www.amaporn.com/
172.67.191.97200 OK 12 kB IP 172.67.191.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6440)
Hash 1094c6d65952d19f26156ccc35f92cd3
1c58040541ac4b22c98f646d70f61aeeecae4505
0158d7a8bd4faa4c697374e0d6523e18ad53880e2b515fc00c8adbadb05296b1
GET / HTTP/1.1
Host: www.amaporn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:22:22 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.31
Set-Cookie: PHPSESSID=0b7edd0799001752860d0219c9817873; path=/; domain=.amaporn.com; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oErjfI0r%2B6G6hmQHyrkm0vV1KxUNE11R%2FBjy4KBBpHHG8%2FgEHeq7ZoiUK9Ie%2FVBPopNlkkPyB7azCgwM%2B0X8iXa4fw9c1bsR2pdmkVYgDu8GzKl%2BsCMmorvQoBcoAbhszU0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7540d61c09acfabc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
13.224.222.54200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 13.224.222.54:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 22:03:21 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e92192d46c302f80eb31c448bf9ad7d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: ONMyPUidkh3QPgu55SyDRBCYR7ZCsNl2nmhBRrO0PLNKoXTkzFM-Kw==
Age: 1141
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16860
Expires: Mon, 03 Oct 2022 03:03:22 GMT
Date: Sun, 02 Oct 2022 22:22:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
13.224.222.36200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 13.224.222.36:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 afc3b8b9cbf7cef6657816067537f46c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: CTFwADLDNpGOExO7UazLUAADxH6v5B-VyuY4ySoeBu5M0yQkklYjFw==
age: 67746
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 22:22:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.amaporn.com/contents/image_resizer/95f573991d9b92d9b650ae0e66baf80e.webp
172.67.191.97200 OK 4.0 kB URL HTTP/2 www.amaporn.com/contents/image_resizer/95f573991d9b92d9b650ae0e66baf80e.webp
IP 172.67.191.97:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 227x137, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8c40f76bbfe691b57cf41220ea6576bf
38010af51dc5be5bada8dee894167aadb0488c14
88c32f8a9e4c52f19447ea735b93c8fffeafc12d29a4615ae96e05b74d277d92
GET /contents/image_resizer/95f573991d9b92d9b650ae0e66baf80e.webp HTTP/1.1
Host: www.amaporn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:22 GMT
content-type: image/webp
content-length: 3980
last-modified: Mon, 26 Sep 2022 03:58:54 GMT
etag: "f8c-5e98c8bd6c98f"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 3297
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2go%2BmZT6SmKwfI0ivTc%2BnJOGuCw2ghrdJtbo8LcXyTgrcZiSbTHnI%2F%2FOcBxYAVCWTpglWGJQhFt3YdCXAtnxCnTMlrdsYQTK6oFBEykrDr5EZ3OIn4IyL%2FDv1NMDTLxdQdQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7540d61ec9640b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.amaporn.com/static/images/logo_amaporn_v2.png
172.67.191.97200 OK 26 kB URL HTTP/2 www.amaporn.com/static/images/logo_amaporn_v2.png
IP 172.67.191.97:0
File type PNG image data, 282 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 5cd873639d7da12fcb6d567645ee0a25
ed411202aeb297af80b577964f07459e1d849575
34002dc388a167eff61fd80b6e27170b4f482e6a61dd2909d40083f280977aee
GET /static/images/logo_amaporn_v2.png HTTP/1.1
Host: www.amaporn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:22 GMT
content-type: image/png
content-length: 26399
last-modified: Sat, 28 Nov 2020 13:44:00 GMT
etag: "5fc25420-671f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 1345899
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWqUMPqzmuCvE5UqcPFxw9v5O4DJIdFltgVdNTIOyZAh%2FQmQlWKD%2FtSP2xvkE2UvFXWB%2F9KLi9bopasaslV8tmYw%2BfnD5tPN8U1zFQo34UpdRz9XsbMns5wKgap6Xx4sTBI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7540d61ec9650b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.amaporn.com/contents/image_resizer/7c1fd8dc9640403fc4eecb4d4dc15d7d.webp
172.67.191.97200 OK 4.3 kB URL HTTP/2 www.amaporn.com/contents/image_resizer/7c1fd8dc9640403fc4eecb4d4dc15d7d.webp
IP 172.67.191.97:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 227x137, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9707b1b3a48b48cdd62e0c67606b4987
f187a3cff9843e0c3368da412e538e6ccdc18eef
e7a71af47662528db81e94f17471c0c2c737905383757e2d35b2699084e79089
GET /contents/image_resizer/7c1fd8dc9640403fc4eecb4d4dc15d7d.webp HTTP/1.1
Host: www.amaporn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:22 GMT
content-type: image/webp
content-length: 4326
last-modified: Wed, 28 Sep 2022 05:22:34 GMT
etag: "10e6-5e9b5f2bf6b77"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 3296
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=py1X%2Fuq0juMdCm8EwasHdb9cN8LDCDlAu138gdx93eH%2FzW1rUbD3b6FojbEUesXg%2Bpcw7Or%2FuLiMVwf4ouNg4U137MI6NtmadVl%2FCUo1okq%2BIN3oCiIoyUY58S1AA4xfHg8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7540d61ec9620b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.amaporn.com/contents/image_resizer/fadf2787886fe649181712ad3785999a.webp
172.67.191.97200 OK 4.8 kB URL HTTP/2 www.amaporn.com/contents/image_resizer/fadf2787886fe649181712ad3785999a.webp
IP 172.67.191.97:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 227x137, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 45df3c55b8450ea9f7d357cbfdb11bf9
c84ea1276c276cb0044746159602235cec93709a
c8da36da944a9f67a0f7f7de6fbe86c648fd4db2d454d3273aada50982e7d153
GET /contents/image_resizer/fadf2787886fe649181712ad3785999a.webp HTTP/1.1
Host: www.amaporn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:22 GMT
content-type: image/webp
content-length: 4794
last-modified: Sat, 01 Oct 2022 04:18:02 GMT
etag: "12ba-5e9f165811ced"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: HIT
age: 3296
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Geecuw36xP96B65uuuHrwUnRdjwgSGe5q3zEVn0RnT%2Fy77jyv7CQkQa1sJJq1yqOm6Ggjj89YEEov3RCw3fm7lzR0%2FIDjkNaN1ZEwyMJbsUCU67NGKuUV0M7Dco%2FPhpL2Dk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7540d61ed96d0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.amaporn.com/static/images/no-avatar.png
172.67.191.97200 OK 2.8 kB URL HTTP/1.1 www.amaporn.com/static/images/no-avatar.png
IP 172.67.191.97:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 2154a108d51cb68229592d7166ccf2f9
a574b5a0c6d51d528a6772e27f8a6c2797d2de21
e86c4a4ec58e390e7c6962df014ff70b7141260428c36bc52b4d8cecfe11df3e
GET /static/images/no-avatar.png HTTP/1.1
Host: www.amaporn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.amaporn.com/
Cookie: PHPSESSID=0b7edd0799001752860d0219c9817873
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:22:22 GMT
Content-Type: image/png
Content-Length: 2790
Connection: keep-alive
Last-Modified: Sat, 28 Nov 2020 13:44:00 GMT
ETag: "5fc25420-ae6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Age: 38921
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dY3hzFAXWg5rUs4KjUNoT%2BfA1H9fdHw21XmCg4aaweQenf2G5MxgfGrHR7RBOtuVTkR%2FIcvSFbcYpQeQA%2FwX0UQM%2BWeyFwgZjXkeUfE6nCM75jUAis1kpqrJfFpO5Usauwc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7540d61eebb3fabc-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-BG7DS6G0LW
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-BG7DS6G0LW
IP 142.250.74.168:0
File type ASCII text, with very long lines (21683)
Hash 32fc1467be8bb69830fdeb993e101edf
6785f014ccebdc52082afb9e082acf72724af7bf
6dcd9e753663b6424e58782e2b5c5e2cf496a210933ee6d2f6ec5fc91c50d35c
GET /gtag/js?id=G-BG7DS6G0LW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 22:22:22 GMT
expires: Sun, 02 Oct 2022 22:22:22 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75784
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b99d218e8f4a37b35a11d1f54d65069b
554a567eefd3dddec60bcd242af25a954919c270
7e0b8a95f812ee05545aa2881bf46312a71f446c744d8eaa24b053083337c628
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E0B8A95F812EE05545AA2881BF46312A71F446C744D8EAA24B053083337C628"
Last-Modified: Sat, 01 Oct 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5527
Expires: Sun, 02 Oct 2022 23:54:29 GMT
Date: Sun, 02 Oct 2022 22:22:22 GMT
Connection: keep-alive
www.amaporn.com/static/images/fonts/icomoon.woff?nddhpi2
172.67.191.97200 OK 16 kB URL HTTP/2 www.amaporn.com/static/images/fonts/icomoon.woff?nddhpi2
IP 172.67.191.97:0
File type Web Open Font Format, TrueType, length 16220, version 1.0\012- data
Hash a3019cade7c09ad9cc89122d580d40c4
a047669472a9214432dc73ea2ec232371c2c84b1
cdfb5606338ae3f0398ba1a77fb757543c7fd5e4e6734c46c2a7ff06c264cc24
GET /static/images/fonts/icomoon.woff?nddhpi2 HTTP/1.1
Host: www.amaporn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.amaporn.com
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:22 GMT
content-type: application/font-woff
content-length: 16220
last-modified: Sat, 28 Nov 2020 13:44:00 GMT
etag: "3f5c-5b52af830dcab"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yamz0cWilPT6N%2FpiqQLf%2BNb6bME4NxtG8fmGYoKZ1b9bf%2FNv3BgLrMjhJTO3LX3AGARQZCvonL1Tl8saj0uNvRfaQhq9%2FbggoojF5WhyFRqpCqxZfxkP1PjSX8NZYDf4pZI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7540d6200dc3b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.amaporn.com/player/skin/fonts/ktplayeryt.ttf?wqseia
172.67.191.97200 OK 1.3 kB URL HTTP/2 www.amaporn.com/player/skin/fonts/ktplayeryt.ttf?wqseia
IP 172.67.191.97:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, ktplayeryt \012- data
Hash 6b37c81124d10af84e62b4f637acafe6
1ffd2ff26aec33fce358854ba94b83c60d5d9b1b
286823a6c09d4986a1311ec643a6f516d654623d3f694a9747d761fb3c21db53
GET /player/skin/fonts/ktplayeryt.ttf?wqseia HTTP/1.1
Host: www.amaporn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.amaporn.com
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:22 GMT
content-type: application/font-sfnt
last-modified: Wed, 05 Jun 2019 06:54:12 GMT
etag: W/"8d8-58a8e1098ed00"
access-control-allow-origin: *
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ST%2BWtfmsfL6JWNp6EaRRUlg%2BaJe6t7LWpCmXMMdMSHzK6sn%2FurS5nDjypXiVSzj3yFcM4w345rdSp6eo49WJiMjAGzbg6qZpfyTsW5XfK0FHZpn40bnYZJqBhSDOQYKRmuE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7540d61ecca0b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.amaporn.com/static/styles/jquery.fancybox-white.css?v=7.5
172.67.191.97200 OK 9.0 kB URL HTTP/2 www.amaporn.com/static/styles/jquery.fancybox-white.css?v=7.5
IP 172.67.191.97:0
File type ASCII text, with very long lines (4030), with no line terminators
Hash ea594dccb870b87d1fce3d222cfb7a39
274378493f9335f22e4101a193c9f12979b10f69
7ec54cd449d0dce67f2a4ad24212d283d743b4f68974b069481e213c648589b9
GET /static/styles/jquery.fancybox-white.css?v=7.5 HTTP/1.1
Host: www.amaporn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:22 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=5350
etag: W/"5fc25420-14e6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 28 Nov 2020 13:44:00 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 1345899
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8i%2FP%2FF6%2BBx1hMOYssBJ%2FlIUpj%2FhJp1V4BkR8a7049btSLi%2FHjHN5yUUuvdvN54d4Ze%2B0XD0kOfN%2Fd83xoIVQfKpQSHd%2FCamYG1aefg%2Bjv%2BgZZ1mPzTXTztGfi0%2FiyldxZg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7540d61ed9750b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.amaporn.com/static/js/main.min.js?v=7.6.5
172.67.191.97200 OK 113 kB URL HTTP/2 www.amaporn.com/static/js/main.min.js?v=7.6.5
IP 172.67.191.97:0
File type ASCII text, with very long lines (32089)
Size 113 kB (113117 bytes)
Hash f55d153dd1c1d6d15831f21a51ed31d9
b0b3b3604941040d4b2eac2a2533b68b1601474c
ff37929f527d8f9548a7a2607ed41a0218decc41e441402b96a9497e7d117c3a
GET /static/js/main.min.js?v=7.6.5 HTTP/1.1
Host: www.amaporn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:22 GMT
content-type: application/javascript
last-modified: Mon, 26 Jul 2021 09:21:37 GMT
etag: W/"60fe7ea1-56360"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 1345899
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=si5ndM07cd35%2FHctJVLZ9W0mQm0wHLiMMpocCBESlbmVj3mdun4hSaLGlgOqOV%2FaKblV6juGv2tkneGjGJZPBbf9%2FFUm9muOwhoQk1VaaM7PLIO6JXMT8D0Tkk29hhKwV6I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7540d61ee9810b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
13.224.222.54200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 13.224.222.54:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 21:32:53 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 21:45:39 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 0c6608381c6e16c344d8596c47c9b95c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: 2h-IzyHpNjkyC1XrkWjOf7niRZvBGwsIB_SzBtjwmhk9hfgU1GVgCw==
Age: 2970
platform-api.sharethis.com/js/sharethis.js
13.224.222.16301 Moved Permanently 167 B URL HTTP/1.1 platform-api.sharethis.com/js/sharethis.js
IP 13.224.222.16:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /js/sharethis.js HTTP/1.1
Host: platform-api.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.amaporn.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sun, 02 Oct 2022 22:22:23 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://platform-api.sharethis.com/js/sharethis.js
X-Cache: Redirect from cloudfront
Via: 1.1 51c6fa41a8f5079dc547fd1acb8e2948.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: hO_N1fJgC7TJwj8S7wE0lSPGURpnPOoP09XXjExio2WYqXmouD5yJA==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6197
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:23 GMT
Last-Modified: Sun, 02 Oct 2022 20:39:06 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
91e3ea15d5.a196ff0acd.com/d8b8601108a804fbf2ce91dc816e7149/3826?version_name=c
45.133.44.24200 OK 3.0 kB URL HTTP/2 91e3ea15d5.a196ff0acd.com/d8b8601108a804fbf2ce91dc816e7149/3826?version_name=c
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash 8ee2d305de5684d3a1090fa043912831
3d2c1dc51a1e226aef74051a5b09cc276c8ea45d
57cf8177908f38d18ec5f82dc88933bbdf3cc3b3ce906a3770e46eec20cb6ca4
GET /d8b8601108a804fbf2ce91dc816e7149/3826?version_name=c HTTP/1.1
Host: 91e3ea15d5.a196ff0acd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.amaporn.com
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:23 GMT
content-type: application/json
content-length: 1698
server: nginx/1.18.0
cache-control: max-age=300
expires: Sun, 02 Oct 2022 22:27:23 GMT
x-proxy-cache: EXPIRED
access-control-allow-origin: *
X-Firefox-Spdy: h2
platform-api.sharethis.com/js/sharethis.js
13.224.222.16200 OK 46 kB URL HTTP/2 platform-api.sharethis.com/js/sharethis.js
IP 13.224.222.16:0
Hash 717497d1c02df359d7169abe67c9f504
1de901f018870b5004ba2cd37c18c21bfc0b1ad6
e74919af6013a1d0694c789f465af789db125bf37753a26684cebe32e4ff8cab
GET /js/sharethis.js HTTP/1.1
Host: platform-api.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-encoding: gzip
edge-control: cache-maxage=60m,downstream-ttl=60m
x-frame-options: SAMEORIGIN
date: Sun, 02 Oct 2022 22:15:22 GMT
cache-control: max-age=600, public
etag: W/"3011a-1tH8M8TNdKB39qADlCdHeiBv0FM"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 51c6fa41a8f5079dc547fd1acb8e2948.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: nv5En3MR6geeqbt3-PIwoLrccla2SiyEgksmy_bU5TGLEXQCyGFnhw==
age: 421
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1a5c6002028dd454acefd9b7030b598c
4f518fd94c72d108cbf1bda11ee52654d3405c1f
cb436c2be14ec0d3523a25f41ce2e28baa980a9fa5c4e76926e4ce6a3847dc06
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB436C2BE14EC0D3523A25F41CE2E28BAA980A9FA5C4E76926E4CE6A3847DC06"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6370
Expires: Mon, 03 Oct 2022 00:08:33 GMT
Date: Sun, 02 Oct 2022 22:22:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1a5c6002028dd454acefd9b7030b598c
4f518fd94c72d108cbf1bda11ee52654d3405c1f
cb436c2be14ec0d3523a25f41ce2e28baa980a9fa5c4e76926e4ce6a3847dc06
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB436C2BE14EC0D3523A25F41CE2E28BAA980A9FA5C4E76926E4CE6A3847DC06"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6370
Expires: Mon, 03 Oct 2022 00:08:33 GMT
Date: Sun, 02 Oct 2022 22:22:23 GMT
Connection: keep-alive
js.wpadmngr.com/npc/sdk/wp-banners.js
45.133.44.25200 OK 0 B URL HTTP/2 js.wpadmngr.com/npc/sdk/wp-banners.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Sun, 02 Oct 2022 22:27:23 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.210.107.213101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.107.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: scPEV0sQXAr2x+cQisfKww==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6lPAbjh1tJCIxFLM8O61iA/DqgE=
ocsp.sca1b.amazontrust.com/
13.224.227.210200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 13.224.227.210:0
Hash 4fea062183a463d12ebb193233fdb5be
80a0679f552b908a09a0f57fcb474a996d732e89
d3b705ac5f4114e6c4417148ef998b0846efab9a3249b825a1971ec64f60bf9c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 22:22:23 GMT
Last-Modified: Sun, 02 Oct 2022 20:55:28 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: KRT1ybmqI7HNeSA-MOAGdW_24l8UQQc6PyuyzdEzPa5l-I5AsPzUoA==
Age: 5215
ocsp.sca1b.amazontrust.com/
13.224.227.210200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 13.224.227.210:0
Hash 4fea062183a463d12ebb193233fdb5be
80a0679f552b908a09a0f57fcb474a996d732e89
d3b705ac5f4114e6c4417148ef998b0846efab9a3249b825a1971ec64f60bf9c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 22:22:23 GMT
Last-Modified: Sun, 02 Oct 2022 21:39:10 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 9020b755bdec9fbd562cc16c0a42d6f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: Go1VakEWkji9Wj2txXSB5ZO_1b66PBOjmDUh7wz6mPH8Y6dMR2DyDg==
Age: 2593
l.sharethis.com/pview?event=pview&hostname=www.amaporn.com&location=%2F&product=inline-share-buttons&url=http%3A%2F%2Fwww.amaporn.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=PORNO%20GRATIS%20%26%20VIDEO%20PORNO%20ITALIANI%20XXX%20su%20AmaPorn&cms=unknown&publisher=5b8424138e496b00101b735e&sop=true&version=st_sop.js&lang=en&description=AmaPorn%2C%20sito%20tube%20porno%20gratis%20aggiornato%20ogni%20giorno%20con%20video%20porno%20amatoriali%20gratis%20e%20tanto%20porno%20italiano%20gratis
3.66.101.248204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&hostname=www.amaporn.com&location=%2F&product=inline-share-buttons&url=http%3A%2F%2Fwww.amaporn.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=PORNO%20GRATIS%20%26%20VIDEO%20PORNO%20ITALIANI%20XXX%20su%20AmaPorn&cms=unknown&publisher=5b8424138e496b00101b735e&sop=true&version=st_sop.js&lang=en&description=AmaPorn%2C%20sito%20tube%20porno%20gratis%20aggiornato%20ogni%20giorno%20con%20video%20porno%20amatoriali%20gratis%20e%20tanto%20porno%20italiano%20gratis
IP 3.66.101.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&hostname=www.amaporn.com&location=%2F&product=inline-share-buttons&url=http%3A%2F%2Fwww.amaporn.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=PORNO%20GRATIS%20%26%20VIDEO%20PORNO%20ITALIANI%20XXX%20su%20AmaPorn&cms=unknown&publisher=5b8424138e496b00101b735e&sop=true&version=st_sop.js&lang=en&description=AmaPorn%2C%20sito%20tube%20porno%20gratis%20aggiornato%20ogni%20giorno%20con%20video%20porno%20amatoriali%20gratis%20e%20tanto%20porno%20italiano%20gratis HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.amaporn.com
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: http://www.amaporn.com
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 02 Oct 2022 22:22:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
l.sharethis.com/pview?event=pview&hostname=www.amaporn.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fwww.amaporn.com%2F%23&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=PORNO%20GRATIS%20%26%20VIDEO%20PORNO%20ITALIANI%20XXX%20su%20AmaPorn&refDomain=www.amaporn.com&cms=unknown&publisher=5b8424138e496b00101b735e&sop=true&version=st_sop.js&lang=en&description=AmaPorn%2C%20sito%20tube%20porno%20gratis%20aggiornato%20ogni%20giorno%20con%20video%20porno%20amatoriali%20gratis%20e%20tanto%20porno%20italiano%20gratis
3.66.101.248204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&hostname=www.amaporn.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fwww.amaporn.com%2F%23&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=PORNO%20GRATIS%20%26%20VIDEO%20PORNO%20ITALIANI%20XXX%20su%20AmaPorn&refDomain=www.amaporn.com&cms=unknown&publisher=5b8424138e496b00101b735e&sop=true&version=st_sop.js&lang=en&description=AmaPorn%2C%20sito%20tube%20porno%20gratis%20aggiornato%20ogni%20giorno%20con%20video%20porno%20amatoriali%20gratis%20e%20tanto%20porno%20italiano%20gratis
IP 3.66.101.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&hostname=www.amaporn.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fwww.amaporn.com%2F%23&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=PORNO%20GRATIS%20%26%20VIDEO%20PORNO%20ITALIANI%20XXX%20su%20AmaPorn&refDomain=www.amaporn.com&cms=unknown&publisher=5b8424138e496b00101b735e&sop=true&version=st_sop.js&lang=en&description=AmaPorn%2C%20sito%20tube%20porno%20gratis%20aggiornato%20ogni%20giorno%20con%20video%20porno%20amatoriali%20gratis%20e%20tanto%20porno%20italiano%20gratis HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amaporn.com
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: https://www.amaporn.com
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 02 Oct 2022 22:22:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
platform-cdn.sharethis.com/img/facebook.svg
13.224.222.94200 OK 301 B URL HTTP/2 platform-cdn.sharethis.com/img/facebook.svg
IP 13.224.222.94:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c6e9be45643e197ce1db1d7e24a99adc
d7338e398bb0f7a9082d24f121140d2cf9e88859
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
GET /img/facebook.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 301
date: Thu, 08 Sep 2022 04:10:08 GMT
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 19a079cfe5fbc38f063a9e46b60b00a6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: tvajsitbeaeG2qsKofUSw5TLoHSSy2LAXZDVnlgFb5GxzllC8bO-MA==
age: 2139136
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/sharethis.svg
13.224.222.94200 OK 514 B URL HTTP/2 platform-cdn.sharethis.com/img/sharethis.svg
IP 13.224.222.94:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (358)
Hash deecdaa377907db5cc1722fc831670a1
4e39e0fd5742cc1460e24620df4a360abb71290e
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
GET /img/sharethis.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 514
date: Sun, 11 Sep 2022 04:11:17 GMT
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
etag: "deecdaa377907db5cc1722fc831670a1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 19a079cfe5fbc38f063a9e46b60b00a6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: SWe8Km8Fi_zSkP6QcrxvpdpOGWb16U0b6_BMdtJXCd5-PoNSYbtSCg==
age: 1879867
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/arrow_left.svg
13.224.222.94200 OK 565 B URL HTTP/2 platform-cdn.sharethis.com/img/arrow_left.svg
IP 13.224.222.94:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (409)
Hash b55d8d2b9321e381a3c38a4bddb74037
000c29635758e608bbe15d191e953adb27627c2e
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
GET /img/arrow_left.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 565
date: Sun, 04 Sep 2022 17:32:57 GMT
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
etag: "b55d8d2b9321e381a3c38a4bddb74037"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 19a079cfe5fbc38f063a9e46b60b00a6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: gTdovXBbNBpaNL72UlxyF3lYs5EU-eVbulATfMU94Pwl_f4Sj1zVDw==
age: 2436567
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/arrow_right.svg
13.224.222.94200 OK 565 B URL HTTP/2 platform-cdn.sharethis.com/img/arrow_right.svg
IP 13.224.222.94:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (409)
Hash 9928d025bd5792b718ee0a185f62e67c
16406d7b5b6d383b12859b853cf6cb7e3733e33d
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
GET /img/arrow_right.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 565
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 02:01:49 GMT
cache-control: public, max-age=2592000
etag: "9928d025bd5792b718ee0a185f62e67c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 19a079cfe5fbc38f063a9e46b60b00a6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: Cf7d4Z03HdaFGK_JrmCRNPTIpqUCbWxd4h3blmuEeCKaSGoMflvT2g==
age: 591635
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
13.224.227.210200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 13.224.227.210:0
Hash 4fea062183a463d12ebb193233fdb5be
80a0679f552b908a09a0f57fcb474a996d732e89
d3b705ac5f4114e6c4417148ef998b0846efab9a3249b825a1971ec64f60bf9c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 22:22:23 GMT
Last-Modified: Sun, 02 Oct 2022 21:39:50 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: voU6a_EzazfbHGD5TL9DbhlyKnYU1OoaoHJ74e5dYxw9QOw8CW_1LA==
Age: 2554
platform-cdn.sharethis.com/img/twitter.svg
13.224.222.94200 OK 731 B URL HTTP/2 platform-cdn.sharethis.com/img/twitter.svg
IP 13.224.222.94:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (575)
Hash 0af2fb38987598376c99e21af17ade45
bfbdfd0b1a2dcef714e347928bd11b8410dc7ca2
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
GET /img/twitter.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 731
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 01:34:45 GMT
cache-control: public, max-age=2592000
etag: "0af2fb38987598376c99e21af17ade45"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 19a079cfe5fbc38f063a9e46b60b00a6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: ESyU5VU33sACvEX3aVgCghNUxFISVaex4FZA_D073dl7ksS05Jf9Yw==
age: 420459
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/pinterest.svg
13.224.222.94200 OK 771 B URL HTTP/2 platform-cdn.sharethis.com/img/pinterest.svg
IP 13.224.222.94:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (615)
Hash 2b10a062e719c64b686e2e8fcdc216dc
38bd37fa3975f4d5b849763359481d8b31bb80ba
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
GET /img/pinterest.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 771
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 03:24:58 GMT
cache-control: public, max-age=2592000
etag: "2b10a062e719c64b686e2e8fcdc216dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 19a079cfe5fbc38f063a9e46b60b00a6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: xZw2WR_4LGw6Qy2lWYtlQ_d-ykEAMuSnihvMDh4tKihusl0UsOKeVA==
age: 673046
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/email.svg
13.224.222.94200 OK 343 B URL HTTP/2 platform-cdn.sharethis.com/img/email.svg
IP 13.224.222.94:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 5977437466e857c7ddcadda6f6d88c2a
19c6378daa1f946ca225fb8d9e039e1f7762fb0d
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
GET /img/email.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 343
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 01:59:35 GMT
cache-control: public, max-age=2592000
etag: "5977437466e857c7ddcadda6f6d88c2a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 19a079cfe5fbc38f063a9e46b60b00a6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: 05yRRV9tB-_xcJEmro2Nx3UeLAMnntR-dWyctxGsU-VOuFhz1vo0Zg==
age: 591769
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/reddit.svg
13.224.222.94200 OK 910 B URL HTTP/2 platform-cdn.sharethis.com/img/reddit.svg
IP 13.224.222.94:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (754)
