| joniku.pro/wp-content/uploads/2023/09/250logo-1.png |  188.114.97.1 | | 3.0 kB |
URL joniku.pro/wp-content/uploads/2023/09/250logo-1.png IP188.114.97.1:0
File typePNG image data, 250 x 55, 8-bit colormap, non-interlaced Hashf9d757fc136488779c9a25e0c41d2b8d 7591f335ee3f8bb075f856c59b0b3a86f78e7406 154c4853e6e1c793f28663babec06cacb5f039e8ed3c36a8fb4449c5b09a2043
GET /wp-content/uploads/2023/09/250logo-1.png HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:43 GMT
content-type: image/png
content-length: 2969
last-modified: Mon, 09 Oct 2023 12:42:49 GMT
etag: "b99-60747ed812440"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4701
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k2v8tkiSXDb8W43biJO%2FA80zon4q2dzBVmqoOSxZQmuU22UnCvdwdGeNw%2F5HIKFP4VTzpqzgSeIiXG968keTMfwNY7zGHqV3QvsETQiAWItLm7EdMgTqNpy6zNyY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fc97b3156af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/themes/kingtube/assets/img/px.gif | 188.114.97.1 | | 1.1 kB |
URL joniku.pro/wp-content/themes/kingtube/assets/img/px.gif IP188.114.97.1:0
File typeGIF image data, version 89a, 1 x 1 Hash96e31d075a835fb1e9d431373451cc27 8c0c1169f70c3d487419599597f095c60ed2469f a9bb07bf95a4eb5b11f74e1be96e3cee1579e41c4c134b3773581c5340ba63ac
GET /wp-content/themes/kingtube/assets/img/px.gif HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:43 GMT
content-type: image/gif
content-length: 1095
last-modified: Sat, 13 Jan 2024 03:56:45 GMT
etag: "447-60ecbc4e8b940"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4700
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xw4%2B1vF9%2Bxq37DsgRue%2F3y4aFZ4ILMLim8oWbmw9FXOX%2FOUszv3hTxgiAMH6bXcg48351dfUe%2BB2lQV0mreohFc7DHOgsHC5edqKdbIDcPXVevpxm7IxFr0bYnTr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fc98b3656af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/plugins/advanced-ads-pro/assets/js/base.min.js?ver=2.26.1 | 188.114.97.1 | | 25 kB |
URL joniku.pro/wp-content/plugins/advanced-ads-pro/assets/js/base.min.js?ver=2.26.1 IP188.114.97.1:0
File typeJavaScript source, ASCII text, with very long lines (56872) Hashbaa2bced04ef58568fb6c29d6bc29a41 da215d64ecd8733920a6cc22fc4a2e22c4961d60 54fe41d2822054817fa4d8780612927bb2e2cead005a793355313968636d0683
GET /wp-content/plugins/advanced-ads-pro/assets/js/base.min.js?ver=2.26.1 HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:43 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Fri, 15 Mar 2024 05:07:12 GMT
etag: W/"125bc-613abfb04e000"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4670
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=222O30Whq58Smme8HDnf4%2BLjQPL%2BQ%2Bo21EcanWrmUzVaZz3DT6m60fh%2FC2210YR%2BcwoElhRc%2BH6%2Bz24JaYwf%2BmfuQ%2FvZE67pRg5Hqmk6fVUaNf6YM5NBIDlRbDkc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88144fc99b6656af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-906YNDT860 |  142.250.74.40 | | 102 kB |
URL www.googletagmanager.com/gtag/js?id=G-906YNDT860 IP142.250.74.40:0
File typeJavaScript source, ASCII text, with very long lines (5955) Size102 kB (101602 bytes) Hash3aa1c7e471f367a6bd75be0a7910d4d2 776716954753f425db115a44ada33e66c4eb6200 6f04db4cf9847cc8b4919d847317d0b130d8717858c42b3aaf7734d40cb54f37
GET /gtag/js?id=G-906YNDT860 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 May 2024 20:06:43 GMT
expires: Thu, 09 May 2024 20:06:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101602
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| joniku.pro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 188.114.97.1 | 200 OK | 5.5 kB |
URL GET HTTP/3joniku.pro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP188.114.97.1:443
Requested byhttps://joniku.pro/video/preteen-years-yandex/ CertificateIssuerGoogle Trust Services LLC Subjectjoniku.pro Fingerprint54:7E:31:7A:4E:95:FF:85:56:0B:EE:91:2E:0A:6E:5D:82:69:01:36 ValidityFri, 03 May 2024 12:55:16 GMT - Thu, 01 Aug 2024 12:55:15 GMT
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:43 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Fri, 03 May 2024 16:31:00 GMT
etag: W/"3509-6178f3ebacbe6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6716
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w3Xgeuog7YnLGU1dJTx2BiZM%2FQ3odO5d1x67xRYfDY8xlEpOmxdPXahhNlgq7MFLsMbP%2FExKfqnK1vysoG%2F2CFjxCkT%2Bode70V5ENHWxIbOx4fM5R%2BZXzVs4oV%2FO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88144fc97b2a56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/themes/kingtube/assets/stylesheets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 | 188.114.97.1 | | 77 kB |
URL joniku.pro/wp-content/themes/kingtube/assets/stylesheets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 IP188.114.97.1:0
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/themes/kingtube/assets/stylesheets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/wp-content/themes/kingtube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:43 GMT
content-type: font/woff2
content-length: 77160
last-modified: Sat, 13 Jan 2024 03:56:45 GMT
etag: "12d68-60ecbc4e8b940"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OCG6bXROJq9Dn8rlcDxUdUHjFrvVksHu3gYRVqC6Xxft1urSA4w4Iyi6T9WwRQBaPFkwYR7WPUv7TTzyCQCjQ403pN%2FKxphb5Ug1NB7%2FLrlnnTCG3WuirLozvHcE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fcacd3856af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/uploads/2024/05/Screenshot_2-16-150x84.png | 188.114.97.1 | | 11 kB |
URL joniku.pro/wp-content/uploads/2024/05/Screenshot_2-16-150x84.png IP188.114.97.1:0
File typePNG image data, 150 x 84, 8-bit/color RGBA, non-interlaced Hashb70217a2aea35fe276c44158a4fac95f db7d922e89f31aed86d99f032a2591299cf0d37f 7dd73e5e8ba21b9fc200c602346854df6621b4b74606c15200c34bac34514486
GET /wp-content/uploads/2024/05/Screenshot_2-16-150x84.png HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:43 GMT
content-type: image/png
content-length: 11351
last-modified: Thu, 09 May 2024 14:44:58 GMT
etag: "2c57-6180676915f02"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4670
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cSm3zBY1%2BqRVfYAMq3NKr6ZLNRCo1Rhv3Vn8MgcVBR62%2B6JgZ%2BZA1ftZdSVOxhJ2Vta8krfFA%2FGRNtVmQsPgkOEx292MhYOe2ssR94HsFUm1a%2B7fSOdR03HdH2fX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fcc881a56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/uploads/2024/02/Yandex-Bocil-ABG-Sudah-Biasa-Layani-Nafsu-Ayah-Tiri-150x84.png | 188.114.97.1 | | 17 kB |
URL joniku.pro/wp-content/uploads/2024/02/Yandex-Bocil-ABG-Sudah-Biasa-Layani-Nafsu-Ayah-Tiri-150x84.png IP188.114.97.1:0
File typePNG image data, 150 x 84, 8-bit/color RGBA, non-interlaced Hash53736e166d2622261a1fb7e66cf04c8f bf1885bb15101dcf7728aeebd44691cc3f628bef 3f8fa8eb15af169b29b650c341b6bc9f4cd97470f2ed224457262cd23e7f8f4d
GET /wp-content/uploads/2024/02/Yandex-Bocil-ABG-Sudah-Biasa-Layani-Nafsu-Ayah-Tiri-150x84.png HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:44 GMT
content-type: image/png
content-length: 16959
last-modified: Thu, 01 Feb 2024 15:41:46 GMT
etag: "423f-61053d53ae280"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LaCvbqNru9sq0O7SlICG7U8%2FsL08D97klB8QrpVim6rKx%2FGobV8lSxKBy%2FHIfckni1D9PhLv4hwmGVScPIHP2pT5T4uoV1cY%2BbdHoMU7yEtgs53RuE9%2FNmGTivEp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fcc6fef56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/uploads/2024/01/Yandex-ABG-Selebgram-Cantik-Viral-Check-in-Hotel-150x84.png | 188.114.97.1 | | 24 kB |
URL joniku.pro/wp-content/uploads/2024/01/Yandex-ABG-Selebgram-Cantik-Viral-Check-in-Hotel-150x84.png IP188.114.97.1:0
File typePNG image data, 150 x 84, 8-bit/color RGBA, non-interlaced Hash9ad90b61271a82c0319b7b6b8dc50419 11e2a692dde1c8149348c1bbfd4cc9203b299471 1abbd544a2f688e5fa0b589cf10b87b73d698c5c30584bf1ace305a6397370e6
GET /wp-content/uploads/2024/01/Yandex-ABG-Selebgram-Cantik-Viral-Check-in-Hotel-150x84.png HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:44 GMT
content-type: image/png
content-length: 24261
last-modified: Wed, 31 Jan 2024 15:04:39 GMT
etag: "5ec5-6103f32a62fc0"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zSRo09B%2FzDkxUSO5Y7LnU8dTT2pfd2NaKY2ELwd4m8mkJPFUc%2FLGR7LxU7kLGKUvJCFhJcwY3iQa7v7gKrmbvzbquNlMzKROo7YwtKbjw9A%2FXmT%2FxIlrsPbmvR4N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fcc5fc956af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/uploads/2024/02/Yandex-Bocil-Polos-Menemukan-Kesenangan-Bersama-150x84.jpg | 188.114.97.1 | | 4.3 kB |
URL joniku.pro/wp-content/uploads/2024/02/Yandex-Bocil-Polos-Menemukan-Kesenangan-Bersama-150x84.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x84, components 3 Hash66ede7f2d89edc50b9085af1c07e21d3 13c68b21c65d70072750aaf0e6c2e0562b598565 f2c5b89a9bfea8753d149fe880cee688c2e74db6f515261af96f861ad9182399
