8FD349E0EE3010445000A2DE12165127"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3800
Expires: Thu, 24 Nov 2022 23:30:44 GMT
Date: Thu, 24 Nov 2022 22:27:24 GMT
Connection: keep-alive
parkingridiculous.com/ren.gif?sid=H4sIAAAAAAAC%2F1SST4gcxRfHq5P95fDzEsWLB2UEBUV3tnt6ev6Yw2KMkWBMQhKJF8WqrurZylZ3NVX9Z7IIBheWHGc9eez9zm4WNagBrxLp9aCsCDsKsoh79OY%2FhJxldgcW36Hfe%2F15h%2Ff9vlrbyA%2BIi5zuX3lDr0il6ELQdBvP3ZAJ16VtXLre8Nyme6ZxQyad9pnGcPoxxUueGzTd5xuviXBZL7Rcz3U912ucl0ZEerhwSCHTe32v2Xeb7VbTC9oYmv%2F2NndgqQNeHJDHIPnkf0vf3YcMayTxF%2BeEXc50%2BuKrca5opg0Kvv1mspzoMkF8XEbGQZRsz6ah7YSQj05AJ9szBdDF5lQBmJwQ52cPLNmerQlWbB1tyhREAsYfQVnUEKqGpDVCvQrJ9wgQcly6jCS%2Be0mbkt46onRKJ2Tu4T%2BQ5YTM%2Ffo4kvizs0oOG9e0yjOpE4thVEEOa8hBjTTfQbbiQJY7CLMPIPkPZOHhRSTx5mWrNCTff6bTolGHtXrztN%2Bl8%2B0uC%2BapoHy%2BHUQdv%2B37nsuCQ4ukrCGjGkqMQO1J5NZBLh3kkYM8dRDz%2FQYN%2BpHrdiMW%2BX6vHYah74dh0OvwgPvtXuQiD6caRsjSEUI1QmhuIzW3sSw%2F3Aue3Xv7BZj8a9ilCpY7sBlBwSuUgqC0BCUlKCVBmRGURbXFlW3Z6i5XNmfeLLdm2a%2FGOhts0C2dDURCNtID8ujUPufU0%2BtYFvuNFuM97ruu53doJ%2BKBy0IW0G7kR23qtSIKKytIewLUOliRE3Ly1CpSOSEnzvwNRmtYVSOUp0HzJ0HLcbflgi6N2z0XK8nnTNjsJi1SbZJmqGNwXSHN5pDdcjbUAXni8JL9nwxEuLv4R%2FHtl%2F23TiM0FVJT4ab8hmCg7oyv6pJsXtWlJfcvp5mM5QqdXvlaRjMx98nr4lapDb9wzo4%2Bfjmcgml577qw2UWacJkMLPn0rORcmPPahIJ8dcHeEOxKbpfO5ibJ04tXXjl%2FIU6NsFbqpAaVe%2B8%2BQCgn5P%2Fx2uH7feqXNUhTw%2BQV4nyXzAJS7yBMb8Omu4u%2FvRMsvvf7OqwmMOp4hqUOyrwamxY7%2FqkkgRLHPWUVrDi2gIndB38dsQ17BwPjgGarSOIKhalQqApUjWDzk%2BMsNbuLP%2FqHAaacMVPG2WTKqPUja63cb4ggciPhtgSL%2BizqUpf3o3af0b4nuiygHjI7Cd%2F%2F8%2Ft%2FAQAA%2F%2F8BAAD%2F%2F5rOuTyXBAAA
200 OK 7 B URL HTTP/1.1 parkingridiculous.com/ren.gif?sid=H4sIAAAAAAAC%2F1SST4gcxRfHq5P95fDzEsWLB2UEBUV3tnt6ev6Yw2KMkWBMQhKJF8WqrurZylZ3NVX9Z7IIBheWHGc9eez9zm4WNagBrxLp9aCsCDsKsoh79OY%2FhJxldgcW36Hfe%2F15h%2Ff9vlrbyA%2BIi5zuX3lDr0il6ELQdBvP3ZAJ16VtXLre8Nyme6ZxQyad9pnGcPoxxUueGzTd5xuviXBZL7Rcz3U912ucl0ZEerhwSCHTe32v2Xeb7VbTC9oYmv%2F2NndgqQNeHJDHIPnkf0vf3YcMayTxF%2BeEXc50%2BuKrca5opg0Kvv1mspzoMkF8XEbGQZRsz6ah7YSQj05AJ9szBdDF5lQBmJwQ52cPLNmerQlWbB1tyhREAsYfQVnUEKqGpDVCvQrJ9wgQcly6jCS%2Be0mbkt46onRKJ2Tu4T%2BQ5YTM%2Ffo4kvizs0oOG9e0yjOpE4thVEEOa8hBjTTfQbbiQJY7CLMPIPkPZOHhRSTx5mWrNCTff6bTolGHtXrztN%2Bl8%2B0uC%2BapoHy%2BHUQdv%2B37nsuCQ4ukrCGjGkqMQO1J5NZBLh3kkYM8dRDz%2FQYN%2BpHrdiMW%2BX6vHYah74dh0OvwgPvtXuQiD6caRsjSEUI1QmhuIzW3sSw%2F3Aue3Xv7BZj8a9ilCpY7sBlBwSuUgqC0BCUlKCVBmRGURbXFlW3Z6i5XNmfeLLdm2a%2FGOhts0C2dDURCNtID8ujUPufU0%2BtYFvuNFuM97ruu53doJ%2BKBy0IW0G7kR23qtSIKKytIewLUOliRE3Ly1CpSOSEnzvwNRmtYVSOUp0HzJ0HLcbflgi6N2z0XK8nnTNjsJi1SbZJmqGNwXSHN5pDdcjbUAXni8JL9nwxEuLv4R%2FHtl%2F23TiM0FVJT4ab8hmCg7oyv6pJsXtWlJfcvp5mM5QqdXvlaRjMx98nr4lapDb9wzo4%2Bfjmcgml577qw2UWacJkMLPn0rORcmPPahIJ8dcHeEOxKbpfO5ibJ04tXXjl%2FIU6NsFbqpAaVe%2B8%2BQCgn5P%2Fx2uH7feqXNUhTw%2BQV4nyXzAJS7yBMb8Omu4u%2FvRMsvvf7OqwmMOp4hqUOyrwamxY7%2FqkkgRLHPWUVrDi2gIndB38dsQ17BwPjgGarSOIKhalQqApUjWDzk%2BMsNbuLP%2FqHAaacMVPG2WTKqPUja63cb4ggciPhtgSL%2BizqUpf3o3af0b4nuiygHjI7Cd%2F%2F8%2Ft%2FAQAA%2F%2F8BAAD%2F%2F5rOuTyXBAAA
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SST4gcxRfHq5P95fDzEsWLB2UEBUV3tnt6ev6Yw2KMkWBMQhKJF8WqrurZylZ3NVX9Z7IIBheWHGc9eez9zm4WNagBrxLp9aCsCDsKsoh79OY%2FhJxldgcW36Hfe%2F15h%2Ff9vlrbyA%2BIi5zuX3lDr0il6ELQdBvP3ZAJ16VtXLre8Nyme6ZxQyad9pnGcPoxxUueGzTd5xuviXBZL7Rcz3U912ucl0ZEerhwSCHTe32v2Xeb7VbTC9oYmv%2F2NndgqQNeHJDHIPnkf0vf3YcMayTxF%2BeEXc50%2BuKrca5opg0Kvv1mspzoMkF8XEbGQZRsz6ah7YSQj05AJ9szBdDF5lQBmJwQ52cPLNmerQlWbB1tyhREAsYfQVnUEKqGpDVCvQrJ9wgQcly6jCS%2Be0mbkt46onRKJ2Tu4T%2BQ5YTM%2Ffo4kvizs0oOG9e0yjOpE4thVEEOa8hBjTTfQbbiQJY7CLMPIPkPZOHhRSTx5mWrNCTff6bTolGHtXrztN%2Bl8%2B0uC%2BapoHy%2BHUQdv%2B37nsuCQ4ukrCGjGkqMQO1J5NZBLh3kkYM8dRDz%2FQYN%2BpHrdiMW%2BX6vHYah74dh0OvwgPvtXuQiD6caRsjSEUI1QmhuIzW3sSw%2F3Aue3Xv7BZj8a9ilCpY7sBlBwSuUgqC0BCUlKCVBmRGURbXFlW3Z6i5XNmfeLLdm2a%2FGOhts0C2dDURCNtID8ujUPufU0%2BtYFvuNFuM97ruu53doJ%2BKBy0IW0G7kR23qtSIKKytIewLUOliRE3Ly1CpSOSEnzvwNRmtYVSOUp0HzJ0HLcbflgi6N2z0XK8nnTNjsJi1SbZJmqGNwXSHN5pDdcjbUAXni8JL9nwxEuLv4R%2FHtl%2F23TiM0FVJT4ab8hmCg7oyv6pJsXtWlJfcvp5mM5QqdXvlaRjMx98nr4lapDb9wzo4%2Bfjmcgml577qw2UWacJkMLPn0rORcmPPahIJ8dcHeEOxKbpfO5ibJ04tXXjl%2FIU6NsFbqpAaVe%2B8%2BQCgn5P%2Fx2uH7feqXNUhTw%2BQV4nyXzAJS7yBMb8Omu4u%2FvRMsvvf7OqwmMOp4hqUOyrwamxY7%2FqkkgRLHPWUVrDi2gIndB38dsQ17BwPjgGarSOIKhalQqApUjWDzk%2BMsNbuLP%2FqHAaacMVPG2WTKqPUja63cb4ggciPhtgSL%2BizqUpf3o3af0b4nuiygHjI7Cd%2F%2F8%2Ft%2FAQAA%2F%2F8BAAD%2F%2F5rOuTyXBAAA HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Cookie: u_pl=17179025; uid_id2=62af6b28-a97a-47b5-aead-45f6343310b5:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec2bd8d300136a6fd50bcb5a7f3f4a12fa=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 22:27:24 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0c24d6ba57a9467762b85f20127b040e