Hash 78d796ca648d8a5e665b48ed0217c56a
510637c7cab9640b28a9b08de421a44b40f055aa
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
GET /img/reddit.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 910
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 23:50:37 GMT
cache-control: public, max-age=2592000
etag: "78d796ca648d8a5e665b48ed0217c56a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 19a079cfe5fbc38f063a9e46b60b00a6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: MUCvvihSkV0wWpfpE545ObzvEEH5_DvSCDLX7tE8RHtdWsm590B44Q==
age: 426707
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/whatsapp.svg
13.224.222.94200 OK 832 B URL HTTP/2 platform-cdn.sharethis.com/img/whatsapp.svg
IP 13.224.222.94:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (676)
Hash afe7fc60ed757db39a88d2950fce69c9
e120b53e856848419275723e24a539359cf41b4a
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
GET /img/whatsapp.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 832
date: Wed, 07 Sep 2022 05:20:40 GMT
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
etag: "afe7fc60ed757db39a88d2950fce69c9"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 19a079cfe5fbc38f063a9e46b60b00a6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: nwiWaIIi1AaxnfoU5Tosts1c0G5WjQWGDRIlarvl2kms3LhQfgtS-w==
age: 2221304
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww.amaporn.com%2F%23
13.224.222.68200 OK 846 B URL HTTP/2 count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww.amaporn.com%2F%23
IP 13.224.222.68:0
File type ASCII text, with very long lines (846), with no line terminators
Hash 47f86fbadaa8abe00795539ad35a4c36
6f2177a866dc94152f6e8c4fe2658748a73c6aa4
a734f05d9c7a15be0533b9e0c019b9928a61a7a3cd5b523415f36e1541147c2c
GET /v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww.amaporn.com%2F%23 HTTP/1.1
Host: count-server.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 846
date: Sun, 02 Oct 2022 07:34:55 GMT
cache-control: public, max-age=86400
etag: 47f86fbadaa8abe00795539ad35a4c36
apigw-requestid: ZXbM6gmkoAMEJCg=
x-cache: Hit from cloudfront
via: 1.1 6b08baae6d8fdc124eeea9f6d807fa9a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: OEEXEIQo7PtvCyxFOKxhtltqUC733kX107DUlRRE8j0-eDEqZC0kGw==
age: 53248
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
l.sharethis.com/pview?event=pview&hostname=www.amaporn.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fwww.amaporn.com%2F%23&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=PORNO%20GRATIS%20%26%20VIDEO%20PORNO%20ITALIANI%20XXX%20su%20AmaPorn&refDomain=www.amaporn.com&cms=unknown&publisher=5b8424138e496b00101b735e&sop=true&version=st_sop.js&lang=en&description=AmaPorn%2C%20sito%20tube%20porno%20gratis%20aggiornato%20ogni%20giorno%20con%20video%20porno%20amatoriali%20gratis%20e%20tanto%20porno%20italiano%20gratis
3.66.101.248204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&hostname=www.amaporn.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fwww.amaporn.com%2F%23&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=PORNO%20GRATIS%20%26%20VIDEO%20PORNO%20ITALIANI%20XXX%20su%20AmaPorn&refDomain=www.amaporn.com&cms=unknown&publisher=5b8424138e496b00101b735e&sop=true&version=st_sop.js&lang=en&description=AmaPorn%2C%20sito%20tube%20porno%20gratis%20aggiornato%20ogni%20giorno%20con%20video%20porno%20amatoriali%20gratis%20e%20tanto%20porno%20italiano%20gratis
IP 3.66.101.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&hostname=www.amaporn.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fwww.amaporn.com%2F%23&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=PORNO%20GRATIS%20%26%20VIDEO%20PORNO%20ITALIANI%20XXX%20su%20AmaPorn&refDomain=www.amaporn.com&cms=unknown&publisher=5b8424138e496b00101b735e&sop=true&version=st_sop.js&lang=en&description=AmaPorn%2C%20sito%20tube%20porno%20gratis%20aggiornato%20ogni%20giorno%20con%20video%20porno%20amatoriali%20gratis%20e%20tanto%20porno%20italiano%20gratis HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amaporn.com
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: https://www.amaporn.com
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 02 Oct 2022 22:22:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=http%3A%2F%2Fwww.amaporn.com%2F
13.224.222.68200 OK 844 B URL HTTP/2 count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=http%3A%2F%2Fwww.amaporn.com%2F
IP 13.224.222.68:0
File type ASCII text, with very long lines (844), with no line terminators
Hash 86038c80f7ce247a93a84d14aaa07ba5
ab1c99ddcf0e18e6279b0224ee372c794577acb5
419df99b2c81be069ffa936f5a8cb64d1ba817a74b791aa1669f6bfb38fd5b89
GET /v2.0/get_counts?cb=window.__sharethis__.cb&url=http%3A%2F%2Fwww.amaporn.com%2F HTTP/1.1
Host: count-server.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 844
date: Sun, 02 Oct 2022 11:11:37 GMT
cache-control: public, max-age=86400
etag: 86038c80f7ce247a93a84d14aaa07ba5
apigw-requestid: ZX68eitaoAMEPTA=
x-cache: Hit from cloudfront
via: 1.1 6b08baae6d8fdc124eeea9f6d807fa9a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: KCigfEQZvamZ63BXNX45sIsqfdK-UHity8_C6vGMfJof7ZM5wci6wA==
age: 40246
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=3826
157.90.84.246204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=3826
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=3826 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amaporn.com/
Origin: https://www.amaporn.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sun, 02 Oct 2022 22:22:23 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.amaporn.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
notification.tubecup.net/tags?tag_id=3826&timezone_olson=UTC&version_name=d
88.198.186.112200 OK 2.3 kB URL HTTP/2 notification.tubecup.net/tags?tag_id=3826&timezone_olson=UTC&version_name=d
IP 88.198.186.112:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (2292), with no line terminators
Hash a21bf6e291bbd711746b91fa7fad9144
ae5e0bee76920a3fb13c097cad0b2b812e087684
bc93fba4ecf50c8dabca8c59b4d35bca7fbe83d56126c0371454ca332217398a
GET /tags?tag_id=3826&timezone_olson=UTC&version_name=d HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amaporn.com
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 02 Oct 2022 22:22:23 GMT
content-type: application/json
content-length: 2292
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
notification.tubecup.net/tags?tag_id=3826&timezone_olson=UTC&version_name=c
88.198.186.112200 OK 2.3 kB URL HTTP/2 notification.tubecup.net/tags?tag_id=3826&timezone_olson=UTC&version_name=c
IP 88.198.186.112:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (2292), with no line terminators
Hash a21bf6e291bbd711746b91fa7fad9144
ae5e0bee76920a3fb13c097cad0b2b812e087684
bc93fba4ecf50c8dabca8c59b4d35bca7fbe83d56126c0371454ca332217398a
GET /tags?tag_id=3826&timezone_olson=UTC&version_name=c HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.amaporn.com
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 02 Oct 2022 22:22:23 GMT
content-type: application/json
content-length: 2292
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=3826
157.90.84.246204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=3826
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=3826 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www.amaporn.com/
Origin: http://www.amaporn.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sun, 02 Oct 2022 22:22:23 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: http://www.amaporn.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
fp.metricswpsh.com/fp?tag_id=3826
157.90.84.246200 OK 27 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=3826
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash bfd375f236d1e406959344ad11b0ec50
9b5759065957fe8ba9c4448953aa61ff757ace2f
3e4de2ffcfa1d0d5938dc369b507fa8ec033800b43544d937f11c4340eb922d4
POST /fp?tag_id=3826 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2068
Origin: https://www.amaporn.com
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 02 Oct 2022 22:22:23 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 27
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.amaporn.com
Set-Cookie: id=14880177140944987348; Expires=Mon, 02 Oct 2023 22:22:23 GMT; Secure; SameSite=None
Vary: Origin
notification.tubecup.net/tags?tag_id=3826&timezone_olson=UTC&version_name=d
88.198.186.112200 OK 2.3 kB URL HTTP/2 notification.tubecup.net/tags?tag_id=3826&timezone_olson=UTC&version_name=d
IP 88.198.186.112:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (2292), with no line terminators
Hash a21bf6e291bbd711746b91fa7fad9144
ae5e0bee76920a3fb13c097cad0b2b812e087684
bc93fba4ecf50c8dabca8c59b4d35bca7fbe83d56126c0371454ca332217398a
GET /tags?tag_id=3826&timezone_olson=UTC&version_name=d HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amaporn.com
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 02 Oct 2022 22:22:23 GMT
content-type: application/json
content-length: 2292
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-BG7DS6G0LW>m=2oe9s0&_p=1325004543&cid=277671026.1664749343&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664749342&sct=1&seg=0&dl=http%3A%2F%2Fwww.amaporn.com%2F&dt=PORNO%20GRATIS%20%26%20VIDEO%20PORNO%20ITALIANI%20XXX%20su%20AmaPorn&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-BG7DS6G0LW>m=2oe9s0&_p=1325004543&cid=277671026.1664749343&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664749342&sct=1&seg=0&dl=http%3A%2F%2Fwww.amaporn.com%2F&dt=PORNO%20GRATIS%20%26%20VIDEO%20PORNO%20ITALIANI%20XXX%20su%20AmaPorn&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-BG7DS6G0LW>m=2oe9s0&_p=1325004543&cid=277671026.1664749343&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664749342&sct=1&seg=0&dl=http%3A%2F%2Fwww.amaporn.com%2F&dt=PORNO%20GRATIS%20%26%20VIDEO%20PORNO%20ITALIANI%20XXX%20su%20AmaPorn&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.amaporn.com
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://www.amaporn.com
date: Sun, 02 Oct 2022 22:22:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=3826
157.90.84.246200 OK 27 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=3826
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash bfd375f236d1e406959344ad11b0ec50
9b5759065957fe8ba9c4448953aa61ff757ace2f
3e4de2ffcfa1d0d5938dc369b507fa8ec033800b43544d937f11c4340eb922d4
POST /fp?tag_id=3826 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2067
Origin: https://www.amaporn.com
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 02 Oct 2022 22:22:23 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 27
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.amaporn.com
Set-Cookie: id=6952154560610614111; Expires=Mon, 02 Oct 2023 22:22:23 GMT; Secure; SameSite=None
Vary: Origin
region1.google-analytics.com/g/collect?v=2&tid=G-BG7DS6G0LW>m=2oe9s0&_p=1206331698&cid=1509907914.1664749343&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664749343&sct=1&seg=0&dl=https%3A%2F%2Fwww.amaporn.com%2F&dr=http%3A%2F%2Fwww.amaporn.com%2F&dt=PORNO%20GRATIS%20%26%20VIDEO%20PORNO%20ITALIANI%20XXX%20su%20AmaPorn&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-BG7DS6G0LW>m=2oe9s0&_p=1206331698&cid=1509907914.1664749343&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664749343&sct=1&seg=0&dl=https%3A%2F%2Fwww.amaporn.com%2F&dr=http%3A%2F%2Fwww.amaporn.com%2F&dt=PORNO%20GRATIS%20%26%20VIDEO%20PORNO%20ITALIANI%20XXX%20su%20AmaPorn&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-BG7DS6G0LW>m=2oe9s0&_p=1206331698&cid=1509907914.1664749343&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664749343&sct=1&seg=0&dl=https%3A%2F%2Fwww.amaporn.com%2F&dr=http%3A%2F%2Fwww.amaporn.com%2F&dt=PORNO%20GRATIS%20%26%20VIDEO%20PORNO%20ITALIANI%20XXX%20su%20AmaPorn&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amaporn.com
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://www.amaporn.com
date: Sun, 02 Oct 2022 22:22:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
91e3ea15d5.a196ff0acd.com/fd24afdb20dc71b9901965e716fc035f.js
45.133.44.24200 OK 64 kB URL HTTP/2 91e3ea15d5.a196ff0acd.com/fd24afdb20dc71b9901965e716fc035f.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash d444b533454a43cd24e9721b7dbc7e23
3711d6460a44d55cd73dcbe64beecf1ab6e74b85
873667d78b0d5a1f46cf540b87ca492c4d0d6073ffdec3e2565c87133774a6b3
GET /fd24afdb20dc71b9901965e716fc035f.js HTTP/1.1
Host: 91e3ea15d5.a196ff0acd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:23 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 30 Sep 2022 11:40:38 GMT
etag: W/"6336d5b6-3cf91"
content-encoding: gzip
expires: Sun, 02 Oct 2022 22:27:23 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11968f584b6b1501def14383a3d98cb7
2d3ea53ef7f55bf65f9cee51dcf2b831ae9ed902
50921ff1bcbabdf1c61e4e1ef8844446666a99f64270b6396f87042035ae1ffc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50921FF1BCBABDF1C61E4E1EF8844446666A99F64270B6396F87042035AE1FFC"
Last-Modified: Sat, 01 Oct 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14115
Expires: Mon, 03 Oct 2022 02:17:38 GMT
Date: Sun, 02 Oct 2022 22:22:23 GMT
Connection: keep-alive
87f37823d6.8874d81f48.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDQ1MzQ0Mzg2NDk2MjExNDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjExLjAiLCJ0YWdfaWQiOjM4MjYsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40NSwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiUE9STk8lMkNHUkFUSVMlMkNWSURFTyUyQ1BPUk5PJTJDSVRBTElBTkklMkNYWFglMkNzdSUyQ0FtYVBvcm4lMkN2aWRlbyUyQ3Bvcm5vJTJDcG9ybm8lMkN2aWRlbyUyQ3Bvcm5vJTJDZ3JhdGlzJTJDcG9ybm8lMkNncmF0aXMlMkNhbWFwb3JuJTJDdmlkZW8lMkNhbWF0b3JpYWxpJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNwb3JubyUyQ2FtYXRvcmlhbGUlMkN2aWRlbyUyQ3Bvcm5vJTJDaXRhbGlhbmklMkNwb3JubyUyQ2l0YWxpYW5vJTJDcG9ybm8lMkNpdGFsaWFubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2ZvdG8lMkNwb3JubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNBbWFQb3JuJTJDc2l0byUyQ3R1YmUlMkNwb3JubyUyQ2dyYXRpcyUyQ2FnZ2lvcm5hdG8lMkNvZ25pJTJDZ2lvcm5vJTJDY29uJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNncmF0aXMlMkNlJTJDdGFudG8lMkNwb3JubyUyQ2l0YWxpYW5vJTJDZ3JhdGlzJTIwIn0=
45.133.44.24200 OK 0 B URL HTTP/2 87f37823d6.8874d81f48.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDQ1MzQ0Mzg2NDk2MjExNDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjExLjAiLCJ0YWdfaWQiOjM4MjYsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40NSwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiUE9STk8lMkNHUkFUSVMlMkNWSURFTyUyQ1BPUk5PJTJDSVRBTElBTkklMkNYWFglMkNzdSUyQ0FtYVBvcm4lMkN2aWRlbyUyQ3Bvcm5vJTJDcG9ybm8lMkN2aWRlbyUyQ3Bvcm5vJTJDZ3JhdGlzJTJDcG9ybm8lMkNncmF0aXMlMkNhbWFwb3JuJTJDdmlkZW8lMkNhbWF0b3JpYWxpJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNwb3JubyUyQ2FtYXRvcmlhbGUlMkN2aWRlbyUyQ3Bvcm5vJTJDaXRhbGlhbmklMkNwb3JubyUyQ2l0YWxpYW5vJTJDcG9ybm8lMkNpdGFsaWFubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2ZvdG8lMkNwb3JubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNBbWFQb3JuJTJDc2l0byUyQ3R1YmUlMkNwb3JubyUyQ2dyYXRpcyUyQ2FnZ2lvcm5hdG8lMkNvZ25pJTJDZ2lvcm5vJTJDY29uJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNncmF0aXMlMkNlJTJDdGFudG8lMkNwb3JubyUyQ2l0YWxpYW5vJTJDZ3JhdGlzJTIwIn0=
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDQ1MzQ0Mzg2NDk2MjExNDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjExLjAiLCJ0YWdfaWQiOjM4MjYsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40NSwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiUE9STk8lMkNHUkFUSVMlMkNWSURFTyUyQ1BPUk5PJTJDSVRBTElBTkklMkNYWFglMkNzdSUyQ0FtYVBvcm4lMkN2aWRlbyUyQ3Bvcm5vJTJDcG9ybm8lMkN2aWRlbyUyQ3Bvcm5vJTJDZ3JhdGlzJTJDcG9ybm8lMkNncmF0aXMlMkNhbWFwb3JuJTJDdmlkZW8lMkNhbWF0b3JpYWxpJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNwb3JubyUyQ2FtYXRvcmlhbGUlMkN2aWRlbyUyQ3Bvcm5vJTJDaXRhbGlhbmklMkNwb3JubyUyQ2l0YWxpYW5vJTJDcG9ybm8lMkNpdGFsaWFubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2ZvdG8lMkNwb3JubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNBbWFQb3JuJTJDc2l0byUyQ3R1YmUlMkNwb3JubyUyQ2dyYXRpcyUyQ2FnZ2lvcm5hdG8lMkNvZ25pJTJDZ2lvcm5vJTJDY29uJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNncmF0aXMlMkNlJTJDdGFudG8lMkNwb3JubyUyQ2l0YWxpYW5vJTJDZ3JhdGlzJTIwIn0= HTTP/1.1
Host: 87f37823d6.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amaporn.com
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:23 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
87f37823d6.8874d81f48.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDQ1MzQ0Mzg2NDk2MjExNDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjExLjAiLCJ0YWdfaWQiOjM4MjYsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC43MywiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiUE9STk8lMkNHUkFUSVMlMkNWSURFTyUyQ1BPUk5PJTJDSVRBTElBTkklMkNYWFglMkNzdSUyQ0FtYVBvcm4lMkN2aWRlbyUyQ3Bvcm5vJTJDcG9ybm8lMkN2aWRlbyUyQ3Bvcm5vJTJDZ3JhdGlzJTJDcG9ybm8lMkNncmF0aXMlMkNhbWFwb3JuJTJDdmlkZW8lMkNhbWF0b3JpYWxpJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNwb3JubyUyQ2FtYXRvcmlhbGUlMkN2aWRlbyUyQ3Bvcm5vJTJDaXRhbGlhbmklMkNwb3JubyUyQ2l0YWxpYW5vJTJDcG9ybm8lMkNpdGFsaWFubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2ZvdG8lMkNwb3JubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNBbWFQb3JuJTJDc2l0byUyQ3R1YmUlMkNwb3JubyUyQ2dyYXRpcyUyQ2FnZ2lvcm5hdG8lMkNvZ25pJTJDZ2lvcm5vJTJDY29uJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNncmF0aXMlMkNlJTJDdGFudG8lMkNwb3JubyUyQ2l0YWxpYW5vJTJDZ3JhdGlzJTIwIn0=
45.133.44.24200 OK 0 B URL HTTP/2 87f37823d6.8874d81f48.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDQ1MzQ0Mzg2NDk2MjExNDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjExLjAiLCJ0YWdfaWQiOjM4MjYsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC43MywiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiUE9STk8lMkNHUkFUSVMlMkNWSURFTyUyQ1BPUk5PJTJDSVRBTElBTkklMkNYWFglMkNzdSUyQ0FtYVBvcm4lMkN2aWRlbyUyQ3Bvcm5vJTJDcG9ybm8lMkN2aWRlbyUyQ3Bvcm5vJTJDZ3JhdGlzJTJDcG9ybm8lMkNncmF0aXMlMkNhbWFwb3JuJTJDdmlkZW8lMkNhbWF0b3JpYWxpJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNwb3JubyUyQ2FtYXRvcmlhbGUlMkN2aWRlbyUyQ3Bvcm5vJTJDaXRhbGlhbmklMkNwb3JubyUyQ2l0YWxpYW5vJTJDcG9ybm8lMkNpdGFsaWFubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2ZvdG8lMkNwb3JubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNBbWFQb3JuJTJDc2l0byUyQ3R1YmUlMkNwb3JubyUyQ2dyYXRpcyUyQ2FnZ2lvcm5hdG8lMkNvZ25pJTJDZ2lvcm5vJTJDY29uJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNncmF0aXMlMkNlJTJDdGFudG8lMkNwb3JubyUyQ2l0YWxpYW5vJTJDZ3JhdGlzJTIwIn0=
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDQ1MzQ0Mzg2NDk2MjExNDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjExLjAiLCJ0YWdfaWQiOjM4MjYsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC43MywiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiUE9STk8lMkNHUkFUSVMlMkNWSURFTyUyQ1BPUk5PJTJDSVRBTElBTkklMkNYWFglMkNzdSUyQ0FtYVBvcm4lMkN2aWRlbyUyQ3Bvcm5vJTJDcG9ybm8lMkN2aWRlbyUyQ3Bvcm5vJTJDZ3JhdGlzJTJDcG9ybm8lMkNncmF0aXMlMkNhbWFwb3JuJTJDdmlkZW8lMkNhbWF0b3JpYWxpJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNwb3JubyUyQ2FtYXRvcmlhbGUlMkN2aWRlbyUyQ3Bvcm5vJTJDaXRhbGlhbmklMkNwb3JubyUyQ2l0YWxpYW5vJTJDcG9ybm8lMkNpdGFsaWFubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2ZvdG8lMkNwb3JubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNBbWFQb3JuJTJDc2l0byUyQ3R1YmUlMkNwb3JubyUyQ2dyYXRpcyUyQ2FnZ2lvcm5hdG8lMkNvZ25pJTJDZ2lvcm5vJTJDY29uJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNncmF0aXMlMkNlJTJDdGFudG8lMkNwb3JubyUyQ2l0YWxpYW5vJTJDZ3JhdGlzJTIwIn0= HTTP/1.1
Host: 87f37823d6.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amaporn.com
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:23 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
87f37823d6.8874d81f48.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI1MTU3NjI5MjAwOTc0NjEwMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTEuMCIsInRhZ19pZCI6MzgyNiwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjc1LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGwsInVzZXJfa2V5d29yZHMiOiJQT1JOTyUyQ0dSQVRJUyUyQ1ZJREVPJTJDUE9STk8lMkNJVEFMSUFOSSUyQ1hYWCUyQ3N1JTJDQW1hUG9ybiUyQ3ZpZGVvJTJDcG9ybm8lMkNwb3JubyUyQ3ZpZGVvJTJDcG9ybm8lMkNncmF0aXMlMkNwb3JubyUyQ2dyYXRpcyUyQ2FtYXBvcm4lMkN2aWRlbyUyQ2FtYXRvcmlhbGklMkN2aWRlbyUyQ3Bvcm5vJTJDYW1hdG9yaWFsaSUyQ3Bvcm5vJTJDYW1hdG9yaWFsZSUyQ3ZpZGVvJTJDcG9ybm8lMkNpdGFsaWFuaSUyQ3Bvcm5vJTJDaXRhbGlhbm8lMkNwb3JubyUyQ2l0YWxpYW5vJTJDZ3JhdGlzJTJDZm90byUyQ3Bvcm5vJTJDZm90byUyQ3Bvcm5vJTJDZ3JhdGlzJTJDZm90byUyQ3Bvcm5vJTJDYW1hdG9yaWFsaSUyQ0FtYVBvcm4lMkNzaXRvJTJDdHViZSUyQ3Bvcm5vJTJDZ3JhdGlzJTJDYWdnaW9ybmF0byUyQ29nbmklMkNnaW9ybm8lMkNjb24lMkN2aWRlbyUyQ3Bvcm5vJTJDYW1hdG9yaWFsaSUyQ2dyYXRpcyUyQ2UlMkN0YW50byUyQ3Bvcm5vJTJDaXRhbGlhbm8lMkNncmF0aXMlMjAifQ==
45.133.44.24200 OK 0 B URL HTTP/2 87f37823d6.8874d81f48.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI1MTU3NjI5MjAwOTc0NjEwMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTEuMCIsInRhZ19pZCI6MzgyNiwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjc1LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGwsInVzZXJfa2V5d29yZHMiOiJQT1JOTyUyQ0dSQVRJUyUyQ1ZJREVPJTJDUE9STk8lMkNJVEFMSUFOSSUyQ1hYWCUyQ3N1JTJDQW1hUG9ybiUyQ3ZpZGVvJTJDcG9ybm8lMkNwb3JubyUyQ3ZpZGVvJTJDcG9ybm8lMkNncmF0aXMlMkNwb3JubyUyQ2dyYXRpcyUyQ2FtYXBvcm4lMkN2aWRlbyUyQ2FtYXRvcmlhbGklMkN2aWRlbyUyQ3Bvcm5vJTJDYW1hdG9yaWFsaSUyQ3Bvcm5vJTJDYW1hdG9yaWFsZSUyQ3ZpZGVvJTJDcG9ybm8lMkNpdGFsaWFuaSUyQ3Bvcm5vJTJDaXRhbGlhbm8lMkNwb3JubyUyQ2l0YWxpYW5vJTJDZ3JhdGlzJTJDZm90byUyQ3Bvcm5vJTJDZm90byUyQ3Bvcm5vJTJDZ3JhdGlzJTJDZm90byUyQ3Bvcm5vJTJDYW1hdG9yaWFsaSUyQ0FtYVBvcm4lMkNzaXRvJTJDdHViZSUyQ3Bvcm5vJTJDZ3JhdGlzJTJDYWdnaW9ybmF0byUyQ29nbmklMkNnaW9ybm8lMkNjb24lMkN2aWRlbyUyQ3Bvcm5vJTJDYW1hdG9yaWFsaSUyQ2dyYXRpcyUyQ2UlMkN0YW50byUyQ3Bvcm5vJTJDaXRhbGlhbm8lMkNncmF0aXMlMjAifQ==
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI1MTU3NjI5MjAwOTc0NjEwMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTEuMCIsInRhZ19pZCI6MzgyNiwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjc1LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGwsInVzZXJfa2V5d29yZHMiOiJQT1JOTyUyQ0dSQVRJUyUyQ1ZJREVPJTJDUE9STk8lMkNJVEFMSUFOSSUyQ1hYWCUyQ3N1JTJDQW1hUG9ybiUyQ3ZpZGVvJTJDcG9ybm8lMkNwb3JubyUyQ3ZpZGVvJTJDcG9ybm8lMkNncmF0aXMlMkNwb3JubyUyQ2dyYXRpcyUyQ2FtYXBvcm4lMkN2aWRlbyUyQ2FtYXRvcmlhbGklMkN2aWRlbyUyQ3Bvcm5vJTJDYW1hdG9yaWFsaSUyQ3Bvcm5vJTJDYW1hdG9yaWFsZSUyQ3ZpZGVvJTJDcG9ybm8lMkNpdGFsaWFuaSUyQ3Bvcm5vJTJDaXRhbGlhbm8lMkNwb3JubyUyQ2l0YWxpYW5vJTJDZ3JhdGlzJTJDZm90byUyQ3Bvcm5vJTJDZm90byUyQ3Bvcm5vJTJDZ3JhdGlzJTJDZm90byUyQ3Bvcm5vJTJDYW1hdG9yaWFsaSUyQ0FtYVBvcm4lMkNzaXRvJTJDdHViZSUyQ3Bvcm5vJTJDZ3JhdGlzJTJDYWdnaW9ybmF0byUyQ29nbmklMkNnaW9ybm8lMkNjb24lMkN2aWRlbyUyQ3Bvcm5vJTJDYW1hdG9yaWFsaSUyQ2dyYXRpcyUyQ2UlMkN0YW50byUyQ3Bvcm5vJTJDaXRhbGlhbm8lMkNncmF0aXMlMjAifQ== HTTP/1.1
Host: 87f37823d6.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.amaporn.com
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:23 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash caef1abbe4ffbbe154765978e6e48c06
1e21b12f28683cda99e8cdb8fd598b603ceba8c1
e07f8a7e0730a1e4b42f47901334bc54b8e10337cc453b6f42af717e5452a14d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E07F8A7E0730A1E4B42F47901334BC54B8E10337CC453B6F42AF717E5452A14D"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5333
Expires: Sun, 02 Oct 2022 23:51:16 GMT
Date: Sun, 02 Oct 2022 22:22:23 GMT
Connection: keep-alive
fp.metricswpsh.com/fp?tag_id=3826
157.90.84.246200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=3826
IP 157.90.84.246:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash d8ded99ae3089c609f0f3dfd190a3299
aa378c43d5b8dc4887db4f93f86a319f75731b6f
f5526ab1e5df71c978b3db3ada96990b256be308611834bea29d342b88338000
POST /fp?tag_id=3826 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22267
Origin: http://www.amaporn.com
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 02 Oct 2022 22:22:23 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.amaporn.com
Set-Cookie: id=16772772010458731835; Expires=Mon, 02 Oct 2023 22:22:23 GMT; Secure; SameSite=None
Vary: Origin
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d9be863c3b5bd21fc27022a866e7d262
f2f799a52817aae02fa609a0929b9b0bbbb9c88c
c273811d254f83ab172d67193e91b9e020d437426bfb9253ee32c3116e068be2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C273811D254F83AB172D67193E91B9E020D437426BFB9253EE32C3116E068BE2"
Last-Modified: Sat, 01 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13809
Expires: Mon, 03 Oct 2022 02:12:33 GMT
Date: Sun, 02 Oct 2022 22:22:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d9be863c3b5bd21fc27022a866e7d262
f2f799a52817aae02fa609a0929b9b0bbbb9c88c
c273811d254f83ab172d67193e91b9e020d437426bfb9253ee32c3116e068be2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C273811D254F83AB172D67193E91B9E020D437426BFB9253EE32C3116E068BE2"
Last-Modified: Sat, 01 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13809
Expires: Mon, 03 Oct 2022 02:12:33 GMT
Date: Sun, 02 Oct 2022 22:22:24 GMT
Connection: keep-alive
nereserv.com/in/dip?site=native-push&wl=1&event_id=a51a8e32-7dd4-4910-ada4-75a9b50748c4&subid=778496211&sid=1924655790&spot_id=4206&created_at=2022-10-02&timezone=0&ver=7.4.0&is_native=1
168.119.25.22200 OK 0 B URL HTTP/2 nereserv.com/in/dip?site=native-push&wl=1&event_id=a51a8e32-7dd4-4910-ada4-75a9b50748c4&subid=778496211&sid=1924655790&spot_id=4206&created_at=2022-10-02&timezone=0&ver=7.4.0&is_native=1
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=a51a8e32-7dd4-4910-ada4-75a9b50748c4&subid=778496211&sid=1924655790&spot_id=4206&created_at=2022-10-02&timezone=0&ver=7.4.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.amaporn.com
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 02 Oct 2022 22:22:24 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
nereserv.com/in/dip?site=native-push&wl=1&event_id=760908d5-eada-46b4-bb41-025874a9210e&subid=778496211&sid=2228398779&spot_id=4206&created_at=2022-10-02&timezone=0&ver=6.10.0&is_native=1
168.119.25.22200 OK 0 B URL HTTP/2 nereserv.com/in/dip?site=native-push&wl=1&event_id=760908d5-eada-46b4-bb41-025874a9210e&subid=778496211&sid=2228398779&spot_id=4206&created_at=2022-10-02&timezone=0&ver=6.10.0&is_native=1
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=760908d5-eada-46b4-bb41-025874a9210e&subid=778496211&sid=2228398779&spot_id=4206&created_at=2022-10-02&timezone=0&ver=6.10.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amaporn.com
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 02 Oct 2022 22:22:24 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
nereserv.com/in/dip?site=native-push&wl=1&event_id=ed715367-4631-44e1-9375-77ab52f95acd&subid=778496211&sid=1917258686&spot_id=4206&created_at=2022-10-02&timezone=0&ver=6.10.0&is_native=1
168.119.25.22200 OK 0 B URL HTTP/2 nereserv.com/in/dip?site=native-push&wl=1&event_id=ed715367-4631-44e1-9375-77ab52f95acd&subid=778496211&sid=1917258686&spot_id=4206&created_at=2022-10-02&timezone=0&ver=6.10.0&is_native=1
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=ed715367-4631-44e1-9375-77ab52f95acd&subid=778496211&sid=1917258686&spot_id=4206&created_at=2022-10-02&timezone=0&ver=6.10.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amaporn.com
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 02 Oct 2022 22:22:24 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
acb5145d0c.8874d81f48.com/in/multy
168.119.25.22204 No Content 0 B URL HTTP/2 acb5145d0c.8874d81f48.com/in/multy
