javgg.net/jav/stars-178-uncensored-leak/
301 Moved Permanently 0 B URL HTTP/1.1 javgg.net/jav/stars-178-uncensored-leak/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jav/stars-178-uncensored-leak/ HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 09 Nov 2022 06:55:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 09 Nov 2022 07:55:20 GMT
Location: https://javgg.net/jav/stars-178-uncensored-leak/
Server-Timing: cf-q-config;dur=7.0000005507609e-06
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FaVKqxipslHXXzpktqfbFf8Yv0ud7nWOAAaGqUBhfa88mZrflTpfQXyPXlseTLxUm7rSZmR6bOcv00mEicrAGTLig%2FwFwD9H1igiQYPygcTPtllScgeLJaeFEg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7674a46a8e471c02-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6361
Expires: Wed, 09 Nov 2022 08:41:21 GMT
Date: Wed, 09 Nov 2022 06:55:20 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5539
Cache-Control: max-age=104890
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 06:55:20 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 12:03:30 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20141
Expires: Wed, 09 Nov 2022 12:31:01 GMT
Date: Wed, 09 Nov 2022 06:55:20 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 8375ca61cb95f0c18ca826e5a14e4747
a3b7f9e721df44a6cf795f219b8954b0c61fe3c1
4ad9f6f1a7f16adb9d7733ed9a4685346f6eb84548aa1aa8fb7956a6a2ec9382
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4AD9F6F1A7F16ADB9D7733ED9A4685346F6EB84548AA1AA8FB7956A6A2EC9382"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4869
Expires: Wed, 09 Nov 2022 08:16:29 GMT
Date: Wed, 09 Nov 2022 06:55:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4Gi0ujm/rgjkfsIJnFo30iHJzxA2LDiMYG6BF3EF8QKqCkC/jwe6ZHLo84sOSj+N7dY50RDsPdw=
x-amz-request-id: VHHB7JK5Z33GRW0T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 06:11:37 GMT
age: 2624
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
images.javgg.net/wp-content/themes/javggnet/assets/img/javplay.png
200 OK 1.0 kB URL HTTP/2 images.javgg.net/wp-content/themes/javggnet/assets/img/javplay.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 02379a2356d44203efcd1fa59cda916e
3736b98e091e6d361242df1233fe83189923811f
64eacb972b0fa91c1d9c29748eac3d80f516bdf421ea6f6430e2293edd5bd97b
GET /wp-content/themes/javggnet/assets/img/javplay.png HTTP/1.1
Host: images.javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: image/webp
content-length: 1036
cache-control: max-age=2678400
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1209
content-disposition: inline; filename="javplay.webp"
vary: Accept
etag: "607f4364-4b9"
expires: Thu, 08 Dec 2022 13:53:32 GMT
last-modified: Tue, 20 Apr 2021 21:11:00 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 61290
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIm6ZhlPEDJPAKNW77%2B5ZLXw7XEBRivpui85Cg9%2F37lBfHyfH5jhTZXR3SAH2j5wsnlt0DU7jtvYnP7xCGuJwUVaDov55fqBLq4NH%2B4wBMrbVy3RWkHVZP8gELpT%2BrMVNRQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7674a46d597ab51e-OSL
X-Firefox-Spdy: h2
images.javgg.net/wp-content/uploads/2021/10/STARS-178_Leak.jpg
200 OK 155 kB URL HTTP/2 images.javgg.net/wp-content/uploads/2021/10/STARS-178_Leak.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x535, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 155 kB (155250 bytes)
Hash 3fe0c74ee1574150dcf4b1945d9ed3a9
28c10d76e4012606d42d91eb4f1b006eb353d75b
a80dd8db9e3f5b936132ed75f07dc76cd498d6f05a77f640a37a1fc7fd15e356
GET /wp-content/uploads/2021/10/STARS-178_Leak.jpg HTTP/1.1
Host: images.javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: image/webp
content-length: 155250
cache-control: max-age=2678400
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=217300
content-disposition: inline; filename="STARS-178_Leak.webp"
vary: Accept
etag: "616ef114-350d4"
expires: Thu, 08 Dec 2022 14:29:02 GMT
last-modified: Tue, 19 Oct 2021 16:23:48 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klaH%2Fth5bKykRFwqfjG%2BOyK9D0rObU0QGcabXpmnsB8r7NNhGvNc8LMhMkZLCI%2BYoXAJCFXjAbAoIhJ%2BVkktGM%2FyKlezEQVqMiv14KAoUgX3IGmJm%2BEEObkBlqOvXR%2BcBG8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7674a46d597bb51e-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2cc2a9c89cbd9d2da1fd4a79a7d8b1d8
b2a4971855e26ff842f71d5dd4fff2596a83bd59
3bdf6aea6d003d0b087c13a74034f422cb09a59fd5c97b2b48ce590dfca6109a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 06:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.imgur.com/994HdME.png
200 OK 14 kB IP
File type PNG image data, 239 x 39, 8-bit/color RGBA, non-interlaced\012- data
Hash 7bcc619ae19f4ef176aeed227ed1741a
e6fbfa6ad4d9247b9311f5ce0a70718efaf5d0ee
ca3dbe559ee1d591f31bd67fdc5e9c0a5a8b606e4869087f127842194f9c8949
GET /994HdME.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 20:18:37 GMT
etag: "7bcc619ae19f4ef176aeed227ed1741a"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 09 Nov 2022 06:55:21 GMT
age: 1075004
x-served-by: cache-iad-kiad7000075-IAD, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 5563, 3
x-timer: S1667976921.267667,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 14025
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash fabe54d502192b0b0bc692b8195068b1
bc74cd657e03f99855d8247d844e5a2df1843f38
bfb5eabd0b662f8374e4b9d34738452315ecdf12e3f0bed03126cf58292f4c35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4956
Cache-Control: max-age=90594
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 06:55:21 GMT
Etag: "6369fa5f-117"
Expires: Thu, 10 Nov 2022 08:05:15 GMT
Last-Modified: Tue, 08 Nov 2022 06:42:39 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
javgg.net/fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 javgg.net/fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://javgg.net/jav/stars-178-uncensored-leak/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: font/woff2
content-length: 15744
cf-ray: 7674a46df9eab51e-OSL
accept-ranges: bytes
age: 61289
cache-control: public, max-age=31536000
expires: Thu, 02 Nov 2023 19:33:54 GMT
last-modified: Wed, 11 May 2022 19:24:48 GMT
cf-cache-status: HIT
cf-apo-via: proxy
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWdUzjgG0z1740i5Xovf6f9RcIZyJGZHfBnyBZ9KmO4uhe236gj7IhgwRu5fso7aiuC%2FQPjDUTzWEebibkhDptUovy3WbbaUeD4QH98wbSc0yS435FUHrnGaAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
images.javgg.net/wp-content/cache/min/1/c614f05803dcac846760acc4669cf615.css
200 OK 41 kB URL HTTP/2 images.javgg.net/wp-content/cache/min/1/c614f05803dcac846760acc4669cf615.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9c8e03116ef8e5aa0b244c42181e9eb7
0e1f154777a2327d705b051d95b094941d43fb2d
59c0662f3af91c0bfbbfd314707429805dcb5d7442a34a4a7412a2a99b85c536
GET /wp-content/cache/min/1/c614f05803dcac846760acc4669cf615.css HTTP/1.1
Host: images.javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: text/css
cache-control: max-age=2678400
cf-bgj: minify
cf-polished: origSize=244629
etag: W/"63692ae2-3bb95"
expires: Wed, 09 Nov 2022 01:53:28 GMT
last-modified: Mon, 07 Nov 2022 15:57:22 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cf-cache-status: HIT
age: 61290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k8rUhFN%2FKb7UvglefDq9IMoB1Cea6m%2BX1nkYHy06wdXf4m1ZaRJBRQ2vLzXFudrJQq7KEJK8Q97EclSFylizIIfZ1d%2BX9WfX7RXmlrQNGDWsVYJspA%2Bs17t90iAoaiedPKQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7674a46d5979b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.imgur.com/i3KhBHf.png
200 OK 1.5 kB IP
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 03c39cd2b46ebe7ceaf85278586a9bf9
40fe1c7b8f5ab131132b7839721625ac2eb0703b
92ef34eff00bf7668cf983650c58008f805f4cf40db53caedf32c441af9a4253
GET /i3KhBHf.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://images.javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Mar 2021 12:10:41 GMT
etag: "03c39cd2b46ebe7ceaf85278586a9bf9"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 09 Nov 2022 06:55:21 GMT
age: 3687674
x-served-by: cache-iad-kcgs7200070-IAD, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 11695, 3
x-timer: S1667976921.438375,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 1508
X-Firefox-Spdy: h2
javgg.net/wp-content/themes/javggnet/assets/fontawesome/webfonts/fa-solid-900.woff2
200 OK 141 kB URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/fontawesome/webfonts/fa-solid-900.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 140996, version 331.-31392\012- data
Size 141 kB (140996 bytes)
Hash 25d740d42658b6e2c293ce7b3322aac7
41cc9ae4b5dd70fd3988059dfb864f20f99ae371
8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2
GET /wp-content/themes/javggnet/assets/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://javgg.net/wp-content/themes/javggnet/assets/fontawesome/css/all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: font/woff2
content-length: 140996
last-modified: Tue, 06 Oct 2020 00:20:56 GMT
etag: "5f7bb868-226c4"
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cache-control: max-age=2678400
cf-cache-status: HIT
age: 58127
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cptc6Dv%2BdDcElSZJIIQRWnJKylJmev8Zgv2ROU2qHOXQ5Pn%2FaZ1uzwzdfHjwFXLZXgJ2e84hmbh8fJXLpBOXgyxO2JRPa48CHsHzDZXjGJ14blvzR0hry8WVaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7674a46f1aafb51e-OSL
X-Firefox-Spdy: h2
