futana.pro/
185.213.211.82200 OK 2.6 kB IP 185.213.211.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash cf0d48cc18818ac8d3cd470050ab6b96
e34bfaecbb007bbcdd00f6b243eb4e9eaaa3dae3
8a1c1e70a274a34d8393017808b54631b84008cf63e7eb8a172650f2c853ea2b
GET / HTTP/1.1
Host: futana.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:17:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Last-Modified: Wed, 05 Oct 2022 11:13:08 GMT
ETag: "a08-5ea47a95818cd"
Accept-Ranges: bytes
Content-Length: 2568
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6342
Expires: Tue, 06 Dec 2022 15:03:23 GMT
Date: Tue, 06 Dec 2022 13:17:41 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2742
Cache-Control: max-age=165559
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:17:41 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 11:17:00 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 12:20:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3437
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4401
Expires: Tue, 06 Dec 2022 14:31:02 GMT
Date: Tue, 06 Dec 2022 13:17:41 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: C6So507nKMXxrfNRC22+ILxGBV7dbq2qoknYaepQETBVC+A99/x1DfZNsIrOVwZqNx8LyE9Xs8c=
x-amz-request-id: GZVVPQ71EN9JVM0H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 12:48:56 GMT
age: 1725
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 13:17:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
futana.pro/files/webm/ion.js
185.213.211.82200 OK 13 kB URL HTTP/1.1 futana.pro/files/webm/ion.js
IP 185.213.211.82:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (535)
Hash f95049c129644d329a531924ca88aad9
4b0c98b47e4b57b1335707399b90d9577e8592ed
e0a9806cbc9a2093b771fdb39ec96f56ddbad7b9598c047b07f71246bf35e0c7
GET /files/webm/ion.js HTTP/1.1
Host: futana.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://futana.pro/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:17:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Last-Modified: Wed, 15 May 2019 18:32:29 GMT
ETag: "3223-588f15f31d12c"
Accept-Ranges: bytes
Content-Length: 12835
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
futana.pro/files/webm/jquery.js
185.213.211.82200 OK 86 kB URL HTTP/1.1 futana.pro/files/webm/jquery.js
IP 185.213.211.82:0
File type ASCII text, with very long lines (32019)
Hash 6cbb321051a268424103cd4aea8ffa66
7cb05e3d551cd61439337b2cb22f49b1955f9711
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d
GET /files/webm/jquery.js HTTP/1.1
Host: futana.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://futana.pro/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:17:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Last-Modified: Wed, 15 May 2019 18:32:30 GMT
ETag: "14e7e-588f15f41d2d4"
Accept-Ranges: bytes
Content-Length: 85630
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
bongacams.com/track?c=258963&pt=http
195.85.23.89302 Found 138 B URL HTTP/1.1 bongacams.com/track?c=258963&pt=http
IP 195.85.23.89:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /track?c=258963&pt=http HTTP/1.1
Host: bongacams.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://futana.pro/
HTTP/1.1 302 Found
Date: Tue, 06 Dec 2022 13:17:42 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
location: https://bngtrk.com/hit.php?c=258963&pt=http
x-bc: ded7850
x-zone: 5a-web51
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=CG0uDyj8vOcZHUq.ueNdYW3IrFJKcnmO_RKjeOKFS.0-1670332662-0-AYv1oWT561eJ3UdHORb410BFyjmEt7Y9o6tUrBYNUTc+1rOC9gfTeOVNpHKbeLyVvHE69NCPc2C3nDSac9mSFPQ=; path=/; expires=Tue, 06-Dec-22 13:47:42 GMT; domain=.bongacams.com; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 77554da1ddb80b49-OSL
futana.pro/files/1280x720_poster_nt722.jpg
185.213.211.82200 OK 28 kB URL HTTP/1.1 futana.pro/files/1280x720_poster_nt722.jpg
IP 185.213.211.82:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1280x720, components 3\012- data
Hash a50a29bbe31eb68c94296117d02de764
8f8124826bca2c32d9a7d92af801c36076623f34
6cd37b92b041da5dc0191d44fe47fbd1ec3ed7f620b74f640fbe0c5a571bdbdc
GET /files/1280x720_poster_nt722.jpg HTTP/1.1
Host: futana.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://futana.pro/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:17:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Last-Modified: Tue, 18 Jan 2022 15:41:01 GMT
ETag: "6ed6-5d5dd189dd53d"
Accept-Ranges: bytes
Content-Length: 28374
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
futana.pro/files/GBI.ttf
185.213.211.82404 Not Found 211 B IP 185.213.211.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9f4ecb2b76fe0e93f9f2a6d733bc9bc2
60c4fe005af81ca93beac70c71c2679e94e06030
ecfe7a61dcc68f26455cd2060073cb5ce2d227c7131ee96ae1f99e98d940bfa0
GET /files/GBI.ttf HTTP/1.1
Host: futana.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://futana.pro/
HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:17:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Content-Length: 211
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 9221375e6973608bdfee8b40f8af2f18
bef2b9e018409675364ddd554a353f81a8b196de
2fa9d54a51044a7f177a551e364cc0d9c27636c970540bb67e9299dd48952760
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:17:42 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 06:10:17 GMT
Expires: Mon, 12 Dec 2022 06:10:16 GMT
Etag: "bef2b9e018409675364ddd554a353f81a8b196de"
Cache-Control: max-age=604052,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 33
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77554da2beacb523-OSL
futana.pro/files/webm/1.mp3?1670332662096
185.213.211.82200 OK 230 kB URL HTTP/1.1 futana.pro/files/webm/1.mp3?1670332662096
IP 185.213.211.82:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 96 kbps, 44.1 kHz, Stereo\012- data
Size 230 kB (229671 bytes)
Hash 2808369bcd68b1d2293c4b02d81b0394
485e79eee7bb48695f66d9315ee51c9f107afa91
010e865013fbdbbe6d64965cfc7afe9eff3282a29ed0b88fd196d5a78428c8e6
GET /files/webm/1.mp3?1670332662096 HTTP/1.1
Host: futana.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://futana.pro/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:17:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Last-Modified: Wed, 15 May 2019 18:32:24 GMT
ETag: "38127-588f15eee7ae5"
Accept-Ranges: bytes
Content-Length: 229671
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: audio/mpeg
futana.pro/files/webm/002.webm
185.213.211.82206 Partial Content 131 kB URL HTTP/1.1 futana.pro/files/webm/002.webm
IP 185.213.211.82:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 131 kB (131314 bytes)
Hash c66038d48866eb92f4cdb87c10a5aaa1
2283a937b36ce1e7d4d440fa75e4aaa0e0070e9e