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /in/multy HTTP/1.1
Host: acb5145d0c.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www.amaporn.com/
Origin: http://www.amaporn.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.18.0
date: Sun, 02 Oct 2022 22:22:24 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
acb5145d0c.8874d81f48.com/in/multy
168.119.25.22204 No Content 0 B URL HTTP/2 acb5145d0c.8874d81f48.com/in/multy
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /in/multy HTTP/1.1
Host: acb5145d0c.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amaporn.com/
Origin: https://www.amaporn.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.18.0
date: Sun, 02 Oct 2022 22:22:24 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
acb5145d0c.8874d81f48.com/in/multy
168.119.25.22204 No Content 0 B URL HTTP/2 acb5145d0c.8874d81f48.com/in/multy
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /in/multy HTTP/1.1
Host: acb5145d0c.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amaporn.com/
Origin: https://www.amaporn.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.18.0
date: Sun, 02 Oct 2022 22:22:24 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5998
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:22:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5998
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:22:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5998
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:22:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5998
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:22:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 721a8d8f94c3796abf021978fcdbc831
3fc3aeae907a0ce0db21753c67c1000681e48b8e
cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AM8Ox9ObWGoXI-QnnoI7QkY5mOh8j6xBPetTrhyVktVO40ekk4X2Eg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 2217
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 63684
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8bb7613964aef696917cb85a6d0bcac4
89ce0e6d742144439a96ace034adae4e7e167311
24b100b10aa041effad83e9379447f4f62d95dcf6eb27a6b093a7caaa484f964
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6321
x-amzn-requestid: 605adeca-4345-4481-999e-d50ebc123767
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWabGsgIAMFcSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0442-68542d1b56697ab33dd63941;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xZUu90wyCNVEexHxRRNQz0aDhNy_u0WC2v8TVxHkQvW-evaDwfKTtQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
etag: "89ce0e6d742144439a96ace034adae4e7e167311"
content-type: image/jpeg
age: 2217
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb7e3592-97bd-498d-bf7f-2c5bb0fc867b.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb7e3592-97bd-498d-bf7f-2c5bb0fc867b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91079e915678800d2e2e1f68415d5dc4
2d543d6b1bed9901437c3b880bd415ece354cbf7
b9bda55eef23a199fff3bd3fde22486ef4d50edd36b105b0ee13479b96c2ba22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb7e3592-97bd-498d-bf7f-2c5bb0fc867b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6983
x-amzn-requestid: e551848c-073a-4317-8841-1fc5fd8a38c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWb3EGdoAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044b-6c6a638527bb19f621cd40b1;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dovur2A7-Vx80FdqmWlJZDBBKnAqX0t9FYOIaqikEumI9bebg171KQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
etag: "2d543d6b1bed9901437c3b880bd415ece354cbf7"
content-type: image/jpeg
age: 2217
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 523edd86af4757d0bc5fa5b3b8a3596a
8118ee462077c291b9d6f1402b85b55a9ceba8c2
c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _JxPe8uPQIgRKoJxtJAKjXpVy1hCW0rFcs8K_erJOHbVNpw339Pz6w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 2217
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif
34.120.237.76400 Bad Request 3 B URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif
IP 34.120.237.76:0
File type ASCII text, with no line terminators
Hash fcc3d7489d15ef49dbbf735234234cf7
654e0aaee80e38636c503629d32225db31a616de
52109349dabf69106e04ec2f493fb8b6ade94ea100227cccce6559ab8b96553f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
server: nginx
date: Sun, 02 Oct 2022 22:22:24 GMT
content-type: application/json
content-length: 3
x-amzn-requestid: d1bf3cde-385b-4b68-b07d-cf9c25fe29a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZc7tG3BIAMFz9w=
cache-control: max-age=120,public
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0eb1-4af6183f5f3ac8510e85abba;Sampled=0
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Error from cloudfront
x-amz-cf-id: IdIiEzf2b2k4zM6-5KZxHgZBSTdh7rnFN4yNh5gdB7LAJ6qzjIvwVw==
age: 86
via: 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif&resize=w450
34.120.237.76200 OK 1 B URL HTTP/2 img-getpocket.cdn.mozilla.net/direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif&resize=w450
IP 34.120.237.76:0
File type very short file (no magic)
Hash 7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
GET /direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif&resize=w450 HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 1
x-amzn-requestid: e07bcab1-4238-4f19-bd9f-5c13df7d377f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWamH3tIAMFzbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0443-074d95046d062c2475ab5efb;Sampled=0
x-amzn-remapped-date:
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5YU9gPtzbBt1JHoOo05mPgE4n4VPzMcFzGczDf49M3vsULsxlD_4oQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:42:47 GMT
age: 2377
etag:
content-type: application/x-empty; charset=binary
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
acb5145d0c.8874d81f48.com/in/multy
168.119.25.22200 OK 14 kB URL HTTP/2 acb5145d0c.8874d81f48.com/in/multy
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (14509), with no line terminators
Hash 5256ed0c721cc017a491600f04b5dc72
a86738fc87b4c64de90bd0e40038b636ac90245b
798d7ebbddff061e5019175ecbe0346f444d88b28177564304be6fd54e4b95b3
Analyzer Verdict Alert quad9 Sinkholed
POST /in/multy HTTP/1.1
Host: acb5145d0c.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1153
Origin: https://www.amaporn.com
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 02 Oct 2022 22:22:25 GMT
content-type: application/json
content-length: 14511
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
acb5145d0c.8874d81f48.com/in/multy
168.119.25.22200 OK 14 kB URL HTTP/2 acb5145d0c.8874d81f48.com/in/multy
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (14519), with no line terminators
Hash e1e2eaa6c44a7de4e9fc529b5b0d13d4
a137d963c747bbc11c90f8a35e4835d3ea28991d
8f4323b77ac22198c1bea2adcd9bd4efae98c76c6df01adb3ec18c9aafaf2d98
Analyzer Verdict Alert quad9 Sinkholed
POST /in/multy HTTP/1.1
Host: acb5145d0c.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1153
Origin: https://www.amaporn.com
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 02 Oct 2022 22:22:25 GMT
content-type: application/json
content-length: 14521
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
acb5145d0c.8874d81f48.com/in/multy
168.119.25.22200 OK 14 kB URL HTTP/2 acb5145d0c.8874d81f48.com/in/multy
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (14527), with no line terminators
Hash e72ee18810b996d97990fbbb99e66c82
f55b0b4bf04cd5d2f56623eac124f60740e4ae01
dd666c142c82eaebe47f2de0e8298467b5aa4c563f4cd0878ecf4d78fcf49e41
Analyzer Verdict Alert quad9 Sinkholed
POST /in/multy HTTP/1.1
Host: acb5145d0c.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1141
Origin: http://www.amaporn.com
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 02 Oct 2022 22:22:25 GMT
content-type: application/json
content-length: 14529
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
acb5145d0c.8874d81f48.com/in/show/?mid=1856757205&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=778496211&sid=2228398779&cid=13360&price=0.00047141&is_cpm=0&cpm=0&ecpm=0.0011643433541943837&crid=762038&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=6.10.0&ver_c=&refdom=www.amaporn.com&hostname=auc-inpage-hz-1-a&site_id=314206&spot_id=4206&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1664835745&created_at=2022-10-02&is_native=2&auction_queue=0&burl=i94oeqUWf281y-dmxZ50WsQl9HczMUxA0xftgfkA2M9bWqtNRcRM7L1YVYAcqfWwpqkCr6EvgGG0_uSHvveTI293GOtftfzg6sFALzMhKmv752kr-Lu69whqcWOb43brX2_2HALwbTDB_-OgS3vVD8I_HXCH_ay6JNWoT0YgYH0IS8R5V-X6GeZfevfSg6IlzSVBxT1oe30dMGlF7EAvYGa7KNV08ZaV1m0j82Zj_iNy0XOOLjM_I5Qn2kii0ag9GxSS9d9kV1j6Vde6EzHqf98QQnCjtsdHPkOkoaFqKAvALshPg5D8yNtJ_0gk8XneGGykuREtrnRiByKuA8u0P3L_qsYf0lVr4FGYMUviwRJP0tDfct67BmmuNJ0P4cTYtM-FF15ScI9T745H_sGyA7RYfQ-zSd3ITolAVaFImmX_FjyP78eyMyc9gYFVRTRqtPBytLiR0SOwzz5iOGXTT5EDNx8o_KImMmq4AjuaEWvvHbGND22KAnm5RvsObx-71A9es6iMUn3Hbi9DvXl4vYnZrYkmswGDJGCByKTWiwWsQoJnO5PNQLpReCltSBqFF5mM7yj-mMb8ESmTywpQsXyHYu8_eYwVVtbVLoEYZ4fsUbx-cmKQdTR1pxMAUQ34bziY3Z0r6uaBZPc-xWS1Asj7EU-nxfjv9qnsiNDNDXNBeFUl-QEb8vFvVwkTrhJmQkmEHiFgRdPLXXBffpJV-CV8MRLnxkXT-FEMrSomOMscYsTmWPrtVOuqnjFxgj4QCdgCVTQ-GA8gZbqeAsreAt8g9rToD5ixzitd8R_Z94SyGzY-zDpF-IHaO7RVxgoS2t4ZZWBzy6ysouzNdnrzDKyAitFVtGP_6J9WlD9IBwskP5pI8heBXD9KNm9YjrGGgkuyTNPUi7MZAmEqHq-erez9UOTPSKKGVJbBO4hbQcHUXcA_1rchiYB2U4Xq1ZbqD3EwkEPqr2eMEYgcMuBxKZ2U2wM7gKF_zOnd1gR-dL2L9nqknsJPwM4_2Wdvzh6Rvfa7O3m6YaCWol3AJI9ogecj4UsB8XWZWcv5KKMuJcmVWz260YzHdcxe_vtW_zLOEdNJZur-ZjBfH97hibcSrjUUNyYNNJ82eUR-ypcVncgaqUFsJWPo3E7UncoT5YCk4LDL0bUJ4xpha42DWi34ii7KKMtW77ywIl5_1vEqF_ogcXwsCICoWYI9pWY_cDDl6y_A9j7eVgWiz-qSQsrzUrTYiRcoD56hv5I6_p3mf3yM4vroyDfD78LwYSO5VGr932xFVSCYYkyNRgomtU6_P7OzwagqdPC5Y5EXb7F7PfglT5BxzxIQZYkaS-u0UFUyav91WQ3KVFySi8hpM0U2ZgbkggkX58ICUlBQmxqHBq49vW_72acGzElrE8WNCDWbzqBZKnd90r9brUFjCetJCpiDC_41xUPfAAEShPSP9hewkPLLSZNEWZ7SAttStKCuRfZY_3TLaNPz1dn7OESo_AhVSxuRTZ985uHtABcHukiE-BUjF90gDncgNwzcu0hmO8VveOCb8UpkFV1msuYzfa26SQWyfv66Z_6ZP3sEOhX9MT50olXrPsIJm4zDVNhtTXb-bSuTZ4q_u7GQnNdzeDBke0UWviB84ovxvPWnLiz2kiFe-G45caJ7aDyEnivWSROkeclOeum6pd6C_-KeN9GgBH55MZ6SeYaXOJRm4VpIiOPXYTO3NnRAaRQI4rQ1BgbD_aU3UxjKuBNQj5cMT2BOKQezFBH6X4GVSaAmdwTMnb4vCZuiRFXyIQVphPer_i4iOLDNVHvxHdaZ59u68DzUzodDZZHhT4VYuHuHeNFdBYTOoIqvPRIce38OuVoRg2YdEyjvJ9rnl6Twg8JxzH2bZqnkWzEEM1qSLulsIrErtyatWUdPIyjqtaCcfTqhR7EeKjPICq4&pop_winurl=&ip=91.90.42.154&testab=0&px_id=534206&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.001156834709128549&placement_type_id=&skin_test=0&verify_hash=ebb4e466fd578d718450d80cf5a85170&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D778496211%26spot_id%3D4206%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amaporn.com%252F%26idzone%3D0%26sid%3D1546&ml=&tag_ab=d&original_bid=0.00047141&v2_track=1&url=0vJGmiqrUVmWlV9oXQvOLz0pPCF7ooTGAqPwiw-L40VyLR0KlP3iAkHyjA8kpcdLYqKBeJb6hGPaPnq5tXhxZ7VJWCABtaBx-t82a8qlLQLWYhaMNxW7sLeZpAXDARp8MuKFqtLjBXnjq78KCgox9IOS3fIAGOpGbrpgf8N35jF5vpVrFA&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=2&vertical_id=0&real_bid=0.00047141&pr=www.amaporn.com&user_keywords=&auc_type=1&aid=116&ext_cid=0&device_theme=light&keywords=Adult&mlc=1&format=default-slide-b_r-embed&mlf=1&cpa=b08f7626-a21a-4fd3-8771-43a580854c80
168.119.25.22302 Found 0 B URL HTTP/2 acb5145d0c.8874d81f48.com/in/show/?mid=1856757205&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=778496211&sid=2228398779&cid=13360&price=0.00047141&is_cpm=0&cpm=0&ecpm=0.0011643433541943837&crid=762038&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=6.10.0&ver_c=&refdom=www.amaporn.com&hostname=auc-inpage-hz-1-a&site_id=314206&spot_id=4206&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1664835745&created_at=2022-10-02&is_native=2&auction_queue=0&burl=i94oeqUWf281y-dmxZ50WsQl9HczMUxA0xftgfkA2M9bWqtNRcRM7L1YVYAcqfWwpqkCr6EvgGG0_uSHvveTI293GOtftfzg6sFALzMhKmv752kr-Lu69whqcWOb43brX2_2HALwbTDB_-OgS3vVD8I_HXCH_ay6JNWoT0YgYH0IS8R5V-X6GeZfevfSg6IlzSVBxT1oe30dMGlF7EAvYGa7KNV08ZaV1m0j82Zj_iNy0XOOLjM_I5Qn2kii0ag9GxSS9d9kV1j6Vde6EzHqf98QQnCjtsdHPkOkoaFqKAvALshPg5D8yNtJ_0gk8XneGGykuREtrnRiByKuA8u0P3L_qsYf0lVr4FGYMUviwRJP0tDfct67BmmuNJ0P4cTYtM-FF15ScI9T745H_sGyA7RYfQ-zSd3ITolAVaFImmX_FjyP78eyMyc9gYFVRTRqtPBytLiR0SOwzz5iOGXTT5EDNx8o_KImMmq4AjuaEWvvHbGND22KAnm5RvsObx-71A9es6iMUn3Hbi9DvXl4vYnZrYkmswGDJGCByKTWiwWsQoJnO5PNQLpReCltSBqFF5mM7yj-mMb8ESmTywpQsXyHYu8_eYwVVtbVLoEYZ4fsUbx-cmKQdTR1pxMAUQ34bziY3Z0r6uaBZPc-xWS1Asj7EU-nxfjv9qnsiNDNDXNBeFUl-QEb8vFvVwkTrhJmQkmEHiFgRdPLXXBffpJV-CV8MRLnxkXT-FEMrSomOMscYsTmWPrtVOuqnjFxgj4QCdgCVTQ-GA8gZbqeAsreAt8g9rToD5ixzitd8R_Z94SyGzY-zDpF-IHaO7RVxgoS2t4ZZWBzy6ysouzNdnrzDKyAitFVtGP_6J9WlD9IBwskP5pI8heBXD9KNm9YjrGGgkuyTNPUi7MZAmEqHq-erez9UOTPSKKGVJbBO4hbQcHUXcA_1rchiYB2U4Xq1ZbqD3EwkEPqr2eMEYgcMuBxKZ2U2wM7gKF_zOnd1gR-dL2L9nqknsJPwM4_2Wdvzh6Rvfa7O3m6YaCWol3AJI9ogecj4UsB8XWZWcv5KKMuJcmVWz260YzHdcxe_vtW_zLOEdNJZur-ZjBfH97hibcSrjUUNyYNNJ82eUR-ypcVncgaqUFsJWPo3E7UncoT5YCk4LDL0bUJ4xpha42DWi34ii7KKMtW77ywIl5_1vEqF_ogcXwsCICoWYI9pWY_cDDl6y_A9j7eVgWiz-qSQsrzUrTYiRcoD56hv5I6_p3mf3yM4vroyDfD78LwYSO5VGr932xFVSCYYkyNRgomtU6_P7OzwagqdPC5Y5EXb7F7PfglT5BxzxIQZYkaS-u0UFUyav91WQ3KVFySi8hpM0U2ZgbkggkX58ICUlBQmxqHBq49vW_72acGzElrE8WNCDWbzqBZKnd90r9brUFjCetJCpiDC_41xUPfAAEShPSP9hewkPLLSZNEWZ7SAttStKCuRfZY_3TLaNPz1dn7OESo_AhVSxuRTZ985uHtABcHukiE-BUjF90gDncgNwzcu0hmO8VveOCb8UpkFV1msuYzfa26SQWyfv66Z_6ZP3sEOhX9MT50olXrPsIJm4zDVNhtTXb-bSuTZ4q_u7GQnNdzeDBke0UWviB84ovxvPWnLiz2kiFe-G45caJ7aDyEnivWSROkeclOeum6pd6C_-KeN9GgBH55MZ6SeYaXOJRm4VpIiOPXYTO3NnRAaRQI4rQ1BgbD_aU3UxjKuBNQj5cMT2BOKQezFBH6X4GVSaAmdwTMnb4vCZuiRFXyIQVphPer_i4iOLDNVHvxHdaZ59u68DzUzodDZZHhT4VYuHuHeNFdBYTOoIqvPRIce38OuVoRg2YdEyjvJ9rnl6Twg8JxzH2bZqnkWzEEM1qSLulsIrErtyatWUdPIyjqtaCcfTqhR7EeKjPICq4&pop_winurl=&ip=91.90.42.154&testab=0&px_id=534206&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.001156834709128549&placement_type_id=&skin_test=0&verify_hash=ebb4e466fd578d718450d80cf5a85170&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D778496211%26spot_id%3D4206%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amaporn.com%252F%26idzone%3D0%26sid%3D1546&ml=&tag_ab=d&original_bid=0.00047141&v2_track=1&url=0vJGmiqrUVmWlV9oXQvOLz0pPCF7ooTGAqPwiw-L40VyLR0KlP3iAkHyjA8kpcdLYqKBeJb6hGPaPnq5tXhxZ7VJWCABtaBx-t82a8qlLQLWYhaMNxW7sLeZpAXDARp8MuKFqtLjBXnjq78KCgox9IOS3fIAGOpGbrpgf8N35jF5vpVrFA&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=2&vertical_id=0&real_bid=0.00047141&pr=www.amaporn.com&user_keywords=&auc_type=1&aid=116&ext_cid=0&device_theme=light&keywords=Adult&mlc=1&format=default-slide-b_r-embed&mlf=1&cpa=b08f7626-a21a-4fd3-8771-43a580854c80
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/show/?mid=1856757205&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=778496211&sid=2228398779&cid=13360&price=0.00047141&is_cpm=0&cpm=0&ecpm=0.0011643433541943837&crid=762038&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=6.10.0&ver_c=&refdom=www.amaporn.com&hostname=auc-inpage-hz-1-a&site_id=314206&spot_id=4206&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1664835745&created_at=2022-10-02&is_native=2&auction_queue=0&burl=i94oeqUWf281y-dmxZ50WsQl9HczMUxA0xftgfkA2M9bWqtNRcRM7L1YVYAcqfWwpqkCr6EvgGG0_uSHvveTI293GOtftfzg6sFALzMhKmv752kr-Lu69whqcWOb43brX2_2HALwbTDB_-OgS3vVD8I_HXCH_ay6JNWoT0YgYH0IS8R5V-X6GeZfevfSg6IlzSVBxT1oe30dMGlF7EAvYGa7KNV08ZaV1m0j82Zj_iNy0XOOLjM_I5Qn2kii0ag9GxSS9d9kV1j6Vde6EzHqf98QQnCjtsdHPkOkoaFqKAvALshPg5D8yNtJ_0gk8XneGGykuREtrnRiByKuA8u0P3L_qsYf0lVr4FGYMUviwRJP0tDfct67BmmuNJ0P4cTYtM-FF15ScI9T745H_sGyA7RYfQ-zSd3ITolAVaFImmX_FjyP78eyMyc9gYFVRTRqtPBytLiR0SOwzz5iOGXTT5EDNx8o_KImMmq4AjuaEWvvHbGND22KAnm5RvsObx-71A9es6iMUn3Hbi9DvXl4vYnZrYkmswGDJGCByKTWiwWsQoJnO5PNQLpReCltSBqFF5mM7yj-mMb8ESmTywpQsXyHYu8_eYwVVtbVLoEYZ4fsUbx-cmKQdTR1pxMAUQ34bziY3Z0r6uaBZPc-xWS1Asj7EU-nxfjv9qnsiNDNDXNBeFUl-QEb8vFvVwkTrhJmQkmEHiFgRdPLXXBffpJV-CV8MRLnxkXT-FEMrSomOMscYsTmWPrtVOuqnjFxgj4QCdgCVTQ-GA8gZbqeAsreAt8g9rToD5ixzitd8R_Z94SyGzY-zDpF-IHaO7RVxgoS2t4ZZWBzy6ysouzNdnrzDKyAitFVtGP_6J9WlD9IBwskP5pI8heBXD9KNm9YjrGGgkuyTNPUi7MZAmEqHq-erez9UOTPSKKGVJbBO4hbQcHUXcA_1rchiYB2U4Xq1ZbqD3EwkEPqr2eMEYgcMuBxKZ2U2wM7gKF_zOnd1gR-dL2L9nqknsJPwM4_2Wdvzh6Rvfa7O3m6YaCWol3AJI9ogecj4UsB8XWZWcv5KKMuJcmVWz260YzHdcxe_vtW_zLOEdNJZur-ZjBfH97hibcSrjUUNyYNNJ82eUR-ypcVncgaqUFsJWPo3E7UncoT5YCk4LDL0bUJ4xpha42DWi34ii7KKMtW77ywIl5_1vEqF_ogcXwsCICoWYI9pWY_cDDl6y_A9j7eVgWiz-qSQsrzUrTYiRcoD56hv5I6_p3mf3yM4vroyDfD78LwYSO5VGr932xFVSCYYkyNRgomtU6_P7OzwagqdPC5Y5EXb7F7PfglT5BxzxIQZYkaS-u0UFUyav91WQ3KVFySi8hpM0U2ZgbkggkX58ICUlBQmxqHBq49vW_72acGzElrE8WNCDWbzqBZKnd90r9brUFjCetJCpiDC_41xUPfAAEShPSP9hewkPLLSZNEWZ7SAttStKCuRfZY_3TLaNPz1dn7OESo_AhVSxuRTZ985uHtABcHukiE-BUjF90gDncgNwzcu0hmO8VveOCb8UpkFV1msuYzfa26SQWyfv66Z_6ZP3sEOhX9MT50olXrPsIJm4zDVNhtTXb-bSuTZ4q_u7GQnNdzeDBke0UWviB84ovxvPWnLiz2kiFe-G45caJ7aDyEnivWSROkeclOeum6pd6C_-KeN9GgBH55MZ6SeYaXOJRm4VpIiOPXYTO3NnRAaRQI4rQ1BgbD_aU3UxjKuBNQj5cMT2BOKQezFBH6X4GVSaAmdwTMnb4vCZuiRFXyIQVphPer_i4iOLDNVHvxHdaZ59u68DzUzodDZZHhT4VYuHuHeNFdBYTOoIqvPRIce38OuVoRg2YdEyjvJ9rnl6Twg8JxzH2bZqnkWzEEM1qSLulsIrErtyatWUdPIyjqtaCcfTqhR7EeKjPICq4&pop_winurl=&ip=91.90.42.154&testab=0&px_id=534206&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.001156834709128549&placement_type_id=&skin_test=0&verify_hash=ebb4e466fd578d718450d80cf5a85170&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D778496211%26spot_id%3D4206%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amaporn.com%252F%26idzone%3D0%26sid%3D1546&ml=&tag_ab=d&original_bid=0.00047141&v2_track=1&url=0vJGmiqrUVmWlV9oXQvOLz0pPCF7ooTGAqPwiw-L40VyLR0KlP3iAkHyjA8kpcdLYqKBeJb6hGPaPnq5tXhxZ7VJWCABtaBx-t82a8qlLQLWYhaMNxW7sLeZpAXDARp8MuKFqtLjBXnjq78KCgox9IOS3fIAGOpGbrpgf8N35jF5vpVrFA&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=2&vertical_id=0&real_bid=0.00047141&pr=www.amaporn.com&user_keywords=&auc_type=1&aid=116&ext_cid=0&device_theme=light&keywords=Adult&mlc=1&format=default-slide-b_r-embed&mlf=1&cpa=b08f7626-a21a-4fd3-8771-43a580854c80 HTTP/1.1
Host: acb5145d0c.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Sun, 02 Oct 2022 22:22:25 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
X-Firefox-Spdy: h2
acb5145d0c.8874d81f48.com/in/show/?mid=256784689&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=778496211&sid=1917258686&cid=13360&price=0.00047141&is_cpm=0&cpm=0&ecpm=0.0011643433541943837&crid=762038&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=6.10.0&ver_c=&refdom=www.amaporn.com&hostname=auc-inpage-hz-0-b&site_id=314206&spot_id=4206&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1664835745&created_at=2022-10-02&is_native=2&auction_queue=0&burl=mP0SEA-iIAS0c4m_mHR4-ABKrHiJTGmuv4KFbQ4fT7VEw_3UFGFqKj1BFxc8HaeA-XpckldLAZOvfqZwsdNhL4_pLXDqNqDdi0Ji80vKuFCkSTdvlIWvWiEgSdhx8zC4fM2tIHTkJ9i1bpH5Crg2g5fvCTtgTwFjQJnU_Jm1refxqJIVQletGo1ywqo4sdVhMY0Ik23wOXblM9Q_x3-exbQgFOkZmtexZKssp-WEkz2I_rNmrtReuU0jgaxkrNAlPPbsZPusrvEiMl_c-SYGhYO0dmQv4jpPNqB1L5-wp1ScOa_BkQ1eZLlDC5BGFE4wkpa5G0lY3wU9MFzw0JfPZO1iLk3AQVTwC8b00XKYYgrELe_4vF0QWk7flD6VgfqFu7WvWVgRatTb3rQCJyAHVh2l07dnJDSaw2yK6N-M7mE7Y_UDoRUnKH0qwiSvAzisJytAx2R2e21rr39fgFlwaFhxOf11o9t1Mk2kX5MMe6pHtTxktg0s1-BpWD9PzGQkgl88pfBoA7TZzr-Sb5nFLFflR5GoWDbpj7tXdWt0KhyisTzxfOR6BRCmBhVtho9K6eP7pQuAbPJTLBqq4DfHS1WigEA9Ilxz9sLcajPtfhPaNn8Yib0Ivs2cbhV_rtYUsosUB1Ut3GpF9B8uhy3XNyt7KX-MrCmRXJWYHsqLQ7AqYfTYEXSXMWDcH9FFVSohL4B84Sy5dgfv7ZLTqqUjXDJJgpjzGoEvnxRXddP8ISeJ225DijrFlqNiF9B5E6dLtntA1eJO3O5uYTrqyqAnhOqjq73HD1IJd2cf4Ctsa1I_odKNRTJsodiCjgw-NzcsCHM0SopZgOGN67RMAqcVl1050POp1tnwr-PI9UcUCRVkcECXhdQxKy8VNNinAFA0ZtvICnZHOn7lJgwA4G5FpXtU5G6RlxbKH8hGd2Hgf5KDw9Fl9B2y4Oxn2Vg2TIwXVlslQ9Fyl3udkzd_8PuCPrVY-zCnL0NhtMt1mRAH6iemtpvme56YAXje_0EauQjfILuhsP_7aVUroaJeSfSA0Dvu44a2wHctxmU_Jl6H1yVYPcTpScrVTM1U0pUVtx7lHOs3ZjI0J2Y9eHRszNq1TPGdydDX2oj-QqYcw56I8YZEUJaFW77eIITFcXethEB7gvN_U0__1id5Zjqb77VuhwAo4RqvkiKy-L2cjSbacXKkvUr9sw348Df5yAE9pw-eSbgskK0Uq_rcVJu6cQZ7tv3ZeC9NqmRgr0fCrknKPprWGOyiiKidsDlqyxjRVp26OxsXQwwWAYOxzTsoLrXjyLud2LYhr4MKNl1UKyeaaLRFEYUKckIvE4SLxrba576oxbGedrs0Cgdegx30g2FsDvQxOFx3mws60Q9frpKBxqz8mOnbeU5FHgjH6f-M4Qb7-fM8yk-ewcuw6eUIdjjpBzGBsSe3eEeJOJtFzJ7hic8s18QHNnVNVBorIoI9VBl2KBlhwGkD0kELzqo4f-gfeTWxKEDt7Qk5SoA4kUQEdE7aP5g1r2GnNLLHgctxYeWP7sieNa4XqkhOeS805TE6l2FTzX9UQr2_z-tKuefH3J_GRD9UkScFB_pj5yzF29vzWjdv1Y-HaaZfTVg-ZLsOB8tOn0YMSbdlpexiAp9aiJ9zLYK1krQ5uhVeUzD9NoV4Twex_qkOYiXM7iCNEcSW5LaN_gGU6uH6zrwVRZ5vz460TZT-EsaEFm91MlWPV8v8DQ4YUfavaBQuRszlYBEvP---rZyaAJ9wIW-bHEsRMO41TWuiXZbZBF0UozgXMt31eya8QaQ_sJo7xkxlWW5S0DwPFAwL-mRdWh5dE3oaO1A9QRUbxe5RATKI_KMJs5_en_B7gbFJ25hjfwigjBjQEsV8t26KN77TU70t17edqbn5Eno9r2uqbJEq-n-L3ijinR0ONLcGCUqC1Z6ervXXcGWn&pop_winurl=&ip=91.90.42.154&testab=0&px_id=534206&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.001156834709128549&placement_type_id=&skin_test=0&verify_hash=be7dfbb25c85e8eba1819bd06a222e0a&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D778496211%26spot_id%3D4206%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amaporn.com%252F%26idzone%3D0%26sid%3D1546&ml=&tag_ab=d&original_bid=0.00047141&v2_track=1&url=adtK7VXjugLNw08hui-UnwhA_Eb2jzn-1tYOIYqSsuYNrWdrozcKRYaSzQVthucovFXnmJuA79Itq8XjZJoVALdEvpoN6RlDjc8kJJ0mTXqJAL2CfAzJS0IPeQizPNbFkDbA5lx1HN0NiO0khjyDgi8dvGNoigJH4jJH1TZSBS1fEzPK2w&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=2&vertical_id=0&real_bid=0.00047141&pr=www.amaporn.com&user_keywords=&auc_type=1&aid=116&ext_cid=0&device_theme=light&keywords=Adult&mlc=1&format=default-slide-b_r-embed&mlf=1&cpa=e4844c1f-d1cc-4a3f-b4e4-0a69b2247c0f
168.119.25.22302 Found 0 B URL HTTP/2 acb5145d0c.8874d81f48.com/in/show/?mid=256784689&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=778496211&sid=1917258686&cid=13360&price=0.00047141&is_cpm=0&cpm=0&ecpm=0.0011643433541943837&crid=762038&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=6.10.0&ver_c=&refdom=www.amaporn.com&hostname=auc-inpage-hz-0-b&site_id=314206&spot_id=4206&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1664835745&created_at=2022-10-02&is_native=2&auction_queue=0&burl=mP0SEA-iIAS0c4m_mHR4-ABKrHiJTGmuv4KFbQ4fT7VEw_3UFGFqKj1BFxc8HaeA-XpckldLAZOvfqZwsdNhL4_pLXDqNqDdi0Ji80vKuFCkSTdvlIWvWiEgSdhx8zC4fM2tIHTkJ9i1bpH5Crg2g5fvCTtgTwFjQJnU_Jm1refxqJIVQletGo1ywqo4sdVhMY0Ik23wOXblM9Q_x3-exbQgFOkZmtexZKssp-WEkz2I_rNmrtReuU0jgaxkrNAlPPbsZPusrvEiMl_c-SYGhYO0dmQv4jpPNqB1L5-wp1ScOa_BkQ1eZLlDC5BGFE4wkpa5G0lY3wU9MFzw0JfPZO1iLk3AQVTwC8b00XKYYgrELe_4vF0QWk7flD6VgfqFu7WvWVgRatTb3rQCJyAHVh2l07dnJDSaw2yK6N-M7mE7Y_UDoRUnKH0qwiSvAzisJytAx2R2e21rr39fgFlwaFhxOf11o9t1Mk2kX5MMe6pHtTxktg0s1-BpWD9PzGQkgl88pfBoA7TZzr-Sb5nFLFflR5GoWDbpj7tXdWt0KhyisTzxfOR6BRCmBhVtho9K6eP7pQuAbPJTLBqq4DfHS1WigEA9Ilxz9sLcajPtfhPaNn8Yib0Ivs2cbhV_rtYUsosUB1Ut3GpF9B8uhy3XNyt7KX-MrCmRXJWYHsqLQ7AqYfTYEXSXMWDcH9FFVSohL4B84Sy5dgfv7ZLTqqUjXDJJgpjzGoEvnxRXddP8ISeJ225DijrFlqNiF9B5E6dLtntA1eJO3O5uYTrqyqAnhOqjq73HD1IJd2cf4Ctsa1I_odKNRTJsodiCjgw-NzcsCHM0SopZgOGN67RMAqcVl1050POp1tnwr-PI9UcUCRVkcECXhdQxKy8VNNinAFA0ZtvICnZHOn7lJgwA4G5FpXtU5G6RlxbKH8hGd2Hgf5KDw9Fl9B2y4Oxn2Vg2TIwXVlslQ9Fyl3udkzd_8PuCPrVY-zCnL0NhtMt1mRAH6iemtpvme56YAXje_0EauQjfILuhsP_7aVUroaJeSfSA0Dvu44a2wHctxmU_Jl6H1yVYPcTpScrVTM1U0pUVtx7lHOs3ZjI0J2Y9eHRszNq1TPGdydDX2oj-QqYcw56I8YZEUJaFW77eIITFcXethEB7gvN_U0__1id5Zjqb77VuhwAo4RqvkiKy-L2cjSbacXKkvUr9sw348Df5yAE9pw-eSbgskK0Uq_rcVJu6cQZ7tv3ZeC9NqmRgr0fCrknKPprWGOyiiKidsDlqyxjRVp26OxsXQwwWAYOxzTsoLrXjyLud2LYhr4MKNl1UKyeaaLRFEYUKckIvE4SLxrba576oxbGedrs0Cgdegx30g2FsDvQxOFx3mws60Q9frpKBxqz8mOnbeU5FHgjH6f-M4Qb7-fM8yk-ewcuw6eUIdjjpBzGBsSe3eEeJOJtFzJ7hic8s18QHNnVNVBorIoI9VBl2KBlhwGkD0kELzqo4f-gfeTWxKEDt7Qk5SoA4kUQEdE7aP5g1r2GnNLLHgctxYeWP7sieNa4XqkhOeS805TE6l2FTzX9UQr2_z-tKuefH3J_GRD9UkScFB_pj5yzF29vzWjdv1Y-HaaZfTVg-ZLsOB8tOn0YMSbdlpexiAp9aiJ9zLYK1krQ5uhVeUzD9NoV4Twex_qkOYiXM7iCNEcSW5LaN_gGU6uH6zrwVRZ5vz460TZT-EsaEFm91MlWPV8v8DQ4YUfavaBQuRszlYBEvP---rZyaAJ9wIW-bHEsRMO41TWuiXZbZBF0UozgXMt31eya8QaQ_sJo7xkxlWW5S0DwPFAwL-mRdWh5dE3oaO1A9QRUbxe5RATKI_KMJs5_en_B7gbFJ25hjfwigjBjQEsV8t26KN77TU70t17edqbn5Eno9r2uqbJEq-n-L3ijinR0ONLcGCUqC1Z6ervXXcGWn&pop_winurl=&ip=91.90.42.154&testab=0&px_id=534206&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.001156834709128549&placement_type_id=&skin_test=0&verify_hash=be7dfbb25c85e8eba1819bd06a222e0a&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D778496211%26spot_id%3D4206%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amaporn.com%252F%26idzone%3D0%26sid%3D1546&ml=&tag_ab=d&original_bid=0.00047141&v2_track=1&url=adtK7VXjugLNw08hui-UnwhA_Eb2jzn-1tYOIYqSsuYNrWdrozcKRYaSzQVthucovFXnmJuA79Itq8XjZJoVALdEvpoN6RlDjc8kJJ0mTXqJAL2CfAzJS0IPeQizPNbFkDbA5lx1HN0NiO0khjyDgi8dvGNoigJH4jJH1TZSBS1fEzPK2w&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=2&vertical_id=0&real_bid=0.00047141&pr=www.amaporn.com&user_keywords=&auc_type=1&aid=116&ext_cid=0&device_theme=light&keywords=Adult&mlc=1&format=default-slide-b_r-embed&mlf=1&cpa=e4844c1f-d1cc-4a3f-b4e4-0a69b2247c0f
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/show/?mid=256784689&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=778496211&sid=1917258686&cid=13360&price=0.00047141&is_cpm=0&cpm=0&ecpm=0.0011643433541943837&crid=762038&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=6.10.0&ver_c=&refdom=www.amaporn.com&hostname=auc-inpage-hz-0-b&site_id=314206&spot_id=4206&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1664835745&created_at=2022-10-02&is_native=2&auction_queue=0&burl=mP0SEA-iIAS0c4m_mHR4-ABKrHiJTGmuv4KFbQ4fT7VEw_3UFGFqKj1BFxc8HaeA-XpckldLAZOvfqZwsdNhL4_pLXDqNqDdi0Ji80vKuFCkSTdvlIWvWiEgSdhx8zC4fM2tIHTkJ9i1bpH5Crg2g5fvCTtgTwFjQJnU_Jm1refxqJIVQletGo1ywqo4sdVhMY0Ik23wOXblM9Q_x3-exbQgFOkZmtexZKssp-WEkz2I_rNmrtReuU0jgaxkrNAlPPbsZPusrvEiMl_c-SYGhYO0dmQv4jpPNqB1L5-wp1ScOa_BkQ1eZLlDC5BGFE4wkpa5G0lY3wU9MFzw0JfPZO1iLk3AQVTwC8b00XKYYgrELe_4vF0QWk7flD6VgfqFu7WvWVgRatTb3rQCJyAHVh2l07dnJDSaw2yK6N-M7mE7Y_UDoRUnKH0qwiSvAzisJytAx2R2e21rr39fgFlwaFhxOf11o9t1Mk2kX5MMe6pHtTxktg0s1-BpWD9PzGQkgl88pfBoA7TZzr-Sb5nFLFflR5GoWDbpj7tXdWt0KhyisTzxfOR6BRCmBhVtho9K6eP7pQuAbPJTLBqq4DfHS1WigEA9Ilxz9sLcajPtfhPaNn8Yib0Ivs2cbhV_rtYUsosUB1Ut3GpF9B8uhy3XNyt7KX-MrCmRXJWYHsqLQ7AqYfTYEXSXMWDcH9FFVSohL4B84Sy5dgfv7ZLTqqUjXDJJgpjzGoEvnxRXddP8ISeJ225DijrFlqNiF9B5E6dLtntA1eJO3O5uYTrqyqAnhOqjq73HD1IJd2cf4Ctsa1I_odKNRTJsodiCjgw-NzcsCHM0SopZgOGN67RMAqcVl1050POp1tnwr-PI9UcUCRVkcECXhdQxKy8VNNinAFA0ZtvICnZHOn7lJgwA4G5FpXtU5G6RlxbKH8hGd2Hgf5KDw9Fl9B2y4Oxn2Vg2TIwXVlslQ9Fyl3udkzd_8PuCPrVY-zCnL0NhtMt1mRAH6iemtpvme56YAXje_0EauQjfILuhsP_7aVUroaJeSfSA0Dvu44a2wHctxmU_Jl6H1yVYPcTpScrVTM1U0pUVtx7lHOs3ZjI0J2Y9eHRszNq1TPGdydDX2oj-QqYcw56I8YZEUJaFW77eIITFcXethEB7gvN_U0__1id5Zjqb77VuhwAo4RqvkiKy-L2cjSbacXKkvUr9sw348Df5yAE9pw-eSbgskK0Uq_rcVJu6cQZ7tv3ZeC9NqmRgr0fCrknKPprWGOyiiKidsDlqyxjRVp26OxsXQwwWAYOxzTsoLrXjyLud2LYhr4MKNl1UKyeaaLRFEYUKckIvE4SLxrba576oxbGedrs0Cgdegx30g2FsDvQxOFx3mws60Q9frpKBxqz8mOnbeU5FHgjH6f-M4Qb7-fM8yk-ewcuw6eUIdjjpBzGBsSe3eEeJOJtFzJ7hic8s18QHNnVNVBorIoI9VBl2KBlhwGkD0kELzqo4f-gfeTWxKEDt7Qk5SoA4kUQEdE7aP5g1r2GnNLLHgctxYeWP7sieNa4XqkhOeS805TE6l2FTzX9UQr2_z-tKuefH3J_GRD9UkScFB_pj5yzF29vzWjdv1Y-HaaZfTVg-ZLsOB8tOn0YMSbdlpexiAp9aiJ9zLYK1krQ5uhVeUzD9NoV4Twex_qkOYiXM7iCNEcSW5LaN_gGU6uH6zrwVRZ5vz460TZT-EsaEFm91MlWPV8v8DQ4YUfavaBQuRszlYBEvP---rZyaAJ9wIW-bHEsRMO41TWuiXZbZBF0UozgXMt31eya8QaQ_sJo7xkxlWW5S0DwPFAwL-mRdWh5dE3oaO1A9QRUbxe5RATKI_KMJs5_en_B7gbFJ25hjfwigjBjQEsV8t26KN77TU70t17edqbn5Eno9r2uqbJEq-n-L3ijinR0ONLcGCUqC1Z6ervXXcGWn&pop_winurl=&ip=91.90.42.154&testab=0&px_id=534206&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.001156834709128549&placement_type_id=&skin_test=0&verify_hash=be7dfbb25c85e8eba1819bd06a222e0a&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D778496211%26spot_id%3D4206%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amaporn.com%252F%26idzone%3D0%26sid%3D1546&ml=&tag_ab=d&original_bid=0.00047141&v2_track=1&url=adtK7VXjugLNw08hui-UnwhA_Eb2jzn-1tYOIYqSsuYNrWdrozcKRYaSzQVthucovFXnmJuA79Itq8XjZJoVALdEvpoN6RlDjc8kJJ0mTXqJAL2CfAzJS0IPeQizPNbFkDbA5lx1HN0NiO0khjyDgi8dvGNoigJH4jJH1TZSBS1fEzPK2w&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=2&vertical_id=0&real_bid=0.00047141&pr=www.amaporn.com&user_keywords=&auc_type=1&aid=116&ext_cid=0&device_theme=light&keywords=Adult&mlc=1&format=default-slide-b_r-embed&mlf=1&cpa=e4844c1f-d1cc-4a3f-b4e4-0a69b2247c0f HTTP/1.1