javgg.net/fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 javgg.net/fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://javgg.net/jav/stars-178-uncensored-leak/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: font/woff2
content-length: 15920
cf-ray: 7674a46f0aa6b51e-OSL
accept-ranges: bytes
age: 61289
cache-control: public, max-age=31536000
expires: Thu, 02 Nov 2023 19:33:56 GMT
last-modified: Wed, 11 May 2022 19:24:45 GMT
cf-cache-status: HIT
cf-apo-via: proxy
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3srSxke816dZSUTD814wyIIfDLAFwup8awmQcbTQDaTFNlyTt1eD2qolN7ftu%2BM14UXs0mgutaXjIQVqX8nMeAtpwpPVif6pvkX3RgOi0IgNtU4qJxKztR8HxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
images.javgg.net/wp-content/cache/min/1/800aa23d745b8189827c94000408f0c5.js
200 OK 97 kB URL HTTP/2 images.javgg.net/wp-content/cache/min/1/800aa23d745b8189827c94000408f0c5.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3284cb4de9db1e8200d0ee016045b32d
2f6c19e26b6dbe396a7f2edc298b209c3e449cd3
37da2cf46c8632dd4d4e602a3e7b60e892952a15f70298dc891a5bed6a6c480d
GET /wp-content/cache/min/1/800aa23d745b8189827c94000408f0c5.js HTTP/1.1
Host: images.javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: application/javascript
cache-control: max-age=2678400
cf-bgj: minify
cf-polished: origSize=260960
etag: W/"63692ae2-3fb60"
expires: Wed, 09 Nov 2022 01:53:28 GMT
last-modified: Mon, 07 Nov 2022 15:57:22 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cf-cache-status: HIT
age: 61290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adWwTB8k9p2f5HYgER2MCSPiF58SJwSImSWFvZdJVNtruH%2FCluDZvj0Kkq1c3odikr0mdHWEPhRH2mMEjTypqrkbxn2NS2G8KDAsFpe6iMQkrDA10ihoM%2Bw%2F8kdcN%2FOPyrU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7674a46d6986b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6110
Cache-Control: max-age=100395
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 06:55:21 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:48:36 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
wtfdontblock.theporndudes.xyz/api/click/11834578692331366095?c=90
200 OK 0 B URL HTTP/2 wtfdontblock.theporndudes.xyz/api/click/11834578692331366095?c=90
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/11834578692331366095?c=90 HTTP/1.1
Host: wtfdontblock.theporndudes.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wtfdontblock.theporndudes.xyz/api/spots/338183?p=1&s1=%afterplayer2%&kw=
Cookie: nauid=0D1oRapdbSUChypKuuM7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 06:55:22 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private
X-Firefox-Spdy: h2
wtfdontblock.theporndudes.xyz/api/click/10287687133641823095?c=90
200 OK 0 B URL HTTP/2 wtfdontblock.theporndudes.xyz/api/click/10287687133641823095?c=90
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/10287687133641823095?c=90 HTTP/1.1
Host: wtfdontblock.theporndudes.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wtfdontblock.theporndudes.xyz/api/spots/338183?p=1&s1=%afterplayer1%&kw=
Cookie: nauid=0D1oRapdbSUChypKuuM7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 06:55:22 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private
X-Firefox-Spdy: h2
adsnot.1javguru.xyz/api/click/9965907797258038095?c=90
200 OK 0 B URL HTTP/2 adsnot.1javguru.xyz/api/click/9965907797258038095?c=90
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /api/click/9965907797258038095?c=90 HTTP/1.1
Host: adsnot.1javguru.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsnot.1javguru.xyz/api/spots/406237?p=1&s1=%beforeplayer2%&kw=beforeplayer2
Cookie: nauid=D7TB2sAdvwJoctboQL9w
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 06:55:22 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3b26e900b9be930a07101e0d5f5de579
fc84082e3eef2e000f255f1cbd4cf45b694a2118
1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 06:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect
200 OK 35 B URL HTTP/2 www.google-analytics.com/collect
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 280
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://javgg.net
date: Wed, 09 Nov 2022 06:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: biWYSSUYFd0nkS3P/2237A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AArvWat2LJ6JGzzT9jwyuiAtxTs=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3b26e900b9be930a07101e0d5f5de579
fc84082e3eef2e000f255f1cbd4cf45b694a2118
1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 06:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 582f67485038686afdf6b49fc10784a6
1a8a9cd32be0ce620a9a184ca0243fcbb7b71471
935b41fa48e947bbabd6fab89ebda78eab05935c04e9b81ad85a04912e6dd385
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 06:55:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 13 Nov 2022 05:58:49 GMT
ETag: "1a8a9cd32be0ce620a9a184ca0243fcbb7b71471"
Last-Modified: Wed, 09 Nov 2022 05:58:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 693
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7674a474dfadb4f4-OSL
ocsp.digicert.com/
200 OK 279 B IP
Hash 256a4176c9ca3ba79374e6542268fb13
ee421799cc790dce0439a671ecadfc0fd5772cb3
cc9422c7584f405abbfbc5ddbb419d4ae92ff0086bddbc928ca72c1f34b51806
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5292
Cache-Control: max-age=149237
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 06:55:22 GMT
Etag: "636ade23-117"
Expires: Fri, 11 Nov 2022 00:22:39 GMT
Last-Modified: Tue, 08 Nov 2022 22:54:27 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
cdn.pncloudfl.com/pn/dc0/fd3/e05/dc0fd3e0512d80fc75e5f055b172030cf3df86c2.png
200 OK 43 kB URL HTTP/2 cdn.pncloudfl.com/pn/dc0/fd3/e05/dc0fd3e0512d80fc75e5f055b172030cf3df86c2.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash cb208d3925e510fe83c48be3eaf33bff
bd82e249990637dadf8f1ea7d7aabd9363df5a04
6fb7577fd58dacdf5835e214c14d3eca60a2d26263a412060a9c521e604254ba
GET /pn/dc0/fd3/e05/dc0fd3e0512d80fc75e5f055b172030cf3df86c2.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/webp
content-length: 42896
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=69316
content-disposition: inline; filename="dc0fd3e0512d80fc75e5f055b172030cf3df86c2.webp"
etag: fdd81e36457e2046a15e41f59c1cdcae
expires: Thu, 10 Nov 2022 17:45:46 GMT
last-modified: Mon, 23 Dec 2019 11:18:43 GMT
vary: Accept
x-openstack-request-id: txdea080780571400b956b5-0061b07b9c
x-proxy-cache: HIT
x-timestamp: 1577099922.38264
x-trans-id: txdea080780571400b956b5-0061b07b9c
cf-cache-status: HIT
age: 47376
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 7674a475487bb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.javgg.net/wp-content/uploads/2021/09/ssis181pl-300x170.jpg
200 OK 19 kB URL HTTP/2 images.javgg.net/wp-content/uploads/2021/09/ssis181pl-300x170.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Hash c79b704ee3d9670899a5453c3911f48d
7d5735e3395a6cdcfca839f0d3cb3dff60c60b1e
8960e324e82ec083f3d5f9a3cbd6bf58408a8a27ffb472688c4260e30ef95e0b
GET /wp-content/uploads/2021/09/ssis181pl-300x170.jpg HTTP/1.1
Host: images.javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: __cf_bm=dyqEQf5OZaR9wEgOwFKGSi.0aDwp5UZGt.3KxUxaSFM-1667976922-0-Ac52Q1G1US4kd9NizHMu6gRlIp6j3EVWncEOR56qA1jlkmkbBfVTkIh+K7Zyi1nXlDiwpbO8T8z1/P5EnsTaX+cL3AeodhuYgqjD0X8eEwke4SkSCsQh1PT/fmZHP3QjOWJIFubFDS0jf7aqfR1ciq2x1BTjd9Kplf58es60ur/O6bNwVdW+FiApGte9q3n+2a+lLoukeZnk2nbBhUcql0ouxzA93uS941ptkXp0q44e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/jpeg
content-length: 18568
cache-control: max-age=2678400
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=22899, status=webp_bigger
etag: "61402855-5973"
expires: Thu, 08 Dec 2022 13:53:31 GMT
last-modified: Tue, 14 Sep 2021 04:43:01 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 61290
accept-ranges: bytes
server-timing: cf-q-config;dur=5.9999993027304e-06
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eof1oeqsPdA6r0X7zdLBc5KjmppgrXt5WXqGXNXgAzwUhwH2oK6hMQIErxrmT3hlXHzka0nTH4Cuh2wa3rRWGvmAHk5DrFmKnRnBCgu4MjVO8jK82BSLlPqiLV4V6bglUko%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7674a475787fb51e-OSL
X-Firefox-Spdy: h2
images.javgg.net/wp-content/uploads/2021/10/mide00988pl-300x170.jpg
200 OK 17 kB URL HTTP/2 images.javgg.net/wp-content/uploads/2021/10/mide00988pl-300x170.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d4cddacb09f257184453238bad82b206
a8d5ba7492c2fee66df4ad7321b59d04938ef6f4
b156cbf5738c5024f308ee1ec2691da71fb69f15ee822bb869a5f8198a5bab0e
GET /wp-content/uploads/2021/10/mide00988pl-300x170.jpg HTTP/1.1
Host: images.javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: __cf_bm=dyqEQf5OZaR9wEgOwFKGSi.0aDwp5UZGt.3KxUxaSFM-1667976922-0-Ac52Q1G1US4kd9NizHMu6gRlIp6j3EVWncEOR56qA1jlkmkbBfVTkIh+K7Zyi1nXlDiwpbO8T8z1/P5EnsTaX+cL3AeodhuYgqjD0X8eEwke4SkSCsQh1PT/fmZHP3QjOWJIFubFDS0jf7aqfR1ciq2x1BTjd9Kplf58es60ur/O6bNwVdW+FiApGte9q3n+2a+lLoukeZnk2nbBhUcql0ouxzA93uS941ptkXp0q44e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/webp
content-length: 17316
cache-control: max-age=2678400
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=20497
content-disposition: inline; filename="mide00988pl-300x170.webp"
vary: Accept
etag: "6162e3be-5011"
expires: Thu, 08 Dec 2022 13:53:31 GMT
last-modified: Sun, 10 Oct 2021 12:59:42 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 61290
accept-ranges: bytes
server-timing: cf-q-config;dur=4.9999998736894e-06
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTW7IyJ%2FnWXtJqrQtRkRmNQBJJJFBYFktOigrSuLW17yWXvdzwPJIwYRdjNY8vuf4tjcU5AixK1PxsUZtsR8T%2BaHKCYSGT2ytDsNibfaleceX%2FxfqxaEZSF9bvr2fO5T7mA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7674a475687db51e-OSL