826b4139e86fe9b7bf4b622acf50732bdb0aa7eb1b8c98bb100c08e609d1af53
GET /files/webm/002.webm HTTP/1.1
Host: futana.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://futana.pro/
HTTP/1.1 206 Partial Content
Date: Tue, 06 Dec 2022 13:17:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Last-Modified: Tue, 18 Jan 2022 16:04:59 GMT
ETag: "200f2-5d5dd6e5f7185"
Accept-Ranges: bytes
Content-Length: 131314
Content-Range: bytes 0-131313/131314
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: video/webm
futana.pro/favicon.ico
185.213.211.82404 Not Found 209 B IP 185.213.211.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 18ffb59b61525f781cf9251045be575d
bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
GET /favicon.ico HTTP/1.1
Host: futana.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://futana.pro/
HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 13:17:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Content-Length: 209
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
counter.yadro.ru/hit?r;s1280*1024*24;uhttp%3A//futana.pro/;hFUTANA.pro%20-%203D%20Futanari%20Shemale%20Games;0.4132309448872602
88.212.201.204302 Moved Temporarily 32 B URL HTTP/1.1 counter.yadro.ru/hit?r;s1280*1024*24;uhttp%3A//futana.pro/;hFUTANA.pro%20-%203D%20Futanari%20Shemale%20Games;0.4132309448872602
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type HTML document, ASCII text
Hash 3e9c09a8c5a87f266e047a596f48578c
07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
GET /hit?r;s1280*1024*24;uhttp%3A//futana.pro/;hFUTANA.pro%20-%203D%20Futanari%20Shemale%20Games;0.4132309448872602 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://futana.pro/
HTTP/1.1 302 Moved Temporarily
Date: Tue, 06 Dec 2022 13:17:42 GMT
Server: 0W/0.8c
Content-Type: text/html
Location: https://counter.yadro.ru/hit?r;s1280*1024*24;uhttp%3A//futana.pro/;hFUTANA.pro%20-%203D%20Futanari%20Shemale%20Games;0.4132309448872602
Content-Length: 32
Expires: Sun, 05 Dec 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 13:08:58 GMT
cache-control: public,max-age=3600
age: 524
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 8464f7d86af365eac84b9f2733b5739f
1a4609736b777e6bcbd729532329116c52d3db81
6c9380c4bc469aef666ec7a1c24480dc2761105035933168a4acefd853dacfed
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:17:42 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 10 Dec 2022 11:43:55 GMT
ETag: "1a4609736b777e6bcbd729532329116c52d3db81"
Last-Modified: Tue, 06 Dec 2022 11:43:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2776
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77554da5fa34b524-OSL
counter.yadro.ru/hit?r;s1280*1024*24;uhttp%3A//futana.pro/;hFUTANA.pro%20-%203D%20Futanari%20Shemale%20Games;0.4132309448872602
88.212.201.204200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit?r;s1280*1024*24;uhttp%3A//futana.pro/;hFUTANA.pro%20-%203D%20Futanari%20Shemale%20Games;0.4132309448872602
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit?r;s1280*1024*24;uhttp%3A//futana.pro/;hFUTANA.pro%20-%203D%20Futanari%20Shemale%20Games;0.4132309448872602 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://futana.pro/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 06 Dec 2022 13:17:42 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Sun, 05 Dec 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2725
Cache-Control: max-age=160473
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:17:42 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 09:52:15 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.160.51.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.51.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PpsmbpAg6XrckA55TUeTBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lDMObuFk7ltcQ1cOf5Njy9abZbk=
go.cm-trk5.com/aff_f?h=zw5xSu&aff_sub2=FTN_new&aff_sub5=seo-sem
172.255.248.105302 Found 234 B URL HTTP/1.1 go.cm-trk5.com/aff_f?h=zw5xSu&aff_sub2=FTN_new&aff_sub5=seo-sem
IP 172.255.248.105:0
File type HTML document, ASCII text, with no line terminators
Hash beab39b81337efb466d6907005d6d48f
084558f40d87d0111edcbdf3b8fb2a669288688d
7a0eeb603de4141a17a5a9cad1cc9e96c43d252a355887a306488bfdf3c3d73c
GET /aff_f?h=zw5xSu&aff_sub2=FTN_new&aff_sub5=seo-sem HTTP/1.1
Host: go.cm-trk5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 06 Dec 2022 13:17:44 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 234
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: language=en; Domain=go.cm-trk5.com; Path=/; Expires=Thu, 05 Jan 2023 13:17:44 GMT
flow_id=zw5xSu; Domain=go.cm-trk5.com; Path=/; Expires=Thu, 05 Jan 2023 13:17:44 GMT
Location: aff_c?aff_id=49828&offer_id=6592&url_id=10851&aff_sub2=FTN_new&aff_sub5=seo-sem
Vary: Accept
Cache-Control: no-store, no-cache
go.cm-trk5.com/aff_c?aff_id=49828&offer_id=6592&url_id=10851&aff_sub2=FTN_new&aff_sub5=seo-sem
172.255.248.105302 Found 314 B URL HTTP/1.1 go.cm-trk5.com/aff_c?aff_id=49828&offer_id=6592&url_id=10851&aff_sub2=FTN_new&aff_sub5=seo-sem
IP 172.255.248.105:0
File type HTML document, ASCII text, with very long lines (314), with no line terminators
Hash 08743912c5cdf77254c0ae2c8fdef5bb
2182284ddefaca23fff3dcf3bdd3b39e799a939d
9096e11208ac0a5b72d0855acabe736fad156e61c13cbeb85c268744f2762d06
GET /aff_c?aff_id=49828&offer_id=6592&url_id=10851&aff_sub2=FTN_new&aff_sub5=seo-sem HTTP/1.1
Host: go.cm-trk5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: language=en; flow_id=zw5xSu
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 06 Dec 2022 13:17:44 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 314
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: language=en; Domain=go.cm-trk5.com; Path=/; Expires=Thu, 05 Jan 2023 13:17:44 GMT
test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
6592=37_49828_6592_c89e5ef98290fb11635f1a236c08a87a; Domain=go.cm-trk5.com; Path=/; Expires=Thu, 05 Jan 2023 13:17:44 GMT
op_6592=10851; Domain=go.cm-trk5.com; Path=/; Expires=Thu, 05 Jan 2023 13:17:44 GMT
user_id=980ff063-ed4b-4706-a193-9eed29730206_d87f05058ae69f04bae9eeab9b358fd3; Domain=go.cm-trk5.com; Path=/; Expires=Sun, 05 Dec 2027 13:17:44 GMT; Secure; SameSite=None
Location: /rd.html?go=https%3A%2F%2Frapidrtr.com%2Fcr.php%3Fcid%3D236%26ACT%3D68155%26TRK%3D49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a.
Vary: Accept
Cache-Control: no-store, no-cache
go.cm-trk5.com/rd.html?go=https%3A%2F%2Frapidrtr.com%2Fcr.php%3Fcid%3D236%26ACT%3D68155%26TRK%3D49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a.
172.255.248.105200 OK 255 B URL HTTP/1.1 go.cm-trk5.com/rd.html?go=https%3A%2F%2Frapidrtr.com%2Fcr.php%3Fcid%3D236%26ACT%3D68155%26TRK%3D49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a.
