Overview

URLworldwardmobi.com/venus/USAA/USAA/USAA/login.php
IP 185.107.56.197 (Netherlands)
ASN#43350 NForce Entertainment B.V.
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-03 01:55:30 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (15)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (8) 344 No data No data 23.36.77.32
dipaka-ead.com (3) 0 2022-10-31 13:23:43 UTC 2022-12-02 04:48:07 UTC 3.212.50.125 Unknown ranking
ocsp.pki.goog (4) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.165
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-02 17:12:21 UTC 34.117.237.239
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.42.74.230
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-12-02 23:08:34 UTC 142.250.74.106
worldwardmobi.com (3) 0 2019-08-13 01:25:49 UTC 2022-12-01 13:44:23 UTC 37.48.65.155 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-02 17:27:45 UTC 34.102.187.140
ayxvy.voluumtrk.com (1) 0 2022-07-19 08:09:53 UTC 2022-12-02 01:28:51 UTC 35.156.91.109 Domain (voluumtrk.com) ranked at: 255264
adult-games.life (10) 0 2022-06-15 14:17:22 UTC 2022-12-02 01:28:51 UTC 194.87.208.13 Unknown ranking
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-12-02 19:44:49 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-03 2 worldwardmobi.com/venus/USAA/USAA/USAA/login.php Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 185.107.56.197
Date UQ / IDS / BL URL IP
2023-01-29 18:43:26 +0000 0 - 0 - 1 tleynsc.wy5532.com/ 185.107.56.197
2023-01-29 18:42:13 +0000 0 - 2 - 6 lkljk.dbd2.ds.wy5532.com/ 185.107.56.197
2023-01-29 18:20:13 +0000 0 - 0 - 3 zcvbnnn.7b485.wd.wy5532.com/ 185.107.56.197
2023-01-29 18:13:12 +0000 0 - 0 - 3 8d56f.pfedcc.wy5532.com/ 185.107.56.197
2023-01-29 18:12:05 +0000 0 - 0 - 3 mjurr.672de.ug.wy5532.com/ 185.107.56.197


Last 5 reports on ASN: NForce Entertainment B.V.
Date UQ / IDS / BL URL IP
2023-01-31 02:15:45 +0000 0 - 0 - 0 shop.interphonestore.com 185.107.56.52
2023-01-31 01:53:18 +0000 0 - 0 - 0 shop.interphonestore.com/eshopdo/refer/cid60s (...) 185.107.56.193
2023-01-30 23:41:13 +0000 0 - 0 - 3 edcvr25789.by.wy5532.com/ 185.107.56.199
2023-01-30 23:36:36 +0000 0 - 0 - 3 higxczz.wy5532.com/ 185.107.56.199
2023-01-30 22:16:13 +0000 0 - 0 - 2 www.sympation.com/api/downloaddistriberror/31 (...) 185.107.56.59


Last 5 reports on domain: worldwardmobi.com
Date UQ / IDS / BL URL IP
2023-01-27 01:16:06 +0000 0 - 0 - 1 worldwardmobi.com/pawcheck/resources/USAA/USA (...) 185.107.56.200
2023-01-22 05:46:00 +0000 0 - 0 - 1 worldwardmobi.com/verification/USAA/USAA/USAA (...) 81.171.22.7
2023-01-01 02:09:42 +0000 0 - 0 - 3 worldwardmobi.com/pawcheck/config/sew/USAA/US (...) 81.171.22.5
2023-01-01 01:43:14 +0000 0 - 0 - 1 worldwardmobi.com/test/menber/USAA/USAA/USAA/ (...) 185.107.56.197
2022-12-31 01:35:23 +0000 0 - 0 - 1 worldwardmobi.com/fuxxzies/USAA/USAA/USAA/log (...) 37.48.65.153


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-04 00:20:27 +0000 0 - 2 - 10 deoseasr.org/dau/news/news/news/1441773103-DE (...) 67.227.226.240
2022-12-30 05:58:57 +0000 0 - 2 - 11 iuyuyt.a1d2.lf.wy5532.com/ 37.48.65.155
2022-12-26 08:56:27 +0000 0 - 2 - 14 mzrtwmw.wy5532.com/ 162.210.196.166
2022-12-22 07:12:16 +0000 0 - 2 - 13 rp.seroteforoh.com/?pcrc=302803949&v=2.0 77.247.179.89
2022-12-21 01:47:41 +0000 0 - 2 - 10 vervetichealthcare.com/heisa2/109e2 67.227.226.240

