Overview

URL javgg.net/jav/sdnm-355/
IP172.67.135.25
ASNCLOUDFLARENET
Location United States
Report completed2022-09-28 02:59:41 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-28 2 wtfdontblock.theporndudes.xyz/6J8hfA6.js Phishing
2022-09-28 2 notads.111supjavcom.xyz/api/click/18422595916118178095?c=90 Phishing
2022-09-28 2 cdn.barscreative1.com/sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/16137 (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-27 2 incomprehensibleacrid.com Sinkholed
2022-09-27 2 incomprehensibleacrid.com Sinkholed
2022-09-27 2 incomprehensibleacrid.com Sinkholed
2022-09-27 2 incomprehensibleacrid.com Sinkholed
2022-09-27 2 incomprehensibleacrid.com Sinkholed
2022-09-27 2 unseenreport.com Sinkholed
2022-09-27 2 incomprehensibleacrid.com Sinkholed
2022-09-27 2 incomprehensibleacrid.com Sinkholed


Files

No files detected



Passive DNS (62)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS javgg.net (44) 293169 2020-12-07 14:08:28 UTC 2022-09-28 02:47:19 UTC 172.67.135.25
mnemonic passive DNS syndication.realsrv.com (2) 9112 2019-07-03 21:39:52 UTC 2022-09-27 12:24:05 UTC 95.211.229.245
mnemonic passive DNS cdn.sb4you1.com (4) 22321 2021-09-16 11:26:58 UTC 2022-09-27 20:39:52 UTC 172.64.200.2
mnemonic passive DNS static.bookmsg.com (1) 47495 2020-11-24 14:56:32 UTC 2022-09-27 19:43:27 UTC 88.198.209.34
mnemonic passive DNS cdn.barscreative1.com (1) 25648 2021-09-16 11:14:42 UTC 2022-09-27 23:57:57 UTC 45.133.44.3
mnemonic passive DNS r3.o.lencr.org (18) 344 2020-12-02 08:52:13 UTC 2022-09-27 04:52:25 UTC 23.36.77.32
mnemonic passive DNS tsyndicate.com (2) 13042 2017-03-16 09:04:54 UTC 2022-09-27 23:03:56 UTC 136.243.69.157
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-27 22:17:28 UTC 142.250.74.10
mnemonic passive DNS lcdn.tsyndicate.com (2) 12634 2020-03-31 14:26:34 UTC 2022-09-28 00:26:09 UTC 8.254.252.211
mnemonic passive DNS simplewebanalysis.com (2) 0 2022-02-25 04:06:25 UTC 2022-09-27 20:23:39 UTC 3.66.118.16 Unknown ranking
mnemonic passive DNS ocsp.globalsign.com (4) 2075 2012-05-25 06:20:55 UTC 2022-09-27 05:00:30 UTC 104.18.21.226
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-27 13:22:33 UTC 34.120.237.76
mnemonic passive DNS iconcnd.net (1) 14771 2020-03-10 10:33:56 UTC 2022-09-27 12:33:55 UTC 109.206.162.121
mnemonic passive DNS hw-cdn2.adtng.com (1) 11917 2020-02-20 16:50:17 UTC 2022-09-28 00:00:59 UTC 209.197.3.25
mnemonic passive DNS bd2ca6c82d.20e2b2c425.com (4) 0 2022-09-26 01:35:11 UTC 2022-09-27 15:04:19 UTC 168.119.25.22 Unknown ranking
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-09-27 05:23:18 UTC 104.17.25.14
mnemonic passive DNS notads.111supjavcom.xyz (2) 0 2022-04-02 18:29:10 UTC 2022-09-27 03:27:49 UTC 135.181.208.216 Unknown ranking
mnemonic passive DNS c29bbe639d.517a6efd5d.com (4) 0 2022-09-25 03:15:19 UTC 2022-09-28 02:06:39 UTC 45.133.44.24 Unknown ranking
mnemonic passive DNS ocsp.sectigo.com (3) 487 2018-12-17 11:31:55 UTC 2022-09-28 00:01:04 UTC 104.18.32.68
mnemonic passive DNS btds.zog.link (2) 38469 2019-10-07 21:35:03 UTC 2022-09-27 21:44:25 UTC 109.206.161.16
mnemonic passive DNS e1.o.lencr.org (4) 6159 2021-08-20 07:36:30 UTC 2022-09-27 05:36:01 UTC 23.36.76.226
mnemonic passive DNS intentionalclemencydecree.com (1) 624709 2022-01-31 11:05:59 UTC 2022-09-01 18:50:58 UTC 192.243.59.20
mnemonic passive DNS img.strpst.com (2) 12993 2021-06-03 08:45:56 UTC 2022-09-27 17:44:38 UTC 104.16.61.52
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-27 23:53:35 UTC 143.204.55.27
mnemonic passive DNS cdn.tsyndicate.com (1) 16265 2017-07-04 06:00:09 UTC 2022-09-27 21:15:25 UTC 8.247.218.249
mnemonic passive DNS pics.dmm.co.jp (10) 91114 2012-08-01 07:09:25 UTC 2022-09-27 14:35:19 UTC 103.254.144.30
mnemonic passive DNS eced49d8e5.20e2b2c425.com (2) 0 2022-09-26 01:35:14 UTC 2022-09-28 00:25:19 UTC 159.69.163.6 Unknown ranking
mnemonic passive DNS wtfdontblock.theporndudes.xyz (2) 930610 2022-02-06 03:28:38 UTC 2022-09-17 18:00:31 UTC 135.181.208.216
mnemonic passive DNS ocsp.pki.goog (8) 175 2017-06-14 07:23:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.3
mnemonic passive DNS s3t3d2y8.afcdn.net (1) 0 2022-08-08 22:22:56 UTC 2022-09-27 11:40:13 UTC 185.76.9.25 Unknown ranking
mnemonic passive DNS fp.metricswpsh.com (2) 0 2022-04-22 11:20:32 UTC 2022-09-27 19:43:25 UTC 157.90.84.244 Unknown ranking
mnemonic passive DNS unseenreport.com (1) 0 2022-03-30 14:33:17 UTC 2022-09-27 18:57:09 UTC 192.243.61.225 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 34.215.91.121
mnemonic passive DNS cdn.cloudimagesb.com (1) 23099 2021-02-12 16:15:41 UTC 2022-09-27 14:12:30 UTC 45.133.44.9
mnemonic passive DNS cdn.1vag.com (1) 48829 2021-02-10 15:12:50 UTC 2022-09-27 19:43:29 UTC 45.133.44.25
mnemonic passive DNS js.cabnnr.com (1) 37463 2021-08-30 12:50:21 UTC 2022-09-27 14:41:15 UTC 45.133.44.25
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 143.204.55.25
mnemonic passive DNS theporndude.com.1111supjavcom.xyz (2) 0 2022-04-02 18:29:16 UTC 2022-09-17 18:00:30 UTC 135.181.208.216 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (11) 86 2012-05-21 07:02:23 UTC 2022-09-27 21:28:46 UTC 93.184.220.29
mnemonic passive DNS video.ktkjmp.com (1) 23778 2020-10-02 08:52:19 UTC 2022-09-27 21:16:54 UTC 104.18.42.40
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-27 20:10:57 UTC 142.250.74.174
mnemonic passive DNS imcdn.co (1) 0 2022-04-22 12:00:42 UTC 2022-09-27 13:19:15 UTC 172.64.103.28 Unknown ranking
mnemonic passive DNS a.adtng.com (1) 15165 2018-07-26 19:17:41 UTC 2022-09-28 00:26:09 UTC 66.254.114.171
mnemonic passive DNS a.realsrv.com (1) 10080 2019-07-03 16:12:14 UTC 2022-09-27 17:31:57 UTC 205.185.216.42
mnemonic passive DNS rtbrennab.com (2) 0 2022-04-20 15:49:10 UTC 2022-09-27 21:38:55 UTC 116.202.60.158 Unknown ranking
mnemonic passive DNS pxl.tsyndicate.com (3) 14763 2017-07-05 13:51:06 UTC 2022-09-28 00:26:10 UTC 136.243.80.153
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-27 04:52:22 UTC 64.233.165.155
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
mnemonic passive DNS cdn.tubecorp.com (2) 89278 2020-03-02 13:43:37 UTC 2022-09-27 14:03:21 UTC 45.133.44.25
mnemonic passive DNS js.wpadmngr.com (1) 25762 2021-06-02 14:43:46 UTC 2022-09-27 19:43:24 UTC 45.133.44.25
mnemonic passive DNS 192d42a802.20e2b2c425.com (1) 0 2022-09-25 03:31:30 UTC 2022-09-27 15:04:25 UTC 45.133.44.25 Unknown ranking
mnemonic passive DNS nereserv.com (1) 40015 2020-12-21 11:07:56 UTC 2022-09-27 22:20:27 UTC 168.119.25.22
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS i.imgur.com (1) 5110 2012-05-21 08:09:36 UTC 2022-09-27 06:19:23 UTC 151.101.84.193
mnemonic passive DNS go.xxxvjmp.com (2) 0 2021-07-02 09:43:33 UTC 2022-09-28 01:40:38 UTC 172.64.145.216 Domain (xxxvjmp.com) ranked at: 384502
mnemonic passive DNS incomprehensibleacrid.com (7) 0 2022-09-19 02:18:37 UTC 2022-09-27 20:39:49 UTC 173.233.137.52 Unknown ranking
mnemonic passive DNS notification.tubecup.net (1) 8210 2019-08-30 09:36:01 UTC 2022-09-27 15:29:15 UTC 94.130.197.136
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-27 04:53:14 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS rtbbnr.com (1) 22279 2021-06-17 11:20:02 UTC 2022-09-28 02:53:45 UTC 116.202.60.158
mnemonic passive DNS hw-cdn2.ang-content.com (2) 165651 2019-03-25 22:41:04 UTC 2022-09-27 16:32:06 UTC 205.185.208.20
mnemonic passive DNS javgg.net (44) 293169 2020-12-07 14:08:28 UTC 2022-09-28 02:47:19 UTC 104.21.6.180
mnemonic passive DNS static.cloudflareinsights.com (1) 1294 2019-09-24 14:34:56 UTC 2022-09-27 06:53:00 UTC 104.18.47.230


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 172.67.135.25

Date UQ / IDS / BL URL IP
2022-09-28 02:59:41 +0000
0 - 0 - 11 javgg.net/jav/sdnm-355/ 172.67.135.25

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-07 03:16:19 +0000
0 - 0 - 1 www.buttygirls.com/esus/multi/ms/7-216324/ 104.21.86.190
2022-12-07 03:05:58 +0000
0 - 0 - 1 cdntechone.com/r.html 172.67.149.153
2022-12-07 03:05:46 +0000
0 - 0 - 4 pornzog.com/http:/pornzog.com/video/14707803/ (...) 172.64.175.16
2022-12-07 03:05:43 +0000
0 - 0 - 1 pornzog.com/http:/pornzog.com/video/13348536/ (...) 172.64.175.16
2022-12-07 03:00:51 +0000
0 - 0 - 1 pornzog.com/http:/pornzog.com/video/7329599/s (...) 172.64.175.16

Last 5 reports on domain: javgg.net

Date UQ / IDS / BL URL IP
2022-11-11 23:55:39 +0000
0 - 0 - 9 javgg.net/jav/fc2-ppv-3118689/ 104.26.2.82
2022-11-09 06:55:33 +0000
0 - 0 - 9 javgg.net/jav/stars-178-uncensored-leak/ 172.67.72.132
2022-10-31 08:01:47 +0000
0 - 0 - 3 javgg.net/jav/mird-151/ 104.26.3.82
2022-10-27 13:54:09 +0000
0 - 0 - 13 javgg.net/jav/onsg-057/?asgtbndr=1 104.26.3.82
2022-10-26 22:28:56 +0000
0 - 0 - 5 javgg.net/?s=DVDES+851+Chitose+Saegusa 104.26.3.82

No other reports with similar screenshot



JavaScript

Executed Scripts (70)


Executed Evals (0)


Executed Writes (2)

#1 JavaScript::Write (size: 182, repeated: 1) - SHA256: b9c1c3098ad5ed854baca1c9bc2c6ab1c0b3c80258788deb40ae5c82af067bd7

                                        < script type = "text/javascript"
src = "//cdn.tsyndicate.com/sdk/v1/bi.js"
data - ts - spot = "607f4e023c4447b99a1f4ca4ed500c5e"
data - ts - width = "300"
data - ts - height = "100"
async defer > < /script>
                                    