IP 172.255.248.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 997bfcab4e7a51023ff8da026ed4374a
35d15ad133e52c1b9dea0b3696a8719521387a9e
070d804ff334e0de872b9ac4c28c1bc578a043771099d2e9556782974ed560a3
GET /rd.html?go=https%3A%2F%2Frapidrtr.com%2Fcr.php%3Fcid%3D236%26ACT%3D68155%26TRK%3D49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a. HTTP/1.1
Host: go.cm-trk5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: language=en; flow_id=zw5xSu; 6592=37_49828_6592_c89e5ef98290fb11635f1a236c08a87a; op_6592=10851; user_id=980ff063-ed4b-4706-a193-9eed29730206_d87f05058ae69f04bae9eeab9b358fd3
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 13:17:44 GMT
Content-Type: text/html
Last-Modified: Fri, 13 Aug 2021 14:56:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61168831-149"
Cache-Control: no-store, no-cache
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6249
Expires: Tue, 06 Dec 2022 15:01:53 GMT
Date: Tue, 06 Dec 2022 13:17:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6249
Expires: Tue, 06 Dec 2022 15:01:53 GMT
Date: Tue, 06 Dec 2022 13:17:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6249
Expires: Tue, 06 Dec 2022 15:01:53 GMT
Date: Tue, 06 Dec 2022 13:17:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6249
Expires: Tue, 06 Dec 2022 15:01:53 GMT
Date: Tue, 06 Dec 2022 13:17:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6249
Expires: Tue, 06 Dec 2022 15:01:53 GMT
Date: Tue, 06 Dec 2022 13:17:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30d72693680b3ac91c0eee4d47a26196
cd923a5a3810bfe86be2eca4b97c739d76756d93
69ca9e172f6b0c5bf158022d533701b89282630deaa0ce7df27ed459c9bfe75e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8656
x-amzn-requestid: cfc71f7f-d1c6-47c9-8107-864701dbf3c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwkEHmIAMFUnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d0-6705510852d26ae24b3e5ea4;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JVEVoNv1w1lqFYG0M8v2GK92-1MfPxn8SnZv5JZitWWEDuXJ4DwmqQ==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:41 GMT
age: 55743
etag: "cd923a5a3810bfe86be2eca4b97c739d76756d93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ebd3528452aecd80e39bbf82d3f71f2c
eaa956309d27052d466f7c4bd75b3bdf8443f251
680066dadbddc2cd7179ad5bdfbf9b2014ea601561e585d18dfcda73512ae84a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6352
x-amzn-requestid: cd970b83-2a99-4e38-afed-580d733040a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuWF1bIAMFcpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-1ba552306e857bb37424d679;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: m_QprITRv6aKoKB1VsoqgcIM18ZcHIrJk2gs7710QElOJBtrcskrJw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:55 GMT
etag: "eaa956309d27052d466f7c4bd75b3bdf8443f251"
content-type: image/jpeg
age: 56149
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fddffc8edfa3ca668c8ac740d34f46c5
63483fc211cfb2808c7f37940a4065b4f4177c59
3c736f085f8f25d68c3dd946d5a546dc6d1f5f6e94a0da17b7fd4662d61a0b50
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8660
x-amzn-requestid: d5cf901f-bd2b-4269-918a-29a0bec09a40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uBG9IIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1326-63b4ea925878dab212409f2b;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZbrQ6wWHMvuPGfdujPdgWq3ahDYeTi0wGfwnn27xEBt6TvM8r0kMgQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:49:39 GMT
age: 55685
etag: "63483fc211cfb2808c7f37940a4065b4f4177c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 54496
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f2c354a00ab51d4a41221b6bf191c10
01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EQorA5VTb0s2BEIWBkdkhDho-bLdLVvu8LnAIQsQqsIjgBLneYqCzg==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:22 GMT
age: 55762
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fNsYsKfPUM8QaG7-F1tSBDdsNit1BfYpWddNssXwyFO2HgdA0RpjAQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:21 GMT
age: 55403
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
go.cm-trk5.com/favicon.ico
172.255.248.105404 Not Found 123 B URL HTTP/1.1 go.cm-trk5.com/favicon.ico
IP 172.255.248.105:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c728bf241d9141b8d3100ae5140e09c5
07f0da1bdfadd0354b090781f1e3264ac22b6c39
34f3447a0b669f7c583609861bd783e8940b379cf642df02901cee86233a355a
GET /favicon.ico HTTP/1.1
Host: go.cm-trk5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cm-trk5.com/rd.html?go=https%3A%2F%2Frapidrtr.com%2Fcr.php%3Fcid%3D236%26ACT%3D68155%26TRK%3D49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a.
Cookie: language=en; flow_id=zw5xSu; 6592=37_49828_6592_c89e5ef98290fb11635f1a236c08a87a; op_6592=10851; user_id=980ff063-ed4b-4706-a193-9eed29730206_d87f05058ae69f04bae9eeab9b358fd3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 06 Dec 2022 13:17:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 644a4b82806b13ff90707730ee8a01c3
d53708222524edceeb88703f03216da26d5c637b
cb3702018f44f5e797a6ee9060a52c1714112b2f612412e48506949589b146dc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Dec 2022 13:17:44 GMT
Etag: "638dce05-1d7"
Last-Modified: Tue, 06 Dec 2022 12:23:31 GMT
Server: ECS (dcb/7F82)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9ahrsJ0Kz4FTk4iTAeEbonVEXF2hgv43xJPnwWO03dxeKolOyoVyFg==
Age: 3253
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 3ac360b6e178284a025d437e59d54ffb
33f926f558cee341477e57cccf890b52d9a80f0b
b6ba5bd46e57c71e624cc63fb1d719c6960cc9853807fcef8d1dec3390c4dfdb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=117808
Date: Tue, 06 Dec 2022 13:17:45 GMT
Etag: "638e537e-1d7"
Expires: Wed, 07 Dec 2022 22:01:13 GMT
Last-Modified: Mon, 05 Dec 2022 20:24:30 GMT
Server: ECS (dcb/7EED)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: U3ZaPEafjd5OCqwGI418NtlJVER-ul6G-MpIkAaPKGSCY72WsKEceg==
Age: 5803
rapidrtr.com/cr.php?cid=236&ACT=68155&TRK=49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a.
35.83.66.86302 Found 1.4 kB URL HTTP/2 rapidrtr.com/cr.php?cid=236&ACT=68155&TRK=49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a.
IP 35.83.66.86:0
Hash 4647849a47c107592386e6f75f8c076a
ea9c9633b0d9494dbe13a01a3d062844a1065afe
d857eaff34d5b16c50bda8e10a159ab8dad54be520374c5829f514969d6ca012
GET /cr.php?cid=236&ACT=68155&TRK=49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a. HTTP/1.1
Host: rapidrtr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cm-trk5.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 06 Dec 2022 13:17:45 GMT
content-type: text/html; charset=UTF-8
location: https://landqck.com/ep.php/prmagms:72266/68155:49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089
set-cookie: AWSALB=8aunx12TxOYzQmDZsxENq6e+o/ZVhV3rvlkRPGU9VeZKA+4b2fVucvX6KMeu9uhCGBWqijlZ/2vZhDCZnlNWy9UhsXVe0uymVdTUHT6uhLv2Zx2tTQozHsj7SohJ; Expires=Tue, 13 Dec 2022 13:17:45 GMT; Path=/