Host: acb5145d0c.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Sun, 02 Oct 2022 22:22:25 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
X-Firefox-Spdy: h2
acb5145d0c.8874d81f48.com/in/show/?mid=1241830624&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=778496211&sid=1924655790&cid=13360&price=0.00047141&is_cpm=0&cpm=0&ecpm=0.02291993100364772&crid=762038&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=7.4.0&ver_c=&refdom=www.amaporn.com&hostname=auc-inpage-hz-1-c&site_id=314206&spot_id=4206&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1664835745&created_at=2022-10-02&is_native=2&auction_queue=0&burl=r5eT3LJq8yGzgw61sQ7cuf9xcBNmP4oSTKemRZW-sjevsWG62Ui1TxbJrk5lSTb1Tv30QpT3uTL6hHVmO064NYiRXNCIptV0a7aBAhilTzBH4h004nksjoBqGHsm3gudmtAj1f98IIz79UxWZPEiOwY45NsnuckvoC1SgmSaAc-KS_xWzH8fG6c5QuLHyGK2N3BVutCoGpX5UwLIP6N2j5u_30Mno-MEtszmisCb2fZlYT5VToEJt9oPsjY2Zln3cRe2O2vXtxSiYm9_MMH9_dGLj2m9MLwo81kaS8qyzmg_QNVauT-slfKdb3Q4bA_7fYbR6ozvJVQNzWKAYELszMKWH68h7AWl2aVwJBrHdhZDILIGcWi5cRPmjILHYRaHdnn5JHKNdqyOuCl62s5VaDXkc3_cSdLkKgZoF0F732jAeJWUAaGjJJyXqZwbmXl-CUtUvXLb27atX_Bq4JhbxZ-O0puOcsSvZeMeE0YzKOpx7ErUuQrom7XhzUfdZcjQhBgt0vVLVpYMJZNL8_axXosWcQ79pL_J9OHlpJcOWITEudNB38k7GsNNuwBgGeM1R3aFOGyNukhM32FNx4rN4-DqIay_KY3n_IQov5PG5wVt0hm-UyRAF80ySuE_CRizjd_37MN5RRDdzWISLdrLAEAZKimOzRgagQghCp7nDiRIYFcisCxAwV_r_9iovhOwdJbMXdsm_G1ptFLAG3aMrhDg9OAOyxzouGgc4VbH7vm7H84hjge5_F6I_tLbbSQb_EOxHWAoToNE_UpzwKuHvMlIgJwbYW7AwwQKacgorfu8cuRvjAO-fs9NvD2w7bo-ZYAlHmQV0AOp8bn6TmAhzymqPi6rcFyI-LoTL_fq1eqJ4YM67cGYIHg6RDqPrR-WeKtW5_1g_oYJBSzY1NjrRkPfPY7Du_T3PYNKi6uNrWaCYS2gxy6PIKcSdWqrlrpVueTKCStBmoHQb32L9XoY-lCPJIgVaabqpCokeRQu7SnnPAZV7WDzThIDdqzMaRppucMSA6_ikZRR5YUuarSjAMjKXOlDqECxlTWR-JFVTYkVERczDOsyrtgsTn2z6cFIr6XGstklTMzBPo2Lg_3SvXatp75rAYzCeouQMR8QZCGtZkqjEptBzn2H9qyJsAhmIlHmTF580YyzM6zOTZzei-_eTbVXf9Mrqx37faUbPLDwzZOOECT6L34qR3qLEqT_wtC7Beu4JduZy8fd02GX3Evcp9Yo9mYZXvieG5iTJ2MiH6I1hz_qhMqlOZb3xHsaTIv9KHftmBt52ALYuIYbD0FS-vWeURPAqjBrsC1YJlp7uZ_acMHrf1hmrEchu8efsznbjCrbFO40j3MIeT_oq8e0sSZVCLS0n7ose47NyHqtEtkeHUN4KC_YCQquM0yvdRMSVgJ47521wq30JfvppXiSfSZEZc1IqzHZ8d4Zt88VVJT8Fhx0XDTJLKRrV-b7kHX3nTheWGhn1UwhgiCZUKE5HbzB2pky1B47FJagDqTJNtd9tJTcy2agH-gGUKEGDocYgeDh63Zz16BrB0v0q1l38w7Kb5L6hCu9HansgfT3zb1xqYZkWtcf3pTI0KEsNpOJrLEep6a6Rj_MG3GEtWAvyo4j-8qeYdB-PR7FR6GjITjDD2d10xI4Ht8gGJ6IMoQpP_JvczIk4qfO1ua0c-bsMDGage5IhwWTCzCRzBHinTN2c5N1VKoxkr6Fwnvn6R0fdQDUDrc6g2DMPqD0Sk-_3Y0vMs-bnVn0stjrrhnanmf38affIclkHS-st_o-BI_xzKjnIez9IaHU6aqrW54t7RuEmNNNioIZiNGS9oJFUQ4ydx6XeVR1pscMeASmudhlwlKdtJvQ6bOZrJwMSP8uQlld_YDNWSJrF4H4DBl-VFwazsEn4In7YnJcfEPRE-ohayU5Xm5zDp_Di5_3nMp5cr1_gA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=534206&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.022055497936706105&placement_type_id=&skin_test=1&verify_hash=4ff4b92ff4a5fe80c7f9b4b06076b55c&score=100&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D778496211%26spot_id%3D4206%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fwww.amaporn.com%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0.00047141&v2_track=1&url=YO4V7lrJkU_Ehpg4rtY5ZECsJ7EpsxjOh9NMBJl5mi6yh4cqn1UoEdbA8za8Z2IqjdR2IBJ_TiUx5P0PdJIqBP4DPZQaczcNdMsAKNd4kRKNk_OcGers21b172fbis3ymc1c2vblAlJNjcpIe9rYZW-DGgnytP5XIqy6pbKuDHs3HMAWCw&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=29&vertical_id=0&real_bid=0.00047141&pr=&user_keywords=&auc_type=1&aid=116&ext_cid=0&device_theme=light&keywords=Adult&mlc=1&format=utilityBottomAlarm-slide-b_r-body&mlf=1&cpa=2e6b0518-3148-4804-89c0-2bac0c09c8e2
168.119.25.22302 Found 0 B URL HTTP/2 acb5145d0c.8874d81f48.com/in/show/?mid=1241830624&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=778496211&sid=1924655790&cid=13360&price=0.00047141&is_cpm=0&cpm=0&ecpm=0.02291993100364772&crid=762038&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=7.4.0&ver_c=&refdom=www.amaporn.com&hostname=auc-inpage-hz-1-c&site_id=314206&spot_id=4206&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1664835745&created_at=2022-10-02&is_native=2&auction_queue=0&burl=r5eT3LJq8yGzgw61sQ7cuf9xcBNmP4oSTKemRZW-sjevsWG62Ui1TxbJrk5lSTb1Tv30QpT3uTL6hHVmO064NYiRXNCIptV0a7aBAhilTzBH4h004nksjoBqGHsm3gudmtAj1f98IIz79UxWZPEiOwY45NsnuckvoC1SgmSaAc-KS_xWzH8fG6c5QuLHyGK2N3BVutCoGpX5UwLIP6N2j5u_30Mno-MEtszmisCb2fZlYT5VToEJt9oPsjY2Zln3cRe2O2vXtxSiYm9_MMH9_dGLj2m9MLwo81kaS8qyzmg_QNVauT-slfKdb3Q4bA_7fYbR6ozvJVQNzWKAYELszMKWH68h7AWl2aVwJBrHdhZDILIGcWi5cRPmjILHYRaHdnn5JHKNdqyOuCl62s5VaDXkc3_cSdLkKgZoF0F732jAeJWUAaGjJJyXqZwbmXl-CUtUvXLb27atX_Bq4JhbxZ-O0puOcsSvZeMeE0YzKOpx7ErUuQrom7XhzUfdZcjQhBgt0vVLVpYMJZNL8_axXosWcQ79pL_J9OHlpJcOWITEudNB38k7GsNNuwBgGeM1R3aFOGyNukhM32FNx4rN4-DqIay_KY3n_IQov5PG5wVt0hm-UyRAF80ySuE_CRizjd_37MN5RRDdzWISLdrLAEAZKimOzRgagQghCp7nDiRIYFcisCxAwV_r_9iovhOwdJbMXdsm_G1ptFLAG3aMrhDg9OAOyxzouGgc4VbH7vm7H84hjge5_F6I_tLbbSQb_EOxHWAoToNE_UpzwKuHvMlIgJwbYW7AwwQKacgorfu8cuRvjAO-fs9NvD2w7bo-ZYAlHmQV0AOp8bn6TmAhzymqPi6rcFyI-LoTL_fq1eqJ4YM67cGYIHg6RDqPrR-WeKtW5_1g_oYJBSzY1NjrRkPfPY7Du_T3PYNKi6uNrWaCYS2gxy6PIKcSdWqrlrpVueTKCStBmoHQb32L9XoY-lCPJIgVaabqpCokeRQu7SnnPAZV7WDzThIDdqzMaRppucMSA6_ikZRR5YUuarSjAMjKXOlDqECxlTWR-JFVTYkVERczDOsyrtgsTn2z6cFIr6XGstklTMzBPo2Lg_3SvXatp75rAYzCeouQMR8QZCGtZkqjEptBzn2H9qyJsAhmIlHmTF580YyzM6zOTZzei-_eTbVXf9Mrqx37faUbPLDwzZOOECT6L34qR3qLEqT_wtC7Beu4JduZy8fd02GX3Evcp9Yo9mYZXvieG5iTJ2MiH6I1hz_qhMqlOZb3xHsaTIv9KHftmBt52ALYuIYbD0FS-vWeURPAqjBrsC1YJlp7uZ_acMHrf1hmrEchu8efsznbjCrbFO40j3MIeT_oq8e0sSZVCLS0n7ose47NyHqtEtkeHUN4KC_YCQquM0yvdRMSVgJ47521wq30JfvppXiSfSZEZc1IqzHZ8d4Zt88VVJT8Fhx0XDTJLKRrV-b7kHX3nTheWGhn1UwhgiCZUKE5HbzB2pky1B47FJagDqTJNtd9tJTcy2agH-gGUKEGDocYgeDh63Zz16BrB0v0q1l38w7Kb5L6hCu9HansgfT3zb1xqYZkWtcf3pTI0KEsNpOJrLEep6a6Rj_MG3GEtWAvyo4j-8qeYdB-PR7FR6GjITjDD2d10xI4Ht8gGJ6IMoQpP_JvczIk4qfO1ua0c-bsMDGage5IhwWTCzCRzBHinTN2c5N1VKoxkr6Fwnvn6R0fdQDUDrc6g2DMPqD0Sk-_3Y0vMs-bnVn0stjrrhnanmf38affIclkHS-st_o-BI_xzKjnIez9IaHU6aqrW54t7RuEmNNNioIZiNGS9oJFUQ4ydx6XeVR1pscMeASmudhlwlKdtJvQ6bOZrJwMSP8uQlld_YDNWSJrF4H4DBl-VFwazsEn4In7YnJcfEPRE-ohayU5Xm5zDp_Di5_3nMp5cr1_gA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=534206&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.022055497936706105&placement_type_id=&skin_test=1&verify_hash=4ff4b92ff4a5fe80c7f9b4b06076b55c&score=100&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D778496211%26spot_id%3D4206%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fwww.amaporn.com%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0.00047141&v2_track=1&url=YO4V7lrJkU_Ehpg4rtY5ZECsJ7EpsxjOh9NMBJl5mi6yh4cqn1UoEdbA8za8Z2IqjdR2IBJ_TiUx5P0PdJIqBP4DPZQaczcNdMsAKNd4kRKNk_OcGers21b172fbis3ymc1c2vblAlJNjcpIe9rYZW-DGgnytP5XIqy6pbKuDHs3HMAWCw&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=29&vertical_id=0&real_bid=0.00047141&pr=&user_keywords=&auc_type=1&aid=116&ext_cid=0&device_theme=light&keywords=Adult&mlc=1&format=utilityBottomAlarm-slide-b_r-body&mlf=1&cpa=2e6b0518-3148-4804-89c0-2bac0c09c8e2
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/show/?mid=1241830624&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=778496211&sid=1924655790&cid=13360&price=0.00047141&is_cpm=0&cpm=0&ecpm=0.02291993100364772&crid=762038&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=1&ver=7.4.0&ver_c=&refdom=www.amaporn.com&hostname=auc-inpage-hz-1-c&site_id=314206&spot_id=4206&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1664835745&created_at=2022-10-02&is_native=2&auction_queue=0&burl=r5eT3LJq8yGzgw61sQ7cuf9xcBNmP4oSTKemRZW-sjevsWG62Ui1TxbJrk5lSTb1Tv30QpT3uTL6hHVmO064NYiRXNCIptV0a7aBAhilTzBH4h004nksjoBqGHsm3gudmtAj1f98IIz79UxWZPEiOwY45NsnuckvoC1SgmSaAc-KS_xWzH8fG6c5QuLHyGK2N3BVutCoGpX5UwLIP6N2j5u_30Mno-MEtszmisCb2fZlYT5VToEJt9oPsjY2Zln3cRe2O2vXtxSiYm9_MMH9_dGLj2m9MLwo81kaS8qyzmg_QNVauT-slfKdb3Q4bA_7fYbR6ozvJVQNzWKAYELszMKWH68h7AWl2aVwJBrHdhZDILIGcWi5cRPmjILHYRaHdnn5JHKNdqyOuCl62s5VaDXkc3_cSdLkKgZoF0F732jAeJWUAaGjJJyXqZwbmXl-CUtUvXLb27atX_Bq4JhbxZ-O0puOcsSvZeMeE0YzKOpx7ErUuQrom7XhzUfdZcjQhBgt0vVLVpYMJZNL8_axXosWcQ79pL_J9OHlpJcOWITEudNB38k7GsNNuwBgGeM1R3aFOGyNukhM32FNx4rN4-DqIay_KY3n_IQov5PG5wVt0hm-UyRAF80ySuE_CRizjd_37MN5RRDdzWISLdrLAEAZKimOzRgagQghCp7nDiRIYFcisCxAwV_r_9iovhOwdJbMXdsm_G1ptFLAG3aMrhDg9OAOyxzouGgc4VbH7vm7H84hjge5_F6I_tLbbSQb_EOxHWAoToNE_UpzwKuHvMlIgJwbYW7AwwQKacgorfu8cuRvjAO-fs9NvD2w7bo-ZYAlHmQV0AOp8bn6TmAhzymqPi6rcFyI-LoTL_fq1eqJ4YM67cGYIHg6RDqPrR-WeKtW5_1g_oYJBSzY1NjrRkPfPY7Du_T3PYNKi6uNrWaCYS2gxy6PIKcSdWqrlrpVueTKCStBmoHQb32L9XoY-lCPJIgVaabqpCokeRQu7SnnPAZV7WDzThIDdqzMaRppucMSA6_ikZRR5YUuarSjAMjKXOlDqECxlTWR-JFVTYkVERczDOsyrtgsTn2z6cFIr6XGstklTMzBPo2Lg_3SvXatp75rAYzCeouQMR8QZCGtZkqjEptBzn2H9qyJsAhmIlHmTF580YyzM6zOTZzei-_eTbVXf9Mrqx37faUbPLDwzZOOECT6L34qR3qLEqT_wtC7Beu4JduZy8fd02GX3Evcp9Yo9mYZXvieG5iTJ2MiH6I1hz_qhMqlOZb3xHsaTIv9KHftmBt52ALYuIYbD0FS-vWeURPAqjBrsC1YJlp7uZ_acMHrf1hmrEchu8efsznbjCrbFO40j3MIeT_oq8e0sSZVCLS0n7ose47NyHqtEtkeHUN4KC_YCQquM0yvdRMSVgJ47521wq30JfvppXiSfSZEZc1IqzHZ8d4Zt88VVJT8Fhx0XDTJLKRrV-b7kHX3nTheWGhn1UwhgiCZUKE5HbzB2pky1B47FJagDqTJNtd9tJTcy2agH-gGUKEGDocYgeDh63Zz16BrB0v0q1l38w7Kb5L6hCu9HansgfT3zb1xqYZkWtcf3pTI0KEsNpOJrLEep6a6Rj_MG3GEtWAvyo4j-8qeYdB-PR7FR6GjITjDD2d10xI4Ht8gGJ6IMoQpP_JvczIk4qfO1ua0c-bsMDGage5IhwWTCzCRzBHinTN2c5N1VKoxkr6Fwnvn6R0fdQDUDrc6g2DMPqD0Sk-_3Y0vMs-bnVn0stjrrhnanmf38affIclkHS-st_o-BI_xzKjnIez9IaHU6aqrW54t7RuEmNNNioIZiNGS9oJFUQ4ydx6XeVR1pscMeASmudhlwlKdtJvQ6bOZrJwMSP8uQlld_YDNWSJrF4H4DBl-VFwazsEn4In7YnJcfEPRE-ohayU5Xm5zDp_Di5_3nMp5cr1_gA&pop_winurl=&ip=91.90.42.154&testab=0&px_id=534206&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.022055497936706105&placement_type_id=&skin_test=1&verify_hash=4ff4b92ff4a5fe80c7f9b4b06076b55c&score=100&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D778496211%26spot_id%3D4206%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fwww.amaporn.com%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0.00047141&v2_track=1&url=YO4V7lrJkU_Ehpg4rtY5ZECsJ7EpsxjOh9NMBJl5mi6yh4cqn1UoEdbA8za8Z2IqjdR2IBJ_TiUx5P0PdJIqBP4DPZQaczcNdMsAKNd4kRKNk_OcGers21b172fbis3ymc1c2vblAlJNjcpIe9rYZW-DGgnytP5XIqy6pbKuDHs3HMAWCw&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=29&vertical_id=0&real_bid=0.00047141&pr=&user_keywords=&auc_type=1&aid=116&ext_cid=0&device_theme=light&keywords=Adult&mlc=1&format=utilityBottomAlarm-slide-b_r-body&mlf=1&cpa=2e6b0518-3148-4804-89c0-2bac0c09c8e2 HTTP/1.1
Host: acb5145d0c.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Sun, 02 Oct 2022 22:22:25 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
X-Firefox-Spdy: h2
acb5145d0c.8874d81f48.com/in/show/?mid=1241830624&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=778496211&sid=1924655790&cid=12694&price=0&is_cpm=1&cpm=0.038&ecpm=0.03458&crid=3006&crtid=f70aa6a0d437f901eea3e30be1aacaa8&tcid=0&out_id=0&ver=7.4.0&ver_c=&refdom=www.amaporn.com&hostname=auc-inpage-hz-1-c&site_id=314206&spot_id=4206&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1664922145&created_at=2022-10-02&is_native=1&auction_queue=0&burl=107pjBII4skwrawQYw9Xlgz_JCWY2MNEi260oJZuiXt_rslO2sfNGw&pop_winurl=&ip=91.90.42.154&testab=0&px_id=734206&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.000825695297767498&placement_type_id=&skin_test=1&verify_hash=da4595b1e10722d46717ab3957ea8bc5&score=100&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D778496211%26spot_id%3D4206%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fwww.amaporn.com%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0.038&v2_track=1&url=sMjCRidEbpauSKvQ3OAEYIZ50WjLheMZNBrE0NLRE_JgEZxv-IPD_yWze10RpK_uz4g6fz0DNRHwN7gcfDJeteR20GWPTlJSl5JhQlxGnnefXiVT8yHdWdANjHAXyv4VzGVqnVD0kti14PL38o91zioIrLQSVsEFk3lQUpZAuZXc0-BdkQKeiKlGnPv4ettv3EU6VdPNmzGgpnTt2_pPvviaGyJ0glbYcDsQigT92E8fNT9vk2wkGTT0XNdPqi2Geawym3HavAcurYPw-JXbLNu8NSVCCpw-lUEmMDSO1rbIHGrbw-UkTv9wcaEUWNqr7Zm53h5tJYtR3S7zcfoCQcAoz4l-7n6OKEvo90on1iPA4fGdvD9MFIQFM8xKexMNH8t_kOIc-pwQTSL1kQ5S5RLxFD10ObRSHsss8tThTYkVnKX-zq5qW4LYd0YCYuBLK2fskQyM8EFDbyRlXj5QGML49fzv3xN9Ww5UlbVcnpsdL_pojP1SdQoTuTe0tDJvLyvqwbKoiTgT69Jm3PgOM0yW5Jx01KhBU5H-nIVWa2GpwsC0BdBwEpaUvnz44oJusU54N_9TpamNnqRUDOkEft37lr9_t72dkizewjXf3sW3IjOf7W6bMP_qMlCMC-ZvTGC5BgvO9QXeqhYR738iSJRiL_24hEM601Gto3Fwwgi0UTWR7FSU7nCir6023RQSl-AyCA_CgOz01-03sB6zO5XIW76B7Z_g2wH99DL787kr5K3n1o4lX2S3Vo6usv4Ye9WpyfzCZN3Q947qqIBZivdyXWrKKlKKnGGjx2vWmb8hk5qJ7AmJ2kdcy3kwZtdITkz8Z5hFgDEYE2dhbYhm7StL9DFsg_TST3P0R1u-650vyK_HPWymdX1Mp9OMlex0rVqVRpvWFYOTWgD5cLhLteWp8ZkK1EyfXjIRFcCL7y-hYsWinJnVrJkDjRvK9Wa8JdiFOJaRq0oU7as3frVPN_Gjny97A-43TpZFXy3dNLkqcss_6Bo7kA2f51jAAvWvMIqRv_AL8xLWcNhpfQVrN3CW6BrbM7Ams4vfrlhgIvr4cm7C77B7ZsXQkBNKeuaYAgz_SNayBZs9j6wJ-0Gi4s9JQC0qSVXYMEOYYsnZkGCJO3gWvQcP2B_GRPMfPknrEtokFoDKvDcWC_tgQr-lGirRvC0prxIcGEY2NKd2jtsU2c-AjAhGe1XaLrmHRaAF-776kZc-92rKLAcfrhpMIXPjVprXbydniDkAp7pbXy1wo4WBjD-b8EWHmdErXF1HCMRHIS6E0HuyWeCGGt22gyITPqZX6htSSF078ZVL8DHNthJOVkngYKyD9pt4OxWW1TA1xW_tsbj6n0vSTJLAguYv-wijNGjqhlzIWxvfAPbMXj8rQMK5wm5FEDah1fkZthB2U9aBynMHq9_7DMvrak0Gu26N3hDM6O2A5An2wViuybb7z2UHyozy-SAfG2LrhzB3Azrgm1r5f8dQjPtuBbZEfF_fdTF2yvmJhu1bgNO6450V2WcVby4QFyFzxtMckk8oaOkt6E3hPotNXnaYowz4G4PGTW5677_jiH1gJntf1JZfKixALFzhCBmf4DdXfOGbPLan9i-5-k_7nWOkB4uJmhWRWB1PYoPVN89yoZq7VbocyKZK9iQqO9ITINvTZSPNPyjpl9J-LAxkHmo-4WqNSp-8-CPJSN3A7fJt25raEI2k_2NTduLoS26Ib1bkQ_AsgiT1IQ0WMFBWA_5ceDIdlxJr1M4ipz2FIqI&image_url=https%3A%2F%2F12112336.pix-cdn.org%2Fm%2Fp%2F0%2F374%2F374539%2Fconversions%2FuaDvnmZE-minify.jpg&skin_id=29&vertical_id=0&real_bid=0.03458&pr=&user_keywords=&auc_type=1&aid=127&ext_cid=107155&device_theme=light&keywords=Adult&format=utilityBottomAlarm-slide-b_r-body&cpa=20b52e96-66d0-476f-8697-cca0cbb9f9da
168.119.25.22302 Found 0 B URL HTTP/2 acb5145d0c.8874d81f48.com/in/show/?mid=1241830624&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=778496211&sid=1924655790&cid=12694&price=0&is_cpm=1&cpm=0.038&ecpm=0.03458&crid=3006&crtid=f70aa6a0d437f901eea3e30be1aacaa8&tcid=0&out_id=0&ver=7.4.0&ver_c=&refdom=www.amaporn.com&hostname=auc-inpage-hz-1-c&site_id=314206&spot_id=4206&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1664922145&created_at=2022-10-02&is_native=1&auction_queue=0&burl=107pjBII4skwrawQYw9Xlgz_JCWY2MNEi260oJZuiXt_rslO2sfNGw&pop_winurl=&ip=91.90.42.154&testab=0&px_id=734206&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.000825695297767498&placement_type_id=&skin_test=1&verify_hash=da4595b1e10722d46717ab3957ea8bc5&score=100&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D778496211%26spot_id%3D4206%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fwww.amaporn.com%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0.038&v2_track=1&url=sMjCRidEbpauSKvQ3OAEYIZ50WjLheMZNBrE0NLRE_JgEZxv-IPD_yWze10RpK_uz4g6fz0DNRHwN7gcfDJeteR20GWPTlJSl5JhQlxGnnefXiVT8yHdWdANjHAXyv4VzGVqnVD0kti14PL38o91zioIrLQSVsEFk3lQUpZAuZXc0-BdkQKeiKlGnPv4ettv3EU6VdPNmzGgpnTt2_pPvviaGyJ0glbYcDsQigT92E8fNT9vk2wkGTT0XNdPqi2Geawym3HavAcurYPw-JXbLNu8NSVCCpw-lUEmMDSO1rbIHGrbw-UkTv9wcaEUWNqr7Zm53h5tJYtR3S7zcfoCQcAoz4l-7n6OKEvo90on1iPA4fGdvD9MFIQFM8xKexMNH8t_kOIc-pwQTSL1kQ5S5RLxFD10ObRSHsss8tThTYkVnKX-zq5qW4LYd0YCYuBLK2fskQyM8EFDbyRlXj5QGML49fzv3xN9Ww5UlbVcnpsdL_pojP1SdQoTuTe0tDJvLyvqwbKoiTgT69Jm3PgOM0yW5Jx01KhBU5H-nIVWa2GpwsC0BdBwEpaUvnz44oJusU54N_9TpamNnqRUDOkEft37lr9_t72dkizewjXf3sW3IjOf7W6bMP_qMlCMC-ZvTGC5BgvO9QXeqhYR738iSJRiL_24hEM601Gto3Fwwgi0UTWR7FSU7nCir6023RQSl-AyCA_CgOz01-03sB6zO5XIW76B7Z_g2wH99DL787kr5K3n1o4lX2S3Vo6usv4Ye9WpyfzCZN3Q947qqIBZivdyXWrKKlKKnGGjx2vWmb8hk5qJ7AmJ2kdcy3kwZtdITkz8Z5hFgDEYE2dhbYhm7StL9DFsg_TST3P0R1u-650vyK_HPWymdX1Mp9OMlex0rVqVRpvWFYOTWgD5cLhLteWp8ZkK1EyfXjIRFcCL7y-hYsWinJnVrJkDjRvK9Wa8JdiFOJaRq0oU7as3frVPN_Gjny97A-43TpZFXy3dNLkqcss_6Bo7kA2f51jAAvWvMIqRv_AL8xLWcNhpfQVrN3CW6BrbM7Ams4vfrlhgIvr4cm7C77B7ZsXQkBNKeuaYAgz_SNayBZs9j6wJ-0Gi4s9JQC0qSVXYMEOYYsnZkGCJO3gWvQcP2B_GRPMfPknrEtokFoDKvDcWC_tgQr-lGirRvC0prxIcGEY2NKd2jtsU2c-AjAhGe1XaLrmHRaAF-776kZc-92rKLAcfrhpMIXPjVprXbydniDkAp7pbXy1wo4WBjD-b8EWHmdErXF1HCMRHIS6E0HuyWeCGGt22gyITPqZX6htSSF078ZVL8DHNthJOVkngYKyD9pt4OxWW1TA1xW_tsbj6n0vSTJLAguYv-wijNGjqhlzIWxvfAPbMXj8rQMK5wm5FEDah1fkZthB2U9aBynMHq9_7DMvrak0Gu26N3hDM6O2A5An2wViuybb7z2UHyozy-SAfG2LrhzB3Azrgm1r5f8dQjPtuBbZEfF_fdTF2yvmJhu1bgNO6450V2WcVby4QFyFzxtMckk8oaOkt6E3hPotNXnaYowz4G4PGTW5677_jiH1gJntf1JZfKixALFzhCBmf4DdXfOGbPLan9i-5-k_7nWOkB4uJmhWRWB1PYoPVN89yoZq7VbocyKZK9iQqO9ITINvTZSPNPyjpl9J-LAxkHmo-4WqNSp-8-CPJSN3A7fJt25raEI2k_2NTduLoS26Ib1bkQ_AsgiT1IQ0WMFBWA_5ceDIdlxJr1M4ipz2FIqI&image_url=https%3A%2F%2F12112336.pix-cdn.org%2Fm%2Fp%2F0%2F374%2F374539%2Fconversions%2FuaDvnmZE-minify.jpg&skin_id=29&vertical_id=0&real_bid=0.03458&pr=&user_keywords=&auc_type=1&aid=127&ext_cid=107155&device_theme=light&keywords=Adult&format=utilityBottomAlarm-slide-b_r-body&cpa=20b52e96-66d0-476f-8697-cca0cbb9f9da
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/show/?mid=1241830624&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=778496211&sid=1924655790&cid=12694&price=0&is_cpm=1&cpm=0.038&ecpm=0.03458&crid=3006&crtid=f70aa6a0d437f901eea3e30be1aacaa8&tcid=0&out_id=0&ver=7.4.0&ver_c=&refdom=www.amaporn.com&hostname=auc-inpage-hz-1-c&site_id=314206&spot_id=4206&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1664922145&created_at=2022-10-02&is_native=1&auction_queue=0&burl=107pjBII4skwrawQYw9Xlgz_JCWY2MNEi260oJZuiXt_rslO2sfNGw&pop_winurl=&ip=91.90.42.154&testab=0&px_id=734206&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.000825695297767498&placement_type_id=&skin_test=1&verify_hash=da4595b1e10722d46717ab3957ea8bc5&score=100&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D778496211%26spot_id%3D4206%26is_adult%3D1%26p%3Dhttp%253A%252F%252Fwww.amaporn.com%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=c&original_bid=0.038&v2_track=1&url=sMjCRidEbpauSKvQ3OAEYIZ50WjLheMZNBrE0NLRE_JgEZxv-IPD_yWze10RpK_uz4g6fz0DNRHwN7gcfDJeteR20GWPTlJSl5JhQlxGnnefXiVT8yHdWdANjHAXyv4VzGVqnVD0kti14PL38o91zioIrLQSVsEFk3lQUpZAuZXc0-BdkQKeiKlGnPv4ettv3EU6VdPNmzGgpnTt2_pPvviaGyJ0glbYcDsQigT92E8fNT9vk2wkGTT0XNdPqi2Geawym3HavAcurYPw-JXbLNu8NSVCCpw-lUEmMDSO1rbIHGrbw-UkTv9wcaEUWNqr7Zm53h5tJYtR3S7zcfoCQcAoz4l-7n6OKEvo90on1iPA4fGdvD9MFIQFM8xKexMNH8t_kOIc-pwQTSL1kQ5S5RLxFD10ObRSHsss8tThTYkVnKX-zq5qW4LYd0YCYuBLK2fskQyM8EFDbyRlXj5QGML49fzv3xN9Ww5UlbVcnpsdL_pojP1SdQoTuTe0tDJvLyvqwbKoiTgT69Jm3PgOM0yW5Jx01KhBU5H-nIVWa2GpwsC0BdBwEpaUvnz44oJusU54N_9TpamNnqRUDOkEft37lr9_t72dkizewjXf3sW3IjOf7W6bMP_qMlCMC-ZvTGC5BgvO9QXeqhYR738iSJRiL_24hEM601Gto3Fwwgi0UTWR7FSU7nCir6023RQSl-AyCA_CgOz01-03sB6zO5XIW76B7Z_g2wH99DL787kr5K3n1o4lX2S3Vo6usv4Ye9WpyfzCZN3Q947qqIBZivdyXWrKKlKKnGGjx2vWmb8hk5qJ7AmJ2kdcy3kwZtdITkz8Z5hFgDEYE2dhbYhm7StL9DFsg_TST3P0R1u-650vyK_HPWymdX1Mp9OMlex0rVqVRpvWFYOTWgD5cLhLteWp8ZkK1EyfXjIRFcCL7y-hYsWinJnVrJkDjRvK9Wa8JdiFOJaRq0oU7as3frVPN_Gjny97A-43TpZFXy3dNLkqcss_6Bo7kA2f51jAAvWvMIqRv_AL8xLWcNhpfQVrN3CW6BrbM7Ams4vfrlhgIvr4cm7C77B7ZsXQkBNKeuaYAgz_SNayBZs9j6wJ-0Gi4s9JQC0qSVXYMEOYYsnZkGCJO3gWvQcP2B_GRPMfPknrEtokFoDKvDcWC_tgQr-lGirRvC0prxIcGEY2NKd2jtsU2c-AjAhGe1XaLrmHRaAF-776kZc-92rKLAcfrhpMIXPjVprXbydniDkAp7pbXy1wo4WBjD-b8EWHmdErXF1HCMRHIS6E0HuyWeCGGt22gyITPqZX6htSSF078ZVL8DHNthJOVkngYKyD9pt4OxWW1TA1xW_tsbj6n0vSTJLAguYv-wijNGjqhlzIWxvfAPbMXj8rQMK5wm5FEDah1fkZthB2U9aBynMHq9_7DMvrak0Gu26N3hDM6O2A5An2wViuybb7z2UHyozy-SAfG2LrhzB3Azrgm1r5f8dQjPtuBbZEfF_fdTF2yvmJhu1bgNO6450V2WcVby4QFyFzxtMckk8oaOkt6E3hPotNXnaYowz4G4PGTW5677_jiH1gJntf1JZfKixALFzhCBmf4DdXfOGbPLan9i-5-k_7nWOkB4uJmhWRWB1PYoPVN89yoZq7VbocyKZK9iQqO9ITINvTZSPNPyjpl9J-LAxkHmo-4WqNSp-8-CPJSN3A7fJt25raEI2k_2NTduLoS26Ib1bkQ_AsgiT1IQ0WMFBWA_5ceDIdlxJr1M4ipz2FIqI&image_url=https%3A%2F%2F12112336.pix-cdn.org%2Fm%2Fp%2F0%2F374%2F374539%2Fconversions%2FuaDvnmZE-minify.jpg&skin_id=29&vertical_id=0&real_bid=0.03458&pr=&user_keywords=&auc_type=1&aid=127&ext_cid=107155&device_theme=light&keywords=Adult&format=utilityBottomAlarm-slide-b_r-body&cpa=20b52e96-66d0-476f-8697-cca0cbb9f9da HTTP/1.1
Host: acb5145d0c.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Sun, 02 Oct 2022 22:22:25 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://pn.bquildna43.site/in/tip_shows/?katds_ep=9mt2mHT65G5w2CarcloghjnKt_b4RxtHbgxDq5arUtD0bWkaKRH6IxxMTZ_VEG4TXV6dmDkrzjZnZYwDEeEF4PVKfQoyBOrOjRxnH57N0Dq6_2NtPBUSrV4QZiazhyqD5kRBkNqv3wOao2F-pTQPcyaOheRrrs0CSODwfHpZjpQysTwEmgTXFZjifmTP9Mxp8HHvmFrVtaW_A9yZS2t2JtFPflFS8O9OOuez05QWsvV7IrzXLnXcy8-H-fS1MmkZ3FzjxQMe4mBWqaIkCJlxoLUirVH2ZsJKepvpMFHWh7-QEmQ7LSXE9hpuKXhheYb4vBV730UmBHu3hia8WXAMVHM6PHbyEkXTlfNBDWNRnRNZ8FYp4uMclCBn2JMll4kEgDQkubabMAbPPWZZ3TltO9c7NhkIlp7NbUYM5qzFLKq1O1DiXZd_yI6Fo25fOfoToGl7ENxmU7EboqiEjA9LdOUPjG2Vx-qb8wrQZlHyku1-dEdVbjcP7vD48hJskKGfSCYiTugV1O3ZbkYu42J8M3tf8pJEpowiIjrMtqQ3jYD3XGBivzSt22aaiYUqG5Kqi-w5sYk-Uzm2KRBT6DSR2-G8SUjh6KaYzaWX_WV3r_YD8xT9WDqmhY0YMG5hnSbjPNC_JaZTh2AZJh1a0ycRvaXnCa8hW8nGkaVgirs0RlvxLaS3GwTqCIcv4McAeDZjo110qh1U6jjHLiuPhIBkHWV9lGU2ftbEKDJ67hJvDzVMGIVjqZwXaUS7lKL_EcOFQrDeVRa4vUO37Opw0VwKbKhgsGcbcoIsnRlBlVzMEeLW61Jfn3kZpLT4iWCyyq9aonk60eXo06UxT2uByx0fx6U0aMr0wn7HdFeJOXkmAmUorYC5s-IpfD9Q4Rq75KAcHv0LXkexG0usm1uNWMid_cTtuuQ_fm7FTJl9g6TM7pSxp-d41KuhTHHtVzpU1jMxvG98BNVW7nC4AeLk-TMeUDufksV3Q49COQLEVuvmN7jLqMTVG1W2KksCv_3PLBAunPfXo19BnwFEFYN63u0POigmhW-sFhL7w1XWT79XknS-OmN08V8HGAcMViHNuWYFcw1wZzIwK8rau7QqLTm6pZsFifAki7PF75VrAjaOB4DppI5OQoOUCarj9ZPU-DOmtSlr5qnnYcde1LEoZnEBLfnY3PEwcxavbk08MvzRmgZG0TRu4nn2sI2H8seSloMR&sp=${SECOND_PRICE}
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b8a7f986e1d5bbe50daaee4267a3fde
a3fff9a946c3babc7860accaf9ff6986d0f50543
01605c6209a8b4cb0fa2f06dd2c92a609c3254a5c9b60460aea6a1dc0b2b0e03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01605C6209A8B4CB0FA2F06DD2C92A609C3254A5C9B60460AEA6A1DC0B2B0E03"
Last-Modified: Fri, 30 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7010
Expires: Mon, 03 Oct 2022 00:19:15 GMT
Date: Sun, 02 Oct 2022 22:22:25 GMT
Connection: keep-alive
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
94.130.197.142200 OK 590 B URL HTTP/2 static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
IP 94.130.197.142:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579
GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 02 Oct 2022 22:22:25 GMT
content-type: image/webp
content-length: 590
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
etag: "5fbd178c-24e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
pn.bquildna43.site/in/tip_shows/?katds_ep=9mt2mHT65G5w2CarcloghjnKt_b4RxtHbgxDq5arUtD0bWkaKRH6IxxMTZ_VEG4TXV6dmDkrzjZnZYwDEeEF4PVKfQoyBOrOjRxnH57N0Dq6_2NtPBUSrV4QZiazhyqD5kRBkNqv3wOao2F-pTQPcyaOheRrrs0CSODwfHpZjpQysTwEmgTXFZjifmTP9Mxp8HHvmFrVtaW_A9yZS2t2JtFPflFS8O9OOuez05QWsvV7IrzXLnXcy8-H-fS1MmkZ3FzjxQMe4mBWqaIkCJlxoLUirVH2ZsJKepvpMFHWh7-QEmQ7LSXE9hpuKXhheYb4vBV730UmBHu3hia8WXAMVHM6PHbyEkXTlfNBDWNRnRNZ8FYp4uMclCBn2JMll4kEgDQkubabMAbPPWZZ3TltO9c7NhkIlp7NbUYM5qzFLKq1O1DiXZd_yI6Fo25fOfoToGl7ENxmU7EboqiEjA9LdOUPjG2Vx-qb8wrQZlHyku1-dEdVbjcP7vD48hJskKGfSCYiTugV1O3ZbkYu42J8M3tf8pJEpowiIjrMtqQ3jYD3XGBivzSt22aaiYUqG5Kqi-w5sYk-Uzm2KRBT6DSR2-G8SUjh6KaYzaWX_WV3r_YD8xT9WDqmhY0YMG5hnSbjPNC_JaZTh2AZJh1a0ycRvaXnCa8hW8nGkaVgirs0RlvxLaS3GwTqCIcv4McAeDZjo110qh1U6jjHLiuPhIBkHWV9lGU2ftbEKDJ67hJvDzVMGIVjqZwXaUS7lKL_EcOFQrDeVRa4vUO37Opw0VwKbKhgsGcbcoIsnRlBlVzMEeLW61Jfn3kZpLT4iWCyyq9aonk60eXo06UxT2uByx0fx6U0aMr0wn7HdFeJOXkmAmUorYC5s-IpfD9Q4Rq75KAcHv0LXkexG0usm1uNWMid_cTtuuQ_fm7FTJl9g6TM7pSxp-d41KuhTHHtVzpU1jMxvG98BNVW7nC4AeLk-TMeUDufksV3Q49COQLEVuvmN7jLqMTVG1W2KksCv_3PLBAunPfXo19BnwFEFYN63u0POigmhW-sFhL7w1XWT79XknS-OmN08V8HGAcMViHNuWYFcw1wZzIwK8rau7QqLTm6pZsFifAki7PF75VrAjaOB4DppI5OQoOUCarj9ZPU-DOmtSlr5qnnYcde1LEoZnEBLfnY3PEwcxavbk08MvzRmgZG0TRu4nn2sI2H8seSloMR&sp=${SECOND_PRICE}
172.67.190.231302 Found 0 B URL HTTP/2 pn.bquildna43.site/in/tip_shows/?katds_ep=9mt2mHT65G5w2CarcloghjnKt_b4RxtHbgxDq5arUtD0bWkaKRH6IxxMTZ_VEG4TXV6dmDkrzjZnZYwDEeEF4PVKfQoyBOrOjRxnH57N0Dq6_2NtPBUSrV4QZiazhyqD5kRBkNqv3wOao2F-pTQPcyaOheRrrs0CSODwfHpZjpQysTwEmgTXFZjifmTP9Mxp8HHvmFrVtaW_A9yZS2t2JtFPflFS8O9OOuez05QWsvV7IrzXLnXcy8-H-fS1MmkZ3FzjxQMe4mBWqaIkCJlxoLUirVH2ZsJKepvpMFHWh7-QEmQ7LSXE9hpuKXhheYb4vBV730UmBHu3hia8WXAMVHM6PHbyEkXTlfNBDWNRnRNZ8FYp4uMclCBn2JMll4kEgDQkubabMAbPPWZZ3TltO9c7NhkIlp7NbUYM5qzFLKq1O1DiXZd_yI6Fo25fOfoToGl7ENxmU7EboqiEjA9LdOUPjG2Vx-qb8wrQZlHyku1-dEdVbjcP7vD48hJskKGfSCYiTugV1O3ZbkYu42J8M3tf8pJEpowiIjrMtqQ3jYD3XGBivzSt22aaiYUqG5Kqi-w5sYk-Uzm2KRBT6DSR2-G8SUjh6KaYzaWX_WV3r_YD8xT9WDqmhY0YMG5hnSbjPNC_JaZTh2AZJh1a0ycRvaXnCa8hW8nGkaVgirs0RlvxLaS3GwTqCIcv4McAeDZjo110qh1U6jjHLiuPhIBkHWV9lGU2ftbEKDJ67hJvDzVMGIVjqZwXaUS7lKL_EcOFQrDeVRa4vUO37Opw0VwKbKhgsGcbcoIsnRlBlVzMEeLW61Jfn3kZpLT4iWCyyq9aonk60eXo06UxT2uByx0fx6U0aMr0wn7HdFeJOXkmAmUorYC5s-IpfD9Q4Rq75KAcHv0LXkexG0usm1uNWMid_cTtuuQ_fm7FTJl9g6TM7pSxp-d41KuhTHHtVzpU1jMxvG98BNVW7nC4AeLk-TMeUDufksV3Q49COQLEVuvmN7jLqMTVG1W2KksCv_3PLBAunPfXo19BnwFEFYN63u0POigmhW-sFhL7w1XWT79XknS-OmN08V8HGAcMViHNuWYFcw1wZzIwK8rau7QqLTm6pZsFifAki7PF75VrAjaOB4DppI5OQoOUCarj9ZPU-DOmtSlr5qnnYcde1LEoZnEBLfnY3PEwcxavbk08MvzRmgZG0TRu4nn2sI2H8seSloMR&sp=${SECOND_PRICE}
IP 172.67.190.231:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/tip_shows/?katds_ep=9mt2mHT65G5w2CarcloghjnKt_b4RxtHbgxDq5arUtD0bWkaKRH6IxxMTZ_VEG4TXV6dmDkrzjZnZYwDEeEF4PVKfQoyBOrOjRxnH57N0Dq6_2NtPBUSrV4QZiazhyqD5kRBkNqv3wOao2F-pTQPcyaOheRrrs0CSODwfHpZjpQysTwEmgTXFZjifmTP9Mxp8HHvmFrVtaW_A9yZS2t2JtFPflFS8O9OOuez05QWsvV7IrzXLnXcy8-H-fS1MmkZ3FzjxQMe4mBWqaIkCJlxoLUirVH2ZsJKepvpMFHWh7-QEmQ7LSXE9hpuKXhheYb4vBV730UmBHu3hia8WXAMVHM6PHbyEkXTlfNBDWNRnRNZ8FYp4uMclCBn2JMll4kEgDQkubabMAbPPWZZ3TltO9c7NhkIlp7NbUYM5qzFLKq1O1DiXZd_yI6Fo25fOfoToGl7ENxmU7EboqiEjA9LdOUPjG2Vx-qb8wrQZlHyku1-dEdVbjcP7vD48hJskKGfSCYiTugV1O3ZbkYu42J8M3tf8pJEpowiIjrMtqQ3jYD3XGBivzSt22aaiYUqG5Kqi-w5sYk-Uzm2KRBT6DSR2-G8SUjh6KaYzaWX_WV3r_YD8xT9WDqmhY0YMG5hnSbjPNC_JaZTh2AZJh1a0ycRvaXnCa8hW8nGkaVgirs0RlvxLaS3GwTqCIcv4McAeDZjo110qh1U6jjHLiuPhIBkHWV9lGU2ftbEKDJ67hJvDzVMGIVjqZwXaUS7lKL_EcOFQrDeVRa4vUO37Opw0VwKbKhgsGcbcoIsnRlBlVzMEeLW61Jfn3kZpLT4iWCyyq9aonk60eXo06UxT2uByx0fx6U0aMr0wn7HdFeJOXkmAmUorYC5s-IpfD9Q4Rq75KAcHv0LXkexG0usm1uNWMid_cTtuuQ_fm7FTJl9g6TM7pSxp-d41KuhTHHtVzpU1jMxvG98BNVW7nC4AeLk-TMeUDufksV3Q49COQLEVuvmN7jLqMTVG1W2KksCv_3PLBAunPfXo19BnwFEFYN63u0POigmhW-sFhL7w1XWT79XknS-OmN08V8HGAcMViHNuWYFcw1wZzIwK8rau7QqLTm6pZsFifAki7PF75VrAjaOB4DppI5OQoOUCarj9ZPU-DOmtSlr5qnnYcde1LEoZnEBLfnY3PEwcxavbk08MvzRmgZG0TRu4nn2sI2H8seSloMR&sp=${SECOND_PRICE} HTTP/1.1
Host: pn.bquildna43.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.amaporn.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 02 Oct 2022 22:22:25 GMT
content-type: application/json
content-length: 0
location: https://12112336.pix-cdn.org/m/p/0/374/374538/conversions/6OTjphwd-minify.jpg
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: 2357.0=1; expires=Mon, 03 Oct 2022 22:22:24 GMT; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoLolQ8jvhKfFv%2BCcDtgmJLf%2BONGsxNYn38AqxGsTQDJ4G9Iw8cN1feN60ETMXhaz1VpvmE1P2XRVN6OQeYEjqOoHcb8lCxxNmJXea0%2Blj4BNDIYO8HZ5F5hcgcbFQeZ8NdXODc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7540d630ac7eb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
12112336.pix-cdn.org/m/p/0/374/374539/conversions/uaDvnmZE-minify.jpg
45.133.44.24200 OK 9.0 kB URL HTTP/2 12112336.pix-cdn.org/m/p/0/374/374539/conversions/uaDvnmZE-minify.jpg
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 300x200, components 3\012- data