X-Firefox-Spdy: h2
images.javgg.net/wp-content/uploads/2021/09/1stars120pl-1-300x170.jpg
200 OK 24 kB URL HTTP/2 images.javgg.net/wp-content/uploads/2021/09/1stars120pl-1-300x170.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 35108fe29d82aadec6b222e179bc067e
09bc26a3e70e3c656aa25bcd0292755b05f816d3
8a81a479eff8f040c80fdf19b462bdcf5c9fcbf4d581e7dc373d9dc17fbda078
GET /wp-content/uploads/2021/09/1stars120pl-1-300x170.jpg HTTP/1.1
Host: images.javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: __cf_bm=dyqEQf5OZaR9wEgOwFKGSi.0aDwp5UZGt.3KxUxaSFM-1667976922-0-Ac52Q1G1US4kd9NizHMu6gRlIp6j3EVWncEOR56qA1jlkmkbBfVTkIh+K7Zyi1nXlDiwpbO8T8z1/P5EnsTaX+cL3AeodhuYgqjD0X8eEwke4SkSCsQh1PT/fmZHP3QjOWJIFubFDS0jf7aqfR1ciq2x1BTjd9Kplf58es60ur/O6bNwVdW+FiApGte9q3n+2a+lLoukeZnk2nbBhUcql0ouxzA93uS941ptkXp0q44e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/webp
content-length: 24202
cache-control: max-age=2678400
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=26648
content-disposition: inline; filename="1stars120pl-1-300x170.webp"
vary: Accept
etag: "61502120-6818"
expires: Thu, 08 Dec 2022 13:53:31 GMT
last-modified: Sun, 26 Sep 2021 07:28:32 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 61290
accept-ranges: bytes
server-timing: cf-q-config;dur=6.0000002122251e-06
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4v9EtdMoIkLQwL7H2qB5yLcg8HNf1OE3wPcxFos5H3KvnA15PHdNLyONV5datl8rebJqTOc53A3Bt5B9B%2FJ2o9096fJg8HGJWEZWW2r16VRlUp9vMf32wLOTeOXSKEQ%2Bh2g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7674a4757883b51e-OSL
X-Firefox-Spdy: h2
images.javgg.net/wp-content/uploads/2021/10/STARS-094_Leak-300x170.jpg
200 OK 20 kB URL HTTP/2 images.javgg.net/wp-content/uploads/2021/10/STARS-094_Leak-300x170.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Hash a212f9621aab4de6ec66a773aac2e0a5
27815fcf5cf8b0123fb1ada97ebd722c57d08677
a9bdf94d72043d2ee8d6646ae3f0a426bfbd38cc85fc2a60ccd7459bb7185d81
GET /wp-content/uploads/2021/10/STARS-094_Leak-300x170.jpg HTTP/1.1
Host: images.javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: __cf_bm=dyqEQf5OZaR9wEgOwFKGSi.0aDwp5UZGt.3KxUxaSFM-1667976922-0-Ac52Q1G1US4kd9NizHMu6gRlIp6j3EVWncEOR56qA1jlkmkbBfVTkIh+K7Zyi1nXlDiwpbO8T8z1/P5EnsTaX+cL3AeodhuYgqjD0X8eEwke4SkSCsQh1PT/fmZHP3QjOWJIFubFDS0jf7aqfR1ciq2x1BTjd9Kplf58es60ur/O6bNwVdW+FiApGte9q3n+2a+lLoukeZnk2nbBhUcql0ouxzA93uS941ptkXp0q44e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/jpeg
content-length: 19681
cache-control: max-age=2678400
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=24168, status=webp_bigger
etag: "6173aa98-5e68"
expires: Thu, 08 Dec 2022 13:53:31 GMT
last-modified: Sat, 23 Oct 2021 06:24:24 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 61290
accept-ranges: bytes
server-timing: cf-q-config;dur=2.9999991966179e-06
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwWwfENyuX6eZ7bGkhPIHlZV6n2di6kPP5FDeIcFu%2Bz%2BOyIdUNhIiWrDwvbDjG8a9Jpw8rptl23ZwfmrFwpJ7FOVWQbhnfQX0sZqe1PgsDXe%2FlqDqi4v8%2BS6QTjWi4eVRNs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7674a4757887b51e-OSL
X-Firefox-Spdy: h2
images.javgg.net/wp-content/uploads/2021/10/1sdmu963pl-1-300x170.jpg
200 OK 21 kB URL HTTP/2 images.javgg.net/wp-content/uploads/2021/10/1sdmu963pl-1-300x170.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Hash 09056cf4d42fbd2e146b12fcd41164ab
54b11463632d97c06497e4757f519ebff8186dc1
cc1f0fa96cce5d2137f6b282fe6b3455ce61547de96a9d0461ae2fe9dc286f9a
GET /wp-content/uploads/2021/10/1sdmu963pl-1-300x170.jpg HTTP/1.1
Host: images.javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: __cf_bm=dyqEQf5OZaR9wEgOwFKGSi.0aDwp5UZGt.3KxUxaSFM-1667976922-0-Ac52Q1G1US4kd9NizHMu6gRlIp6j3EVWncEOR56qA1jlkmkbBfVTkIh+K7Zyi1nXlDiwpbO8T8z1/P5EnsTaX+cL3AeodhuYgqjD0X8eEwke4SkSCsQh1PT/fmZHP3QjOWJIFubFDS0jf7aqfR1ciq2x1BTjd9Kplf58es60ur/O6bNwVdW+FiApGte9q3n+2a+lLoukeZnk2nbBhUcql0ouxzA93uS941ptkXp0q44e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/jpeg
content-length: 21391
cache-control: max-age=2678400
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=38990, status=webp_bigger
etag: "615bebc5-984e"
expires: Thu, 08 Dec 2022 13:53:31 GMT
last-modified: Tue, 05 Oct 2021 06:08:05 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 61290
accept-ranges: bytes
server-timing: cf-q-config;dur=6.0000002122251e-06
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XgDFgiLKOWXOcpqtsRcHzvBfbh%2FgCShtVxo3ydsD9rVzKRQ8KdccW8aR1680EKEM388PA9URjQsoiqeUL860EQLO0SpDbizgAIDd3iUJ7q7UCKp4GTLphwkNHDt5akJL7Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7674a475788bb51e-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 3d134bb4b26262948f9ca6eafc660c93
424c61d8ce752ab94a2caa39009b514196bff109
49cccf30959161f5f053f865fc8dbb0b1fe2c84bb2b79371b92f802c19e204fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4902
Cache-Control: max-age=162206
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 06:55:22 GMT
Etag: "636b1252-117"
Expires: Fri, 11 Nov 2022 03:58:48 GMT
Last-Modified: Wed, 09 Nov 2022 02:37:06 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
creative.xxxvjmp.com/widgets/v4/Universal?isNew=0&broadcastHD=0&broadcastVR=0&broadcastMobile=0&isPerson=0&isFace=0&goalEnabled=0&isMlCountry=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&strict=0&applyGeobans=0&tag=girls%2Fchinese&stripcashR=0&language=en&autoplay=all&thumbFit=cover&hideLiveBadge=0&hideModelName=0&autoplayForce=1&playButton=0&thumbType=default&actionButtonPlacement=bottom&thumbSizeKey=big&thumbsMargin=5&responsive=1&hideButton=1&hideTitle=1&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&userId=5e6ff13072051fdc172c3b2a2c52f266c758c4e6c7837dc97b8bcdbdc61ed761&campaignId=widget300100
200 OK 2.3 kB URL HTTP/2 creative.xxxvjmp.com/widgets/v4/Universal?isNew=0&broadcastHD=0&broadcastVR=0&broadcastMobile=0&isPerson=0&isFace=0&goalEnabled=0&isMlCountry=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&strict=0&applyGeobans=0&tag=girls%2Fchinese&stripcashR=0&language=en&autoplay=all&thumbFit=cover&hideLiveBadge=0&hideModelName=0&autoplayForce=1&playButton=0&thumbType=default&actionButtonPlacement=bottom&thumbSizeKey=big&thumbsMargin=5&responsive=1&hideButton=1&hideTitle=1&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&userId=5e6ff13072051fdc172c3b2a2c52f266c758c4e6c7837dc97b8bcdbdc61ed761&campaignId=widget300100
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 32f204140e18224e97e4974ef24f5167
540d67099fcb3e22415c764721e14f5e25f30da0
eb6e5c0d689d6e8ad6071b41846b22f1549ecbbcd448c148605117ae0348a3e9
GET /widgets/v4/Universal?isNew=0&broadcastHD=0&broadcastVR=0&broadcastMobile=0&isPerson=0&isFace=0&goalEnabled=0&isMlCountry=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&strict=0&applyGeobans=0&tag=girls%2Fchinese&stripcashR=0&language=en&autoplay=all&thumbFit=cover&hideLiveBadge=0&hideModelName=0&autoplayForce=1&playButton=0&thumbType=default&actionButtonPlacement=bottom&thumbSizeKey=big&thumbsMargin=5&responsive=1&hideButton=1&hideTitle=1&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&userId=5e6ff13072051fdc172c3b2a2c52f266c758c4e6c7837dc97b8bcdbdc61ed761&campaignId=widget300100 HTTP/1.1
Host: creative.xxxvjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: text/html
last-modified: Tue, 08 Nov 2022 07:54:23 GMT
expires: Wed, 09 Nov 2022 06:55:23 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
cf-cache-status: HIT
set-cookie: __cflb=04dToQvE4FPLng5Mz6amGAT9NT3YTLxKFLVTV3zihi; SameSite=None; Secure; path=/; expires=Thu, 10-Nov-22 05:55:21 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 7674a4707e7db4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lkpmprksau.com/chicken.gif?z=1859604&pb=43627957a24eecb560f15e5a17776f661667984122&psp=6DhzHCo1uGDcL9OueV3w4zVfGcy7mWUi2syV_B_w4fzc6LePHopue4krkG2ABcDnkff9R4oXP8e8C4xy_PFcI-ssdCNFlqhTApxihMkhcKuyrBcLzkqDSyGuda1hsTe-hSTeMyQ2U5ARK9_Ald34z9eK35grZp7zF3V0Yl1XA354YiPkUAkKwR8706xkIwXDKEBq57QJE6w1w1KA8IwBwXqPY8Y4zyeP1MYm-IfrijdNwvy-Ezv_vDCL5SZaXf54NpEcEBT4TKHAIy1rUh4VVnkJrUsNSS1YdT-PrwbnSi9OQAHnh3mcLw1vyiC0znxxFmEa0EpIK9Nv-0D4nHwEXbY88NOlwLdALt0v2LonX-JN-QudyMZ6YUYns9DIjEMur-QVkdliLJG34U1mBEeZyjfMFgW4YKw1JHttLT7ELnaAqWQBZMkocZKEXMusBYZSkwczDwb29dkasv7gcHxMiL_5XxbCW1xqd4m_VkMcmk_B_TvDlpGNzQV-cPVFLPHSuqf6usN-FB304V5jQJ198JlmM05AptfFbSbiXWV05wUM9Z5voxICOTDwosDKvZmyQHsGfxxrzZdmm7EU5rGgFh77-0cO0MozGlpGVG4f4QDqHpb2-htZMYNKcgVcSAopg-9sEbGEagc_Iov7KyHnfCNTjnIRSJVV_sJR49zPyF2yfwDx18EcaP8=&abvar=0&os=0
200 OK 43 B URL HTTP/2 lkpmprksau.com/chicken.gif?z=1859604&pb=43627957a24eecb560f15e5a17776f661667984122&psp=6DhzHCo1uGDcL9OueV3w4zVfGcy7mWUi2syV_B_w4fzc6LePHopue4krkG2ABcDnkff9R4oXP8e8C4xy_PFcI-ssdCNFlqhTApxihMkhcKuyrBcLzkqDSyGuda1hsTe-hSTeMyQ2U5ARK9_Ald34z9eK35grZp7zF3V0Yl1XA354YiPkUAkKwR8706xkIwXDKEBq57QJE6w1w1KA8IwBwXqPY8Y4zyeP1MYm-IfrijdNwvy-Ezv_vDCL5SZaXf54NpEcEBT4TKHAIy1rUh4VVnkJrUsNSS1YdT-PrwbnSi9OQAHnh3mcLw1vyiC0znxxFmEa0EpIK9Nv-0D4nHwEXbY88NOlwLdALt0v2LonX-JN-QudyMZ6YUYns9DIjEMur-QVkdliLJG34U1mBEeZyjfMFgW4YKw1JHttLT7ELnaAqWQBZMkocZKEXMusBYZSkwczDwb29dkasv7gcHxMiL_5XxbCW1xqd4m_VkMcmk_B_TvDlpGNzQV-cPVFLPHSuqf6usN-FB304V5jQJ198JlmM05AptfFbSbiXWV05wUM9Z5voxICOTDwosDKvZmyQHsGfxxrzZdmm7EU5rGgFh77-0cO0MozGlpGVG4f4QDqHpb2-htZMYNKcgVcSAopg-9sEbGEagc_Iov7KyHnfCNTjnIRSJVV_sJR49zPyF2yfwDx18EcaP8=&abvar=0&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1859604&pb=43627957a24eecb560f15e5a17776f661667984122&psp=6DhzHCo1uGDcL9OueV3w4zVfGcy7mWUi2syV_B_w4fzc6LePHopue4krkG2ABcDnkff9R4oXP8e8C4xy_PFcI-ssdCNFlqhTApxihMkhcKuyrBcLzkqDSyGuda1hsTe-hSTeMyQ2U5ARK9_Ald34z9eK35grZp7zF3V0Yl1XA354YiPkUAkKwR8706xkIwXDKEBq57QJE6w1w1KA8IwBwXqPY8Y4zyeP1MYm-IfrijdNwvy-Ezv_vDCL5SZaXf54NpEcEBT4TKHAIy1rUh4VVnkJrUsNSS1YdT-PrwbnSi9OQAHnh3mcLw1vyiC0znxxFmEa0EpIK9Nv-0D4nHwEXbY88NOlwLdALt0v2LonX-JN-QudyMZ6YUYns9DIjEMur-QVkdliLJG34U1mBEeZyjfMFgW4YKw1JHttLT7ELnaAqWQBZMkocZKEXMusBYZSkwczDwb29dkasv7gcHxMiL_5XxbCW1xqd4m_VkMcmk_B_TvDlpGNzQV-cPVFLPHSuqf6usN-FB304V5jQJ198JlmM05AptfFbSbiXWV05wUM9Z5voxICOTDwosDKvZmyQHsGfxxrzZdmm7EU5rGgFh77-0cO0MozGlpGVG4f4QDqHpb2-htZMYNKcgVcSAopg-9sEbGEagc_Iov7KyHnfCNTjnIRSJVV_sJR49zPyF2yfwDx18EcaP8=&abvar=0&os=0 HTTP/1.1
Host: lkpmprksau.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=22110901550b1f36c04d0245b98da5a66cca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: ppucnt=0; Path=/; Expires=Thu, 10 Nov 2022 06:55:22 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
lkpmprksau.com/chicken.gif?z=1859604&pb=43627957a24eecb560f15e5a17776f661667984122&psp=0-vlr9WucDHeIuwjss3GamfvE5fa6deCxE-diguUsyXERlzoYGeQa7yYGHLBDMUmCeq6ENl75Ko8KtJcrmEQpMUGOhICGPGg5rHjOH-MyxnBgnh37jfRjWH9tHNa-NBFEWyXzLqZx7ecUYb7WRHEtFwBPpdZblzCY25_1vLLFYU5MuLeaqIpySANs-AbHBbZzxAkmJuHfHB_B648xCMYS1MY274qyFISQnUgQiptrHOmuwxtu36s8S-fglIZk3IcxvgDcGvCf2CVqOpGxHcnUjcuaZxNXf9dJ3eWFO-VLlvuHez0qfQ3emRWLBXvJV41SRyKm6uJynLuH_ztUHYAHbcNIBRIxifmi3pwvGkvqUPvTqO86kDMnFIqqLIj0u6DKoJG_DXUIYHDOfKgNmdOaXFJN9SoNdlvYR3KWfH66YE8NGQXBM3FgLCveZOXj7MnQUdkwDbz_mPvaL6XD9WyQZgzyZ30dJkT8GWjHK7CW0k8b-b9o429yqJFvUE-oPfOqVwYxYi9vr0OEEESHh-Bieov3RDR6QIX1PzwxgoSuUkwQzsKF7k0DZRkBbqwLhMMCJ4iQnyGWqKFry-6YqE_X1-xj2EwNyIwrzph6pddayWnNEFJjgokvCE7HMqC9wMamqVn-8rm8CLF9k1V64340DfkVyEjerE6v5stWE8LRXPcO8L-vshl8dY=&abvar=0&os=0
200 OK 43 B URL HTTP/2 lkpmprksau.com/chicken.gif?z=1859604&pb=43627957a24eecb560f15e5a17776f661667984122&psp=0-vlr9WucDHeIuwjss3GamfvE5fa6deCxE-diguUsyXERlzoYGeQa7yYGHLBDMUmCeq6ENl75Ko8KtJcrmEQpMUGOhICGPGg5rHjOH-MyxnBgnh37jfRjWH9tHNa-NBFEWyXzLqZx7ecUYb7WRHEtFwBPpdZblzCY25_1vLLFYU5MuLeaqIpySANs-AbHBbZzxAkmJuHfHB_B648xCMYS1MY274qyFISQnUgQiptrHOmuwxtu36s8S-fglIZk3IcxvgDcGvCf2CVqOpGxHcnUjcuaZxNXf9dJ3eWFO-VLlvuHez0qfQ3emRWLBXvJV41SRyKm6uJynLuH_ztUHYAHbcNIBRIxifmi3pwvGkvqUPvTqO86kDMnFIqqLIj0u6DKoJG_DXUIYHDOfKgNmdOaXFJN9SoNdlvYR3KWfH66YE8NGQXBM3FgLCveZOXj7MnQUdkwDbz_mPvaL6XD9WyQZgzyZ30dJkT8GWjHK7CW0k8b-b9o429yqJFvUE-oPfOqVwYxYi9vr0OEEESHh-Bieov3RDR6QIX1PzwxgoSuUkwQzsKF7k0DZRkBbqwLhMMCJ4iQnyGWqKFry-6YqE_X1-xj2EwNyIwrzph6pddayWnNEFJjgokvCE7HMqC9wMamqVn-8rm8CLF9k1V64340DfkVyEjerE6v5stWE8LRXPcO8L-vshl8dY=&abvar=0&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1859604&pb=43627957a24eecb560f15e5a17776f661667984122&psp=0-vlr9WucDHeIuwjss3GamfvE5fa6deCxE-diguUsyXERlzoYGeQa7yYGHLBDMUmCeq6ENl75Ko8KtJcrmEQpMUGOhICGPGg5rHjOH-MyxnBgnh37jfRjWH9tHNa-NBFEWyXzLqZx7ecUYb7WRHEtFwBPpdZblzCY25_1vLLFYU5MuLeaqIpySANs-AbHBbZzxAkmJuHfHB_B648xCMYS1MY274qyFISQnUgQiptrHOmuwxtu36s8S-fglIZk3IcxvgDcGvCf2CVqOpGxHcnUjcuaZxNXf9dJ3eWFO-VLlvuHez0qfQ3emRWLBXvJV41SRyKm6uJynLuH_ztUHYAHbcNIBRIxifmi3pwvGkvqUPvTqO86kDMnFIqqLIj0u6DKoJG_DXUIYHDOfKgNmdOaXFJN9SoNdlvYR3KWfH66YE8NGQXBM3FgLCveZOXj7MnQUdkwDbz_mPvaL6XD9WyQZgzyZ30dJkT8GWjHK7CW0k8b-b9o429yqJFvUE-oPfOqVwYxYi9vr0OEEESHh-Bieov3RDR6QIX1PzwxgoSuUkwQzsKF7k0DZRkBbqwLhMMCJ4iQnyGWqKFry-6YqE_X1-xj2EwNyIwrzph6pddayWnNEFJjgokvCE7HMqC9wMamqVn-8rm8CLF9k1V64340DfkVyEjerE6v5stWE8LRXPcO8L-vshl8dY=&abvar=0&os=0 HTTP/1.1
Host: lkpmprksau.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=22110901550b1f36c04d0245b98da5a66cca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: ppucnt=0; Path=/; Expires=Thu, 10 Nov 2022 06:55:22 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 256a4176c9ca3ba79374e6542268fb13
ee421799cc790dce0439a671ecadfc0fd5772cb3
cc9422c7584f405abbfbc5ddbb419d4ae92ff0086bddbc928ca72c1f34b51806
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5292
Cache-Control: max-age=149237
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 06:55:22 GMT
Etag: "636ade23-117"
Expires: Fri, 11 Nov 2022 00:22:39 GMT
Last-Modified: Tue, 08 Nov 2022 22:54:27 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
video.ktkjmp.com/adsbygoogle.js
200 OK 16 B URL HTTP/2 video.ktkjmp.com/adsbygoogle.js
IP
Hash 3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xxxvjmp.com/
Origin: https://creative.xxxvjmp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: kyl0IVMMo5KW4pDdzfnQKUa/Cfs4W9YHdQTiL3YWd73Il6pI7lh92KHTCplsaUtVSNRKq3KXr04=
x-amz-request-id: 3YWBDN4EWV9170D8
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.xxxvjmp.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 3527
expires: Wed, 09 Nov 2022 10:55:22 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7674a475c8aeb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
200 OK 5.1 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
IP
File type ASCII text, with very long lines (17660)
Hash abe1df98b6ab4644bd567e6669d0da03
27e3bf22ef08b7ca0090721ed31b4f921d278e7c
cd40ba7dbf63d67511c0fd56b7e5327dbedb43d15c439d79a8aacb6377059540
GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 5117
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-45f4"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 13258584
expires: Mon, 30 Oct 2023 06:55:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UOMWXJpOHXg8Mft%2FI5gHS8QHe15Xw2rGKONJcn1%2BpOk%2FHV93TbWxFnK%2Bxr5tf%2FKGjGhfLGcxPxOV7a7ltKZwKpQIpbucAseO550zDIeMbGQYab9UOiYiUfx3s6%2Fw2ggDlgE4CTk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7674a475d99fb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 3d134bb4b26262948f9ca6eafc660c93
424c61d8ce752ab94a2caa39009b514196bff109
49cccf30959161f5f053f865fc8dbb0b1fe2c84bb2b79371b92f802c19e204fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4902
Cache-Control: max-age=162206
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 06:55:22 GMT
Etag: "636b1252-117"
Expires: Fri, 11 Nov 2022 03:58:48 GMT
Last-Modified: Wed, 09 Nov 2022 02:37:06 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
javgg.net/jav/stars-178-uncensored-leak/
200 OK 24 kB URL HTTP/2 javgg.net/jav/stars-178-uncensored-leak/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41207)
Hash 336f9f711e9c25379300689666c96a33
99bbc4a051378c7755c5b0ce74656616d08f3a04
271f5da4c7a9440877f5e8bd17b71feecec4f0e8355cd39f581b7fba3cdd38a4
GET /jav/stars-178-uncensored-leak/ HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: text/html; charset=UTF-8
cf-ray: 7674a46c48a2b51e-OSL
cache-control: max-age=2678400
last-modified: Tue, 08 Nov 2022 14:29:02 GMT
strict-transport-security: max-age=31536000, max-age=31536000
vary: Accept-Encoding
cf-cache-status: HIT
cf-apo-via: tcache
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2o33tkIkiLW0p9zhHBJaVPAM1fLsNgBKGC2aw%2F2w0sTDUdVxYAwfl0hONzOeFrLWI8%2FciSnWfTcFUjHjTtSgFwIkmbozeJzXs1L9wRMRgqAiWVmY2WL0lkAY3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
syndication.realsrv.com/v1/api.php
200 OK 1.2 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (1626), with no line terminators
Hash a2b5b6f3f9f9ba83c0ffdb265dd9c6b0
c507ec2e813f19b1dd5176a6eace3008716a8843
10f4d06a79f45004b0d16e318121a3360e3514d913ff80cf04083105d40e2190
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 298
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22636b4eda3b3aa2.746200594130740177%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 06:55:22 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://javgg.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz2OS25CMQxFt9INEPn7HHfcTluJigWEPEDqgEoFKqi8+DoP0Vj5+Obq+BIQrRBX4E+Az6rPROFYHIpQQZV4e1+HYHy2n8OhHHfnqGBOU5iJcQ1nV4cQNVWAUMzNeXI6tDqkGgLBAVmkLDJehWoYxObjJV436+zdlR5XIhjgionDZXxUiZQDrgNik9HW9jsj5077JtWAaXLcz13bPA9jtPl0/DoXHLEv35dyvf0uCcZsNOU00UMIRmESitUQ741ELojlu51uxx7xb7+XLoAEiYyc3ivutCnOGUFo6qpVuG/rbCy91T8jzKGSaAEAAA==
200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz2OS25CMQxFt9INEPn7HHfcTluJigWEPEDqgEoFKqi8+DoP0Vj5+Obq+BIQrRBX4E+Az6rPROFYHIpQQZV4e1+HYHy2n8OhHHfnqGBOU5iJcQ1nV4cQNVWAUMzNeXI6tDqkGgLBAVmkLDJehWoYxObjJV436+zdlR5XIhjgionDZXxUiZQDrgNik9HW9jsj5077JtWAaXLcz13bPA9jtPl0/DoXHLEv35dyvf0uCcZsNOU00UMIRmESitUQ741ELojlu51uxx7xb7+XLoAEiYyc3ivutCnOGUFo6qpVuG/rbCy91T8jzKGSaAEAAA==
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz2OS25CMQxFt9INEPn7HHfcTluJigWEPEDqgEoFKqi8+DoP0Vj5+Obq+BIQrRBX4E+Az6rPROFYHIpQQZV4e1+HYHy2n8OhHHfnqGBOU5iJcQ1nV4cQNVWAUMzNeXI6tDqkGgLBAVmkLDJehWoYxObjJV436+zdlR5XIhjgionDZXxUiZQDrgNik9HW9jsj5077JtWAaXLcz13bPA9jtPl0/DoXHLEv35dyvf0uCcZsNOU00UMIRmESitUQ741ELojlu51uxx7xb7+XLoAEiYyc3ivutCnOGUFo6qpVuG/rbCy91T8jzKGSaAEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adsnot.1javguru.xyz
Connection: keep-alive
Referer: https://adsnot.1javguru.xyz/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22636b4eda3b3aa2.746200594130740177%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 06:55:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://adsnot.1javguru.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22636b4eda3b3aa2.746200594130740177%22%3B%7D; expires=Fri, 08 Nov 2024 06:55:22 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22636b4eda3b3aa2.746200594130740177%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22510.0199%22%7D; expires=Fri, 08 Nov 2024 06:55:22 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
javgg.net/cdn-cgi/rum?
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 9222
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/jav/stars-178-uncensored-leak/
Cookie: __cf_bm=dyqEQf5OZaR9wEgOwFKGSi.0aDwp5UZGt.3KxUxaSFM-1667976922-0-Ac52Q1G1US4kd9NizHMu6gRlIp6j3EVWncEOR56qA1jlkmkbBfVTkIh+K7Zyi1nXlDiwpbO8T8z1/P5EnsTaX+cL3AeodhuYgqjD0X8eEwke4SkSCsQh1PT/fmZHP3QjOWJIFubFDS0jf7aqfR1ciq2x1BTjd9Kplf58es60ur/O6bNwVdW+FiApGte9q3n+2a+lLoukeZnk2nbBhUcql0ouxzA93uS941ptkXp0q44e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Wed, 09 Nov 2022 06:55:22 GMT
access-control-allow-origin: https://javgg.net
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7674a4775a77b51e-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PS2oDMQyGr9ILjNHL1ijrrlto6QH8mAl0kU1LSEGHrzyhof4R1o/kTzIB0YK4gD0BnnI+EblhMkhCCbP4y+ubC/pnvZ7P6bJ9O4sULa4qyqsbWzZwyWBK4GbOUQjjxUqmSRBwdghRjrczS4BldQX/eH8+AkNCjka3iDBzqgdPIocbeOHSZBuVG9dKSaUQQDZBBhVA1aCNAaN1slarItvAdZQtM7UeTifo3y/grthkzqY/74zCFKss+DDiccCPcv36uXT3R/td+QAESGRenWnvWOpgadAY1n3foO/Q8roPMvwF6sCIe3QBAAA=
200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PS2oDMQyGr9ILjNHL1ijrrlto6QH8mAl0kU1LSEGHrzyhof4R1o/kTzIB0YK4gD0BnnI+EblhMkhCCbP4y+ubC/pnvZ7P6bJ9O4sULa4qyqsbWzZwyWBK4GbOUQjjxUqmSRBwdghRjrczS4BldQX/eH8+AkNCjka3iDBzqgdPIocbeOHSZBuVG9dKSaUQQDZBBhVA1aCNAaN1slarItvAdZQtM7UeTifo3y/grthkzqY/74zCFKss+DDiccCPcv36uXT3R/td+QAESGRenWnvWOpgadAY1n3foO/Q8roPMvwF6sCIe3QBAAA=
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02PS2oDMQyGr9ILjNHL1ijrrlto6QH8mAl0kU1LSEGHrzyhof4R1o/kTzIB0YK4gD0BnnI+EblhMkhCCbP4y+ubC/pnvZ7P6bJ9O4sULa4qyqsbWzZwyWBK4GbOUQjjxUqmSRBwdghRjrczS4BldQX/eH8+AkNCjka3iDBzqgdPIocbeOHSZBuVG9dKSaUQQDZBBhVA1aCNAaN1slarItvAdZQtM7UeTifo3y/grthkzqY/74zCFKss+DDiccCPcv36uXT3R/td+QAESGRenWnvWOpgadAY1n3foO/Q8roPMvwF6sCIe3QBAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22636b4eda3b3aa2.746200594130740177%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22636b4eda3b3aa2.746200594130740177%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22510.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 06:55:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://javgg.net
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22636b4eda3b3aa2.746200594130740177%22%3B%7D; expires=Fri, 08 Nov 2024 06:55:22 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22636b4eda3b3aa2.746200594130740177%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%2299.0199%7C510.019701%22%7D; expires=Fri, 08 Nov 2024 06:55:22 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
pics.dmm.co.jp/digital/video/1stars178/1stars178-8.jpg
200 OK 4.1 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1stars178/1stars178-8.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 996e976445b2217b6fdd3cf3a11d2013
bdd57c44b60adb703eb03c1697a35b3fb48e6601
e023bb619fcc6021be5361bff64753a4676b3c71f5354b40ca2c3074ed86ac29
GET /digital/video/1stars178/1stars178-8.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/jpeg
content-length: 4143
last-modified: Tue, 10 Dec 2019 05:22:15 GMT
etag: "5def2b87-102f"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6RoWNrTtoaQwF1KLBYAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1stars178/1stars178-9.jpg
200 OK 5.5 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1stars178/1stars178-9.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash a39a5eb9d2a13025e3144feb3c450ec6
3b4c3d217874705452cf6d1945dd75ce9fb9331a
1f2d34e4121cce463bff05a63605be3466ba44f9adcf40a55a53ddde717754f2
GET /digital/video/1stars178/1stars178-9.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/jpeg
content-length: 5534
last-modified: Tue, 10 Dec 2019 05:22:15 GMT
etag: "5def2b87-159e"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6RoWNrTtoaQwF1KLBZAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1stars178/1stars178-10.jpg
200 OK 4.9 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1stars178/1stars178-10.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 90cbabfda83c617d031aa09cd77797f5
0dae39df803f79122a0cd8f2ef1b0e21fad825a7
d62b8bc533ac7a4e52c9bd5b2c3559816acdbf7e4a563d7d87a68d8a13a4b34d
GET /digital/video/1stars178/1stars178-10.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/jpeg
content-length: 4889
last-modified: Tue, 10 Dec 2019 05:22:14 GMT
etag: "5def2b86-1319"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6RoWNrTtoaQwF1KLBaAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1stars178/1stars178-11.jpg
200 OK 5.5 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1stars178/1stars178-11.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 3ae0839ff733c53f3aa4cd8c532058de
61a81e2e3bed93302677125016448f9ac4bfee76
66977684f437e9a59c7a757fc1befb97b3538d3510d6f60a5d546298ebf36b82
GET /digital/video/1stars178/1stars178-11.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/jpeg
content-length: 5498
last-modified: Tue, 10 Dec 2019 05:22:14 GMT
etag: "5def2b86-157a"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6RoWNrTtoaQwF1KLBbAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1stars178/1stars178-12.jpg
200 OK 5.0 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1stars178/1stars178-12.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash ff39c3613127c3ababce3d078aaee660
1012c88b482853ce24ebd671e2636ea468a54829
62c23b8aa23259ccec835209dacd392e7c56e15dcaa98982d637002b7c52769f
GET /digital/video/1stars178/1stars178-12.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/jpeg
content-length: 4987
last-modified: Tue, 10 Dec 2019 05:22:14 GMT
etag: "5def2b86-137b"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6RoWNrTtoaQwF1KLBcAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1stars178/1stars178-13.jpg
200 OK 4.9 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1stars178/1stars178-13.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 58a5ebea68e1c6cd02d7a5262acc8d27
37a207e30270901be2f50a93f7a46b5517f72013
6d16d8ed3bb19a9094831df38954c6c4f2fb2ad02e8b65aa3870767b5942634f
GET /digital/video/1stars178/1stars178-13.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/jpeg
content-length: 4927
last-modified: Tue, 10 Dec 2019 05:22:14 GMT
etag: "5def2b86-133f"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6RoWNrTtoaQwF1KLBdAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/344676/ac01519765c5a0a2b3a171b51a774cda0a703195.webp
200 OK 6.9 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/344676/ac01519765c5a0a2b3a171b51a774cda0a703195.webp
IP
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 99a3343ac7621ba8206ae4ff9362a24c
ac01519765c5a0a2b3a171b51a774cda0a703195
591ecdfbeeb5ae2809d1410921fcf8c6a2072ff69b6ce1ace9cf04ab0aa56bfa
GET /library/344676/ac01519765c5a0a2b3a171b51a774cda0a703195.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/webp
content-length: 6918
last-modified: Mon, 20 Dec 2021 01:13:17 GMT
etag: "61bfd8ad-1b06"
expires: Fri, 30 Jun 2023 18:47:26 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195310
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCRRsMf//bLGsAA
x-77-nzt-ray: ffffffffe92b8e1ada4e6b6380eb6034
x-cache: HIT
x-age: 11317612
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
images.javgg.net/wp-content/uploads/2021/10/ssis211pl-300x170.jpg
200 OK 18 kB URL HTTP/2 images.javgg.net/wp-content/uploads/2021/10/ssis211pl-300x170.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Hash 90b8b1898086ecda635c1e6d78eba5dc
526c4830ce3107e9d980d16eb0a9bef70bb86028
f18f3a6086b919c7f16a4537ba114ffc149f38f1334db1acd3b67a40d4d5d00c
GET /wp-content/uploads/2021/10/ssis211pl-300x170.jpg HTTP/1.1
Host: images.javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: __cf_bm=dyqEQf5OZaR9wEgOwFKGSi.0aDwp5UZGt.3KxUxaSFM-1667976922-0-Ac52Q1G1US4kd9NizHMu6gRlIp6j3EVWncEOR56qA1jlkmkbBfVTkIh+K7Zyi1nXlDiwpbO8T8z1/P5EnsTaX+cL3AeodhuYgqjD0X8eEwke4SkSCsQh1PT/fmZHP3QjOWJIFubFDS0jf7aqfR1ciq2x1BTjd9Kplf58es60ur/O6bNwVdW+FiApGte9q3n+2a+lLoukeZnk2nbBhUcql0ouxzA93uS941ptkXp0q44e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/jpeg
content-length: 18525
cache-control: max-age=2678400
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=23016, status=webp_bigger
etag: "615bd467-59e8"
expires: Thu, 08 Dec 2022 13:53:31 GMT
last-modified: Tue, 05 Oct 2021 04:28:23 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 61290
accept-ranges: bytes
server-timing: cf-q-config;dur=3.9999995351536e-06
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUCmErLFQWMePkFIDgEq%2B303qhHlOIPX8E33RN3L6VY0eeoWOohiCKIHTlOG6SSlOR%2FTSM4vh7u%2Buz0lf8oJn0rRzItxG3PWd2FDmI6%2FLu0j8gctetxLus7v8Tl9%2FDqKdSI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7674a4782b62b51e-OSL
X-Firefox-Spdy: h2
images.javgg.net/wp-content/uploads/2021/10/SDNM-229_Leak-300x170.jpg
200 OK 18 kB URL HTTP/2 images.javgg.net/wp-content/uploads/2021/10/SDNM-229_Leak-300x170.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Hash 7c0c0569bff3472a4364fdbfac585f0f
8b3ac5c076a8849c616b872236dda3398a377f88
6adc425f69d8fc271080e9cfd7d74a0cefd80b06008b0bbeb0be2bf87bf15729
GET /wp-content/uploads/2021/10/SDNM-229_Leak-300x170.jpg HTTP/1.1
Host: images.javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: __cf_bm=dyqEQf5OZaR9wEgOwFKGSi.0aDwp5UZGt.3KxUxaSFM-1667976922-0-Ac52Q1G1US4kd9NizHMu6gRlIp6j3EVWncEOR56qA1jlkmkbBfVTkIh+K7Zyi1nXlDiwpbO8T8z1/P5EnsTaX+cL3AeodhuYgqjD0X8eEwke4SkSCsQh1PT/fmZHP3QjOWJIFubFDS0jf7aqfR1ciq2x1BTjd9Kplf58es60ur/O6bNwVdW+FiApGte9q3n+2a+lLoukeZnk2nbBhUcql0ouxzA93uS941ptkXp0q44e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/jpeg
content-length: 17874
cache-control: max-age=2678400
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=22122, status=webp_bigger
etag: "6173aa81-566a"
expires: Thu, 08 Dec 2022 13:53:31 GMT
last-modified: Sat, 23 Oct 2021 06:24:01 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 61290
accept-ranges: bytes
server-timing: cf-q-config;dur=5.9999993027304e-06
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGztxZsp7DFY%2FMrUt5B5YQ%2BKoYPu2lbTmUic8iGp83srKr8V%2B4kl%2BV5W6WsRHywj%2Bl3RzluSn4HIwGDD4ungGlIXK0SinR%2FB8S%2B%2Bb4rdcZUujX4J0lxZSHFNsp9fDNNYn%2FE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7674a4782b5cb51e-OSL
X-Firefox-Spdy: h2
images.javgg.net/wp-content/uploads/2021/11/ssis256pl-300x170.jpg
200 OK 17 kB URL HTTP/2 images.javgg.net/wp-content/uploads/2021/11/ssis256pl-300x170.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2e62b0b3b314352f3e53f12a744f0f24
55f7008e073397541c96e0245f57ae5019cc193f
f579b75b952edbc3f491484a458da7938f4f902186d5e5d1a34466386493f1d1
GET /wp-content/uploads/2021/11/ssis256pl-300x170.jpg HTTP/1.1
Host: images.javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: __cf_bm=dyqEQf5OZaR9wEgOwFKGSi.0aDwp5UZGt.3KxUxaSFM-1667976922-0-Ac52Q1G1US4kd9NizHMu6gRlIp6j3EVWncEOR56qA1jlkmkbBfVTkIh+K7Zyi1nXlDiwpbO8T8z1/P5EnsTaX+cL3AeodhuYgqjD0X8eEwke4SkSCsQh1PT/fmZHP3QjOWJIFubFDS0jf7aqfR1ciq2x1BTjd9Kplf58es60ur/O6bNwVdW+FiApGte9q3n+2a+lLoukeZnk2nbBhUcql0ouxzA93uS941ptkXp0q44e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/webp
content-length: 17096
cache-control: max-age=2678400
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=21737
content-disposition: inline; filename="ssis256pl-300x170.webp"
vary: Accept
etag: "61911270-54e9"
expires: Thu, 08 Dec 2022 13:53:30 GMT
last-modified: Sun, 14 Nov 2021 13:43:12 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 61290
accept-ranges: bytes
server-timing: cf-q-config;dur=4.9999998736894e-06
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ieBlWFxe7Pb74OZwqYThCUwdkfdlMcOEOCJ1rRKVuOXmBFH88xpJn01ujOWu8GcCwgeX4dn08IB58m3vg0XCACe%2BA8StRJh3JSJ%2FZ83W1Br8G5QKuvgR8yl1zvjpzlxPklw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7674a4783b88b51e-OSL
X-Firefox-Spdy: h2
images.javgg.net/wp-content/uploads/2021/11/ssis241pl-300x170.jpg
200 OK 18 kB URL HTTP/2 images.javgg.net/wp-content/uploads/2021/11/ssis241pl-300x170.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Hash c42719e5f0acfe3812a8ea2490af7ad1
31241a8e9a7599ca68cf52cac7902763f29d8c2d
68f182d04172a05ded7545a38a18eb13544a52511e26a8931b370df5f798ec6b
GET /wp-content/uploads/2021/11/ssis241pl-300x170.jpg HTTP/1.1
Host: images.javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: __cf_bm=dyqEQf5OZaR9wEgOwFKGSi.0aDwp5UZGt.3KxUxaSFM-1667976922-0-Ac52Q1G1US4kd9NizHMu6gRlIp6j3EVWncEOR56qA1jlkmkbBfVTkIh+K7Zyi1nXlDiwpbO8T8z1/P5EnsTaX+cL3AeodhuYgqjD0X8eEwke4SkSCsQh1PT/fmZHP3QjOWJIFubFDS0jf7aqfR1ciq2x1BTjd9Kplf58es60ur/O6bNwVdW+FiApGte9q3n+2a+lLoukeZnk2nbBhUcql0ouxzA93uS941ptkXp0q44e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/jpeg
content-length: 18403
cache-control: max-age=2678400
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=22551, status=webp_bigger
etag: "61911286-5817"
expires: Thu, 08 Dec 2022 13:53:31 GMT
last-modified: Sun, 14 Nov 2021 13:43:34 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 61290
accept-ranges: bytes
server-timing: cf-q-config;dur=4.9999998736894e-06
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClAyvRwoTGHvAsqYz7ts8VC0IF5pT07dmjvgmySt0PPgjXWs8YjdfsBA5McgH6Y1c2lL%2BliLg1PB5ZhpayUC3dRTmch8xJi6ZpMX5%2BTa3rrWvYQj%2B4fkOGix%2FsOVy9q%2F5Os%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7674a4784b89b51e-OSL
X-Firefox-Spdy: h2
go.xxxvjmp.com/config?url=https%3A%2F%2Fcreative.xxxvjmp.com%2Fwidgets%2Fv4%2FUniversal%3FisNew%3D0%26broadcastHD%3D0%26broadcastVR%3D0%26broadcastMobile%3D0%26isPerson%3D0%26isFace%3D0%26goalEnabled%3D0%26isMlCountry%3D0%26isLogged%3D0%26isMlAnal%3D0%26isMlBlowjob%3D0%26strict%3D0%26applyGeobans%3D0%26tag%3Dgirls%252Fchinese%26stripcashR%3D0%26language%3Den%26autoplay%3Dall%26thumbFit%3Dcover%26hideLiveBadge%3D0%26hideModelName%3D0%26autoplayForce%3D1%26playButton%3D0%26thumbType%3Ddefault%26actionButtonPlacement%3Dbottom%26thumbSizeKey%3Dbig%26thumbsMargin%3D5%26responsive%3D1%26hideButton%3D1%26hideTitle%3D1%26hideButtonOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26buttonColor%3D%2523DC0C2C%26liveBadgeColor%3D%252300bd8f%26userId%3D5e6ff13072051fdc172c3b2a2c52f266c758c4e6c7837dc97b8bcdbdc61ed761%26campaignId%3Dwidget300100
200 OK 22 kB URL HTTP/2 go.xxxvjmp.com/config?url=https%3A%2F%2Fcreative.xxxvjmp.com%2Fwidgets%2Fv4%2FUniversal%3FisNew%3D0%26broadcastHD%3D0%26broadcastVR%3D0%26broadcastMobile%3D0%26isPerson%3D0%26isFace%3D0%26goalEnabled%3D0%26isMlCountry%3D0%26isLogged%3D0%26isMlAnal%3D0%26isMlBlowjob%3D0%26strict%3D0%26applyGeobans%3D0%26tag%3Dgirls%252Fchinese%26stripcashR%3D0%26language%3Den%26autoplay%3Dall%26thumbFit%3Dcover%26hideLiveBadge%3D0%26hideModelName%3D0%26autoplayForce%3D1%26playButton%3D0%26thumbType%3Ddefault%26actionButtonPlacement%3Dbottom%26thumbSizeKey%3Dbig%26thumbsMargin%3D5%26responsive%3D1%26hideButton%3D1%26hideTitle%3D1%26hideButtonOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26buttonColor%3D%2523DC0C2C%26liveBadgeColor%3D%252300bd8f%26userId%3D5e6ff13072051fdc172c3b2a2c52f266c758c4e6c7837dc97b8bcdbdc61ed761%26campaignId%3Dwidget300100
IP
File type JSON data\012- , ASCII text
Hash 495d1e244f08050c2fa929954920a5a8
49424824cffd0b757b7dec70c64ac94fad2bdbdb
5907d864cf91583871e179fd2c57aa103a0a6e04e98d506b8dac8b70bbe05ff7
GET /config?url=https%3A%2F%2Fcreative.xxxvjmp.com%2Fwidgets%2Fv4%2FUniversal%3FisNew%3D0%26broadcastHD%3D0%26broadcastVR%3D0%26broadcastMobile%3D0%26isPerson%3D0%26isFace%3D0%26goalEnabled%3D0%26isMlCountry%3D0%26isLogged%3D0%26isMlAnal%3D0%26isMlBlowjob%3D0%26strict%3D0%26applyGeobans%3D0%26tag%3Dgirls%252Fchinese%26stripcashR%3D0%26language%3Den%26autoplay%3Dall%26thumbFit%3Dcover%26hideLiveBadge%3D0%26hideModelName%3D0%26autoplayForce%3D1%26playButton%3D0%26thumbType%3Ddefault%26actionButtonPlacement%3Dbottom%26thumbSizeKey%3Dbig%26thumbsMargin%3D5%26responsive%3D1%26hideButton%3D1%26hideTitle%3D1%26hideButtonOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26buttonColor%3D%2523DC0C2C%26liveBadgeColor%3D%252300bd8f%26userId%3D5e6ff13072051fdc172c3b2a2c52f266c758c4e6c7837dc97b8bcdbdc61ed761%26campaignId%3Dwidget300100 HTTP/1.1
Host: go.xxxvjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xxxvjmp.com/
Origin: https://creative.xxxvjmp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: application/json
access-control-allow-origin: *
last-modified: Wed, 09 Nov 2022 02:14:04 GMT
cf-cache-status: HIT
age: 228
vary: Accept-Encoding
server: cloudflare
cf-ray: 7674a4757a62b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash b09c9af000048694c33db74d610327ae
e2099c879bd9ee5b155b2b57085c673520c2e11b
5b03412310ab8bfea47fdfb6b247ab806475e716687306f17f403e4efe36a056
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5043
Cache-Control: max-age=88199
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 06:55:23 GMT
Etag: "6369f0af-117"
Expires: Thu, 10 Nov 2022 07:25:22 GMT
Last-Modified: Tue, 08 Nov 2022 06:01:19 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash b09c9af000048694c33db74d610327ae
e2099c879bd9ee5b155b2b57085c673520c2e11b
5b03412310ab8bfea47fdfb6b247ab806475e716687306f17f403e4efe36a056
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5043
Cache-Control: max-age=88199
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 06:55:23 GMT
Etag: "6369f0af-117"
Expires: Thu, 10 Nov 2022 07:25:22 GMT
Last-Modified: Tue, 08 Nov 2022 06:01:19 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
img.strpst.com/thumbs/1667976601/86406718
200 OK 22 kB URL HTTP/2 img.strpst.com/thumbs/1667976601/86406718
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 480x360, components 3\012- data
Hash 4892a546656fd50c7c85303fe4fef958
2d6d95456a11c7df0c3d81141878b32d404d886d
2d537830f321fba6492139947851eec589352a0604aa9b2e7e502566684710e7
GET /thumbs/1667976601/86406718 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxvjmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:23 GMT
content-type: image/jpeg
content-length: 22367
cf-bgj: imgq:100,h2pri
cf-polished: origSize=23323, status=webp_bigger
etag: "ddc346f7edec2a93b3639cfab538f078"
last-modified: Wed, 09 Nov 2022 06:51:13 GMT
cf-cache-status: HIT
age: 24
expires: Wed, 09 Nov 2022 07:00:23 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7674a478dd1eb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1667976601/75923753
200 OK 46 kB URL HTTP/2 img.strpst.com/thumbs/1667976601/75923753
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 44d62e178b670679890feab1297581a4
376bea4e1ec73538d7db197a51add6f8c3f46c97
81dce7f88787e07862df8d401cf1370afadce6efc332f6988b6c00d7281971a5
GET /thumbs/1667976601/75923753 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxvjmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:23 GMT
content-type: image/jpeg
content-length: 45478
cf-bgj: imgq:100,h2pri
cf-polished: origSize=46731, status=webp_bigger
etag: "56a2921604f67d40d6aa6938408bbcea"
last-modified: Wed, 09 Nov 2022 06:50:20 GMT
cf-cache-status: HIT
age: 34
expires: Wed, 09 Nov 2022 07:00:23 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7674a478dd28b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash b09c9af000048694c33db74d610327ae
e2099c879bd9ee5b155b2b57085c673520c2e11b
5b03412310ab8bfea47fdfb6b247ab806475e716687306f17f403e4efe36a056
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5043
Cache-Control: max-age=88199
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 06:55:23 GMT
Etag: "6369f0af-117"
Expires: Thu, 10 Nov 2022 07:25:22 GMT
Last-Modified: Tue, 08 Nov 2022 06:01:19 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.sectigo.com/
200 OK 1.4 kB IP
Hash b95afda9d76a0c2642f8af959557101a
67edd72d62208c4e6edf46dd3d972705e45ac08b
06bb2dff5cd0c9ee4b9bb2bccc91a75f640ac55b6abf68805e6f4b90ce967c4e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 06:55:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 06 Nov 2022 12:04:38 GMT
Expires: Sun, 13 Nov 2022 12:04:37 GMT
Etag: "06af17174bb1fa0538acd858e5010ef692ee01bc"
Cache-Control: max-age=363553,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7674a4792c81b51e-OSL
pics.dmm.co.jp/digital/video/1stars178/1stars178-7.jpg
200 OK 4.6 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1stars178/1stars178-7.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash e9fadf80bf9666a9231c6d45349d6511
0cdaa6f2fce5009aca0f6c01e061fb3ad7e9cfa4
bd0d500334c2307b03d4d0f84b4226852ccaf6dea45061859e3e8610e8fc2a5d
GET /digital/video/1stars178/1stars178-7.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/jpeg
content-length: 4590
last-modified: Tue, 10 Dec 2019 05:22:15 GMT
etag: "5def2b87-11ee"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6RoWNrTtoaQwF1KLBtAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1stars178/1stars178-4.jpg
200 OK 4.4 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1stars178/1stars178-4.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 0506e0daf42bbd043a31deb5dc2af8ae
d55d718c30c57d01d6495ec440cc1f0cef3279c5
f4defd6a1b1e9cfd3c02d7b69ac1f9c6ce3b082a82d3ffb32ad4c68b061b5f3f
GET /digital/video/1stars178/1stars178-4.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/jpeg
content-length: 4399
last-modified: Tue, 10 Dec 2019 05:22:15 GMT
etag: "5def2b87-112f"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6RoWNrTtoaQwF1KLDVAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1stars178/1stars178-5.jpg
200 OK 5.0 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1stars178/1stars178-5.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 72dbf5dd83c0d8fa55c7870e1736feb7
7018db247dd34dc97e4bbaca2cf4871d28b997d7
7dceeb11b38ce784f8c79344a1d6ed07ac507d3e54b866ff678d9cf88310a72d
GET /digital/video/1stars178/1stars178-5.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/jpeg
content-length: 5021
last-modified: Tue, 10 Dec 2019 05:22:15 GMT
etag: "5def2b87-139d"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6RoWNrTtoaQwF1KLDWAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1stars178/1stars178-6.jpg
200 OK 4.1 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1stars178/1stars178-6.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash d29104e15f34777b4809d6ec50c1dc55
55da1590eba3c75825a5efc26c764d3f1685b94c
0bb040f1121eef8b2861865989692e1b61087216e6df876c8ab13c210f1d3b1b
GET /digital/video/1stars178/1stars178-6.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/jpeg
content-length: 4132
last-modified: Tue, 10 Dec 2019 05:22:15 GMT
etag: "5def2b87-1024"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6RoWNrTtoaQwF1KLDXAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1stars178/1stars178-3.jpg
200 OK 4.5 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1stars178/1stars178-3.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash d438ee3869f994a7cc4d021c24d13874
bab54a5c806ab2d9ae20ddf4b33972fb62336d5e
eaf6056ae7aca8557bf8505f6f11fffc8944e3bc93377b4b4d31397dcd6a92a3
GET /digital/video/1stars178/1stars178-3.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/jpeg
content-length: 4476
last-modified: Tue, 10 Dec 2019 05:22:15 GMT
etag: "5def2b87-117c"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6RoWNrTtoaQwF1KLDYAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
images.javgg.net/wp-content/uploads/2020/07/140_Gg_logo_logos-512.png
200 OK 1.3 kB URL HTTP/2 images.javgg.net/wp-content/uploads/2020/07/140_Gg_logo_logos-512.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2ef0c03c5cf9d345f34a683ebe225edc
b66c819b6b33baaf2af6a4032f2a53b5cbd15ff1
ea23aa416c911cb9090481e9a0a05e5601e1626e0b14ebd08a525a1b9a648162
GET /wp-content/uploads/2020/07/140_Gg_logo_logos-512.png HTTP/1.1
Host: images.javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: __cf_bm=dyqEQf5OZaR9wEgOwFKGSi.0aDwp5UZGt.3KxUxaSFM-1667976922-0-Ac52Q1G1US4kd9NizHMu6gRlIp6j3EVWncEOR56qA1jlkmkbBfVTkIh+K7Zyi1nXlDiwpbO8T8z1/P5EnsTaX+cL3AeodhuYgqjD0X8eEwke4SkSCsQh1PT/fmZHP3QjOWJIFubFDS0jf7aqfR1ciq2x1BTjd9Kplf58es60ur/O6bNwVdW+FiApGte9q3n+2a+lLoukeZnk2nbBhUcql0ouxzA93uS941ptkXp0q44e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:23 GMT
content-type: image/webp
content-length: 1338
cache-control: max-age=2678400
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2026
content-disposition: inline; filename="140_Gg_logo_logos-512.webp"
vary: Accept
etag: "61f924d6-7ea"
expires: Thu, 08 Dec 2022 13:53:32 GMT
last-modified: Tue, 01 Feb 2022 12:17:26 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 61290
accept-ranges: bytes
server-timing: cf-q-config;dur=5.9999993027304e-06
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2G%2BQEHo4P46nY5xeuWCGLv2lgyET7t3J%2FAjNhk71DMiC5ezlLnWUCl1i3u%2FXbmAgkUr6xm3AJmFqxYXLcMbtx%2FLSbLGrEmmPsQSjQnq0xhsPiZGx6nEE62%2BP8E40oAMaxIs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7674a4799cd7b51e-OSL
X-Firefox-Spdy: h2
track.trackingtraffo.com/banner/imp?auth=4mz3uw&price=${AUCTION_PRICE}&c=uHaN04OWomyLcvBqqMryRRWSR68IobZWBmayYo23PsGnVjl0-kKtHdz5Saizk_ECJ_6WrnEThIpIvfe9-7opbpsuD2lIoKPsPXGThOXmhKipJDmGdMRiACkIUUl5ATxUL3qGL7YR_Dv8SLXkZDl8nOQ1FyDQANnWPlyWSRU-mCYNUeH9sBTDEuMqibFKIr0fSIqqmUao9Dg52s2XKQYu9eQmu7BcmJqEIw8ONHkJVN6ULG4dRVGvUGF8rMoaXiTjrkyZzRureVhzNb4zdP3rC32iNnwYoHS5feyG-nrSbC7VM0JK6wJrEBQQBBnA911wU_wM9A6oKmW8VWvFEWSYavJjIgF2q0t2imeya8SjkhuUMXjYKGITEkM-dAEgWxc0csxhA29d5NBhsjzdxgP2nMu-yFN43Etyit3KLHUDArUaPVBTernM8OgDrgPn8GbU79dqRwoJQGJqROdS8Qi3Tl8hq03BRXl5d_qsKJNz-B7LReoELKZILG9K2rugzmJiSKZu9g
302 Found 0 B URL HTTP/1.1 track.trackingtraffo.com/banner/imp?auth=4mz3uw&price=${AUCTION_PRICE}&c=uHaN04OWomyLcvBqqMryRRWSR68IobZWBmayYo23PsGnVjl0-kKtHdz5Saizk_ECJ_6WrnEThIpIvfe9-7opbpsuD2lIoKPsPXGThOXmhKipJDmGdMRiACkIUUl5ATxUL3qGL7YR_Dv8SLXkZDl8nOQ1FyDQANnWPlyWSRU-mCYNUeH9sBTDEuMqibFKIr0fSIqqmUao9Dg52s2XKQYu9eQmu7BcmJqEIw8ONHkJVN6ULG4dRVGvUGF8rMoaXiTjrkyZzRureVhzNb4zdP3rC32iNnwYoHS5feyG-nrSbC7VM0JK6wJrEBQQBBnA911wU_wM9A6oKmW8VWvFEWSYavJjIgF2q0t2imeya8SjkhuUMXjYKGITEkM-dAEgWxc0csxhA29d5NBhsjzdxgP2nMu-yFN43Etyit3KLHUDArUaPVBTernM8OgDrgPn8GbU79dqRwoJQGJqROdS8Qi3Tl8hq03BRXl5d_qsKJNz-B7LReoELKZILG9K2rugzmJiSKZu9g
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/imp?auth=4mz3uw&price=${AUCTION_PRICE}&c=uHaN04OWomyLcvBqqMryRRWSR68IobZWBmayYo23PsGnVjl0-kKtHdz5Saizk_ECJ_6WrnEThIpIvfe9-7opbpsuD2lIoKPsPXGThOXmhKipJDmGdMRiACkIUUl5ATxUL3qGL7YR_Dv8SLXkZDl8nOQ1FyDQANnWPlyWSRU-mCYNUeH9sBTDEuMqibFKIr0fSIqqmUao9Dg52s2XKQYu9eQmu7BcmJqEIw8ONHkJVN6ULG4dRVGvUGF8rMoaXiTjrkyZzRureVhzNb4zdP3rC32iNnwYoHS5feyG-nrSbC7VM0JK6wJrEBQQBBnA911wU_wM9A6oKmW8VWvFEWSYavJjIgF2q0t2imeya8SjkhuUMXjYKGITEkM-dAEgWxc0csxhA29d5NBhsjzdxgP2nMu-yFN43Etyit3KLHUDArUaPVBTernM8OgDrgPn8GbU79dqRwoJQGJqROdS8Qi3Tl8hq03BRXl5d_qsKJNz-B7LReoELKZILG9K2rugzmJiSKZu9g HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsnot.1javguru.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 09 Nov 2022 06:55:23 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1657723319711-20BET_first_slots_315x300_NO.jpg
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8084
Expires: Wed, 09 Nov 2022 09:10:07 GMT
Date: Wed, 09 Nov 2022 06:55:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8084
Expires: Wed, 09 Nov 2022 09:10:07 GMT
Date: Wed, 09 Nov 2022 06:55:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8084
Expires: Wed, 09 Nov 2022 09:10:07 GMT
Date: Wed, 09 Nov 2022 06:55:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8084
Expires: Wed, 09 Nov 2022 09:10:07 GMT
Date: Wed, 09 Nov 2022 06:55:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8084
Expires: Wed, 09 Nov 2022 09:10:07 GMT
Date: Wed, 09 Nov 2022 06:55:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0adf10c-d2d8-4768-a99e-671dd205fa5f.jpeg
200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0adf10c-d2d8-4768-a99e-671dd205fa5f.jpeg
IP
Hash 34b5aadcc1c2fd16420078ab4ad178b4
7b304380deb33ae17dcaeeb7ffe1dd1d219e70c8
7b738f96e9c0157be3022620aefb6c169233b0cec216f721200134ae9c4317af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0adf10c-d2d8-4768-a99e-671dd205fa5f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9741
x-amzn-requestid: 19706043-9952-4148-bf73-815d2b80f88a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKom8FixIAMFjzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63675492-26d889196e698552262b0ef6;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 06:30:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uPmbLJ6IBuTrkBSsDauIJ7Fhley63BN_Nrwv_AhX7KPHZdUWXIuy3w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 16:46:40 GMT
age: 50923
etag: "dd74707d8871dd800aa29bda2edc6105bd00adf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86ec3f22045de1a100eccf27d91593ae
e26769d82108f89057b05096061f1276d34e223a
b863d19ab12945922b4d014c517f5ffe349cefe2bbe1c2f16661371f22378cbd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10822
x-amzn-requestid: 1b1e2dfc-4096-45cf-adb3-58f0b1d614bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEAXHFhroAMF_Zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364adc6-7b94977b4143970a48bc1857;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 06:14:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vzUPLMO4CDywKUQvQ9gbltVLYlNher7ZTXYC9A00LfwycdEmG7m9wg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 04:21:46 GMT
age: 9217
etag: "e26769d82108f89057b05096061f1276d34e223a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q0yZmbExDP4tH0n1n2qj_NR2Mv_y_dsO0LJ1RKZoS6Me-NLbhpUWqw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 09:08:56 GMT
age: 78387
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29429581f8dc762c69c5916009f70080
9265cae98aa663a5498925b70079abdd8e7031fd
c3deee74c80905a1e92b84868b9987cb30ad7a210dca066b97c325cc2c83872e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9313
x-amzn-requestid: be3f6b0f-cf61-4bec-ad1a-87abdbc45d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTwF5AoAMFZAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-5ca45b5b1065a4ea492f2ac6;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9lVY7YgQQ0FAP3ItgCSWePY0Msd4RIyBz4eNPc-K51BtnWUjOObv6g==
via: 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:43 GMT
etag: "9265cae98aa663a5498925b70079abdd8e7031fd"
content-type: image/jpeg
age: 33100
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c69b19d2273c3ade32fd0797921c0459
8cafda5659f5b36c855a2bbcaeb03aa715ddeebd
d78b92e1175207b1179c85f9490f937e1647aeae3fe95cf8b3dc336db232945e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8154
x-amzn-requestid: 1d9d6e13-69a4-473d-af4b-ef3d4382f3ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTU2EyZoAMF94w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc1e-0dec203434f42df01d9a1182;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GWFybdPyZxzujAi9urpfQ_1HZCiJpmxpzg6j7a2gwdZ5E89xfc1MXg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:54:55 GMT
age: 32428
etag: "8cafda5659f5b36c855a2bbcaeb03aa715ddeebd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4b0973b-d22d-4fb5-b777-cb6b2ea614f8.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4b0973b-d22d-4fb5-b777-cb6b2ea614f8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fea291bfa3958eac1ec082c954f464e6
1b24dd3abd50d37ef919770c858328dc4f3187ad
ff66cca8d93c51768479304fb954fd60d550b142946c47f149e1a3579d6fe235
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4b0973b-d22d-4fb5-b777-cb6b2ea614f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14020
x-amzn-requestid: 2243eecc-7f97-41e4-b516-da8c84cc1ddc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTVBGQjIAMF3_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc1f-10ead8811b8f8dc26e2e6929;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:35 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hUDLrdbHOdDTuHKjFnwiLCPAlWBI1MU3LpWV--ELMf-lLdl4ZToFxw==
via: 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:57:13 GMT
age: 32290
etag: "1b24dd3abd50d37ef919770c858328dc4f3187ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1657723319711-20BET_first_slots_315x300_NO.jpg
200 OK 120 kB URL HTTP/1.1 ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1657723319711-20BET_first_slots_315x300_NO.jpg
IP
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 315x300, components 3\012- data
Size 120 kB (120181 bytes)
Hash 991ca50fdb1ede747ae8cee749818f3d
8bcb224e353b2f0849cb566750b279112230d370
af488a3924fcf796fcb971f7eefc6ccc5a133a13b659f1f2f191046c54b32534
GET /creatives/k1qy286gxmd5g3dpr397nw5v/1657723319711-20BET_first_slots_315x300_NO.jpg HTTP/1.1
Host: ads.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adsnot.1javguru.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 09 Nov 2022 06:55:23 GMT
Content-Type: image/jpeg
Content-Length: 120181
Last-Modified: Wed, 13 Jul 2022 14:41:59 GMT
Connection: keep-alive
ETag: "62ced9b7-1d575"
Accept-Ranges: bytes
javgg.net/cdn-cgi/rum?