AWSALBCORS=8aunx12TxOYzQmDZsxENq6e+o/ZVhV3rvlkRPGU9VeZKA+4b2fVucvX6KMeu9uhCGBWqijlZ/2vZhDCZnlNWy9UhsXVe0uymVdTUHT6uhLv2Zx2tTQozHsj7SohJ; Expires=Tue, 13 Dec 2022 13:17:45 GMT; Path=/; SameSite=None; Secure
hskp=cbZz120647865%2C; expires=Tue, 20-Dec-2022 13:17:45 GMT; Max-Age=1209600
skip=-1670332665%2C786; expires=Tue, 06-Dec-2022 13:27:45 GMT; Max-Age=600
236_786_0=1670332665; expires=Wed, 07-Dec-2022 13:17:45 GMT; Max-Age=86400
server: Apache
X-Firefox-Spdy: h2
ezjoinflow.com/src/click12/css/base2.css
163.171.128.172200 OK 9.1 kB URL HTTP/2 ezjoinflow.com/src/click12/css/base2.css
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (472)
Hash 094b3ec1f177fc9d159f11545d75fc04
bf025b3b012844ecc8f46574093e446ceaeb00bd
af7e94ed00f1ec0e13baf2a6ec7080021dc3a84e03c07b7ad499d0b86564bdab
GET /src/click12/css/base2.css HTTP/1.1
Host: ezjoinflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezjoinflow.com/src/click12/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089
Cookie: HMF_CI=49c7eab671c6c84f951de8f44c305faf3106f7113610bbe0c842ff05157d4238f5555836e4455647f162728c207044c0c41a86d4a685bbbfd80a4c33ab0c97f062
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:47 GMT
content-type: text/css
content-length: 9119
server: PWS/8.3.1.0.8
last-modified: Tue, 02 Mar 2021 21:27:11 GMT
etag: "603eadaf-239f"
accept-ranges: bytes
age: 80934
via: 1.1 hexi49:2 (W), 1.1 PSdgflkfFRA1vg90:8 (W)
x-px: ht PSdgflkfFRA1vg90FRA
x-ws-request-id: 638f40fb_PSdgflkfFRA1vg90_39375-4135
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ezjoinflow.com/src/click12/img/no-mute.png
163.171.128.172200 OK 7.8 kB URL HTTP/2 ezjoinflow.com/src/click12/img/no-mute.png
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 413 x 337, 8-bit/color RGBA, non-interlaced\012- data
Hash 04b36d021d910f3d98b77e7e71717700
5d3e42784ebf508d39528c5bb5fd9d666649b933
b157d878db142022a09fe469e223c5e7fc567bd3ee468481b17c9421bbf06e6a
GET /src/click12/img/no-mute.png HTTP/1.1
Host: ezjoinflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezjoinflow.com/src/click12/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089
Cookie: HMF_CI=49c7eab671c6c84f951de8f44c305faf3106f7113610bbe0c842ff05157d4238f5555836e4455647f162728c207044c0c41a86d4a685bbbfd80a4c33ab0c97f062
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:47 GMT
content-type: image/png
content-length: 7777
server: PWS/8.3.1.0.8
last-modified: Thu, 07 Jan 2021 16:10:13 GMT
etag: "5ff73265-1e61"
accept-ranges: bytes
age: 80934
via: 1.1 hexi49:2 (W), 1.1 PS-FRA-01lai110:1 (W)
x-px: ht PS-FRA-01lai110FRA
x-ws-request-id: 638f40fb_PSdgflkfFRA1vg90_39375-4138
X-Firefox-Spdy: h2
ezjoinflow.com/src/click12/img/xxxcybergames-logo.png
163.171.128.172200 OK 31 kB URL HTTP/2 ezjoinflow.com/src/click12/img/xxxcybergames-logo.png
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 924 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a51f3e0a24d68115db8085de8712183
60b51c90c6bd8eac5cee3c75e41931126a38c163
c8588b668aedbd9395b341fe430e7f71b27d9c25eb681216d4d0b0d80a0c8556
GET /src/click12/img/xxxcybergames-logo.png HTTP/1.1
Host: ezjoinflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezjoinflow.com/src/click12/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089
Cookie: HMF_CI=49c7eab671c6c84f951de8f44c305faf3106f7113610bbe0c842ff05157d4238f5555836e4455647f162728c207044c0c41a86d4a685bbbfd80a4c33ab0c97f062
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:47 GMT
content-type: image/png
content-length: 31218
server: PWS/8.3.1.0.8
last-modified: Sat, 20 Feb 2021 01:14:52 GMT
etag: "6030628c-79f2"
accept-ranges: bytes
age: 73826
via: 1.1 hexi50:5 (W), 1.1 PSdgflkfFRA1gi91:12 (W)
x-px: ht PSdgflkfFRA1gi91FRA
x-ws-request-id: 638f40fb_PSdgflkfFRA1vg90_39375-4137
X-Firefox-Spdy: h2
ezjoinflow.com/src/click12/js/jquery-2.2.4.min.js
163.171.128.172200 OK 86 kB URL HTTP/2 ezjoinflow.com/src/click12/js/jquery-2.2.4.min.js
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /src/click12/js/jquery-2.2.4.min.js HTTP/1.1
Host: ezjoinflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezjoinflow.com/src/click12/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089
Cookie: HMF_CI=49c7eab671c6c84f951de8f44c305faf3106f7113610bbe0c842ff05157d4238f5555836e4455647f162728c207044c0c41a86d4a685bbbfd80a4c33ab0c97f062
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:47 GMT
content-type: application/javascript
content-length: 85578
server: PWS/8.3.1.0.8
last-modified: Thu, 07 Jan 2021 16:10:13 GMT
etag: "5ff73265-14e4a"
accept-ranges: bytes
age: 79660
via: 1.1 hexi49:2 (W), 1.1 PSdgflkfFRA1gi91:15 (W)
x-px: ht PSdgflkfFRA1gi91FRA
x-ws-request-id: 638f40fb_PSdgflkfFRA1vg90_39375-4140
X-Firefox-Spdy: h2
ezjoinflow.com/src/click12/js/iframeResizer.min.js
163.171.128.172200 OK 12 kB URL HTTP/2 ezjoinflow.com/src/click12/js/iframeResizer.min.js
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (11471)
Hash f6fb142b95a0163be52282ef8b1f4b9a
271ffc93a6b6ef177b6418b6c0d1fb28624e9fb5
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33
GET /src/click12/js/iframeResizer.min.js HTTP/1.1
Host: ezjoinflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezjoinflow.com/src/click12/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089
Cookie: HMF_CI=49c7eab671c6c84f951de8f44c305faf3106f7113610bbe0c842ff05157d4238f5555836e4455647f162728c207044c0c41a86d4a685bbbfd80a4c33ab0c97f062
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:47 GMT
content-type: application/javascript
content-length: 11799
server: PWS/8.3.1.0.8
last-modified: Thu, 07 Jan 2021 16:10:13 GMT
etag: "5ff73265-2e17"
accept-ranges: bytes
age: 76917
via: 1.1 hexi49:2 (W), 1.1 PSdgflkfFRA1je97:21 (W)
x-px: ht PSdgflkfFRA1je97FRA
x-ws-request-id: 638f40fb_PSdgflkfFRA1vg90_39375-4141
X-Firefox-Spdy: h2
ezjoinflow.com/src/click12/img/mute.png
163.171.128.172200 OK 3.6 kB URL HTTP/2 ezjoinflow.com/src/click12/img/mute.png
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 370 x 322, 8-bit/color RGBA, non-interlaced\012- data
Hash 81c68667e33c31747a20b6839c3c3d3a
a60f7607bbece07e116f6d597fe7ddeef372fdd9
2055d2604c03203348da7717897338e8678ac218cdd60b8360bf59ed238b3814
GET /src/click12/img/mute.png HTTP/1.1
Host: ezjoinflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezjoinflow.com/src/click12/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089
Cookie: HMF_CI=49c7eab671c6c84f951de8f44c305faf3106f7113610bbe0c842ff05157d4238f5555836e4455647f162728c207044c0c41a86d4a685bbbfd80a4c33ab0c97f062
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:47 GMT
content-type: image/png
content-length: 3632
server: PWS/8.3.1.0.8
last-modified: Thu, 07 Jan 2021 16:10:13 GMT
etag: "5ff73265-e30"
accept-ranges: bytes
age: 80934
via: 1.1 hexi49:2 (W), 1.1 PSdgflkfFRA1vg90:7 (W)
x-px: ht PSdgflkfFRA1vg90FRA
x-ws-request-id: 638f40fb_PSdgflkfFRA1vg90_39375-4139
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:300,400,500,700,800&display=swap