JavaScript

Executed Scripts (9)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (46)


Request Response
                                        
                                            GET /venus/USAA/USAA/USAA/login.php HTTP/1.1 
Host: worldwardmobi.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         37.48.65.155
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 508
date: Sat, 03 Dec 2022 01:55:17 GMT
server: nginx
set-cookie: sid=899c87e8-72ad-11ed-9943-f0549a02791b; path=/; domain=.worldwardmobi.com; expires=Thu, 21 Dec 2090 05:09:25 GMT; max-age=2147483647; HttpOnly


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (508), with no line terminators
Size:   508
Md5:    c7f24544acc80a34f6e5b7127eabe6ae
Sha1:   e15e8bd09c193edd9cceedddd9be3e337f5b0aa7
Sha256: 2d279e462449ff7e3c8316e764961fde62e889986c7d50d2d4214386763993f4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13999
Expires: Sat, 03 Dec 2022 05:48:37 GMT
Date: Sat, 03 Dec 2022 01:55:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8889
Expires: Sat, 03 Dec 2022 04:23:27 GMT
Date: Sat, 03 Dec 2022 01:55:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6200
Cache-Control: max-age=123557
Date: Sat, 03 Dec 2022 01:55:18 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 12:14:35 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: ziINRymtRkLcMo2hL0WdavfdHZPiIP5mYmXX7Y3Ky3EktkGvwKibh//3X1kNw4b/5DxdzZZAZys=
x-amz-request-id: RCD411TZ03ZXAQ3H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 01:46:56 GMT
age: 502
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 01:19:57 GMT
cache-control: public,max-age=3600
age: 2121
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 03 Dec 2022 01:55:18 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: worldwardmobi.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://worldwardmobi.com/venus/USAA/USAA/USAA/login.php
Cookie: sid=899c87e8-72ad-11ed-9943-f0549a02791b

search
                                         37.48.65.155
HTTP/1.1 404 Not Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Sat, 03 Dec 2022 01:55:17 GMT
server: nginx


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   9
Md5:    d8f4a1993546cc4b850cde3599e27aec
Sha1:   094b763b4cfcc0b05e5d040581cd513c3ca08067
Sha256: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 01:08:58 GMT
cache-control: public,max-age=3600
age: 2780
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6180
Cache-Control: max-age=118475
Date: Sat, 03 Dec 2022 01:55:19 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:49:54 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /venus/USAA/USAA/USAA/login.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDAzOTcxOCwiaWF0IjoxNjcwMDMyNTE4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21pYmVoMzlrMGx2a2ZvZmcxOTIwZzciLCJuYmYiOjE2NzAwMzI1MTgsInRzIjoxNjcwMDMyNTE4MjEwNTYwfQ.pMbeK8LOGEyUtRJenM8fvPGGFbYEmT4BUCJcSLvyrMY&sid=899c87e8-72ad-11ed-9943-f0549a02791b HTTP/1.1 
Host: worldwardmobi.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://worldwardmobi.com/venus/USAA/USAA/USAA/login.php
Cookie: sid=899c87e8-72ad-11ed-9943-f0549a02791b
Upgrade-Insecure-Requests: 1

search
                                         37.48.65.155
HTTP/1.1 302 Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sat, 03 Dec 2022 01:55:18 GMT
location: http://dipaka-ead.com/zcvisitor/89de4f78-72ad-11ed-bb25-1299b7cff5e5/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=251929d0-54c5-11ed-8dac-0a918cbcbb97
server: nginx
set-cookie: sid=899c87e8-72ad-11ed-9943-f0549a02791b; path=/; domain=.worldwardmobi.com; expires=Thu, 21 Dec 2090 05:09:26 GMT; max-age=2147483647; HttpOnly


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   11
Md5:    32682312d17c7cbf18e73594f5570319
Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
                                        
