datawav.club/bride-before-and-after-blowjob-tumblr
173.208.199.194301 Moved Permanently 178 B URL HTTP/1.1 datawav.club/bride-before-and-after-blowjob-tumblr
IP 173.208.199.194:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Malware
GET /bride-before-and-after-blowjob-tumblr HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 25 Nov 2022 11:31:37 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://datawav.club/bride-before-and-after-blowjob-tumblr
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3945
Expires: Fri, 25 Nov 2022 12:37:22 GMT
Date: Fri, 25 Nov 2022 11:31:37 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3387
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:31:37 GMT
Etag: "637f47ef-1d7"
Last-Modified: Fri, 25 Nov 2022 10:35:10 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 11:17:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 851
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14607
Expires: Fri, 25 Nov 2022 15:35:04 GMT
Date: Fri, 25 Nov 2022 11:31:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EdkR7pVPZUdNkP6lePB3F/74bjHHKuLPRUwUaWuwVL38xvTOjWZISxcnKSNf8hfQV2qij5VY7XU=
x-amz-request-id: SDQ849EMKB37HX8J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 10:40:46 GMT
age: 3051
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:31:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2f810151556d4d3bf1ff9e24f4cf170
3cd824fd42179c4072c6bbdcc46b3d06f5eb097c
bd176e6de8b3280bb2962e89221f9f5bfe246e80ea5826ba1d1783052257fe60
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD176E6DE8B3280BB2962E89221F9F5BFE246E80EA5826BA1D1783052257FE60"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14350
Expires: Fri, 25 Nov 2022 15:30:47 GMT
Date: Fri, 25 Nov 2022 11:31:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 11:08:53 GMT
cache-control: public,max-age=3600
age: 1364
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
datawav.club/bride-before-and-after-blowjob-tumblr
173.208.199.194301 Moved Permanently 0 B URL HTTP/1.1 datawav.club/bride-before-and-after-blowjob-tumblr
IP 173.208.199.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /bride-before-and-after-blowjob-tumblr HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 25 Nov 2022 11:31:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Redirect-By: WordPress
Location: https://datawav.club/bride-before-and-after-blowjob-tumblr/
X-Cache-Status: HIT
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5804
Cache-Control: max-age=169917
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:31:38 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 10:43:35 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
datawav.club/bride-before-and-after-blowjob-tumblr/
173.208.199.194302 Found 1 B URL HTTP/1.1 datawav.club/bride-before-and-after-blowjob-tumblr/
IP 173.208.199.194:0
File type very short file (no magic)
Hash 7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
Analyzer Verdict Alert fortinet Malware
GET /bride-before-and-after-blowjob-tumblr/ HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 25 Nov 2022 11:31:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Redirect-By: WordPress
Location: /bride-before-and-after-blowjob-tumblr/?doing_wp_cron=1669227623.6975901126861572265625
X-Cache-Status: HIT
datawav.club/bride-before-and-after-blowjob-tumblr/?doing_wp_cron=1669227623.6975901126861572265625
173.208.199.194200 OK 13 kB URL HTTP/1.1 datawav.club/bride-before-and-after-blowjob-tumblr/?doing_wp_cron=1669227623.6975901126861572265625
IP 173.208.199.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 2e6b41811dec13c7978d42bcc21997c8
5abe7b8926718a075bfe461b90df53be2b412175
0ce62e22250119e153386029e6e54c5029a885b7f396a8ff30676ab2e9139cb2
Analyzer Verdict Alert fortinet Malware
GET /bride-before-and-after-blowjob-tumblr/?doing_wp_cron=1669227623.6975901126861572265625 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:31:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: <https://datawav.club/wp-json/>; rel="https://api.w.org/", <https://datawav.club/wp-json/wp/v2/posts/277343>; rel="alternate"; type="application/json", <https://datawav.club/?p=277343>; rel=shortlink
X-ElasticPress-Query: true
Content-Encoding: gzip
X-Cache-Status: HIT
push.services.mozilla.com/
52.39.62.124101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.62.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +nFGvLzthWznhO2Gh6E/ZA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: V+DDby2NwkH0pYgEuEn9eIf0zc0=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:31:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
datawav.club/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
173.208.199.194200 OK 12 kB URL HTTP/1.1 datawav.club/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 173.208.199.194:0
File type ASCII text, with very long lines (43771)
Hash 88f413500303dc21250157a6aa913a32
ca138ec102d96e6d7b30bf83b7dab60a16f0b5d6
65e072ca8d53bf38d5dde355a039a61f6c7204206a9a58ded75d2d2730cc0999
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/bride-before-and-after-blowjob-tumblr/?doing_wp_cron=1669227623.6975901126861572265625
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:31:38 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 06:31:23 GMT
Vary: Accept-Encoding
ETag: W/"630b0bbb-15b64"
Expires: Tue, 07 Nov 2023 08:22:15 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
X-Cache-Status: HIT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:31:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