142.250.74.74200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:300,400,500,700,800&display=swap
IP 142.250.74.74:0
Hash c9e95c3951fcdc8aff0c0a455feba7de
dbeca8aa413a4866cefe5e4aba0b1ae35d902653
901b3078609f3819a7cb78c784360139e5fecc45057895c181af47c79b5fe7f2
GET /css?family=Montserrat:300,400,500,700,800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezjoinflow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 13:17:47 GMT
date: Tue, 06 Dec 2022 13:17:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ezjoinflow.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:18 GMT
expires: Fri, 01 Dec 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 419849
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash b76daa0b9459ca3f3f97fe27b4915a22
38627d57725f67eae2b865ab234ee6cce4b03e18
d24df5a045b03000ffd5dc82da7933a936771b2bea33d93fa640d4fe3527e40a
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:17:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 10 Dec 2022 12:24:39 GMT
ETag: "38627d57725f67eae2b865ab234ee6cce4b03e18"
Last-Modified: Tue, 06 Dec 2022 12:24:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77554dc2aed8b524-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash b76daa0b9459ca3f3f97fe27b4915a22
38627d57725f67eae2b865ab234ee6cce4b03e18
d24df5a045b03000ffd5dc82da7933a936771b2bea33d93fa640d4fe3527e40a
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 13:17:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 10 Dec 2022 12:24:39 GMT
ETag: "38627d57725f67eae2b865ab234ee6cce4b03e18"
Last-Modified: Tue, 06 Dec 2022 12:24:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77554dc35eb9b4e8-OSL
ezjoinflow.com/src/click12/img/favicon.ico
163.171.128.172200 OK 606 B URL HTTP/2 ezjoinflow.com/src/click12/img/favicon.ico
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 9ac07e43225983cd1e4a31bb05f86cf4
fcb6d50d066c5104e954ab73ffaecc013af6c654
8cac4f9bbca79590d43b31099ca744cf6fe4745df21506414b547580a6f70913
GET /src/click12/img/favicon.ico HTTP/1.1
Host: ezjoinflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezjoinflow.com/src/click12/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089
Cookie: HMF_CI=49c7eab671c6c84f951de8f44c305faf3106f7113610bbe0c842ff05157d4238f5555836e4455647f162728c207044c0c41a86d4a685bbbfd80a4c33ab0c97f062; HOY_TR=EMCJTRSVKBGNUQFW,574239A061B8CDEF,shfrkujnytzgvwxb; HBB_HC=76661a45a1319e2a10c36dfa92088271ae788c5010caf938f72cf2dc65ae16e69928791c864f0ab2402de69cf9882f233d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:47 GMT
content-type: image/x-icon
content-length: 606
server: PWS/8.3.1.0.8
last-modified: Wed, 11 Aug 2021 18:11:05 GMT
etag: "611412b9-25e"
accept-ranges: bytes
age: 77744
via: 1.1 hexi49:2 (W), 1.1 PSdgflkfFRA1gi91:7 (W)
x-px: ht PSdgflkfFRA1gi91FRA
x-ws-request-id: 638f40fb_PSdgflkfFRA1vg90_39375-4179
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b7a258a169224157fc841c8e01b4dfb
68387c77947d0a821b6b57bcda930f547b083ab7
4c41121aa4edbe5f82d649e5bd4d49a20bf43021ea123fcc6f463ec5d510c7bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C41121AA4EDBE5F82D649E5BD4D49A20BF43021EA123FCC6F463EC5D510C7BB"
Last-Modified: Sun, 04 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18184
Expires: Tue, 06 Dec 2022 18:20:52 GMT
Date: Tue, 06 Dec 2022 13:17:48 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8067d1564fcd54588a416855d2691302
697a929f61f4872b0d7f933db1fe4569284f0f66
2dc43da9510808f0710170113ce6893d25881f1b82bc751379a5cdbc050a2432
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1227
Cache-Control: max-age=169776
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 13:17:48 GMT
Etag: "638f3061-1d7"
Expires: Thu, 08 Dec 2022 12:27:24 GMT
Last-Modified: Tue, 06 Dec 2022 12:06:57 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
jkwnpsv.com/acct/epc68155/add/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089&ofid=1066&epcCID=R2a9o3e6I6o3A5e906Uc0fN4meFb96Z7W&rtid=11174719461
207.120.33.38200 OK 50 kB URL HTTP/2 jkwnpsv.com/acct/epc68155/add/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089&ofid=1066&epcCID=R2a9o3e6I6o3A5e906Uc0fN4meFb96Z7W&rtid=11174719461
IP 207.120.33.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58455)
Hash 4d69954c9063fb07e45c7ab1463ff19e
aa6356a06bd89497c6304940b7673731bea53f1a
5f38c45097ce4718ac6cb06589fff5d41a03ccda7d8f34ebe4b04489579eddf9
Analyzer Verdict Alert quad9 Sinkholed
GET /acct/epc68155/add/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089&ofid=1066&epcCID=R2a9o3e6I6o3A5e906Uc0fN4meFb96Z7W&rtid=11174719461 HTTP/1.1
Host: jkwnpsv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ezjoinflow.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:48 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=849965d2a94b3e22bad15c560d9f05a3; path=/; secure; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 48740713
age: 0
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Miss
section-io-id: 71a4573e17b2668d7f067101ffedd092
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
152.199.19.160200 OK 9.8 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (32033)
Hash 432ca07a1a844dbb27f9e0ab0d468be5
7fdaf858d702f84536a515c675b4028ce2eb0cfa
12732099d21835fabf83a93eec52f7cf1847cd64a0572d18917b2e13b06d5cf0
GET /ajax/bootstrap/3.3.7/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jkwnpsv.com
Connection: keep-alive
Referer: https://jkwnpsv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 11965213
cache-control: public,max-age=31536000
content-type: application/javascript
date: Tue, 06 Dec 2022 13:17:48 GMT
etag: "80bdc1e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:59 GMT
server: ECAcc (ska/F6C5)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9839
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
142.250.74.106200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jkwnpsv.com
Connection: keep-alive
Referer: https://jkwnpsv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:29:29 GMT
expires: Wed, 29 Nov 2023 13:29:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
age: 604099
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jkwnpsv.com/common_tpls/compactML/css/epcclgxcg.css
207.120.33.38200 OK 6.5 kB URL HTTP/2 jkwnpsv.com/common_tpls/compactML/css/epcclgxcg.css
IP 207.120.33.38:0
File type ASCII text, with very long lines (35126), with no line terminators
Hash 298d279995e9c4c951a2fc0a77f1cf02
1cf2f61cc056eb88a8b1fe09ab05386f50fa3231
8165b3d7ae80d2684d7d6e5b3ca2b2900f11fee6eb9d7f86df8d2de9ea73a55e
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/compactML/css/epcclgxcg.css HTTP/1.1
Host: jkwnpsv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jkwnpsv.com/acct/epc68155/add/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089&ofid=1066&epcCID=R2a9o3e6I6o3A5e906Uc0fN4meFb96Z7W&rtid=11174719461
Cookie: PHPSESSID=849965d2a94b3e22bad15c560d9f05a3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:48 GMT
content-type: text/css
content-length: 6480
last-modified: Wed, 03 Mar 2021 16:49:48 GMT
etag: W/"603fbe2c-8936"
content-encoding: gzip
section-io-cache-id: c22ef466d5ea9df33bdbc9e41986afc7
vary: Accept-Encoding
x-varnish: 43108426 48381867
age: 15476
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: c32e30c25b34a37277f04824c0fcf630
X-Firefox-Spdy: h2
jkwnpsv.com/common_tpls/images/icons/email.png
207.120.33.38200 OK 1.3 kB URL HTTP/2 jkwnpsv.com/common_tpls/images/icons/email.png
IP 207.120.33.38:0
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash a86d99b9176d82a211cfa29b2f0b353f
62947ddfd87e3a21869818885e4bfa4e55ad0c11
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/images/icons/email.png HTTP/1.1
Host: jkwnpsv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jkwnpsv.com/acct/epc68155/add/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089&ofid=1066&epcCID=R2a9o3e6I6o3A5e906Uc0fN4meFb96Z7W&rtid=11174719461
Cookie: PHPSESSID=849965d2a94b3e22bad15c560d9f05a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:48 GMT
content-type: image/png
content-length: 1254
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-4e6"
section-io-cache-id: 4d9b9c3b7dd6e771c12291e2da76ed17
x-varnish: 43108428 48533664
age: 15904
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: e16c3731b7673b964286a5cb48e45d8b
X-Firefox-Spdy: h2
jkwnpsv.com/common_tpls/images/ajax-loader.gif
207.120.33.38200 OK 3.2 kB URL HTTP/2 jkwnpsv.com/common_tpls/images/ajax-loader.gif
IP 207.120.33.38:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash be1cede97289c13920048f238fd37b85
313b867d11fc0dd6bc6ca47c334bbcf18956ca76
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/images/ajax-loader.gif HTTP/1.1
Host: jkwnpsv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jkwnpsv.com/acct/epc68155/add/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089&ofid=1066&epcCID=R2a9o3e6I6o3A5e906Uc0fN4meFb96Z7W&rtid=11174719461
Cookie: PHPSESSID=849965d2a94b3e22bad15c560d9f05a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:48 GMT
content-type: image/gif
content-length: 3208
last-modified: Mon, 07 Oct 2013 22:49:23 GMT
etag: "52533a73-c88"
section-io-cache-id: c9f6cfc98648bfd0e8dd5e27b9eeeddd
x-varnish: 49255014 47679397
age: 15703
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: fc95ff84dcd5315d1e3c18086bb175da
X-Firefox-Spdy: h2
jkwnpsv.com/common_tpls/images/icons/password.png
207.120.33.38200 OK 1.5 kB URL HTTP/2 jkwnpsv.com/common_tpls/images/icons/password.png
IP 207.120.33.38:0
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash 6f100f1cdbdce928118ffa4c9293ca5b
6b1a3593e792d4c00187d60560dd03fb42df1156
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/images/icons/password.png HTTP/1.1
Host: jkwnpsv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jkwnpsv.com/acct/epc68155/add/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089&ofid=1066&epcCID=R2a9o3e6I6o3A5e906Uc0fN4meFb96Z7W&rtid=11174719461
Cookie: PHPSESSID=849965d2a94b3e22bad15c560d9f05a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:48 GMT
content-type: image/png
content-length: 1452
last-modified: Tue, 22 Aug 2017 16:34:59 GMT
etag: "599c5d33-5ac"
section-io-cache-id: 5b4664524210ddd636ec0e74ee2ce005
x-varnish: 49255015 47934588
age: 15853
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 1c68d52b367508452735a6eb91641361
X-Firefox-Spdy: h2
jkwnpsv.com/common_tpls/images/icons/fname.png
207.120.33.38200 OK 1.6 kB URL HTTP/2 jkwnpsv.com/common_tpls/images/icons/fname.png
IP 207.120.33.38:0
File type PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c846870756544f39604e671d4111b9d
304938c74246e228fa82d8ca40201c3db6098074
d43abf8c5665519a3fe3f7e90298fc17b62e06d8ada1b90a44ea9985a62abb4d
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/images/icons/fname.png HTTP/1.1
Host: jkwnpsv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jkwnpsv.com/acct/epc68155/add/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089&ofid=1066&epcCID=R2a9o3e6I6o3A5e906Uc0fN4meFb96Z7W&rtid=11174719461
Cookie: PHPSESSID=849965d2a94b3e22bad15c560d9f05a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:48 GMT
content-type: image/png
content-length: 1649
last-modified: Tue, 28 Nov 2017 20:52:02 GMT
etag: "5a1dcc72-671"
section-io-cache-id: e517ec0c9b12c32e78a8f20c2338543c
x-varnish: 43108429 48533666
age: 15904
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 6c8c386da5a5c7cd5111305fa2db78b1
X-Firefox-Spdy: h2
jkwnpsv.com/common_tpls/images/icons/address.png
207.120.33.38200 OK 1.2 kB URL HTTP/2 jkwnpsv.com/common_tpls/images/icons/address.png
IP 207.120.33.38:0
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash b579e9868402d708e54e1a980166c444
1c58e2890b934c0b1ab057f3ac28bedd2a082d19
67756f8b542c7823bcdba421219c3b8e1ee472748d8c3463534f667271356dfb
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/images/icons/address.png HTTP/1.1
Host: jkwnpsv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jkwnpsv.com/acct/epc68155/add/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089&ofid=1066&epcCID=R2a9o3e6I6o3A5e906Uc0fN4meFb96Z7W&rtid=11174719461
Cookie: PHPSESSID=849965d2a94b3e22bad15c560d9f05a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:48 GMT
content-type: image/png
content-length: 1167
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-48f"
section-io-cache-id: b9be42e85f60825f7b26c8ba8bc98119
x-varnish: 49255016 47120049
age: 15909
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: d81eaa00c9be450b3215862b10944ad9
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
104.18.22.52200 OK 54 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
IP 104.18.22.52:0
File type ASCII text, with very long lines (65397)
Hash dc9270247a97f75913a5d8934c24de03
ed9b0fa01b552571f99d529ed355b2ba91cfc48d
847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8
GET /releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jkwnpsv.com/
Origin: https://jkwnpsv.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:49 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 410786
accept-ranges: bytes
server: cloudflare
cf-ray: 77554dce4eeab505-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
104.18.22.52200 OK 4.2 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
IP 104.18.22.52:0
File type ASCII text, with very long lines (26366)
Hash 7fd743485fa194e25e2a207bff6c258a
97c999d752b95ee1ed6271a29aa58109dc17281e
dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jkwnpsv.com/
Origin: https://jkwnpsv.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:49 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 410786
accept-ranges: bytes
server: cloudflare
cf-ray: 77554dce4eedb505-OSL
X-Firefox-Spdy: h2
kit.fontawesome.com/b314bdf1b3.js
104.18.22.52200 OK 6.6 kB URL HTTP/2 kit.fontawesome.com/b314bdf1b3.js
IP 104.18.22.52:0
File type ASCII text, with very long lines (27832)