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 0eae74238d1c9828cd086271241b5e66
4cdd2c9e819b5c71d1d3e4836063a7a9f89ccf15
4884107002b9840725b58cd3ff13215471bdcd8c2a1029c3eeadd16abe4d91d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4884107002B9840725B58CD3FF13215471BDCD8C2A1029C3EEADD16ABE4D91D2"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4021
Expires: Thu, 24 Nov 2022 23:34:25 GMT
Date: Thu, 24 Nov 2022 22:27:24 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 0eae74238d1c9828cd086271241b5e66
4cdd2c9e819b5c71d1d3e4836063a7a9f89ccf15
4884107002b9840725b58cd3ff13215471bdcd8c2a1029c3eeadd16abe4d91d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4884107002B9840725B58CD3FF13215471BDCD8C2A1029C3EEADD16ABE4D91D2"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4021
Expires: Thu, 24 Nov 2022 23:34:25 GMT
Date: Thu, 24 Nov 2022 22:27:24 GMT
Connection: keep-alive
parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Findex.html&l=1300&fd=94
200 OK 0 B URL HTTP/1.1 parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Findex.html&l=1300&fd=94
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Findex.html&l=1300&fd=94 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Cookie: u_pl=17179025; uid_id2=62af6b28-a97a-47b5-aead-45f6343310b5:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec2bd8d300136a6fd50bcb5a7f3f4a12fa=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 22:27:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 0eae74238d1c9828cd086271241b5e66
4cdd2c9e819b5c71d1d3e4836063a7a9f89ccf15
4884107002b9840725b58cd3ff13215471bdcd8c2a1029c3eeadd16abe4d91d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4884107002B9840725B58CD3FF13215471BDCD8C2A1029C3EEADD16ABE4D91D2"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4021
Expires: Thu, 24 Nov 2022 23:34:25 GMT
Date: Thu, 24 Nov 2022 22:27:24 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/girls.png
200 OK 322 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/girls.png
IP
File type PNG image data, 729 x 331, 8-bit/color RGBA, non-interlaced\012- data
Size 322 kB (322399 bytes)
Hash 47b7ae41a98644de6d46d58a0e51a793
b0f736609af3c0b3214ee52cc9f0798dcc972df6
b2ad5bf8fc066203168fbceb53b7df6012e8897be344b240e94105af1b4ba0f2
GET /sb/notifications/games/nutaku/multi/2/img/girls.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:24 GMT
content-type: image/png
content-length: 322399
last-modified: Wed, 07 Sep 2022 14:37:32 GMT
etag: "6318acac-4eb5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 808423
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U41b5e54VatWkrzAebz76H%2B54zG%2FH558NWoEt5Rjv154bb3Bv%2BzdNAPra2VXv4LkKQec0is0MxAmZ1E8Rp5u1JJzMHucSaNLyuyUQFpUfmobMu9Gn66DnHn8xkq2WrQk1xud7X4ON72R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5925fbfe78883-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fstyles.css&l=11401&fd=137
200 OK 0 B URL HTTP/1.1 parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fstyles.css&l=11401&fd=137
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fstyles.css&l=11401&fd=137 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Cookie: u_pl=17179025; uid_id2=62af6b28-a97a-47b5-aead-45f6343310b5:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec2bd8d300136a6fd50bcb5a7f3f4a12fa=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 22:27:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/close.svg
200 OK 450 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/close.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash 20b200a71d83324547cef782120461af
32fd245b10b4cf440810fba2c876c0f984d53f5d
19742dba4e8317ebbf15e14919f1738fe6aefd5463ead8efd599d9f9e6334e25
GET /sb/notifications/games/nutaku/multi/2/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:24 GMT
content-type: image/svg+xml
last-modified: Thu, 18 Aug 2022 08:55:17 GMT
etag: W/"62fdfe75-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 808423
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5DV8gZzC7nwVvaY7T5fTkxSmFpLwnzuJD75%2BD9cX5nQ8gXtIozhoI7igl2vGvc5KNI%2B7alfZGqh33IuEx1KcSoFquY3rAjs75dU%2BFPTHOZ%2FSzFlkZUWkprGhvlhBgH%2F0IiR9gmKK33A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5925fafcf8883-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fjs%2Fmain.js&l=6946&fd=42
200 OK 0 B URL HTTP/1.1 parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fjs%2Fmain.js&l=6946&fd=42
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fjs%2Fmain.js&l=6946&fd=42 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Cookie: u_pl=17179025; uid_id2=62af6b28-a97a-47b5-aead-45f6343310b5:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec2bd8d300136a6fd50bcb5a7f3f4a12fa=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 22:27:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
parkingridiculous.com/impr.gif?sid=H4sIAAAAAAAC%2F1SST2gd1RfH77T5dfFzU8WNC%2BUJCormZebNzPtjF8FaK8XalrZSN4r33yS3uTN3uHf%2BpEGwWChdpq5cTr4vbVCLWnArlYkLJSLkKUgQs3TnP4Su5SWB4FnMOWc%2BZ3G%2B33NvrpW7xEdJdy68YVaU1nQu7vqd566oTJjadc5d7gR%2B1z%2FRuaKyfnSiszz92OqlwI%2B7%2FvOd1yRfMnM9P%2FD9wA86p5WViVme26NQ%2Bb1R0B353ajXDeIIy%2Fa%2FvSs9OOpBVLvkMSgx%2Bd%2Fid%2FeheIss%2FeKUdEuFyV98NS01LYxFJTbezJYyU2dID8vEekiyjYNpGDch5KMjMNnGgQKYan2qAExNiPdzAJZtHKwJVt3Z35RpyAxMPIK6aiF1C0VbcHMDSmwTgAucO48svXvO2Jpe26d0Sidk5uE%2FUPWEzPz6OLL0s5NaLXcuGV0WymQOy0kDtdxCLbTIy00UKx5UvQlefAAlfiBzD88iS9fPO22gxM4z%2FR5N%2Bqw3nKWjAZ2NBiyepZKK2ShO%2BmEUhoHP4j2LlGqhkhZaroK6oyidh1J5KBMPZe4hFTsdGo8S3x8kLAnDYcQ5D0PO42FfxCKMhomPkk81rKLIV8H1Kri9jtxex5L6cDt%2BdvvtF2DLr%2BEWGzjhwRUElWhQS4LaEdSUoFYEdUFQV80doV3PNXeFdiULDnLvIIfN2BQLa%2FSOKRZkRtbyXfLo1D7v2NO3sSR3Oj0mhiL0%2FSDs034iYp9xFtNBEiYRDXoJhVMNlDsC6jysqAk5euwGcjUhR078DUZbON2Cq%2BOg5ZOg9XjQ80EXx9HQx0r2OZOuuEqr3Nisy00KYRrkxQyKa96a3iVP7F1y9JOF5Fvzf1Tffjl66zi4bZDbBlfVNwQL%2Btb4oqnJ%2BkVTO3L%2FfF6oVK3Q6ZUvFbSQM5%2B8Lq%2FVxoozp9zqxy%2FzKZiW9y5LV5ylmVDZgiOfnlRCSHvaWC7JV2fcFckulG7xZGmzMj974ZXTZ9LcSueUyVpQtf3uA3A1If9Pb%2B6936d%2BuQllW9iyQVpukYOAMpvg%2BXW4fGv%2Bt3fi%2Bfd%2Bvw1nCKw%2BnGG5h7psxrbHDn9qRaDlYU9ZAycPLWBy68Ff%2B2zN3cKC9UCLG8jSBpVtUOkGVK%2FClUfHRW635n8M9wJMe2OmrbfOtNW39611aqcTB5EcsuGAC8EkF8GgFw5D3%2B8JEQ1GMhihcBP%2B%2Fp%2Ff%2FwsAAP%2F%2FAQAA%2F%2F%2BOxjfalwQAAA%3D%3D
200 OK 7 B URL HTTP/1.1 parkingridiculous.com/impr.gif?sid=H4sIAAAAAAAC%2F1SST2gd1RfH77T5dfFzU8WNC%2BUJCormZebNzPtjF8FaK8XalrZSN4r33yS3uTN3uHf%2BpEGwWChdpq5cTr4vbVCLWnArlYkLJSLkKUgQs3TnP4Su5SWB4FnMOWc%2BZ3G%2B33NvrpW7xEdJdy68YVaU1nQu7vqd566oTJjadc5d7gR%2B1z%2FRuaKyfnSiszz92OqlwI%2B7%2FvOd1yRfMnM9P%2FD9wA86p5WViVme26NQ%2Bb1R0B353ajXDeIIy%2Fa%2FvSs9OOpBVLvkMSgx%2Bd%2Fid%2FeheIss%2FeKUdEuFyV98NS01LYxFJTbezJYyU2dID8vEekiyjYNpGDch5KMjMNnGgQKYan2qAExNiPdzAJZtHKwJVt3Z35RpyAxMPIK6aiF1C0VbcHMDSmwTgAucO48svXvO2Jpe26d0Sidk5uE%2FUPWEzPz6OLL0s5NaLXcuGV0WymQOy0kDtdxCLbTIy00UKx5UvQlefAAlfiBzD88iS9fPO22gxM4z%2FR5N%2Bqw3nKWjAZ2NBiyepZKK2ShO%2BmEUhoHP4j2LlGqhkhZaroK6oyidh1J5KBMPZe4hFTsdGo8S3x8kLAnDYcQ5D0PO42FfxCKMhomPkk81rKLIV8H1Kri9jtxex5L6cDt%2BdvvtF2DLr%2BEWGzjhwRUElWhQS4LaEdSUoFYEdUFQV80doV3PNXeFdiULDnLvIIfN2BQLa%2FSOKRZkRtbyXfLo1D7v2NO3sSR3Oj0mhiL0%2FSDs034iYp9xFtNBEiYRDXoJhVMNlDsC6jysqAk5euwGcjUhR078DUZbON2Cq%2BOg5ZOg9XjQ80EXx9HQx0r2OZOuuEqr3Nisy00KYRrkxQyKa96a3iVP7F1y9JOF5Fvzf1Tffjl66zi4bZDbBlfVNwQL%2Btb4oqnJ%2BkVTO3L%2FfF6oVK3Q6ZUvFbSQM5%2B8Lq%2FVxoozp9zqxy%2FzKZiW9y5LV5ylmVDZgiOfnlRCSHvaWC7JV2fcFckulG7xZGmzMj974ZXTZ9LcSueUyVpQtf3uA3A1If9Pb%2B6936d%2BuQllW9iyQVpukYOAMpvg%2BXW4fGv%2Bt3fi%2Bfd%2Bvw1nCKw%2BnGG5h7psxrbHDn9qRaDlYU9ZAycPLWBy68Ff%2B2zN3cKC9UCLG8jSBpVtUOkGVK%2FClUfHRW635n8M9wJMe2OmrbfOtNW39611aqcTB5EcsuGAC8EkF8GgFw5D3%2B8JEQ1GMhihcBP%2B%2Fp%2Ff%2FwsAAP%2F%2FAQAA%2F%2F%2BOxjfalwQAAA%3D%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SST2gd1RfH77T5dfFzU8WNC%2BUJCormZebNzPtjF8FaK8XalrZSN4r33yS3uTN3uHf%2BpEGwWChdpq5cTr4vbVCLWnArlYkLJSLkKUgQs3TnP4Su5SWB4FnMOWc%2BZ3G%2B33NvrpW7xEdJdy68YVaU1nQu7vqd566oTJjadc5d7gR%2B1z%2FRuaKyfnSiszz92OqlwI%2B7%2FvOd1yRfMnM9P%2FD9wA86p5WViVme26NQ%2Bb1R0B353ajXDeIIy%2Fa%2FvSs9OOpBVLvkMSgx%2Bd%2Fid%2FeheIss%2FeKUdEuFyV98NS01LYxFJTbezJYyU2dID8vEekiyjYNpGDch5KMjMNnGgQKYan2qAExNiPdzAJZtHKwJVt3Z35RpyAxMPIK6aiF1C0VbcHMDSmwTgAucO48svXvO2Jpe26d0Sidk5uE%2FUPWEzPz6OLL0s5NaLXcuGV0WymQOy0kDtdxCLbTIy00UKx5UvQlefAAlfiBzD88iS9fPO22gxM4z%2FR5N%2Bqw3nKWjAZ2NBiyepZKK2ShO%2BmEUhoHP4j2LlGqhkhZaroK6oyidh1J5KBMPZe4hFTsdGo8S3x8kLAnDYcQ5D0PO42FfxCKMhomPkk81rKLIV8H1Kri9jtxex5L6cDt%2BdvvtF2DLr%2BEWGzjhwRUElWhQS4LaEdSUoFYEdUFQV80doV3PNXeFdiULDnLvIIfN2BQLa%2FSOKRZkRtbyXfLo1D7v2NO3sSR3Oj0mhiL0%2FSDs034iYp9xFtNBEiYRDXoJhVMNlDsC6jysqAk5euwGcjUhR078DUZbON2Cq%2BOg5ZOg9XjQ80EXx9HQx0r2OZOuuEqr3Nisy00KYRrkxQyKa96a3iVP7F1y9JOF5Fvzf1Tffjl66zi4bZDbBlfVNwQL%2Btb4oqnJ%2BkVTO3L%2FfF6oVK3Q6ZUvFbSQM5%2B8Lq%2FVxoozp9zqxy%2FzKZiW9y5LV5ylmVDZgiOfnlRCSHvaWC7JV2fcFckulG7xZGmzMj974ZXTZ9LcSueUyVpQtf3uA3A1If9Pb%2B6936d%2BuQllW9iyQVpukYOAMpvg%2BXW4fGv%2Bt3fi%2Bfd%2Bvw1nCKw%2BnGG5h7psxrbHDn9qRaDlYU9ZAycPLWBy68Ff%2B2zN3cKC9UCLG8jSBpVtUOkGVK%2FClUfHRW635n8M9wJMe2OmrbfOtNW39611aqcTB5EcsuGAC8EkF8GgFw5D3%2B8JEQ1GMhihcBP%2B%2Fp%2Ff%2FwsAAP%2F%2FAQAA%2F%2F%2BOxjfalwQAAA%3D%3D HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Cookie: u_pl=17179025; uid_id2=62af6b28-a97a-47b5-aead-45f6343310b5:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec2bd8d300136a6fd50bcb5a7f3f4a12fa=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 22:27:25 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5986a5db64928c462d3e06b8aedb67d8
Strict-Transport-Security: max-age=0; includeSubdomains
parkingridiculous.com/pixel/sbs?c=1
200 OK 0 B URL HTTP/1.1 parkingridiculous.com/pixel/sbs?c=1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Cookie: u_pl=17179025; uid_id2=62af6b28-a97a-47b5-aead-45f6343310b5:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec2bd8d300136a6fd50bcb5a7f3f4a12fa=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 22:27:25 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
adxadserv.com/px/heartbeat/v1?pv_uid=68dbe6f1-f6f4-4d27-81bf-e75d46472c16&t_op=5.323&p_nn=adxad-rtb&fpid_sa=1669328841992&fpid=bc43f01a151639d4c69739dcaca30e3b&feid_sa=1669328841992&sid_sa=1669328841992&feid=ecd85a23db36212fbabb7d27826ca198&sid=d3e495942cd5e2e55b51bf388a6935b7&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www4.bestjavporn.com&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=16&dm=-1&dt=2&ed=0&sr=5497558139882&fb=10384
200 OK 0 B URL HTTP/1.1 adxadserv.com/px/heartbeat/v1?pv_uid=68dbe6f1-f6f4-4d27-81bf-e75d46472c16&t_op=5.323&p_nn=adxad-rtb&fpid_sa=1669328841992&fpid=bc43f01a151639d4c69739dcaca30e3b&feid_sa=1669328841992&sid_sa=1669328841992&feid=ecd85a23db36212fbabb7d27826ca198&sid=d3e495942cd5e2e55b51bf388a6935b7&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www4.bestjavporn.com&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=16&dm=-1&dt=2&ed=0&sr=5497558139882&fb=10384
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /px/heartbeat/v1?pv_uid=68dbe6f1-f6f4-4d27-81bf-e75d46472c16&t_op=5.323&p_nn=adxad-rtb&fpid_sa=1669328841992&fpid=bc43f01a151639d4c69739dcaca30e3b&feid_sa=1669328841992&sid_sa=1669328841992&feid=ecd85a23db36212fbabb7d27826ca198&sid=d3e495942cd5e2e55b51bf388a6935b7&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www4.bestjavporn.com&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=16&dm=-1&dt=2&ed=0&sr=5497558139882&fb=10384 HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1
Origin: https://ads.adxadserv.com
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 24 Nov 2022 22:27:27 GMT
Content-Length: 0
Connection: keep-alive
www4.bestjavporn.com/wp-content/themes/retrotube/assets/js/fun.js?ver=1.3.1
200 OK 0 B URL HTTP/2 www4.bestjavporn.com/wp-content/themes/retrotube/assets/js/fun.js?ver=1.3.1
IP
GET /wp-content/themes/retrotube/assets/js/fun.js?ver=1.3.1 HTTP/1.1
Host: www4.bestjavporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: application/javascript
cf-connecting-ip: 88.195.172.127
cf-bgj: minify
cf-polished: origSize=23718
etag: W/"635fdc99-5ca6"
last-modified: Mon, 31 Oct 2022 14:32:57 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-rocket-args: ver=1.3.1
x-rocket-nginx-serving-static: No
x-rocket-uri: /wp-content/themes/retrotube/assets/js/fun.js
cache-control: max-age=3600
cf-cache-status: HIT
age: 43407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNPq3cQN%2FlHbUnZ%2BF7%2FQHM82GZE%2F3rpoHZAIDazvMFn5Om5OUmQMlfRN%2BYlkabBuDttofSP3HcNLtNzBaxM%2FP49TAfL%2BDaBMcbzmI0LW99pd4%2F3TFeSJbzVKyg4oRFWaNZXTF%2BOl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f592495c5bb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
pics.pornfhd.com/s/mono/movie/adult/h_127ysn461x/h_127ysn461xpl.jpg
200 OK 0 B URL HTTP/2 pics.pornfhd.com/s/mono/movie/adult/h_127ysn461x/h_127ysn461xpl.jpg
IP
GET /s/mono/movie/adult/h_127ysn461x/h_127ysn461xpl.jpg HTTP/1.1
Host: pics.pornfhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: image/jpeg
last-modified: Fri, 05 Aug 2016 04:40:23 GMT
vary: Accept-Encoding
etag: W/"57a418b7-aff3"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 29829
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zM1KAmIQPLSRtcNIpyOVPhlQyo0b87aGfSLYljQiio%2BUv0UDOCKWoEGdZEzI0akojIqhS0JX%2BVt%2Bruq%2BvtWPFMvVe3pcqUXHwFa2SqtJM4zBpbSANXV2Ifq83lsagwgCsRlx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5924cbc4c71ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www4.bestjavporn.com/wp-content/themes/retrotube/ajax-view.php
200 OK 0 B URL HTTP/2 www4.bestjavporn.com/wp-content/themes/retrotube/ajax-view.php
IP
POST /wp-content/themes/retrotube/ajax-view.php HTTP/1.1
Host: www4.bestjavporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 49
Origin: https://www4.bestjavporn.com
Connection: keep-alive
Referer: https://www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:22 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
cf-connecting-ip: 91.90.42.154
x-frame-options: SAMEORIGIN
x-rocket-nginx-serving-static: No
x-rocket-uri: /wp-content/themes/retrotube/ajax-view.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylUAS51rLcdxsQob7JVrWVbrcxMiLHbPHxy30MFQjb34nlg5ITI66SFVJAI4M6M76xuv6AyUVlzpyT6MMLJZJgt7%2Fd%2FI7NGN9OTtytU8z81Th3MJgV73AyQNOkMgkpQm5c%2FSOUjJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f592510faeb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/js/main.js
200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/js/main.js
IP
GET /sb/notifications/games/nutaku/multi/2/js/main.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.bestjavporn.com
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:24 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 07:29:33 GMT
etag: W/"632abd5d-20ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 302967
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fm3v1T2QBt6kqCBPvTee9vOYz%2FWU6taynqfwyhUqTc4dl3BMN%2B121eFq2iGVqQXXddiYySO%2BDXW8EXUmn8LPqJde9xYCY7qx1Ehff5chtT1NVj0XB7N3sR2WrLS96rWbLuZrxV1tJQ9W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5926079a28883-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www4.bestjavporn.com/wp-content/themes/retrotube/assets/js/skip-link-focus-fix.js?ver=1.0.0
200 OK 0 B URL HTTP/2 www4.bestjavporn.com/wp-content/themes/retrotube/assets/js/skip-link-focus-fix.js?ver=1.0.0
IP
GET /wp-content/themes/retrotube/assets/js/skip-link-focus-fix.js?ver=1.0.0 HTTP/1.1
Host: www4.bestjavporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: application/javascript
cf-connecting-ip: 88.195.172.127
cf-bgj: minify
cf-polished: origSize=683
etag: W/"600200e4-2ab"
last-modified: Fri, 15 Jan 2021 20:53:56 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-rocket-args: ver=1.0.0
x-rocket-nginx-serving-static: No
x-rocket-uri: /wp-content/themes/retrotube/assets/js/skip-link-focus-fix.js
cache-control: max-age=3600
cf-cache-status: HIT
age: 43407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFTvXM7kYPezQztn%2B6CIpaLfYnkVkyoqVQcIxHGrqVjv3KQSLHl9tpBEjgu77WyKNTRLdmUEU2V10qKpOfXJGJMDyMtAhBcuGir%2BfIixDHJfh0%2B%2F12p4ImzF3%2Bc6fsS64P0ugbh6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f592494c4eb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
ads.adxadserv.com/ad?spotid=62fe56a361d6e272ea2a6a61&type=300x250&output=html&extra1=0&ref=https%3A//www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/&dt=1669328841762&screen=1280x1024&tags=
200 OK 0 B URL HTTP/2 ads.adxadserv.com/ad?spotid=62fe56a361d6e272ea2a6a61&type=300x250&output=html&extra1=0&ref=https%3A//www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/&dt=1669328841762&screen=1280x1024&tags=
IP
ASN #39572 DataWeb Global Group B.V.
GET /ad?spotid=62fe56a361d6e272ea2a6a61&type=300x250&output=html&extra1=0&ref=https%3A//www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/&dt=1669328841762&screen=1280x1024&tags= HTTP/1.1
Host: ads.adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 22:27:22 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
X-Firefox-Spdy: h2
static.javhdhello.com/h5/files/15973/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Fef7ed9bf-02b1-42a7-b41c-1a88029074bd%3Fcv1%3D2a20b1c0-6c47-11ed-9b66-52ca5d2668e1%26cv10%3D62fe56a361d6e272ea2a6a61%26cv2%3D0c1c5c30286e1db21a741e4b62c8b6e4%26cv3%3Ddesktop%26cv4%3D62fe933961d6e278cd572307%26cv5%3D62fe933061d6e278cd572305%26cv6%3Den%26cv7%3DNTVA-Bestjavporn%26cv8%3DFirefox%26cv9%3D62fe56a361d6e272ea2a6a61%26externalId%3D2a20b1c0-6c47-11ed-9b66-52ca5d2668e1%26p%3DeyJiIjoyNzc0NTMsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjI3Nzc5fQ
200 OK 0 B URL HTTP/2 static.javhdhello.com/h5/files/15973/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Fef7ed9bf-02b1-42a7-b41c-1a88029074bd%3Fcv1%3D2a20b1c0-6c47-11ed-9b66-52ca5d2668e1%26cv10%3D62fe56a361d6e272ea2a6a61%26cv2%3D0c1c5c30286e1db21a741e4b62c8b6e4%26cv3%3Ddesktop%26cv4%3D62fe933961d6e278cd572307%26cv5%3D62fe933061d6e278cd572305%26cv6%3Den%26cv7%3DNTVA-Bestjavporn%26cv8%3DFirefox%26cv9%3D62fe56a361d6e272ea2a6a61%26externalId%3D2a20b1c0-6c47-11ed-9b66-52ca5d2668e1%26p%3DeyJiIjoyNzc0NTMsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjI3Nzc5fQ
IP
ASN #60068 Datacamp Limited
GET /h5/files/15973/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Fef7ed9bf-02b1-42a7-b41c-1a88029074bd%3Fcv1%3D2a20b1c0-6c47-11ed-9b66-52ca5d2668e1%26cv10%3D62fe56a361d6e272ea2a6a61%26cv2%3D0c1c5c30286e1db21a741e4b62c8b6e4%26cv3%3Ddesktop%26cv4%3D62fe933961d6e278cd572307%26cv5%3D62fe933061d6e278cd572305%26cv6%3Den%26cv7%3DNTVA-Bestjavporn%26cv8%3DFirefox%26cv9%3D62fe56a361d6e272ea2a6a61%26externalId%3D2a20b1c0-6c47-11ed-9b66-52ca5d2668e1%26p%3DeyJiIjoyNzc0NTMsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjI3Nzc5fQ HTTP/1.1
Host: static.javhdhello.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trackwilltrk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:22 GMT
content-type: text/html
last-modified: Wed, 20 Apr 2022 14:38:24 GMT
etag: W/"62601ae0-c86"
expires: Sat, 24 Dec 2022 22:27:22 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1671920842
server: CDN77-Turbo
x-77-nzt: AblMCQ3NLhmh
x-77-nzt-ray: c0a4cc287fcbad80caef7f63b9e32828
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/animate.css
200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/animate.css
IP
GET /sb/notifications/games/nutaku/multi/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.bestjavporn.com
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:24 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 10:38:28 GMT
etag: W/"632300a4-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 302967
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3koPOj9KKAVCwbweLk%2FP%2BrMRMUY4EQ%2BL95D2FKzeOVvrVZjMoZbyEibNUjBA13zoh0Iicndb0Hr2n4C%2FsH2rmsAjU3rI2mNsPtwovuaJch%2F%2BZWU402jYoFTVyvqfsioKVGvOlAXOYtBh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5925f9fa38883-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pics.pornfhd.com/s/mono/movie/adult/21cst011h/21cst011hpl.jpg
200 OK 0 B URL HTTP/2 pics.pornfhd.com/s/mono/movie/adult/21cst011h/21cst011hpl.jpg
IP
GET /s/mono/movie/adult/21cst011h/21cst011hpl.jpg HTTP/1.1
Host: pics.pornfhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: image/jpeg
last-modified: Fri, 05 Aug 2016 04:39:24 GMT
vary: Accept-Encoding
etag: W/"57a4187c-a4f1"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2525
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzC1MzETq%2BPQ07r8GH6b78m2JiQ0jwplzzNbd0HVw5cEAIyJGUZKwY%2BPllEOAX5klEMwuPYKMmOyvYt%2BL6TcpVJ7mW7V6RrfNci6Y8Hqth6f063zytOdUY5zI3He%2BwNi0B%2Fd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5924cbc4771ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.javhd.com/h5/files/video/1835-24780-300x250.medium.mp4
206 Partial Content 0 B URL HTTP/2 static.javhd.com/h5/files/video/1835-24780-300x250.medium.mp4
IP
ASN #60068 Datacamp Limited
GET /h5/files/video/1835-24780-300x250.medium.mp4 HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/16738/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Ff194c970-bc2d-4827-8b0a-7f39df13c295%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D126401%26cv4%3D237443%26cv5%3D794135%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzg4OTksImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjIxOTM5fQ
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Thu, 24 Nov 2022 22:27:23 GMT
content-type: video/mp4
content-length: 472796
last-modified: Wed, 23 Nov 2022 13:08:05 GMT
etag: "637e1b35-736dc"
expires: Thu, 24 Nov 2022 21:40:05 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-accel-expires: @1669412461
server: CDN77-Turbo
x-77-nzt: AblMCQ3r7Cv/3goAAA
x-77-nzt-ray: c0a4cc287fcbad80cbef7f63d7fda72d
x-cache: HIT
x-age: 2782
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-472795/472796
X-Firefox-Spdy: h2
www4.bestjavporn.com/wp-content/themes/retrotube/style.css?ver=1.4.3
200 OK 0 B URL HTTP/2 www4.bestjavporn.com/wp-content/themes/retrotube/style.css?ver=1.4.3
IP
GET /wp-content/themes/retrotube/style.css?ver=1.4.3 HTTP/1.1
Host: www4.bestjavporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: text/css
cf-connecting-ip: 88.195.172.127
cf-bgj: minify
cf-polished: origSize=84878
etag: W/"635fdc6a-14b8e"
last-modified: Mon, 31 Oct 2022 14:32:10 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-rocket-args: ver=1.4.3
x-rocket-nginx-serving-static: No
x-rocket-uri: /wp-content/themes/retrotube/style.css
cache-control: max-age=3600
cf-cache-status: HIT
age: 43366
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8s%2F%2BXMr9f7Gz7CZzXMaWPrXQIX8GE5RN4Ead9iuOin04Ykbv9ZNUgMqlEptrUI2csNewQA2ZHg%2Fk%2F%2FJzSDzCm4%2B9s%2BLNmGnpvCczEiuZqw5E56XAMw2RuhxJNS1xmTMMupDrAyL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f592492c20b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
pics.pornfhd.com/s/mono/movie/adult/bobb279/bobb279pl.jpg
200 OK 0 B URL HTTP/2 pics.pornfhd.com/s/mono/movie/adult/bobb279/bobb279pl.jpg
IP
GET /s/mono/movie/adult/bobb279/bobb279pl.jpg HTTP/1.1
Host: pics.pornfhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: image/jpeg
last-modified: Fri, 28 Aug 2015 08:47:09 GMT
vary: Accept-Encoding
etag: W/"55e0200d-be37"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 707408
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Byw397YdroOsdjPur6lCMZid2tS3WVEWoEKnmEDlLhExI60kelKZKtpNp7jvqGORkIz25mJzVapL0uRibe5s61c9RyPS65Qah3muYyBxkmPNa0uCZsk4jSamti6xIRaxb8VA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5924cbc3f71ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.javhd.com/h5/files/css/style.css
200 OK 0 B URL HTTP/2 static.javhd.com/h5/files/css/style.css
IP
ASN #60068 Datacamp Limited
GET /h5/files/css/style.css HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhdhello.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:22 GMT
content-type: text/css
last-modified: Wed, 25 May 2016 08:29:12 GMT
etag: W/"57456258-7bd"
expires: Tue, 23 May 2023 11:04:47 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839887
server: CDN77-Turbo
x-77-nzt: AblMCQ0WMI3/e4X0AA
x-77-nzt-ray: c0a4cc287fcbad80caef7f638d5eca2c
x-cache: HIT
x-age: 16024955
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/js/jquery.min.js
200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/js/jquery.min.js
IP
GET /sb/notifications/games/nutaku/multi/2/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:24 GMT
content-type: application/javascript
last-modified: Thu, 18 Aug 2022 08:55:27 GMT
etag: W/"62fdfe7f-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 808423
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMCcXDdmiWgyD3KXsTczH4TOpBh8fsvcmE%2F0q9M1G6Vt%2BN3lFl1%2BySTMF5xN%2BAAyWDBeEVuViWshUAJ88wNQyQ2IfCHW2JHbJkxdXCAfXjpAEZHz%2FUQksiLCm%2FU2BVHq6fVJlWIcHRWY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5925fbfea8883-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans&display=swap
IP
GET /css?family=Open+Sans&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 22:27:21 GMT
date: Thu, 24 Nov 2022 22:27:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www4.bestjavporn.com/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/lazyload.min.js
200 OK 0 B URL HTTP/2 www4.bestjavporn.com/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/lazyload.min.js
IP
GET /wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/lazyload.min.js HTTP/1.1
Host: www4.bestjavporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: application/javascript
last-modified: Tue, 31 Mar 2020 10:02:46 GMT
vary: Accept-Encoding
etag: W/"5e831546-15d1"
cf-connecting-ip: 88.195.172.127
x-frame-options: SAMEORIGIN
x-rocket-nginx-serving-static: No
x-rocket-uri: /wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/lazyload.min.js
cache-control: max-age=3600
cf-cache-status: HIT
age: 43407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=467BBBejxhFvtigy6Pf1Uue1GeBWWz7YKLHwbUb2uBxsQFQ2xMVV5%2BGpDnEGftdPxaLaISPa7OO2SiKnYtM2NAb%2BwMHhuZN3GrwysAhcDxCQ6e%2B5pO0Nt7QFuTHhrfmv0E4XcQnz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f592494c53b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
asg.phukienthoitranggiare.com/Cqp6VQ5.js
200 OK 0 B URL HTTP/2 asg.phukienthoitranggiare.com/Cqp6VQ5.js
IP
ASN #24940 Hetzner Online GmbH
GET /Cqp6VQ5.js HTTP/1.1
Host: asg.phukienthoitranggiare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: application/javascript
last-modified: Sat, 22 Oct 2022 11:28:35 GMT
etag: W/"6353d3e3-1cfaf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
vary: Accept-Encoding, Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1a8662d51ed58f0336021036df8bf88a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -lxjniD12oSbDRNoyE3pT--FSZ10nWnHeBFYs33OrTYTDhI17p8xXQ==
age: 2549955
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
pics.pornfhd.com/digital/video/h_796much00110/h_796much00110pl.jpg
200 OK 0 B URL HTTP/2 pics.pornfhd.com/digital/video/h_796much00110/h_796much00110pl.jpg
IP
GET /digital/video/h_796much00110/h_796much00110pl.jpg HTTP/1.1
Host: pics.pornfhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: image/jpeg
last-modified: Fri, 11 Sep 2020 06:25:20 GMT
vary: Accept-Encoding
etag: W/"5f5b1850-2e8c0"
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rC194aw8zvT4KKaE1Lff1Fw0ACGjmg1F4RuYYIZFlDa0i2Z%2BKHYCpe3NWCl1m%2B1Tr1J6GzMuUdr51SzS%2BnuytWZQ2%2Bkumezai4agAwht6F5nP3JzAfenl2JxK%2Fft5Al0EUHY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5924a58f671ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:23 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 44964d13f02d7e19f6d82b1733d685bf
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 24 Nov 2022 22:27:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BHJFaPz8wrHAyWRtc1P4TghfcwYDFCjd7c%2Bl1%2FQ2Ah18aR1IqsjpNoW8lFUx8%2FYN419qa7AOCUeqHNH7tbEehkIzw32NixLm7s2lesu%2BZJraRGu7zPhVEpIAAnFGlfeud2Ocj8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f592560cdae664-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/notifications/games/nutaku/multi/2/index.html
200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/notifications/games/nutaku/multi/2/index.html
IP
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/notifications/games/nutaku/multi/2/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.bestjavporn.com
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:24 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 15 Sep 2022 10:38:26 GMT
etag: W/"632300a2-514"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 24 Nov 2022 23:27:24 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
www4.bestjavporn.com/wp-content/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0
200 OK 0 B URL HTTP/2 www4.bestjavporn.com/wp-content/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP
GET /wp-content/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www4.bestjavporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: text/css
last-modified: Mon, 31 Oct 2022 14:31:11 GMT
vary: Accept-Encoding
etag: W/"635fdc2f-7a75"
cf-connecting-ip: 88.195.172.127
x-frame-options: SAMEORIGIN
x-rocket-nginx-serving-static: No
x-rocket-args: ver=4.7.0
x-rocket-uri: /wp-content/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min.css
cache-control: max-age=3600
cf-cache-status: HIT
age: 43366
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSgOTBON2jST7m%2F64qlQdmxmk5JHQAOf4R%2FycUq3f0bg4SfHG7BEcpH%2FX5pgsajO3jPqzVlCRxBjn1EiRVsBzOiDX%2B%2FZ8Gz3xSClVjBtDkM7u0QdfxKNEwh9DdpyiE62NwexoEd3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f592493c28b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
pics.pornfhd.com/s/mono/movie/adult/21cst011r/21cst011rpl.jpg
200 OK 0 B URL HTTP/2 pics.pornfhd.com/s/mono/movie/adult/21cst011r/21cst011rpl.jpg
IP
GET /s/mono/movie/adult/21cst011r/21cst011rpl.jpg HTTP/1.1
Host: pics.pornfhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: image/jpeg
last-modified: Fri, 05 Aug 2016 04:39:25 GMT
vary: Accept-Encoding
etag: W/"57a4187d-a501"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2525
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxukWt%2FXzS8njbG44GIKugluelpg2qsglfx3jCrLwyCgDnaFcy3usQIhhzFxewh6IBqEX49KlRz67cg5N0MuI1S1VRsnXsqkTBdtjPBK78X6E%2B7ZDjKeDbbN8Q8P94dlq1Nz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5924cbc4071ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www4.bestjavporn.com/wp-content/themes/retrotube/assets/js/main.js?ver=1.4.3
200 OK 0 B URL HTTP/2 www4.bestjavporn.com/wp-content/themes/retrotube/assets/js/main.js?ver=1.4.3
IP
GET /wp-content/themes/retrotube/assets/js/main.js?ver=1.4.3 HTTP/1.1
Host: www4.bestjavporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: application/javascript
cf-connecting-ip: 88.195.172.127
cf-bgj: minify
cf-polished: origSize=51865
etag: W/"635fdc6a-ca99"
last-modified: Mon, 31 Oct 2022 14:32:10 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-rocket-args: ver=1.4.3
x-rocket-nginx-serving-static: No
x-rocket-uri: /wp-content/themes/retrotube/assets/js/main.js
cache-control: max-age=3600
cf-cache-status: HIT
age: 43407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEgIUJk087zQ5pYLZxzX7gzilDr4IuWIDCCY7uhR4EKgXeLsCSBu%2B51Xs7HRJoMX3IVOhZ%2BSrNUkn6cOEE2uqVr3Ro%2FhIoR6cmskkSH%2BfukTTb%2FA6Jr2scUy1fSGFpfBf1pYmKgM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f592494c4bb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
www4.bestjavporn.com/wp-content/themes/retrotube/assets/js/cast.js?ver=7.2.2
200 OK 0 B URL HTTP/2 www4.bestjavporn.com/wp-content/themes/retrotube/assets/js/cast.js?ver=7.2.2
IP
GET /wp-content/themes/retrotube/assets/js/cast.js?ver=7.2.2 HTTP/1.1
Host: www4.bestjavporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.bestjavporn.com/video/much-110-watch-jav-online-misaki-hinata-shizuka-ishikawa-everyone-is-over-g-cup-chubby-girls-with-collosal-tits-have-sex-with-10-people-in-a-row-8-hours/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:21 GMT
content-type: application/javascript
cf-connecting-ip: 88.195.172.127
cf-bgj: minify
etag: W/"635fdc6a-11395"
last-modified: Mon, 31 Oct 2022 14:32:10 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-rocket-args: ver=7.2.2
x-rocket-nginx-serving-static: No
x-rocket-uri: /wp-content/themes/retrotube/assets/js/cast.js
cache-control: max-age=3600
cf-cache-status: HIT
age: 43407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kueJOjdIVEHYeKjnzHJUwUbnT90N5zDNMjF8yzi6i5VqQaOK3eddvBffqy%2F4XQvwt6uxJzRKrKdh%2FDoIjAXCEOzOADZ9Zkjm7SSvXmUSgu7TPS43oAsWTXdh8HFxZWcmjtg8iUZ0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f592494c51b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/styles.css
200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/styles.css
IP
GET /sb/notifications/games/nutaku/multi/2/css/styles.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.bestjavporn.com
Connection: keep-alive
Referer: https://www4.bestjavporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 22:27:24 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 08:03:32 GMT
etag: W/"632ac554-2c89"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 302967
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYS9cT7sHprhimsldBUZPPjNADXN1ob4egG2i9ehqemb%2Fs%2BEqaidFyg10QvFmwqu7mhiN87QHmk9W1eZEg10g%2BIsjZ0kuoJbDvvXe%2Bn7yF3aqOxqrgQC52nRIz5USjtp0NNXCNLaJRbS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5925f8f648883-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
172.67.68.13
23.36.77.32
93.184.220.29
104.19.129.100
31.220.24.19
185.76.9.14
52.28.211.11
135.181.208.216