GET /wp-content/uploads/2024/02/Yandex-Bocil-Polos-Menemukan-Kesenangan-Bersama-150x84.jpg HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:44 GMT
content-type: image/jpeg
content-length: 4321
last-modified: Fri, 09 Feb 2024 14:27:57 GMT
etag: "10e1-610f3bbf8b540"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fm5d0q%2Fug0%2FWi2lqLC1z70DIY%2Feiddkz%2B5lKsStvNWi2%2BRuxG8SNJbzHuErMnSxPkdwHnrsAvG%2BNI9XQ9brY6EHU%2BAaeQ5zH2djSajh7NDBehR8Ytxgzw59o4sJt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fcc6fd356af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/uploads/2024/02/Yandex-ABG-SMP-Cantik-Sania-Viral-2024-1-150x84.png | 188.114.97.1 | | 20 kB |
URL joniku.pro/wp-content/uploads/2024/02/Yandex-ABG-SMP-Cantik-Sania-Viral-2024-1-150x84.png IP188.114.97.1:0
File typePNG image data, 150 x 84, 8-bit/color RGBA, non-interlaced Hashd41135bd69cebaa6ce72ad3843ec166d cd36aa6828e17a796160c7aff4283fe683fea683 87b0d3c50cdb3b2066517e8888c37a538246344194c7ba0232eaec1d552dd8de
GET /wp-content/uploads/2024/02/Yandex-ABG-SMP-Cantik-Sania-Viral-2024-1-150x84.png HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:44 GMT
content-type: image/png
content-length: 20313
last-modified: Mon, 05 Feb 2024 14:33:58 GMT
etag: "4f59-610a35a1fa180"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BOFNS4qnAnQ%2Bt12d%2Bbj%2FNeYF%2BpN7yZN%2BnI%2FFLkclNcYHVVeyXZ2Rx1ZHJOHoxR0vMGaegWSzW5PtopEOTwbygm25vCs7FPz76MLW7NhMzI2cOgElh5PDK%2BlsQRg%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fcc6fe056af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/uploads/2024/02/Yandex-Viral-Selebgram-Tiktok-Cantik-2024-1-150x84.jpg | 188.114.97.1 | | 3.4 kB |
URL joniku.pro/wp-content/uploads/2024/02/Yandex-Viral-Selebgram-Tiktok-Cantik-2024-1-150x84.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x84, components 3 Hash26f37ee909984dedc3ed2e19541f1cd3 6e165d340ba0fa97d7da594f430c397457df7ac2 2c9ba7145fefeb317dba76f2cd15a154bfab6a7a6efdcb548f0873ab78908d06
GET /wp-content/uploads/2024/02/Yandex-Viral-Selebgram-Tiktok-Cantik-2024-1-150x84.jpg HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:44 GMT
content-type: image/jpeg
content-length: 3358
last-modified: Sat, 10 Feb 2024 14:28:55 GMT
etag: "d1e-61107dd4517c0"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LFZ7tvxlZfxok3Y2RLnqbrG3lW6hdBXv5QVzC24txUIp5slwZTLj0bME8Tfx0REgiERbCNkIhCr3Ex4iaN7R5OHWlco%2FjrzK4MSYdvayOhl9aUJDuKEguFuYoRku"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fcc6fd056af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/uploads/2024/02/Yandex-Viral-2024-ABG-Model-Cantik-Menggairahkan-DI-Hotel-150x84.jpg | 188.114.97.1 | | 3.8 kB |
URL joniku.pro/wp-content/uploads/2024/02/Yandex-Viral-2024-ABG-Model-Cantik-Menggairahkan-DI-Hotel-150x84.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 150x84, components 3 Hashedb060a7e4e035810b26d916fbe7a957 85400bd9cc46e5b9447139c37754ea08c6071cba 3c754dc898384e04cf52bc18b6fe70a94bb6e94edaadcaa8dbdc18f22be0fa11
GET /wp-content/uploads/2024/02/Yandex-Viral-2024-ABG-Model-Cantik-Menggairahkan-DI-Hotel-150x84.jpg HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:44 GMT
content-type: image/jpeg
content-length: 3813
last-modified: Tue, 06 Feb 2024 14:00:23 GMT
etag: "ee5-610b6ffdc8bc0"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SIVvJeWT%2FjbBXsTD5bngOaOsfSxwhDlBY6WgGk5oaypCKx9sMIsR1jnCF%2FXMFN8wvNVSzv7aM0pV66DrLVbCLvF3oQrOTJZn1WyBRFLwaEaa87P3DPUNDthtstIi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fcc6fdf56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/uploads/2024/02/Yandex-ABG-SMP-Cantik-Sania-Viral-2024-150x84.png | 188.114.97.1 | | 20 kB |
URL joniku.pro/wp-content/uploads/2024/02/Yandex-ABG-SMP-Cantik-Sania-Viral-2024-150x84.png IP188.114.97.1:0
File typePNG image data, 150 x 84, 8-bit/color RGBA, non-interlaced Hashd41135bd69cebaa6ce72ad3843ec166d cd36aa6828e17a796160c7aff4283fe683fea683 87b0d3c50cdb3b2066517e8888c37a538246344194c7ba0232eaec1d552dd8de
GET /wp-content/uploads/2024/02/Yandex-ABG-SMP-Cantik-Sania-Viral-2024-150x84.png HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:44 GMT
content-type: image/png
content-length: 20313
last-modified: Sat, 03 Feb 2024 14:02:53 GMT
etag: "4f59-6107aaf473d40"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uHnzUxGLtRgDBs13axpyibzvZjOP1SCKPdVbjO4XsfboUgoKlK3bgUgHhb5n8qO42IB7O9RrLq%2FxMzCdJlLBHrd8Fa24PrvGk7lf5tMsKfr74ECZe%2FQ%2Bz7SMFrLC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fcc6fec56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/uploads/2024/02/Yandex-Terbaru-ABG-Hijab-Cantik-Pasrah-Di-Wikwik-Sampe-Nangis-150x84.jpg | 188.114.97.1 | | 15 kB |
URL joniku.pro/wp-content/uploads/2024/02/Yandex-Terbaru-ABG-Hijab-Cantik-Pasrah-Di-Wikwik-Sampe-Nangis-150x84.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, height=0, software=Android Gallery, orientation=upper-left, datetime=2024:02:01 11:58:30, GPS-Data, width=0], baseline, precision 8, 150x84, components 3 Hashce24b7d9994e9c9a611b35b2749994c7 89a67e2c36bcb35cfa7ae0386fbb2084562a019a ff00897e19c47db739ddbfd6ca7e3968113e3c2dc40c31d3f68fc60176233839
GET /wp-content/uploads/2024/02/Yandex-Terbaru-ABG-Hijab-Cantik-Pasrah-Di-Wikwik-Sampe-Nangis-150x84.jpg HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:44 GMT
content-type: image/jpeg
content-length: 14651
last-modified: Thu, 08 Feb 2024 15:08:03 GMT
etag: "393b-610e02d89fac0"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZlHGescmQ9RNJwV6Y%2F9CZkRRrxTSex%2BQw0%2FLFDp0VYWPJuvlOL8o%2B6k8muOAYrwlZajkBbH3bRh8bbTTptyjMR5xcbqt2Hzz08Qqa8mQGeT%2FliohKJx9dRsP5Y5g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fcc6fde56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/uploads/2024/02/Siswi-ABG-SMP-Cantik-Viral-Wikwik-Di-Dalam-Kelas-Yandex-tocil-150x84.png | 188.114.97.1 | | 26 kB |
URL joniku.pro/wp-content/uploads/2024/02/Siswi-ABG-SMP-Cantik-Viral-Wikwik-Di-Dalam-Kelas-Yandex-tocil-150x84.png IP188.114.97.1:0
File typePNG image data, 150 x 84, 8-bit/color RGBA, non-interlaced Hashb9ee81df1f2f52fdea80666e61a69bb1 41731fcb41a2138571d1c673bd3b31271e3adc53 2c9c9da167caa21ebf2564e43d3a24d16fc579dc0b82ecdb77676a71ef1c6374
GET /wp-content/uploads/2024/02/Siswi-ABG-SMP-Cantik-Viral-Wikwik-Di-Dalam-Kelas-Yandex-tocil-150x84.png HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:44 GMT
content-type: image/png
content-length: 25764
last-modified: Wed, 31 Jan 2024 20:23:18 GMT
etag: "64a4-61043a63af980"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CmTxscOB1ngsDyqoJvHlY%2BVSqG0G%2By%2FEBkLvgN%2FrqfmMjs66I2N0WRKW6XXr3Fa%2B%2Ff4XrTXjbrl6ryBgzQjwcFBy1jikkRvNNyLjb8TPLeetQc9H5qMwUDMCbHB4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fcc7ff656af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/themes/kingtube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0 | 188.114.97.1 | | 30 kB |
URL joniku.pro/wp-content/themes/kingtube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0 IP188.114.97.1:0
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /wp-content/themes/kingtube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:43 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 13 Jan 2024 03:56:45 GMT
etag: W/"7918-60ecbc4e8b940"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4700
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JVeroOp28O3GGFu3XHUPqKlavWVgKaPf2rquTHALaXDYm2PtVCG%2BCBAt4h5Q2exUt6oa6qgAEg6LBpwE6TnLQetSYgYOI%2BAghhZ7rJqLAAIGW9QF5xOZ2jPLloYI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88144fc96b1656af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/uploads/2024/01/Yandex-Viral-Janda-Bohay-Cantik-Viral-Check-in-Hotel-1-150x84.png | 188.114.97.1 | 200 OK | 22 kB |
URL GET HTTP/3joniku.pro/wp-content/uploads/2024/01/Yandex-Viral-Janda-Bohay-Cantik-Viral-Check-in-Hotel-1-150x84.png IP188.114.97.1:443
Requested byhttps://joniku.pro/video/preteen-years-yandex/ CertificateIssuerGoogle Trust Services LLC Subjectjoniku.pro Fingerprint54:7E:31:7A:4E:95:FF:85:56:0B:EE:91:2E:0A:6E:5D:82:69:01:36 ValidityFri, 03 May 2024 12:55:16 GMT - Thu, 01 Aug 2024 12:55:15 GMT
File typePNG image data, 150 x 84, 8-bit/color RGBA, non-interlaced Hashc553040053629ef22bb3fd67ddb4ab41 40fbec3ca0d48aa98fac24fa4cb25d33552349e6 4753496d92947946f9f2a22771f61efb48fa31976df9e99a22b331c62118a983
GET /wp-content/uploads/2024/01/Yandex-Viral-Janda-Bohay-Cantik-Viral-Check-in-Hotel-1-150x84.png HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:44 GMT
content-type: image/png
content-length: 21598
last-modified: Sun, 28 Jan 2024 18:38:36 GMT
etag: "545e-61005d6452300"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JE0hooK%2Bl7kJpGB0urU5qYZbcD1o7RNyWDIVBYSP1qllSv2u4KLbG5km81UFIEvX%2FYcH0ZZBHDaiDsKtbRFq1gXJlDKKPbLy6TxED%2FAGYIwCBwiwCuac7ZE07rVx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fcc881856af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/uploads/2024/01/Cewek-Jilbab-Body-Nya-mantap-Banget-Yandex-ABG-Viral-150x84.png | 188.114.97.1 | | 14 kB |