datawav.club/wp-content/plugins/elasticpress/dist/css/related-posts-block-styles.min.css?ver=3.3
173.208.199.194200 OK 585 B URL HTTP/1.1 datawav.club/wp-content/plugins/elasticpress/dist/css/related-posts-block-styles.min.css?ver=3.3
IP 173.208.199.194:0
File type ASCII text, with very long lines (698)
Hash 4a29f243de4db57d16a28456bf19954a
894346c1a950364903cca4273974e0153dfa3b2d
861c2ef18073d68121f761bcf826617adf97a2d54629efb8b9ef7670a3f7d09c
GET /wp-content/plugins/elasticpress/dist/css/related-posts-block-styles.min.css?ver=3.3 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/bride-before-and-after-blowjob-tumblr/?doing_wp_cron=1669227623.6975901126861572265625
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:31:38 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 05:16:11 GMT
Vary: Accept-Encoding
ETag: W/"635f5a1b-399"
Expires: Tue, 07 Nov 2023 08:22:15 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
X-Cache-Status: HIT
datawav.club/wp-content/themes/wellington/js/navigation.js?ver=20160719
173.208.199.194200 OK 1.6 kB URL HTTP/1.1 datawav.club/wp-content/themes/wellington/js/navigation.js?ver=20160719
IP 173.208.199.194:0
File type ASCII text, with CRLF line terminators
Hash a73417e3fe8baa2f33f152e3bbc14097
622a93a734e15fc786f8f6887554c2c253028aad
8cb4ff8750d3f21e630c95a3c3ed5fc046e232b8c66c94c4580119bf4ae30c94
GET /wp-content/themes/wellington/js/navigation.js?ver=20160719 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/bride-before-and-after-blowjob-tumblr/?doing_wp_cron=1669227623.6975901126861572265625
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:31:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2017 08:17:29 GMT
Vary: Accept-Encoding
ETag: W/"58f47a19-1538"
Expires: Tue, 07 Nov 2023 08:22:15 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
X-Cache-Status: HIT
datawav.club/wp-content/themes/wellington/style.css?ver=1.0.6
173.208.199.194200 OK 9.1 kB URL HTTP/1.1 datawav.club/wp-content/themes/wellington/style.css?ver=1.0.6
IP 173.208.199.194:0
File type ASCII text, with very long lines (355), with CRLF line terminators
Hash dea6095724497c9701e5e96321ea6bd0
a4bd04afdf2ede1b155b87872a34d1c97e443fe2
7ba56aa8ba7a9708aa49cc91cdd1db8a177af6505a735e68fa2f85a7e51b3d4c
GET /wp-content/themes/wellington/style.css?ver=1.0.6 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/bride-before-and-after-blowjob-tumblr/?doing_wp_cron=1669227623.6975901126861572265625
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:31:38 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2017 08:17:29 GMT
Vary: Accept-Encoding
ETag: W/"58f47a19-c499"
Expires: Tue, 07 Nov 2023 08:22:15 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
X-Cache-Status: HIT
datawav.club/wp-content/themes/wellington/css/themezee-related-posts.css?ver=20160421
173.208.199.194200 OK 931 B URL HTTP/1.1 datawav.club/wp-content/themes/wellington/css/themezee-related-posts.css?ver=20160421
IP 173.208.199.194:0
File type ASCII text, with CRLF line terminators
Hash 99fddbd49303e57f150b016c8714159d
ed798b602726b08ea1e331d61469aab3138a558c
c2345b323c0571f8d9c95256a1d44ceefd33a0791e786afe4a4a534060e3275f
GET /wp-content/themes/wellington/css/themezee-related-posts.css?ver=20160421 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/bride-before-and-after-blowjob-tumblr/?doing_wp_cron=1669227623.6975901126861572265625
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:31:38 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2017 08:17:29 GMT
Vary: Accept-Encoding
ETag: W/"58f47a19-1514"
Expires: Tue, 07 Nov 2023 08:22:17 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
X-Cache-Status: HIT
datawav.club/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
173.208.199.194200 OK 4.2 kB URL HTTP/1.1 datawav.club/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 173.208.199.194:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/bride-before-and-after-blowjob-tumblr/?doing_wp_cron=1669227623.6975901126861572265625
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:31:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 06:31:23 GMT
Vary: Accept-Encoding
ETag: W/"630b0bbb-2bd8"
Expires: Tue, 07 Nov 2023 08:22:15 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
X-Cache-Status: HIT
datawav.club/uomdacwoqbvxwxj.php
173.208.199.194200 OK 11 kB URL HTTP/1.1 datawav.club/uomdacwoqbvxwxj.php
IP 173.208.199.194:0
File type ASCII text, with very long lines (10335)
Hash 14abae8a24facdcc57f6490cec8ee3f6
1efbf03ac34f9027ab7acf347027ea6db52ce2d9
4716ecf44bceb9580e15bf0a8452a79a7b4adb11d21611c6a6711b0e5c685e1d
GET /uomdacwoqbvxwxj.php HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/bride-before-and-after-blowjob-tumblr/?doing_wp_cron=1669227623.6975901126861572265625
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:31:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
X-Cache-Status: HIT
datawav.club/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
173.208.199.194200 OK 5.0 kB URL HTTP/1.1 datawav.club/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 173.208.199.194:0
File type ASCII text, with very long lines (15660)
Hash 1b982d290af16dac5885f21a198aaa66
f847ca85d23c2f240938bbde0135f3de97925759
0b6e238cc0728a0bace390dfff472ff8bb5a5fd4714bcfcdac7c28621d67b8dc
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/bride-before-and-after-blowjob-tumblr/?doing_wp_cron=1669227623.6975901126861572265625
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:31:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 06:31:23 GMT