                                            GET /zcvisitor/89de4f78-72ad-11ed-bb25-1299b7cff5e5/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=251929d0-54c5-11ed-8dac-0a918cbcbb97 HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://worldwardmobi.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         3.212.50.125
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Sat, 03 Dec 2022 01:55:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: KysJquQJ


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1100
Md5:    54507c41c66e7d8e60ef84c059cbff50
Sha1:   123909763cd3cfc894754045d237a983bc2d5544
Sha256: 9fc7b575ff60a753e7844aba2613d5c029a7b0a3ba19827a898f1b8b47556072
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 76Y1iiYkY+R7+2PZdYlKfQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.42.74.230
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Xhouk0Stedda5iT0JZFf7chepnE=

                                        
                                            GET /zcredirect?visitid=89de4f78-72ad-11ed-bb25-1299b7cff5e5&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcvisitor/89de4f78-72ad-11ed-bb25-1299b7cff5e5/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=251929d0-54c5-11ed-8dac-0a918cbcbb97
Upgrade-Insecure-Requests: 1

search
                                         3.212.50.125
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Sat, 03 Dec 2022 01:55:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: IDRIzCSL


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (307)
Size:   700
Md5:    56ce65e4163ce334a289511e695f6d30
Sha1:   c937dd81aa1ff8b9309ce6288edd4998f59b9906
Sha256: de12fe8bae28373384b77585d68f4512a739c9366294aa39cb6a64bcaad45ca0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 03 Dec 2022 01:55:19 GMT
Last-Modified: Sat, 03 Dec 2022 01:49:04 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FAIYIb_TTHtSnRpecxWNKYhvjxULK0dsbZNAkNkpV4Ka2v-jtYE7RQ==
Age: 375

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcredirect?visitid=89de4f78-72ad-11ed-bb25-1299b7cff5e5&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

search
                                         3.212.50.125
HTTP/1.1 404
Content-Type: text/html;charset=utf-8
                                        
Date: Sat, 03 Dec 2022 01:55:19 GMT
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: wJyVbKFK


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size:   653
Md5:    ba2732b1b2fa2626ffaa15f62f9e7d66
Sha1:   203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
                                        
                                            GET /zp-redirect?target=https%3A%2F%2Fadult-games.life%2F%3Fu%3Dxunwwwr%26o%3Db02p0ze%26cid%3Dwugatfqmn8u589tk2srv6v72&caid=9fc442a1-e878-4941-915c-9cdbcb4c3a14&zpid=89de4f78-72ad-11ed-bb25-1299b7cff5e5&cid=wugatfqmn8u589tk2srv6v72&rt=R HTTP/1.1 
Host: ayxvy.voluumtrk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dipaka-ead.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         35.156.91.109
HTTP/2 302 Found
                                        
date: Sat, 03 Dec 2022 01:55:19 GMT
content-length: 0
location: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wugatfqmn8u589tk2srv6v72
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: voluum-cid-v4=%7B%22cid%22%3A%22wugatfqmn8u589tk2srv6v72%22%2C%22caid%22%3A%229fc442a1-e878-4941-915c-9cdbcb4c3a14%22%7D; Max-Age=31536000; Expires=Sun, 03-Dec-2023 01:55:19 GMT; Domain=ayxvy.voluumtrk.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4F0F3A8D760BE780B1785924A769FB973AEBCD442F29ABB0F4C58ED3EAA540BE"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12587
Expires: Sat, 03 Dec 2022 05:25:07 GMT
Date: Sat, 03 Dec 2022 01:55:20 GMT
Connection: keep-alive

                                        
                                            GET /?u=xunwwwr&o=b02p0ze&cid=wugatfqmn8u589tk2srv6v72 HTTP/1.1 
Host: adult-games.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dipaka-ead.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         194.87.208.13
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Sat, 03 Dec 2022 01:55:20 GMT
Content-Length: 4682
Connection: keep-alive
set-cookie: sid=t1~ihagcoyqpkwpnxffnps2c0bw; path=/
cache-control: private, no-transform


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (531), with CRLF line terminators
Size:   4682
Md5:    a596884d6cfec9c6c2b5ae08f4c274fe
Sha1:   364bdb7cec2c71fb5d11eb6941e5f566bfbfa35d
Sha256: 3e137286454613ca9faa54683b087943a592820079aac3f52490b5320f344090
                                        
                                            GET /media/adult-games/anime/css/style.css HTTP/1.1 
Host: adult-games.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wugatfqmn8u589tk2srv6v72
Cookie: sid=t1~ihagcoyqpkwpnxffnps2c0bw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.13
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sat, 03 Dec 2022 01:55:20 GMT
Content-Length: 7686
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "8c61742acaf718f59d670b313b7eeadb"
Last-Modified: Wed, 31 Aug 2022 09:32:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D24E869CC3DB5
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 03 Dec 2023 01:55:20 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (498), with CRLF line terminators
Size:   7686
Md5:    8c61742acaf718f59d670b313b7eeadb
Sha1:   4eabde09f46fa07a0add081254471a7297fc40b0
Sha256: bb7143d7b98972cfdfbd57f2e15a23377a87a94619a713c79d5fa3b9795f7fa5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Dec 2022 01:55:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cookie/js.cookie14.js HTTP/1.1 
Host: adult-games.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wugatfqmn8u589tk2srv6v72
Cookie: sid=t1~ihagcoyqpkwpnxffnps2c0bw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.13
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sat, 03 Dec 2022 01:55:20 GMT
Content-Length: 4132
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "1db175e4bfc69fb748a1133be837df3a"
Last-Modified: Wed, 31 Aug 2022 09:31:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D25A2E1C2D600
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 03 Dec 2023 01:55:20 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (1709), with CRLF line terminators
Size:   4132
Md5:    1db175e4bfc69fb748a1133be837df3a
Sha1:   438fb8aa10a650dcca4311cbad1340a10a7751b7
Sha256: 5805ab67adcb8c0420cba70ca8c75edc82ba6af03cfe7eff2a9f65ce95241ee7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Dec 2022 01:55:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /media/adult-games/anime/js/main.js HTTP/1.1 
Host: adult-games.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wugatfqmn8u589tk2srv6v72
Cookie: sid=t1~ihagcoyqpkwpnxffnps2c0bw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.13
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sat, 03 Dec 2022 01:55:20 GMT
Content-Length: 281
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "794ca8800647447c210914e7a8aabaad"
Last-Modified: Wed, 31 Aug 2022 09:32:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D256B272F2F3A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 03 Dec 2023 01:55:20 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   281
Md5:    794ca8800647447c210914e7a8aabaad
Sha1:   622859ac8c9e6b91df688598bdcb6d66cdf143e9
Sha256: fd09f4099f8d32f10c4ebe71089ffded17c5dacf7aaa31a96f35b36d6410d975
                                        
                                            GET /util/utils.js HTTP/1.1 
Host: adult-games.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wugatfqmn8u589tk2srv6v72
Cookie: sid=t1~ihagcoyqpkwpnxffnps2c0bw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.13
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sat, 03 Dec 2022 01:55:20 GMT
Content-Length: 7512
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "01816d15ca03032751161a746e2fb7c3"
Last-Modified: Wed, 31 Aug 2022 09:38:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D244AE3B31654
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 03 Dec 2023 01:55:20 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (641), with CRLF line terminators
Size:   7512
Md5:    01816d15ca03032751161a746e2fb7c3
Sha1:   dcc72ea5fa1356490ba473288159df9786b4a3c3
Sha256: 8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea
                                        
                                            GET /media/bbag.js HTTP/1.1 
Host: adult-games.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wugatfqmn8u589tk2srv6v72
Cookie: sid=t1~ihagcoyqpkwpnxffnps2c0bw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.13
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sat, 03 Dec 2022 01:55:20 GMT
Content-Length: 1132
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "d5c49a896c44f3275333d95fb87e560a"
Last-Modified: Wed, 31 Aug 2022 09:32:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D242774331BC6
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 03 Dec 2023 01:55:20 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1132
Md5:    d5c49a896c44f3275333d95fb87e560a
Sha1:   12facada7ce68f6008df5cfbcff1c8cf7156b766
Sha256: 4f2ae318d39611ff8511b96bccb64f0ca07f0707eeefbfa1127d99a4fe560187
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Dec 2022 01:55:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://adult-games.life
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:11:08 GMT
expires: Wed, 29 Nov 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 290652
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size:   23580
Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab
Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c
Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
                                        