URL joniku.pro/wp-content/uploads/2024/01/Cewek-Jilbab-Body-Nya-mantap-Banget-Yandex-ABG-Viral-150x84.png IP188.114.97.1:0
File typePNG image data, 150 x 84, 8-bit/color RGBA, non-interlaced Hash8cd8233fc371a38ff10e9694d709c7b9 6e92084f641963c9da03223899e0b853a10eec6a 3ef8aafd8f2e65fda3e7e2fdc44941e3f234925d7d19af4da56cafba147234dd
GET /wp-content/uploads/2024/01/Cewek-Jilbab-Body-Nya-mantap-Banget-Yandex-ABG-Viral-150x84.png HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:44 GMT
content-type: image/png
content-length: 14073
last-modified: Wed, 31 Jan 2024 14:19:29 GMT
etag: "36f9-6103e911ede40"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NGH7rGVXd%2FctKI4clgpxZc73YBIQkr3Mu%2F172WhDfMp%2FFYFXaJm6hRrFHshAR1L2yiWx5klgx0BP9gPXSaZKxz0hQhpkvwJ7TnO6Apo4fCg42VIMXoULuQDoP%2Fbc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fcc880c56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/uploads/2024/01/Yandex-Viral-2024-ABG-SMA-Cantik-Open-BO-Buat-Jajan-Di-Hotel-150x84.png | 188.114.97.1 | | 20 kB |
URL joniku.pro/wp-content/uploads/2024/01/Yandex-Viral-2024-ABG-SMA-Cantik-Open-BO-Buat-Jajan-Di-Hotel-150x84.png IP188.114.97.1:0
File typePNG image data, 150 x 84, 8-bit/color RGBA, non-interlaced Hashc97b2238ac748084329c9c8ec160cd01 7c182c5881bd8bbc826c955498d740cae1a132e8 b0fe0bbc371aec524e7dfdcd2faeb22b52e23eb328d1190977e61b849af4f6dd
GET /wp-content/uploads/2024/01/Yandex-Viral-2024-ABG-SMA-Cantik-Open-BO-Buat-Jajan-Di-Hotel-150x84.png HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:44 GMT
content-type: image/png
content-length: 20539
last-modified: Mon, 29 Jan 2024 14:55:27 GMT
etag: "503b-61016d61095c0"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iT5uhShGuj6TUfn0FENIqX7KyNMtWOVQ%2FiUpJIwHRnkwQLrSyNszZKUwCjlUc7QqzPiUJHZO%2FchTLp2hOkDvfK3YNa3BtkJdElWvZfn7sFJnRXTf83Tl2IFszLvy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fcc881756af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/plugins/custom-search-base/css/csb-custom-style.css | 188.114.97.1 | | 30 kB |
URL joniku.pro/wp-content/plugins/custom-search-base/css/csb-custom-style.css IP188.114.97.1:0
File typeASCII text, with very long lines (938), with no line terminators Hash328035dcd3b5bac24c90dd7d5e713e7c 3ce4a29b523342cdd690e40e0fc02f42677c16fe 15ac2eccc34e365cac47822b6fb2f5b3d6dedf71d8116bfcef9782eb5eaef951
GET /wp-content/plugins/custom-search-base/css/csb-custom-style.css HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:43 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1332
etag: W/"534-606d32121e700"
last-modified: Tue, 03 Oct 2023 17:22:04 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5597
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6NhCw13M6wOmxx2SzGGvH52xhJsmQXBNwutBJujzcCEXDrOXfzyTJYmm0DP1lwvpQ518kOrTjlB%2BkxqiieqiPXHCZULcnZzDSpZpDCLtLf8yRCO4yhLbsxLThU0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88144fc96b1056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/themes/kingtube/assets/js/main.js?ver=1.3.4 | 188.114.97.1 | | 30 kB |
URL joniku.pro/wp-content/themes/kingtube/assets/js/main.js?ver=1.3.4 IP188.114.97.1:0
File typeJavaScript source, ASCII text, with very long lines (1047) Hash2f29cbbdfe120eacde3b4cb439e08706 19639d3bfdd47df416b53d20a1e7586fb1ad78d9 91af4d3ea33bc782a9f8e5b52ce89b4c14d8d10e68d4a131152a83675a5cdf8a
GET /wp-content/themes/kingtube/assets/js/main.js?ver=1.3.4 HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:43 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=36213
etag: W/"8d75-60ecbc4e8b940"
last-modified: Sat, 13 Jan 2024 03:56:45 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4670
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wXixFxA1e3Af8Xp8yok4u%2BqT29J1GIHeZEB5PRCeikWErJdkjAGVlsu%2B7NS9cjQoCSNsgVBwPgCKJwSUihetijzFf6tWG5k6qQJB46hTgUcz6s54CO6Gn22C%2FfpX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88144fc98b4756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/uploads/2024/02/Yandex-Viral-ABG-Cantik-Awal-Ketemu-Ajak-Wikwik-Di-Kosan-150x84.png | 188.114.97.1 | | 25 kB |
URL joniku.pro/wp-content/uploads/2024/02/Yandex-Viral-ABG-Cantik-Awal-Ketemu-Ajak-Wikwik-Di-Kosan-150x84.png IP188.114.97.1:0
File typePNG image data, 150 x 84, 8-bit/color RGBA, non-interlaced Hash27cb37e5a2051b55afc8f92c2534da2a 6746114d45babf26c64997302cdea71453eb6c96 50033cec2fec2fc25771bb34de6eeeb4042167be49d4036a6ec4977f34d1b849
GET /wp-content/uploads/2024/02/Yandex-Viral-ABG-Cantik-Awal-Ketemu-Ajak-Wikwik-Di-Kosan-150x84.png HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:44 GMT
content-type: image/png
content-length: 25208
last-modified: Thu, 01 Feb 2024 14:43:30 GMT
etag: "6278-6105304da2880"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tu72FmB%2FuqxxfGTzZFGTRQDu1wqULTXMBIoC%2FMl8ZwcmG0MGJInygnXQStONeRfeKFjxyuZnstEu%2BcaU2YYZEsFu%2BW0IlXOFOqHVeuo1%2FrXltKH4Rcvqqt%2FoXvms"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fcc7ff356af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/uploads/2023/09/fav.png | 188.114.97.1 | 200 OK | 1.2 kB |
URL GET HTTP/3joniku.pro/wp-content/uploads/2023/09/fav.png IP188.114.97.1:443
Requested byhttps://joniku.pro/video/preteen-years-yandex/ CertificateIssuerGoogle Trust Services LLC Subjectjoniku.pro Fingerprint54:7E:31:7A:4E:95:FF:85:56:0B:EE:91:2E:0A:6E:5D:82:69:01:36 ValidityFri, 03 May 2024 12:55:16 GMT - Thu, 01 Aug 2024 12:55:15 GMT
File typePNG image data, 55 x 55, 8-bit colormap, non-interlaced Hashcefa0c57e977304b5aba9f19c8ead91b d0d7e7a142a3a6e3f8ef2fb5ade47806ab6de7f1 8cfd67a86b7af3cc43bafdb45538bf99ccf73ea53c8760d0b20d749ab8a2c2cc
GET /wp-content/uploads/2023/09/fav.png HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Cookie: _ga_906YNDT860=GS1.1.1715285204.1.0.1715285204.0.0.0; _ga=GA1.1.409181414.1715285204
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:44 GMT
content-type: image/png
content-length: 1247
last-modified: Wed, 11 Oct 2023 17:42:55 GMT
etag: "4df-607745a6da5c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4223
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mKTBpBmljTkJVUhqWzknMVPoboYzO0Q3%2BjmR7pn4sFC3uf3%2Bg4YkuG4L5KtoPZZ4IY5ocmK82iT5QVuFbClbRz%2BpF9N%2B99IX7w6puYjNUCAV58niHHq8Kq%2Fm7mmy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fce4af056af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/uploads/2023/09/fav.png | 188.114.97.1 | 200 OK | 1.2 kB |
URL GET HTTP/3joniku.pro/wp-content/uploads/2023/09/fav.png IP188.114.97.1:443
Requested byhttps://joniku.pro/video/preteen-years-yandex/ CertificateIssuerGoogle Trust Services LLC Subjectjoniku.pro Fingerprint54:7E:31:7A:4E:95:FF:85:56:0B:EE:91:2E:0A:6E:5D:82:69:01:36 ValidityFri, 03 May 2024 12:55:16 GMT - Thu, 01 Aug 2024 12:55:15 GMT
File typePNG image data, 55 x 55, 8-bit colormap, non-interlaced Hashcefa0c57e977304b5aba9f19c8ead91b d0d7e7a142a3a6e3f8ef2fb5ade47806ab6de7f1 8cfd67a86b7af3cc43bafdb45538bf99ccf73ea53c8760d0b20d749ab8a2c2cc
GET /wp-content/uploads/2023/09/fav.png HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Cookie: _ga_906YNDT860=GS1.1.1715285204.1.0.1715285204.0.0.0; _ga=GA1.1.409181414.1715285204
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:44 GMT
content-type: image/png
content-length: 1247
last-modified: Wed, 11 Oct 2023 17:42:55 GMT
etag: "4df-607745a6da5c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4223
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=42y4RPZe3cA8uE2DjYl5hY3xYr5%2BJ22YNcefhdILB8MeDNUCyFh7vv0lXA2gxAJzFaZpLGyj5otidECFbR7eVlA2ltqERHihsvXlmAmBL3FHbu85gUQsT9jzSXuO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fce4af256af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fvcwqkkqmuv.com/solid.gif?z=1989014&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8275187255791616&eclog=0&im=1 |  212.117.190.201 | | 43 B |
URL fvcwqkkqmuv.com/solid.gif?z=1989014&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8275187255791616&eclog=0&im=1 IP212.117.190.201:0
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1989014&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8275187255791616&eclog=0&im=1 HTTP/1.1
Host: fvcwqkkqmuv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://joniku.pro
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 20:06:44 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Thu, 12 Jun 2025 20:06:44 GMT; Secure; SameSite=None
UID=2405091506f4b0c5bfbbe44189b436f76481; Path=/; Expires=Thu, 12 Jun 2025 20:06:44 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| cdn.cloudfrale.com/bn/b7c/ab3/a54/b7cab3a5435f14781949ee4473960540e35690f6.mp4 | 45.133.44.21 | | 330 kB |
URL cdn.cloudfrale.com/bn/b7c/ab3/a54/b7cab3a5435f14781949ee4473960540e35690f6.mp4 IP45.133.44.21:0 ASN#39572 DataWeb Global Group B.V.