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 592
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/jav/stars-178-uncensored-leak/
Cookie: __cf_bm=dyqEQf5OZaR9wEgOwFKGSi.0aDwp5UZGt.3KxUxaSFM-1667976922-0-Ac52Q1G1US4kd9NizHMu6gRlIp6j3EVWncEOR56qA1jlkmkbBfVTkIh+K7Zyi1nXlDiwpbO8T8z1/P5EnsTaX+cL3AeodhuYgqjD0X8eEwke4SkSCsQh1PT/fmZHP3QjOWJIFubFDS0jf7aqfR1ciq2x1BTjd9Kplf58es60ur/O6bNwVdW+FiApGte9q3n+2a+lLoukeZnk2nbBhUcql0ouxzA93uS941ptkXp0q44e; zone-cap-4509720=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Wed, 09 Nov 2022 06:55:29 GMT
access-control-allow-origin: https://javgg.net
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7674a4a43c33b51e-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
lkpmprksau.com/get/1859604?zoneid=1859604&jp=_clgukpsadios0bskxhbfni&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=7709136906511547
200 OK 0 B URL HTTP/2 lkpmprksau.com/get/1859604?zoneid=1859604&jp=_clgukpsadios0bskxhbfni&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=7709136906511547
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1859604?zoneid=1859604&jp=_clgukpsadios0bskxhbfni&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=7709136906511547 HTTP/1.1
Host: lkpmprksau.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wtfdontblock.theporndudes.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=22110901550b1f36c04d0245b98da5a66cca; Path=/; Expires=Thu, 09 Nov 2023 06:55:22 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/images/close-icon.svg
200 OK 0 B URL HTTP/2 s3t3d2y8.afcdn.net/images/close-icon.svg
IP
ASN #60068 Datacamp Limited
GET /images/close-icon.svg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: image/svg+xml
last-modified: Wed, 29 Jun 2022 13:13:10 GMT
etag: W/"62bc4fe6-109"
expires: Fri, 30 Jun 2023 18:46:40 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195204
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCRSVp8T/1rGsAA
x-77-nzt-ray: ffffffffe92b8e1ada4e6b63ea459833
x-cache: HIT
x-age: 11317718
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
images.javgg.net/wp-content/themes/javggnet/assets/css/front.mobile.min.css
200 OK 0 B URL HTTP/2 images.javgg.net/wp-content/themes/javggnet/assets/css/front.mobile.min.css
IP
GET /wp-content/themes/javggnet/assets/css/front.mobile.min.css HTTP/1.1
Host: images.javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 14:44:38 GMT
vary: Accept-Encoding
etag: W/"62ea89d6-23d9"
expires: Wed, 09 Nov 2022 01:53:29 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 61290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WtQ9COJW9aieVVNm9M52sHbWwMHLXsnkxPfHGX%2BPDYwf9PcIAFKVFCGdnjkqpQQwzyq1VBDlTPqih7HfKm5fzBOp8nhXvDAwqThnsvrrKsywJpQIKH4TuVCqLljEAsC1rs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7674a46d5977b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
images.javgg.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
200 OK 0 B URL HTTP/2 images.javgg.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
IP
GET /wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js HTTP/1.1
Host: images.javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 17:55:46 GMT
vary: Accept-Encoding
etag: W/"63600c22-2063"
expires: Wed, 09 Nov 2022 01:53:29 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 61289
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2aIobBxKjg%2FdLZPpJQ2WZQGk%2FXvYvsDabQWmpzXn%2FlndVbI38jiAZFm8fKoGO9QpdYQpxQi94lCtHLhjJK6V9ErP9i5uJH7HtV44EYy%2B9IV2EDV4a2L4k8fmTlu6r3HfUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7674a46d597db51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
javgg.net/wp-content/themes/javggnet/assets/fontawesome/css/all.min.css
200 OK 0 B URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/fontawesome/css/all.min.css
IP
GET /wp-content/themes/javggnet/assets/fontawesome/css/all.min.css HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/stars-178-uncensored-leak/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: text/css
last-modified: Tue, 06 Oct 2020 00:20:54 GMT
vary: Accept-Encoding
etag: W/"5f7bb866-2a8fd"
expires: Thu, 08 Dec 2022 13:53:28 GMT
cache-control: max-age=2678400
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 61290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0coTcVmiHskd31dUDrvsl2RlzldM%2BVeF%2BaYhAz4JcDH9KiLd4aVfJbun%2B60mllnc7EB5T8yyT4qj9KEny4JOUfoV%2BFrA%2FrPcERPe3rH9niU6oTlKZ63Sw%2Bfkew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7674a46d5972b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
notads.111javguru.xyz/6J8hfA6.js
200 OK 0 B URL HTTP/2 notads.111javguru.xyz/6J8hfA6.js
IP
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Malware
GET /6J8hfA6.js HTTP/1.1
Host: notads.111javguru.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: application/javascript
last-modified: Sat, 22 Oct 2022 11:28:35 GMT
etag: W/"6353d3e3-17738"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
vary: Accept-Encoding, Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ce3c66cc97e84e18b943362365d9ba66.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: mYoRspC6G3lI4Fj8iUwDS9OlKJoZKrmlv59vufxOzcvdwDHCJP9J3Q==
age: 6116
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
adsnot.1javguru.xyz/api/spots/406237?p=1&s1=%beforeplayer2%&kw=beforeplayer2
200 OK 0 B URL HTTP/2 adsnot.1javguru.xyz/api/spots/406237?p=1&s1=%beforeplayer2%&kw=beforeplayer2
IP
ASN #24940 Hetzner Online GmbH
GET /api/spots/406237?p=1&s1=%beforeplayer2%&kw=beforeplayer2 HTTP/1.1
Host: adsnot.1javguru.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: nauid=D7TB2sAdvwJoctboQL9w; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
adsnot.1javguru.xyz/8YE7Uw5.js
200 OK 0 B URL HTTP/2 adsnot.1javguru.xyz/8YE7Uw5.js
IP
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Malware
GET /8YE7Uw5.js HTTP/1.1
Host: adsnot.1javguru.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: application/javascript
last-modified: Sat, 22 Oct 2022 11:28:35 GMT
etag: W/"6353d3e3-1cfaf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
vary: Accept-Encoding, Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a1883601a786b7317faec0d94ef154f2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: UOBwy5S1BG5t382vTFq311UdgXMl6krQUlpfqqjWnEhYGFtFHY4Ekw==
age: 7853
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
javgg.net/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1667966400
200 OK 0 B URL HTTP/2 javgg.net/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1667966400
IP
GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1667966400 HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-control-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BDaUz2ocyRZo%2FQGGIism0ZLFfAgVi4MwQ%2FJHDYMc%2BFg0x5TZNvDSj%2FoYoK%2FNQdQHYBSsSIpooZEkaTk5zNv2ZXISpepkPg4Vx2i624hE5I1s7AaEkwNf8P0lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7674a4701b92b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.realsrv.com/ad-provider.js
200 OK 0 B URL HTTP/2 a.realsrv.com/ad-provider.js
IP
ASN #60068 Datacamp Limited
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adsnot.1javguru.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: application/javascript
etag: W/"3c960414da5e6bf57e085f6ce76"
expires: Tue, 08 Nov 2022 17:29:01 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1667982556
server: CDN77-Turbo
x-77-nzt: AblMCRSMIav/LRQAAA
x-77-nzt-ray: ffffffff562e3510d94e6b633e006a32
x-cache: HIT
x-age: 5165
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
lkpmprksau.com/get/1859604?zoneid=1859604&jp=_clkrxqmkt47hfqu8fsqhm5&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=390787512069654
200 OK 0 B URL HTTP/2 lkpmprksau.com/get/1859604?zoneid=1859604&jp=_clkrxqmkt47hfqu8fsqhm5&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=390787512069654
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1859604?zoneid=1859604&jp=_clkrxqmkt47hfqu8fsqhm5&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=390787512069654 HTTP/1.1
Host: lkpmprksau.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wtfdontblock.theporndudes.xyz/
Cookie: UID=22110901550b1f36c04d0245b98da5a66cca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
javgg.net/wp-admin/admin-ajax.php
403 Forbidden 0 B URL HTTP/2 javgg.net/wp-admin/admin-ajax.php
IP
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 40
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/jav/stars-178-uncensored-leak/
Cookie: __cf_bm=dyqEQf5OZaR9wEgOwFKGSi.0aDwp5UZGt.3KxUxaSFM-1667976922-0-Ac52Q1G1US4kd9NizHMu6gRlIp6j3EVWncEOR56qA1jlkmkbBfVTkIh+K7Zyi1nXlDiwpbO8T8z1/P5EnsTaX+cL3AeodhuYgqjD0X8eEwke4SkSCsQh1PT/fmZHP3QjOWJIFubFDS0jf7aqfR1ciq2x1BTjd9Kplf58es60ur/O6bNwVdW+FiApGte9q3n+2a+lLoukeZnk2nbBhUcql0ouxzA93uS941ptkXp0q44e; zone-cap-4509720=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
date: Wed, 09 Nov 2022 06:55:24 GMT
content-type: text/html; charset=UTF-8
referrer-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options: SAMEORIGIN
server-timing: cf-q-config;dur=5.9999993027304e-06
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jhtDU3s2NKmRLsDgA7k1DFgltHhbKyybSnH5J8EK97jAK%2FEsvu4oeZuIxL8ohYckr3WMlAvQ9z0YXw3hBL5O7cmdppRPJPhm2a1EPX4mhFpQTCpuMbcJJB2AA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7674a4817c37b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
javgg.net/cdn-cgi/apps/head/M89UaTsofQaKWze2ZVBaZiwO3NQ.js
200 OK 0 B URL HTTP/2 javgg.net/cdn-cgi/apps/head/M89UaTsofQaKWze2ZVBaZiwO3NQ.js
IP
GET /cdn-cgi/apps/head/M89UaTsofQaKWze2ZVBaZiwO3NQ.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/stars-178-uncensored-leak/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: mVKu+8/Ensob62rwz8kXhqHuPv0Y9zy/6tYHU/EXuBYe5+GfGcBZtjsDfZH7OlrLiH9mQw48imI=
x-amz-request-id: 6VE2PSYESFCB5N5Q
cache-control: public, max-age=31536000
last-modified: Wed, 19 Jan 2022 02:19:33 GMT
x-amz-version-id: b9Jcnbr4wAr9_Jsm1r9ZeESWLjJKy_fS
etag: W/"6c2479e3ae0f0938b49e2141f0b68b01"
cf-cache-status: HIT
age: 61290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bw2CVrE1JMVzBlPP1Rkci88gfO7uBi7MZ8WZmTvQO0k48ApZSCwBReEwO2juhL3usWYMSYPrOg7mMnp6Y7D0M9v0LYAtO6FZzsiE3fj75YZ8TsctcMQ%2F0NKJoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7674a46d3962b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
wtfdontblock.theporndudes.xyz/api/spots/338183?p=1&s1=%afterplayer1%&kw=
200 OK 0 B URL HTTP/2 wtfdontblock.theporndudes.xyz/api/spots/338183?p=1&s1=%afterplayer1%&kw=
IP
ASN #24940 Hetzner Online GmbH
GET /api/spots/338183?p=1&s1=%afterplayer1%&kw= HTTP/1.1
Host: wtfdontblock.theporndudes.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: nauid=IZT8YajaXxD6rCEfJyWO; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
javgg.net/cdn-cgi/apps/body/AB9f-K672Ygo6-QjbJbi_OuWbG8.js
200 OK 0 B URL HTTP/2 javgg.net/cdn-cgi/apps/body/AB9f-K672Ygo6-QjbJbi_OuWbG8.js
IP
GET /cdn-cgi/apps/body/AB9f-K672Ygo6-QjbJbi_OuWbG8.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/stars-178-uncensored-leak/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: NkAjLW+TwID+kGmhHNhfa/3GMt2NDb9OGa/k6IM5EqtSEqndvQRyR76Zslgf+BXDz30ly282Auc=
x-amz-request-id: MA7Q740WSZVX3QQ6
cache-control: public, max-age=31536000
last-modified: Wed, 19 Jan 2022 02:19:33 GMT
x-amz-version-id: JF9JigjF.JPHnrWL2uUG45Fs2iE8y2mk
etag: W/"f86815421a4a198c78096bffd3310ab5"
cf-cache-status: HIT
age: 61289
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oY9qLBbweO%2FK3NsnuzjyuieEyzypKHJjGwh70TWOPfMoo%2FtGa%2BjBaJEuMCHPsvzkLfLcRMsD%2FE0trm3njFdch70uK%2FmQtE4BN6A%2BseaoKDduUTq7WzIQv63eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7674a46dd9c1b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700&display=swap
IP
GET /css?family=Roboto%3A300%2C400%2C500%2C700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 09 Nov 2022 06:55:21 GMT
date: Wed, 09 Nov 2022 06:55:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7674a46e38a71c02-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
adsnot.1javguru.xyz/api/spots/310148?host=javgg.net&ev=197&wh=939&ww=1280&uuid=&s1=%25subid1%25
200 OK 0 B URL HTTP/2 adsnot.1javguru.xyz/api/spots/310148?host=javgg.net&ev=197&wh=939&ww=1280&uuid=&s1=%25subid1%25
IP
ASN #24940 Hetzner Online GmbH
GET /api/spots/310148?host=javgg.net&ev=197&wh=939&ww=1280&uuid=&s1=%25subid1%25 HTTP/1.1
Host: adsnot.1javguru.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: nauid=D7TB2sAdvwJoctboQL9w
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 06:55:22 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
lkpmprksau.com/lv/esnk/1859604/code.js
200 OK 0 B URL HTTP/2 lkpmprksau.com/lv/esnk/1859604/code.js
IP
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /lv/esnk/1859604/code.js HTTP/1.1
Host: lkpmprksau.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wtfdontblock.theporndudes.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 06:55:21 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 10:03:16 GMT
vary: Accept-Encoding
etag: W/"6368d7e4-1a73f"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
172.67.72.132
135.181.208.216
104.18.59.150
185.76.9.21
142.132.194.196
62.122.171.6
88.214.195.156
23.36.76.226
103.254.145.161