#2 JavaScript::Write (size: 207, repeated: 1) - SHA256: e4c8d8da891c8a95a13e5ae5ccddf1dba52f5b38fa4726d92ad2a639a710ce52

                                        < iframe width = "300"
height = "100"
src = "//cdn.tubecorp.com/i/b.html?spot=8352&src=379851898&pid=12732&width=300&height=100&spaceid=860"
scrolling = "no"
frameborder = "0"
marginheight = "0"
marginwidth = "0" > < /iframe>
                                    


HTTP Transactions (193)


Request Response
                                        
                                            GET /jav/sdnm-355/ HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.67.135.25
HTTP/1.1 301 Moved Permanently
                                        
Date: Wed, 28 Sep 2022 02:59:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 28 Sep 2022 03:59:29 GMT
Location: https://javgg.net/jav/sdnm-355/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJvqLH%2FRi8mGO%2FH2ZuTIrkh%2BOPf2zZM39Tx1C%2FDUVQuisw8fiIpagsxmpGojJmQgHGk41pbhY1%2FDhhpWIos%2Bhn8Pe1HI1aVJMP8dTSrkP1I06MhfAC133PgM4pA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7519392f19180b06-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 02:15:37 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oh-P-saeqwF08M-L8Z6MdJc-yOC6Nzn-cgH18Zs8bFd16wC3XH71sg==
Age: 2632


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3824
Expires: Wed, 28 Sep 2022 04:03:14 GMT
Date: Wed, 28 Sep 2022 02:59:30 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ui4g3GVyzE4GKxP5pCCP67qysCP5JTO-zXmt3GzSeLQ-b8b8khNrDg==
age: 63317
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "C773C2292BA811830528ECD39D599EA2F07EA98FEE430FD97A67CF94D70A69CC"
Last-Modified: Tue, 27 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4907
Expires: Wed, 28 Sep 2022 04:21:17 GMT
Date: Wed, 28 Sep 2022 02:59:30 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 28 Sep 2022 02:59:30 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /wp-content/uploads/2022/08/1sdnm355pl.jpg HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 02:59:30 GMT
content-length: 128039
last-modified: Tue, 23 Aug 2022 08:14:54 GMT
etag: "63048c7e-1f427"
expires: Thu, 27 Oct 2022 19:27:58 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=is%2BMAhfVsJQ8HXJsQLcmdBvNh1foDN2ncgMhLNIGqarpz7wvlqHvdLhQpIklqghneAwsZB1Icasm4eL%2Bbi%2BkBtNi6twXdPWpTsHGR9POPwCVDL7qQQ%2B81HMJwiI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751939326a30b517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x535, components 3\012- data
Size:   128039
Md5:    8d0578f12153609cd6d2a5719b9160b5
Sha1:   4538a9a4d9cd0877a3ff84e566083928c821129d
Sha256: 11120728f2b41a40e0cad65eaf69cd2ec28156acde07348273c58fd0017bf76f
                                        
                                            GET /ad-provider.js HTTP/1.1 
Host: a.realsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.216.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 28 Sep 2022 02:59:30 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 23726
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"2bf044048f482551901a41a7444"
X-HW: 1664333970.dop066.sk1.t,1664333970.cds235.sk1.shn,1664333970.dop066.sk1.t,1664333970.cds207.sk1.c
Access-Control-Allow-Origin: *, *


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   23726
Md5:    46504668ecf4671f582f5ba93a2f3c6b
Sha1:   8b165c478da3dd4fd4df3b40745733049b5acb0c
Sha256: 5230c0e2745fedbf038f97e374a5b6ea033434301aa86ec545eae37b29350799
                                        
                                            GET /wp-includes/js/comment-reply.min.js HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 02:59:30 GMT
last-modified: Wed, 25 May 2022 01:04:23 GMT
vary: Accept-Encoding
etag: W/"628d8097-ba5"
expires: Thu, 27 Oct 2022 19:13:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27578
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qL6ILTS09%2FrULXN%2F0upUiUYu3nx1gIOi3CIwz1f%2FVnreuFTyK4i979j3cqV28X84RhwyZfEERsB%2B6zmPbngkKh4IntkWUJyFjEz2luu6yeBMrNrGxs5fBMoB6TE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939326a33b517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2946)
Size:   1771
Md5:    92a9e5995d7867b6d7e233547aeccc9b
Sha1:   37ce8b0daac7a61d822f3c3149afc430aca7939f
Sha256: 565a2324d73aee1018a45e8f9a3deb81f6463e65700a1a00412469282186e6be
                                        
                                            GET /6J8hfA6.js HTTP/1.1 
Host: wtfdontblock.theporndudes.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         135.181.208.216
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 28 Sep 2022 02:59:30 GMT
content-length: 29537
expires: Fri, 22 Sep 2023 14:14:06 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 14:12:29 GMT
etag: "632c6d4d-7361"
cache-control: max-age=315360000, public
x-hw: 1663856046.dop120.am5.t,1663856046.cds215.am5.c
access-control-allow-origin: *
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (48943), with NEL line terminators
Size:   29537
Md5:    1b395ac867bea2e4a11a84dd76158f74
Sha1:   a1c25125fbba55acb8e41385b6d224b68bf932cb
Sha256: 8775d700c36a97a8aa0725859079ae68ee6813e3dc85db1af9b6b33f3544a96e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /8YE7Uw5.js HTTP/1.1 
Host: theporndude.com.1111supjavcom.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         135.181.208.216
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 28 Sep 2022 02:59:30 GMT
content-length: 34358
expires: Fri, 22 Sep 2023 14:13:59 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 14:12:29 GMT
etag: "632c6d4d-8636"
cache-control: max-age=315360000, public
x-hw: 1663856039.dop129.am5.t,1663856039.cds267.am5.c
access-control-allow-origin: *
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (37787), with NEL line terminators
Size:   34358
Md5:    0bfc926c8717a33d199bd68e1b75af88
Sha1:   8cf397d588f3f00adc9606838b33df88646c38a8
Sha256: e0a1a633931c7aa2cb79662bdd9c0a78ab87132ca6e549ec64366cf6095e146e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/javggnet/assets/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://javgg.net/wp-content/themes/javggnet/assets/fontawesome/css/all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Wed, 28 Sep 2022 02:59:30 GMT
content-length: 140996
last-modified: Tue, 06 Oct 2020 00:20:56 GMT
etag: "5f7bb868-226c4"
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cache-control: max-age=3600
cf-cache-status: HIT
age: 1814
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtcENnojrZJleEObaag8ISGwwDbGpjexBXSAjJ%2B2oKP1C1SpMb9YdPv4xbBZfVZMB7u%2BZ10mAelUQ8DvR6X6nEwgub9m%2FPmDAP6YiO6L%2B5wcHLMq3rpcAhmqkb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193933eac7b517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 140996, version 331.-31392\012- data
Size:   140996
Md5:    25d740d42658b6e2c293ce7b3322aac7
Sha1:   41cc9ae4b5dd70fd3988059dfb864f20f99ae371
Sha256: 8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2
                                        
                                            GET /wp-content/themes/javggnet/assets/js/lib/pwsscrollbar.js HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 02:59:30 GMT
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=45008
etag: W/"5ff29c32-afd0"
expires: Thu, 27 Oct 2022 19:13:35 GMT
last-modified: Mon, 04 Jan 2021 04:40:18 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugBhnGhL9YVGe%2Fr7A6fDskcrqxFyfzdyryUB046Fmbs2V8jieUJIKwO0YtgypZ%2B0RMqlwf0DCXQ20fkETWwBZahX7Yvkg9QYhlFmg80U9tvQyz7NdtuAKKQaKyg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939324a1eb517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (45007), with no line terminators
Size:   13509
Md5:    68742835e6ce4e5581c60a4d5d6bccdb
Sha1:   ae79d1ec11895751555aa58237662dbe57b7ef87
Sha256: 5cc6194db33de81f540bf196d42a3c5d71c9372e62d6ed24eeb794f95729f056
                                        
                                            GET /api/spots/322939?s1=%25subid1%25 HTTP/1.1 
Host: wtfdontblock.theporndudes.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         135.181.208.216
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 28 Sep 2022 02:59:30 GMT
vary: Accept-Encoding
set-cookie: nauid=JhVoFFcsE875JSPoCORv; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2673
Md5:    23d3a5b32104d2931b70f65474bbd84f
Sha1:   d2bfab5b7eaac56824aa7c58bcb0e929aff366b9
Sha256: e270ee33ec40d35e5d11a01ff0a5ab4d68269ddb696667c7548a2c1ff816fb32
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://javgg.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 545122
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /wp-content/themes/javggnet/assets/js/lib/blueimp.js HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 02:59:30 GMT
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=32964
etag: W/"5c8f9f1a-80c4"
expires: Thu, 27 Oct 2022 19:13:35 GMT
last-modified: Mon, 18 Mar 2019 13:37:30 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27578
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZAiQIXhEpeGkaRT1vsTtoBK4pahXWVqdNNEIbrMmbzyW1vD7KiSUHWo5sezAinrKcQpnwMJR0W4BGJe1J82ygAk8mBjBbTnPPIInMAcNJDAL5A2A4JokDGiE%2FI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939325a28b517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32911), with no line terminators
Size:   24856
Md5:    d3807f5817261ec27963edcf5c5939cf
Sha1:   f887bd1207620223589ce074f27685d8412b3b9e
Sha256: 2e098b8da06d97f8bea59b024d2ec259c2c8798a00d48f30a7f0efcb64e74d14
                                        
                                            GET /wp-content/themes/javggnet/assets/js/lib/lazyload.js HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 02:59:30 GMT
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=7238
etag: W/"60426d7c-1c46"
expires: Thu, 27 Oct 2022 19:13:35 GMT
last-modified: Fri, 05 Mar 2021 17:42:20 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iF3HelQdsWaX5FEpKbygyKHw3SCh%2FyAj%2Bos7OMDV%2Fqbn0H4uTqs6df%2F%2BknTRxJ9jr4mAgt8FCLUG%2FJ7OJMoCmhy8mriP4iXqUGb85zEcVhU60NeHwstf02VI6d0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939324a1cb517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7232), with no line terminators
Size:   19372
Md5:    57b636e2af5dff9317000f3a4c5b2c02
Sha1:   6ec4aeb7b78c6b22d4ec1a418985146c622d61d0
Sha256: acab0a1ad6e554112275e83bc8bd043e036f9eb8e36ddf26356d1b247bce4b5f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ZqsA45L.png HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.84.193
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Mon, 12 Apr 2021 07:59:50 GMT
etag: "bb0f0c3e65c2f255cbc3bbed3518ec07"
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 28 Sep 2022 02:59:30 GMT
age: 737892
x-served-by: cache-iad-kcgs7200167-IAD, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 11772, 4
x-timer: S1664333971.668114,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 2546
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 223 x 39, 8-bit/color RGBA, non-interlaced\012- data
Size:   2546
Md5:    bb0f0c3e65c2f255cbc3bbed3518ec07
Sha1:   f0546433309c820f90ad0cef61c978c5e8e5338e
Sha256: faa638e486626596913f35ceaca4d7d4ef18e2993010d04743d6c69c8e1476c4
                                        
                                            GET /wp-content/themes/javggnet/assets/js/lib/idtabs.js HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 02:59:30 GMT
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=1543
etag: W/"5c8f9f1a-607"
expires: Thu, 27 Oct 2022 19:13:35 GMT
last-modified: Mon, 18 Mar 2019 13:37:30 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfnVmeGcoG3R50r6s%2Bnq8TtA%2FLmSS92JdlqrTsP6a20CsscociAaBa26L7LUcu0ujqhy7VYk19Rhj3rGcJGYwJZOtOaRtAqAJ97atNnreIRxfPjjiRnNIQlK74k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939325a20b517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1541), with no line terminators
Size:   1874
Md5:    afcc32853a07a28a2cc43c8179aa31b8
Sha1:   1d58f83fa5b6f7f59559c1d56abe452126d05651
Sha256: 54fdbca10067a0eab5110c870fc5a8f38bc98dd7d1d68865cd87d37176b73bf9
                                        
                                            GET /wp-content/plugins/gtranslate/flags/24/en-us.png HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 28 Sep 2022 02:59:30 GMT
content-length: 656
last-modified: Tue, 10 May 2022 07:49:41 GMT
etag: "627a1915-290"
expires: Thu, 27 Oct 2022 19:13:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27377
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APX9O%2BbF4K7VqtL5Nfjes3SOgkomvzUb3IPMYLUK%2FUmgkcsCuQ4da0NKoDfpADGWPDyQZL5h6%2BHppUr4FOxX9bjHdZjdvnK2xZto60oyaEZ8ZgbiMQFmhEpf4Dc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193934ab30b517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   656
Md5:    ae506a6c014bfeb8d8cbfdfbe94c14c9
Sha1:   f4e74440c4e79e71959b9b8f799f2e8a7e15b7ee
Sha256: bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
                                        