Hash ac4fce2099a6cbd7264384fba760fc66
d95ed9daf1b4e01d98b089f6688319cc5e377aad
0e5e7942344997c25d52522d74def5e71eb22337f2fecf13ac63fe940bcdb176
GET /m/p/0/374/374539/conversions/uaDvnmZE-minify.jpg HTTP/1.1
Host: 12112336.pix-cdn.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:25 GMT
content-type: image/jpeg
content-length: 9014
server: nginx/1.12.2
last-modified: Sat, 30 Jul 2022 08:18:07 GMT
etag: "62e4e93f-2336"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
12112336.pix-cdn.org/m/p/0/374/374538/conversions/6OTjphwd-minify.jpg
45.133.44.24200 OK 2.9 kB URL HTTP/2 12112336.pix-cdn.org/m/p/0/374/374538/conversions/6OTjphwd-minify.jpg
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 100x100, components 3\012- data
Hash 66098442dc8934e8c6f5351e39d40e71
6bdebd9a664636433febe19afd7a5b37bff07126
b264aead392358ee4523a21bdd6726c1ec24c6ff849dbdf07dfd15bc6dedff4e
GET /m/p/0/374/374538/conversions/6OTjphwd-minify.jpg HTTP/1.1
Host: 12112336.pix-cdn.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.amaporn.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:25 GMT
content-type: image/jpeg
content-length: 2921
server: nginx/1.12.2
last-modified: Sat, 30 Jul 2022 08:17:53 GMT
etag: "62e4e931-b69"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
d507759710.8874d81f48.com/health/
162.55.139.130200 OK 0 B URL HTTP/2 d507759710.8874d81f48.com/health/
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /health/ HTTP/1.1
Host: d507759710.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Sun, 02 Oct 2022 22:22:27 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
d507759710.8874d81f48.com/health/
162.55.139.130200 OK 0 B URL HTTP/2 d507759710.8874d81f48.com/health/
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /health/ HTTP/1.1
Host: d507759710.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.16.0
date: Sun, 02 Oct 2022 22:22:27 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
d507759710.8874d81f48.com/health/
162.55.139.130200 OK 0 B URL HTTP/2 d507759710.8874d81f48.com/health/
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /health/ HTTP/1.1
Host: d507759710.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.16.0
date: Sun, 02 Oct 2022 22:22:27 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
d507759710.8874d81f48.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiUE9STk8lMkNHUkFUSVMlMkNWSURFTyUyQ1BPUk5PJTJDSVRBTElBTkklMkNYWFglMkNzdSUyQ0FtYVBvcm4lMkN2aWRlbyUyQ3Bvcm5vJTJDcG9ybm8lMkN2aWRlbyUyQ3Bvcm5vJTJDZ3JhdGlzJTJDcG9ybm8lMkNncmF0aXMlMkNhbWFwb3JuJTJDdmlkZW8lMkNhbWF0b3JpYWxpJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNwb3JubyUyQ2FtYXRvcmlhbGUlMkN2aWRlbyUyQ3Bvcm5vJTJDaXRhbGlhbmklMkNwb3JubyUyQ2l0YWxpYW5vJTJDcG9ybm8lMkNpdGFsaWFubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2ZvdG8lMkNwb3JubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNBbWFQb3JuJTJDc2l0byUyQ3R1YmUlMkNwb3JubyUyQ2dyYXRpcyUyQ2FnZ2lvcm5hdG8lMkNvZ25pJTJDZ2lvcm5vJTJDY29uJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNncmF0aXMlMkNlJTJDdGFudG8lMkNwb3JubyUyQ2l0YWxpYW5vJTJDZ3JhdGlzJTIwIiwibGFiZWxzIjoiIiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTgxMTE0Nzc0IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTEzMjksIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjp0cnVlLCJyZWZkb21haW4iOiJ3d3cuYW1hcG9ybi5jb20iLCJwbCI6MCwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMTMyOSIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly93d3cuYW1hcG9ybi5jb20vIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjlkYzU3MDFiNTM2YTEzMjY3NDBjNjJlYWExZWU2YTQ5In0sImV4dCI6eyJkdCI6MTY2NDc0OTM0NzA0NH19
162.55.139.130302 Found 0 B URL HTTP/2 d507759710.8874d81f48.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiUE9STk8lMkNHUkFUSVMlMkNWSURFTyUyQ1BPUk5PJTJDSVRBTElBTkklMkNYWFglMkNzdSUyQ0FtYVBvcm4lMkN2aWRlbyUyQ3Bvcm5vJTJDcG9ybm8lMkN2aWRlbyUyQ3Bvcm5vJTJDZ3JhdGlzJTJDcG9ybm8lMkNncmF0aXMlMkNhbWFwb3JuJTJDdmlkZW8lMkNhbWF0b3JpYWxpJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNwb3JubyUyQ2FtYXRvcmlhbGUlMkN2aWRlbyUyQ3Bvcm5vJTJDaXRhbGlhbmklMkNwb3JubyUyQ2l0YWxpYW5vJTJDcG9ybm8lMkNpdGFsaWFubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2ZvdG8lMkNwb3JubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNBbWFQb3JuJTJDc2l0byUyQ3R1YmUlMkNwb3JubyUyQ2dyYXRpcyUyQ2FnZ2lvcm5hdG8lMkNvZ25pJTJDZ2lvcm5vJTJDY29uJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNncmF0aXMlMkNlJTJDdGFudG8lMkNwb3JubyUyQ2l0YWxpYW5vJTJDZ3JhdGlzJTIwIiwibGFiZWxzIjoiIiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTgxMTE0Nzc0IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTEzMjksIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjp0cnVlLCJyZWZkb21haW4iOiJ3d3cuYW1hcG9ybi5jb20iLCJwbCI6MCwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMTMyOSIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly93d3cuYW1hcG9ybi5jb20vIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjlkYzU3MDFiNTM2YTEzMjY3NDBjNjJlYWExZWU2YTQ5In0sImV4dCI6eyJkdCI6MTY2NDc0OTM0NzA0NH19
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiUE9STk8lMkNHUkFUSVMlMkNWSURFTyUyQ1BPUk5PJTJDSVRBTElBTkklMkNYWFglMkNzdSUyQ0FtYVBvcm4lMkN2aWRlbyUyQ3Bvcm5vJTJDcG9ybm8lMkN2aWRlbyUyQ3Bvcm5vJTJDZ3JhdGlzJTJDcG9ybm8lMkNncmF0aXMlMkNhbWFwb3JuJTJDdmlkZW8lMkNhbWF0b3JpYWxpJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNwb3JubyUyQ2FtYXRvcmlhbGUlMkN2aWRlbyUyQ3Bvcm5vJTJDaXRhbGlhbmklMkNwb3JubyUyQ2l0YWxpYW5vJTJDcG9ybm8lMkNpdGFsaWFubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2ZvdG8lMkNwb3JubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNBbWFQb3JuJTJDc2l0byUyQ3R1YmUlMkNwb3JubyUyQ2dyYXRpcyUyQ2FnZ2lvcm5hdG8lMkNvZ25pJTJDZ2lvcm5vJTJDY29uJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNncmF0aXMlMkNlJTJDdGFudG8lMkNwb3JubyUyQ2l0YWxpYW5vJTJDZ3JhdGlzJTIwIiwibGFiZWxzIjoiIiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTgxMTE0Nzc0IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTEzMjksIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjp0cnVlLCJyZWZkb21haW4iOiJ3d3cuYW1hcG9ybi5jb20iLCJwbCI6MCwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMTMyOSIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly93d3cuYW1hcG9ybi5jb20vIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjlkYzU3MDFiNTM2YTEzMjY3NDBjNjJlYWExZWU2YTQ5In0sImV4dCI6eyJkdCI6MTY2NDc0OTM0NzA0NH19 HTTP/1.1
Host: d507759710.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 02 Oct 2022 22:22:27 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://rtbrennab.com/banner/in/show/?mid=1481523508&pid=0&site=11329&sc=NO&usage_type=DCH&subid=181114774&sid=0&cid=13088&price=0&is_cpm=1&cpm=0.0036000000000000003&ecpm=0.0033840000000000003&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=www.amaporn.com&hostname=auc-banner-hz-6&site_id=0&spot_id=11329&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=IAB25&min_cpm=0.00000010638297872340427&placement_type_id=0&skin_test=&verify_hash=&score=97&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=%2F%2Fbts.red12flyw2.site%2Fin%2Fbanners%3Fkatds_ep%3DM2j-Qb1OGhY4jmBkzj9qVP-1Ged7A-Ekof_uTb3FzI6D19NoM70LfisqeVris7r--mSgaGXgoQhAqcOUNTN0d_9ZaP2yKa1xIiwI_VfA32IRjbGEig5u5vT5eXAt1OXF2afsFXQ8sjcC007xqoTWS0KCwnDJyN45lwaNdZojCBcd_VAAfTXNBt44ahJmu9IZ0x_IkKYn63a9_asN74e1TTjIhsF1fWArWAbHKSoxaYPfut8TcdUoTJin6jjJmbq-aV39-BIm_dvCZaxM5zg6bj09_qDHW7hgEcDRzpNoylRtaY6SplCzIhTfveGCrHZZhJX79T6FH7dNVvLN6wIQ9CDHI5qYbWCJHIrCj1ZYcALu7QqKpMt5QRXQnDzR2YsDRgrrM4wZMHenjjpAHC3H2AWKmq-AYvW_xd2CXXBiL_Q7NpGZK3f46NiC_iYia3PvjtAeIS1roOw2lCQaxJdRGYw-7pCPYs82x3F6GkaNDX0pH5aFdpqFqUfhghv6m6sCjWK7jg7JnFl5regyH07WyQrCgtEzHQzDEcNcvDwgwx6JTswg9grz4nS1LTIteqQ9tkXcqqaqn_2AJxg&pr=www.amaporn.com&bid_crid=&bid_cid=&is_iframe=1&ad_tags=PORNO%2CGRATIS%2CVIDEO%2CPORNO%2CITALIANI%2CXXX%2Csu%2CAmaPorn%2Cvideo%2Cporno%2Cporno%2Cvideo%2Cporno%2Cgratis%2Cporno%2Cgratis%2Camaporn%2Cvideo%2Camatoriali%2Cvideo%2Cporno%2Camatoriali%2Cporno%2Camatoriale%2Cvideo%2Cporno%2Citaliani%2Cporno%2Citaliano%2Cporno%2Citaliano%2Cgratis%2Cfoto%2Cporno%2Cfoto%2Cporno%2Cgratis%2Cfoto%2Cporno%2Camatoriali%2CAmaPorn%2Csito%2Ctube%2Cporno%2Cgratis%2Caggiornato%2Cogni%2Cgiorno%2Ccon%2Cvideo%2Cporno%2Camatoriali%2Cgratis%2Ce%2Ctanto%2Cporno%2Citaliano%2Cgratis%20&stratagem=&ssp=3758
X-Firefox-Spdy: h2
d507759710.8874d81f48.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MCwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiUE9STk8lMkNHUkFUSVMlMkNWSURFTyUyQ1BPUk5PJTJDSVRBTElBTkklMkNYWFglMkNzdSUyQ0FtYVBvcm4lMkN2aWRlbyUyQ3Bvcm5vJTJDcG9ybm8lMkN2aWRlbyUyQ3Bvcm5vJTJDZ3JhdGlzJTJDcG9ybm8lMkNncmF0aXMlMkNhbWFwb3JuJTJDdmlkZW8lMkNhbWF0b3JpYWxpJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNwb3JubyUyQ2FtYXRvcmlhbGUlMkN2aWRlbyUyQ3Bvcm5vJTJDaXRhbGlhbmklMkNwb3JubyUyQ2l0YWxpYW5vJTJDcG9ybm8lMkNpdGFsaWFubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2ZvdG8lMkNwb3JubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNBbWFQb3JuJTJDc2l0byUyQ3R1YmUlMkNwb3JubyUyQ2dyYXRpcyUyQ2FnZ2lvcm5hdG8lMkNvZ25pJTJDZ2lvcm5vJTJDY29uJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNncmF0aXMlMkNlJTJDdGFudG8lMkNwb3JubyUyQ2l0YWxpYW5vJTJDZ3JhdGlzJTIwIiwibGFiZWxzIjoiIiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTgxMTE0Nzc0IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTEzMjksIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6MH0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiMTEzMjkiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHA6Ly93d3cuYW1hcG9ybi5jb20vIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjllNDk0N2YzNTc1MTQ2NTQxMWZkMWE0ZjVjMzU4Yzc4In0sImV4dCI6eyJkdCI6MTY2NDc0OTM0NzA4Mn19
162.55.139.130302 Found 0 B URL HTTP/2 d507759710.8874d81f48.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MCwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiUE9STk8lMkNHUkFUSVMlMkNWSURFTyUyQ1BPUk5PJTJDSVRBTElBTkklMkNYWFglMkNzdSUyQ0FtYVBvcm4lMkN2aWRlbyUyQ3Bvcm5vJTJDcG9ybm8lMkN2aWRlbyUyQ3Bvcm5vJTJDZ3JhdGlzJTJDcG9ybm8lMkNncmF0aXMlMkNhbWFwb3JuJTJDdmlkZW8lMkNhbWF0b3JpYWxpJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNwb3JubyUyQ2FtYXRvcmlhbGUlMkN2aWRlbyUyQ3Bvcm5vJTJDaXRhbGlhbmklMkNwb3JubyUyQ2l0YWxpYW5vJTJDcG9ybm8lMkNpdGFsaWFubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2ZvdG8lMkNwb3JubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNBbWFQb3JuJTJDc2l0byUyQ3R1YmUlMkNwb3JubyUyQ2dyYXRpcyUyQ2FnZ2lvcm5hdG8lMkNvZ25pJTJDZ2lvcm5vJTJDY29uJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNncmF0aXMlMkNlJTJDdGFudG8lMkNwb3JubyUyQ2l0YWxpYW5vJTJDZ3JhdGlzJTIwIiwibGFiZWxzIjoiIiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTgxMTE0Nzc0IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTEzMjksIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6MH0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiMTEzMjkiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHA6Ly93d3cuYW1hcG9ybi5jb20vIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjllNDk0N2YzNTc1MTQ2NTQxMWZkMWE0ZjVjMzU4Yzc4In0sImV4dCI6eyJkdCI6MTY2NDc0OTM0NzA4Mn19
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MCwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiUE9STk8lMkNHUkFUSVMlMkNWSURFTyUyQ1BPUk5PJTJDSVRBTElBTkklMkNYWFglMkNzdSUyQ0FtYVBvcm4lMkN2aWRlbyUyQ3Bvcm5vJTJDcG9ybm8lMkN2aWRlbyUyQ3Bvcm5vJTJDZ3JhdGlzJTJDcG9ybm8lMkNncmF0aXMlMkNhbWFwb3JuJTJDdmlkZW8lMkNhbWF0b3JpYWxpJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNwb3JubyUyQ2FtYXRvcmlhbGUlMkN2aWRlbyUyQ3Bvcm5vJTJDaXRhbGlhbmklMkNwb3JubyUyQ2l0YWxpYW5vJTJDcG9ybm8lMkNpdGFsaWFubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2ZvdG8lMkNwb3JubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNBbWFQb3JuJTJDc2l0byUyQ3R1YmUlMkNwb3JubyUyQ2dyYXRpcyUyQ2FnZ2lvcm5hdG8lMkNvZ25pJTJDZ2lvcm5vJTJDY29uJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNncmF0aXMlMkNlJTJDdGFudG8lMkNwb3JubyUyQ2l0YWxpYW5vJTJDZ3JhdGlzJTIwIiwibGFiZWxzIjoiIiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTgxMTE0Nzc0IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTEzMjksIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6MH0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiMTEzMjkiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHA6Ly93d3cuYW1hcG9ybi5jb20vIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjllNDk0N2YzNTc1MTQ2NTQxMWZkMWE0ZjVjMzU4Yzc4In0sImV4dCI6eyJkdCI6MTY2NDc0OTM0NzA4Mn19 HTTP/1.1
Host: d507759710.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.amaporn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 02 Oct 2022 22:22:27 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://rtbrennab.com/banner/in/show/?mid=1914779845&pid=0&site=11329&sc=NO&usage_type=DCH&subid=181114774&sid=0&cid=13088&price=0&is_cpm=1&cpm=0.0036000000000000003&ecpm=0.0033840000000000003&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=www.amaporn.com&hostname=auc-banner-hz-9&site_id=0&spot_id=11329&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=IAB25&min_cpm=0.00000010638297872340427&placement_type_id=0&skin_test=&verify_hash=&score=97&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=%2F%2Fbts.red12flyw2.site%2Fin%2Fbanners%3Fkatds_ep%3DWYQr_EMBZWOd18D7Q-Hi-NSBQSiLM4bnfkAP8-ZccHfnBuJb_pPHU5vYD3MdvJ7csW0L14Yey8jl2tfE7nzEZG1I6BKSt3G5ckFwaXLdLiDSXmLi1MBQwvbIw6nqXnOdEJNQLVFfSgJ2FVvJIxTdBv8p_NFssiA0_-l7be9fzZf9f813WDGe319MqeN154JYIrs1VC1nHlLIn3POmV8MTdetUZr8lUUfu3x0Lt5GaZqgnHUW-KbPLdWZ_dCvEEYJLQYBmDc7hDnzdmrVU9NsRFdJZllSHDqjcivXIiV3r5aMRKxQdiR4y-v4hF6FgISd9PMKvKeEPTjm0pTevrsjdMDe4XoOAz6ng4quuasiwgO5byLyoT_QDVmJ6WlH62MUmaE6EAa-64GXGfTPL02n6ctDnbe075sEHoR8qsVLo8ITZJczU_J9og_osWfGn1DRh7tjVQOhlEBbO9sgHMJwlvod0jTWacOphmq_ZPbfVXXO9T5titkz4M8tsMYc-HL1XeVORi_ayCJJBFXZ88zla5a7aKhf4MEPaaVsvZvMoMinwGQfKVUAiqmA-yQnemwZcUwqZ7l4r7y-qgU&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=PORNO%2CGRATIS%2CVIDEO%2CPORNO%2CITALIANI%2CXXX%2Csu%2CAmaPorn%2Cvideo%2Cporno%2Cporno%2Cvideo%2Cporno%2Cgratis%2Cporno%2Cgratis%2Camaporn%2Cvideo%2Camatoriali%2Cvideo%2Cporno%2Camatoriali%2Cporno%2Camatoriale%2Cvideo%2Cporno%2Citaliani%2Cporno%2Citaliano%2Cporno%2Citaliano%2Cgratis%2Cfoto%2Cporno%2Cfoto%2Cporno%2Cgratis%2Cfoto%2Cporno%2Camatoriali%2CAmaPorn%2Csito%2Ctube%2Cporno%2Cgratis%2Caggiornato%2Cogni%2Cgiorno%2Ccon%2Cvideo%2Cporno%2Camatoriali%2Cgratis%2Ce%2Ctanto%2Cporno%2Citaliano%2Cgratis%20&stratagem=&ssp=3758
X-Firefox-Spdy: h2
d507759710.8874d81f48.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiUE9STk8lMkNHUkFUSVMlMkNWSURFTyUyQ1BPUk5PJTJDSVRBTElBTkklMkNYWFglMkNzdSUyQ0FtYVBvcm4lMkN2aWRlbyUyQ3Bvcm5vJTJDcG9ybm8lMkN2aWRlbyUyQ3Bvcm5vJTJDZ3JhdGlzJTJDcG9ybm8lMkNncmF0aXMlMkNhbWFwb3JuJTJDdmlkZW8lMkNhbWF0b3JpYWxpJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNwb3JubyUyQ2FtYXRvcmlhbGUlMkN2aWRlbyUyQ3Bvcm5vJTJDaXRhbGlhbmklMkNwb3JubyUyQ2l0YWxpYW5vJTJDcG9ybm8lMkNpdGFsaWFubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2ZvdG8lMkNwb3JubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNBbWFQb3JuJTJDc2l0byUyQ3R1YmUlMkNwb3JubyUyQ2dyYXRpcyUyQ2FnZ2lvcm5hdG8lMkNvZ25pJTJDZ2lvcm5vJTJDY29uJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNncmF0aXMlMkNlJTJDdGFudG8lMkNwb3JubyUyQ2l0YWxpYW5vJTJDZ3JhdGlzJTIwIiwibGFiZWxzIjoiIiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTgxMTE0Nzc0IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTEzMjksIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjp0cnVlLCJyZWZkb21haW4iOiJ3d3cuYW1hcG9ybi5jb20iLCJwbCI6MCwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMTMyOSIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cDovL3d3dy5hbWFwb3JuLmNvbS8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWRjNTcwMWI1MzZhMTMyNjc0MGM2MmVhYTFlZTZhNDkifSwiZXh0Ijp7ImR0IjoxNjY0NzQ5MzQ3MDg2fX0=
162.55.139.130302 Found 0 B URL HTTP/2 d507759710.8874d81f48.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiUE9STk8lMkNHUkFUSVMlMkNWSURFTyUyQ1BPUk5PJTJDSVRBTElBTkklMkNYWFglMkNzdSUyQ0FtYVBvcm4lMkN2aWRlbyUyQ3Bvcm5vJTJDcG9ybm8lMkN2aWRlbyUyQ3Bvcm5vJTJDZ3JhdGlzJTJDcG9ybm8lMkNncmF0aXMlMkNhbWFwb3JuJTJDdmlkZW8lMkNhbWF0b3JpYWxpJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNwb3JubyUyQ2FtYXRvcmlhbGUlMkN2aWRlbyUyQ3Bvcm5vJTJDaXRhbGlhbmklMkNwb3JubyUyQ2l0YWxpYW5vJTJDcG9ybm8lMkNpdGFsaWFubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2ZvdG8lMkNwb3JubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNBbWFQb3JuJTJDc2l0byUyQ3R1YmUlMkNwb3JubyUyQ2dyYXRpcyUyQ2FnZ2lvcm5hdG8lMkNvZ25pJTJDZ2lvcm5vJTJDY29uJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNncmF0aXMlMkNlJTJDdGFudG8lMkNwb3JubyUyQ2l0YWxpYW5vJTJDZ3JhdGlzJTIwIiwibGFiZWxzIjoiIiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTgxMTE0Nzc0IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTEzMjksIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjp0cnVlLCJyZWZkb21haW4iOiJ3d3cuYW1hcG9ybi5jb20iLCJwbCI6MCwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMTMyOSIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cDovL3d3dy5hbWFwb3JuLmNvbS8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWRjNTcwMWI1MzZhMTMyNjc0MGM2MmVhYTFlZTZhNDkifSwiZXh0Ijp7ImR0IjoxNjY0NzQ5MzQ3MDg2fX0=
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiUE9STk8lMkNHUkFUSVMlMkNWSURFTyUyQ1BPUk5PJTJDSVRBTElBTkklMkNYWFglMkNzdSUyQ0FtYVBvcm4lMkN2aWRlbyUyQ3Bvcm5vJTJDcG9ybm8lMkN2aWRlbyUyQ3Bvcm5vJTJDZ3JhdGlzJTJDcG9ybm8lMkNncmF0aXMlMkNhbWFwb3JuJTJDdmlkZW8lMkNhbWF0b3JpYWxpJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNwb3JubyUyQ2FtYXRvcmlhbGUlMkN2aWRlbyUyQ3Bvcm5vJTJDaXRhbGlhbmklMkNwb3JubyUyQ2l0YWxpYW5vJTJDcG9ybm8lMkNpdGFsaWFubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2ZvdG8lMkNwb3JubyUyQ2dyYXRpcyUyQ2ZvdG8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNBbWFQb3JuJTJDc2l0byUyQ3R1YmUlMkNwb3JubyUyQ2dyYXRpcyUyQ2FnZ2lvcm5hdG8lMkNvZ25pJTJDZ2lvcm5vJTJDY29uJTJDdmlkZW8lMkNwb3JubyUyQ2FtYXRvcmlhbGklMkNncmF0aXMlMkNlJTJDdGFudG8lMkNwb3JubyUyQ2l0YWxpYW5vJTJDZ3JhdGlzJTIwIiwibGFiZWxzIjoiIiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTgxMTE0Nzc0IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTEzMjksIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjp0cnVlLCJyZWZkb21haW4iOiJ3d3cuYW1hcG9ybi5jb20iLCJwbCI6MCwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMTMyOSIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cDovL3d3dy5hbWFwb3JuLmNvbS8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWRjNTcwMWI1MzZhMTMyNjc0MGM2MmVhYTFlZTZhNDkifSwiZXh0Ijp7ImR0IjoxNjY0NzQ5MzQ3MDg2fX0= HTTP/1.1
Host: d507759710.8874d81f48.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 02 Oct 2022 22:22:27 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://rtbrennab.com/banner/in/show/?mid=1146713187&pid=0&site=11329&sc=NO&usage_type=DCH&subid=181114774&sid=0&cid=13088&price=0&is_cpm=1&cpm=0.0036000000000000003&ecpm=0.0033840000000000003&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=www.amaporn.com&hostname=auc-banner-hz-0&site_id=0&spot_id=11329&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=IAB25&min_cpm=0.00000010638297872340427&placement_type_id=0&skin_test=&verify_hash=&score=97&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=%2F%2Fbts.red12flyw2.site%2Fin%2Fbanners%3Fkatds_ep%3DPykoQw1hZ2LCJNHan-0w18gbpPG_Dk9vgv3CCHc9Agll9OeCN-CGv6IEach7K2wG6H5uM43T9ymK9zG-DMQbN-hSEOEjpO3VJfKaIT0so3RfD9ooNItIeQ83xCywBVcrA4MA0Fjql3eP31idlKgn8EPkupW6ogEqpGHtIcxBg6uEf_29zK3gqqTo7AO7KNbRbdK3Y6Q2kRKbX9g6WrZZWfZMbcJA8Zn20OiJUYmMuT2R08RPrZJXxlNo0KTafY5L6JLKguogCbgN-dJ8uNDkWnVkHL5Hcr7MemQxw4C0VKWR7bR183fPbrhp-g__BOnj47QaC7tega1Nl5zskPQXnq6S6w3Dde5vNjxD4NuIxgCFVx3s9ItQPiRm7iHjgLZq17J7vvSciOAvSWRrmPrOX5dclo4BlVdt1mD22HoGCJwaE2VoXdWZM6Fu0r9s92GtUXq3CZvFtzUFrT5fNu3nWVzRc1STxk28AsBbjmqR51xOb3mposGa-W6TPIniTg6N7vDYN221WDP0pr3ASo0l9Akdu2djP6ize2rMNB2raJnywdCh9oWxLBVvBZzfDoeI0fD0zMfA-OqeWH4&pr=www.amaporn.com&bid_crid=&bid_cid=&is_iframe=1&ad_tags=PORNO%2CGRATIS%2CVIDEO%2CPORNO%2CITALIANI%2CXXX%2Csu%2CAmaPorn%2Cvideo%2Cporno%2Cporno%2Cvideo%2Cporno%2Cgratis%2Cporno%2Cgratis%2Camaporn%2Cvideo%2Camatoriali%2Cvideo%2Cporno%2Camatoriali%2Cporno%2Camatoriale%2Cvideo%2Cporno%2Citaliani%2Cporno%2Citaliano%2Cporno%2Citaliano%2Cgratis%2Cfoto%2Cporno%2Cfoto%2Cporno%2Cgratis%2Cfoto%2Cporno%2Camatoriali%2CAmaPorn%2Csito%2Ctube%2Cporno%2Cgratis%2Caggiornato%2Cogni%2Cgiorno%2Ccon%2Cvideo%2Cporno%2Camatoriali%2Cgratis%2Ce%2Ctanto%2Cporno%2Citaliano%2Cgratis%20&stratagem=&ssp=3758
X-Firefox-Spdy: h2
buttons-config.sharethis.com/js/5b8424138e496b00101b735e.js
13.224.222.3200 OK 985 B URL HTTP/2 buttons-config.sharethis.com/js/5b8424138e496b00101b735e.js
IP 13.224.222.3:0
Hash e34ad2561ca055f60b4b484406f98740
45b0933adb60ad585ab32ee392775e6e0a0c3e2a
b2ba58bf757ead26fa57f5b96f79fa27cb64d6f28bb5563b7a0bbc6963388243
GET /js/5b8424138e496b00101b735e.js HTTP/1.1
Host: buttons-config.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
last-modified: Wed, 05 Aug 2020 08:47:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 02 Oct 2022 22:22:16 GMT
cache-control: public, max-age=60
etag: W/"a08d9bc21169f865a2c28a50268ab8e3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 daf262df3557820c568499be93152238.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: ySwmdtYwpZZ1dzeNMCelHdZU4JhL1heKJFPApGyN8t9p-Ia8WKPu_g==
age: 8
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
rtbrennab.com/banner/in/show/?mid=1481523508&pid=0&site=11329&sc=NO&usage_type=DCH&subid=181114774&sid=0&cid=13088&price=0&is_cpm=1&cpm=0.0036000000000000003&ecpm=0.0033840000000000003&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=www.amaporn.com&hostname=auc-banner-hz-6&site_id=0&spot_id=11329&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=IAB25&min_cpm=0.00000010638297872340427&placement_type_id=0&skin_test=&verify_hash=&score=97&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=%2F%2Fbts.red12flyw2.site%2Fin%2Fbanners%3Fkatds_ep%3DM2j-Qb1OGhY4jmBkzj9qVP-1Ged7A-Ekof_uTb3FzI6D19NoM70LfisqeVris7r--mSgaGXgoQhAqcOUNTN0d_9ZaP2yKa1xIiwI_VfA32IRjbGEig5u5vT5eXAt1OXF2afsFXQ8sjcC007xqoTWS0KCwnDJyN45lwaNdZojCBcd_VAAfTXNBt44ahJmu9IZ0x_IkKYn63a9_asN74e1TTjIhsF1fWArWAbHKSoxaYPfut8TcdUoTJin6jjJmbq-aV39-BIm_dvCZaxM5zg6bj09_qDHW7hgEcDRzpNoylRtaY6SplCzIhTfveGCrHZZhJX79T6FH7dNVvLN6wIQ9CDHI5qYbWCJHIrCj1ZYcALu7QqKpMt5QRXQnDzR2YsDRgrrM4wZMHenjjpAHC3H2AWKmq-AYvW_xd2CXXBiL_Q7NpGZK3f46NiC_iYia3PvjtAeIS1roOw2lCQaxJdRGYw-7pCPYs82x3F6GkaNDX0pH5aFdpqFqUfhghv6m6sCjWK7jg7JnFl5regyH07WyQrCgtEzHQzDEcNcvDwgwx6JTswg9grz4nS1LTIteqQ9tkXcqqaqn_2AJxg&pr=www.amaporn.com&bid_crid=&bid_cid=&is_iframe=1&ad_tags=PORNO%2CGRATIS%2CVIDEO%2CPORNO%2CITALIANI%2CXXX%2Csu%2CAmaPorn%2Cvideo%2Cporno%2Cporno%2Cvideo%2Cporno%2Cgratis%2Cporno%2Cgratis%2Camaporn%2Cvideo%2Camatoriali%2Cvideo%2Cporno%2Camatoriali%2Cporno%2Camatoriale%2Cvideo%2Cporno%2Citaliani%2Cporno%2Citaliano%2Cporno%2Citaliano%2Cgratis%2Cfoto%2Cporno%2Cfoto%2Cporno%2Cgratis%2Cfoto%2Cporno%2Camatoriali%2CAmaPorn%2Csito%2Ctube%2Cporno%2Cgratis%2Caggiornato%2Cogni%2Cgiorno%2Ccon%2Cvideo%2Cporno%2Camatoriali%2Cgratis%2Ce%2Ctanto%2Cporno%2Citaliano%2Cgratis%20&stratagem=&ssp=3758
162.55.139.130302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=1481523508&pid=0&site=11329&sc=NO&usage_type=DCH&subid=181114774&sid=0&cid=13088&price=0&is_cpm=1&cpm=0.0036000000000000003&ecpm=0.0033840000000000003&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=www.amaporn.com&hostname=auc-banner-hz-6&site_id=0&spot_id=11329&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=IAB25&min_cpm=0.00000010638297872340427&placement_type_id=0&skin_test=&verify_hash=&score=97&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=%2F%2Fbts.red12flyw2.site%2Fin%2Fbanners%3Fkatds_ep%3DM2j-Qb1OGhY4jmBkzj9qVP-1Ged7A-Ekof_uTb3FzI6D19NoM70LfisqeVris7r--mSgaGXgoQhAqcOUNTN0d_9ZaP2yKa1xIiwI_VfA32IRjbGEig5u5vT5eXAt1OXF2afsFXQ8sjcC007xqoTWS0KCwnDJyN45lwaNdZojCBcd_VAAfTXNBt44ahJmu9IZ0x_IkKYn63a9_asN74e1TTjIhsF1fWArWAbHKSoxaYPfut8TcdUoTJin6jjJmbq-aV39-BIm_dvCZaxM5zg6bj09_qDHW7hgEcDRzpNoylRtaY6SplCzIhTfveGCrHZZhJX79T6FH7dNVvLN6wIQ9CDHI5qYbWCJHIrCj1ZYcALu7QqKpMt5QRXQnDzR2YsDRgrrM4wZMHenjjpAHC3H2AWKmq-AYvW_xd2CXXBiL_Q7NpGZK3f46NiC_iYia3PvjtAeIS1roOw2lCQaxJdRGYw-7pCPYs82x3F6GkaNDX0pH5aFdpqFqUfhghv6m6sCjWK7jg7JnFl5regyH07WyQrCgtEzHQzDEcNcvDwgwx6JTswg9grz4nS1LTIteqQ9tkXcqqaqn_2AJxg&pr=www.amaporn.com&bid_crid=&bid_cid=&is_iframe=1&ad_tags=PORNO%2CGRATIS%2CVIDEO%2CPORNO%2CITALIANI%2CXXX%2Csu%2CAmaPorn%2Cvideo%2Cporno%2Cporno%2Cvideo%2Cporno%2Cgratis%2Cporno%2Cgratis%2Camaporn%2Cvideo%2Camatoriali%2Cvideo%2Cporno%2Camatoriali%2Cporno%2Camatoriale%2Cvideo%2Cporno%2Citaliani%2Cporno%2Citaliano%2Cporno%2Citaliano%2Cgratis%2Cfoto%2Cporno%2Cfoto%2Cporno%2Cgratis%2Cfoto%2Cporno%2Camatoriali%2CAmaPorn%2Csito%2Ctube%2Cporno%2Cgratis%2Caggiornato%2Cogni%2Cgiorno%2Ccon%2Cvideo%2Cporno%2Camatoriali%2Cgratis%2Ce%2Ctanto%2Cporno%2Citaliano%2Cgratis%20&stratagem=&ssp=3758
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=1481523508&pid=0&site=11329&sc=NO&usage_type=DCH&subid=181114774&sid=0&cid=13088&price=0&is_cpm=1&cpm=0.0036000000000000003&ecpm=0.0033840000000000003&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=www.amaporn.com&hostname=auc-banner-hz-6&site_id=0&spot_id=11329&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=IAB25&min_cpm=0.00000010638297872340427&placement_type_id=0&skin_test=&verify_hash=&score=97&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=%2F%2Fbts.red12flyw2.site%2Fin%2Fbanners%3Fkatds_ep%3DM2j-Qb1OGhY4jmBkzj9qVP-1Ged7A-Ekof_uTb3FzI6D19NoM70LfisqeVris7r--mSgaGXgoQhAqcOUNTN0d_9ZaP2yKa1xIiwI_VfA32IRjbGEig5u5vT5eXAt1OXF2afsFXQ8sjcC007xqoTWS0KCwnDJyN45lwaNdZojCBcd_VAAfTXNBt44ahJmu9IZ0x_IkKYn63a9_asN74e1TTjIhsF1fWArWAbHKSoxaYPfut8TcdUoTJin6jjJmbq-aV39-BIm_dvCZaxM5zg6bj09_qDHW7hgEcDRzpNoylRtaY6SplCzIhTfveGCrHZZhJX79T6FH7dNVvLN6wIQ9CDHI5qYbWCJHIrCj1ZYcALu7QqKpMt5QRXQnDzR2YsDRgrrM4wZMHenjjpAHC3H2AWKmq-AYvW_xd2CXXBiL_Q7NpGZK3f46NiC_iYia3PvjtAeIS1roOw2lCQaxJdRGYw-7pCPYs82x3F6GkaNDX0pH5aFdpqFqUfhghv6m6sCjWK7jg7JnFl5regyH07WyQrCgtEzHQzDEcNcvDwgwx6JTswg9grz4nS1LTIteqQ9tkXcqqaqn_2AJxg&pr=www.amaporn.com&bid_crid=&bid_cid=&is_iframe=1&ad_tags=PORNO%2CGRATIS%2CVIDEO%2CPORNO%2CITALIANI%2CXXX%2Csu%2CAmaPorn%2Cvideo%2Cporno%2Cporno%2Cvideo%2Cporno%2Cgratis%2Cporno%2Cgratis%2Camaporn%2Cvideo%2Camatoriali%2Cvideo%2Cporno%2Camatoriali%2Cporno%2Camatoriale%2Cvideo%2Cporno%2Citaliani%2Cporno%2Citaliano%2Cporno%2Citaliano%2Cgratis%2Cfoto%2Cporno%2Cfoto%2Cporno%2Cgratis%2Cfoto%2Cporno%2Camatoriali%2CAmaPorn%2Csito%2Ctube%2Cporno%2Cgratis%2Caggiornato%2Cogni%2Cgiorno%2Ccon%2Cvideo%2Cporno%2Camatoriali%2Cgratis%2Ce%2Ctanto%2Cporno%2Citaliano%2Cgratis%20&stratagem=&ssp=3758 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amaporn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 02 Oct 2022 22:22:27 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: //bts.red12flyw2.site/in/banners?katds_ep=M2j-Qb1OGhY4jmBkzj9qVP-1Ged7A-Ekof_uTb3FzI6D19NoM70LfisqeVris7r--mSgaGXgoQhAqcOUNTN0d_9ZaP2yKa1xIiwI_VfA32IRjbGEig5u5vT5eXAt1OXF2afsFXQ8sjcC007xqoTWS0KCwnDJyN45lwaNdZojCBcd_VAAfTXNBt44ahJmu9IZ0x_IkKYn63a9_asN74e1TTjIhsF1fWArWAbHKSoxaYPfut8TcdUoTJin6jjJmbq-aV39-BIm_dvCZaxM5zg6bj09_qDHW7hgEcDRzpNoylRtaY6SplCzIhTfveGCrHZZhJX79T6FH7dNVvLN6wIQ9CDHI5qYbWCJHIrCj1ZYcALu7QqKpMt5QRXQnDzR2YsDRgrrM4wZMHenjjpAHC3H2AWKmq-AYvW_xd2CXXBiL_Q7NpGZK3f46NiC_iYia3PvjtAeIS1roOw2lCQaxJdRGYw-7pCPYs82x3F6GkaNDX0pH5aFdpqFqUfhghv6m6sCjWK7jg7JnFl5regyH07WyQrCgtEzHQzDEcNcvDwgwx6JTswg9grz4nS1LTIteqQ9tkXcqqaqn_2AJxg
X-Firefox-Spdy: h2