File typeISO Media, MP4 v2 [ISO 14496-14] Size330 kB (329525 bytes) Hash7e77144a14e32644ed5e15f0f9fb030f b7cab3a5435f14781949ee4473960540e35690f6 9915a8f845c921ea7c24aabcf3674f8aa0818a7800108cc1fa4d178f21a8bd5b
GET /bn/b7c/ab3/a54/b7cab3a5435f14781949ee4473960540e35690f6.mp4 HTTP/1.1
Host: cdn.cloudfrale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Thu, 09 May 2024 20:06:44 GMT
content-type: video/mp4
content-length: 329525
server: nginx/1.24.0
etag: 7e77144a14e32644ed5e15f0f9fb030f
last-modified: Sun, 05 Nov 2023 16:10:26 GMT
x-timestamp: 1699200625.34816
x-trans-id: tx789a914849f64c26ade59-0065ca5f72
x-openstack-request-id: tx789a914849f64c26ade59-0065ca5f72
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sat, 11 May 2024 20:06:44 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
access-control-allow-origin: *
content-range: bytes 0-329524/329525
X-Firefox-Spdy: h2
|
|
| joniku.pro/wp-admin/admin-ajax.php | 188.114.97.1 | | 1.3 kB |
URL joniku.pro/wp-admin/admin-ajax.php IP188.114.97.1:0
Hasha3db02882dfbd7d547f31c0c0ab7cff5 eaf42fed6945e406d1dc0f781c6fdb7a8253716e 665c3411774c238cae9a0d152c4378b9d0c22923089373eb4467ffe15c6965a2
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 1575
Origin: https://joniku.pro
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Cookie: _ga_906YNDT860=GS1.1.1715285204.1.0.1715285204.0.0.0; _ga=GA1.1.409181414.1715285204; bnState_1998224={"impressions":1,"delayStarted":0}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:44 GMT
content-type: application/json; charset: utf-8
access-control-allow-origin: https://joniku.pro
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
set-cookie: advanced_ads_visitor=%7B%22vc_cache_reset%22%3A0%7D; expires=Sat, 08-Jun-2024 20:06:44 GMT; Max-Age=2592000; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HsPgoaAahF%2FUYLgKZOm5y4OCeSSXSH4R5UMmkrmy9gPGIrC0Xt5ncpIUiNbRsnArk1dk2oCqfBpKWddIPyT8wdabXC2SYYN7D%2Fkk%2BnP8%2Fy1rAnPrgZamZrfipZwT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88144fce9b7056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif | 142.250.74.161 | | 362 B |
URL 3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif IP142.250.74.161:0
File typeGIF image data, version 89a, 52 x 15 Hashfd2c05a8c327ace309722b0a5fc4faf3 f446e97c43f8830be9f60644563dd846abe6b8e8 0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
GET /-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="btn_close.gif"
x-content-type-options: nosniff
server: fife
content-length: 362
x-xss-protection: 0
date: Thu, 09 May 2024 17:50:15 GMT
expires: Fri, 10 May 2024 17:50:15 GMT
cache-control: public, max-age=86400, no-transform
age: 8189
etag: "v1764"
content-type: image/gif
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.cloudfrale.com/bn/db1/fc8/a8d/db1fc8a8dadd8a66dc20bacce73a0d2e9e9e2807.mp4 | 45.133.44.21 | | 357 kB |
URL cdn.cloudfrale.com/bn/db1/fc8/a8d/db1fc8a8dadd8a66dc20bacce73a0d2e9e9e2807.mp4 IP45.133.44.21:0 ASN#39572 DataWeb Global Group B.V.
File typeISO Media, MP4 v2 [ISO 14496-14] Size357 kB (357139 bytes) Hashd4938e1a3b06ac9ac6dd49f43af75fc2 db1fc8a8dadd8a66dc20bacce73a0d2e9e9e2807 6bfb40cb5c5f9367a399aa9804488db58012b397688884903eb7da571f53f5bb
GET /bn/db1/fc8/a8d/db1fc8a8dadd8a66dc20bacce73a0d2e9e9e2807.mp4 HTTP/1.1
Host: cdn.cloudfrale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
date: Thu, 09 May 2024 20:06:44 GMT
content-type: video/mp4
content-length: 357139
server: nginx/1.24.0
etag: d4938e1a3b06ac9ac6dd49f43af75fc2
last-modified: Sun, 05 Nov 2023 16:31:37 GMT
x-timestamp: 1699201896.46460
x-trans-id: txecfe0990e95840dcb961c-0065ca48c0
x-openstack-request-id: txecfe0990e95840dcb961c-0065ca48c0
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sat, 11 May 2024 20:06:44 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
access-control-allow-origin: *
content-range: bytes 0-357138/357139
X-Firefox-Spdy: h2
|
|
| gsjln04hd.com/lv/esnk/1998224/code.js | 212.117.190.201 | | 48 kB |
URL gsjln04hd.com/lv/esnk/1998224/code.js IP212.117.190.201:0
File typegzip compressed data, max speed, from Unix Hash7f2f96f1f18adbc7c0c2d551e3dac3bc 44d78e59cf54a34b12883802b33ad4fa6275c4d8 2209394e9f4742d9bf4d5bd5688039cefa394fa16147bddc77cd270d9999a067
GET /lv/esnk/1998224/code.js HTTP/1.1
Host: gsjln04hd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 20:06:43 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1c437"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| joniku.pro/wp-content/themes/kingtube/style.css?ver=1.3.4.1714754169 | 188.114.97.1 | | 15 kB |
URL joniku.pro/wp-content/themes/kingtube/style.css?ver=1.3.4.1714754169 IP188.114.97.1:0
File typeASCII text, with very long lines (43300), with no line terminators Hash7a7bb77b3476c7efe9e4b227f80e7e60 4739e36f4d78a27665e8542e84934b0756e49933 ff9c00b226785be0cecb77595a652011fa732aa956fd2c9ef1de8a1850b5fdae
GET /wp-content/themes/kingtube/style.css?ver=1.3.4.1714754169 HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:43 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=66882
etag: W/"10542-60ecbc4e8b940"
last-modified: Sat, 13 Jan 2024 03:56:45 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4701
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=plMc224WN5IeIyWX8ZjuxaGh43Zzag3VcfhYNpCZwklQ4STwwmMmQpJ4cl3q%2B6f51ZbRqQohkT2ro6CH2YRUkBwkK4Ea2d%2FDICvPJIjsvm%2F4p2GMMWM%2F%2Bgla4Oiz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88144fc96b1f56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/plugins/advanced-ads-pro/assets/js/advanced-ads-pro.min.js?ver=2.26.1 | 188.114.97.1 | 200 OK | 12 kB |
URL GET HTTP/3joniku.pro/wp-content/plugins/advanced-ads-pro/assets/js/advanced-ads-pro.min.js?ver=2.26.1 IP188.114.97.1:443
Requested byhttps://joniku.pro/video/preteen-years-yandex/ CertificateIssuerGoogle Trust Services LLC Subjectjoniku.pro Fingerprint54:7E:31:7A:4E:95:FF:85:56:0B:EE:91:2E:0A:6E:5D:82:69:01:36 ValidityFri, 03 May 2024 12:55:16 GMT - Thu, 01 Aug 2024 12:55:15 GMT
File typeJavaScript source, ASCII text, with very long lines (7910), with no line terminators Hash44485ba80b677024c46c2b2387e450c8 6d909f429ed8620aa33cf2bf4ba406149c94afae d2014aa913e41fec261461722b2883e2167fedb739050cec9f4beafab3ddb7ab
GET /wp-content/plugins/advanced-ads-pro/assets/js/advanced-ads-pro.min.js?ver=2.26.1 HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:43 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Fri, 15 Mar 2024 05:07:12 GMT
etag: W/"1ee6-613abfb04e000"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4670
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VA0P4UaLUoQyv5PeIeZrCHpb8Rq87yZ57mPKuy3uY1YshlnpqEymcFD3PSEtpJTrNFIEeJZ%2FyjiiJLWoax4532YeEprmGqgVXtgGkur0kFVG1TA0rJFVdyDR9jQo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88144fc98b3956af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3 | 188.114.97.1 | | 13 kB |
URL joniku.pro/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3 IP188.114.97.1:0