Hash b073655127c4efb1dae2ddffa8a35952
87ead5cdeef0bb4df7c10c91d8544d2cd0d6af05
350cd0cb56690c02260d4635679d049b8cf654cc06e2fc09c3cf0b97179ae81f
GET /b314bdf1b3.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jkwnpsv.com
Connection: keep-alive
Referer: https://jkwnpsv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:49 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FyzAiy3j8x-HkYi6Nx8h
cf-cache-status: HIT
server: cloudflare
cf-ray: 77554dccccefb505-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
jkwnpsv.com/common_tpls/js/validate_form_v2.js?jsv=29
207.120.33.38200 OK 7.2 kB URL HTTP/2 jkwnpsv.com/common_tpls/js/validate_form_v2.js?jsv=29
IP 207.120.33.38:0
Hash f8f767b6d5d6a0a15c6a03d3d8a0e5e2
eac7f1a998ab16b487980412b7f033a4f2e332f1
36ecccdb2c0820ba7f838e08c65133e45317134e6308f1a93e5163e254aa4f81
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/js/validate_form_v2.js?jsv=29 HTTP/1.1
Host: jkwnpsv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jkwnpsv.com/acct/epc68155/add/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089&ofid=1066&epcCID=R2a9o3e6I6o3A5e906Uc0fN4meFb96Z7W&rtid=11174719461
Cookie: PHPSESSID=849965d2a94b3e22bad15c560d9f05a3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 01 Nov 2022 21:07:07 GMT
etag: W/"63618a7b-614a"
section-io-cache-id: 4ca390c4f023a42b19cded9cfdad0263
x-varnish: 43108427 48533657
age: 15905
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: d630447197e1ef4288703d51d009ce59
X-Firefox-Spdy: h2
entrsecre.com/signup/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089&ofid=1066
163.171.128.172302 Found 0 B URL HTTP/2 entrsecre.com/signup/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089&ofid=1066
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
GET /signup/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089&ofid=1066 HTTP/1.1
Host: entrsecre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezjoinflow.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 06 Dec 2022 13:17:48 GMT
content-type: text/html; charset=UTF-8
server: PWS/8.3.1.0.8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://jkwnpsv.com/acct/epc68155/add/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089&ofid=1066&epcCID=R2a9o3e6I6o3A5e906Uc0fN4meFb96Z7W&rtid=11174719461
via: 1.1 PSmglsjLAX2hu177:8 (W), 1.1 PSdgflkfFRA1vg90:11 (W)
x-px: ms PSdgflkfFRA1vg90FRA,ms PSmglsjLAX2hu177LAX(origin)
x-ws-request-id: 638f40fb_PSdgflkfFRA1vg90_42523-29762
set-cookie: PHPSESSID=32dd8a071fbfcf2e2f583260ec0b8124; path=/; secure; SameSite=None
HMF_CI=61a4d9d252cf3acb49080a32dc268fba3ee2327a2f508172e120cfdaa766d934c791c76413c48be94478f3918c5ba7ddb6fe551e8fcef50567a999631d1abe1a8e; Expires=Thu, 05-Jan-23 13:17:48 GMT; Path=/
X-Firefox-Spdy: h2
jkwnpsv.com/common_tpls/js/form_support.js?v=1101202201
207.120.33.38200 OK 0 B URL HTTP/2 jkwnpsv.com/common_tpls/js/form_support.js?v=1101202201
IP 207.120.33.38:0
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/js/form_support.js?v=1101202201 HTTP/1.1
Host: jkwnpsv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jkwnpsv.com/acct/epc68155/add/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089&ofid=1066&epcCID=R2a9o3e6I6o3A5e906Uc0fN4meFb96Z7W&rtid=11174719461
Cookie: PHPSESSID=849965d2a94b3e22bad15c560d9f05a3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 18 Nov 2022 21:23:38 GMT
etag: W/"6377f7da-ed7"
section-io-cache-id: 155dff96195f2ad0353dddf3843b0e16
x-varnish: 49255013 46196853
age: 15896
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 4653c03005ec82a7d1767a2658282f4d
X-Firefox-Spdy: h2
bngtrk.com/hit.php?c=258963&pt=http
31.192.112.221302 Found 0 B URL HTTP/2 bngtrk.com/hit.php?c=258963&pt=http
IP 31.192.112.221:0
ASN #48684 Viking Host B.V.
GET /hit.php?c=258963&pt=http HTTP/1.1
Host: bngtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://futana.pro/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 13:17:42 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.promo-bc.com
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.bongacams.com
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.bongocams.biz
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.bongacams.org
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.bongacams10.com
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.bcmspt.com
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.bngwlt.com
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.bngpt.com
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.bngpst.com
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.bngprl.com
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.bngpop.com
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.bngosv.com
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.bngvs.com
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.bngdyn.com
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.dynspt.com
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.ecdyn.com
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.trkbc.com
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.trkbng.com
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.bngtrk.com
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.bcprm.com
BCH_H=8347231967bda42ccc9797c908d4af1f%7C2022-12-06; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576800000; path=/; domain=.bngprm.com
location: https://bongacams.com?bcs=b3JoaTgzNDcyMzE5NjdiZGE0MmNjYzk3OTdjOTA4ZDRhZjFmOjoxNzc4NzA6Omh0dHA6Ly9mdXRhbmEucHJvLzo6Ojo6OjI1ODk2Mzo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
expires: Tue, 06 Dec 2022 13:17:41 GMT
x-bcs: ded7015
strict-transport-security: max-age=0;
cache-control: no-cache, public
x-bc-bl: 102
X-Firefox-Spdy: h2
no.bongacams.com/?bcs=b3JoaTgzNDcyMzE5NjdiZGE0MmNjYzk3OTdjOTA4ZDRhZjFmOjoxNzc4NzA6Omh0dHA6Ly9mdXRhbmEucHJvLzo6Ojo6OjI1ODk2Mzo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
195.85.23.95200 OK 0 B URL HTTP/2 no.bongacams.com/?bcs=b3JoaTgzNDcyMzE5NjdiZGE0MmNjYzk3OTdjOTA4ZDRhZjFmOjoxNzc4NzA6Omh0dHA6Ly9mdXRhbmEucHJvLzo6Ojo6OjI1ODk2Mzo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
IP 195.85.23.95:0
ASN #209242 Cloudflare London, LLC
GET /?bcs=b3JoaTgzNDcyMzE5NjdiZGE0MmNjYzk3OTdjOTA4ZDRhZjFmOjoxNzc4NzA6Omh0dHA6Ly9mdXRhbmEucHJvLzo6Ojo6OjI1ODk2Mzo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow HTTP/1.1
Host: no.bongacams.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://futana.pro/
Connection: keep-alive
Cookie: bonga20120608=ff886ad3e7ba2d6ba4a4c44cfc15922a; __cf_bm=SBUkaEN1zahrIfeJSR0CBdXTUN2ULGllQJVsJgH23gw-1670332662-0-Adv5VIvPH2rEQtTofiAIvIDhWaMvTHhW7AwXSdvOVOa+6LjXgiTdDtKA9CK/ppINqLOBDoZK0qXy4s3SIX9nst8=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:43 GMT
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin
x-ua-compatible: IE=edge,chrome=1
cache-control: no-cache, no-store, must-revalidate
x-zone: 5a-web54
set-cookie: ts_type2=1; expires=Wed, 06-Dec-2023 13:17:42 GMT; Max-Age=31535999; path=/; domain=.bongacams.com
fv=ZwL2ZwZmZQp2ZD==; expires=Wed, 06-Dec-2023 13:17:42 GMT; Max-Age=31535999; path=/; domain=.bongacams.com
uh=nxgOoxuyA1cRrRSIMUH2nTugA1u+ID==; expires=Wed, 06-Dec-2023 13:17:42 GMT; Max-Age=31535999; path=/; domain=.bongacams.com
ratr=177870%3A%3A258963%3A%3A2022-12-06%2015%3A17%3A42%3A%3Ahttp%3A%2F%2Ffutana.pro%2F%3A%3A%3A%3A; expires=Wed, 23-Nov-2072 13:17:42 GMT; Max-Age=1576799999; path=/; domain=.bongacams.com; HttpOnly
BONGAH_HIT=8347231967bda42ccc9797c908d4af1f%3A%3A177870%3A%3Ahttp%3A%2F%2Ffutana.pro%2F%3A%3A%3A%3A%3A%3A258963%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3A%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-12-06%2015%3A17%3A42; expires=Sun, 04-Jun-2023 13:17:42 GMT; Max-Age=15551999; path=/; domain=.bongacams.com; secure; HttpOnly; SameSite=None
BONGA_REF=http%3A%2F%2Ffutana.pro%2F; expires=Sun, 04-Jun-2023 13:17:42 GMT; Max-Age=15551999; path=/; domain=.bongacams.com; HttpOnly
reg_ver2=3; expires=Wed, 06-Dec-2023 13:17:42 GMT; Max-Age=31535999; path=/; domain=.bongacams.com
sg=858; expires=Wed, 06-Dec-2023 13:17:42 GMT; Max-Age=31535999; path=/; domain=.bongacams.com; secure; SameSite=None
warning18=%5B%22no_NO%22%5D; expires=Wed, 06-Dec-2023 13:17:43 GMT; Max-Age=31536000; path=/; domain=.bongacams.com; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77554da46b931c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
ezjoinflow.com/src/click12/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089
163.171.128.172200 OK 0 B URL HTTP/2 ezjoinflow.com/src/click12/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
GET /src/click12/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089 HTTP/1.1
Host: ezjoinflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go.cm-trk5.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:47 GMT
content-type: text/html; charset=UTF-8
server: PWS/8.3.1.0.8
via: 1.1 PSmglsjLAX2hu177:8 (W), 1.1 CSP-A15498:5 (W)
x-px: ms CSP-A15498FRA,ms PSmglsjLAX2hu177LAX(origin)
x-ws-request-id: 638f40fa_PSdgflkfFRA1vg90_39375-4124
cache-control: no-store
set-cookie: HMF_CI=49c7eab671c6c84f951de8f44c305faf3106f7113610bbe0c842ff05157d4238f5555836e4455647f162728c207044c0c41a86d4a685bbbfd80a4c33ab0c97f062; Expires=Thu, 05-Jan-23 13:17:47 GMT; Path=/
content-encoding: gzip
X-Firefox-Spdy: h2
landqck.com/ep.php/prmagms:72266/68155:49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089
35.83.66.86302 Found 0 B URL HTTP/2 landqck.com/ep.php/prmagms:72266/68155:49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089
IP 35.83.66.86:0
GET /ep.php/prmagms:72266/68155:49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089 HTTP/1.1
Host: landqck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go.cm-trk5.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 06 Dec 2022 13:17:46 GMT
content-type: text/html; charset=UTF-8
location: https://ezjoinflow.com/src/click12/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089
set-cookie: AWSALB=qJyOIqxO/H0OW4iiNNLOMMkG9f6CZtfbPVIXhviEEyDuab3ioAkFZI0pWnclhqlDFQSDBTeWHbgsXwPdfQdeGNoWZZ8pExCQfuyV1E0hRSJV2pOHwdQeYqhz0QVO; Expires=Tue, 13 Dec 2022 13:17:46 GMT; Path=/
AWSALBCORS=qJyOIqxO/H0OW4iiNNLOMMkG9f6CZtfbPVIXhviEEyDuab3ioAkFZI0pWnclhqlDFQSDBTeWHbgsXwPdfQdeGNoWZZ8pExCQfuyV1E0hRSJV2pOHwdQeYqhz0QVO; Expires=Tue, 13 Dec 2022 13:17:46 GMT; Path=/; SameSite=None; Secure
vip_id=68155.47360-199798; expires=Fri, 09-Dec-2022 13:17:46 GMT; Max-Age=259200; path=/
server: Apache
X-Firefox-Spdy: h2
ezjoinflow.com/src/click12/css/animate.min.css
163.171.128.172200 OK 0 B URL HTTP/2 ezjoinflow.com/src/click12/css/animate.min.css
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
GET /src/click12/css/animate.min.css HTTP/1.1
Host: ezjoinflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezjoinflow.com/src/click12/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089
Cookie: HMF_CI=49c7eab671c6c84f951de8f44c305faf3106f7113610bbe0c842ff05157d4238f5555836e4455647f162728c207044c0c41a86d4a685bbbfd80a4c33ab0c97f062
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:47 GMT
content-type: text/css
server: PWS/8.3.1.0.8
last-modified: Thu, 07 Jan 2021 16:10:13 GMT
etag: W/"5ff73265-e28d"
content-encoding: gzip
age: 80935
via: 1.1 hexi49:2 (W), 1.1 PSdgflkfFRA1vg90:16 (W)
x-px: ht PSdgflkfFRA1vg90FRA
x-ws-request-id: 638f40fb_PSdgflkfFRA1vg90_39375-4134
X-Firefox-Spdy: h2
geoip.entrsecre.com/
163.171.128.172200 OK 0 B IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
GET / HTTP/1.1
Host: geoip.entrsecre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezjoinflow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:47 GMT
content-type: application/javascript
server: PWS/8.3.1.0.8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
via: 1.1 PSmglsjLAX2hu177:8 (W), 1.1 PSdgflkfFRA1je97:15 (W)
x-px: ms PSdgflkfFRA1je97FRA,ms PSmglsjLAX2hu177LAX(origin)
x-ws-request-id: 638f40fb_PSdgflkfFRA1vg90_42523-29757
set-cookie: HMF_CI=55fc96c98df34b3eb48dcafb836a27a3b6e5ac4559c9f0454cc4780012507f657f1631bb3b401b1bc1686e2fd8344aa9f4fb70511d35f94eee846034eb67935133; Expires=Thu, 05-Jan-23 13:17:47 GMT; Path=/
X-Firefox-Spdy: h2
geoip.enlistsecureup.com/?v=1
163.171.128.172200 OK 0 B URL HTTP/2 geoip.enlistsecureup.com/?v=1
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
GET /?v=1 HTTP/1.1
Host: geoip.enlistsecureup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jkwnpsv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:50 GMT
content-type: application/javascript
server: waf/4.32.3-0.el6
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-via: 1.1 PS-DFW-01gGZ147:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:15 (Cdn Cache Server V2.0)
x-ws-request-id: 638f40fe_PSdgflkfFRA1vg90_41287-6132
set-cookie: HMF_CI=95fdbf88e91ea07e3d4f7ccf43a464167b16f53f0ef89478ced57c1a43d448371e26bd2309a6885560179049fa52136823562c0a0456d4d93847da7c4afb74982a; Expires=Thu, 05-Jan-23 13:17:50 GMT; Path=/
X-Firefox-Spdy: h2
jkwnpsv.com/common_tpls/js/iframeResizer.contentWindow.min.js
207.120.33.38200 OK 0 B URL HTTP/2 jkwnpsv.com/common_tpls/js/iframeResizer.contentWindow.min.js
IP 207.120.33.38:0
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: jkwnpsv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jkwnpsv.com/acct/epc68155/add/?epcVIP=48.1066.g51&site=xcg&tbc=ffce00&email=&act=epc68155.47360-199798.49828.37_49828_6592_c89e5ef98290fb11635f1a236c08a87a..cbZz120647865.5089&ofid=1066&epcCID=R2a9o3e6I6o3A5e906Uc0fN4meFb96Z7W&rtid=11174719461
Cookie: PHPSESSID=849965d2a94b3e22bad15c560d9f05a3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 13:17:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:06:03 GMT
etag: W/"56b368db-3445"
section-io-cache-id: e1de2c9620579075d9db93f148ea051c
x-varnish: 43108430 46389036
age: 15919
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 6b43a6a63897c0ace4b0afd224f462dd
X-Firefox-Spdy: h2