                                            GET /wp-content/uploads/2021/10/mide00988pl-300x170.jpg HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 02:59:30 GMT
content-length: 20497
last-modified: Sun, 10 Oct 2021 12:59:42 GMT
etag: "6162e3be-5011"
expires: Thu, 27 Oct 2022 19:13:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27377
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLXgisoKpjS2Y1ggbJyTp3sZ06Evt%2BgK4Dk6%2BWRI%2BgosVvpovmA%2BwJ0kyBT4mJt33oR1wGEKEl66dBYpg1wm5C%2FGoEkiFB5wOrdY25tct0buAk%2Fj2lnVJEWvJuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193935ab9bb517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Size:   20497
Md5:    cd17b67a52fbb7f70ba59a0102395d8d
Sha1:   dc1cd76ec64428bea33e5b41dd1aa45cf1095e9f
Sha256: cf5a886add4753e11c88e67bb24e9451fca4bdc721f58f769d93bbdc0384e3bf
                                        
                                            GET /wp-content/uploads/2021/10/STARS-168_Leak-300x170.jpg HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 02:59:30 GMT
content-length: 22770
last-modified: Sat, 23 Oct 2021 06:24:32 GMT
etag: "6173aaa0-58f2"
expires: Thu, 27 Oct 2022 19:13:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27377
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8nTRT19kA5AXIVHL4FqHdcG5UeH%2B7IC4UVd6h04%2Fm5%2BVdJ7L%2BXsHtT0vyM6ur185dfBSlpXtauN7QoNmNJ4B%2B1JOLqVExTnJ5GTqKbufcex%2FRoOqEE8BzvjFSZk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193935ab9ab517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Size:   22770
Md5:    15e6266d148a925eddabcf2f400531fb
Sha1:   b2f924d9bd6a8f8973f52dfaa0f922d36800d5eb
Sha256: d6420bd40113e00a517154ef163abbb4f2df78c47ffdc79ec15554207437ed80
                                        
                                            GET /wp-content/uploads/2021/09/ssis181pl-300x170.jpg HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 02:59:30 GMT
content-length: 22899
last-modified: Tue, 14 Sep 2021 04:43:01 GMT
etag: "61402855-5973"
expires: Thu, 27 Oct 2022 19:13:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27377
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrblzEg3MNPvCLsdDKmUjIiKCTOG7kIq7t4QkavbbRC65Ka0ncRsCTAYD22TwkZyxUwjkAK24%2F5m8Wb%2B9DS1egOLGU3i3OJcC0p6F7veyJ63SYNvRSuxVgBcgmU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193935ab9db517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Size:   22899
Md5:    0b022311bbde64cfe9e86322c8c80ccd
Sha1:   a520f477c12e358ea968df63c9e8e5cb06fe1e40
Sha256: 14bd1c9eb8e49065bc7bd9ade3f246a94cbbf5295ada7842e21d7dff48b66c79
                                        
                                            GET /wp-content/uploads/2021/09/1stars120pl-1-300x170.jpg HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 02:59:30 GMT
content-length: 26648
last-modified: Sun, 26 Sep 2021 07:28:32 GMT
etag: "61502120-6818"
expires: Thu, 27 Oct 2022 19:13:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27377
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwOuN3IN4Ef6TPfw0Gv%2B6HJ1FahOGDLUWESnLiJbvciHH8dZ3gwIj2RW%2B%2BVyAw%2BQMPUnGmsxoUgEe%2F6ZU2yATHaNxDUGMNIhx9NHZYp794Tbs8hQsouGRD2Kd24%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193935bba2b517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Size:   26648
Md5:    d4fe030a6beecfab19a027f683141749
Sha1:   eee49cc3819c4feb988d491cdb8b7f81a4cf18eb
Sha256: 5524a47315ec445c01edd5eb66b6daed41b13f3949b51c7c40d34fff3c0e1c8c
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 02:10:46 GMT
Expires: Wed, 28 Sep 2022 02:12:27 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0YQyWZ8goLbPeWooWqFJlGMRKhHkStDF3AaFPvRkffKqAKAgBv6iSA==
Age: 2924


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 28 Sep 2022 02:41:09 GMT
expires: Wed, 28 Sep 2022 04:41:09 GMT
cache-control: public, max-age=7200
age: 1101
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5733
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 02:59:30 GMT
Last-Modified: Wed, 28 Sep 2022 01:23:57 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 02:59:30 GMT
content-length: 5117
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-45f4"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9615632
expires: Mon, 18 Sep 2023 02:59:30 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjty4N%2FLYO29WyJbLcEtkFJhnnflmiekGxXoRa0bFQdSBcjJ1HmW1DRRJy9zh26zGCfejsh%2F2GbvPLmfD%2BJNfwYbOJ15n9G6vFJmoenAyy0JT5Hfdx2mWeYdZAgDFRWb5HJ4lY38"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75193936593ab523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17660)
Size:   5117
Md5:    abe1df98b6ab4644bd567e6669d0da03
Sha1:   27e3bf22ef08b7ca0090721ed31b4f921d278e7c
Sha256: cd40ba7dbf63d67511c0fd56b7e5327dbedb43d15c439d79a8aacb6377059540
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C7559547ABBE8D64B62551846096D5D9CF79D80EA5FDE5113292850E1A6ABD9A"
Last-Modified: Tue, 27 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3090
Expires: Wed, 28 Sep 2022 03:51:00 GMT
Date: Wed, 28 Sep 2022 02:59:30 GMT
Connection: keep-alive

                                        
                                            GET /api/click/1697011856757079095?c=90 HTTP/1.1 
Host: notads.111supjavcom.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notads.111supjavcom.xyz/api/spots/338183?p=1&s1=%subid1%&kw=
Cookie: nauid=ii5gAIfMAQ2dvDDvlXYH
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         135.181.208.216
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 28 Sep 2022 02:59:30 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private
X-Firefox-Spdy: h2

                                        
                                            GET /api/click/18422595916118178095?c=90 HTTP/1.1 
Host: notads.111supjavcom.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notads.111supjavcom.xyz/api/spots/338183?p=1&s1=%subid1%&kw=
Cookie: nauid=ii5gAIfMAQ2dvDDvlXYH
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         135.181.208.216
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 28 Sep 2022 02:59:30 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0887434D697C7D1E40A0DB297B3F347AF7CF35A082B29D736C2EC9A3DE289393"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2296
Expires: Wed, 28 Sep 2022 03:37:46 GMT
Date: Wed, 28 Sep 2022 02:59:30 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   78294
Md5:    7daea030c5b73fdc34487a74d426614b
Sha1:   f5b6b4cb4e1cc727894da72f4023cda39dab88c8
Sha256: 6fe8df863ba43ba995298a1ebee12bbc8f5ac85ac3c4261c6afe087d2dec6ab1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5733
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 02:59:30 GMT
Last-Modified: Wed, 28 Sep 2022 01:23:57 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /v1/api.php HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 247
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.245
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Wed, 28 Sep 2022 02:59:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://javgg.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226333b892e2b071.422643241480154876%22%3B%7D; expires=Fri, 27-Sep-2024 02:59:30 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1379), with no line terminators
Size:   1015
Md5:    00a4e693d17fe80024c968fd4017c0d0
Sha1:   ddf2042566c831a25e7fd1c892de754dfe108d91
Sha256: cf4fb0f44e47d56c2745982e533f3f93a7baf5d49d105d3b28c4fd737f2bcf38
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4618
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 02:59:31 GMT
Last-Modified: Wed, 28 Sep 2022 01:42:33 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/themes/javggnet/assets/fontawesome/css/all.min.css HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 28 Sep 2022 02:59:30 GMT
last-modified: Tue, 06 Oct 2020 00:20:54 GMT
vary: Accept-Encoding
etag: W/"5f7bb866-2a8fd"
expires: Thu, 27 Oct 2022 19:13:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74g4pEzJ9Plqz7fpxf8i4EQ%2FVGDvcaMQZPOThteYzlXpnTcDRxZBMtqjC%2FCdiecP2068%2BO3FMw5CS%2BcpWtKpD0Dc6C5nGNSgs107J2wVjqCODW1UAUdTLkXR4Kk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939323a0db517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65393)
Size:   39258
Md5:    cf235c3875aa876c5ebd5458a12347ed
Sha1:   784c86e60c97b93c1c2cd0cb4961b6d38c90e6c6
Sha256: 2b479ad6dae79016a903df09fef0808ad1e9a9c518dc27620bd8df4547d96cb8
                                        
                                            GET /adsbygoogle.js HTTP/1.1 
Host: video.ktkjmp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xxxvjmp.com/
Origin: https://creative.xxxvjmp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.42.40
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 02:59:31 GMT
content-length: 16
x-amz-id-2: kyl0IVMMo5KW4pDdzfnQKUa/Cfs4W9YHdQTiL3YWd73Il6pI7lh92KHTCplsaUtVSNRKq3KXr04=
x-amz-request-id: 3YWBDN4EWV9170D8
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.xxxvjmp.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 2269
expires: Wed, 28 Sep 2022 06:59:31 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7519393729d40b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   16
Md5:    3d7f7a60216d40dea48e495fef6903c9
Sha1:   fecdb5184f55cf012563d78940eb97b10b9cc99b
Sha256: 96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
                                        
                                            GET /5cb7fe9beb4e3050d3c49df11e580d78/9625?version_name=a HTTP/1.1 
Host: c29bbe639d.517a6efd5d.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         45.133.44.24
HTTP/2 200 OK
content-type: application/json
                                        
date: Wed, 28 Sep 2022 02:59:31 GMT
content-length: 1397
server: nginx/1.18.0
cache-control: max-age=300
expires: Wed, 28 Sep 2022 03:04:31 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1397), with no line terminators
Size:   1397
Md5:    c3bc2540424528cde8fe3ca2b599117f
Sha1:   fcfc757e21e15f4a92faab5be40400e1c557e84b
Sha256: 0d7e57d29dc71967062a18cbc4e0a7d42bb9ec7cfaba0193c5e2a8b34856889d
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KAItjLTniDgJewi2ZhfjXg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.215.91.121
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JowfBjDlm2TSiwgjyx6HtkT1VEk=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "83495B75E935D5E25F3360132C0E5A68564C9A6366A988187001FE5A9EF366AB"
Last-Modified: Tue, 27 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3183
Expires: Wed, 28 Sep 2022 03:52:34 GMT
Date: Wed, 28 Sep 2022 02:59:31 GMT
Connection: keep-alive

                                        
                                            GET /npc/sdk/wp-banners.js HTTP/1.1 
Host: js.wpadmngr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.25
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 02:59:31 GMT
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Wed, 28 Sep 2022 03:04:31 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

                                        
                                            GET /wp-content/uploads/2021/10/1sdmu963pl-1-300x170.jpg HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Cookie: _ga=GA1.2.81713717.1664333969; _gid=GA1.2.213513287.1664333969; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 02:59:31 GMT
content-length: 38990
last-modified: Tue, 05 Oct 2021 06:08:05 GMT
etag: "615bebc5-984e"
expires: Thu, 27 Oct 2022 19:13:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27378
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNZAa%2FkPNaVEwsqTCag1FhKXhMlRr%2FQsAoC7xBxutUiqQLBRakwHvNO2o%2FQ8B3dqB0jKPJxKIyazI6wwPnyY0Chj4EDs52lSG7uMo5YmCmUrtq4fS891TlTSHo8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193939ddb7b517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=535, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=800], progressive, precision 8, 300x170, components 3\012- data
Size:   38990
Md5:    187c13733ccf6a432269e9a5d8826ae6
Sha1:   9a45905b7960538aff788519bc6695722a6202d0
Sha256: 312c574619c3611ed429607634839f0a944d262b728515c7e5c0189bf4b0f552
                                        