Vary: Accept-Encoding
ETag: W/"630b0bbb-48b9"
Expires: Tue, 07 Nov 2023 08:22:14 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
X-Cache-Status: HIT
datawav.club/wp-content/themes/wellington/css/genericons/genericons.css?ver=3.4.1
173.208.199.194200 OK 16 kB URL HTTP/1.1 datawav.club/wp-content/themes/wellington/css/genericons/genericons.css?ver=3.4.1
IP 173.208.199.194:0
File type ASCII text, with very long lines (18732), with CRLF line terminators
Hash f9330a5b1ff4bb3d35693982b212e4bd
c2c837ab1e60cfec1d60eaf6a1e2ecfcf8c7b884
3019eb8fd0dc294ad6c3cce11f5b7ae2f1bf72fe259dc2b54b625e74af4e33ee
GET /wp-content/themes/wellington/css/genericons/genericons.css?ver=3.4.1 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/bride-before-and-after-blowjob-tumblr/?doing_wp_cron=1669227623.6975901126861572265625
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:31:38 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2017 08:17:29 GMT
Vary: Accept-Encoding
ETag: W/"58f47a19-6f71"
Expires: Tue, 07 Nov 2023 08:22:15 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
X-Cache-Status: HIT
datawav.club/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
173.208.199.194200 OK 31 kB URL HTTP/1.1 datawav.club/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 173.208.199.194:0
File type ASCII text, with very long lines (65447)
Hash 7a6e4a1e4a67fac0cd39ca1dd1982f47
a8bf880e5db17a703293d5a3c92623a97d5a1df1
daf4bcb15594deb268cc05f030ccaf8dfe4acab417758dd16a6f3b2d86d2908f
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/bride-before-and-after-blowjob-tumblr/?doing_wp_cron=1669227623.6975901126861572265625
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 11:31:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 06:31:23 GMT
Vary: Accept-Encoding
ETag: W/"630b0bbb-15db1"
Expires: Tue, 07 Nov 2023 08:22:15 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
X-Cache-Status: HIT
i0.wp.com/40.media.tumblr.com/59587cd41ade5b7ad067b9f12b95cdf9/tumblr_n9y1ukSXZQ1rcar8oo1_1280.jpg
192.0.77.2200 OK 55 kB URL HTTP/2 i0.wp.com/40.media.tumblr.com/59587cd41ade5b7ad067b9f12b95cdf9/tumblr_n9y1ukSXZQ1rcar8oo1_1280.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x1334, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 03e555013fcf45ed8a141b2291c80ce3
1f4f85ad5cf41083170bf75c81102055cbedf01d
9ef43ad8bafec985054df0d21c1a573fdb924654ca11daa46bb35413aeb5421c
GET /40.media.tumblr.com/59587cd41ade5b7ad067b9f12b95cdf9/tumblr_n9y1ukSXZQ1rcar8oo1_1280.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:31:39 GMT
content-type: image/webp
content-length: 54722
last-modified: Thu, 03 Nov 2022 15:13:56 GMT
expires: Sun, 03 Nov 2024 03:13:56 GMT
cache-control: public, max-age=63115200
link: <http://40.media.tumblr.com/59587cd41ade5b7ad067b9f12b95cdf9/tumblr_n9y1ukSXZQ1rcar8oo1_1280.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "4e1584d700c6c134"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/www.nudeanddressed.com/xhdau/1439966097-shanelle-private-pics-dressed-and-undressed-amateur-mature/shanelle-private-pics-dressed-and-undressed-amateur-mature-16.jpg
192.0.77.2200 OK 50 kB URL HTTP/2 i0.wp.com/www.nudeanddressed.com/xhdau/1439966097-shanelle-private-pics-dressed-and-undressed-amateur-mature/shanelle-private-pics-dressed-and-undressed-amateur-mature-16.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x544, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8ca296f3ed6d4d566b3a0b890bd32ead
97828186eb701535552adcdcb4e2e5335526743d
95a5bce9a88e7c911cd570cee28c25e728cee5b860650e2626a76e8280f27ddc
GET /www.nudeanddressed.com/xhdau/1439966097-shanelle-private-pics-dressed-and-undressed-amateur-mature/shanelle-private-pics-dressed-and-undressed-amateur-mature-16.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:31:39 GMT
content-type: image/webp
content-length: 49778
last-modified: Wed, 23 Nov 2022 21:23:22 GMT
expires: Sat, 23 Nov 2024 09:23:22 GMT
cache-control: public, max-age=63115200
link: <http://www.nudeanddressed.com/xhdau/1439966097-shanelle-private-pics-dressed-and-undressed-amateur-mature/shanelle-private-pics-dressed-and-undressed-amateur-mature-16.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "c6301c5cc6153287"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
gnditiklas.com/solid.gif?z=1830123&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 gnditiklas.com/solid.gif?z=1830123&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1830123&abvar=0 HTTP/1.1
Host: gnditiklas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:31:39 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
i0.wp.com/i.mylust.com/videos_screenshots/259000/259532/preview.mp4.jpg
192.0.77.2200 OK 38 kB URL HTTP/2 i0.wp.com/i.mylust.com/videos_screenshots/259000/259532/preview.mp4.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 680x384, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2aa73aca8e54a08a4ff91bede9efadc1
ced986236bcb1bb6d27f7a58ea9d4c6b22e6f84b
f91bf81657f696025455827ff836a2098486c7f93bbe80bee2bea5caeb39bd0b
GET /i.mylust.com/videos_screenshots/259000/259532/preview.mp4.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:31:39 GMT
content-type: image/webp
content-length: 38236
last-modified: Fri, 18 Nov 2022 06:08:56 GMT
expires: Sun, 17 Nov 2024 18:08:56 GMT
cache-control: public, max-age=63115200
link: <http://i.mylust.com/videos_screenshots/259000/259532/preview.mp4.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "c83c86643f05c5d1"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/wifebucket.com/fhg/photo/p10/p10-432-nude-amateur-wives/02.jpg