rtbrennab.com/banner/in/show/?mid=1146713187&pid=0&site=11329&sc=NO&usage_type=DCH&subid=181114774&sid=0&cid=13088&price=0&is_cpm=1&cpm=0.0036000000000000003&ecpm=0.0033840000000000003&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=www.amaporn.com&hostname=auc-banner-hz-0&site_id=0&spot_id=11329&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=IAB25&min_cpm=0.00000010638297872340427&placement_type_id=0&skin_test=&verify_hash=&score=97&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=%2F%2Fbts.red12flyw2.site%2Fin%2Fbanners%3Fkatds_ep%3DPykoQw1hZ2LCJNHan-0w18gbpPG_Dk9vgv3CCHc9Agll9OeCN-CGv6IEach7K2wG6H5uM43T9ymK9zG-DMQbN-hSEOEjpO3VJfKaIT0so3RfD9ooNItIeQ83xCywBVcrA4MA0Fjql3eP31idlKgn8EPkupW6ogEqpGHtIcxBg6uEf_29zK3gqqTo7AO7KNbRbdK3Y6Q2kRKbX9g6WrZZWfZMbcJA8Zn20OiJUYmMuT2R08RPrZJXxlNo0KTafY5L6JLKguogCbgN-dJ8uNDkWnVkHL5Hcr7MemQxw4C0VKWR7bR183fPbrhp-g__BOnj47QaC7tega1Nl5zskPQXnq6S6w3Dde5vNjxD4NuIxgCFVx3s9ItQPiRm7iHjgLZq17J7vvSciOAvSWRrmPrOX5dclo4BlVdt1mD22HoGCJwaE2VoXdWZM6Fu0r9s92GtUXq3CZvFtzUFrT5fNu3nWVzRc1STxk28AsBbjmqR51xOb3mposGa-W6TPIniTg6N7vDYN221WDP0pr3ASo0l9Akdu2djP6ize2rMNB2raJnywdCh9oWxLBVvBZzfDoeI0fD0zMfA-OqeWH4&pr=www.amaporn.com&bid_crid=&bid_cid=&is_iframe=1&ad_tags=PORNO%2CGRATIS%2CVIDEO%2CPORNO%2CITALIANI%2CXXX%2Csu%2CAmaPorn%2Cvideo%2Cporno%2Cporno%2Cvideo%2Cporno%2Cgratis%2Cporno%2Cgratis%2Camaporn%2Cvideo%2Camatoriali%2Cvideo%2Cporno%2Camatoriali%2Cporno%2Camatoriale%2Cvideo%2Cporno%2Citaliani%2Cporno%2Citaliano%2Cporno%2Citaliano%2Cgratis%2Cfoto%2Cporno%2Cfoto%2Cporno%2Cgratis%2Cfoto%2Cporno%2Camatoriali%2CAmaPorn%2Csito%2Ctube%2Cporno%2Cgratis%2Caggiornato%2Cogni%2Cgiorno%2Ccon%2Cvideo%2Cporno%2Camatoriali%2Cgratis%2Ce%2Ctanto%2Cporno%2Citaliano%2Cgratis%20&stratagem=&ssp=3758
162.55.139.130302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=1146713187&pid=0&site=11329&sc=NO&usage_type=DCH&subid=181114774&sid=0&cid=13088&price=0&is_cpm=1&cpm=0.0036000000000000003&ecpm=0.0033840000000000003&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=www.amaporn.com&hostname=auc-banner-hz-0&site_id=0&spot_id=11329&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=IAB25&min_cpm=0.00000010638297872340427&placement_type_id=0&skin_test=&verify_hash=&score=97&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=%2F%2Fbts.red12flyw2.site%2Fin%2Fbanners%3Fkatds_ep%3DPykoQw1hZ2LCJNHan-0w18gbpPG_Dk9vgv3CCHc9Agll9OeCN-CGv6IEach7K2wG6H5uM43T9ymK9zG-DMQbN-hSEOEjpO3VJfKaIT0so3RfD9ooNItIeQ83xCywBVcrA4MA0Fjql3eP31idlKgn8EPkupW6ogEqpGHtIcxBg6uEf_29zK3gqqTo7AO7KNbRbdK3Y6Q2kRKbX9g6WrZZWfZMbcJA8Zn20OiJUYmMuT2R08RPrZJXxlNo0KTafY5L6JLKguogCbgN-dJ8uNDkWnVkHL5Hcr7MemQxw4C0VKWR7bR183fPbrhp-g__BOnj47QaC7tega1Nl5zskPQXnq6S6w3Dde5vNjxD4NuIxgCFVx3s9ItQPiRm7iHjgLZq17J7vvSciOAvSWRrmPrOX5dclo4BlVdt1mD22HoGCJwaE2VoXdWZM6Fu0r9s92GtUXq3CZvFtzUFrT5fNu3nWVzRc1STxk28AsBbjmqR51xOb3mposGa-W6TPIniTg6N7vDYN221WDP0pr3ASo0l9Akdu2djP6ize2rMNB2raJnywdCh9oWxLBVvBZzfDoeI0fD0zMfA-OqeWH4&pr=www.amaporn.com&bid_crid=&bid_cid=&is_iframe=1&ad_tags=PORNO%2CGRATIS%2CVIDEO%2CPORNO%2CITALIANI%2CXXX%2Csu%2CAmaPorn%2Cvideo%2Cporno%2Cporno%2Cvideo%2Cporno%2Cgratis%2Cporno%2Cgratis%2Camaporn%2Cvideo%2Camatoriali%2Cvideo%2Cporno%2Camatoriali%2Cporno%2Camatoriale%2Cvideo%2Cporno%2Citaliani%2Cporno%2Citaliano%2Cporno%2Citaliano%2Cgratis%2Cfoto%2Cporno%2Cfoto%2Cporno%2Cgratis%2Cfoto%2Cporno%2Camatoriali%2CAmaPorn%2Csito%2Ctube%2Cporno%2Cgratis%2Caggiornato%2Cogni%2Cgiorno%2Ccon%2Cvideo%2Cporno%2Camatoriali%2Cgratis%2Ce%2Ctanto%2Cporno%2Citaliano%2Cgratis%20&stratagem=&ssp=3758
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=1146713187&pid=0&site=11329&sc=NO&usage_type=DCH&subid=181114774&sid=0&cid=13088&price=0&is_cpm=1&cpm=0.0036000000000000003&ecpm=0.0033840000000000003&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=www.amaporn.com&hostname=auc-banner-hz-0&site_id=0&spot_id=11329&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=IAB25&min_cpm=0.00000010638297872340427&placement_type_id=0&skin_test=&verify_hash=&score=97&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=%2F%2Fbts.red12flyw2.site%2Fin%2Fbanners%3Fkatds_ep%3DPykoQw1hZ2LCJNHan-0w18gbpPG_Dk9vgv3CCHc9Agll9OeCN-CGv6IEach7K2wG6H5uM43T9ymK9zG-DMQbN-hSEOEjpO3VJfKaIT0so3RfD9ooNItIeQ83xCywBVcrA4MA0Fjql3eP31idlKgn8EPkupW6ogEqpGHtIcxBg6uEf_29zK3gqqTo7AO7KNbRbdK3Y6Q2kRKbX9g6WrZZWfZMbcJA8Zn20OiJUYmMuT2R08RPrZJXxlNo0KTafY5L6JLKguogCbgN-dJ8uNDkWnVkHL5Hcr7MemQxw4C0VKWR7bR183fPbrhp-g__BOnj47QaC7tega1Nl5zskPQXnq6S6w3Dde5vNjxD4NuIxgCFVx3s9ItQPiRm7iHjgLZq17J7vvSciOAvSWRrmPrOX5dclo4BlVdt1mD22HoGCJwaE2VoXdWZM6Fu0r9s92GtUXq3CZvFtzUFrT5fNu3nWVzRc1STxk28AsBbjmqR51xOb3mposGa-W6TPIniTg6N7vDYN221WDP0pr3ASo0l9Akdu2djP6ize2rMNB2raJnywdCh9oWxLBVvBZzfDoeI0fD0zMfA-OqeWH4&pr=www.amaporn.com&bid_crid=&bid_cid=&is_iframe=1&ad_tags=PORNO%2CGRATIS%2CVIDEO%2CPORNO%2CITALIANI%2CXXX%2Csu%2CAmaPorn%2Cvideo%2Cporno%2Cporno%2Cvideo%2Cporno%2Cgratis%2Cporno%2Cgratis%2Camaporn%2Cvideo%2Camatoriali%2Cvideo%2Cporno%2Camatoriali%2Cporno%2Camatoriale%2Cvideo%2Cporno%2Citaliani%2Cporno%2Citaliano%2Cporno%2Citaliano%2Cgratis%2Cfoto%2Cporno%2Cfoto%2Cporno%2Cgratis%2Cfoto%2Cporno%2Camatoriali%2CAmaPorn%2Csito%2Ctube%2Cporno%2Cgratis%2Caggiornato%2Cogni%2Cgiorno%2Ccon%2Cvideo%2Cporno%2Camatoriali%2Cgratis%2Ce%2Ctanto%2Cporno%2Citaliano%2Cgratis%20&stratagem=&ssp=3758 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amaporn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 02 Oct 2022 22:22:27 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: //bts.red12flyw2.site/in/banners?katds_ep=PykoQw1hZ2LCJNHan-0w18gbpPG_Dk9vgv3CCHc9Agll9OeCN-CGv6IEach7K2wG6H5uM43T9ymK9zG-DMQbN-hSEOEjpO3VJfKaIT0so3RfD9ooNItIeQ83xCywBVcrA4MA0Fjql3eP31idlKgn8EPkupW6ogEqpGHtIcxBg6uEf_29zK3gqqTo7AO7KNbRbdK3Y6Q2kRKbX9g6WrZZWfZMbcJA8Zn20OiJUYmMuT2R08RPrZJXxlNo0KTafY5L6JLKguogCbgN-dJ8uNDkWnVkHL5Hcr7MemQxw4C0VKWR7bR183fPbrhp-g__BOnj47QaC7tega1Nl5zskPQXnq6S6w3Dde5vNjxD4NuIxgCFVx3s9ItQPiRm7iHjgLZq17J7vvSciOAvSWRrmPrOX5dclo4BlVdt1mD22HoGCJwaE2VoXdWZM6Fu0r9s92GtUXq3CZvFtzUFrT5fNu3nWVzRc1STxk28AsBbjmqR51xOb3mposGa-W6TPIniTg6N7vDYN221WDP0pr3ASo0l9Akdu2djP6ize2rMNB2raJnywdCh9oWxLBVvBZzfDoeI0fD0zMfA-OqeWH4
X-Firefox-Spdy: h2
rtbrennab.com/banner/in/show/?mid=1914779845&pid=0&site=11329&sc=NO&usage_type=DCH&subid=181114774&sid=0&cid=13088&price=0&is_cpm=1&cpm=0.0036000000000000003&ecpm=0.0033840000000000003&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=www.amaporn.com&hostname=auc-banner-hz-9&site_id=0&spot_id=11329&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=IAB25&min_cpm=0.00000010638297872340427&placement_type_id=0&skin_test=&verify_hash=&score=97&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=%2F%2Fbts.red12flyw2.site%2Fin%2Fbanners%3Fkatds_ep%3DWYQr_EMBZWOd18D7Q-Hi-NSBQSiLM4bnfkAP8-ZccHfnBuJb_pPHU5vYD3MdvJ7csW0L14Yey8jl2tfE7nzEZG1I6BKSt3G5ckFwaXLdLiDSXmLi1MBQwvbIw6nqXnOdEJNQLVFfSgJ2FVvJIxTdBv8p_NFssiA0_-l7be9fzZf9f813WDGe319MqeN154JYIrs1VC1nHlLIn3POmV8MTdetUZr8lUUfu3x0Lt5GaZqgnHUW-KbPLdWZ_dCvEEYJLQYBmDc7hDnzdmrVU9NsRFdJZllSHDqjcivXIiV3r5aMRKxQdiR4y-v4hF6FgISd9PMKvKeEPTjm0pTevrsjdMDe4XoOAz6ng4quuasiwgO5byLyoT_QDVmJ6WlH62MUmaE6EAa-64GXGfTPL02n6ctDnbe075sEHoR8qsVLo8ITZJczU_J9og_osWfGn1DRh7tjVQOhlEBbO9sgHMJwlvod0jTWacOphmq_ZPbfVXXO9T5titkz4M8tsMYc-HL1XeVORi_ayCJJBFXZ88zla5a7aKhf4MEPaaVsvZvMoMinwGQfKVUAiqmA-yQnemwZcUwqZ7l4r7y-qgU&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=PORNO%2CGRATIS%2CVIDEO%2CPORNO%2CITALIANI%2CXXX%2Csu%2CAmaPorn%2Cvideo%2Cporno%2Cporno%2Cvideo%2Cporno%2Cgratis%2Cporno%2Cgratis%2Camaporn%2Cvideo%2Camatoriali%2Cvideo%2Cporno%2Camatoriali%2Cporno%2Camatoriale%2Cvideo%2Cporno%2Citaliani%2Cporno%2Citaliano%2Cporno%2Citaliano%2Cgratis%2Cfoto%2Cporno%2Cfoto%2Cporno%2Cgratis%2Cfoto%2Cporno%2Camatoriali%2CAmaPorn%2Csito%2Ctube%2Cporno%2Cgratis%2Caggiornato%2Cogni%2Cgiorno%2Ccon%2Cvideo%2Cporno%2Camatoriali%2Cgratis%2Ce%2Ctanto%2Cporno%2Citaliano%2Cgratis%20&stratagem=&ssp=3758
162.55.139.130302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=1914779845&pid=0&site=11329&sc=NO&usage_type=DCH&subid=181114774&sid=0&cid=13088&price=0&is_cpm=1&cpm=0.0036000000000000003&ecpm=0.0033840000000000003&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=www.amaporn.com&hostname=auc-banner-hz-9&site_id=0&spot_id=11329&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=IAB25&min_cpm=0.00000010638297872340427&placement_type_id=0&skin_test=&verify_hash=&score=97&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=%2F%2Fbts.red12flyw2.site%2Fin%2Fbanners%3Fkatds_ep%3DWYQr_EMBZWOd18D7Q-Hi-NSBQSiLM4bnfkAP8-ZccHfnBuJb_pPHU5vYD3MdvJ7csW0L14Yey8jl2tfE7nzEZG1I6BKSt3G5ckFwaXLdLiDSXmLi1MBQwvbIw6nqXnOdEJNQLVFfSgJ2FVvJIxTdBv8p_NFssiA0_-l7be9fzZf9f813WDGe319MqeN154JYIrs1VC1nHlLIn3POmV8MTdetUZr8lUUfu3x0Lt5GaZqgnHUW-KbPLdWZ_dCvEEYJLQYBmDc7hDnzdmrVU9NsRFdJZllSHDqjcivXIiV3r5aMRKxQdiR4y-v4hF6FgISd9PMKvKeEPTjm0pTevrsjdMDe4XoOAz6ng4quuasiwgO5byLyoT_QDVmJ6WlH62MUmaE6EAa-64GXGfTPL02n6ctDnbe075sEHoR8qsVLo8ITZJczU_J9og_osWfGn1DRh7tjVQOhlEBbO9sgHMJwlvod0jTWacOphmq_ZPbfVXXO9T5titkz4M8tsMYc-HL1XeVORi_ayCJJBFXZ88zla5a7aKhf4MEPaaVsvZvMoMinwGQfKVUAiqmA-yQnemwZcUwqZ7l4r7y-qgU&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=PORNO%2CGRATIS%2CVIDEO%2CPORNO%2CITALIANI%2CXXX%2Csu%2CAmaPorn%2Cvideo%2Cporno%2Cporno%2Cvideo%2Cporno%2Cgratis%2Cporno%2Cgratis%2Camaporn%2Cvideo%2Camatoriali%2Cvideo%2Cporno%2Camatoriali%2Cporno%2Camatoriale%2Cvideo%2Cporno%2Citaliani%2Cporno%2Citaliano%2Cporno%2Citaliano%2Cgratis%2Cfoto%2Cporno%2Cfoto%2Cporno%2Cgratis%2Cfoto%2Cporno%2Camatoriali%2CAmaPorn%2Csito%2Ctube%2Cporno%2Cgratis%2Caggiornato%2Cogni%2Cgiorno%2Ccon%2Cvideo%2Cporno%2Camatoriali%2Cgratis%2Ce%2Ctanto%2Cporno%2Citaliano%2Cgratis%20&stratagem=&ssp=3758
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=1914779845&pid=0&site=11329&sc=NO&usage_type=DCH&subid=181114774&sid=0&cid=13088&price=0&is_cpm=1&cpm=0.0036000000000000003&ecpm=0.0033840000000000003&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=www.amaporn.com&hostname=auc-banner-hz-9&site_id=0&spot_id=11329&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=iframeAd&iabcat=IAB25&min_cpm=0.00000010638297872340427&placement_type_id=0&skin_test=&verify_hash=&score=97&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=%2F%2Fbts.red12flyw2.site%2Fin%2Fbanners%3Fkatds_ep%3DWYQr_EMBZWOd18D7Q-Hi-NSBQSiLM4bnfkAP8-ZccHfnBuJb_pPHU5vYD3MdvJ7csW0L14Yey8jl2tfE7nzEZG1I6BKSt3G5ckFwaXLdLiDSXmLi1MBQwvbIw6nqXnOdEJNQLVFfSgJ2FVvJIxTdBv8p_NFssiA0_-l7be9fzZf9f813WDGe319MqeN154JYIrs1VC1nHlLIn3POmV8MTdetUZr8lUUfu3x0Lt5GaZqgnHUW-KbPLdWZ_dCvEEYJLQYBmDc7hDnzdmrVU9NsRFdJZllSHDqjcivXIiV3r5aMRKxQdiR4y-v4hF6FgISd9PMKvKeEPTjm0pTevrsjdMDe4XoOAz6ng4quuasiwgO5byLyoT_QDVmJ6WlH62MUmaE6EAa-64GXGfTPL02n6ctDnbe075sEHoR8qsVLo8ITZJczU_J9og_osWfGn1DRh7tjVQOhlEBbO9sgHMJwlvod0jTWacOphmq_ZPbfVXXO9T5titkz4M8tsMYc-HL1XeVORi_ayCJJBFXZ88zla5a7aKhf4MEPaaVsvZvMoMinwGQfKVUAiqmA-yQnemwZcUwqZ7l4r7y-qgU&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=PORNO%2CGRATIS%2CVIDEO%2CPORNO%2CITALIANI%2CXXX%2Csu%2CAmaPorn%2Cvideo%2Cporno%2Cporno%2Cvideo%2Cporno%2Cgratis%2Cporno%2Cgratis%2Camaporn%2Cvideo%2Camatoriali%2Cvideo%2Cporno%2Camatoriali%2Cporno%2Camatoriale%2Cvideo%2Cporno%2Citaliani%2Cporno%2Citaliano%2Cporno%2Citaliano%2Cgratis%2Cfoto%2Cporno%2Cfoto%2Cporno%2Cgratis%2Cfoto%2Cporno%2Camatoriali%2CAmaPorn%2Csito%2Ctube%2Cporno%2Cgratis%2Caggiornato%2Cogni%2Cgiorno%2Ccon%2Cvideo%2Cporno%2Camatoriali%2Cgratis%2Ce%2Ctanto%2Cporno%2Citaliano%2Cgratis%20&stratagem=&ssp=3758 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.amaporn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.16.0
date: Sun, 02 Oct 2022 22:22:27 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: //bts.red12flyw2.site/in/banners?katds_ep=WYQr_EMBZWOd18D7Q-Hi-NSBQSiLM4bnfkAP8-ZccHfnBuJb_pPHU5vYD3MdvJ7csW0L14Yey8jl2tfE7nzEZG1I6BKSt3G5ckFwaXLdLiDSXmLi1MBQwvbIw6nqXnOdEJNQLVFfSgJ2FVvJIxTdBv8p_NFssiA0_-l7be9fzZf9f813WDGe319MqeN154JYIrs1VC1nHlLIn3POmV8MTdetUZr8lUUfu3x0Lt5GaZqgnHUW-KbPLdWZ_dCvEEYJLQYBmDc7hDnzdmrVU9NsRFdJZllSHDqjcivXIiV3r5aMRKxQdiR4y-v4hF6FgISd9PMKvKeEPTjm0pTevrsjdMDe4XoOAz6ng4quuasiwgO5byLyoT_QDVmJ6WlH62MUmaE6EAa-64GXGfTPL02n6ctDnbe075sEHoR8qsVLo8ITZJczU_J9og_osWfGn1DRh7tjVQOhlEBbO9sgHMJwlvod0jTWacOphmq_ZPbfVXXO9T5titkz4M8tsMYc-HL1XeVORi_ayCJJBFXZ88zla5a7aKhf4MEPaaVsvZvMoMinwGQfKVUAiqmA-yQnemwZcUwqZ7l4r7y-qgU
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 713a955f7dd6c5e73bc5f44e8a86fb85
25ac9cbbfc2a4aad49c69f7fbb6e7c34c82e3a75
f89b97c4fb9696656115a669190895e285c9a2051a0b7cbeb0334da5b2c67f14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F89B97C4FB9696656115A669190895E285C9A2051A0B7CBEB0334DA5B2C67F14"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2404
Expires: Sun, 02 Oct 2022 23:02:31 GMT
Date: Sun, 02 Oct 2022 22:22:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 713a955f7dd6c5e73bc5f44e8a86fb85
25ac9cbbfc2a4aad49c69f7fbb6e7c34c82e3a75
f89b97c4fb9696656115a669190895e285c9a2051a0b7cbeb0334da5b2c67f14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F89B97C4FB9696656115A669190895E285C9A2051A0B7CBEB0334DA5B2C67F14"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2404
Expires: Sun, 02 Oct 2022 23:02:31 GMT
Date: Sun, 02 Oct 2022 22:22:27 GMT
Connection: keep-alive
bts.red12flyw2.site/in/banners?katds_ep=M2j-Qb1OGhY4jmBkzj9qVP-1Ged7A-Ekof_uTb3FzI6D19NoM70LfisqeVris7r--mSgaGXgoQhAqcOUNTN0d_9ZaP2yKa1xIiwI_VfA32IRjbGEig5u5vT5eXAt1OXF2afsFXQ8sjcC007xqoTWS0KCwnDJyN45lwaNdZojCBcd_VAAfTXNBt44ahJmu9IZ0x_IkKYn63a9_asN74e1TTjIhsF1fWArWAbHKSoxaYPfut8TcdUoTJin6jjJmbq-aV39-BIm_dvCZaxM5zg6bj09_qDHW7hgEcDRzpNoylRtaY6SplCzIhTfveGCrHZZhJX79T6FH7dNVvLN6wIQ9CDHI5qYbWCJHIrCj1ZYcALu7QqKpMt5QRXQnDzR2YsDRgrrM4wZMHenjjpAHC3H2AWKmq-AYvW_xd2CXXBiL_Q7NpGZK3f46NiC_iYia3PvjtAeIS1roOw2lCQaxJdRGYw-7pCPYs82x3F6GkaNDX0pH5aFdpqFqUfhghv6m6sCjWK7jg7JnFl5regyH07WyQrCgtEzHQzDEcNcvDwgwx6JTswg9grz4nS1LTIteqQ9tkXcqqaqn_2AJxg
109.206.181.2302 Found 0 B URL HTTP/2 bts.red12flyw2.site/in/banners?katds_ep=M2j-Qb1OGhY4jmBkzj9qVP-1Ged7A-Ekof_uTb3FzI6D19NoM70LfisqeVris7r--mSgaGXgoQhAqcOUNTN0d_9ZaP2yKa1xIiwI_VfA32IRjbGEig5u5vT5eXAt1OXF2afsFXQ8sjcC007xqoTWS0KCwnDJyN45lwaNdZojCBcd_VAAfTXNBt44ahJmu9IZ0x_IkKYn63a9_asN74e1TTjIhsF1fWArWAbHKSoxaYPfut8TcdUoTJin6jjJmbq-aV39-BIm_dvCZaxM5zg6bj09_qDHW7hgEcDRzpNoylRtaY6SplCzIhTfveGCrHZZhJX79T6FH7dNVvLN6wIQ9CDHI5qYbWCJHIrCj1ZYcALu7QqKpMt5QRXQnDzR2YsDRgrrM4wZMHenjjpAHC3H2AWKmq-AYvW_xd2CXXBiL_Q7NpGZK3f46NiC_iYia3PvjtAeIS1roOw2lCQaxJdRGYw-7pCPYs82x3F6GkaNDX0pH5aFdpqFqUfhghv6m6sCjWK7jg7JnFl5regyH07WyQrCgtEzHQzDEcNcvDwgwx6JTswg9grz4nS1LTIteqQ9tkXcqqaqn_2AJxg
IP 109.206.181.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/banners?katds_ep=M2j-Qb1OGhY4jmBkzj9qVP-1Ged7A-Ekof_uTb3FzI6D19NoM70LfisqeVris7r--mSgaGXgoQhAqcOUNTN0d_9ZaP2yKa1xIiwI_VfA32IRjbGEig5u5vT5eXAt1OXF2afsFXQ8sjcC007xqoTWS0KCwnDJyN45lwaNdZojCBcd_VAAfTXNBt44ahJmu9IZ0x_IkKYn63a9_asN74e1TTjIhsF1fWArWAbHKSoxaYPfut8TcdUoTJin6jjJmbq-aV39-BIm_dvCZaxM5zg6bj09_qDHW7hgEcDRzpNoylRtaY6SplCzIhTfveGCrHZZhJX79T6FH7dNVvLN6wIQ9CDHI5qYbWCJHIrCj1ZYcALu7QqKpMt5QRXQnDzR2YsDRgrrM4wZMHenjjpAHC3H2AWKmq-AYvW_xd2CXXBiL_Q7NpGZK3f46NiC_iYia3PvjtAeIS1roOw2lCQaxJdRGYw-7pCPYs82x3F6GkaNDX0pH5aFdpqFqUfhghv6m6sCjWK7jg7JnFl5regyH07WyQrCgtEzHQzDEcNcvDwgwx6JTswg9grz4nS1LTIteqQ9tkXcqqaqn_2AJxg HTTP/1.1
Host: bts.red12flyw2.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amaporn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.20.1
date: Sun, 02 Oct 2022 22:22:28 GMT
content-length: 0
location: //tb.baimgfroggd.site/in/1816/?user_id=540ac59a304a598312f1b1bd3a7c1c080c9994e5&bid=0.004235&katds_labels=&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&ts=1664749346
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 750.0=1; expires=Mon, 03 Oct 2022 22:22:27 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
bts.red12flyw2.site/in/banners?katds_ep=WYQr_EMBZWOd18D7Q-Hi-NSBQSiLM4bnfkAP8-ZccHfnBuJb_pPHU5vYD3MdvJ7csW0L14Yey8jl2tfE7nzEZG1I6BKSt3G5ckFwaXLdLiDSXmLi1MBQwvbIw6nqXnOdEJNQLVFfSgJ2FVvJIxTdBv8p_NFssiA0_-l7be9fzZf9f813WDGe319MqeN154JYIrs1VC1nHlLIn3POmV8MTdetUZr8lUUfu3x0Lt5GaZqgnHUW-KbPLdWZ_dCvEEYJLQYBmDc7hDnzdmrVU9NsRFdJZllSHDqjcivXIiV3r5aMRKxQdiR4y-v4hF6FgISd9PMKvKeEPTjm0pTevrsjdMDe4XoOAz6ng4quuasiwgO5byLyoT_QDVmJ6WlH62MUmaE6EAa-64GXGfTPL02n6ctDnbe075sEHoR8qsVLo8ITZJczU_J9og_osWfGn1DRh7tjVQOhlEBbO9sgHMJwlvod0jTWacOphmq_ZPbfVXXO9T5titkz4M8tsMYc-HL1XeVORi_ayCJJBFXZ88zla5a7aKhf4MEPaaVsvZvMoMinwGQfKVUAiqmA-yQnemwZcUwqZ7l4r7y-qgU
109.206.181.2302 Found 0 B URL HTTP/2 bts.red12flyw2.site/in/banners?katds_ep=WYQr_EMBZWOd18D7Q-Hi-NSBQSiLM4bnfkAP8-ZccHfnBuJb_pPHU5vYD3MdvJ7csW0L14Yey8jl2tfE7nzEZG1I6BKSt3G5ckFwaXLdLiDSXmLi1MBQwvbIw6nqXnOdEJNQLVFfSgJ2FVvJIxTdBv8p_NFssiA0_-l7be9fzZf9f813WDGe319MqeN154JYIrs1VC1nHlLIn3POmV8MTdetUZr8lUUfu3x0Lt5GaZqgnHUW-KbPLdWZ_dCvEEYJLQYBmDc7hDnzdmrVU9NsRFdJZllSHDqjcivXIiV3r5aMRKxQdiR4y-v4hF6FgISd9PMKvKeEPTjm0pTevrsjdMDe4XoOAz6ng4quuasiwgO5byLyoT_QDVmJ6WlH62MUmaE6EAa-64GXGfTPL02n6ctDnbe075sEHoR8qsVLo8ITZJczU_J9og_osWfGn1DRh7tjVQOhlEBbO9sgHMJwlvod0jTWacOphmq_ZPbfVXXO9T5titkz4M8tsMYc-HL1XeVORi_ayCJJBFXZ88zla5a7aKhf4MEPaaVsvZvMoMinwGQfKVUAiqmA-yQnemwZcUwqZ7l4r7y-qgU
IP 109.206.181.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/banners?katds_ep=WYQr_EMBZWOd18D7Q-Hi-NSBQSiLM4bnfkAP8-ZccHfnBuJb_pPHU5vYD3MdvJ7csW0L14Yey8jl2tfE7nzEZG1I6BKSt3G5ckFwaXLdLiDSXmLi1MBQwvbIw6nqXnOdEJNQLVFfSgJ2FVvJIxTdBv8p_NFssiA0_-l7be9fzZf9f813WDGe319MqeN154JYIrs1VC1nHlLIn3POmV8MTdetUZr8lUUfu3x0Lt5GaZqgnHUW-KbPLdWZ_dCvEEYJLQYBmDc7hDnzdmrVU9NsRFdJZllSHDqjcivXIiV3r5aMRKxQdiR4y-v4hF6FgISd9PMKvKeEPTjm0pTevrsjdMDe4XoOAz6ng4quuasiwgO5byLyoT_QDVmJ6WlH62MUmaE6EAa-64GXGfTPL02n6ctDnbe075sEHoR8qsVLo8ITZJczU_J9og_osWfGn1DRh7tjVQOhlEBbO9sgHMJwlvod0jTWacOphmq_ZPbfVXXO9T5titkz4M8tsMYc-HL1XeVORi_ayCJJBFXZ88zla5a7aKhf4MEPaaVsvZvMoMinwGQfKVUAiqmA-yQnemwZcUwqZ7l4r7y-qgU HTTP/1.1
Host: bts.red12flyw2.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.amaporn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.20.1
date: Sun, 02 Oct 2022 22:22:28 GMT
content-length: 0
location: //tb.baimgfroggd.site/in/1816/?user_id=1226b69f493e2b52840123381dd0c9d9826d0551&bid=0.004235&katds_labels=&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&ts=1664749347
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 750.0=1; expires=Mon, 03 Oct 2022 22:22:27 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
bts.red12flyw2.site/in/banners?katds_ep=PykoQw1hZ2LCJNHan-0w18gbpPG_Dk9vgv3CCHc9Agll9OeCN-CGv6IEach7K2wG6H5uM43T9ymK9zG-DMQbN-hSEOEjpO3VJfKaIT0so3RfD9ooNItIeQ83xCywBVcrA4MA0Fjql3eP31idlKgn8EPkupW6ogEqpGHtIcxBg6uEf_29zK3gqqTo7AO7KNbRbdK3Y6Q2kRKbX9g6WrZZWfZMbcJA8Zn20OiJUYmMuT2R08RPrZJXxlNo0KTafY5L6JLKguogCbgN-dJ8uNDkWnVkHL5Hcr7MemQxw4C0VKWR7bR183fPbrhp-g__BOnj47QaC7tega1Nl5zskPQXnq6S6w3Dde5vNjxD4NuIxgCFVx3s9ItQPiRm7iHjgLZq17J7vvSciOAvSWRrmPrOX5dclo4BlVdt1mD22HoGCJwaE2VoXdWZM6Fu0r9s92GtUXq3CZvFtzUFrT5fNu3nWVzRc1STxk28AsBbjmqR51xOb3mposGa-W6TPIniTg6N7vDYN221WDP0pr3ASo0l9Akdu2djP6ize2rMNB2raJnywdCh9oWxLBVvBZzfDoeI0fD0zMfA-OqeWH4
109.206.181.2302 Found 0 B URL HTTP/2 bts.red12flyw2.site/in/banners?katds_ep=PykoQw1hZ2LCJNHan-0w18gbpPG_Dk9vgv3CCHc9Agll9OeCN-CGv6IEach7K2wG6H5uM43T9ymK9zG-DMQbN-hSEOEjpO3VJfKaIT0so3RfD9ooNItIeQ83xCywBVcrA4MA0Fjql3eP31idlKgn8EPkupW6ogEqpGHtIcxBg6uEf_29zK3gqqTo7AO7KNbRbdK3Y6Q2kRKbX9g6WrZZWfZMbcJA8Zn20OiJUYmMuT2R08RPrZJXxlNo0KTafY5L6JLKguogCbgN-dJ8uNDkWnVkHL5Hcr7MemQxw4C0VKWR7bR183fPbrhp-g__BOnj47QaC7tega1Nl5zskPQXnq6S6w3Dde5vNjxD4NuIxgCFVx3s9ItQPiRm7iHjgLZq17J7vvSciOAvSWRrmPrOX5dclo4BlVdt1mD22HoGCJwaE2VoXdWZM6Fu0r9s92GtUXq3CZvFtzUFrT5fNu3nWVzRc1STxk28AsBbjmqR51xOb3mposGa-W6TPIniTg6N7vDYN221WDP0pr3ASo0l9Akdu2djP6ize2rMNB2raJnywdCh9oWxLBVvBZzfDoeI0fD0zMfA-OqeWH4
IP 109.206.181.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/banners?katds_ep=PykoQw1hZ2LCJNHan-0w18gbpPG_Dk9vgv3CCHc9Agll9OeCN-CGv6IEach7K2wG6H5uM43T9ymK9zG-DMQbN-hSEOEjpO3VJfKaIT0so3RfD9ooNItIeQ83xCywBVcrA4MA0Fjql3eP31idlKgn8EPkupW6ogEqpGHtIcxBg6uEf_29zK3gqqTo7AO7KNbRbdK3Y6Q2kRKbX9g6WrZZWfZMbcJA8Zn20OiJUYmMuT2R08RPrZJXxlNo0KTafY5L6JLKguogCbgN-dJ8uNDkWnVkHL5Hcr7MemQxw4C0VKWR7bR183fPbrhp-g__BOnj47QaC7tega1Nl5zskPQXnq6S6w3Dde5vNjxD4NuIxgCFVx3s9ItQPiRm7iHjgLZq17J7vvSciOAvSWRrmPrOX5dclo4BlVdt1mD22HoGCJwaE2VoXdWZM6Fu0r9s92GtUXq3CZvFtzUFrT5fNu3nWVzRc1STxk28AsBbjmqR51xOb3mposGa-W6TPIniTg6N7vDYN221WDP0pr3ASo0l9Akdu2djP6ize2rMNB2raJnywdCh9oWxLBVvBZzfDoeI0fD0zMfA-OqeWH4 HTTP/1.1
Host: bts.red12flyw2.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amaporn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.20.1
date: Sun, 02 Oct 2022 22:22:28 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //tb.baimgfroggd.site/in/1816/?user_id=540ac59a304a598312f1b1bd3a7c1c080c9994e5&bid=0.004235&katds_labels=&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&ts=1664749346
pragma: no-cache
vary: *
set-cookie: 750.0=1; expires=Mon, 03 Oct 2022 22:22:28 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3e86b9e028f0aff95a4ed314d63e2998
67a7954060b9f1f992e4619dc99ce4f5703f9f35
4c71d7adf3f15c4d1ce9d7c4b9aa15ca3c09c7231e03dddf82f957b5aef05be5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C71D7ADF3F15C4D1CE9D7C4B9AA15CA3C09C7231E03DDDF82F957B5AEF05BE5"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15103
Expires: Mon, 03 Oct 2022 02:34:10 GMT
Date: Sun, 02 Oct 2022 22:22:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3e86b9e028f0aff95a4ed314d63e2998
67a7954060b9f1f992e4619dc99ce4f5703f9f35
4c71d7adf3f15c4d1ce9d7c4b9aa15ca3c09c7231e03dddf82f957b5aef05be5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C71D7ADF3F15C4D1CE9D7C4B9AA15CA3C09C7231E03DDDF82F957B5AEF05BE5"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15103
Expires: Mon, 03 Oct 2022 02:34:10 GMT
Date: Sun, 02 Oct 2022 22:22:27 GMT
Connection: keep-alive
tb.baimgfroggd.site/in/1816/?user_id=540ac59a304a598312f1b1bd3a7c1c080c9994e5&bid=0.004235&katds_labels=&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&ts=1664749346
109.206.176.75302 Found 0 B URL HTTP/2 tb.baimgfroggd.site/in/1816/?user_id=540ac59a304a598312f1b1bd3a7c1c080c9994e5&bid=0.004235&katds_labels=&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&ts=1664749346
IP 109.206.176.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/1816/?user_id=540ac59a304a598312f1b1bd3a7c1c080c9994e5&bid=0.004235&katds_labels=&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&ts=1664749346 HTTP/1.1
Host: tb.baimgfroggd.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amaporn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.20.1
date: Sun, 02 Oct 2022 22:22:28 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://promotion-doctor.xyz/facebook/banner?eu=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1741436509561719%2F&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=61101&p=0.0800&oid=2384359&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664749922&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749346&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 1816.2384359=1; expires=Mon, 03 Oct 2022 22:22:26 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
tb.baimgfroggd.site/in/1816/?user_id=1226b69f493e2b52840123381dd0c9d9826d0551&bid=0.004235&katds_labels=&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&ts=1664749347
109.206.176.75302 Found 0 B URL HTTP/2 tb.baimgfroggd.site/in/1816/?user_id=1226b69f493e2b52840123381dd0c9d9826d0551&bid=0.004235&katds_labels=&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&ts=1664749347
IP 109.206.176.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/1816/?user_id=1226b69f493e2b52840123381dd0c9d9826d0551&bid=0.004235&katds_labels=&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&ts=1664749347 HTTP/1.1
Host: tb.baimgfroggd.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.amaporn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.20.1
date: Sun, 02 Oct 2022 22:22:28 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://promotion-doctor.xyz/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FHb-yx5oIr1Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60818&p=0.0900&oid=2384381&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750763&vi=Hb-yx5oIr1Y&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749347&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 1816.2384381=1; expires=Mon, 03 Oct 2022 22:22:28 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
tb.baimgfroggd.site/in/1816/?user_id=540ac59a304a598312f1b1bd3a7c1c080c9994e5&bid=0.004235&katds_labels=&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&ts=1664749346
109.206.176.75302 Found 0 B URL HTTP/2 tb.baimgfroggd.site/in/1816/?user_id=540ac59a304a598312f1b1bd3a7c1c080c9994e5&bid=0.004235&katds_labels=&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&ts=1664749346
IP 109.206.176.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/1816/?user_id=540ac59a304a598312f1b1bd3a7c1c080c9994e5&bid=0.004235&katds_labels=&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&ts=1664749346 HTTP/1.1
Host: tb.baimgfroggd.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amaporn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Sun, 02 Oct 2022 22:22:28 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://promotion-doctor.xyz/facebook/banner?eu=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1112479266056731%2F&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=61101&p=0.0800&oid=2384380&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750705&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749346&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 1816.2384380=1; expires=Mon, 03 Oct 2022 22:22:27 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4738dbe0531d890ecb80a6a3e159fd83
7ac9e5b5e26e7fd24fa2a70c2fc1f6066e4c6e51
414f0593bc6803aad7d3e2c519941428bb92ab752873ed91d85473ce4e93412e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "414F0593BC6803AAD7D3E2C519941428BB92AB752873ED91D85473CE4E93412E"
Last-Modified: Fri, 30 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10625
Expires: Mon, 03 Oct 2022 01:19:33 GMT
Date: Sun, 02 Oct 2022 22:22:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4738dbe0531d890ecb80a6a3e159fd83
7ac9e5b5e26e7fd24fa2a70c2fc1f6066e4c6e51
414f0593bc6803aad7d3e2c519941428bb92ab752873ed91d85473ce4e93412e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "414F0593BC6803AAD7D3E2C519941428BB92AB752873ED91D85473CE4E93412E"
Last-Modified: Fri, 30 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10625
Expires: Mon, 03 Oct 2022 01:19:33 GMT
Date: Sun, 02 Oct 2022 22:22:28 GMT
Connection: keep-alive
promotion-doctor.xyz/facebook/banner?eu=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1741436509561719%2F&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=61101&p=0.0800&oid=2384359&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664749922&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749346&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14
109.206.161.244200 OK 4.0 kB URL HTTP/2 promotion-doctor.xyz/facebook/banner?eu=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1741436509561719%2F&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=61101&p=0.0800&oid=2384359&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664749922&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749346&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14
IP 109.206.161.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (746)
Hash f7abc1996af8f6347c0aaaba03f5523e
e62494c2cd773658c9a9f123c262c77592a85af2
dd5430f0c3112e1b7c34761e5ded90d3a799c6c6becb479c71153fbad959babd
GET /facebook/banner?eu=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1741436509561719%2F&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=61101&p=0.0800&oid=2384359&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664749922&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749346&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14 HTTP/1.1