                                            GET /wp-content/uploads/2021/10/SDNM-229_Leak-300x170.jpg HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Cookie: _ga=GA1.2.81713717.1664333969; _gid=GA1.2.213513287.1664333969; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 02:59:31 GMT
content-length: 22122
last-modified: Sat, 23 Oct 2021 06:24:01 GMT
etag: "6173aa81-566a"
expires: Thu, 27 Oct 2022 19:13:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27378
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Scsj2wD1vK99JQESViRaR0K%2FHSdr9wKc7QjGw3%2BdU92x4oI0ldLB2riyxPS4EE1L7v2cfU%2FcdzI5NxmMB%2FRnHB04UgJVgpXmLvsJepNnw9ZgEiwch3Ybh94xsPo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193939ddb9b517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Size:   22122
Md5:    af55499889834b81cba1bfe4e6fa8a6f
Sha1:   3fc9212e3ba764e46ed1932a1f29d4b7985655b5
Sha256: 68cbde5ebc20e56c7bfd052fd34c1542e5e7eaa034fc9374ab7b86ec55778039
                                        
                                            GET /wp-content/uploads/2021/10/ssis211pl-300x170.jpg HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Cookie: _ga=GA1.2.81713717.1664333969; _gid=GA1.2.213513287.1664333969; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 02:59:31 GMT
content-length: 23016
last-modified: Tue, 05 Oct 2021 04:28:23 GMT
etag: "615bd467-59e8"
expires: Thu, 27 Oct 2022 19:13:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXdxNIz0uRJRdUd2YaPcUF5FPtVXtMrnDLURpV%2Fvdqx3vWAnVVMGmNSsPQepV61OfM0kYtLbuMsmT78Yza%2BI9bS%2FXHm2iclqiOi8e0aMbRQOHqfxZfh1LSrc2Go%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193939ddbbb517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Size:   23016
Md5:    8e2bee408d1b3db43954894efa142fdc
Sha1:   61dd2c871000e7674a4e05826bf23a6365444568
Sha256: 442021ed83f0d2beab4875616cc90edea5b3306982ac84f1c92239ba249cdbcf
                                        
                                            GET /config?url=https%3A%2F%2Fcreative.xxxvjmp.com%2Fwidgets%2Fv4%2FUniversal%3FisNew%3D0%26broadcastHD%3D0%26broadcastVR%3D0%26broadcastMobile%3D0%26isPerson%3D0%26isFace%3D0%26goalEnabled%3D0%26isMlCountry%3D0%26isLogged%3D0%26isMlAnal%3D0%26isMlBlowjob%3D0%26strict%3D0%26applyGeobans%3D0%26tag%3Dgirls%252Fchinese%26stripcashR%3D0%26language%3Den%26autoplay%3Dall%26thumbFit%3Dcover%26hideLiveBadge%3D0%26hideModelName%3D0%26autoplayForce%3D1%26playButton%3D0%26thumbType%3Ddefault%26actionButtonPlacement%3Dbottom%26thumbSizeKey%3Dbig%26thumbsMargin%3D5%26responsive%3D1%26hideButton%3D1%26hideTitle%3D1%26hideButtonOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26buttonColor%3D%2523DC0C2C%26liveBadgeColor%3D%252300bd8f%26userId%3D5e6ff13072051fdc172c3b2a2c52f266c758c4e6c7837dc97b8bcdbdc61ed761%26campaignId%3Dwidget300100 HTTP/1.1 
Host: go.xxxvjmp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xxxvjmp.com/
Origin: https://creative.xxxvjmp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         172.64.145.216
HTTP/2 200 OK
content-type: application/json
                                        
date: Wed, 28 Sep 2022 02:59:31 GMT
access-control-allow-origin: *
last-modified: Wed, 28 Sep 2022 02:23:04 GMT
cf-cache-status: EXPIRED
set-cookie: __cflb=02DiuDfsBaY2bRYJiCeSRSGTzNwtDfLbr2wmMaQ5NFgda; SameSite=None; Secure; path=/; expires=Thu, 29-Sep-22 01:59:31 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 751939371fc71c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   25868
Md5:    a0f5e43c5752296c808276221e185fde
Sha1:   1a84e917f8132fa52e9707f70793d6766aa7b3aa
Sha256: ddc33c3a6baaad9a9cc98ebb461aaa73627790144f977c602333604720dfab05
                                        
                                            GET /wp-content/uploads/2021/11/ssis256pl-300x170.jpg HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Cookie: _ga=GA1.2.81713717.1664333969; _gid=GA1.2.213513287.1664333969; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 02:59:31 GMT
content-length: 21737
last-modified: Sun, 14 Nov 2021 13:43:12 GMT
etag: "61911270-54e9"
expires: Thu, 27 Oct 2022 19:13:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27378
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICWmx4gJaoX7k8NzXd5Mgt6pD4ZgKXYy7coLGIIt8W1RhX17CES5zQrv7seOJb%2FtEsu4PxGWuS95VA2bxQb3frrBgt14zEuHOdp9l07ChpWaB5EYcjCE5PiFPWk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193939ddbdb517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Size:   21737
Md5:    e18f204fcf5de358089f34082df421d9
Sha1:   2214bed260e02a6363aa3363cf515f085c2bc826
Sha256: f8457e51b8e8dc45abe8e1eb001062d4a6e249f43c80cd7b5d57f631d083179d
                                        
                                            GET /wp-content/uploads/2021/11/ssis241pl-300x170.jpg HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Cookie: _ga=GA1.2.81713717.1664333969; _gid=GA1.2.213513287.1664333969; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 02:59:31 GMT
content-length: 22551
last-modified: Sun, 14 Nov 2021 13:43:34 GMT
etag: "61911286-5817"
expires: Thu, 27 Oct 2022 19:13:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 225
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9s9r4tgEcT4jKPOLFMAomWZLyRGv0ig6tfLK%2FLgHKBD8IeJUwBgyE2mOUs9cc1IefMYIu5vhhQtfp%2BGjinjahb%2BDjhxt5wYrIFppbJqvJFdF%2Br5Q8r2zWYdmWc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193939ddbeb517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Size:   22551
Md5:    f26f0aa57b2ca0fec128f08887a5c4bf
Sha1:   daadd148a752c87ff3a3d0ad30a31d39189f3c21
Sha256: dfb8585b08a49dcc67deadc9d1f7278555b6b20a8a361b719203906da737ecf1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:59:31 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 17:56:28 GMT
Expires: Mon, 03 Oct 2022 17:56:27 GMT
Etag: "322f7a5bce762f479dac834e29d9a02ddf0fce1b"
Cache-Control: max-age=485215,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751939374cbfb500-OSL

                                        
                                            GET /sdk/v1/bi.js HTTP/1.1 
Host: cdn.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notads.111supjavcom.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         8.247.218.249
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 02:59:31 GMT
content-length: 3253
last-modified: Mon, 19 Sep 2022 08:53:30 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"63282e0a-1e1a"
age: 753765
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (7675)
Size:   3253
Md5:    994ce2eb3c88a9c1025564da2a49a681
Sha1:   8f8e617b60e5626becb9bd5e4edd5461ccf4279e
Sha256: 8927431d37a4d03469c7d618a05ac02c7149c988766fb34667f06f1310a2246e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED23793FD0DB4041174398A3F48580024A321454F9B8153211BC721C1886D84A"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=39
Expires: Wed, 28 Sep 2022 03:00:10 GMT
Date: Wed, 28 Sep 2022 02:59:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A70D2449F55037C5B7A288AC21411C653D5150947FD852B5770FA7E64173F106"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10351
Expires: Wed, 28 Sep 2022 05:52:02 GMT
Date: Wed, 28 Sep 2022 02:59:31 GMT
Connection: keep-alive

                                        
                                            GET /53/b2/3c/53b23c00e857c12b9ec3a6750b627447.js HTTP/1.1 
Host: intentionalclemencydecree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 02:59:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2e6b5fcea5471550cb150cc5e64cc338
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (37137), with no line terminators
Size:   13400
Md5:    a61398467ebb0170763571b25ad721b2
Sha1:   59377b9c5e89d5fa2b84fe0661891bb22e226dc9
Sha256: e0f33b0962bdf6afc91ca0e18c995d6a6a78c19484792e07013dac616acf8570
                                        
                                            GET /banner/in/show/?mid=939154945&pid=0&site=8352&sc=NO&usage_type=DCH&subid=379851898&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=notads.111supjavcom.xyz&hostname=auc-banner-hz-5&site_id=0&spot_id=0&utm_source=tcban_i&utm_medium=8352&utm_campaign=12732&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=31&ml=&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D379851898%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8352%26utm1%3Dtcban_i%26utm2%3D8352%26utm3%3D12732%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Fnotads.111supjavcom.xyz%252F%26katds_labels%3D%26btype%3D0%26score%3D31&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=0 HTTP/1.1 
Host: rtbrennab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtbbnr.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         116.202.60.158
HTTP/2 302 Found
                                        
server: nginx/1.18.0
date: Wed, 28 Sep 2022 02:59:31 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://btds.zog.link/in/912/?sid=0&source=379851898&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8352&utm1=tcban_i&utm2=8352&utm3=12732&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Fnotads.111supjavcom.xyz%2F&katds_labels=&btype=0&score=31
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5467
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 02:59:31 GMT
Last-Modified: Wed, 28 Sep 2022 01:28:24 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "01647CF61B597ED02741C72B8E7B1E0974843ACBEFE702AE97BDF76E8684487B"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3412
Expires: Wed, 28 Sep 2022 03:56:23 GMT
Date: Wed, 28 Sep 2022 02:59:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:59:31 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 15:56:17 GMT
Expires: Sat, 01 Oct 2022 15:56:16 GMT
Etag: "cb5d4655286e43f6a4899dc87483f2d13ac427f3"
Cache-Control: max-age=305204,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7519393c6f05b500-OSL

                                        
                                            GET /images/8/7/759a49949cef854dec60e72362ce1877984fd1/main.jpg HTTP/1.1 
Host: lcdn.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=664f416d-92d1-4017-a5ac-e82212104103
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         8.254.252.211
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 02:59:31 GMT
content-length: 2840
last-modified: Thu, 18 Mar 2021 07:46:57 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"60530571-b01"
age: 16443749
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 300x100, components 3\012- data
Size:   2840
Md5:    ea8893fe883dc95e5e925f21063184a7
Sha1:   208c610701b19560601bbb9e9de67d769f4edb7a
Sha256: 1c3bac813aec94f9e1c34790b40e857af173c6e50f5527e88653d19931baa5ea
                                        
                                            GET /in/912/?sid=0&source=379851898&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8352&utm1=tcban_i&utm2=8352&utm3=12732&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Fnotads.111supjavcom.xyz%2F&katds_labels=&btype=0&score=31 HTTP/1.1 
Host: btds.zog.link
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbbnr.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         109.206.161.16
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.20.1
date: Wed, 28 Sep 2022 02:59:31 GMT
content-length: 0
location: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=379851898&categories={{ad_tags}}
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 912.0=1; expires=Thu, 29 Sep 2022 02:59:31 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 02:59:31 GMT
Last-Modified: Wed, 28 Sep 2022 01:47:20 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bvIbZIfzM77WnnvNP9935RErLSb7Fe9F6eGDDFA785zhvSiXWfBQ0Q==
Age: 4331

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         3.66.118.16
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 28 Sep 2022 02:59:32 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://javgg.net
access-control-allow-credentials: true
set-cookie: uid_id2=c10b66c0-6c05-43ea-a64a-7b3a927289d4:2:1; expires=Sat, 25 Sep 2032 02:59:32 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    9ab948ffaca8406919d9adc58180f2e3
Sha1:   cb2ce9f25b2f69ed0c6e2e82b7dcb401e49bc6f4
Sha256: 9ec8a7e39012bc0624fa85b86ed284f186ec3e9ce07ae2cad9c5f1a88eb79182
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5468
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 02:59:32 GMT
Last-Modified: Wed, 28 Sep 2022 01:28:24 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:59:32 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 15:56:17 GMT
Expires: Sat, 01 Oct 2022 15:56:16 GMT
Etag: "cb5d4655286e43f6a4899dc87483f2d13ac427f3"
Cache-Control: max-age=305203,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7519393c6de8b524-OSL

                                        
                                            GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgzNTIsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgzNTIsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIzNzk4NTE4OTgiLCJ1dG0xIjoidGNiYW5faSIsInV0bTIiOiI4MzUyIiwidXRtMyI6IjEyNzMyIiwidXRtNCI6IiJ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoxMDB9fV0sInNpdGUiOnsiaWQiOiI4MzUyIiwicGFnZSI6Imh0dHBzOi8vbm90YWRzLjExMXN1cGphdmNvbS54eXovIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjgxODYwODk5YjRjMjdhMGQ2MzQxYzY2YTZiNTBkMGVjIn0sImV4dCI6eyJkdCI6MTY2NDMzMzk2OTA5OX19 HTTP/1.1 
Host: rtbbnr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.tubecorp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         116.202.60.158
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx/1.18.0
date: Wed, 28 Sep 2022 02:59:31 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2590)
Size:   3777
Md5:    47aa7c6b7499b752e60e9965ae023be2
Sha1:   8e21f822df5c726c9c3cd9d295db35df540b7368
Sha256: 416bd89550544ddf4b5ee83be4d99b807906ce18cab8230f5e3da0ff01db058c
                                        