192.0.77.2200 OK 665 kB URL HTTP/2 i0.wp.com/wifebucket.com/fhg/photo/p10/p10-432-nude-amateur-wives/02.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 665 kB (665422 bytes)
Hash 0a6b376920e6c68921ac2c8d63b13575
2443934d8b8d1383b3a529e24ffd1e70f3519310
d1fe92f951545714a6c041661e8def2ffcb8810c55df5f720c835c7a72888df2
GET /wifebucket.com/fhg/photo/p10/p10-432-nude-amateur-wives/02.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:31:39 GMT
content-type: image/webp
content-length: 665422
last-modified: Wed, 23 Nov 2022 21:23:21 GMT
expires: Sat, 23 Nov 2024 09:23:21 GMT
cache-control: public, max-age=63115200
link: <http://wifebucket.com/fhg/photo/p10/p10-432-nude-amateur-wives/02.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3cdba18a8d7a2873"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/s1.milffox.com/p/1/18/32507/pic3.jpg
192.0.77.2200 OK 132 kB URL HTTP/2 i2.wp.com/s1.milffox.com/p/1/18/32507/pic3.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 2495x1663, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 132 kB (132338 bytes)
Hash 7648762060f3e86119e8ab113467bb76
f9fc8afaf8121fc7080c5fa9ef7b7a0723d0c630
e9652896c3297879cfad56d9b065ad874e953ed71d9c5aa3cc4aa8feb6d49dfc
GET /s1.milffox.com/p/1/18/32507/pic3.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:31:39 GMT
content-type: image/webp
content-length: 132338
last-modified: Sat, 19 Nov 2022 21:06:20 GMT
expires: Tue, 19 Nov 2024 09:06:20 GMT
cache-control: public, max-age=63115200
link: <http://s1.milffox.com/p/1/18/32507/pic3.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "afe6b05166e9f5d3"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/albums193.zbporn.com/main/9998x9998/28000/28183/679419.jpg
192.0.77.2200 OK 100 kB URL HTTP/2 i2.wp.com/albums193.zbporn.com/main/9998x9998/28000/28183/679419.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x744, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 100 kB (100420 bytes)
Hash 52560c883eb8de3884dfad713c2a0a62
2ab69f8a939648e1d052e2a9d88c8ab21e0e4cd0
b11ecd6911520896e36c5c94fa32b8dae53361efc59b02a66d1d9c9b5c4e9c6a
GET /albums193.zbporn.com/main/9998x9998/28000/28183/679419.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:31:39 GMT
content-type: image/webp
content-length: 100420
last-modified: Sun, 30 Oct 2022 09:10:26 GMT
expires: Tue, 29 Oct 2024 21:10:26 GMT
cache-control: public, max-age=63115200
link: <http://albums193.zbporn.com/main/9998x9998/28000/28183/679419.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "832b858fc844e08e"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/www.b2wblog.com/wp-content/uploads/2012/02/One-interracial-cuckold-fantasy-590x428.jpg
192.0.77.2200 OK 23 kB URL HTTP/2 i2.wp.com/www.b2wblog.com/wp-content/uploads/2012/02/One-interracial-cuckold-fantasy-590x428.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 590x428, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3d537c73658ecf7d570b5bf1e770df88
e161a25592d82eaf81e21ce57491ed4074eef84f
ef46e57f85d605f8da4dfc45f321397030fb8f754c043b63a157ae28f46758bd
GET /www.b2wblog.com/wp-content/uploads/2012/02/One-interracial-cuckold-fantasy-590x428.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:31:39 GMT
content-type: image/webp
content-length: 23252
last-modified: Mon, 05 Sep 2022 20:54:49 GMT
expires: Thu, 05 Sep 2024 08:54:49 GMT
cache-control: public, max-age=63115200
link: <http://www.b2wblog.com/wp-content/uploads/2012/02/One-interracial-cuckold-fantasy-590x428.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "10124de6bad4ee22"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/2.bp.blogspot.com/-f-t59ZQ42Yw/Uu81KbdwMdI/AAAAAAAAHUM/YLFn93VhhrA/s1600/Real-Wives-Threesome.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i2.wp.com/2.bp.blogspot.com/-f-t59ZQ42Yw/Uu81KbdwMdI/AAAAAAAAHUM/YLFn93VhhrA/s1600/Real-Wives-Threesome.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /2.bp.blogspot.com/-f-t59ZQ42Yw/Uu81KbdwMdI/AAAAAAAAHUM/YLFn93VhhrA/s1600/Real-Wives-Threesome.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 25 Nov 2022 11:31:39 GMT
content-type: text/html
content-length: 138
location: https://2.bp.blogspot.com/-f-t59ZQ42Yw/Uu81KbdwMdI/AAAAAAAAHUM/YLFn93VhhrA/s1600/Real-Wives-Threesome.jpg
x-nc: EXPIRED arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/31.media.tumblr.com/tumblr_m4sscfRsZd1rxn6l1o1_1280.png
192.0.77.2200 OK 578 kB URL HTTP/2 i2.wp.com/31.media.tumblr.com/tumblr_m4sscfRsZd1rxn6l1o1_1280.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 578 kB (578166 bytes)
Hash 52e27d34a71969264511c28a28ffda2a
511a59ccdb5c28ef6b6b4c6a6ca01ff8c6c9480f
85ba02a6e729729bde8311b9f5da75233a0968fddb17f73526dc0c159ed10329
GET /31.media.tumblr.com/tumblr_m4sscfRsZd1rxn6l1o1_1280.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:31:39 GMT
content-type: image/webp
content-length: 578166
last-modified: Sun, 13 Nov 2022 20:03:58 GMT
expires: Wed, 13 Nov 2024 08:03:58 GMT
cache-control: public, max-age=63115200
link: <http://31.media.tumblr.com/tumblr_m4sscfRsZd1rxn6l1o1_1280.png>; rel="canonical"
x-content-type-options: nosniff
etag: "0fd8ab4667e6ba8f"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 6ade2ab8c2676b94f2d305d43b88012a
71d50d2093a470aef7cb198b7e98514a358be039
ad45b30e276d86a31608834cb21c21791ac8538bf230477e9be4767b446934e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2121
Cache-Control: max-age=125563
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:31:39 GMT
Etag: "637fe6cd-118"
Expires: Sat, 26 Nov 2022 22:24:22 GMT
Last-Modified: Thu, 24 Nov 2022 21:49:01 GMT
Server: ECS (amb/6B75)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:31:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:31:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:31:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2
216.58.207.195200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7908, version 1.0\012- data
Hash 15d9bbcfbc1d668a43c85d156d23262b
c436963710c58453c4ae27e66c051e85c084cd49
6db83475c4b6e3bcd2df60ca7afcedabc5140c3b55c9a6bb0ca636c5b6438e5f
GET /s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datawav.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 00:26:05 GMT
expires: Sat, 25 Nov 2023 00:26:05 GMT
cache-control: public, max-age=31536000
age: 39934
last-modified: Thu, 21 Apr 2022 16:47:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2
216.58.207.195200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7920, version 1.0\012- data
Hash 797ad5f8d84a297ab16f9a9c983adfc2
af074543e3bbd78e086cefa983867e0936515c41
e0037277509761be84d1c44b520649c2363df89e00568561ebf015cb3cedc91a
GET /s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datawav.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 20:56:34 GMT
expires: Fri, 24 Nov 2023 20:56:34 GMT
cache-control: public, max-age=31536000
age: 52505
last-modified: Thu, 21 Apr 2022 16:51:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/magra/v14/uK_w4ruaZus72nbNDycQGvo.woff2
216.58.207.195200 OK 9.4 kB URL HTTP/2 fonts.gstatic.com/s/magra/v14/uK_w4ruaZus72nbNDycQGvo.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9436, version 1.0\012- data
Hash 267ecd80d0d89a255f676a8b3cce0db0
215515b0a5be67a4d9c980e8926231225b036ef6
c4920b39f85de27baf31e69b334cdf828ec2875ac4ec3a4a2d7a2e52773f7e79
GET /s/magra/v14/uK_w4ruaZus72nbNDycQGvo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datawav.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 22:22:31 GMT
expires: Wed, 22 Nov 2023 22:22:31 GMT
cache-control: public, max-age=31536000
age: 220148
last-modified: Tue, 26 Apr 2022 15:28:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0754a39846284dd8d4fbfe285a83a6b0
d4deed21378a63659bb0bbf0ab636f838e2fe745
e0f3d9d5e8eef220c221b3002bbf14e86d56c841e9e5bfea2ed83a3b5fbb26cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:31:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:31:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wankgod.com/links-en.php?&jl=5
104.21.72.209200 OK 478 B URL HTTP/2 wankgod.com/links-en.php?&jl=5
IP 104.21.72.209:0
File type ASCII text, with very long lines (317)
Hash a2c9045687de78a17e223f75895a095c
01fcc6f421ece680356e46fb786b2e9abdfc1291
e012acdf1bb2b6a7f3d21d69a630e8a2757ebd8cd4c554b3c194c400c07a0314
GET /links-en.php?&jl=5 HTTP/1.1
Host: wankgod.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:31:39 GMT
content-type: application/javascript
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8hpaSF8fuCnvNP%2FsHlBCAVS315fxStMvUjRoSHnqRTeFbe%2BzxDgbTxHPMFPumEQLKzNrVf3mbYRegBHvY0a7WYy0zCi7NHZT%2F1ZiHuzxOVOHb2oMkQlgZ5%2BY%2FnWCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fa0f29ecdb1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blockadsnot.com/native.history.min.js
185.76.9.21200 OK 9.2 kB URL HTTP/2 www.blockadsnot.com/native.history.min.js
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Hash 2dd883dab1fad6042673722727e1a4cc
02e9bf0deb6f0491974991a2fc316e5e093b3616
1ac106182a5decf33d98cc33379d1f0607ddf461ea77c3476338602a44c95cf6
GET /native.history.min.js HTTP/1.1
Host: www.blockadsnot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:31:39 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
expires: Fri, 25 Nov 2022 21:00:50 GMT
access-control-allow-origin: *
link: <https://blockadsnot.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1669410050
server: CDN77-Turbo
x-77-nzt: AblMCRSyCor/GbUIAA
x-77-nzt-ray: af585630439e0e339ba780631e76160a
x-cache: HIT
x-age: 570649
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:31:39 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://datawav.club
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa0f2c0b1b0b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12021
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 11:31:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12021
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 11:31:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12021
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 11:31:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12021
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 11:31:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12021
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 11:31:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 25719
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NntLZ3wUdcX9kEo-afFLU0TPKgqAlSK3bToNh2mmoqoyLBJINNk7ow==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:39 GMT
age: 49020
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:53 GMT
age: 49426
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 8f679d7f-2ea5-4e47-b78d-79af59435a62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFPHYHkAIAMFpBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec562-26108a785e910dc3355d58f1;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:14:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NKwpIdw2RZNZNh69AF5GNvunA_QfRGClvzcRP3zYwn7c8BLBlt097g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:46:20 GMT
age: 13519
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8784bb7a8b88736a6016f712e3183bf3
b0ddc1555d2506177adcdcea77864d75f1245d07
8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 49014
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f6292a2988fb4505d0098553b8e99ddc
9b8aafcda0e22edcc16d3048f4b88659d3b42419
16b7b473229c5e519ab81b385c50277424f3f3b2a5d7647035e84ba58e44f3be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6385
x-amzn-requestid: 4c2a84f7-f038-4f5a-86c2-5c8ce1a48c6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cI5NVFMAoAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63803bee-45c6411c2430e2375f530dd8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 03:52:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fj82i9qJmEiUy2DOkkowq8WRyzupMwNyQqu110sJ3o72HEW4yb7bjQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:35:26 GMT
age: 14173
etag: "9b8aafcda0e22edcc16d3048f4b88659d3b42419"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
2.bp.blogspot.com/-f-t59ZQ42Yw/Uu81KbdwMdI/AAAAAAAAHUM/YLFn93VhhrA/s1600/Real-Wives-Threesome.jpg
142.250.74.161200 OK 56 kB URL HTTP/2 2.bp.blogspot.com/-f-t59ZQ42Yw/Uu81KbdwMdI/AAAAAAAAHUM/YLFn93VhhrA/s1600/Real-Wives-Threesome.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 500x500, components 3\012- data
Hash aeb9e3dce5aed4ca46d6cc1ec46f8f6d
ecb5cc578ca3b7858497680306b46b31873a4076
a09b88136530a736244cf273672e5bd5010d5ed04d852f2ff95f14c46e7b2b07
GET /-f-t59ZQ42Yw/Uu81KbdwMdI/AAAAAAAAHUM/YLFn93VhhrA/s1600/Real-Wives-Threesome.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datawav.club/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Real-Wives-Threesome.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 56320
x-xss-protection: 0
date: Fri, 25 Nov 2022 11:31:39 GMT
expires: Fri, 18 Nov 2022 22:07:20 GMT
cache-control: public, max-age=86400, no-transform
etag: "v281d"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:31:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://datawav.club
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
limurol.com/ssp/req/1830123/?pb=88fd76c447f542812e42e1815a506a291669383099&psp=6oNOO6LFx-QGdZn-VtTsK7Y8wJ_zOtdohNMK8Ha1UEdMDJzaj1fAxIopNvPi4PhllyjzKXav8akNxV9Bmat-Av3KHEaUa-Yr3L7Qi90dYksj5jWw14aYnC_pqrt1KhInfSG9u4U4i2kwoVtbavIdcXmaZyBmGOrZAlPoaUKnds1gm2knKaJzbp8VvjlcPArAWDEj2AIAG28ooGVSG9SOrHyN5amO_iOMnNI-T2T7DYhujiOplmscOj7l6ryya_jRAPo3wiGPPO4zqA_-thC89Rl9A-rtFWiCnrjxSpk2atcVuFTLzuF8IHRsCdVprlpXq8UCjP85Pa-qizVwgM1tg0eINrDxt4UcZsBCvjMZvF9zme8QfDeIQL9n70balTYBjJxncQXu_c6-A_MGU1uc4vA8jdth5qBZ-jjqra2PLfkjP2LBDQ6GUiMqGWDwUxDuPQiXN9aCPFkcu9QX7BXEX2C834jwyXHCp2R8xKcnQ-5tjINEZG96xTYkJchiPcAx8W_X_3uwluDJ4plvdpEDxZixO-DqSf8SMk8pwd5YPoDNiFLVi1Ph2Ixyo6lv3qIeji-U-5BGUeSQs6BCoyv0oQdVtZw6N7XNVc8SYOr8xlPplmI4s4oUV0xR7H6B&cb=_clhdymbxi06riy7n1394e6&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1830123/?pb=88fd76c447f542812e42e1815a506a291669383099&psp=6oNOO6LFx-QGdZn-VtTsK7Y8wJ_zOtdohNMK8Ha1UEdMDJzaj1fAxIopNvPi4PhllyjzKXav8akNxV9Bmat-Av3KHEaUa-Yr3L7Qi90dYksj5jWw14aYnC_pqrt1KhInfSG9u4U4i2kwoVtbavIdcXmaZyBmGOrZAlPoaUKnds1gm2knKaJzbp8VvjlcPArAWDEj2AIAG28ooGVSG9SOrHyN5amO_iOMnNI-T2T7DYhujiOplmscOj7l6ryya_jRAPo3wiGPPO4zqA_-thC89Rl9A-rtFWiCnrjxSpk2atcVuFTLzuF8IHRsCdVprlpXq8UCjP85Pa-qizVwgM1tg0eINrDxt4UcZsBCvjMZvF9zme8QfDeIQL9n70balTYBjJxncQXu_c6-A_MGU1uc4vA8jdth5qBZ-jjqra2PLfkjP2LBDQ6GUiMqGWDwUxDuPQiXN9aCPFkcu9QX7BXEX2C834jwyXHCp2R8xKcnQ-5tjINEZG96xTYkJchiPcAx8W_X_3uwluDJ4plvdpEDxZixO-DqSf8SMk8pwd5YPoDNiFLVi1Ph2Ixyo6lv3qIeji-U-5BGUeSQs6BCoyv0oQdVtZw6N7XNVc8SYOr8xlPplmI4s4oUV0xR7H6B&cb=_clhdymbxi06riy7n1394e6&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1830123/?pb=88fd76c447f542812e42e1815a506a291669383099&psp=6oNOO6LFx-QGdZn-VtTsK7Y8wJ_zOtdohNMK8Ha1UEdMDJzaj1fAxIopNvPi4PhllyjzKXav8akNxV9Bmat-Av3KHEaUa-Yr3L7Qi90dYksj5jWw14aYnC_pqrt1KhInfSG9u4U4i2kwoVtbavIdcXmaZyBmGOrZAlPoaUKnds1gm2knKaJzbp8VvjlcPArAWDEj2AIAG28ooGVSG9SOrHyN5amO_iOMnNI-T2T7DYhujiOplmscOj7l6ryya_jRAPo3wiGPPO4zqA_-thC89Rl9A-rtFWiCnrjxSpk2atcVuFTLzuF8IHRsCdVprlpXq8UCjP85Pa-qizVwgM1tg0eINrDxt4UcZsBCvjMZvF9zme8QfDeIQL9n70balTYBjJxncQXu_c6-A_MGU1uc4vA8jdth5qBZ-jjqra2PLfkjP2LBDQ6GUiMqGWDwUxDuPQiXN9aCPFkcu9QX7BXEX2C834jwyXHCp2R8xKcnQ-5tjINEZG96xTYkJchiPcAx8W_X_3uwluDJ4plvdpEDxZixO-DqSf8SMk8pwd5YPoDNiFLVi1Ph2Ixyo6lv3qIeji-U-5BGUeSQs6BCoyv0oQdVtZw6N7XNVc8SYOr8xlPplmI4s4oUV0xR7H6B&cb=_clhdymbxi06riy7n1394e6&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:31:39 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22112506311f31b3395d5b4c088f495ff740; Path=/; Expires=Sat, 25 Nov 2023 11:31:39 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0754a39846284dd8d4fbfe285a83a6b0
d4deed21378a63659bb0bbf0ab636f838e2fe745
e0f3d9d5e8eef220c221b3002bbf14e86d56c841e9e5bfea2ed83a3b5fbb26cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 11:31:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de213c2c26cf607adef68991823380b6
1ece612b83b1337da66a147fd213319d0da24ac2
5cbea6c7563210c36ee5d4e603971f207bc3e992644299d5e63b2fb14e942c30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CBEA6C7563210C36EE5D4E603971F207BC3E992644299D5E63B2FB14E942C30"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7675
Expires: Fri, 25 Nov 2022 13:39:34 GMT
Date: Fri, 25 Nov 2022 11:31:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e4187a43946d8ea5337bb1347757b7a6
05dd65dd513f85c93974052ac7fa227aaf250fe4
495169482368a285ec3b8581b00365be1dd6c011d0278437bc55be18a6231adf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "495169482368A285EC3B8581B00365BE1DD6C011D0278437BC55BE18A6231ADF"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9160
Expires: Fri, 25 Nov 2022 14:04:19 GMT
Date: Fri, 25 Nov 2022 11:31:39 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:25:47 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 524912613
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
limurol.com/ssp/req/1830123/?pb=88fd76c447f542812e42e1815a506a291669383099&psp=6oNOO6LFx-QGdZn-VtTsK7Y8wJ_zOtdohNMK8Ha1UEdMDJzaj1fAxIopNvPi4PhllyjzKXav8akNxV9Bmat-Av3KHEaUa-Yr3L7Qi90dYksj5jWw14aYnC_pqrt1KhInfSG9u4U4i2kwoVtbavIdcXmaZyBmGOrZAlPoaUKnds1gm2knKaJzbp8VvjlcPArAWDEj2AIAG28ooGVSG9SOrHyN5amO_iOMnNI-T2T7DYhujiOplmscOj7l6ryya_jRAPo3wiGPPO4zqA_-thC89Rl9A-rtFWiCnrjxSpk2atcVuFTLzuF8IHRsCdVprlpXq8UCjP85Pa-qizVwgM1tg0eINrDxt4UcZsBCvjMZvF9zme8QfDeIQL9n70balTYBjJxncQXu_c6-A_MGU1uc4vA8jdth5qBZ-jjqra2PLfkjP2LBDQ6GUiMqGWDwUxDuPQiXN9aCPFkcu9QX7BXEX2C834jwyXHCp2R8xKcnQ-5tjINEZG96xTYkJchiPcAx8W_X_3uwluDJ4plvdpEDxZixO-DqSf8SMk8pwd5YPoDNiFLVi1Ph2Ixyo6lv3qIeji-U-5BGUeSQs6BCoyv0oQdVtZw6N7XNVc8SYOr8xlPplmI4s4oUV0xR7H6B&cb=_clhdymbxi06riy7n1394e6&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1830123/?pb=88fd76c447f542812e42e1815a506a291669383099&psp=6oNOO6LFx-QGdZn-VtTsK7Y8wJ_zOtdohNMK8Ha1UEdMDJzaj1fAxIopNvPi4PhllyjzKXav8akNxV9Bmat-Av3KHEaUa-Yr3L7Qi90dYksj5jWw14aYnC_pqrt1KhInfSG9u4U4i2kwoVtbavIdcXmaZyBmGOrZAlPoaUKnds1gm2knKaJzbp8VvjlcPArAWDEj2AIAG28ooGVSG9SOrHyN5amO_iOMnNI-T2T7DYhujiOplmscOj7l6ryya_jRAPo3wiGPPO4zqA_-thC89Rl9A-rtFWiCnrjxSpk2atcVuFTLzuF8IHRsCdVprlpXq8UCjP85Pa-qizVwgM1tg0eINrDxt4UcZsBCvjMZvF9zme8QfDeIQL9n70balTYBjJxncQXu_c6-A_MGU1uc4vA8jdth5qBZ-jjqra2PLfkjP2LBDQ6GUiMqGWDwUxDuPQiXN9aCPFkcu9QX7BXEX2C834jwyXHCp2R8xKcnQ-5tjINEZG96xTYkJchiPcAx8W_X_3uwluDJ4plvdpEDxZixO-DqSf8SMk8pwd5YPoDNiFLVi1Ph2Ixyo6lv3qIeji-U-5BGUeSQs6BCoyv0oQdVtZw6N7XNVc8SYOr8xlPplmI4s4oUV0xR7H6B&cb=_clhdymbxi06riy7n1394e6&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1830123/?pb=88fd76c447f542812e42e1815a506a291669383099&psp=6oNOO6LFx-QGdZn-VtTsK7Y8wJ_zOtdohNMK8Ha1UEdMDJzaj1fAxIopNvPi4PhllyjzKXav8akNxV9Bmat-Av3KHEaUa-Yr3L7Qi90dYksj5jWw14aYnC_pqrt1KhInfSG9u4U4i2kwoVtbavIdcXmaZyBmGOrZAlPoaUKnds1gm2knKaJzbp8VvjlcPArAWDEj2AIAG28ooGVSG9SOrHyN5amO_iOMnNI-T2T7DYhujiOplmscOj7l6ryya_jRAPo3wiGPPO4zqA_-thC89Rl9A-rtFWiCnrjxSpk2atcVuFTLzuF8IHRsCdVprlpXq8UCjP85Pa-qizVwgM1tg0eINrDxt4UcZsBCvjMZvF9zme8QfDeIQL9n70balTYBjJxncQXu_c6-A_MGU1uc4vA8jdth5qBZ-jjqra2PLfkjP2LBDQ6GUiMqGWDwUxDuPQiXN9aCPFkcu9QX7BXEX2C834jwyXHCp2R8xKcnQ-5tjINEZG96xTYkJchiPcAx8W_X_3uwluDJ4plvdpEDxZixO-DqSf8SMk8pwd5YPoDNiFLVi1Ph2Ixyo6lv3qIeji-U-5BGUeSQs6BCoyv0oQdVtZw6N7XNVc8SYOr8xlPplmI4s4oUV0xR7H6B&cb=_clhdymbxi06riy7n1394e6&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:31:39 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22112506313ed2e18c5fa3418f8fe6e75018; Path=/; Expires=Sat, 25 Nov 2023 11:31:39 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
datawav.club/favicon.ico
173.208.199.194404 Not Found 184 B IP 173.208.199.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 8ea8556770bd53150ab76b23f87936a6
6c615fdc6839c5ed11a30ebc227646ac6aef493b
c4f8c99f5287623d6325502365d07eb6dc33d0c58c1c2def811f9b06ff7d68f0
GET /favicon.ico HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/bride-before-and-after-blowjob-tumblr/?doing_wp_cron=1669227623.6975901126861572265625
Cookie: a=KyZEJLCsJbBhA7v8y3o8e0DkuQmvRkXb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 25 Nov 2022 11:31:39 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5f77c832-f7"
Content-Encoding: gzip
eagqkfcpgsrw.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 eagqkfcpgsrw.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: eagqkfcpgsrw.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:31:39 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
adsco.re/p
162.252.214.5200 OK 172 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash ff543879a01e494fff6c165c54421577
2a265b0ac71f8579de6f81e886244c5374adf29c
be306a96ed3973aa8c64f34589e8c1d1bf84e050eac7e3d2676e7e7144e59ba8
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1978
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:31:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://datawav.club
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0a57a980ad62c1a1b7a78c437360f4c0
fad403ea4d9e1a880320dd93b50319ebb203cee1
28e3ca79d5926a23df04584dea6c930eb385a9af0c6fe54001d3fb8d34742513
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28E3CA79D5926A23DF04584DEA6C930EB385A9AF0C6FE54001D3FB8D34742513"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6038
Expires: Fri, 25 Nov 2022 13:12:18 GMT
Date: Fri, 25 Nov 2022 11:31:40 GMT
Connection: keep-alive
s4.histats.com/stats/0.php?3916601&@f16&@g1&@h1&@i1&@j1669375899347&@k0&@l1&@mBride%20Before%20And%20After%20Blowjob%20Tumblr&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-130190407&@b3:1669375899&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdatawav.club%2Fbride-before-and-after-blowjob-tumblr%2F%3Fdoing_wp_cron%3D1669227623.6975901126861572265625&@w
192.99.0.58200 OK 52 B URL HTTP/1.1 s4.histats.com/stats/0.php?3916601&@f16&@g1&@h1&@i1&@j1669375899347&@k0&@l1&@mBride%20Before%20And%20After%20Blowjob%20Tumblr&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-130190407&@b3:1669375899&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdatawav.club%2Fbride-before-and-after-blowjob-tumblr%2F%3Fdoing_wp_cron%3D1669227623.6975901126861572265625&@w
IP 192.99.0.58:0
File type ASCII text, with no line terminators
Hash 37fc22a7fab238f4ba8447d6385bae63
baa97ae8ad48988ed2e3a26121f75ea90b3ff18d
3d5fca7b69f095588a6edb99232f661b2ec0e40645e3f2c79c25cb814c08a25d
GET /stats/0.php?3916601&@f16&@g1&@h1&@i1&@j1669375899347&@k0&@l1&@mBride%20Before%20And%20After%20Blowjob%20Tumblr&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-130190407&@b3:1669375899&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdatawav.club%2Fbride-before-and-after-blowjob-tumblr%2F%3Fdoing_wp_cron%3D1669227623.6975901126861572265625&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:31:40 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash a09bf5c02b631d75b4bb86a509aa5d56
fc8b72292fcaa73696c82c9a493300a5dca26d73
50c38a86e8a24ddf2b3223445120622b90dc995807fbb1326a9d7a8d19b4b6e6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:31:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 01:12:43 GMT
Expires: Wed, 30 Nov 2022 01:12:42 GMT
Etag: "fc8b72292fcaa73696c82c9a493300a5dca26d73"
Cache-Control: max-age=394261,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fa0f317e2c1c02-OSL
blockadsnot.com/cGaX.aspx?_=BAYAY4CnnAFjgKecgAGBAsAAIFXfztLD_6lyt8Oh7Rb2fsNmRitfMJRg7I5AbOy5ErHswQBHMEUCIQDngM5k4eY2BMyx2jfKXRJQ0pyMPYYl8JNjL39qUZTJgwIgQz4VdunDVMV9PCF61-0rCdidaXNYW2BpIYPcirKDy9c&v=4&lCLZeMVN=1955226&minBid=&TzhjtnWQ=0,0&xncUVGJI=&KhZrmfdB=&s=1280,1024,1,1280,1024,0
208.95.112.254200 OK 44 B URL HTTP/2 blockadsnot.com/cGaX.aspx?_=BAYAY4CnnAFjgKecgAGBAsAAIFXfztLD_6lyt8Oh7Rb2fsNmRitfMJRg7I5AbOy5ErHswQBHMEUCIQDngM5k4eY2BMyx2jfKXRJQ0pyMPYYl8JNjL39qUZTJgwIgQz4VdunDVMV9PCF61-0rCdidaXNYW2BpIYPcirKDy9c&v=4&lCLZeMVN=1955226&minBid=&TzhjtnWQ=0,0&xncUVGJI=&KhZrmfdB=&s=1280,1024,1,1280,1024,0
IP 208.95.112.254:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /cGaX.aspx?_=BAYAY4CnnAFjgKecgAGBAsAAIFXfztLD_6lyt8Oh7Rb2fsNmRitfMJRg7I5AbOy5ErHswQBHMEUCIQDngM5k4eY2BMyx2jfKXRJQ0pyMPYYl8JNjL39qUZTJgwIgQz4VdunDVMV9PCF61-0rCdidaXNYW2BpIYPcirKDy9c&v=4&lCLZeMVN=1955226&minBid=&TzhjtnWQ=0,0&xncUVGJI=&KhZrmfdB=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: blockadsnot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Fri, 25 Nov 2022 11:31:40 GMT
X-Firefox-Spdy: h2
eagqkfcpgsrw.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 eagqkfcpgsrw.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: eagqkfcpgsrw.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 11:31:40 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
gnditiklas.com/get/1830123?zoneid=1830123&jp=_cl2ycfs7utdut8hyexxssw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=8272178543486539
62.122.171.6200 OK 0 B URL HTTP/2 gnditiklas.com/get/1830123?zoneid=1830123&jp=_cl2ycfs7utdut8hyexxssw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=8272178543486539
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1830123?zoneid=1830123&jp=_cl2ycfs7utdut8hyexxssw&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=8272178543486539 HTTP/1.1
Host: gnditiklas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:31:39 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=22112506315359992e982643e3b4cfcb209e; Path=/; Expires=Sat, 25 Nov 2023 11:31:39 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
c.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 11:31:39 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 26 Dec 2022 11:31:39 GMT
etag: W/"n/ARilLrRVDeZNVpaPOsXg=="
cf-cache-status: HIT
age: 501149
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fa0f2aeec2b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i1.wp.com/thefappening.pro/wp-content/uploads/2020/06/Riley-Anne-Nude-TheFappening-Pro-31-624x913.jpg
192.0.77.2403 Forbidden 0 B URL HTTP/2 i1.wp.com/thefappening.pro/wp-content/uploads/2020/06/Riley-Anne-Nude-TheFappening-Pro-31-624x913.jpg
IP 192.0.77.2:0
GET /thefappening.pro/wp-content/uploads/2020/06/Riley-Anne-Nude-TheFappening-Pro-31-624x913.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Fri, 25 Nov 2022 11:31:39 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 4
X-Firefox-Spdy: h2
js.juicyads.com/jp.php?c=446433y2r256r2x2t2f46384&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23datawav
143.204.55.12200 OK 0 B URL HTTP/2 js.juicyads.com/jp.php?c=446433y2r256r2x2t2f46384&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23datawav
IP 143.204.55.12:0
GET /jp.php?c=446433y2r256r2x2t2f46384&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23datawav HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
date: Fri, 25 Nov 2022 11:30:01 GMT
expires: Fri, 25 Nov 2022 11:45:01 GMT
pragma: cache
server: nginx
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5aaZeJWzUBK7gRfgG8LRHEAqGnqFCWRLkmD8gm1VWpt3mWtBtwiB9g==
age: 97
X-Firefox-Spdy: h2
gnditiklas.com/t/9/fret/meow4/1830123/brt.js
62.122.171.6200 OK 0 B URL HTTP/2 gnditiklas.com/t/9/fret/meow4/1830123/brt.js
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /t/9/fret/meow4/1830123/brt.js HTTP/1.1
Host: gnditiklas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 11:31:38 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-10f52"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Gudea%3A400%2C400italic%2C700%2C700italic%7CMagra%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Gudea%3A400%2C400italic%2C700%2C700italic%7CMagra%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext
IP 142.250.74.10:0
GET /css?family=Gudea%3A400%2C400italic%2C700%2C700italic%7CMagra%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 11:31:38 GMT
date: Fri, 25 Nov 2022 11:31:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2