File typeJavaScript source, ASCII text, with very long lines (15752) Hashb976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.3 HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:43 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Fri, 03 May 2024 16:31:00 GMT
etag: W/"4926-6178f3eba00c8"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4429
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oPH9JMbQPdmvQkSl5h4my3pdm5f9Le30KwW566EVuAouc5%2FSnuFav4osqzQ0dFvJ24SJdp%2B%2FDMwhEjiAphfpr3ZvdO7LQVIMGFSKfmJBLKWOuaSlediRd0P2uzMj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88144fcc4fad56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gsjln04hd.com/lv/esnk/1998535/code.js | 212.117.190.201 | | 48 kB |
URL gsjln04hd.com/lv/esnk/1998535/code.js IP212.117.190.201:0
File typegzip compressed data, max speed, from Unix Hashc74a1fab91d52749f13d92abc2946710 b5d17dce73f38c406437998665bf40dd8513f9a1 5a9cbf40e60a55edd0eae73348611b65a506de465fa794b5cc939b732b98c125
GET /lv/esnk/1998535/code.js HTTP/1.1
Host: gsjln04hd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/
Cookie: CHCK=1; UID=24050915068cd5933aa6f845bfa091dbc8d5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 20:06:44 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1c437"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WIKWMjhhgZNGS0yIFjDJkWNGaYidFCTMkwLWDUuHEDB8kyG2_YEPFwDJs0FGPkoPEwTJ0xGXOQMTPjBskZLWTkGAMDJYwbNVqEiXijxRgxTcXEkEFmhhisPDWmIZOxxgwbMGjgSGvQDkWZbnE8hFNHzMIcMmYELgoHzkIaN2jQqChiDpyJOlLWgEEyR9GlC2XceNjGDUaGgmPgYAyn82cbNRY_rBMjIxo6dODM0fHihRg3M1zQkRPGzJkydFyMedPmhUEyccK4gIMGzo85fdf2QKy49UMyxDOqeeMmzZo6y-W8STsmDOQtM2J02SsHKUMXMcrEtPFQjJmFMFzAgMF4TOkvcLSHn3770fSQHHYYpsMMMDxUhn9tDLhfDIzVUQdQOogwmUxNkZFDC2TIgENXNNQQgxkt4GCDGR-SMRlHZcBgQ4g27PRQGgqKkEMMLuSQX0jwpZaWHF_gmBSPProAZEM0pFVHGBk18YYeabDBRhgv1KAfCChgQeEOIDCRhht14AECHip-YQMNYCKoQw426JcCCEc8uMYbL8jA34T8gWBEGnKUYcYbeLwAp37kuSeCE0-k9QaRYyjKaFpsKFqEE2kdZMcXgbJB0Uw1vYXDfgee4UZmNYx4XRmbiiHHQjjoJYKmX7TxBls6iNjRdeItNMNDbyiUK3uE5rGQQyIEel-Gr8U2W23bdfddeHimdUdGY42aFhrYwgBSWnMgmJF4dJj3aAt1dEdHCzVoGaKj4dqVawwzuCWUDbKSoehBX7xrUYQM3dCQiDXoiSwdbchAkcAF41CwTHoyZhCnZTj2hXkLD-ywwQ5uGgYbCNEhLHo0rAeRGJDNKqhRbEy0V6X49fQZDH0oEBA%3D&s=00c4e31ca42dccd5ef9ffb534ef55e5a1cde8f644e83692d52c2332491fb21621715285205&w=t&r=1&d=9&priv=true |  148.251.2.75 | | 24 B |
URL pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WIKWMjhhgZNGS0yIFjDJkWNGaYidFCTMkwLWDUuHEDB8kyG2_YEPFwDJs0FGPkoPEwTJ0xGXOQMTPjBskZLWTkGAMDJYwbNVqEiXijxRgxTcXEkEFmhhisPDWmIZOxxgwbMGjgSGvQDkWZbnE8hFNHzMIcMmYELgoHzkIaN2jQqChiDpyJOlLWgEEyR9GlC2XceNjGDUaGgmPgYAyn82cbNRY_rBMjIxo6dODM0fHihRg3M1zQkRPGzJkydFyMedPmhUEyccK4gIMGzo85fdf2QKy49UMyxDOqeeMmzZo6y-W8STsmDOQtM2J02SsHKUMXMcrEtPFQjJmFMFzAgMF4TOkvcLSHn3770fSQHHYYpsMMMDxUhn9tDLhfDIzVUQdQOogwmUxNkZFDC2TIgENXNNQQgxkt4GCDGR-SMRlHZcBgQ4g27PRQGgqKkEMMLuSQX0jwpZaWHF_gmBSPProAZEM0pFVHGBk18YYeabDBRhgv1KAfCChgQeEOIDCRhht14AECHip-YQMNYCKoQw426JcCCEc8uMYbL8jA34T8gWBEGnKUYcYbeLwAp37kuSeCE0-k9QaRYyjKaFpsKFqEE2kdZMcXgbJB0Uw1vYXDfgee4UZmNYx4XRmbiiHHQjjoJYKmX7TxBls6iNjRdeItNMNDbyiUK3uE5rGQQyIEel-Gr8U2W23bdfddeHimdUdGY42aFhrYwgBSWnMgmJF4dJj3aAt1dEdHCzVoGaKj4dqVawwzuCWUDbKSoehBX7xrUYQM3dCQiDXoiSwdbchAkcAF41CwTHoyZhCnZTj2hXkLD-ywwQ5uGgYbCNEhLHo0rAeRGJDNKqhRbEy0V6X49fQZDH0oEBA%3D&s=00c4e31ca42dccd5ef9ffb534ef55e5a1cde8f644e83692d52c2332491fb21621715285205&w=t&r=1&d=9&priv=true IP148.251.2.75:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with no line terminators Hash0959ba36d476b6dc1994ba3c678b07c4 d30b94da72daa02766965206a85b7e0356375f5e 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WIKWMjhhgZNGS0yIFjDJkWNGaYidFCTMkwLWDUuHEDB8kyG2_YEPFwDJs0FGPkoPEwTJ0xGXOQMTPjBskZLWTkGAMDJYwbNVqEiXijxRgxTcXEkEFmhhisPDWmIZOxxgwbMGjgSGvQDkWZbnE8hFNHzMIcMmYELgoHzkIaN2jQqChiDpyJOlLWgEEyR9GlC2XceNjGDUaGgmPgYAyn82cbNRY_rBMjIxo6dODM0fHihRg3M1zQkRPGzJkydFyMedPmhUEyccK4gIMGzo85fdf2QKy49UMyxDOqeeMmzZo6y-W8STsmDOQtM2J02SsHKUMXMcrEtPFQjJmFMFzAgMF4TOkvcLSHn3770fSQHHYYpsMMMDxUhn9tDLhfDIzVUQdQOogwmUxNkZFDC2TIgENXNNQQgxkt4GCDGR-SMRlHZcBgQ4g27PRQGgqKkEMMLuSQX0jwpZaWHF_gmBSPProAZEM0pFVHGBk18YYeabDBRhgv1KAfCChgQeEOIDCRhht14AECHip-YQMNYCKoQw426JcCCEc8uMYbL8jA34T8gWBEGnKUYcYbeLwAp37kuSeCE0-k9QaRYyjKaFpsKFqEE2kdZMcXgbJB0Uw1vYXDfgee4UZmNYx4XRmbiiHHQjjoJYKmX7TxBls6iNjRdeItNMNDbyiUK3uE5rGQQyIEel-Gr8U2W23bdfddeHimdUdGY42aFhrYwgBSWnMgmJF4dJj3aAt1dEdHCzVoGaKj4dqVawwzuCWUDbKSoehBX7xrUYQM3dCQiDXoiSwdbchAkcAF41CwTHoyZhCnZTj2hXkLD-ywwQ5uGgYbCNEhLHo0rAeRGJDNKqhRbEy0V6X49fQZDH0oEBA%3D&s=00c4e31ca42dccd5ef9ffb534ef55e5a1cde8f644e83692d52c2332491fb21621715285205&w=t&r=1&d=9&priv=true HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=500537d9-d287-451f-86f9-d50e6e06d266
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 20:06:45 GMT
content-type: text/javascript
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
|
|
| a.magsrv.com/iframe.php?idzone=5282678&size=300x250&sub=47441 |  185.76.9.23 | | 952 B |
URL a.magsrv.com/iframe.php?idzone=5282678&size=300x250&sub=47441 IP185.76.9.23:0 ASN#60068 Datacamp Limited
File typeJavaScript source, ASCII text, with very long lines (1270) Hash242c3b39b5c688d79472167e99686695 c339b57d93fb9658015e30e550bc05992886c3ae 49867b3827ad0c58398c6bf677c5f4bc291e02fa480c871f64a20e133429941e
GET /iframe.php?idzone=5282678&size=300x250&sub=47441 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bn3.trafget.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 20:06:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 09 May 2024 22:42:17 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwgBuUwJFAFBDAG5TAoBAbPdTgAADAGKxyXEAfe8BQAA
x-77-nzt-ray: af585630240d88fad52c3d6681b8372d
x-accel-expires: @1715294537
x-accel-date: 1715265016
x-77-cache: HIT
x-77-age: 21657
content-encoding: gzip
server: CDN77-Turbo
x-cache: MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| a.magsrv.com/undefined | 185.76.9.23 | | 548 B |
IP185.76.9.23:0 ASN#60068 Datacamp Limited
File typeHTML document, ASCII text, with CRLF line terminators Hash370e16c3b7dba286cff055f93b9a94d8 65f3537c3c798f7da146c55aef536f7b5d0cb943 d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
GET /undefined HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5282678&size=300x250&sub=47441
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22663d2cd6081bd1.02585746366480488%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Thu, 09 May 2024 20:06:46 GMT
content-type: text/html
content-length: 548
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-77-nzt: EwwBuUwJFAH3IAAAAAwBuUwKEwH3AAAAAAwBisclxAH3AAAAAA
x-77-nzt-ray: af585630240d88fad62c3d66e19b7a06
x-accel-expires: @1715285234
x-accel-date: 1715285174
x-77-cache: HIT
x-77-age: 32
server: CDN77-Turbo
x-cache: HIT
x-age: 32
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| a.magsrv.com/ad-provider.js | 185.76.9.23 | 200 OK | 43 kB |
URL GET HTTP/2a.magsrv.com/ad-provider.js IP185.76.9.23:443 ASN#60068 Datacamp Limited
Requested byhttps://a.magsrv.com/iframe.php?idzone=5282678&size=300x250&sub=47441 CertificateIssuerLet's Encrypt Subjectmagsrv.com FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51 ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT
File typeJavaScript source, ASCII text, with very long lines (34846) Hashfb592fa9cee6dde2bb729835cdedfbd8 42bba4158c19e1093b0805a7c4fa6d1aaad076d2 31964c347aab15cb07428892d8ad4e4a25ee4663913e5f4cc72c751ee95875d6
GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5282678&size=300x250&sub=47441
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 09 May 2024 20:06:45 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"057432c37ba5cf65231392a9e07"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 09 May 2024 13:34:49 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3cgcAAAwBuUwKDAH3MAAAAAgBnJIhHwGB
x-77-nzt-ray: af585630240d88fad52c3d66b331c435
x-accel-expires: @1715294099
x-77-cache: HIT
content-encoding: gzip
x-accel-date: 1715283299
x-77-age: 1906
server: CDN77-Turbo
x-cache: HIT
x-age: 1906
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| a.magsrv.com/undefined | 185.76.9.23 | | 548 B |
IP185.76.9.23:0 ASN#60068 Datacamp Limited
File typeHTML document, ASCII text, with CRLF line terminators Hash370e16c3b7dba286cff055f93b9a94d8 65f3537c3c798f7da146c55aef536f7b5d0cb943 d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
GET /undefined HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5282680&size=300x250&sub=47441
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22663d2cd6081bd1.02585746366480488%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Thu, 09 May 2024 20:06:46 GMT
content-type: text/html
content-length: 548
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-77-nzt: EwwBuUwJFAH3IAAAAAwBuUwKEwH3AAAAAAwBisclxAH3AAAAAA
x-77-nzt-ray: af585630240d88fad62c3d669758b218
x-accel-expires: @1715285234
x-accel-date: 1715285174
x-77-cache: HIT
x-77-age: 32
server: CDN77-Turbo
x-cache: HIT
x-age: 32
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| a.magsrv.com/iframe.php?idzone=5282680&size=300x250&sub=47441 | 185.76.9.23 | | 4.0 kB |
URL a.magsrv.com/iframe.php?idzone=5282680&size=300x250&sub=47441 IP185.76.9.23:0 ASN#60068 Datacamp Limited
File typeJavaScript source, ASCII text, with very long lines (6546) Hash6b274650f5c56e2a59e7533ade45487b cdc257ebcff4f2f8f12d4e26cc7a96a89fa4468f ac2aaa7ecf5509d0c6656afa11f618117796e0cbfebbe02628519d5efe894186
GET /iframe.php?idzone=5282680&size=300x250&sub=47441 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5282678&size=300x250&sub=47441
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22663d2cd6081bd1.02585746366480488%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 09 May 2024 20:06:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 09 May 2024 22:42:17 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwgBuUwJFAFBCAG5TAoTAYEMASUTwjEB970FAAA
x-77-nzt-ray: af585630240d88fad62c3d666a897506
x-accel-expires: @1715294537
x-accel-date: 1715283737
x-77-cache: HIT
x-77-age: 1469
content-encoding: gzip
server: CDN77-Turbo
x-cache: MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01P7UoEMQx8FV9gS5ImaXq/9a/CyT1A97qK4H2wJ6KQhze76mkHmpAMMxMC4gFkgHqDugHdsHrFVCExJRT2+4etM3p/uZxf22c6nafj/DYOYzsepzntTwdnUpDqlhkKeLVMGVzISI1cwJxLxVzBTZVUgoPi2SFAkpljz+EACQCZTMrv70HdPd763W7rmKBEtJ9C7rgmcwbn6OEDXDV32ncFw7EHkSRUWLMqG7CZE5RuXE0n1CK9g2Ul6a2aqBbsi463dGjPl/l9PQ2+EVolvMMWrhgWckbOFBfEA1/HL09zO0zuV15sl1JWcVoUlsb/Kf2BiqtH2KC49mbdsAsg8khlbG0PYxkntBaT/AW4yPSXuQEAAA== | 95.211.229.246 | 200 OK | 20 B |
URL GET HTTP/1.1s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01P7UoEMQx8FV9gS5ImaXq/9a/CyT1A97qK4H2wJ6KQhze76mkHmpAMMxMC4gFkgHqDugHdsHrFVCExJRT2+4etM3p/uZxf22c6nafj/DYOYzsepzntTwdnUpDqlhkKeLVMGVzISI1cwJxLxVzBTZVUgoPi2SFAkpljz+EACQCZTMrv70HdPd763W7rmKBEtJ9C7rgmcwbn6OEDXDV32ncFw7EHkSRUWLMqG7CZE5RuXE0n1CK9g2Ul6a2aqBbsi463dGjPl/l9PQ2+EVolvMMWrhgWckbOFBfEA1/HL09zO0zuV15sl1JWcVoUlsb/Kf2BiqtH2KC49mbdsAsg8khlbG0PYxkntBaT/AW4yPSXuQEAAA== IP95.211.229.246:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://a.magsrv.com/iframe.php?idzone=5282682&size=300x250&sub=47441 CertificateIssuerLet's Encrypt Subjectmagsrv.com FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51 ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT
File typegzip compressed data, max speed, from Unix Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01P7UoEMQx8FV9gS5ImaXq/9a/CyT1A97qK4H2wJ6KQhze76mkHmpAMMxMC4gFkgHqDugHdsHrFVCExJRT2+4etM3p/uZxf22c6nafj/DYOYzsepzntTwdnUpDqlhkKeLVMGVzISI1cwJxLxVzBTZVUgoPi2SFAkpljz+EACQCZTMrv70HdPd763W7rmKBEtJ9C7rgmcwbn6OEDXDV32ncFw7EHkSRUWLMqG7CZE5RuXE0n1CK9g2Ul6a2aqBbsi463dGjPl/l9PQ2+EVolvMMWrhgWckbOFBfEA1/HL09zO0zuV15sl1JWcVoUlsb/Kf2BiqtH2KC49mbdsAsg8khlbG0PYxkntBaT/AW4yPSXuQEAAA== HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22663d2cd6081bd1.02585746366480488%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 May 2024 20:06:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| s3t3d2y8.afcdn.net/library/426059/436e78df886e31e338471bb6e3b05768b8275229.webp | 185.76.9.16 | 200 OK | 9.6 kB |
URL GET HTTP/2s3t3d2y8.afcdn.net/library/426059/436e78df886e31e338471bb6e3b05768b8275229.webp IP185.76.9.16:443 ASN#60068 Datacamp Limited
Requested byhttps://a.magsrv.com/iframe.php?idzone=5282682&size=300x250&sub=47441 CertificateIssuerLet's Encrypt Subjectafcdn.net Fingerprint22:9F:54:A2:AF:3E:A2:6B:FB:1A:C6:F4:B8:E8:E1:C3:A8:02:B3:29 ValidityTue, 30 Apr 2024 07:42:02 GMT - Mon, 29 Jul 2024 07:42:01 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp Hashd6aebecbcd55c837e926819b2501107c 436e78df886e31e338471bb6e3b05768b8275229 943538330e8c4404c4e9c39a545bba63c18b30d8f1b1da0381d9b338e0457d5f
GET /library/426059/436e78df886e31e338471bb6e3b05768b8275229.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 20:06:46 GMT
content-type: image/webp
content-length: 9636
last-modified: Tue, 19 Sep 2023 15:48:30 GMT
etag: "6509c2ce-25a4"
accept-ch:
expires: Wed, 18 Sep 2024 16:05:14 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH3/mUzAQ
x-77-nzt-ray: c0a4cc2831fabfffd62c3d669d917c2e
x-accel-expires: @1726675544
x-accel-date: 1695139544
x-cache: HIT
x-age: 20145662
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 20145662
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| vb.glowedhyalins.com/rkgFUWJ9OlANV/rORWG | 23.109.170.60 | 200 OK | 20 B |
URL GET HTTP/1.1vb.glowedhyalins.com/rkgFUWJ9OlANV/rORWG IP23.109.170.60:443
Requested byhttps://joniku.pro/video/preteen-years-yandex/ CertificateIssuerLet's Encrypt Subjectvb.glowedhyalins.com FingerprintDF:73:FC:94:0C:EB:41:BA:42:98:C4:2A:45:27:76:5C:0B:2C:1E:8D ValidityThu, 28 Mar 2024 23:42:41 GMT - Wed, 26 Jun 2024 23:42:40 GMT
File typegzip compressed data, from Unix Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /rkgFUWJ9OlANV/rORWG HTTP/1.1
Host: vb.glowedhyalins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 May 2024 20:06:47 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://joniku.pro
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Fri, 10-May-2024 20:06:47 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Fri, 10-May-2024 20:06:47 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| bobabillydirect.org/v3/a/pop/js/228900 | 88.208.22.4 | | 6.6 kB |
URL bobabillydirect.org/v3/a/pop/js/228900 IP88.208.22.4:0 ASN#39572 DataWeb Global Group B.V.