                                            GET /iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=379851898&categories={{ad_tags}} HTTP/1.1 
Host: tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbbnr.com/
Connection: keep-alive
Cookie: ts_uid=664f416d-92d1-4017-a5ac-e82212104103
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         136.243.69.157
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Wed, 28 Sep 2022 02:59:32 GMT
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: a7094caa9110b0d7
set-cookie: ts_uid=664f416d-92d1-4017-a5ac-e82212104103; expires=Tue, 28 Mar 2023 02:59:32 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None bfq=APeIECNCxxYZN2zUSAijCwsRYwpuieFQRBmJMWzYoEFDBowZN2R06aMg; expires=Thu, 29 Sep 2022 02:59:32 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3840)
Size:   2497
Md5:    538bbecd4cbec01be3fc5302a6cef134
Sha1:   36058f8177eb6e76f5df75053d040bc434f5a93f
Sha256: e12f2644a2ad5e4648b7f7c65763c756d0686472a7ddeab4666c7a1c504b5cec
                                        
                                            GET /images/8/7/759a49949cef854dec60e72362ce1877984fd1/main.mp4 HTTP/1.1 
Host: lcdn.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=664f416d-92d1-4017-a5ac-e82212104103; bfq=APeIECNCxxYZN2zUSAijCwsRYwpuieFQRBmJMWzYoEFDBowZN2R06aMg
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         8.254.252.211
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
date: Wed, 28 Sep 2022 02:59:32 GMT
content-length: 60563
etag: "60530571-ec93"
last-modified: Thu, 18 Mar 2021 07:46:57 GMT
server: nginx
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
age: 18612169
content-range: bytes 0-60562/60563
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   60563
Md5:    4992d914122794df77f4f69cb51a55a8
Sha1:   a2fb8ed82a3c2fa7b175e4c83cc27f0f24238f66
Sha256: bae61fc0a38f5de5a445de2094c6a9c81cb899c2ce3888219fc5fb04c49b7287
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3828
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 02:59:32 GMT
Last-Modified: Wed, 28 Sep 2022 01:55:44 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WYMTODjJgyOci0mJFjTI4WNMjUCNMCR44aM0baIBNDBo0yMXDUEJNDxMMwdcZkHHODBg0bY2iYQUkmKcoaN260CLORpRgbYsKEqQEjDA0cZnr-JGNnoQwYUW88hFNHzMIZNnDcwPETDpy3NGDEmPFwDpyJOmjURJuDxsMxbe4GhvEyR0WIZMyYVStCjBs3k2fcmAHDxsM2bjAynCHj7FrQokvrhPGwjhw2b_UyRttaRkY0dOjAmaPjxQs7ZPKYYXNGzZg8eNyYcVHHTZoxb-S4gSMnzcGaM1xAb_OCjQs4aOD8gNNjjA43MGnowbNGjHvjY76o0ZODSx0YMGTM7GFDxg0bO-EQgxgxlNGfDDGMgUN_M5Rxgxgy2IeffnP0INhZNxQmYX5Y9eCfZpzZsKF-YljXAwwu4BfDiDbAYaIMT0iBRRF_NbFECzm0ASMeaCDBxhpR6LFGDVmEkYYY0slwBhposEHEGkYIgcQMTTgBhRJDfBGGEFqsMYYSVJQxgxZ1BEEFFFQc8UQORcRQhBF31FBDEEi4AcUYckihxhNUzEEFGXHUpEYdS1yURAt0GIHDEm4UkUcTY7TwxBlfnFFFEkRIUUUaLCJGXl6NrXgfh2uUkccd0ZHRA4tkyODhDazGYCFjNTjG6gwnskpDDzPktRerNfTgxBOs2tCDGmHYccYZLrhRBh2s3tBDVpchtAJnMOARA36s4uAhqznw6pMIZLzRRkZuvEGHQXO4EMO7c9QBB7J2bOcCHnnoMe4YYQC2xQwxdLGWHEIxVEYLnT0khmQ6oKjXYXC08QV1BTuMH2Vy2KEYZw-VMUbEC1n8WB11pJGRDTYoJdhMOMpAE0p6SbVVRC2UgUNpNW0rGAwzjJuGYiI45kIOKNIgg7s10DCuHF_8nJHQRLtgNNJKtxZGRk28oUcabLARxgs1pAgCCli8uwMITKThRh14gIDHgl-kfHbGOuRgQ4opgHCEx2u88cJZ28oWAwhGpCFHGWa8gccLdqe4b8EiDDtudF-MAbnkD7EBeRFOjHuQHV8cDhtDUM0FFw74PSTHGZjpIEMNcj30-RdILoQDXeSWAXobb5Bh1oKPkSHHG2899IZCrg-seB4LGSbC4QwPlNtuvb2Q7rpktPtuDPHOm6y9-Orxwrh3ZFQT6uOiYX5-VYswR8YZDb8uHdG10FwadLRgQw4uNFWT55A7yBf8ZxuLnIshKKPBDBaYgxs8hg46okgCF0gSB94AJmMJXRn8oiXAxGCCDHRgx0AXBjYghA7I-xcNBAYRMQAmd2YAChsmshbNhewwooFBHxQQEA%3D%3D&s=cbf81082c8bca1fc727b672265947599ec508c4b740ccb7566f00c4ca850d1f41664333971&w=t&r=1&d=38&priv=false HTTP/1.1 
Host: pxl.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=664f416d-92d1-4017-a5ac-e82212104103; bfq=APeIECNCxxYZN2zUSAijCwsRYwpuieFQRBmJMWzYoEFDBowZN2R06aMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         136.243.80.153
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Wed, 28 Sep 2022 02:59:32 GMT
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   24
Md5:    0959ba36d476b6dc1994ba3c678b07c4
Sha1:   d30b94da72daa02766965206a85b7e0356375f5e
Sha256: 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
                                        
                                            GET /api/v1/elapsedtime?f=banner%20300x100&sc=607f4e023c4447b99a1f4ca4ed500c5e&hn=notads.111supjavcom.xyz&et=184 HTTP/1.1 
Host: pxl.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notads.111supjavcom.xyz/
Cookie: ts_uid=664f416d-92d1-4017-a5ac-e82212104103; bfq=APeIECNCxxYZN2zUSAijCwsRYwpuieFQRBmJMWzYoEFDBowZN2R06aMg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         136.243.80.153
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 28 Sep 2022 02:59:32 GMT
content-length: 0
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2

                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:59:32 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 02 Oct 2022 01:13:23 GMT
ETag: "6ea7d9b57b7262d2e26b8ff6c663d4a5bd0618c2"
Last-Modified: Wed, 28 Sep 2022 01:13:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1866
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7519393f98591bfa-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    9421671bd2ed2e02db30a5d0761d1ae9
Sha1:   6ea7d9b57b7262d2e26b8ff6c663d4a5bd0618c2
Sha256: 51c2414e3a55642659d0e53a10a4cb15483e4b1816668a17cd1c21ea8bb71284
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:59:32 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 02 Oct 2022 01:13:23 GMT
ETag: "6ea7d9b57b7262d2e26b8ff6c663d4a5bd0618c2"
Last-Modified: Wed, 28 Sep 2022 01:13:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1866
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7519393f9a48b4e8-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    9421671bd2ed2e02db30a5d0761d1ae9
Sha1:   6ea7d9b57b7262d2e26b8ff6c663d4a5bd0618c2
Sha256: 51c2414e3a55642659d0e53a10a4cb15483e4b1816668a17cd1c21ea8bb71284
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:59:32 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 02 Oct 2022 01:13:23 GMT
ETag: "6ea7d9b57b7262d2e26b8ff6c663d4a5bd0618c2"
Last-Modified: Wed, 28 Sep 2022 01:13:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1866
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7519393f9dd2b527-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    9421671bd2ed2e02db30a5d0761d1ae9
Sha1:   6ea7d9b57b7262d2e26b8ff6c663d4a5bd0618c2
Sha256: 51c2414e3a55642659d0e53a10a4cb15483e4b1816668a17cd1c21ea8bb71284
                                        
                                            GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1 
Host: hw-cdn2.adtng.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         209.197.3.25
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 28 Sep 2022 02:59:32 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10721591
X-HW: 1664333972.dop222.sk1.t,1664333972.cds237.sk1.shn,1664333972.dop222.sk1.t,1664333972.cds228.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (16885), with no line terminators
Size:   16885
Md5:    48c80c7c28b5b00a8b4ff94a22b72fe3
Sha1:   d57303c2ad2fd5cedc5cb20f264a6965a7819cee
Sha256: 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:59:32 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 02 Oct 2022 01:13:23 GMT
ETag: "6ea7d9b57b7262d2e26b8ff6c663d4a5bd0618c2"
Last-Modified: Wed, 28 Sep 2022 01:13:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1866
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7519393f9b571c0e-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    9421671bd2ed2e02db30a5d0761d1ae9
Sha1:   6ea7d9b57b7262d2e26b8ff6c663d4a5bd0618c2
Sha256: 51c2414e3a55642659d0e53a10a4cb15483e4b1816668a17cd1c21ea8bb71284
                                        
                                            GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1 
Host: hw-cdn2.ang-content.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.208.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 28 Sep 2022 02:59:32 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10575632
X-HW: 1664333972.dop020.sk1.t,1664333972.cds212.sk1.shn,1664333972.cds212.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (5027), with no line terminators
Size:   5027
Md5:    5e5817bcf4c82c7c85d1d88636d221ce
Sha1:   b5c32cc6c931c33c1297884016e13d3b9a5bf261
Sha256: 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
                                        
                                            GET /a7/creatives/24/124/814230/1027454/1027454_logo.png HTTP/1.1 
Host: hw-cdn2.ang-content.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.208.20
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 28 Sep 2022 02:59:32 GMT
Connection: Keep-Alive
ETag: "1648235852"
Content-Length: 2532
Last-Modified: Fri, 25 Mar 2022 19:17:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10498750
X-HW: 1664333972.dop020.sk1.t,1664333972.cds212.sk1.shn,1664333972.dop020.sk1.t,1664333972.cds213.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  PNG image data, 300 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   2532
Md5:    ca45c1f7c9cc240572ebc5a5fa7cff3a
Sha1:   d3cfe8f57d87ca20636cd24acbbc0508375541fe
Sha256: d6f7a3e51952a88fcf04cad98e06d4ff23c1f83f80847156a4867d029bcd3e01
                                        