Host: promotion-doctor.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amaporn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:28 GMT
content-type: text/html; charset=utf-8
content-length: 3981
access-control-allow-credentials: true
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
promotion-doctor.xyz/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FHb-yx5oIr1Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60818&p=0.0900&oid=2384381&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750763&vi=Hb-yx5oIr1Y&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749347&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14
109.206.161.244200 OK 11 kB URL HTTP/2 promotion-doctor.xyz/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FHb-yx5oIr1Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60818&p=0.0900&oid=2384381&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750763&vi=Hb-yx5oIr1Y&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749347&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14
IP 109.206.161.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9199)
Hash ec1aa041d65d52c9b8d439e61e4687fd
dc626bba9e301c6a9a290a1fcf1b95114346a7b0
b319aa35f6f29a4813bdb14034d5a87b87f80e70f7ae76b6aa0b13abb58e54a3
GET /yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FHb-yx5oIr1Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60818&p=0.0900&oid=2384381&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750763&vi=Hb-yx5oIr1Y&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749347&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14 HTTP/1.1
Host: promotion-doctor.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.amaporn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:28 GMT
content-type: text/html; charset=utf-8
content-length: 11433
access-control-allow-credentials: true
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
promotion-doctor.xyz/facebook/banner?eu=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1112479266056731%2F&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=61101&p=0.0800&oid=2384380&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750705&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749346&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14
109.206.161.244200 OK 4.0 kB URL HTTP/2 promotion-doctor.xyz/facebook/banner?eu=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1112479266056731%2F&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=61101&p=0.0800&oid=2384380&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750705&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749346&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14
IP 109.206.161.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (746)
Hash f1d0d029ed415ed9748531ad07c4bb4f
2bfc8e1bf9957309e73da11a0b3764e300a0c79c
2c8fdcd315d47ff97534b0e7c8ee68144217b4918b715da300889661ac74393f
GET /facebook/banner?eu=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1112479266056731%2F&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=61101&p=0.0800&oid=2384380&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750705&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749346&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14 HTTP/1.1
Host: promotion-doctor.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amaporn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:28 GMT
content-type: text/html; charset=utf-8
content-length: 3981
access-control-allow-credentials: true
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72e8c21988f5ecd736fde162321f0984
4bb9f82a2f6114b344600d920f91f1cc9260bc42
326533b2b3a8b24f0b21dbe9b94e5d9086f862ad74a1d01942fb829dff0352f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4175
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:28 GMT
Last-Modified: Sun, 02 Oct 2022 21:12:53 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash 18e59f430513fe08996d57567fa45caf
366c30273c973fd4bde94b6beb66c1fd7a580a70
1fbcd80b01c6eae136c41243e4f5f1ae455848de6b79230f6ceeec05c0a9b9bd
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promotion-doctor.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 25b052a53db7598e92ea05915554a8e9
etag: "3eb70e9044e5304cbe9a2dcdb67c1025"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 02 Oct 2022 22:36:48 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: GOWfQwUT/giZbVdWf6Rcrw==
x-fb-debug: iXDY0+z9cfcYdsRecoOd4TelFfQSuqMdGvj1iegdVF46HyfTwC/Z6MpVEfkWwDmBBKr690MTprTFxnG4pPdojg==
content-length: 1687
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:22:28 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ebd361f800dc213abf90a1f83c1040d0
9209d1599ee1e35cce5811b3b7f05d316b7d881c
283be1211881e2b42f921c53f330c1947d76f72b87ca91bc3110ce07dca3ee63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "283BE1211881E2B42F921C53F330C1947D76F72B87CA91BC3110CE07DCA3EE63"
Last-Modified: Fri, 30 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10635
Expires: Mon, 03 Oct 2022 01:19:43 GMT
Date: Sun, 02 Oct 2022 22:22:28 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72e8c21988f5ecd736fde162321f0984
4bb9f82a2f6114b344600d920f91f1cc9260bc42
326533b2b3a8b24f0b21dbe9b94e5d9086f862ad74a1d01942fb829dff0352f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4175
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:28 GMT
Last-Modified: Sun, 02 Oct 2022 21:12:53 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e30e4a417c0c57edd22973dc78ff0d12
b2d9064bdf59544406f9acb7272f1f7262d18bfe
ee03aef880c463ab8d922226c17f2d61883d0ce3c23347ab819f85e0b907b1b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE03AEF880C463AB8D922226C17F2D61883D0CE3C23347AB819F85E0B907B1B9"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18579
Expires: Mon, 03 Oct 2022 03:32:07 GMT
Date: Sun, 02 Oct 2022 22:22:28 GMT
Connection: keep-alive
vs.javcosplay.com/sts/?eu=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1741436509561719%2F&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=61101&p=0.0800&oid=2384359&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664749922&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749346&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&type=impression
62.122.173.28200 OK 2 B URL HTTP/2 vs.javcosplay.com/sts/?eu=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1741436509561719%2F&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=61101&p=0.0800&oid=2384359&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664749922&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749346&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&type=impression
IP 62.122.173.28:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /sts/?eu=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1741436509561719%2F&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=61101&p=0.0800&oid=2384359&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664749922&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749346&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&type=impression HTTP/1.1
Host: vs.javcosplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promotion-doctor.xyz
Connection: keep-alive
Referer: https://promotion-doctor.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 02 Oct 2022 22:22:28 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: 1077.0=1; expires=Mon, 03 Oct 2022 22:22:28 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
vs.javcosplay.com/sts/?eu=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1112479266056731%2F&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=61101&p=0.0800&oid=2384380&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750705&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749346&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&type=impression
62.122.173.28200 OK 2 B URL HTTP/2 vs.javcosplay.com/sts/?eu=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1112479266056731%2F&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=61101&p=0.0800&oid=2384380&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750705&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749346&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&type=impression
IP 62.122.173.28:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /sts/?eu=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1112479266056731%2F&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=61101&p=0.0800&oid=2384380&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750705&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749346&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&type=impression HTTP/1.1
Host: vs.javcosplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promotion-doctor.xyz
Connection: keep-alive
Referer: https://promotion-doctor.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 02 Oct 2022 22:22:28 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: 1077.0=1; expires=Mon, 03 Oct 2022 22:22:28 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=16459c832ea92362d792ba2f4bb5908b
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=16459c832ea92362d792ba2f4bb5908b
IP 31.13.72.12:0
File type ASCII text, with very long lines (13245)
Hash 43c4d2434293d18196a19a9686d0375e
96eb5045f1e080f262e6f81f4dfa99078bc33981
d3f56439cd59ea427f5e698ebde01f3c1995204a1db3554c245c37e723353390
GET /en_US/sdk.js?hash=16459c832ea92362d792ba2f4bb5908b HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promotion-doctor.xyz
Connection: keep-alive
Referer: https://promotion-doctor.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ea456529592901c467d384e9362cf9d8
etag: "acc0e1588f07a676f9a01c4b8cb000dc"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 02 Oct 2023 21:33:14 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: Q8TSQ0KT0YGWoZqWhtA3Xg==
x-fb-debug: 94wVMYTvxuAz9oBDHSvr1Wj/A1vuWNY4583PdxBWa63Eqg8DPUmkGuJyvpv/rdMhycwnxCq0br1aIlYLMvByeg==
priority: u=3,i
content-length: 86952
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:22:28 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.doctorvideos.xyz/sm/files/ls/rb-a34acae.js
45.133.44.24200 OK 1.8 MB URL HTTP/2 cdn.doctorvideos.xyz/sm/files/ls/rb-a34acae.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 1.8 MB (1755114 bytes)
Hash 3a5b1cfcdc85ca55ce5ede4b4490e7d4
d254dd799577fce96ac2c09de15caef269126ca2
7c4ba7b655fde8e642fce60e927a1eeeb48642e1a707b43b49e1d19cdb6301c7
GET /sm/files/ls/rb-a34acae.js HTTP/1.1
Host: cdn.doctorvideos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promotion-doctor.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 1755114
server: nginx/1.12.2
last-modified: Fri, 02 Sep 2022 09:54:44 GMT
etag: "6311d2e4-1ac7ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
web.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df323ecedf12d62%26domain%3Dpromotion-doctor.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpromotion-doctor.xyz%252Ff15fef2831079b8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1741436509561719%2F&locale=en_US&sdk=joey&show_text=false&width=500
31.13.72.8302 Found 0 B URL HTTP/2 web.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df323ecedf12d62%26domain%3Dpromotion-doctor.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpromotion-doctor.xyz%252Ff15fef2831079b8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1741436509561719%2F&locale=en_US&sdk=joey&show_text=false&width=500
IP 31.13.72.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3.2/plugins/video.php?app_id=&autoplay=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df323ecedf12d62%26domain%3Dpromotion-doctor.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpromotion-doctor.xyz%252Ff15fef2831079b8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1741436509561719%2F&locale=en_US&sdk=joey&show_text=false&width=500 HTTP/1.1
Host: web.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promotion-doctor.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.facebook.com/v3.2/plugins/video.php?app_id&autoplay=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df323ecedf12d62%26domain%3Dpromotion-doctor.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpromotion-doctor.xyz%252Ff15fef2831079b8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1741436509561719%2F&locale=en_US&sdk=joey&show_text=false&width=500&_rdc=1&_rdr
cross-origin-opener-policy: unsafe-none
x-fb-zr-redirect: 02|1664835748|
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: wkPvSISlvnttyMcYnGJzxD/isIWz8sm5b3D6fAWfP/SG5yIITfR3Nt0574pC+xtFoAXfv52YqrKe+K+FJ2psnQ==
content-length: 0
date: Sun, 02 Oct 2022 22:22:28 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
web.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df361abf05a0104e%26domain%3Dpromotion-doctor.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpromotion-doctor.xyz%252Ff18de967b9004fe%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1112479266056731%2F&locale=en_US&sdk=joey&show_text=false&width=500
31.13.72.8302 Found 0 B URL HTTP/2 web.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df361abf05a0104e%26domain%3Dpromotion-doctor.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpromotion-doctor.xyz%252Ff18de967b9004fe%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1112479266056731%2F&locale=en_US&sdk=joey&show_text=false&width=500
IP 31.13.72.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3.2/plugins/video.php?app_id=&autoplay=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df361abf05a0104e%26domain%3Dpromotion-doctor.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpromotion-doctor.xyz%252Ff18de967b9004fe%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1112479266056731%2F&locale=en_US&sdk=joey&show_text=false&width=500 HTTP/1.1
Host: web.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promotion-doctor.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.facebook.com/v3.2/plugins/video.php?app_id&autoplay=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df361abf05a0104e%26domain%3Dpromotion-doctor.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpromotion-doctor.xyz%252Ff18de967b9004fe%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1112479266056731%2F&locale=en_US&sdk=joey&show_text=false&width=500&_rdc=1&_rdr
cross-origin-opener-policy: unsafe-none
x-fb-zr-redirect: 02|1664835748|
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: ARdJwuEz2h5rKFw0hwasY0XEQE8ilVtcQmzXaJzPZUMLqJU6zvxmqMHM/iMzum+n0g/Jg3BKXcMxVIul6RhI+Q==
content-length: 0
date: Sun, 02 Oct 2022 22:22:28 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c13a9bf4003891ab621ca04b258f9880
8b0fb77ebf4d31235c62a8f10b1b8e4b4f77ad77
eb06a3da143e66c58a0e707ecd9b2b0818adc44b0f4e5244ac62545be8db4dd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vs.javcosplay.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FHb-yx5oIr1Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60818&p=0.0900&oid=2384381&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750763&vi=Hb-yx5oIr1Y&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749347&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&type=impression&isr=
62.122.173.28200 OK 2 B URL HTTP/2 vs.javcosplay.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FHb-yx5oIr1Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60818&p=0.0900&oid=2384381&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750763&vi=Hb-yx5oIr1Y&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749347&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&type=impression&isr=
IP 62.122.173.28:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FHb-yx5oIr1Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60818&p=0.0900&oid=2384381&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750763&vi=Hb-yx5oIr1Y&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749347&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&type=impression&isr= HTTP/1.1
Host: vs.javcosplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promotion-doctor.xyz
Connection: keep-alive
Referer: https://promotion-doctor.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 02 Oct 2022 22:22:29 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: 1077.0=1; expires=Mon, 03 Oct 2022 22:22:28 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
lh3.googleusercontent.com/VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff
142.250.74.33200 OK 40 kB URL HTTP/2 lh3.googleusercontent.com/VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Picasa], baseline, precision 8, 693x462, components 3\012- data
Hash f19407c2b238e50370b74f4c3245d5a8
93caabeb45b7e3d4afe0b60b1557afe9117e1515
a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb
GET /VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promotion-doctor.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 39552
x-xss-protection: 0
date: Sun, 02 Oct 2022 19:17:26 GMT
expires: Mon, 12 Sep 2022 19:41:24 GMT
cache-control: public, max-age=86400, no-transform
age: 11103
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c13a9bf4003891ab621ca04b258f9880
8b0fb77ebf4d31235c62a8f10b1b8e4b4f77ad77
eb06a3da143e66c58a0e707ecd9b2b0818adc44b0f4e5244ac62545be8db4dd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.doctorvideos.xyz/sm/files/ls/rv-a34acae.js
45.133.44.24200 OK 158 kB URL HTTP/2 cdn.doctorvideos.xyz/sm/files/ls/rv-a34acae.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 158 kB (158101 bytes)
Hash b95ef24fcbbdc967acf62af80fa7e827
c1774d4fc5eab72b7e4b6c101e31a2f8700b701e
52f671c0b8a979a28c9ba3172d1af50c0e8b4cec2f6f865b2968ba5dd3bd30a2
GET /sm/files/ls/rv-a34acae.js HTTP/1.1
Host: cdn.doctorvideos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promotion-doctor.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 158101
server: nginx/1.12.2
last-modified: Fri, 02 Sep 2022 09:54:45 GMT
etag: "6311d2e5-26995"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/dk_hN_UwNsc.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/dk_hN_UwNsc.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (2636)
Hash 751d272f404e4c1fbc23b4de55b1a100
5a7255c10acb7538b3a987ce00475de70f9f62c7
8a6004355c62444ade6a82320c33f922f930fa944246ee2ad4e4b114ce89d9c9
GET /rsrc.php/v3/yO/l/0,cross/dk_hN_UwNsc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 21 Sep 2023 17:18:55 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dR0nL0BOTB+8I7TeVbGhAA==
x-fb-debug: 0V+66PGVfeTaRmx8E7VGcgdbqvsWCTugdyKw1tWKAYgavwmWNmdHjM0z85PK5W0mVCsD5ztcdYzqDHTYQGWxnA==
priority: u=3,i
content-length: 1000
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:22:29 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/7W7R5oRSOHn.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 17 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/7W7R5oRSOHn.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (14177)
Hash 6c5f035ffadc83467df7e13d5894c849
b61a307ec12f74fa6e5e3fa9cdadef426ff704e3
67ece5872970a33982575438c8a1387dd65af97c309f33ae3c789389ae9eb357
GET /rsrc.php/v3/y4/l/0,cross/7W7R5oRSOHn.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 02 Oct 2023 19:08:30 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: bF8DX/rcg0Z99+E9WJTISQ==
x-fb-debug: rWG1mCcYqq5eURfyzm3C920cDTPm4W2ReEtv6yGBwj02Tcxdhs1FJYe6tBZZDcrZqeT6PZ9LdLFsiPE9fc3t2g==
content-length: 17242
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:22:29 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y1/r/0fUlelVJzb0.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 91 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y1/r/0fUlelVJzb0.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (18608)
Hash 42af5d090c6ba39f7761508b43ae64f3
343d3bce6a64b3feeb271acd42cccd9766e02416
72790ccd3fe154c0b2c4694d80020585273a24fe409d1482648bda7f487812e8
GET /rsrc.php/v3/y1/r/0fUlelVJzb0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 19:30:10 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Qq9dCQxro593YVCLQ65k8w==
x-fb-debug: u/roEVswD6ygO5DJajEp5PkbwA8JsXhK09oCMY9HmLzhYYoGBy5xiH1eEWSs3+rvQnG5Bh43DdVjrJGpphSppg==
priority: u=2
content-length: 91069
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:22:29 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3i7M54/yu/l/en_US/K5L-vvo7hiB.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 38 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3i7M54/yu/l/en_US/K5L-vvo7hiB.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4503)
Hash 259c03ac8eb631d688527d72f440552e
8c8a9240780ea44fddb61506e0aae3a949370087
336cac648dd81bb341df46cf4686cde865ade5884bd94164460106ffeb7a0613
GET /rsrc.php/v3i7M54/yu/l/en_US/K5L-vvo7hiB.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 05:03:14 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: JZwDrI62MdaIUn1y9EBVLg==
x-fb-debug: k5aF19wMa12kYhg+zJ7gA1OH5K2qGyeLlyzqCzo9gKBjeTbVv2xsnGcjnASRE/vDuX6c/l6v8qeAkBXihBtXoQ==
content-length: 37969
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:22:29 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/v3.2/plugins/video.php?app_id&autoplay=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df323ecedf12d62%26domain%3Dpromotion-doctor.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpromotion-doctor.xyz%252Ff15fef2831079b8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1741436509561719%2F&locale=en_US&sdk=joey&show_text=false&width=500&_rdc=1&_rdr
31.13.72.36200 OK 42 kB URL HTTP/2 www.facebook.com/v3.2/plugins/video.php?app_id&autoplay=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df323ecedf12d62%26domain%3Dpromotion-doctor.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpromotion-doctor.xyz%252Ff15fef2831079b8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1741436509561719%2F&locale=en_US&sdk=joey&show_text=false&width=500&_rdc=1&_rdr
IP 31.13.72.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (46073)
Hash 56c841481886090b0b8158934111cd01
354bb5d40bfd16ac282ee6d818793603947da648
4d8764217811416cf9e36fb8044cb5d1db2c3743f09356b8dee7127196d05de1
GET /v3.2/plugins/video.php?app_id&autoplay=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df323ecedf12d62%26domain%3Dpromotion-doctor.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpromotion-doctor.xyz%252Ff15fef2831079b8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1741436509561719%2F&locale=en_US&sdk=joey&show_text=false&width=500&_rdc=1&_rdr HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promotion-doctor.xyz/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v8.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: YbFCqEadcS5PZbjr2tp7XU3LUjkf48ITpNyfnJ+WJ745fc+BXnPYskZCKrn6Tj3VPvfG7Juv2e9fia8LbNl+iA==
date: Sun, 02 Oct 2022 22:22:28 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yb/r/XyjrcFoy4si.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yb/r/XyjrcFoy4si.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4768)
Hash c3d9552d67e35d8c8ddea358ac171efa
d8f20b9a3e7750fbbe302161bbae71738beb3a4c
70ada44f36a08541ad0e5897ccb5ee4255fb355fca6ec6d7f9341192f1f59406
GET /rsrc.php/v3/yb/r/XyjrcFoy4si.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 05:02:42 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: w9lVLWfjXYyN3qNYrBce+g==
x-fb-debug: 3ZV3bGHTnp4R4niX0Twb2oADwLtXqjvo9eC/8QPdOiyu0E3g2lwnZ5fUCAgIV1ahmhBZQOsUuAyTOYaz6hMW2A==
priority: u=3,i
content-length: 5012
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:22:29 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/dD0USYVvaQD.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 148 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/dD0USYVvaQD.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (33385)
Size 148 kB (148376 bytes)
Hash adb7b22e3e9c6bfe8d3b48789f1f5484
81dbd10153ef62058286a94a504593f546f04f1c
6a7ce76e993954059b3bd002a3f943d4ffee75095ee84b6e2665ba0743268376
GET /rsrc.php/v3/y-/l/0,cross/dD0USYVvaQD.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 02 Oct 2023 19:41:05 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: rbeyLj6ca/6NO0h4nx9UhA==
x-fb-debug: m0/V/r1PlYe9yS4UsOitcbvJcAePXqf0PB6SBlVKartL/Ji54kT5IHOOkuw655tR1+UpJT59GAhm1tbJsRhbBA==
priority: u=3,i
content-length: 148376
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:22:29 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yH/r/dvmaoY1V1ed.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 786 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yH/r/dvmaoY1V1ed.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (1014)
Hash 208aac51389a19884e468dc0a2435e57
c5f4ab5bdc2c13211f8ae54388c5fc086db4d185
d3955253e3f82dc132d6361e588c4d62ea1a8c5c19b98ec2efb4c768dbeb2af1
GET /rsrc.php/v3/yH/r/dvmaoY1V1ed.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 26 Sep 2023 11:45:16 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: IIqsUTiaGYhORo3AokNeVw==
x-fb-debug: Fx4v4AqqTtyo0EyJ36XQZzrZ1ZR+JlXkVicY6VVRbTrZB1yF5yX0UxqzwXrAcQBsfORhKtM897V1mBjEaFXZtA==
priority: u=1,i
content-length: 786
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:22:29 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3ifTu4/yX/l/en_US/mInOXcNcArI.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 104 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3ifTu4/yX/l/en_US/mInOXcNcArI.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (14190)
Size 104 kB (103776 bytes)
Hash 6013fb196b84bb53df2a46a8219a2c4f
8ca8082636b0a1b52855ee6bd3a444363a5f0b4a
f92877443a7941a119f1ced21438d5d273b6b457e17f01ff19c31032c9328ae6
GET /rsrc.php/v3ifTu4/yX/l/en_US/mInOXcNcArI.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 01 Oct 2023 00:25:13 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: YBP7GWuEu1PfKkaoIZosTw==
x-fb-debug: FBAceQc8ctYnVpvUTvol/Tfz1Y4u7Ls4lV7QkS500sD347YoK4LKWZH1PCRIQQr53+RKDyfLwcjJEzpqpHlHDA==
content-length: 103776
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:22:29 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3i1XI4/y_/l/en_US/SrvzIcnQWzu.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 58 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3i1XI4/y_/l/en_US/SrvzIcnQWzu.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (8279)
Hash 447f1c8fef23b4ee88a732d6b513a1a2
f34cacc51a825d8ec18d3691b7c16809dbc26eae
99c7da84d4c82f344033d864c1bf71f7bc3dfb98a1459270d062dd5f72d38588
GET /rsrc.php/v3i1XI4/y_/l/en_US/SrvzIcnQWzu.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 02 Oct 2023 19:08:30 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: RH8cj+8jtO6IpzLWtROhog==
x-fb-debug: 0pjb4T6lFNIZVW01wAaSZh+ZBejcTuvVn/XokrmOPFWzOjjuO1vK8SxnK5xqlNF83+XPvUm3EmnwtAaoALgd6g==
content-length: 57855
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:22:29 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yn/r/4PpY02ggjl3.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yn/r/4PpY02ggjl3.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (9884)
Hash 398c6c3ea5186dcef86ea2e0f041aeff
b986855b0969e5a03beb69762fe8f82827cf6677
51d435a01142128125e6536061ae221666dcd191d7c8398dbe3c7c56b9e09b27
GET /rsrc.php/v3/yn/r/4PpY02ggjl3.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 05:02:42 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: OYxsPqUYbc74bqLg8EGu/w==
x-fb-debug: V8NO07VtXR74wCLuB9dz1Fu3cmgctidmxCoG36H8dP1DoIh4KrvVROz/G2kQIFKj9X6NMwHkelNdeAgKGph9Vw==
priority: u=3,i
content-length: 5030
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:22:29 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yo/r/2PEoe_JJMBi.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 46 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yo/r/2PEoe_JJMBi.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (64905)
Hash ce1c8d1d9180046a4aa138d568765e49
b53005549fcfe9c88767ebc3f287d68de4cb1e2a
9528a7c494fd3285689d1561e0e1166b55659f06b883dab99fcb620dc2b2df74
GET /rsrc.php/v3/yo/r/2PEoe_JJMBi.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 14:59:24 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: zhyNHZGABGpKoTjVaHZeSQ==
x-fb-debug: JaSSjCy+j6eGS6RC/x7HbMdTov0I/dAuWAyJ5YHBhGSj4ionkyPlvG4xq/Lqr72QzDL+9Wjbb7r/zAcTKYGZ+A==
content-length: 46216
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:22:29 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yR/r/6UnTpdMzDQS.png
31.13.72.12200 OK 385 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yR/r/6UnTpdMzDQS.png
IP 31.13.72.12:0
File type PNG image data, 20 x 20, 8-bit gray+alpha, non-interlaced\012- data
Hash 212f476bbd231388292cf46d667e6ce7
8c8c069cc2c6450ba68bb43e3af0f849c1e983e8
9181c4650dfa9226bcd694724f8cf7dbc89a544f898a3dfc71c665ed1ef0f64f
GET /rsrc.php/v3/yR/r/6UnTpdMzDQS.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: IS9Ha70jE4gpLPRtZn5s5w==
expires: Sun, 01 Oct 2023 17:54:47 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: Jhzmd4Qy2PD2NdmMiDbz/9KWzwMfAbyKBMusxGBmw6RkSB98wxb0ah8Ii0hf8AnE5VacQ/H0DM//gp8EduvljA==
priority: u=3,i
content-length: 385
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:22:29 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yC/r/VcBm0ENvXEt.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 63 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yC/r/VcBm0ENvXEt.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (15086)
Hash 2ab74676f4f7924fd43a1659e04a5aa4
4737db5d5bb26248be943e74004203b02c95b607
d45ce63fbdf6cb1301f23c3321c68ec549d87ccf83d42bfa1469d95171e7d540
GET /rsrc.php/v3/yC/r/VcBm0ENvXEt.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 30 Sep 2023 05:02:49 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KrdGdvT3kk/UOhZZ4EpapA==
x-fb-debug: agWVVX/Qn13hrkVjFwF8hGYTCLJUEWrr7pD251RN7w0Vce7JUn54dheQqLPoqPlt0Fy85yGzVB5+Cy+VA9qjvg==
content-length: 62936
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:22:29 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3ivzh4/yn/l/en_US/o79rzwjPc2Y.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 89 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3ivzh4/yn/l/en_US/o79rzwjPc2Y.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (13523)
Hash 6a6897a488c1e307b00ca2cbc9992f5f
ed27b3e77544464f17576e19a70e19d7fd044b6f
808b022db23efde7eb16d0902392a6496ad5867554bd5ee1d3024bbea503f633
GET /rsrc.php/v3ivzh4/yn/l/en_US/o79rzwjPc2Y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 01 Oct 2023 09:44:18 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: amiXpIjB4wewDKLLyZkvXw==
x-fb-debug: D59cddpV815QdjXK5hzEwQhncOoSoHmtfyJlke7ceNUHngzdEo3tNliY1rhUDYw3W05dd1kEZSBHHHpycg8TKA==
priority: u=3,i
content-length: 88787
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:22:29 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yo/r/KgP1bN_s6Fc.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 18 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yo/r/KgP1bN_s6Fc.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (56532)
Hash b9d76c88caad767c3826feb6efd432ba
5963c92a7382c948d9a9ada5d97bd89b84eb5add
a1a8fc33b67dca19697a4e94dae4fdea75a28f9ed867e63b64b5ba0f118c5d6a
GET /rsrc.php/v3/yo/r/KgP1bN_s6Fc.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 02 Oct 2023 19:15:33 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: uddsiMqtdnw4Jv6279Qyug==
x-fb-debug: J0KLNAJ5dCh8u21e2gMYHQfHB77V+QZGHKjdj3vwhlrTFexm4zX3EeZ6NuEZXNmc1VoDITxO+Il0P04X3xfYiA==
content-length: 17459
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:22:29 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53aa134dc3b33b709b6ccf39e549055f
2e85a28ef73d7c403ad693fc8602e95fe3d803f3
877de7cadd4fc848afaac488f89ed987929505b563a03eb79e4e9d8fa0b41a0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/url?sa=D&q=https://www.youtube.com/embed/Hb-yx5oIr1Y%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1
142.250.74.164200 OK 603 B URL HTTP/2 www.google.com/url?sa=D&q=https://www.youtube.com/embed/Hb-yx5oIr1Y%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash f7339ab29f71c41c8d21e7e413db0ec1
6b0d14f7e0b6588efb7a451a5ed6cc77cf411562
04c39e097ab92e06f6554a465afb0b5910ab3202d1c8a7d44603176f8b5c8819
GET /url?sa=D&q=https://www.youtube.com/embed/Hb-yx5oIr1Y%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promotion-doctor.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
location: https://www.youtube.com/embed/Hb-yx5oIr1Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
cache-control: private
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sun, 02 Oct 2022 22:22:29 GMT
server: gws
content-length: 603
x-xss-protection: 0
expires: Sun, 02 Oct 2022 22:22:29 GMT
set-cookie: __Secure-ENID=7.SE=S_8Qa8DzMZ94uHdZD5ren8oWEKCThIOeeOCK39d7FYAbOhs3Tk9bwhrzV-HXmTIYKcYuGWAeuG2P0155bLDpUjZtyOi5PKJ2weZDi0b3vkWGQM4Q289Zl53bY2RZilAhdSV9tHGhNDiNpXk5gzgxoc1zy2NspwV4mU4-ly-JoDU; expires=Thu, 02-Nov-2023 14:40:47 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
CONSENT=PENDING+692; expires=Tue, 01-Oct-2024 22:22:29 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8c665d81a8995febfec300bd9f554c90
aa3599f282cff5e07d5681ec4854b70a82590f6d
57cd30b987eb23f54208b51c04daefd3657fdd84325f4035817b32e4ad5b5461
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
video-arn2-1.xx.fbcdn.net/hvideo-nao-eag/_nc_cat-1/_nc_sr_t-4/v/rfYbj7B5692J9wiAzVZjH/_nc_ohc-AXxLXwOoOTEAX97Ap0Q/live-dash/dash-abr-ibr-audio/6118481981501908.mpd?ccb=2-4&ms=m_CTPA&sc_t=1&oh=00_AT81n7z23hug2t39H-hzMs_Y1Fr-bsplBGQRSo5BGEDUCw&oe=633B9D68
31.13.72.14200 OK 1.7 kB URL HTTP/2 video-arn2-1.xx.fbcdn.net/hvideo-nao-eag/_nc_cat-1/_nc_sr_t-4/v/rfYbj7B5692J9wiAzVZjH/_nc_ohc-AXxLXwOoOTEAX97Ap0Q/live-dash/dash-abr-ibr-audio/6118481981501908.mpd?ccb=2-4&ms=m_CTPA&sc_t=1&oh=00_AT81n7z23hug2t39H-hzMs_Y1Fr-bsplBGQRSo5BGEDUCw&oe=633B9D68
IP 31.13.72.14:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash b0f2868c9ba30fd65b5f87237eb2db94
5251090901368f3fc5ccb059316bcfbd5d979494
dec38d61c1933dd47d7aaa03bc3b1af57e1baca59f46179549a4bc7fcc7bd47c
GET /hvideo-nao-eag/_nc_cat-1/_nc_sr_t-4/v/rfYbj7B5692J9wiAzVZjH/_nc_ohc-AXxLXwOoOTEAX97Ap0Q/live-dash/dash-abr-ibr-audio/6118481981501908.mpd?ccb=2-4&ms=m_CTPA&sc_t=1&oh=00_AT81n7z23hug2t39H-hzMs_Y1Fr-bsplBGQRSo5BGEDUCw&oe=633B9D68 HTTP/1.1
Host: video-arn2-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
etag: db4f0403b14eb0a78c0129d42f44c889
x-fb-content-creation-ts: 1664749349
content-type: application/dash+xml
x-fb-latest-segment-ts: 2498173
content-encoding: gzip
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fb-origin-hit: 1
cache-control: max-age=1
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms
content-length: 1652
x-fb-trip-id: 436667874
date: Sun, 02 Oct 2022 22:22:29 GMT
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
access-control-allow-origin: https://www.facebook.com
vary: Origin, Origin
X-Firefox-Spdy: h2
video-arn2-1.xx.fbcdn.net/hvideo-nao-eag/_nc_cat-1/_nc_sr_t-4/v/rfYbj7B5692J9wiAzVZjH/_nc_ohc-AXxLXwOoOTEAX97Ap0Q/live-dash/dash-lp-qd-a/6118481981501908_0-init.m4a?ms=m_C&ccb=2-4&sc_t=1
31.13.72.14200 OK 598 B URL HTTP/2 video-arn2-1.xx.fbcdn.net/hvideo-nao-eag/_nc_cat-1/_nc_sr_t-4/v/rfYbj7B5692J9wiAzVZjH/_nc_ohc-AXxLXwOoOTEAX97Ap0Q/live-dash/dash-lp-qd-a/6118481981501908_0-init.m4a?ms=m_C&ccb=2-4&sc_t=1
IP 31.13.72.14:0
File type ISO Media, MP4 Base Media v6 \012- data
Hash f630991901da89a0f04475e0f7a267c8
9a73fcc11114bcb3f0ab98c4a77921768dc9de8f
650c5f605c2706575823936c7fa0ee6026089b324d5fcd2d873b96d40f5307e6
GET /hvideo-nao-eag/_nc_cat-1/_nc_sr_t-4/v/rfYbj7B5692J9wiAzVZjH/_nc_ohc-AXxLXwOoOTEAX97Ap0Q/live-dash/dash-lp-qd-a/6118481981501908_0-init.m4a?ms=m_C&ccb=2-4&sc_t=1 HTTP/1.1
Host: video-arn2-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: video/mp4
etag: a189801c59d5b77e297b4f8bc4b1ca15
x-fb-video-livetrace-encoding: dash-lp-qd
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fb-origin-hit: 1
cache-control: max-age=900
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms
content-length: 598
x-fb-trip-id: 436667874
x-fb-response-time-ms: 1
date: Sun, 02 Oct 2022 22:22:30 GMT
x-fb-video-livetrace-parentsource: CDN:elb:H:arn2c01:dash-lp-qd:6408
x-fb-edge-hit: 1
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-arn2-1.xx.fbcdn.net/hvideo-nao-eag/_nc_cat-1/_nc_sr_t-4/v/rfYbj7B5692J9wiAzVZjH/_nc_ohc-AXxLXwOoOTEAX97Ap0Q/live-dash/dash-lp-hd1-v/6118481981501908_0-init.m4v?ms=m_C&ccb=2-4&sc_t=1
31.13.72.14200 OK 660 B URL HTTP/2 video-arn2-1.xx.fbcdn.net/hvideo-nao-eag/_nc_cat-1/_nc_sr_t-4/v/rfYbj7B5692J9wiAzVZjH/_nc_ohc-AXxLXwOoOTEAX97Ap0Q/live-dash/dash-lp-hd1-v/6118481981501908_0-init.m4v?ms=m_C&ccb=2-4&sc_t=1
IP 31.13.72.14:0
File type ISO Media, MP4 Base Media v6 \012- data
Hash edbec4c978836130dda0c4ee99c2351e
c55c7f7b468bed08682b11128d3a6695ec65a6bb
06d48014fc685c071c3f7fc05ecefb0642fc36513ebfd9d4c602544224300ba6
GET /hvideo-nao-eag/_nc_cat-1/_nc_sr_t-4/v/rfYbj7B5692J9wiAzVZjH/_nc_ohc-AXxLXwOoOTEAX97Ap0Q/live-dash/dash-lp-hd1-v/6118481981501908_0-init.m4v?ms=m_C&ccb=2-4&sc_t=1 HTTP/1.1
Host: video-arn2-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: video/mp4
etag: 400fc35173f97082f0a56076d9092463
x-fb-video-livetrace-encoding: dash-lp-hd1
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fb-origin-hit: 1
cache-control: max-age=900
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms
content-length: 660
x-fb-trip-id: 436667874
x-fb-response-time-ms: 0
date: Sun, 02 Oct 2022 22:22:30 GMT
x-fb-video-livetrace-parentsource: CDN:elb:H:arn2c01:dash-lp-hd1:6410
x-fb-edge-hit: 1
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-arn2-1.xx.fbcdn.net/hvideo-nao-eag/_nc_cat-1/_nc_sr_t-4/v/rfYbj7B5692J9wiAzVZjH/_nc_ohc-AXxLXwOoOTEAX97Ap0Q/live-dash/dash-lp-qd-a/6118481981501908_0-2494173.m4a?ms=m_C&ccb=2-4&sc_t=1
31.13.72.14200 OK 25 kB URL HTTP/2 video-arn2-1.xx.fbcdn.net/hvideo-nao-eag/_nc_cat-1/_nc_sr_t-4/v/rfYbj7B5692J9wiAzVZjH/_nc_ohc-AXxLXwOoOTEAX97Ap0Q/live-dash/dash-lp-qd-a/6118481981501908_0-2494173.m4a?ms=m_C&ccb=2-4&sc_t=1
IP 31.13.72.14:0
Hash ec9d0f90df1ddbc9cdc2bca630aa8134
fd940574c93ae984368a3ec1d9fb9a6d33cb0127
5a34ae248bb93bb77f45f81fb962a80816c5ae30ed0e9906393846373d3d8094
GET /hvideo-nao-eag/_nc_cat-1/_nc_sr_t-4/v/rfYbj7B5692J9wiAzVZjH/_nc_ohc-AXxLXwOoOTEAX97Ap0Q/live-dash/dash-lp-qd-a/6118481981501908_0-2494173.m4a?ms=m_C&ccb=2-4&sc_t=1 HTTP/1.1
Host: video-arn2-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: video/mp4
etag: 4a0cef98a4edabd485ec0f89b6d2aa5a
x-fb-video-livetrace-encoding: dash-lp-qd
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fb-origin-hit: 1
cache-control: max-age=900
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms
content-length: 24846
x-fb-trip-id: 436667874
x-fb-response-time-ms: 0
date: Sun, 02 Oct 2022 22:22:30 GMT
x-fb-video-livetrace-parentsource: CDN:elb:H:arn2c01:dash-lp-qd:5612
x-fb-edge-hit: 1
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-arn2-1.xx.fbcdn.net/hvideo-nao-eag/_nc_cat-1/_nc_sr_t-4/v/rfYbj7B5692J9wiAzVZjH/_nc_ohc-AXxLXwOoOTEAX97Ap0Q/live-dash/dash-lp-hd1-v/6118481981501908_0-2494173.m4v?ms=m_C&ccb=2-4&sc_t=1
31.13.72.14200 OK 213 kB URL HTTP/2 video-arn2-1.xx.fbcdn.net/hvideo-nao-eag/_nc_cat-1/_nc_sr_t-4/v/rfYbj7B5692J9wiAzVZjH/_nc_ohc-AXxLXwOoOTEAX97Ap0Q/live-dash/dash-lp-hd1-v/6118481981501908_0-2494173.m4v?ms=m_C&ccb=2-4&sc_t=1
IP 31.13.72.14:0
Size 213 kB (213374 bytes)
Hash f2b3a135885a8c36eb675ac650b9c459
0bf21b9d338e5dbc105b23a91d254f1b610f2c37
90c0acac50bc13daa89585258ee923aeebdf457cee4805520a23922512a92638
GET /hvideo-nao-eag/_nc_cat-1/_nc_sr_t-4/v/rfYbj7B5692J9wiAzVZjH/_nc_ohc-AXxLXwOoOTEAX97Ap0Q/live-dash/dash-lp-hd1-v/6118481981501908_0-2494173.m4v?ms=m_C&ccb=2-4&sc_t=1 HTTP/1.1
Host: video-arn2-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: video/mp4
etag: 7898cba7445f17915d3a6811c05fba63
x-fb-video-livetrace-encoding: dash-lp-hd1
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fb-origin-hit: 1
cache-control: max-age=900
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms
content-length: 213374
x-fb-trip-id: 436667874
x-fb-response-time-ms: 2
date: Sun, 02 Oct 2022 22:22:30 GMT
x-fb-video-livetrace-parentsource: CDN:elb:H:arn2c01:dash-lp-hd1:5720
x-fb-edge-hit: 1
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vs.javcosplay.com/sts/?eu=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1112479266056731%2F&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=61101&p=0.0800&oid=2384380&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750705&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749346&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&type=view
62.122.173.28200 OK 2 B URL HTTP/2 vs.javcosplay.com/sts/?eu=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1112479266056731%2F&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=61101&p=0.0800&oid=2384380&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750705&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749346&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&type=view
IP 62.122.173.28:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /sts/?eu=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1112479266056731%2F&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=61101&p=0.0800&oid=2384380&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750705&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749346&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&type=view HTTP/1.1
Host: vs.javcosplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promotion-doctor.xyz
Connection: keep-alive
Referer: https://promotion-doctor.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 02 Oct 2022 22:22:29 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: 1077.0=1; expires=Mon, 03 Oct 2022 22:22:29 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8c665d81a8995febfec300bd9f554c90
aa3599f282cff5e07d5681ec4854b70a82590f6d
57cd30b987eb23f54208b51c04daefd3657fdd84325f4035817b32e4ad5b5461
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/a336babc/www-player.css
142.250.74.174200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/a336babc/www-player.css
IP 142.250.74.174:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 599595edb4b579af72ce667c0ca1f62d
40a8d3ee3fef3295d5021544b7c75f06dc6f3598
bc90c7ea4e282dcaa0f347b0717f317c089fda4e586c41a72ec78d8a9209c462
GET /s/player/a336babc/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Hb-yx5oIr1Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49958
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 14:56:23 GMT
expires: Fri, 29 Sep 2023 14:56:23 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 Sep 2022 00:20:07 GMT
content-type: text/css
age: 285967
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/Hb-yx5oIr1Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
142.250.74.174200 OK 125 kB URL HTTP/2 www.youtube.com/embed/Hb-yx5oIr1Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58646)
Size 125 kB (124734 bytes)
Hash 1af985f6c2e6a1dc7038f97c38dcbdc2
46f86ad94769240e8543062c439688a9b5a56b5a
b9c067ab3b869794f9ad5c20b27a55a16804cfac162676ea2c240f4d0fe6f93d
GET /embed/Hb-yx5oIr1Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 02 Oct 2022 22:22:30 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=G_B9y_eAbDg; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=9dXwGfpN954; Domain=.youtube.com; Expires=Fri, 31-Mar-2023 22:22:30 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+843; expires=Tue, 01-Oct-2024 22:22:30 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/a336babc/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.174200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/a336babc/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.174:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/a336babc/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Hb-yx5oIr1Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 20:18:37 GMT
expires: Sun, 01 Oct 2023 20:18:37 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 Sep 2022 00:20:07 GMT
content-type: text/javascript
age: 93833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/v3.2/plugins/video.php?app_id&autoplay=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df361abf05a0104e%26domain%3Dpromotion-doctor.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpromotion-doctor.xyz%252Ff18de967b9004fe%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1112479266056731%2F&locale=en_US&sdk=joey&show_text=false&width=500&_rdc=1&_rdr
31.13.72.36200 OK 49 kB URL HTTP/2 www.facebook.com/v3.2/plugins/video.php?app_id&autoplay=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df361abf05a0104e%26domain%3Dpromotion-doctor.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpromotion-doctor.xyz%252Ff18de967b9004fe%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1112479266056731%2F&locale=en_US&sdk=joey&show_text=false&width=500&_rdc=1&_rdr
IP 31.13.72.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (38906)
Hash 724ff62062d6276b321c5ba3f42d1d9e
5f4db87cefaf1215a889aa93d542e10d56f22e85
78ea74c1ad2d6d219da8855d631af788c336f35399ddc72347bdffaeff250e88
GET /v3.2/plugins/video.php?app_id&autoplay=false&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df361abf05a0104e%26domain%3Dpromotion-doctor.xyz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpromotion-doctor.xyz%252Ff18de967b9004fe%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwatersedgechurch%2Fvideos%2F1112479266056731%2F&locale=en_US&sdk=joey&show_text=false&width=500&_rdc=1&_rdr HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promotion-doctor.xyz/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v8.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: jYY0D2Rvlw+Dl2YdWai9UA6wPqF13QPQ3QDU9guh9N+NilznkLQtFDAl+7a5dTMCjsuJ2n0NbrJrSrS8rvGAQA==
date: Sun, 02 Oct 2022 22:22:28 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 02b6db128321bff030b71b4a7aec97c8
3fa28f98c33eee6147a0ed4b521034369ad58887
ed279a4cf51d626fbd1d6ed7bf55f8f3b47a277fc1ac51eabf2777cbd09ce699
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 22:07:31 GMT
expires: Sun, 02 Oct 2022 22:22:31 GMT
cache-control: public, max-age=900
age: 899
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.98302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 02 Oct 2022 22:22:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 02 Oct 2022 22:22:30 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 02b6db128321bff030b71b4a7aec97c8
3fa28f98c33eee6147a0ed4b521034369ad58887
ed279a4cf51d626fbd1d6ed7bf55f8f3b47a277fc1ac51eabf2777cbd09ce699
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a4733250d85b1a109378b19742f64f89
8f01f3ddc1443f812893b922467e2812fbd0cd11
7918adc2dac65ffafeb781c36dc089277bcb814cf9626b3484aabb6e3ac1b727
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 02 Oct 2022 22:22:30 GMT
server: ESF
cache-control: private
content-length: 31016
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id?slf_rd=1
142.250.74.98200 OK 120 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id?slf_rd=1
IP 142.250.74.98:0
Hash 1282c832b1f57d748bfea5c96c30285d
890648ea297679b7c1175b814f78082289647cf6
c127977c1a86f888587dc24edfdaf5fb51fcd38b6d77e7d13c2d9c8cf5c3eb60
GET /pagead/id?slf_rd=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Referer: https://www.youtube.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-type: application/json; charset=UTF-8
date: Sun, 02 Oct 2022 22:22:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/Hcr64QAwIRKucXabZ_ljHZsUL-jvGVQRbc2TQj2ICa8IQjaI69uEMl2nT_Ny1WVRgvFoj6lnWw=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 4.1 kB URL HTTP/2 yt3.ggpht.com/Hcr64QAwIRKucXabZ_ljHZsUL-jvGVQRbc2TQj2ICa8IQjaI69uEMl2nT_Ny1WVRgvFoj6lnWw=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 80ec873526859f17541f7c4bb5123a1d
7738e649306178c5db11d31c7c4f4e08b1fb37ce
da4be9d94bac080f84197738c4b42e3da9a53ae849baa2b9467fa6df639c2b45
GET /Hcr64QAwIRKucXabZ_ljHZsUL-jvGVQRbc2TQj2ICa8IQjaI69uEMl2nT_Ny1WVRgvFoj6lnWw=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4051
x-xss-protection: 0
date: Sun, 02 Oct 2022 21:55:08 GMT
expires: Thu, 01 Sep 2022 10:44:57 GMT
cache-control: public, max-age=86400, no-transform
age: 1642
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:22:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vs.javcosplay.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FHb-yx5oIr1Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60818&p=0.0900&oid=2384381&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750763&vi=Hb-yx5oIr1Y&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749347&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&type=error
62.122.173.28200 OK 2 B URL HTTP/2 vs.javcosplay.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FHb-yx5oIr1Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60818&p=0.0900&oid=2384381&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750763&vi=Hb-yx5oIr1Y&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749347&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&type=error
IP 62.122.173.28:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FHb-yx5oIr1Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.javcosplay.com%2Fsts%2F&pid=60818&p=0.0900&oid=2384381&sp=0.004235&spp=1000&se=impression&ru=https%3A%2F%2Ftb.baimgfroggd.site%2Fin%2F1816%2F%3Fkatds_norep%3D1%26katds_nothrottle%3D1%26katds_nocountuniq%3D1%26katds_response%3Dpix&ab=1664750763&vi=Hb-yx5oIr1Y&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1664749347&utm1=tcb&utm2=798348204-1&utm3=195-21720-0&utm4=0-9529916-14&type=error HTTP/1.1
Host: vs.javcosplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promotion-doctor.xyz
Connection: keep-alive
Referer: https://promotion-doctor.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 02 Oct 2022 22:22:31 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: 1077.0=1; expires=Mon, 03 Oct 2022 22:22:29 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 02 Oct 2022 22:22:31 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash efe1003cb346b706b2e770a43a5e7141
813c05c1f164160e621d9d7d446209014344871e
095b06236810388ac60a6d5e2b9a85679ab8a2bc766b460abf2914861e37745f
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1131
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 02 Oct 2022 22:22:31 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.amaporn.com/static/styles/all-responsive-white.css?v=7.6.7
172.67.191.97200 OK 0 B URL HTTP/2 www.amaporn.com/static/styles/all-responsive-white.css?v=7.6.7
IP 172.67.191.97:0
GET /static/styles/all-responsive-white.css?v=7.6.7 HTTP/1.1
Host: www.amaporn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:22 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=229331
etag: W/"61014d15-37fd3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 28 Jul 2021 12:27:01 GMT
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 1345899
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p15WcoC%2FHUcrgEsnVz8jWZb8ATQ%2BpcCdscdC9wPzD3%2B7X0%2BdCepaAotNgPk%2BXE4JATO6ju9PGsF8kwf5Pv%2F8AHXLxsSXHeEd070%2FbhrOYbNObosvRHJwr9Q8HyZsnvy55LY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7540d61eb9560b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
91e3ea15d5.a196ff0acd.com/35cd1496ff54f4d512266af944356a12.js
45.133.44.24200 OK 0 B URL HTTP/2 91e3ea15d5.a196ff0acd.com/35cd1496ff54f4d512266af944356a12.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /35cd1496ff54f4d512266af944356a12.js HTTP/1.1
Host: 91e3ea15d5.a196ff0acd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:23 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 13 Sep 2022 12:49:57 GMT
etag: W/"63207c75-d220"
content-encoding: gzip
expires: Sun, 02 Oct 2022 22:27:23 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.amaporn.com/static/images/fonts/icomoon.ttf?nddhpi2
172.67.191.97200 OK 0 B URL HTTP/2 www.amaporn.com/static/images/fonts/icomoon.ttf?nddhpi2
IP 172.67.191.97:0
GET /static/images/fonts/icomoon.ttf?nddhpi2 HTTP/1.1
Host: www.amaporn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.amaporn.com
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:22 GMT
content-type: application/font-sfnt
last-modified: Sat, 28 Nov 2020 13:44:00 GMT
etag: W/"6484-5b52af830dcab"
strict-transport-security: max-age=31536000;
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4Am8%2F0wE3FF9ju1Qr6xZGjF7Z91Kel2EVEri7%2FPtpCiKEv7LNksglttqR2WfelGqDvyuLxZSHaLYbwjNkyuUjSK%2BcRPG%2FCAx4YR6jxmxFGlLLkW8lMBUvihmntgpKgWDD4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7540d61eac7cb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
91e3ea15d5.a196ff0acd.com/6eb9873bbae7a03db8f25b59bb9b1df9.js
45.133.44.24200 OK 0 B URL HTTP/2 91e3ea15d5.a196ff0acd.com/6eb9873bbae7a03db8f25b59bb9b1df9.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /6eb9873bbae7a03db8f25b59bb9b1df9.js HTTP/1.1
Host: 91e3ea15d5.a196ff0acd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:23 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 28 Sep 2022 10:26:58 GMT
etag: W/"63342172-419b3"
content-encoding: gzip
expires: Sun, 02 Oct 2022 22:27:23 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.cabnnr.com/banner-admanager/build.m.js
45.133.44.24200 OK 0 B URL HTTP/2 js.cabnnr.com/banner-admanager/build.m.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /banner-admanager/build.m.js HTTP/1.1
Host: js.cabnnr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amaporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:23 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 29 Sep 2022 09:55:59 GMT
etag: W/"63356baf-b405"
content-encoding: gzip
expires: Sun, 02 Oct 2022 22:27:23 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
91e3ea15d5.a196ff0acd.com/a7bb55f62792a25671cd18955483dafb.js
45.133.44.24200 OK 0 B URL HTTP/2 91e3ea15d5.a196ff0acd.com/a7bb55f62792a25671cd18955483dafb.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /a7bb55f62792a25671cd18955483dafb.js HTTP/1.1
Host: 91e3ea15d5.a196ff0acd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.amaporn.com
Connection: keep-alive
Referer: http://www.amaporn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:22:22 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 30 Sep 2022 10:01:06 GMT
etag: W/"6336be62-15b3d"
content-encoding: gzip
expires: Sun, 02 Oct 2022 22:27:22 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.youtube.com/s/player/a336babc/player_ias.vflset/en_US/base.js
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/s/player/a336babc/player_ias.vflset/en_US/base.js
IP 142.250.74.174:0
GET /s/player/a336babc/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Hb-yx5oIr1Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 591812
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 03:08:55 GMT
expires: Sun, 01 Oct 2023 03:08:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 Sep 2022 00:20:07 GMT
content-type: text/javascript
age: 155615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2