                                            GET /media/adult-games/anime/js/jquery-2.2.4.min.js HTTP/1.1 
Host: adult-games.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wugatfqmn8u589tk2srv6v72
Cookie: sid=t1~ihagcoyqpkwpnxffnps2c0bw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.13
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sat, 03 Dec 2022 01:55:20 GMT
Content-Length: 85578
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "2f6b11a7e914718e0290410e85366fe9"
Last-Modified: Wed, 31 Aug 2022 09:32:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D2513D7FADBC3
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 03 Dec 2023 01:55:20 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   85578
Md5:    2f6b11a7e914718e0290410e85366fe9
Sha1:   69bb69e25ca7d5ef0935317584e6153f3fd9a88c
Sha256: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 03 Dec 2022 01:55:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /media/adult-games/anime/images/1.jpg HTTP/1.1 
Host: adult-games.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/media/adult-games/anime/css/style.css
Cookie: sid=t1~ihagcoyqpkwpnxffnps2c0bw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.13
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Sat, 03 Dec 2022 01:55:20 GMT
Content-Length: 225453
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "34db7daec1de96a90f2f68d89b14c8ec"
Last-Modified: Wed, 31 Aug 2022 09:32:27 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D2581D62378D7
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 03 Dec 2023 01:55:20 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1206, components 3\012- data
Size:   225453
Md5:    34db7daec1de96a90f2f68d89b14c8ec
Sha1:   ef47041ddda81a2b181fb3cfa340362ffccb25de
Sha256: 426fb1ff6fc5bfa64649547baa7bcdf2abbd703658abae7c987260c39b3bc461
                                        