                                            GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XUwBGjTI4aMWq0uGGQRgsaMMzkaCEGxhgzLcKUiUGGDI2NOWzUoCHi4Rwxacgo1LFFxIwbOXCAxJFURJeHYeqMyagzjBkZNMKYtAHj48kxNmK0yBGmhkgZNnLcmAHDLJkZZmL0hEjGzsK0NmQ8hFNHDEUZaqHCgUMxRo4cM3zCmcjwRtijFce0IayDRowbXW1AJWNmoYwbD8W4cePZcQ3HMB62cYNRx-cZafeubh3DcgwcD-vI1TGQDh04c3S8eBHGhUE6rF2MedPmxZkydF7EgAFjOlYZP-ikaVOmR8gcWMHLwIHjxmcudaijDUNnTA_LmHOiV28jDBwxPYRQmVNGT9Y81LVgxxFlnBHHFHpIIUQROYxxRQ5UtFFHFVHcUUQMQwjhBgxT4KCEFFHQsYYUeLRhwxhYEPHFEWpowQYWNChhHx41hMGEHULY4cYcRehxwxhU9DgEFf6ZQUMda1DhRh5NwJHDEziwQcMSYURhRxktyEHEGmKwIcUTX5xRRRJESFFFGnPB0QZFD72hJpsikMFcRnLQIYZocig350NjsLfQFg09JQIcckylAwwuUFeRGJ0dmmhbfKr5BaGGIkpddY49JIcdlMWgmQhljPGmo5fKUFEddaDJmw020GCkp2SMJQMZYqF0WUw1jtFCGTjIYKqpMFgGwwxzpUGZCDnE4EIOiNIggwsh8aTpF8ZmlOyyzT4b7Vx1hJFRE2_okQYbbITxQg2JgoACFjHEsAMITKThRh14gIAHDjZ80eq7m-qQU6IpgEDgGGu88YIM1SlaHQhGpCFHGWa8gccL_8Iw1xiGiuDEE3O9IccXGGe08VxsZFyEE3MdZMcXD7NB0Wk34AAbDtRpegZprm0EWpxlrCyGHAuR95DKX7TxBhme4VsRGXK8sVBiIrwxlF6DNo1HHgvRoCnEGaHhG3DCvVDnnW7kuVxzc82xKZ1v0MGexy3U4UYadIyEKBljxCBDyhkf9AXees9Fx5o6eNrqDIirRfXgexfOKg2Iz6A4DDJAbRDLZcwBxxd-On544uY91DPnbCBEx1CA0iBoGGIwxrMZUbEx0V4lL5SaCGO0BkMfCgQE&s=d2ae36b878e595f358706391124079efaed0697de10ede91dc9538d84eff33cf1664333972&w=t&r=1&d=361&priv=false HTTP/1.1 
Host: pxl.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=664f416d-92d1-4017-a5ac-e82212104103; bfq=APeIECNCxxYZN2zUSAijCwsRYwpuieFQRBmJMWzYoEFDBowZN2R06aMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         136.243.80.153
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Wed, 28 Sep 2022 02:59:32 GMT
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   24
Md5:    0959ba36d476b6dc1994ba3c678b07c4
Sha1:   d30b94da72daa02766965206a85b7e0356375f5e
Sha256: 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2461
Expires: Wed, 28 Sep 2022 03:40:33 GMT
Date: Wed, 28 Sep 2022 02:59:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2461
Expires: Wed, 28 Sep 2022 03:40:33 GMT
Date: Wed, 28 Sep 2022 02:59:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2461
Expires: Wed, 28 Sep 2022 03:40:33 GMT
Date: Wed, 28 Sep 2022 02:59:32 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
age: 18634
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8500
Md5:    6139c878a7d2bd32c61fc8287996eb5b
Sha1:   9c4692ea64832895fbd107d91f879728b6a440c7
Sha256: 3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
                                        
                                            GET /digital/video/1sdnm355/1sdnm355-2.jpg HTTP/1.1 
Host: pics.dmm.co.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.254.144.30
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-length: 4445
last-modified: Wed, 03 Aug 2022 07:19:17 GMT
etag: "62ea2175-115d"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzLQAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Size:   4445
Md5:    d93b3b378229a498ea579f80722a541a
Sha1:   8764078fdd901016a87248a6b2844dc0dc5187d0
Sha256: eac388b240cfbbb3ce324fda1506827e168d4e7562d579c8eb5fa0a1c782c005
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11314
x-amzn-requestid: 0ceafc65-764c-4367-b031-257061eb65d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF00oAMFUpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-0d46481b7394081b14a81131;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ve8l6PxpMuBLt5BxwywNpqM2ISt0zy2r_gweYnVw4X65PBEhpMbckg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:00 GMT
age: 18812
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11314
Md5:    ee83d08d024d127fad5918e1ffacb78b
Sha1:   8ad289a77705358ab660b6123e9d90de991b6c13
Sha256: aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff14e2acf-9d43-48bc-ab80-1dc73fa7dfc8.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5377
x-amzn-requestid: 28ddd5cd-c299-4b36-98be-b6dbeaadc1ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI4KRGo7oAMFUiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336d74-27ebe6e974ee5b7d06227fca;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TEv_Z7_1FsPBC2ugxBvTbts1ubHFeZjRhrSFAGt2liOt-Z5GQhmu-g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:28:53 GMT
age: 16239
etag: "2afdfb716192540a61327137706462c53588bf23"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5377
Md5:    c301dff6ddda16fd64692c19173cfa8c
Sha1:   2afdfb716192540a61327137706462c53588bf23
Sha256: fd0f33a778fec87dbfa323ffa6b24ca5f94aa16d102e62683ad54b759208058b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 18654
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12016
Md5:    4b794c6812cb546de0295e087ebe66a7
Sha1:   a54803cca7d3c509c195f65961e1110c8ec56f55
Sha256: 6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9733
x-amzn-requestid: fff8214b-48f7-4b45-bd91-69ea4db871d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCAWhG9HIAMFloQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330adc3-1cffa63711378c525e49e11d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 19:36:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vak91l2UKRnX0Go62y1yPwJ8E-Af7XBurmQATw5MSZXBqhUJrIgOCQ==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 04:59:08 GMT
age: 79224
etag: "2142075b27d0d355c51231ab06fea46e25eb9c59"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9733
Md5:    f3e1fd3401c5e635a8dbeec5f78b721d
Sha1:   2142075b27d0d355c51231ab06fea46e25eb9c59
Sha256: 2e17a43985b624e6b6592d402c36dd45b915cd6e1ac84e187c18c46420eb9a1d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7020
x-amzn-requestid: 1258ee7b-987a-4454-8963-e76b7c1470f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4EVxIAMFrmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7a1fbaa251600686757f9583;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ISJfVYtY7kLIm87GZEvqMmEr3D4vYcZDi-WJAu4GyaxLQKRUDbVjg==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 18809
etag: "2351d2547f4bd0aac45bb21a5aa8277e80ef15f2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7020
Md5:    ccfb4931d41ca01aa55b4b8e9ef6b4e1
Sha1:   2351d2547f4bd0aac45bb21a5aa8277e80ef15f2
Sha256: 89de9954ee2874b476c907810189812efe13234a46910180f34f68082429260f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "000E08D74207538ECA3E2A59C40A18FF12AAF74A7A0A32F7333C43F7CBDEBCD3"
Last-Modified: Mon, 26 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4293
Expires: Wed, 28 Sep 2022 04:11:05 GMT
Date: Wed, 28 Sep 2022 02:59:32 GMT
Connection: keep-alive

                                        
                                            GET /digital/video/1sdnm355/1sdnm355-7.jpg HTTP/1.1 
Host: pics.dmm.co.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.254.144.30
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-length: 4232
last-modified: Wed, 03 Aug 2022 07:19:20 GMT
etag: "62ea2178-1088"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzLRAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Size:   4232
Md5:    ac4fb57732bc81ae1e88f965be774d22
Sha1:   639191ad4d13d5dd797f320eec29cc541d54cfee
Sha256: 5725f4b30af5e84f6e360ba75ea4518e6a29aa8a1919a0fcae4b87ea229a353a
                                        
                                            GET /digital/video/1sdnm355/1sdnm355-8.jpg HTTP/1.1 
Host: pics.dmm.co.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.254.144.30
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-length: 5170
last-modified: Wed, 03 Aug 2022 07:19:20 GMT
etag: "62ea2178-1432"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzLSAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Size:   5170
Md5:    ce63648e79a74be3d7f8e5fd86fec6c1
Sha1:   918a50197b9d1ced039a8a11bb62ee9a643ec926
Sha256: 3ec69b92de35ff4309d299baff872fcabe7e1048a3c3412011a4d2ca164e396d
                                        
                                            GET /digital/video/1sdnm355/1sdnm355-9.jpg HTTP/1.1 
Host: pics.dmm.co.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.254.144.30
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-length: 5054
last-modified: Wed, 03 Aug 2022 07:19:23 GMT
etag: "62ea217b-13be"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzLTAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Size:   5054
Md5:    0b629069193f7c1613b5c54e77911635
Sha1:   f6cd6cc2098b76c53fe906d9e0de412fe745d1ec
Sha256: 9e8fc8731fea45e9a8d87245aab73ef175e4eadbf73b4e5ee743b65a2c25a941
                                        
                                            GET /digital/video/1sdnm355/1sdnm355-10.jpg HTTP/1.1 
Host: pics.dmm.co.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.254.144.30
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-length: 4802
last-modified: Wed, 03 Aug 2022 07:19:11 GMT
etag: "62ea216f-12c2"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzLUAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Size:   4802
Md5:    ef26c21346ceb0685caff0d79f1b8f26
Sha1:   3568e946ee7ec0927887c40191c89c37c19b5437
Sha256: 8920c923806f53553fb9080349e1636aa5a7d0c0bb40635d781ecb5dff610725
                                        
                                            GET /digital/video/1sdnm355/1sdnm355-11.jpg HTTP/1.1 
Host: pics.dmm.co.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.254.144.30
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-length: 4801
last-modified: Wed, 03 Aug 2022 07:19:11 GMT
etag: "62ea216f-12c1"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzLVAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Size:   4801
Md5:    da53b9d13d3440c37d9af19d4ba4b015
Sha1:   e7d95813826432b3b886cbeab1495e90a74de4cd
Sha256: a5ffc66880f478e58cb0257e7055855ec0545d8b0eebf75d412165f40eff6bc3
                                        
                                            GET /digital/video/1sdnm355/1sdnm355-12.jpg HTTP/1.1 
Host: pics.dmm.co.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         103.254.144.30
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-length: 5391
last-modified: Wed, 03 Aug 2022 07:19:14 GMT
etag: "62ea2172-150f"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzLWAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Size:   5391
Md5:    e71e2d8f8a124f168e318d9e996db0a8
Sha1:   8ed2c6e651feb84c8a07090feffe9f7d54f55306
Sha256: 0904c75155e6f37e05635b70b7bd6cb57be802d05fb58ba86af48eef7cce7602
                                        
                                            GET /sbar.json?key=53b23c00e857c12b9ec3a6750b627447 HTTP/1.1 
Host: incomprehensibleacrid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 02:59:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://javgg.net
Access-Control-Allow-Origin: https://javgg.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16525306; expires=Thu, 29 Sep 2022 02:59:32 GMT; secure; SameSite=None pdhtkv=true; expires=Thu, 29 Sep 2022 02:59:33 GMT; secure; SameSite=None uncs=1; expires=Thu, 29 Sep 2022 02:59:33 GMT; secure; SameSite=None pdhtkv29=true; expires=Thu, 29 Sep 2022 02:59:33 GMT; secure; SameSite=None uncs29=1; expires=Thu, 29 Sep 2022 02:59:33 GMT; secure; SameSite=None slec53b23c00e857c12b9ec3a6750b627447=[3520333]; expires=Wed, 28 Sep 2022 02:59:38 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 32035e7c82a3aeab862408291695a704
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (5977), with no line terminators
Size:   4321
Md5:    7354e6dda3f7e3f0ec31998b6f51fef8
Sha1:   e468c52df4ce73b46c4895256488096f77788add
Sha256: 3a6dced62c213e2f99d9525b72fbad1de5af88959265f1363a3ab7cb0292771d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/javggnet/assets/js/front.scripts.min.js HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 02:59:30 GMT
last-modified: Fri, 05 Mar 2021 18:57:40 GMT
vary: Accept-Encoding
etag: W/"60427f24-12d1"
expires: Thu, 27 Oct 2022 19:13:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2bm3UxuQSSo1tiqS8Iuf1bzxS8L1zCuNBMym6nxs2ta2AZzsYpYf%2FnyEk4VHTe%2FNO4xYXdd901XopyCTjVR2Hfr2foMDB6U7A7cGBd82Th7oQHS%2F8O%2FMkPEzNQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939326a31b517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4817), with no line terminators
Size:   5629
Md5:    12734d84b56133c8ee003aa6d0786e47
Sha1:   0d5ebd5d9cc1f0eb1c74c75c1450fa35da33ffb3
Sha256: 4306c92dc8b0906244f06027167195786ede557db78bef099db0427f53dee20f
                                        
                                            GET /f77022b90356faf8846be454cfb4e93c.js HTTP/1.1 
Host: c29bbe639d.517a6efd5d.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.24
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 02:59:30 GMT
server: nginx/1.18.0
last-modified: Fri, 23 Sep 2022 12:39:30 GMT
etag: W/"632da902-15a62"
content-encoding: gzip
expires: Wed, 28 Sep 2022 03:04:30 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   38173
Md5:    3a3c9e5775f35a7365f0a6aae9989911
Sha1:   d57a6a3080adaab38e133d30d335400fb9f67077
Sha256: 2bf1a9212672c97042e60d133f39635ce2c67de38f197f5e6760c265156b6fae
                                        
                                            GET /digital/video/1sdnm355/1sdnm355-3.jpg HTTP/1.1 
Host: pics.dmm.co.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.254.144.30
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-length: 3594
last-modified: Wed, 03 Aug 2022 07:19:14 GMT
etag: "62ea2172-e0a"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzMQAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Size:   3594
Md5:    d200be0a87c320b1b80240f64cbb506d
Sha1:   736243c53b3e3875c410320cb80f3a9ebe259f91
Sha256: b244e2786a14ed8bcb392fba75e5fda2909a73359d22f88ea7c44d3ab2a64aa7
                                        