File typeJavaScript source, ASCII text, with very long lines (16635), with no line terminators Hash04edcb4cf892d7c8ad7e0a0a7e2dfcd9 d0c424955cef7cb60c4e2d39358fcb4d025c86d3 d639d61b40fffb1b7b35a25fb88119ccc12bcd30410e0645f52ac30fde9a1ee6
GET /v3/a/pop/js/228900 HTTP/1.1
Host: bobabillydirect.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 20:06:50 GMT
content-type: application/javascript; charset=UTF-8
content-length: 6570
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 142.250.74.34 | | 0 B |
URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP142.250.74.34:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://joniku.pro/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Thu, 09 May 2024 20:06:50 GMT
expires: Thu, 09 May 2024 20:06:50 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 2227523428535324734
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51674
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| neglectsquad.com/a9/65/ca/a965ca112416158144c8d27bb4260c04.js | 172.240.108.76 | | 31 kB |
URL neglectsquad.com/a9/65/ca/a965ca112416158144c8d27bb4260c04.js IP172.240.108.76:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashe074364f4111e116dbb8c8fa25368df7 16baeaf5cc56b8b20458cdab8a42247006e4bfed bdfb9773e141045bd16c01479a59dd20fb33ef6fa4f525209c2c46f93c78dc62
GET /a9/65/ca/a965ca112416158144c8d27bb4260c04.js HTTP/1.1
Host: neglectsquad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 09 May 2024 20:06:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4cd341d4f185456ee15502a6715e1788
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.r2m03.amazontrust.com/ | 54.230.218.11 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP54.230.218.11:0
Hashc1ae368dfcd18c3fe0a38f18783ecfe1 591b78d8c937af6063def58fa5d376d07e7d005e 58ceb2cb03a41de3ae12171e7359276ed8fcbc1881b071c2783b782667cf124b
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 09 May 2024 20:06:54 GMT
Last-Modified: Thu, 09 May 2024 18:43:55 GMT
Server: ECAcc (ska/F756)
X-Cache: Miss from cloudfront
Via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tSQaufXjeX4zBdVX-3fWL16CxQRgS1znSEr2j9pJzbElg3cILQSdjw==
Age: 4979
|
|
| a.magsrv.com/ad-provider.js | 185.76.9.23 | 200 OK | 42 kB |
URL GET HTTP/2a.magsrv.com/ad-provider.js IP185.76.9.23:443 ASN#60068 Datacamp Limited
Requested byhttps://a.magsrv.com/iframe.php?idzone=5282678&size=300x250&sub=47441 CertificateIssuerLet's Encrypt Subjectmagsrv.com FingerprintE9:B1:06:11:C7:80:11:9F:62:6C:E8:AF:35:69:C6:21:29:87:60:51 ValidityTue, 30 Apr 2024 07:49:25 GMT - Mon, 29 Jul 2024 07:49:24 GMT
File typegzip compressed data, from Unix Hashaaef68afdc044c76730ee322e0d0fd31 71b3faa36f7e0bb7f168758a54f9694ffcc4a1d1 5ccda33c39fe76f4a0a69164dd1d5a3f25c4e35efb5733825954854c12552d52
GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=5282680&size=300x250&sub=47441
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22663d2cd6081bd1.02585746366480488%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 09 May 2024 20:06:46 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"057432c37ba5cf65231392a9e07"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 09 May 2024 13:34:49 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3cwcAAAwBuUwKDAH3MAAAAAgBnJIhHwGB
x-77-nzt-ray: af585630240d88fad62c3d6690b8a709
x-accel-expires: @1715294099
x-77-cache: HIT
content-encoding: gzip
x-accel-date: 1715283299
x-77-age: 1907
server: CDN77-Turbo
x-cache: HIT
x-age: 1907
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| wansafeguard.com/pixel/purst?dl=0&th=0&sc=0&rs=11358&rd=11358&fd=877&bv=24.5.6485&tmpl=70 | 172.240.108.76 | | 0 B |
URL wansafeguard.com/pixel/purst?dl=0&th=0&sc=0&rs=11358&rd=11358&fd=877&bv=24.5.6485&tmpl=70 IP172.240.108.76:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=11358&rd=11358&fd=877&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: wansafeguard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 09 May 2024 20:06:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| gsjln04hd.com/get/1998224?zoneid=1998224&jp=_clnbzcz3lvoe8pwpc0oljm&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208637674946048&eclog=0&im=1&freq=0&uf=0 | 212.117.190.201 | | 1.2 kB |
URL gsjln04hd.com/get/1998224?zoneid=1998224&jp=_clnbzcz3lvoe8pwpc0oljm&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208637674946048&eclog=0&im=1&freq=0&uf=0 IP212.117.190.201:0
File typeASCII text, with very long lines (4178), with no line terminators Hashb68205a06d60aa4339c7830dda75d562 6ace796142fdd385ab249bf2830eff17ad35f70c e2605a237aa006a07010d0c420bf72688e7a7daea511464ee65a23c4835b791d
GET /get/1998224?zoneid=1998224&jp=_clnbzcz3lvoe8pwpc0oljm&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3208637674946048&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: gsjln04hd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 20:06:44 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Thu, 12 Jun 2025 20:06:44 GMT; Secure; SameSite=None
UID=24050915068cd5933aa6f845bfa091dbc8d5; Path=/; Expires=Thu, 12 Jun 2025 20:06:44 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| 31803.fallclk.com/jC1EDYU4PQbgZtczvVjHJi9Ik9kRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmq-lu7mKcAcfT71O8-GqstkBhg6sPPvFRfwOFg?kws=preteen%2Cyears%2Cyandex&abl=0&fsb=0&pageUri=https%3A%2F%2Fjoniku.pro%2Fvideo%2Fpreteen-years-yandex%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Thu%20May%2009%202024%2020%3A06%3A50%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%223%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 | 88.208.22.1 | | 7.9 kB |
URL 31803.fallclk.com/jC1EDYU4PQbgZtczvVjHJi9Ik9kRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmq-lu7mKcAcfT71O8-GqstkBhg6sPPvFRfwOFg?kws=preteen%2Cyears%2Cyandex&abl=0&fsb=0&pageUri=https%3A%2F%2Fjoniku.pro%2Fvideo%2Fpreteen-years-yandex%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Thu%20May%2009%202024%2020%3A06%3A50%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%223%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 IP88.208.22.1:0 ASN#39572 DataWeb Global Group B.V.
File typeJavaScript source, ASCII text, with very long lines (18260), with no line terminators Hashd4a53d91c6982f2a2fa5b817268cfd34 8a16b2932cafb6e0a61a23150799946b56ca7805 a147bdfb20dc8bb607c77943fdc1cc7049ec0aa07aa8479f9f76885b9bee767b
GET /jC1EDYU4PQbgZtczvVjHJi9Ik9kRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmq-lu7mKcAcfT71O8-GqstkBhg6sPPvFRfwOFg?kws=preteen%2Cyears%2Cyandex&abl=0&fsb=0&pageUri=https%3A%2F%2Fjoniku.pro%2Fvideo%2Fpreteen-years-yandex%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Thu%20May%2009%202024%2020%3A06%3A50%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%223%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 HTTP/1.1
Host: 31803.fallclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://joniku.pro
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 20:06:53 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://joniku.pro
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Thu, 09 May 2024 20:06:53 UTC
expires: Thu, 09 May 2024 20:06:53 UTC
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.tsyndicate.com/sdk/v1/p.js | 45.133.44.70 | | 94 kB |
URL cdn.tsyndicate.com/sdk/v1/p.js IP45.133.44.70:0 ASN#39572 DataWeb Global Group B.V.
File typegzip compressed data, from Unix Hashdc833fe452d3c638cd2615d53c12d479 45d8d7ca7c3c8062bcfee30dc7f468cf8ca8a6f2 e5157539135dd65ab7fc0031a7e0cfcf254687f321b2e8170f8f7871835b2a0d
GET /sdk/v1/p.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/
Cookie: ts_uid=500537d9-d287-451f-86f9-d50e6e06d266
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 09 May 2024 20:06:59 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Fri, 15 Mar 2024 12:35:02 GMT
etag: W/"65f44076-256b"
x-robots-tag: noindex, nofollow
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 11 May 2024 20:06:59 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| 31803.fallclk.com/jS1ECII0OgvnZtczvVjHJi9Ik9kRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmq-lu7mKcAcfT7tOlgBVWwh2-odA2dWiyyUVpw?kws=preteen%2Cyears%2Cyandex&abl=0&fsb=0&pageUri=https%3A%2F%2Fjoniku.pro%2Fvideo%2Fpreteen-years-yandex%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Thu%20May%2009%202024%2020%3A06%3A56%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%223%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 | 88.208.22.1 | | 1.4 kB |
URL 31803.fallclk.com/jS1ECII0OgvnZtczvVjHJi9Ik9kRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmq-lu7mKcAcfT7tOlgBVWwh2-odA2dWiyyUVpw?kws=preteen%2Cyears%2Cyandex&abl=0&fsb=0&pageUri=https%3A%2F%2Fjoniku.pro%2Fvideo%2Fpreteen-years-yandex%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Thu%20May%2009%202024%2020%3A06%3A56%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%223%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 IP88.208.22.1:0 ASN#39572 DataWeb Global Group B.V.