                                            GET /media/adult-games/anime/images/radar.gif HTTP/1.1 
Host: adult-games.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wugatfqmn8u589tk2srv6v72
Cookie: sid=t1~ihagcoyqpkwpnxffnps2c0bw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.13
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Sat, 03 Dec 2022 01:55:20 GMT
Content-Length: 617903
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "38466228b023bf450af4bd6cc0e48e70"
Last-Modified: Wed, 31 Aug 2022 09:32:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D251403525085
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sun, 03 Dec 2023 01:55:20 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 275 x 275\012- data
Size:   617903
Md5:    38466228b023bf450af4bd6cc0e48e70
Sha1:   64427a0f20032173333eee9f33959ad54a544893
Sha256: f05b634a3a3656f82e989aefed6e788f50b2d86498102a14c636119dc045b70e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3216
Expires: Sat, 03 Dec 2022 02:48:56 GMT
Date: Sat, 03 Dec 2022 01:55:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3216
Expires: Sat, 03 Dec 2022 02:48:56 GMT
Date: Sat, 03 Dec 2022 01:55:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3216
Expires: Sat, 03 Dec 2022 02:48:56 GMT
Date: Sat, 03 Dec 2022 01:55:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3216
Expires: Sat, 03 Dec 2022 02:48:56 GMT
Date: Sat, 03 Dec 2022 01:55:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3216
Expires: Sat, 03 Dec 2022 02:48:56 GMT
Date: Sat, 03 Dec 2022 01:55:20 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4309
x-amzn-requestid: c824c317-e6e3-4006-9f9d-ea54e8170a4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cf2_tGErIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63896b97-7fc523296afea4dd4b5d1de8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 03:05:59 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bd85z5A6C0nxpDjeSEPp1NHJxXFO5sy1OgTLz7KpdWz61TNrfyQ47Q==
via: 1.1 40b967aa4aa18637c4b91214147f3cb4.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 03:46:23 GMT
age: 79737
etag: "544428cdad754b1bb7be3cd46a79bf078fd5b450"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4309
Md5:    fcb89ca25035b2bbb71ae5dd175fcd40
Sha1:   544428cdad754b1bb7be3cd46a79bf078fd5b450
Sha256: 36dcbbe6cd2710ee502776b4bcf32053e92b750a55e2bd4cdeadbc694c7c2699
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe321741e-701a-4c35-a3b4-01889e468ed0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6868
x-amzn-requestid: 84f9565b-baa2-4754-942d-4488aad20bc0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSasAGGtIAMF8wg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63840b19-1b1a482058019d3e6ba92397;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 01:12:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2JXURqM_HC8n2XB5QzxQHF5bcWvWKiTD8A8dvvDMQImU3wEXkT2NuQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 04:15:50 GMT
age: 77970
etag: "f597f539d07205d1268eac93c19997bb01fd6f1a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6868
Md5:    e55f401389ff256d779f2e4d12698e2d
Sha1:   f597f539d07205d1268eac93c19997bb01fd6f1a
Sha256: 6265e019379e94234526e09c206ac23aa8cda06cf2f7a4f9d8f180cede3c89b4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PIC-TIeTFK_Y2AiqowYT4_8tMuzIKO23lAwx18fYepTf4PIWkmLqkQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 05:20:15 GMT
age: 74105
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4803
Md5:    cc0a257323f882caff067adb86d906e4
Sha1:   cedf2f21be7cd366bd46055b62b5513db3011dfc
Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c64ab72-bcba-40fb-b912-d1f41e6b381a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8228
x-amzn-requestid: 95b57dd6-7134-44a4-a810-bbfefdd079bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQrkG7_IAMFfWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7e3-1bd671cc2d2c8d3b10a55d3f;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yVaBR3px4XZFrr_gLtqfkO3acyIeMYAvIBMkCh5O17dvzTC1TKsRMA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 05:22:26 GMT
age: 73974
etag: "d4bc237ce074da3269ddd70affee2ce2f83081eb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8228
Md5:    a03ff222aa12639f1fa939056c19c9fc
Sha1:   d4bc237ce074da3269ddd70affee2ce2f83081eb
Sha256: b374a38bd3adf7f66ed1c8c1153c96e07d7d0fa37179ea3e38899d863bbdacb9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GBhAilKMKo9RvIzqzF9V4jTZbvpa2rPZeoy6Jy8fMc1-JO078OAYzQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 11:13:09 GMT
age: 52931
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5354
Md5:    1e74254b3fdce7d6b84a71a7aff43789
Sha1:   65c8b4abf957f9b54d99d0f78559e639adb29efb
Sha256: f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10877
x-amzn-requestid: bebc4f7f-7349-4973-99f5-d6c3b8a27072
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1G2uIAMFryg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-0637a1a946db78074bc19dc3;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wtaahzdJXnHSYwqIlHyqFy-LsdPl1Nh-CThm-x57bU3dUEgrfB1Gvw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:47 GMT
age: 15453
etag: "bb36d39c7adf764e8a7dcf7f91125001623975b4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10877
Md5:    dbee75c6c314655f738b57b828bef016
Sha1:   bb36d39c7adf764e8a7dcf7f91125001623975b4
Sha256: fd40949b9711db01be746d1723f78c2bb04d356063c6249b8b5ae1470532367a
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: adult-games.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/?u=xunwwwr&o=b02p0ze&cid=wugatfqmn8u589tk2srv6v72
Cookie: sid=t1~ihagcoyqpkwpnxffnps2c0bw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.13
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Sat, 03 Dec 2022 01:55:20 GMT
Connection: keep-alive
Cache-Control: no-transform

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6420910e-ce43-46a0-89dc-4495fcc90ae3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9527
x-amzn-requestid: 8bbc4492-b1b2-4aae-a09e-1d2c4453e642
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsg9GuBoAMFm2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6384279f-02732aee2d0807af5674481f;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:14:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dcKCmoJ72hMyef0pkKs84CIP5iqMRNoeJXGugNVfUyNeMQMTfOEoBw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 00:55:02 GMT
age: 3625
etag: "d316d825169d60dde81a3ee522dd004dfa97fa91"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9527
Md5:    e69659e6409f9caf1fe9cc67c9627353
Sha1:   d316d825169d60dde81a3ee522dd004dfa97fa91
Sha256: 88caacec3bbb78e83905b25b489aff9ae71cfed94835503c601daa15f8248d9c
                                        
                                            GET /css2?family=Lato&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adult-games.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 01:55:20 GMT
date: Sat, 03 Dec 2022 01:55:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---