                                            GET /digital/video/1sdnm355/1sdnm355-4.jpg HTTP/1.1 
Host: pics.dmm.co.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.254.144.30
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-length: 5602
last-modified: Wed, 03 Aug 2022 07:19:17 GMT
etag: "62ea2175-15e2"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzMRAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Size:   5602
Md5:    7b0c634a3f6a44417e31ce26854b8030
Sha1:   ee8294402642480e465148d6108e4ba6ff29992d
Sha256: 79e245ed17ad88eba6238b84c6b389cac8bea2d02d26319abc8aa8d3d897e7f1
                                        
                                            GET /digital/video/1sdnm355/1sdnm355-5.jpg HTTP/1.1 
Host: pics.dmm.co.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.254.144.30
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-length: 4716
last-modified: Wed, 03 Aug 2022 07:19:17 GMT
etag: "62ea2175-126c"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzMSAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Size:   4716
Md5:    34cec363cf4960ba6faaeb431725efac
Sha1:   f0f12c5851c32ea9d5d583b66cda81657591e944
Sha256: 7934205d90bfb92ca37ce25c02e4fe476189d1f17bdf82befe36b16005295b26
                                        
                                            GET /wp-content/uploads/2020/07/140_Gg_logo_logos-512.png HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 28 Sep 2022 02:59:33 GMT
content-length: 2026
last-modified: Tue, 01 Feb 2022 12:17:26 GMT
etag: "61f924d6-7ea"
expires: Thu, 27 Oct 2022 19:13:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27685
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYLNueBJvCYfsPR0fk988Gkm2buytZ6jFOkJyXLCNHvmpQ2iY8HPMPmhYdDuFX30y9FdiSTn6uOkQjQxdLKtHaB1R4DMnjOLk5%2FEv9aTwJZMZfhoVZUGvlsAwF8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193944facfb517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 4-bit colormap, non-interlaced\012- data
Size:   2026
Md5:    a5abf07ffe14012dd6e7fb604525065e
Sha1:   cc6323f6e65b0872716da70fa2b326a2e6c2c8cb
Sha256: eee2844ba1a641b18681dc9c566927ee9a3208ccf010f7edbf337b7ce62e2ed4
                                        
                                            POST /wp-admin/admin-ajax.php HTTP/1.1 
Host: javgg.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 41
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Cookie: _ga=GA1.2.81713717.1664333969; _gid=GA1.2.213513287.1664333969; _gat=1; sb_main_53b23c00e857c12b9ec3a6750b627447=1; sb_count_53b23c00e857c12b9ec3a6750b627447=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.21.6.180
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Wed, 28 Sep 2022 02:59:33 GMT
set-cookie: starstruck_049b550d94aa443d7d092a8280918509=c85a124ccddc0d4464aecbae61f39ed1; expires=Thu, 28-Sep-2023 02:59:33 GMT; Max-Age=31536000; path=/
access-control-allow-origin: https://javgg.net
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHizR7gyDD3GgfILF5g9IzTxIh8w2Zy5CjbDbqIzHJJXd0Io%2Fh1YjhKBIoE%2BJ1GzeFdRTVB6J8L4Jg6yMOF03PB0HmcYN5P6QRSOobwXfbv9xWBlBjsi6DJxFpc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75193943ca43b517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   93895
Md5:    d86991a5cb976f8db505e780a71f0e23
Sha1:   0496610b712c5d7224ead02728707d2163c73bc9
Sha256: 2995495a67cd46933200ce12d283af4dc8b79066f57e34dce55e29af09d50965
                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Cookie: uid_id2=c10b66c0-6c05-43ea-a64a-7b3a927289d4:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         3.66.118.16
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 28 Sep 2022 02:59:33 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://javgg.net
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    9ab948ffaca8406919d9adc58180f2e3
Sha1:   cb2ce9f25b2f69ed0c6e2e82b7dcb401e49bc6f4
Sha256: 9ec8a7e39012bc0624fa85b86ed284f186ec3e9ce07ae2cad9c5f1a88eb79182
                                        
                                            GET /cimp.php?t=api&data=H4sIAAAAAAAAA01Oy2rEMAz8lf5AzEiWLGvPPbfQ0g9InHihh720LFvQx9fJ0qUaBHqMRsNgnuAT2xPzSf2UEU7JkYQTqcTL61sIxed8PZ/TZfsOkSpKYSaWa3h2dYSoqQKhNJKLFyphSiI8OKSRAwOsWWSvEjAUEB/vz0fSDkQGbjRU6PgaPHRHjdt+C+9rdW7urW3Grt26FYUvm+UVy0785xJ3JBAPA8F/g8gkmYVjokcjMQJxrOevn0uLeNDv0ENgmBHZ3VmxTfosGZnW5t17sdpdsNGy1Cq/ZB923VUBAAA= HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226333b892e2b071.422643241480154876%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.245
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 28 Sep 2022 02:59:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://javgg.net
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226333b892e2b071.422643241480154876%22%3B%7D; expires=Fri, 27 Sep 2024 02:59:33 GMT; path=; domain=.realsrv.com; Secure; SameSite=none __upt=%7B%22v%22%3A1%2C%22id%22%3A%226333b892e2b071.422643241480154876%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22510.0199%22%7D; expires=Fri, 27 Sep 2024 02:59:33 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

                                        
                                            GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHqze5%2FPhdVBZFUJmbuyCT7p6Z7hn3sLgbI9HsZt1V9CBIdVXNpDY1XU1V9%2FQkp%2BCCBBGcPei5851kw2qQ9aJeXKSzIBgR0noJaP6JxT2IB5nZYPRB8V7V91vwea%2Fqw63smLjI6NH8Fb0ulaJzrbpbO%2Feu512oLck4G9aG7eD9oHmhZgYvd4K6e772mmCres53Pdf1XK%2B2II3o6uHcRIRM9jpevePWm37dazUxNP%2Fd28yBpQ744Jg8Bcmr2QfOWUhWIu7fmxd2NdXJS6%2F2M0VTbTDgu2%2FHq7HOY%2FRPy65x0I13T9zQ9nDhPnS8M8WFHvxjjGRFnB%2FuI4p3TyARDbannJGCiBHx%2FyMflBCqhKQlmL4FyQ8JwDiuLiPu37mqTU7XHqt0olZk9tFDyLwis7%2BfRdz%2F8pKSw9oNrbJU6thi2C0ghyVkr0SS7SNdPwOZ74OlH0Dyn8ncoyXE%2Fe1lqzQkL6a9S1lCdksoMQK1DrLJkg6yroMscdDnRzXmeV7ockbddoexBg9FFHDXo2HXo54btJGxCd4IaTICUyMws4HEbGBV3q4I%2Bfp1mOx72JUCljuwaUWcNzcw4AVyQZBbgpwS5JIgTwnyQbHDlfVtcYcrm0XeSfZPcqMY67S3RXd02hMx2UqOyZPT4fz14p9YFUe1ViPyG8x1RbsVMs%2BPOoI1aBC23Cjww2YzhJUFpD0z7XddVuTpXxUSWZGZ33JEdB9W7YPJJ0Cz50Hzcei7oCvjZtvFenz3Jh30evVYpOC6QJLOIl1zttQxeXYK0frmCgQ7uPjTuT%2FKT947D2YKJKbATfmAoKc2x9d1Trav69ySr5aTVPblOp283o2UpmLm8zfEWq4NX5y3o7uvsIkwKffeEjZdojGXcc%2BSLy5JzoVZ0IYJ8t2ifUdE1zK7cikzcZYsXbu8sNhPjLBW6rgElYf2YzBZkf9RPf2Wzz3zEaQpYbIC%2FeyAnASk3gdLNmCTU3qrZ2DUqSdKHORZMTZ%2BdHqoZEX8hz9CiYOL98je8PLmZ6BRASv%2BdfG03rKb6JkXQNNbiPsFBqbAQBWgagSbzYzTxBxc%2FKUxDUTKGUfKONuRMur24%2FFaeVQLGw2XBp2WF4ZUhFHTb3cDj1PqNwM%2FCGgDqa1Y49tP%2FwYAAP%2F%2FAQAA%2F%2F%2FNvsgbZQQAAA%3D%3D HTTP/1.1 
Host: incomprehensibleacrid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: u_pl=16525306; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec53b23c00e857c12b9ec3a6750b627447=[3520333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 02:59:33 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a391b414194e3fcf99703346adbcb766
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /library/448451/e1854b9c9aacd74ca5a5ba971fbcee29dec61d1f.mp4 HTTP/1.1 
Host: s3t3d2y8.afcdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.76.9.25
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
date: Wed, 28 Sep 2022 02:59:33 GMT
content-length: 19553
last-modified: Tue, 09 Aug 2022 11:14:51 GMT
etag: "62f241ab-4c61"
expires: Wed, 09 Aug 2023 11:38:13 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1691581155
server: CDN77-Turbo
x-77-nzt: AblMCRSYPsD/MnFBAA
x-77-nzt-ray: wJeKrQH9UBw
x-cache: HIT
x-age: 4288818
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-19552/19553
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   19553
Md5:    3ea9b335bfa30f346ba6640b0d59d75a
Sha1:   e1854b9c9aacd74ca5a5ba971fbcee29dec61d1f
Sha256: 26fcff889cf6cd649f461ac43376b5f1a6e53b64ee2a36e6f9e5d8390052a31b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9C170E91BCF1525666FBC19DA62F3B53FB69D2D1AFBEF0D3FC1B603784D82CFF"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3898
Expires: Wed, 28 Sep 2022 04:04:31 GMT
Date: Wed, 28 Sep 2022 02:59:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5344
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 02:59:33 GMT
Last-Modified: Wed, 28 Sep 2022 01:30:29 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /tags?tag_id=9625&timezone_olson=UTC&version_name=a HTTP/1.1 
Host: notification.tubecup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         94.130.197.136
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.18.0
date: Wed, 28 Sep 2022 02:59:33 GMT
content-length: 1812
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1812), with no line terminators
Size:   1812
Md5:    ee7127c3bf60d3b71f9f62ad85af89be
Sha1:   3ccd5f69c8a79cbd583dc72239c7c93d7ee3394f
Sha256: 614fa7e2a3c6c60b0f2c8ef33d91e5b16746e6cecb0c67d187ecb4f7ee48aaa2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5344
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 02:59:33 GMT
Last-Modified: Wed, 28 Sep 2022 01:30:29 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280

                                        
                                            OPTIONS /fp?tag_id=9625 HTTP/1.1 
Host: fp.metricswpsh.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://javgg.net/
Origin: https://javgg.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         157.90.84.244
HTTP/1.1 204 No Content
                                        
Server: nginx/1.20.1
Date: Wed, 28 Sep 2022 02:59:33 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://javgg.net
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

                                        
                                            GET /thumbs/1664333778/83014846 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxvjmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 02:59:33 GMT
content-length: 45231
cf-bgj: imgq:100,h2pri
cf-polished: origSize=46946, status=webp_bigger
etag: "cba3072450d524f2d35078ceada6326b"
last-modified: Wed, 28 Sep 2022 02:56:43 GMT
cf-cache-status: HIT
expires: Wed, 28 Sep 2022 03:04:33 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751939479e190b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 648x360, components 3\012- data
Size:   45231
Md5:    66066bd70ff7538785a34c6d9298190e
Sha1:   2fb49cf7af46e3b1512ba3d0015c220b087e34a4
Sha256: 3ebe75758b9735441ee203b5f22a8207dc30b968a5ded04b9d4567f569527278
                                        
                                            GET /thumbs/1664333778/82617775 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxvjmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.61.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 02:59:33 GMT
content-length: 61904
cf-bgj: imgq:100,h2pri
cf-polished: origSize=64030, status=webp_bigger
etag: "8846e79ac7479adf05a1082dd833fc40"
last-modified: Wed, 28 Sep 2022 02:56:43 GMT
cf-cache-status: HIT
expires: Wed, 28 Sep 2022 03:04:33 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193947be2a0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Size:   61904
Md5:    0a15428447ea0323d0474506acae746a
Sha1:   69519fca279bfb0643e3bf3c74c3b9eaa3371ffc
Sha256: 1094ad306c58c5d36ecf36bfb1e5d764bbfc13b92bebc4ae96ae1a0819e395ee
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5344
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 02:59:33 GMT
Last-Modified: Wed, 28 Sep 2022 01:30:29 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST /fp?tag_id=9625 HTTP/1.1 
Host: fp.metricswpsh.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22268
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         157.90.84.244
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
                                        