File typegzip compressed data, from Unix Hash6ea96ffebb5c4f71d3607dfd3eb2bd1c 06b01d84bd04efd8c69c10badbf64b3aaada2b62 82c5e50e8c840f02d5a7506b6928735c1cc83d322c5f6c5f12f71891969392e2
GET /jS1ECII0OgvnZtczvVjHJi9Ik9kRvoHRdq9VOcLNSZwVNZyS9dhXp5mMB9M2edSSl9sFIKV2jvq5euuzHOKnYRGKmq-lu7mKcAcfT7tOlgBVWwh2-odA2dWiyyUVpw?kws=preteen%2Cyears%2Cyandex&abl=0&fsb=0&pageUri=https%3A%2F%2Fjoniku.pro%2Fvideo%2Fpreteen-years-yandex%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Thu%20May%2009%202024%2020%3A06%3A56%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%223%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 HTTP/1.1
Host: 31803.fallclk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://joniku.pro
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 20:06:59 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://joniku.pro
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Thu, 09 May 2024 20:06:59 UTC
expires: Thu, 09 May 2024 20:06:59 UTC
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fvcwqkkqmuv.com/aas/r45d/vki/1989014/226466ff.js | 212.117.190.201 | 200 OK | 106 kB |
URL GET HTTP/2fvcwqkkqmuv.com/aas/r45d/vki/1989014/226466ff.js IP212.117.190.201:443
Requested byhttps://joniku.pro/video/preteen-years-yandex/ CertificateIssuerBuypass AS-983163327 Subject Fingerprint2F:0E:38:8C:F6:F7:9C:F2:22:33:5B:B6:E5:2E:EE:F0:6C:51:CC:F2 ValidityTue, 09 Jan 2024 13:22:33 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65106) Size106 kB (106462 bytes) Hashb2ae7f91f5088f9f9c16a9980d9b309c f83dd2377c2f76f22c2dc918a49a525eb7cbada4 ea98942198a76cf5742e011a1599982f29e9756e8e02b87652768d666ec6b360
GET /aas/r45d/vki/1989014/226466ff.js HTTP/1.1
Host: fvcwqkkqmuv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/
Cookie: CHCK=1; UID=240509150619eeb2ad862c4b56a802095adb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 20:07:05 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1a022"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| joniku.pro/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.52.2 | 188.114.97.1 | 200 OK | 7.6 kB |
URL GET HTTP/3joniku.pro/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.52.2 IP188.114.97.1:443
Requested byhttps://joniku.pro/video/preteen-years-yandex/ CertificateIssuerGoogle Trust Services LLC Subjectjoniku.pro Fingerprint54:7E:31:7A:4E:95:FF:85:56:0B:EE:91:2E:0A:6E:5D:82:69:01:36 ValidityFri, 03 May 2024 12:55:16 GMT - Thu, 01 Aug 2024 12:55:15 GMT
File typeJavaScript source, ASCII text, with very long lines (7829), with no line terminators Hash4349251c0193fbbdb1269cbeca1d0e85 de6b8597cafd8ae306ecbac993e6652824f0f045 8241e2cc994d17255e2aeef0db9167bb2d269e69debb0c3f5a6fda90d2a7d6ca
GET /wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.52.2 HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:43 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Mon, 06 May 2024 14:25:50 GMT
etag: W/"1d9d-617c9d8a509ba"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4701
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DkFIQqJfgyyPbvPyq0QMeBrlZketE7%2BEWdQXqJu4QxwtciQ5ox5KM981IB78DX30bmnoaKRJH7PborJ6SKrAxoSJF2c9Yf9kSwMZyKeWlPS50MoP20%2FVPo1PNuIV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88144fc97b2d56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fvcwqkkqmuv.com/aas/r45d/vki/1989014/226466ff.js | 212.117.190.201 | 200 OK | 106 kB |
URL GET HTTP/2fvcwqkkqmuv.com/aas/r45d/vki/1989014/226466ff.js IP212.117.190.201:443
Requested byhttps://joniku.pro/video/preteen-years-yandex/ CertificateIssuerBuypass AS-983163327 Subject Fingerprint2F:0E:38:8C:F6:F7:9C:F2:22:33:5B:B6:E5:2E:EE:F0:6C:51:CC:F2 ValidityTue, 09 Jan 2024 13:22:33 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65106) Size106 kB (106462 bytes) Hashb2ae7f91f5088f9f9c16a9980d9b309c f83dd2377c2f76f22c2dc918a49a525eb7cbada4 ea98942198a76cf5742e011a1599982f29e9756e8e02b87652768d666ec6b360
GET /aas/r45d/vki/1989014/226466ff.js HTTP/1.1
Host: fvcwqkkqmuv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 20:06:44 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1a022"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://joniku.pro/video/preteen-years-yandex/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash54c4d0e0734d5c4c6fdb0edbb9857426 2d5603d6e3278f178fd85d1da0f7a02e2fdbd09d e67e132c56eb6acf0bbc34c201369a320d7b4a9c61b0dc95ab87bac5ac51d102
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://joniku.pro
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 20:06:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://joniku.pro
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=0738e49f-6d2c-4f71-8de2-9e37e52d85bf:3:1; expires=Sun, 07 May 2034 20:06:54 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| joniku.pro/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 | 188.114.97.1 | 200 OK | 88 kB |
URL GET HTTP/3joniku.pro/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP188.114.97.1:443
Requested byhttps://joniku.pro/video/preteen-years-yandex/ CertificateIssuerGoogle Trust Services LLC Subjectjoniku.pro Fingerprint54:7E:31:7A:4E:95:FF:85:56:0B:EE:91:2E:0A:6E:5D:82:69:01:36 ValidityFri, 03 May 2024 12:55:16 GMT - Thu, 01 Aug 2024 12:55:15 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:43 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Fri, 03 May 2024 16:31:00 GMT
etag: W/"15601-6178f3ebacbe6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5197
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZx0%2FoYRnYxrM3Czg8zFhbaWSI4uXzijuMeS7imOh2PO5j8BXHjWRXN8iXs58S0RyAc8dqpoaab8jxgv2uMIiIZ9WScSK6tshK4XUfpBxn%2F0yMJeGCFa0QYvC0sF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88144fc96b2256af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| joniku.pro/wp-content/uploads/2024/01/Yandex-Viral-2023-Tante-Dan-Keponakan-Top-Indonesia-Wik-Wik-150x84.png | 188.114.97.1 | 200 OK | 30 kB |
URL GET HTTP/3joniku.pro/wp-content/uploads/2024/01/Yandex-Viral-2023-Tante-Dan-Keponakan-Top-Indonesia-Wik-Wik-150x84.png IP188.114.97.1:443
Requested byhttps://joniku.pro/video/preteen-years-yandex/ CertificateIssuerGoogle Trust Services LLC Subjectjoniku.pro Fingerprint54:7E:31:7A:4E:95:FF:85:56:0B:EE:91:2E:0A:6E:5D:82:69:01:36 ValidityFri, 03 May 2024 12:55:16 GMT - Thu, 01 Aug 2024 12:55:15 GMT
File typePNG image data, 150 x 84, 8-bit/color RGBA, non-interlaced Hash59f1995ab8f2e5051075d6ba6be6eedc 43e9e377b257228c15158f384a75c1d3b323dedc aa9536791a526bd348ac1f72cd1b9266b47ad5e0e0ebcff660c3d34c90fccb41
GET /wp-content/uploads/2024/01/Yandex-Viral-2023-Tante-Dan-Keponakan-Top-Indonesia-Wik-Wik-150x84.png HTTP/1.1
Host: joniku.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/video/preteen-years-yandex/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 20:06:44 GMT
content-type: image/png
content-length: 29653
last-modified: Mon, 29 Jan 2024 16:37:44 GMT
etag: "73d5-6101843dbc600"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2s94FcCp%2BVsA2xhSMUPQ0g0H3gwuRxL8GBWmrnvNSp26glZlJs2ii6Ry6l29himRninSfgKiE0TpJWdJZaXB0f49OSPcdWeCyejyvaODRY2dry7whGJmvwRNXyao"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88144fcc881656af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.tsyndicate.com/sdk/v1/bi.js | 45.133.44.70 | 200 OK | 6.7 kB |
URL GET HTTP/2cdn.tsyndicate.com/sdk/v1/bi.js IP45.133.44.70:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://joniku.pro/video/preteen-years-yandex/ CertificateIssuerLet's Encrypt Subjectcdn.tsyndicate.com Fingerprint27:B4:A1:69:D6:DF:AF:13:62:9C:06:AB:7A:E0:2F:B6:9B:08:43:75 ValidityTue, 09 Apr 2024 03:01:17 GMT - Mon, 08 Jul 2024 03:01:16 GMT
File typeJavaScript source, ASCII text, with very long lines (6919), with no line terminators Hash4ef7e3fce99f74f803b134ff847c22d8 7d4b71b2c7dea32e2e8ed0c697fd3f9ce287dd21 375184639cdf5cfb4ad4a5d93c4ac02710b057bfdaa226ca6bb67c96c28c244c
GET /sdk/v1/bi.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://joniku.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 20:06:44 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Tue, 23 Apr 2024 12:58:29 GMT
etag: W/"6627b075-1a1e"
x-robots-tag: noindex, nofollow
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 11 May 2024 20:06:44 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
0.0.0.0