Server: nginx/1.20.1
Date: Wed, 28 Sep 2022 02:59:33 GMT
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://javgg.net
Set-Cookie: id=3675182247278206455; Expires=Thu, 28 Sep 2023 02:59:33 GMT; Secure; SameSite=None
Vary: Origin


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   28
Md5:    d8ded99ae3089c609f0f3dfd190a3299
Sha1:   aa378c43d5b8dc4887db4f93f86a319f75731b6f
Sha256: f5526ab1e5df71c978b3db3ada96990b256be308611834bea29d342b88338000
                                        
                                            GET /5eed51b2b5c2a5a10bbd11bc84c06131.js HTTP/1.1 
Host: c29bbe639d.517a6efd5d.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         45.133.44.24
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 02:59:33 GMT
server: nginx/1.18.0
last-modified: Mon, 12 Sep 2022 14:09:08 GMT
etag: W/"631f3d84-4185c"
content-encoding: gzip
expires: Wed, 28 Sep 2022 03:04:33 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   71525
Md5:    179ef8f64d90f37eee1fd31e6b89ae47
Sha1:   8c4a8553df5c8d8f439c82ab40bff57320a1c395
Sha256: 4a7180e94ed3af8bf905454a9d5c1fb1d855ab11748eb0bfeba9774cd3002668
                                        
                                            GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI2ODIxMDg4Nzk0ODAyOTYwMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuOC4xIiwidGFnX2lkIjo5NjI1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjIuNjMsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbCwidXNlcl9rZXl3b3JkcyI6IlNETk0tMzU1JTJDTW90aGVyJTJDV2hvJTJDUmFpc2VzJTJDMyUyQ0NoaWxkcmVuJTJDV2l0Li4lMkMlMkNKYXZHRy5uZXQlMkNTRE5NLTM1NSUyQ0pBViUyQ01vdGhlciUyQ1dobyUyQ1JhaXNlcyUyQzMlMkNDaGlsZHJlbiUyQ1dpdGglMkNBJTJDTG90JTJDT2YlMkNCcmVhc3QlMkNNaWxrJTJDS2FobyUyQ1RhbWFraSUyQzI5JTJDWWVhcnMlMkNPbGQlMkNTT0QlMkNDcmVhdGUlMkNUYW1ha2klMkNLYWhvJTJDJUU3JThFJTg5JUU1JTlGJThFJUU1JUE0JThGJUU1JUI4JTg2JTJDU0ROTTM1NSUyMCJ9 HTTP/1.1 
Host: 192d42a802.20e2b2c425.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.25
HTTP/2 200 OK
                                        
date: Wed, 28 Sep 2022 02:59:33 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

                                        
                                            POST /thumbs/view HTTP/1.1 
Host: go.xxxvjmp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xxxvjmp.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://creative.xxxvjmp.com
Content-Length: 144
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.64.145.216
HTTP/2 200 OK
content-type: application/json
                                        
date: Wed, 28 Sep 2022 02:59:33 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28uukSkGJRy5UBr1MAvzNuwf2BatEpi3jkeifczkC; SameSite=None; Secure; path=/; expires=Thu, 29-Sep-22 01:59:33 GMT; HttpOnly
server: cloudflare
cf-ray: 751939487da01c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   593
Md5:    aa58674e2b4d26bdc47633ef20a069c1
Sha1:   103a41e3893b9e0e5eec56b970a09c23e6ae7aa3
Sha256: 64ae7bcaaf2cb9a850fe77cf09795c6143ad0c75e32e6a8be4b0d65dd11d426e
                                        
                                            GET /30a6d8967ffb6d74401f6ef56a180d5a.js HTTP/1.1 
Host: c29bbe639d.517a6efd5d.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         45.133.44.24
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 02:59:33 GMT
server: nginx/1.18.0
last-modified: Tue, 13 Sep 2022 12:49:57 GMT
etag: W/"63207c75-d220"
content-encoding: gzip
expires: Wed, 28 Sep 2022 03:04:33 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   13354
Md5:    50933d057808739ab0e4da5d35382cef
Sha1:   1a98e947f0d32af2a5624c3c54651083f0c4d448
Sha256: 337707d12216d5e4cf1b9a6d7ff73b2b25575332540f64490bc8ff9a5d5f58de
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "38EDBE70F90ED5A050C0B2C954A5FF5982FACD46318E891035925B96B3EDDF21"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12867
Expires: Wed, 28 Sep 2022 06:34:01 GMT
Date: Wed, 28 Sep 2022 02:59:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D01727520812C38EC361173E7B2790DBC572BDF378CDC12BC11CAEE749DC6541"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18996
Expires: Wed, 28 Sep 2022 08:16:10 GMT
Date: Wed, 28 Sep 2022 02:59:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "38EDBE70F90ED5A050C0B2C954A5FF5982FACD46318E891035925B96B3EDDF21"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12867
Expires: Wed, 28 Sep 2022 06:34:01 GMT
Date: Wed, 28 Sep 2022 02:59:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D01727520812C38EC361173E7B2790DBC572BDF378CDC12BC11CAEE749DC6541"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18996
Expires: Wed, 28 Sep 2022 08:16:10 GMT
Date: Wed, 28 Sep 2022 02:59:34 GMT
Connection: keep-alive

                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5d%2F1e%2F66%2F5d1e6654b79f5bf053b789353432e45e%2F1613739250.html&l=1274&fd=432 HTTP/1.1 
Host: incomprehensibleacrid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: u_pl=16525306; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec53b23c00e857c12b9ec3a6750b627447=[3520333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 02:59:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /in/multy HTTP/1.1 
Host: bd2ca6c82d.20e2b2c425.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://javgg.net/
Origin: https://javgg.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         168.119.25.22
HTTP/2 204 No Content
                                        
server: nginx/1.18.0
date: Wed, 28 Sep 2022 02:59:34 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

                                        
                                            GET /in/dip?site=native-push&wl=1&event_id=942986a9-8804-41d0-ab26-2c8add97cb66&subid=1925659414&sid=3907982844&spot_id=8228&created_at=2022-09-28&timezone=0&ver=7.3.0&is_native=1 HTTP/1.1 
Host: nereserv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         168.119.25.22
HTTP/2 200 OK
                                        
server: nginx/1.18.0
date: Wed, 28 Sep 2022 02:59:34 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FC0A2CDC09CE8365B0EB9FDF07AE268D11CDCC69C92BC045764843BC6F2B05B6"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2867
Expires: Wed, 28 Sep 2022 03:47:21 GMT
Date: Wed, 28 Sep 2022 02:59:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "38EDBE70F90ED5A050C0B2C954A5FF5982FACD46318E891035925B96B3EDDF21"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12867
Expires: Wed, 28 Sep 2022 06:34:01 GMT
Date: Wed, 28 Sep 2022 02:59:34 GMT
Connection: keep-alive

                                        
                                            GET /si/5a/64/23/5a6423eabb734da73b97371ea67be959/1658144657.jpg HTTP/1.1 
Host: cdn.cloudimagesb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.9
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 02:59:34 GMT
content-length: 16979
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:44:25 GMT
etag: "62d54799-4253"
expires: Fri, 30 Sep 2022 02:59:34 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size:   16979
Md5:    c22ff55c863b2414205b04cc3747edfb
Sha1:   5490b3da882c95fa66913143eb4d472457c0e045
Sha256: b3f3ebb3a107d88eb97d98ef637c97f2315f1186b52a38fd3a10af6868c8452b
                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=131 HTTP/1.1 
Host: incomprehensibleacrid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: u_pl=16525306; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec53b23c00e857c12b9ec3a6750b627447=[3520333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 02:59:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA1AE9892AD3E3453AF5B255D0C5A3CD145F45E1444A1406CBBB5E663959C2B3"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11622
Expires: Wed, 28 Sep 2022 06:13:16 GMT
Date: Wed, 28 Sep 2022 02:59:34 GMT
Connection: keep-alive

                                        
                                            GET /sb/ssp/utility/social-media/whatsapp/img/close.svg HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 02:59:34 GMT
last-modified: Thu, 11 Feb 2021 15:19:43 GMT
etag: W/"60254b0f-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4812904
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5E5yxDjfYmx6yuj1VAuh237Ihf0iRDak9CBlsNRkWX16ZVFRugd8RMagPdwSApGsxV%2BICGR2hu%2BBBhCgAxnI8z57rG3rbhG6u5zOGNPLf%2BIgI4wYH9SMyjdIFXRHKH9dtH0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193949ecea8e26-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   585
Md5:    bce897c680cae17c899994ba9f1a68da
Sha1:   698c9fbcd96ab6e61b7bb9b6039eb439a24839fd
Sha256: 8313e273fc788c1d37c114316ecf3b22cc7cd3c65c8585acc9c6b3595dd06734
                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fstyle.css&l=6334&fd=144 HTTP/1.1 
Host: incomprehensibleacrid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: u_pl=16525306; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec53b23c00e857c12b9ec3a6750b627447=[3520333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 02:59:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pxf.gif?uuid=c10b66c0-6c05-43ea-a64a-7b3a927289d4&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=53b23c00e857c12b9ec3a6750b627447&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Wed, 28 Sep 2022 02:59:34 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a02cbd7e48db530d06fda1f676bb3704
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pixel/sbs?c=1 HTTP/1.1 
Host: incomprehensibleacrid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: u_pl=16525306; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec53b23c00e857c12b9ec3a6750b627447=[3520333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 02:59:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSzWtdxRvH5zTZ%2FPhtVIoiqNydLcjNOfc9dhFMYySaNrVVdCHIvN2baeaeOcycl5usggUJIni70PXJ9yYN1SB1o24sclIQjAg5uglo%2FoliF%2BJC7m0w%2BsDwPDPf78DneWY%2B3E5OiI%2BEHi9cMRtKazrTrPqVC%2B8GwaXKsgqTQWXQab3falyq2PTl2VbVv1h5TfI1M1PzA98P%2FKCyqKzsmsHMWISK9meD6qxfbdSqQbOBgf3v3iUeHPUg0hPyFJQopx9456F4gbB%2Fb0G6tdhEL73aTzSNjUUq9t4O10KTheiflV3roRvunbph3NHifZhwd4ILk%2F5jZKok3g%2F3wcK9U0iwdGfCyTRkCCb%2BjywtIHUBRQtwcwtKHBGAC1xdQdi%2Fc9XYjK4%2FVulYLcn0o4dQWUmmfz%2BPsP%2FlvFaDyg2jk1iZ0GHQzaEGBVSvQJQcIN44B5UdgMcfQImfycyjZYT9nRWnDZTIJ70rVUB1C2g5BHUekvFSHpKuhyTy0BfHFR4EQdsXnPqdWc7roi1ZS%2FgBbXcDGvitDhI%2BxhsijobgeghuNxHZTayp2yUhX78Om3wPt5rDCQ8uLon35iZSkSOTBJkjyChBpgiymCBL812hXc3ld4R2CQtOc%2B001%2FORiXvbdNfEPRmS7eiEPDkZzl8v%2Fok1eVxp1lmtzn1fdpptHtTYrOR12mo3fdaqtRuNNpzKody5Sb8bqiRP%2F6oRqZJM%2FZaB0QM4fQCungBNngfNRu2aD7o6anR8bIR3b9K016uGMoYwOaJ4GvG6t61PyLMTiOY3VyD54dxPF%2F4oPnnvIrjNEdkcN9UDgp7eGl03Gdm5bjJHvlqJYtVXG3T8ejdiGsupz9%2BQ65mxYmnBDe%2B%2BwsfCuNx%2FS7p4mYZChT1HvphXQki7aCyX5Lsl945k1xK3Op%2FYMImWr11eXOpHVjqnTFiAqiP3Mbgqyf%2BomXzL5575CMoWsEmOfnJITgPKHIBHm3DRGb0zU7D6zMMiD1mSj2yNnR1qVZLawx%2Bh5eHcPbI%2FuLz1GSjL4eS%2FLp7V224LPfsCaHwLYT9HanOkOgfVQ7hkahRH9nDul%2FokwLQ3Ytp6O0xbffvxeJ06rtR90WayK9tMNpqNruSCNZvM513O6qLT4Yhdyevffvo3AAAA%2F%2F8BAAD%2F%2F01qHfNlBAAA HTTP/1.1 
Host: incomprehensibleacrid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: u_pl=16525306; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec53b23c00e857c12b9ec3a6750b627447=[3520333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 02:59:34 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 45e8eadc7ba08eae1dd71b7dd341ea3e
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 02:59:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN