javgg.net/jav/sdnm-355/
172.67.135.25301 Moved Permanently 0 B IP 172.67.135.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jav/sdnm-355/ HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Sep 2022 02:59:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 28 Sep 2022 03:59:29 GMT
Location: https://javgg.net/jav/sdnm-355/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJvqLH%2FRi8mGO%2FH2ZuTIrkh%2BOPf2zZM39Tx1C%2FDUVQuisw8fiIpagsxmpGojJmQgHGk41pbhY1%2FDhhpWIos%2Bhn8Pe1HI1aVJMP8dTSrkP1I06MhfAC133PgM4pA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7519392f19180b06-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 02:15:37 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oh-P-saeqwF08M-L8Z6MdJc-yOC6Nzn-cgH18Zs8bFd16wC3XH71sg==
Age: 2632
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3824
Expires: Wed, 28 Sep 2022 04:03:14 GMT
Date: Wed, 28 Sep 2022 02:59:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ui4g3GVyzE4GKxP5pCCP67qysCP5JTO-zXmt3GzSeLQ-b8b8khNrDg==
age: 63317
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8e900e07b12d9cd0c75a13817c7fabb5
4138021f68f074d3c4f0674ab8cf1f622503cdca
c773c2292ba811830528ecd39d599ea2f07ea98fee430fd97a67cf94d70a69cc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "C773C2292BA811830528ECD39D599EA2F07EA98FEE430FD97A67CF94D70A69CC"
Last-Modified: Tue, 27 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4907
Expires: Wed, 28 Sep 2022 04:21:17 GMT
Date: Wed, 28 Sep 2022 02:59:30 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
javgg.net/wp-content/uploads/2022/08/1sdnm355pl.jpg
104.21.6.180200 OK 128 kB URL HTTP/2 javgg.net/wp-content/uploads/2022/08/1sdnm355pl.jpg
IP 104.21.6.180:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x535, components 3\012- data
Size 128 kB (128039 bytes)
Hash 8d0578f12153609cd6d2a5719b9160b5
4538a9a4d9cd0877a3ff84e566083928c821129d
11120728f2b41a40e0cad65eaf69cd2ec28156acde07348273c58fd0017bf76f
GET /wp-content/uploads/2022/08/1sdnm355pl.jpg HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: image/jpeg
content-length: 128039
last-modified: Tue, 23 Aug 2022 08:14:54 GMT
etag: "63048c7e-1f427"
expires: Thu, 27 Oct 2022 19:27:58 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=is%2BMAhfVsJQ8HXJsQLcmdBvNh1foDN2ncgMhLNIGqarpz7wvlqHvdLhQpIklqghneAwsZB1Icasm4eL%2Bbi%2BkBtNi6twXdPWpTsHGR9POPwCVDL7qQQ%2B81HMJwiI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751939326a30b517-OSL
X-Firefox-Spdy: h2
a.realsrv.com/ad-provider.js
205.185.216.42200 OK 24 kB URL HTTP/1.1 a.realsrv.com/ad-provider.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 46504668ecf4671f582f5ba93a2f3c6b
8b165c478da3dd4fd4df3b40745733049b5acb0c
5230c0e2745fedbf038f97e374a5b6ea033434301aa86ec545eae37b29350799
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:59:30 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 23726
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"2bf044048f482551901a41a7444"
X-HW: 1664333970.dop066.sk1.t,1664333970.cds235.sk1.shn,1664333970.dop066.sk1.t,1664333970.cds207.sk1.c
Access-Control-Allow-Origin: *, *
javgg.net/wp-includes/js/comment-reply.min.js
104.21.6.180200 OK 1.8 kB URL HTTP/2 javgg.net/wp-includes/js/comment-reply.min.js
IP 104.21.6.180:0
File type ASCII text, with very long lines (2946)
Hash 92a9e5995d7867b6d7e233547aeccc9b
37ce8b0daac7a61d822f3c3149afc430aca7939f
565a2324d73aee1018a45e8f9a3deb81f6463e65700a1a00412469282186e6be
GET /wp-includes/js/comment-reply.min.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript
last-modified: Wed, 25 May 2022 01:04:23 GMT
vary: Accept-Encoding
etag: W/"628d8097-ba5"
expires: Thu, 27 Oct 2022 19:13:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27578
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qL6ILTS09%2FrULXN%2F0upUiUYu3nx1gIOi3CIwz1f%2FVnreuFTyK4i979j3cqV28X84RhwyZfEERsB%2B6zmPbngkKh4IntkWUJyFjEz2luu6yeBMrNrGxs5fBMoB6TE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939326a33b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
wtfdontblock.theporndudes.xyz/6J8hfA6.js
135.181.208.216200 OK 30 kB URL HTTP/2 wtfdontblock.theporndudes.xyz/6J8hfA6.js
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (48943), with NEL line terminators
Hash 1b395ac867bea2e4a11a84dd76158f74
a1c25125fbba55acb8e41385b6d224b68bf932cb
8775d700c36a97a8aa0725859079ae68ee6813e3dc85db1af9b6b33f3544a96e
Analyzer Verdict Alert fortinet Phishing
GET /6J8hfA6.js HTTP/1.1
Host: wtfdontblock.theporndudes.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript
content-length: 29537
expires: Fri, 22 Sep 2023 14:14:06 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 14:12:29 GMT
etag: "632c6d4d-7361"
cache-control: max-age=315360000, public
x-hw: 1663856046.dop120.am5.t,1663856046.cds215.am5.c
access-control-allow-origin: *
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
theporndude.com.1111supjavcom.xyz/8YE7Uw5.js
135.181.208.216200 OK 34 kB URL HTTP/2 theporndude.com.1111supjavcom.xyz/8YE7Uw5.js
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (37787), with NEL line terminators
Hash 0bfc926c8717a33d199bd68e1b75af88
8cf397d588f3f00adc9606838b33df88646c38a8
e0a1a633931c7aa2cb79662bdd9c0a78ab87132ca6e549ec64366cf6095e146e
GET /8YE7Uw5.js HTTP/1.1
Host: theporndude.com.1111supjavcom.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript
content-length: 34358
expires: Fri, 22 Sep 2023 14:13:59 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 14:12:29 GMT
etag: "632c6d4d-8636"
cache-control: max-age=315360000, public
x-hw: 1663856039.dop129.am5.t,1663856039.cds267.am5.c
access-control-allow-origin: *
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
javgg.net/wp-content/themes/javggnet/assets/fontawesome/webfonts/fa-solid-900.woff2
104.21.6.180200 OK 141 kB URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/fontawesome/webfonts/fa-solid-900.woff2
IP 104.21.6.180:0
File type Web Open Font Format (Version 2), TrueType, length 140996, version 331.-31392\012- data
Size 141 kB (140996 bytes)
Hash 25d740d42658b6e2c293ce7b3322aac7
41cc9ae4b5dd70fd3988059dfb864f20f99ae371
8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2
GET /wp-content/themes/javggnet/assets/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://javgg.net/wp-content/themes/javggnet/assets/fontawesome/css/all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: font/woff2
content-length: 140996
last-modified: Tue, 06 Oct 2020 00:20:56 GMT
etag: "5f7bb868-226c4"
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cache-control: max-age=3600
cf-cache-status: HIT
age: 1814
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtcENnojrZJleEObaag8ISGwwDbGpjexBXSAjJ%2B2oKP1C1SpMb9YdPv4xbBZfVZMB7u%2BZ10mAelUQ8DvR6X6nEwgub9m%2FPmDAP6YiO6L%2B5wcHLMq3rpcAhmqkb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193933eac7b517-OSL
X-Firefox-Spdy: h2
javgg.net/wp-content/themes/javggnet/assets/js/lib/pwsscrollbar.js
104.21.6.180200 OK 14 kB URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/js/lib/pwsscrollbar.js
IP 104.21.6.180:0
File type ASCII text, with very long lines (45007), with no line terminators
Hash 68742835e6ce4e5581c60a4d5d6bccdb
ae79d1ec11895751555aa58237662dbe57b7ef87
5cc6194db33de81f540bf196d42a3c5d71c9372e62d6ed24eeb794f95729f056
GET /wp-content/themes/javggnet/assets/js/lib/pwsscrollbar.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=45008
etag: W/"5ff29c32-afd0"
expires: Thu, 27 Oct 2022 19:13:35 GMT
last-modified: Mon, 04 Jan 2021 04:40:18 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugBhnGhL9YVGe%2Fr7A6fDskcrqxFyfzdyryUB046Fmbs2V8jieUJIKwO0YtgypZ%2B0RMqlwf0DCXQ20fkETWwBZahX7Yvkg9QYhlFmg80U9tvQyz7NdtuAKKQaKyg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939324a1eb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
wtfdontblock.theporndudes.xyz/api/spots/322939?s1=%25subid1%25
135.181.208.216200 OK 2.7 kB URL HTTP/2 wtfdontblock.theporndudes.xyz/api/spots/322939?s1=%25subid1%25
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash 23d3a5b32104d2931b70f65474bbd84f
d2bfab5b7eaac56824aa7c58bcb0e929aff366b9
e270ee33ec40d35e5d11a01ff0a5ab4d68269ddb696667c7548a2c1ff816fb32
GET /api/spots/322939?s1=%25subid1%25 HTTP/1.1
Host: wtfdontblock.theporndudes.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=JhVoFFcsE875JSPoCORv; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://javgg.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 545122
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
javgg.net/wp-content/themes/javggnet/assets/js/lib/blueimp.js
104.21.6.180200 OK 25 kB URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/js/lib/blueimp.js
IP 104.21.6.180:0
File type ASCII text, with very long lines (32911), with no line terminators
Hash d3807f5817261ec27963edcf5c5939cf
f887bd1207620223589ce074f27685d8412b3b9e
2e098b8da06d97f8bea59b024d2ec259c2c8798a00d48f30a7f0efcb64e74d14
GET /wp-content/themes/javggnet/assets/js/lib/blueimp.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=32964
etag: W/"5c8f9f1a-80c4"
expires: Thu, 27 Oct 2022 19:13:35 GMT
last-modified: Mon, 18 Mar 2019 13:37:30 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27578
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZAiQIXhEpeGkaRT1vsTtoBK4pahXWVqdNNEIbrMmbzyW1vD7KiSUHWo5sezAinrKcQpnwMJR0W4BGJe1J82ygAk8mBjBbTnPPIInMAcNJDAL5A2A4JokDGiE%2FI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939325a28b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
javgg.net/wp-content/themes/javggnet/assets/js/lib/lazyload.js
104.21.6.180200 OK 19 kB URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/js/lib/lazyload.js
IP 104.21.6.180:0
File type ASCII text, with very long lines (7232), with no line terminators
Hash 57b636e2af5dff9317000f3a4c5b2c02
6ec4aeb7b78c6b22d4ec1a418985146c622d61d0
acab0a1ad6e554112275e83bc8bd043e036f9eb8e36ddf26356d1b247bce4b5f
GET /wp-content/themes/javggnet/assets/js/lib/lazyload.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=7238
etag: W/"60426d7c-1c46"
expires: Thu, 27 Oct 2022 19:13:35 GMT
last-modified: Fri, 05 Mar 2021 17:42:20 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iF3HelQdsWaX5FEpKbygyKHw3SCh%2FyAj%2Bos7OMDV%2Fqbn0H4uTqs6df%2F%2BknTRxJ9jr4mAgt8FCLUG%2FJ7OJMoCmhy8mriP4iXqUGb85zEcVhU60NeHwstf02VI6d0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939324a1cb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.imgur.com/ZqsA45L.png
151.101.84.193200 OK 2.5 kB IP 151.101.84.193:0
File type PNG image data, 223 x 39, 8-bit/color RGBA, non-interlaced\012- data
Hash bb0f0c3e65c2f255cbc3bbed3518ec07
f0546433309c820f90ad0cef61c978c5e8e5338e
faa638e486626596913f35ceaca4d7d4ef18e2993010d04743d6c69c8e1476c4
GET /ZqsA45L.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Apr 2021 07:59:50 GMT
etag: "bb0f0c3e65c2f255cbc3bbed3518ec07"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 28 Sep 2022 02:59:30 GMT
age: 737892
x-served-by: cache-iad-kcgs7200167-IAD, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 11772, 4
x-timer: S1664333971.668114,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 2546
X-Firefox-Spdy: h2
javgg.net/wp-content/themes/javggnet/assets/js/lib/idtabs.js
104.21.6.180200 OK 1.9 kB URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/js/lib/idtabs.js
IP 104.21.6.180:0
File type ASCII text, with very long lines (1541), with no line terminators
Hash afcc32853a07a28a2cc43c8179aa31b8
1d58f83fa5b6f7f59559c1d56abe452126d05651
54fdbca10067a0eab5110c870fc5a8f38bc98dd7d1d68865cd87d37176b73bf9
GET /wp-content/themes/javggnet/assets/js/lib/idtabs.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=1543
etag: W/"5c8f9f1a-607"
expires: Thu, 27 Oct 2022 19:13:35 GMT
last-modified: Mon, 18 Mar 2019 13:37:30 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfnVmeGcoG3R50r6s%2Bnq8TtA%2FLmSS92JdlqrTsP6a20CsscociAaBa26L7LUcu0ujqhy7VYk19Rhj3rGcJGYwJZOtOaRtAqAJ97atNnreIRxfPjjiRnNIQlK74k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939325a20b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
javgg.net/wp-content/plugins/gtranslate/flags/24/en-us.png
104.21.6.180200 OK 656 B URL HTTP/2 javgg.net/wp-content/plugins/gtranslate/flags/24/en-us.png
IP 104.21.6.180:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ae506a6c014bfeb8d8cbfdfbe94c14c9
f4e74440c4e79e71959b9b8f799f2e8a7e15b7ee
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
GET /wp-content/plugins/gtranslate/flags/24/en-us.png HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: image/png
content-length: 656
last-modified: Tue, 10 May 2022 07:49:41 GMT
etag: "627a1915-290"
expires: Thu, 27 Oct 2022 19:13:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27377
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APX9O%2BbF4K7VqtL5Nfjes3SOgkomvzUb3IPMYLUK%2FUmgkcsCuQ4da0NKoDfpADGWPDyQZL5h6%2BHppUr4FOxX9bjHdZjdvnK2xZto60oyaEZ8ZgbiMQFmhEpf4Dc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193934ab30b517-OSL
X-Firefox-Spdy: h2
javgg.net/wp-content/uploads/2021/10/mide00988pl-300x170.jpg
104.21.6.180200 OK 20 kB URL HTTP/2 javgg.net/wp-content/uploads/2021/10/mide00988pl-300x170.jpg
IP 104.21.6.180:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Hash cd17b67a52fbb7f70ba59a0102395d8d
dc1cd76ec64428bea33e5b41dd1aa45cf1095e9f
cf5a886add4753e11c88e67bb24e9451fca4bdc721f58f769d93bbdc0384e3bf
GET /wp-content/uploads/2021/10/mide00988pl-300x170.jpg HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: image/jpeg
content-length: 20497
last-modified: Sun, 10 Oct 2021 12:59:42 GMT
etag: "6162e3be-5011"
expires: Thu, 27 Oct 2022 19:13:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27377
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLXgisoKpjS2Y1ggbJyTp3sZ06Evt%2BgK4Dk6%2BWRI%2BgosVvpovmA%2BwJ0kyBT4mJt33oR1wGEKEl66dBYpg1wm5C%2FGoEkiFB5wOrdY25tct0buAk%2Fj2lnVJEWvJuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193935ab9bb517-OSL
X-Firefox-Spdy: h2
javgg.net/wp-content/uploads/2021/10/STARS-168_Leak-300x170.jpg
104.21.6.180200 OK 23 kB URL HTTP/2 javgg.net/wp-content/uploads/2021/10/STARS-168_Leak-300x170.jpg
IP 104.21.6.180:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Hash 15e6266d148a925eddabcf2f400531fb
b2f924d9bd6a8f8973f52dfaa0f922d36800d5eb
d6420bd40113e00a517154ef163abbb4f2df78c47ffdc79ec15554207437ed80
GET /wp-content/uploads/2021/10/STARS-168_Leak-300x170.jpg HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: image/jpeg
content-length: 22770
last-modified: Sat, 23 Oct 2021 06:24:32 GMT
etag: "6173aaa0-58f2"
expires: Thu, 27 Oct 2022 19:13:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27377
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8nTRT19kA5AXIVHL4FqHdcG5UeH%2B7IC4UVd6h04%2Fm5%2BVdJ7L%2BXsHtT0vyM6ur185dfBSlpXtauN7QoNmNJ4B%2B1JOLqVExTnJ5GTqKbufcex%2FRoOqEE8BzvjFSZk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193935ab9ab517-OSL
X-Firefox-Spdy: h2
javgg.net/wp-content/uploads/2021/09/ssis181pl-300x170.jpg
104.21.6.180200 OK 23 kB URL HTTP/2 javgg.net/wp-content/uploads/2021/09/ssis181pl-300x170.jpg
IP 104.21.6.180:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Hash 0b022311bbde64cfe9e86322c8c80ccd
a520f477c12e358ea968df63c9e8e5cb06fe1e40
14bd1c9eb8e49065bc7bd9ade3f246a94cbbf5295ada7842e21d7dff48b66c79
GET /wp-content/uploads/2021/09/ssis181pl-300x170.jpg HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: image/jpeg
content-length: 22899
last-modified: Tue, 14 Sep 2021 04:43:01 GMT
etag: "61402855-5973"
expires: Thu, 27 Oct 2022 19:13:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27377
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrblzEg3MNPvCLsdDKmUjIiKCTOG7kIq7t4QkavbbRC65Ka0ncRsCTAYD22TwkZyxUwjkAK24%2F5m8Wb%2B9DS1egOLGU3i3OJcC0p6F7veyJ63SYNvRSuxVgBcgmU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193935ab9db517-OSL
X-Firefox-Spdy: h2
javgg.net/wp-content/uploads/2021/09/1stars120pl-1-300x170.jpg
104.21.6.180200 OK 27 kB URL HTTP/2 javgg.net/wp-content/uploads/2021/09/1stars120pl-1-300x170.jpg
IP 104.21.6.180:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Hash d4fe030a6beecfab19a027f683141749
eee49cc3819c4feb988d491cdb8b7f81a4cf18eb
5524a47315ec445c01edd5eb66b6daed41b13f3949b51c7c40d34fff3c0e1c8c
GET /wp-content/uploads/2021/09/1stars120pl-1-300x170.jpg HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: image/jpeg
content-length: 26648
last-modified: Sun, 26 Sep 2021 07:28:32 GMT
etag: "61502120-6818"
expires: Thu, 27 Oct 2022 19:13:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27377
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwOuN3IN4Ef6TPfw0Gv%2B6HJ1FahOGDLUWESnLiJbvciHH8dZ3gwIj2RW%2B%2BVyAw%2BQMPUnGmsxoUgEe%2F6ZU2yATHaNxDUGMNIhx9NHZYp794Tbs8hQsouGRD2Kd24%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193935bba2b517-OSL
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 02:10:46 GMT
Expires: Wed, 28 Sep 2022 02:12:27 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0YQyWZ8goLbPeWooWqFJlGMRKhHkStDF3AaFPvRkffKqAKAgBv6iSA==
Age: 2924
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 28 Sep 2022 02:41:09 GMT
expires: Wed, 28 Sep 2022 04:41:09 GMT
cache-control: public, max-age=7200
age: 1101
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cb600c4fe611e7a9f6e1df50d934375d
afac81b549aade8b7a1ba18e63432036343fdadf
4ac0f690be6e1e0c0f070e8600e05e7c235ba70b4baf3f4e5a35d207b1db168c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5733
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:30 GMT
Last-Modified: Wed, 28 Sep 2022 01:23:57 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
104.17.25.14200 OK 5.1 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (17660)
Hash abe1df98b6ab4644bd567e6669d0da03
27e3bf22ef08b7ca0090721ed31b4f921d278e7c
cd40ba7dbf63d67511c0fd56b7e5327dbedb43d15c439d79a8aacb6377059540
GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript; charset=utf-8
content-length: 5117
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-45f4"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9615632
expires: Mon, 18 Sep 2023 02:59:30 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjty4N%2FLYO29WyJbLcEtkFJhnnflmiekGxXoRa0bFQdSBcjJ1HmW1DRRJy9zh26zGCfejsh%2F2GbvPLmfD%2BJNfwYbOJ15n9G6vFJmoenAyy0JT5Hfdx2mWeYdZAgDFRWb5HJ4lY38"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75193936593ab523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9697445fb403322bb1b56e90f20d7a45
8b4db538d79b9968401dfcb75885ac4e350f383c
c7559547abbe8d64b62551846096d5d9cf79d80ea5fde5113292850e1a6abd9a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7559547ABBE8D64B62551846096D5D9CF79D80EA5FDE5113292850E1A6ABD9A"
Last-Modified: Tue, 27 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3090
Expires: Wed, 28 Sep 2022 03:51:00 GMT
Date: Wed, 28 Sep 2022 02:59:30 GMT
Connection: keep-alive
notads.111supjavcom.xyz/api/click/1697011856757079095?c=90
135.181.208.216200 OK 0 B URL HTTP/2 notads.111supjavcom.xyz/api/click/1697011856757079095?c=90
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/1697011856757079095?c=90 HTTP/1.1
Host: notads.111supjavcom.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notads.111supjavcom.xyz/api/spots/338183?p=1&s1=%subid1%&kw=
Cookie: nauid=ii5gAIfMAQ2dvDDvlXYH
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:59:30 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private
X-Firefox-Spdy: h2
notads.111supjavcom.xyz/api/click/18422595916118178095?c=90
135.181.208.216200 OK 0 B URL HTTP/2 notads.111supjavcom.xyz/api/click/18422595916118178095?c=90
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /api/click/18422595916118178095?c=90 HTTP/1.1
Host: notads.111supjavcom.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notads.111supjavcom.xyz/api/spots/338183?p=1&s1=%subid1%&kw=
Cookie: nauid=ii5gAIfMAQ2dvDDvlXYH
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:59:30 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 45bf721c64ec6e1aac7c7496720b892f
e0e69b86d0c543872ccd865f6d6a3a74860ea611
0887434d697c7d1e40a0db297b3f347af7cf35a082b29d736c2ec9a3de289393
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0887434D697C7D1E40A0DB297B3F347AF7CF35A082B29D736C2EC9A3DE289393"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2296
Expires: Wed, 28 Sep 2022 03:37:46 GMT
Date: Wed, 28 Sep 2022 02:59:30 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 78 kB IP 142.250.74.3:0
Hash 7daea030c5b73fdc34487a74d426614b
f5b6b4cb4e1cc727894da72f4023cda39dab88c8
6fe8df863ba43ba995298a1ebee12bbc8f5ac85ac3c4261c6afe087d2dec6ab1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cb600c4fe611e7a9f6e1df50d934375d
afac81b549aade8b7a1ba18e63432036343fdadf
4ac0f690be6e1e0c0f070e8600e05e7c235ba70b4baf3f4e5a35d207b1db168c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5733
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:30 GMT
Last-Modified: Wed, 28 Sep 2022 01:23:57 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
syndication.realsrv.com/v1/api.php
95.211.229.245200 OK 1.0 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (1379), with no line terminators
Hash 00a4e693d17fe80024c968fd4017c0d0
ddf2042566c831a25e7fd1c892de754dfe108d91
cf4fb0f44e47d56c2745982e533f3f93a7baf5d49d105d3b28c4fd737f2bcf38
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 247
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 02:59:30 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://javgg.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226333b892e2b071.422643241480154876%22%3B%7D; expires=Fri, 27-Sep-2024 02:59:30 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4618
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:31 GMT
Last-Modified: Wed, 28 Sep 2022 01:42:33 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
javgg.net/wp-content/themes/javggnet/assets/fontawesome/css/all.min.css
104.21.6.180200 OK 39 kB URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/fontawesome/css/all.min.css
IP 104.21.6.180:0
File type ASCII text, with very long lines (65393)
Hash cf235c3875aa876c5ebd5458a12347ed
784c86e60c97b93c1c2cd0cb4961b6d38c90e6c6
2b479ad6dae79016a903df09fef0808ad1e9a9c518dc27620bd8df4547d96cb8
GET /wp-content/themes/javggnet/assets/fontawesome/css/all.min.css HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: text/css
last-modified: Tue, 06 Oct 2020 00:20:54 GMT
vary: Accept-Encoding
etag: W/"5f7bb866-2a8fd"
expires: Thu, 27 Oct 2022 19:13:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74g4pEzJ9Plqz7fpxf8i4EQ%2FVGDvcaMQZPOThteYzlXpnTcDRxZBMtqjC%2FCdiecP2068%2BO3FMw5CS%2BcpWtKpD0Dc6C5nGNSgs107J2wVjqCODW1UAUdTLkXR4Kk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939323a0db517-OSL
content-encoding: br
X-Firefox-Spdy: h2
video.ktkjmp.com/adsbygoogle.js
104.18.42.40200 OK 16 B URL HTTP/2 video.ktkjmp.com/adsbygoogle.js
IP 104.18.42.40:0
Hash 3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xxxvjmp.com/
Origin: https://creative.xxxvjmp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:31 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: kyl0IVMMo5KW4pDdzfnQKUa/Cfs4W9YHdQTiL3YWd73Il6pI7lh92KHTCplsaUtVSNRKq3KXr04=
x-amz-request-id: 3YWBDN4EWV9170D8
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.xxxvjmp.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 2269
expires: Wed, 28 Sep 2022 06:59:31 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7519393729d40b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c29bbe639d.517a6efd5d.com/5cb7fe9beb4e3050d3c49df11e580d78/9625?version_name=a
45.133.44.24200 OK 1.4 kB URL HTTP/2 c29bbe639d.517a6efd5d.com/5cb7fe9beb4e3050d3c49df11e580d78/9625?version_name=a
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (1397), with no line terminators
Hash c3bc2540424528cde8fe3ca2b599117f
fcfc757e21e15f4a92faab5be40400e1c557e84b
0d7e57d29dc71967062a18cbc4e0a7d42bb9ec7cfaba0193c5e2a8b34856889d
GET /5cb7fe9beb4e3050d3c49df11e580d78/9625?version_name=a HTTP/1.1
Host: c29bbe639d.517a6efd5d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:31 GMT
content-type: application/json
content-length: 1397
server: nginx/1.18.0
cache-control: max-age=300
expires: Wed, 28 Sep 2022 03:04:31 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.215.91.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.91.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KAItjLTniDgJewi2ZhfjXg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JowfBjDlm2TSiwgjyx6HtkT1VEk=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7a7d6b38f753780dd5c6cc09e36f9e72
b75fe078967bb12251bd95c29e526e113eff1159
83495b75e935d5e25f3360132c0e5a68564c9a6366a988187001fe5a9ef366ab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83495B75E935D5E25F3360132C0E5A68564C9A6366A988187001FE5A9EF366AB"
Last-Modified: Tue, 27 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3183
Expires: Wed, 28 Sep 2022 03:52:34 GMT
Date: Wed, 28 Sep 2022 02:59:31 GMT
Connection: keep-alive
js.wpadmngr.com/npc/sdk/wp-banners.js
45.133.44.25200 OK 0 B URL HTTP/2 js.wpadmngr.com/npc/sdk/wp-banners.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Wed, 28 Sep 2022 03:04:31 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
javgg.net/wp-content/uploads/2021/10/1sdmu963pl-1-300x170.jpg
104.21.6.180200 OK 39 kB URL HTTP/2 javgg.net/wp-content/uploads/2021/10/1sdmu963pl-1-300x170.jpg
IP 104.21.6.180:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=535, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=800], progressive, precision 8, 300x170, components 3\012- data
Hash 187c13733ccf6a432269e9a5d8826ae6
9a45905b7960538aff788519bc6695722a6202d0
312c574619c3611ed429607634839f0a944d262b728515c7e5c0189bf4b0f552
GET /wp-content/uploads/2021/10/1sdmu963pl-1-300x170.jpg HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Cookie: _ga=GA1.2.81713717.1664333969; _gid=GA1.2.213513287.1664333969; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:31 GMT
content-type: image/jpeg
content-length: 38990
last-modified: Tue, 05 Oct 2021 06:08:05 GMT
etag: "615bebc5-984e"
expires: Thu, 27 Oct 2022 19:13:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27378
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNZAa%2FkPNaVEwsqTCag1FhKXhMlRr%2FQsAoC7xBxutUiqQLBRakwHvNO2o%2FQ8B3dqB0jKPJxKIyazI6wwPnyY0Chj4EDs52lSG7uMo5YmCmUrtq4fS891TlTSHo8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193939ddb7b517-OSL
X-Firefox-Spdy: h2
javgg.net/wp-content/uploads/2021/10/SDNM-229_Leak-300x170.jpg
104.21.6.180200 OK 22 kB URL HTTP/2 javgg.net/wp-content/uploads/2021/10/SDNM-229_Leak-300x170.jpg
IP 104.21.6.180:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Hash af55499889834b81cba1bfe4e6fa8a6f
3fc9212e3ba764e46ed1932a1f29d4b7985655b5
68cbde5ebc20e56c7bfd052fd34c1542e5e7eaa034fc9374ab7b86ec55778039
GET /wp-content/uploads/2021/10/SDNM-229_Leak-300x170.jpg HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Cookie: _ga=GA1.2.81713717.1664333969; _gid=GA1.2.213513287.1664333969; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:31 GMT
content-type: image/jpeg
content-length: 22122
last-modified: Sat, 23 Oct 2021 06:24:01 GMT
etag: "6173aa81-566a"
expires: Thu, 27 Oct 2022 19:13:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27378
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Scsj2wD1vK99JQESViRaR0K%2FHSdr9wKc7QjGw3%2BdU92x4oI0ldLB2riyxPS4EE1L7v2cfU%2FcdzI5NxmMB%2FRnHB04UgJVgpXmLvsJepNnw9ZgEiwch3Ybh94xsPo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193939ddb9b517-OSL
X-Firefox-Spdy: h2
javgg.net/wp-content/uploads/2021/10/ssis211pl-300x170.jpg
104.21.6.180200 OK 23 kB URL HTTP/2 javgg.net/wp-content/uploads/2021/10/ssis211pl-300x170.jpg
IP 104.21.6.180:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Hash 8e2bee408d1b3db43954894efa142fdc
61dd2c871000e7674a4e05826bf23a6365444568
442021ed83f0d2beab4875616cc90edea5b3306982ac84f1c92239ba249cdbcf
GET /wp-content/uploads/2021/10/ssis211pl-300x170.jpg HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Cookie: _ga=GA1.2.81713717.1664333969; _gid=GA1.2.213513287.1664333969; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:31 GMT
content-type: image/jpeg
content-length: 23016
last-modified: Tue, 05 Oct 2021 04:28:23 GMT
etag: "615bd467-59e8"
expires: Thu, 27 Oct 2022 19:13:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 226
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXdxNIz0uRJRdUd2YaPcUF5FPtVXtMrnDLURpV%2Fvdqx3vWAnVVMGmNSsPQepV61OfM0kYtLbuMsmT78Yza%2BI9bS%2FXHm2iclqiOi8e0aMbRQOHqfxZfh1LSrc2Go%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193939ddbbb517-OSL
X-Firefox-Spdy: h2
go.xxxvjmp.com/config?url=https%3A%2F%2Fcreative.xxxvjmp.com%2Fwidgets%2Fv4%2FUniversal%3FisNew%3D0%26broadcastHD%3D0%26broadcastVR%3D0%26broadcastMobile%3D0%26isPerson%3D0%26isFace%3D0%26goalEnabled%3D0%26isMlCountry%3D0%26isLogged%3D0%26isMlAnal%3D0%26isMlBlowjob%3D0%26strict%3D0%26applyGeobans%3D0%26tag%3Dgirls%252Fchinese%26stripcashR%3D0%26language%3Den%26autoplay%3Dall%26thumbFit%3Dcover%26hideLiveBadge%3D0%26hideModelName%3D0%26autoplayForce%3D1%26playButton%3D0%26thumbType%3Ddefault%26actionButtonPlacement%3Dbottom%26thumbSizeKey%3Dbig%26thumbsMargin%3D5%26responsive%3D1%26hideButton%3D1%26hideTitle%3D1%26hideButtonOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26buttonColor%3D%2523DC0C2C%26liveBadgeColor%3D%252300bd8f%26userId%3D5e6ff13072051fdc172c3b2a2c52f266c758c4e6c7837dc97b8bcdbdc61ed761%26campaignId%3Dwidget300100
172.64.145.216200 OK 26 kB URL HTTP/2 go.xxxvjmp.com/config?url=https%3A%2F%2Fcreative.xxxvjmp.com%2Fwidgets%2Fv4%2FUniversal%3FisNew%3D0%26broadcastHD%3D0%26broadcastVR%3D0%26broadcastMobile%3D0%26isPerson%3D0%26isFace%3D0%26goalEnabled%3D0%26isMlCountry%3D0%26isLogged%3D0%26isMlAnal%3D0%26isMlBlowjob%3D0%26strict%3D0%26applyGeobans%3D0%26tag%3Dgirls%252Fchinese%26stripcashR%3D0%26language%3Den%26autoplay%3Dall%26thumbFit%3Dcover%26hideLiveBadge%3D0%26hideModelName%3D0%26autoplayForce%3D1%26playButton%3D0%26thumbType%3Ddefault%26actionButtonPlacement%3Dbottom%26thumbSizeKey%3Dbig%26thumbsMargin%3D5%26responsive%3D1%26hideButton%3D1%26hideTitle%3D1%26hideButtonOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26buttonColor%3D%2523DC0C2C%26liveBadgeColor%3D%252300bd8f%26userId%3D5e6ff13072051fdc172c3b2a2c52f266c758c4e6c7837dc97b8bcdbdc61ed761%26campaignId%3Dwidget300100
IP 172.64.145.216:0
File type JSON data\012- , ASCII text
Hash a0f5e43c5752296c808276221e185fde
1a84e917f8132fa52e9707f70793d6766aa7b3aa
ddc33c3a6baaad9a9cc98ebb461aaa73627790144f977c602333604720dfab05
GET /config?url=https%3A%2F%2Fcreative.xxxvjmp.com%2Fwidgets%2Fv4%2FUniversal%3FisNew%3D0%26broadcastHD%3D0%26broadcastVR%3D0%26broadcastMobile%3D0%26isPerson%3D0%26isFace%3D0%26goalEnabled%3D0%26isMlCountry%3D0%26isLogged%3D0%26isMlAnal%3D0%26isMlBlowjob%3D0%26strict%3D0%26applyGeobans%3D0%26tag%3Dgirls%252Fchinese%26stripcashR%3D0%26language%3Den%26autoplay%3Dall%26thumbFit%3Dcover%26hideLiveBadge%3D0%26hideModelName%3D0%26autoplayForce%3D1%26playButton%3D0%26thumbType%3Ddefault%26actionButtonPlacement%3Dbottom%26thumbSizeKey%3Dbig%26thumbsMargin%3D5%26responsive%3D1%26hideButton%3D1%26hideTitle%3D1%26hideButtonOnSmallSpots%3D1%26hideTitleOnSmallSpots%3D1%26hideModelNameOnSmallSpots%3D1%26buttonColor%3D%2523DC0C2C%26liveBadgeColor%3D%252300bd8f%26userId%3D5e6ff13072051fdc172c3b2a2c52f266c758c4e6c7837dc97b8bcdbdc61ed761%26campaignId%3Dwidget300100 HTTP/1.1
Host: go.xxxvjmp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xxxvjmp.com/
Origin: https://creative.xxxvjmp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:31 GMT
content-type: application/json
access-control-allow-origin: *
last-modified: Wed, 28 Sep 2022 02:23:04 GMT
cf-cache-status: EXPIRED
set-cookie: __cflb=02DiuDfsBaY2bRYJiCeSRSGTzNwtDfLbr2wmMaQ5NFgda; SameSite=None; Secure; path=/; expires=Thu, 29-Sep-22 01:59:31 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 751939371fc71c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
javgg.net/wp-content/uploads/2021/11/ssis256pl-300x170.jpg
104.21.6.180200 OK 22 kB URL HTTP/2 javgg.net/wp-content/uploads/2021/11/ssis256pl-300x170.jpg
IP 104.21.6.180:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Hash e18f204fcf5de358089f34082df421d9
2214bed260e02a6363aa3363cf515f085c2bc826
f8457e51b8e8dc45abe8e1eb001062d4a6e249f43c80cd7b5d57f631d083179d
GET /wp-content/uploads/2021/11/ssis256pl-300x170.jpg HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Cookie: _ga=GA1.2.81713717.1664333969; _gid=GA1.2.213513287.1664333969; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:31 GMT
content-type: image/jpeg
content-length: 21737
last-modified: Sun, 14 Nov 2021 13:43:12 GMT
etag: "61911270-54e9"
expires: Thu, 27 Oct 2022 19:13:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27378
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICWmx4gJaoX7k8NzXd5Mgt6pD4ZgKXYy7coLGIIt8W1RhX17CES5zQrv7seOJb%2FtEsu4PxGWuS95VA2bxQb3frrBgt14zEuHOdp9l07ChpWaB5EYcjCE5PiFPWk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193939ddbdb517-OSL
X-Firefox-Spdy: h2
javgg.net/wp-content/uploads/2021/11/ssis241pl-300x170.jpg
104.21.6.180200 OK 23 kB URL HTTP/2 javgg.net/wp-content/uploads/2021/11/ssis241pl-300x170.jpg
IP 104.21.6.180:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x170, components 3\012- data
Hash f26f0aa57b2ca0fec128f08887a5c4bf
daadd148a752c87ff3a3d0ad30a31d39189f3c21
dfb8585b08a49dcc67deadc9d1f7278555b6b20a8a361b719203906da737ecf1
GET /wp-content/uploads/2021/11/ssis241pl-300x170.jpg HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Cookie: _ga=GA1.2.81713717.1664333969; _gid=GA1.2.213513287.1664333969; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:31 GMT
content-type: image/jpeg
content-length: 22551
last-modified: Sun, 14 Nov 2021 13:43:34 GMT
etag: "61911286-5817"
expires: Thu, 27 Oct 2022 19:13:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 225
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9s9r4tgEcT4jKPOLFMAomWZLyRGv0ig6tfLK%2FLgHKBD8IeJUwBgyE2mOUs9cc1IefMYIu5vhhQtfp%2BGjinjahb%2BDjhxt5wYrIFppbJqvJFdF%2Br5Q8r2zWYdmWc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193939ddbeb517-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash fbae9a3ca4096d73ab8df703ed4a01ab
322f7a5bce762f479dac834e29d9a02ddf0fce1b
8ee01374c0e32f3cac19e163ecf7c9873446e67a03464602a3ab79eef90fb2bc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:59:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 17:56:28 GMT
Expires: Mon, 03 Oct 2022 17:56:27 GMT
Etag: "322f7a5bce762f479dac834e29d9a02ddf0fce1b"
Cache-Control: max-age=485215,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751939374cbfb500-OSL
cdn.tsyndicate.com/sdk/v1/bi.js
8.247.218.249200 OK 3.3 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/bi.js
IP 8.247.218.249:0
File type C source, ASCII text, with very long lines (7675)
Hash 994ce2eb3c88a9c1025564da2a49a681
8f8e617b60e5626becb9bd5e4edd5461ccf4279e
8927431d37a4d03469c7d618a05ac02c7149c988766fb34667f06f1310a2246e
GET /sdk/v1/bi.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notads.111supjavcom.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:31 GMT
content-type: application/javascript
content-length: 3253
last-modified: Mon, 19 Sep 2022 08:53:30 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"63282e0a-1e1a"
age: 753765
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b893b5896b44e3e497640d1f8fc721c0
19de4869f530b0b906c666da94c03f20d2d42e88
ed23793fd0db4041174398a3f48580024a321454f9b8153211bc721c1886d84a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED23793FD0DB4041174398A3F48580024A321454F9B8153211BC721C1886D84A"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=39
Expires: Wed, 28 Sep 2022 03:00:10 GMT
Date: Wed, 28 Sep 2022 02:59:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6a33633461c8af5de977a8d6b7548968
2333585121856b5fe2b8c2fda74356acb8df9db7
a70d2449f55037c5b7a288ac21411c653d5150947fd852b5770fa7e64173f106
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A70D2449F55037C5B7A288AC21411C653D5150947FD852B5770FA7E64173F106"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10351
Expires: Wed, 28 Sep 2022 05:52:02 GMT
Date: Wed, 28 Sep 2022 02:59:31 GMT
Connection: keep-alive
intentionalclemencydecree.com/53/b2/3c/53b23c00e857c12b9ec3a6750b627447.js
192.243.59.20200 OK 13 kB URL HTTP/1.1 intentionalclemencydecree.com/53/b2/3c/53b23c00e857c12b9ec3a6750b627447.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37137), with no line terminators
Hash a61398467ebb0170763571b25ad721b2
59377b9c5e89d5fa2b84fe0661891bb22e226dc9
e0f33b0962bdf6afc91ca0e18c995d6a6a78c19484792e07013dac616acf8570
GET /53/b2/3c/53b23c00e857c12b9ec3a6750b627447.js HTTP/1.1
Host: intentionalclemencydecree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 02:59:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2e6b5fcea5471550cb150cc5e64cc338
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
rtbrennab.com/banner/in/show/?mid=939154945&pid=0&site=8352&sc=NO&usage_type=DCH&subid=379851898&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=notads.111supjavcom.xyz&hostname=auc-banner-hz-5&site_id=0&spot_id=0&utm_source=tcban_i&utm_medium=8352&utm_campaign=12732&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=31&ml=&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D379851898%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8352%26utm1%3Dtcban_i%26utm2%3D8352%26utm3%3D12732%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Fnotads.111supjavcom.xyz%252F%26katds_labels%3D%26btype%3D0%26score%3D31&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=0
116.202.60.158302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=939154945&pid=0&site=8352&sc=NO&usage_type=DCH&subid=379851898&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=notads.111supjavcom.xyz&hostname=auc-banner-hz-5&site_id=0&spot_id=0&utm_source=tcban_i&utm_medium=8352&utm_campaign=12732&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=31&ml=&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D379851898%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8352%26utm1%3Dtcban_i%26utm2%3D8352%26utm3%3D12732%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Fnotads.111supjavcom.xyz%252F%26katds_labels%3D%26btype%3D0%26score%3D31&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=0
IP 116.202.60.158:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=939154945&pid=0&site=8352&sc=NO&usage_type=DCH&subid=379851898&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=notads.111supjavcom.xyz&hostname=auc-banner-hz-5&site_id=0&spot_id=0&utm_source=tcban_i&utm_medium=8352&utm_campaign=12732&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=31&ml=&ttl=&space_id=860&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D0%26source%3D379851898%26idzone%3D3830823%26w%3D300%26h%3D100%26mo%3D%26ve%3D%26site_id%3D8352%26utm1%3Dtcban_i%26utm2%3D8352%26utm3%3D12732%26utm4%3D%26ad_tags%3D%26spot_id%3D0%26p%3Dhttps%253A%252F%252Fnotads.111supjavcom.xyz%252F%26katds_labels%3D%26btype%3D0%26score%3D31&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=0 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rtbbnr.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Wed, 28 Sep 2022 02:59:31 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://btds.zog.link/in/912/?sid=0&source=379851898&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8352&utm1=tcban_i&utm2=8352&utm3=12732&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Fnotads.111supjavcom.xyz%2F&katds_labels=&btype=0&score=31
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3abd787e77629e21daa6606aeae67118
18be3a2080869ae7cde7053504d2ed5188406fda
bb630a804424bd198b8b534ab48c40a42c7b9e3996676523aaab0d8e0e3b1233
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5467
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:31 GMT
Last-Modified: Wed, 28 Sep 2022 01:28:24 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1fda9e1aa5835f84e68d47e6c4ccbcf9
c7df9e4bbf25bfc9f0a142d9d7e4e49e377abad9
01647cf61b597ed02741c72b8e7b1e0974843acbefe702ae97bdf76e8684487b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01647CF61B597ED02741C72B8E7B1E0974843ACBEFE702AE97BDF76E8684487B"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3412
Expires: Wed, 28 Sep 2022 03:56:23 GMT
Date: Wed, 28 Sep 2022 02:59:31 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6974aeeda270142a361b4a4db6fefac6
cb5d4655286e43f6a4899dc87483f2d13ac427f3
174ad195c5e55bbd44c930c0cc336bc466645738f92c74bc564cb7705ca068ff
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:59:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 15:56:17 GMT
Expires: Sat, 01 Oct 2022 15:56:16 GMT
Etag: "cb5d4655286e43f6a4899dc87483f2d13ac427f3"
Cache-Control: max-age=305204,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7519393c6f05b500-OSL
lcdn.tsyndicate.com/images/8/7/759a49949cef854dec60e72362ce1877984fd1/main.jpg
8.254.252.211200 OK 2.8 kB URL HTTP/2 lcdn.tsyndicate.com/images/8/7/759a49949cef854dec60e72362ce1877984fd1/main.jpg
IP 8.254.252.211:0
File type JPEG image data, baseline, precision 8, 300x100, components 3\012- data
Hash ea8893fe883dc95e5e925f21063184a7
208c610701b19560601bbb9e9de67d769f4edb7a
1c3bac813aec94f9e1c34790b40e857af173c6e50f5527e88653d19931baa5ea
GET /images/8/7/759a49949cef854dec60e72362ce1877984fd1/main.jpg HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=664f416d-92d1-4017-a5ac-e82212104103
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:31 GMT
content-type: image/jpeg
content-length: 2840
last-modified: Thu, 18 Mar 2021 07:46:57 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"60530571-b01"
age: 16443749
accept-ranges: bytes
X-Firefox-Spdy: h2
btds.zog.link/in/912/?sid=0&source=379851898&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8352&utm1=tcban_i&utm2=8352&utm3=12732&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Fnotads.111supjavcom.xyz%2F&katds_labels=&btype=0&score=31
109.206.161.16302 Found 0 B URL HTTP/2 btds.zog.link/in/912/?sid=0&source=379851898&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8352&utm1=tcban_i&utm2=8352&utm3=12732&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Fnotads.111supjavcom.xyz%2F&katds_labels=&btype=0&score=31
IP 109.206.161.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/912/?sid=0&source=379851898&idzone=3830823&w=300&h=100&mo=&ve=&site_id=8352&utm1=tcban_i&utm2=8352&utm3=12732&utm4=&ad_tags=&spot_id=0&p=https%3A%2F%2Fnotads.111supjavcom.xyz%2F&katds_labels=&btype=0&score=31 HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbbnr.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.20.1
date: Wed, 28 Sep 2022 02:59:31 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=379851898&categories={{ad_tags}}
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 912.0=1; expires=Thu, 29 Sep 2022 02:59:31 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash b3d6b07e3998c6d4341acb2b263e609e
12e3561297d635de3fbd5212e2ae66a6e91ac673
534a36edebee87dbf492d6b5895e47385e65849b261348ab3623a8e17dc323cc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 02:59:31 GMT
Last-Modified: Wed, 28 Sep 2022 01:47:20 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bvIbZIfzM77WnnvNP9935RErLSb7Fe9F6eGDDFA785zhvSiXWfBQ0Q==
Age: 4331
simplewebanalysis.com/stats
3.66.118.16200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.66.118.16:0
File type ASCII text, with no line terminators
Hash 9ab948ffaca8406919d9adc58180f2e3
cb2ce9f25b2f69ed0c6e2e82b7dcb401e49bc6f4
9ec8a7e39012bc0624fa85b86ed284f186ec3e9ce07ae2cad9c5f1a88eb79182
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://javgg.net
access-control-allow-credentials: true
set-cookie: uid_id2=c10b66c0-6c05-43ea-a64a-7b3a927289d4:2:1; expires=Sat, 25 Sep 2032 02:59:32 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3abd787e77629e21daa6606aeae67118
18be3a2080869ae7cde7053504d2ed5188406fda
bb630a804424bd198b8b534ab48c40a42c7b9e3996676523aaab0d8e0e3b1233
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5468
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:32 GMT
Last-Modified: Wed, 28 Sep 2022 01:28:24 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6974aeeda270142a361b4a4db6fefac6
cb5d4655286e43f6a4899dc87483f2d13ac427f3
174ad195c5e55bbd44c930c0cc336bc466645738f92c74bc564cb7705ca068ff
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:59:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 15:56:17 GMT
Expires: Sat, 01 Oct 2022 15:56:16 GMT
Etag: "cb5d4655286e43f6a4899dc87483f2d13ac427f3"
Cache-Control: max-age=305203,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7519393c6de8b524-OSL
rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgzNTIsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgzNTIsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIzNzk4NTE4OTgiLCJ1dG0xIjoidGNiYW5faSIsInV0bTIiOiI4MzUyIiwidXRtMyI6IjEyNzMyIiwidXRtNCI6IiJ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoxMDB9fV0sInNpdGUiOnsiaWQiOiI4MzUyIiwicGFnZSI6Imh0dHBzOi8vbm90YWRzLjExMXN1cGphdmNvbS54eXovIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjgxODYwODk5YjRjMjdhMGQ2MzQxYzY2YTZiNTBkMGVjIn0sImV4dCI6eyJkdCI6MTY2NDMzMzk2OTA5OX19
116.202.60.158200 OK 3.8 kB URL HTTP/2 rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgzNTIsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgzNTIsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIzNzk4NTE4OTgiLCJ1dG0xIjoidGNiYW5faSIsInV0bTIiOiI4MzUyIiwidXRtMyI6IjEyNzMyIiwidXRtNCI6IiJ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoxMDB9fV0sInNpdGUiOnsiaWQiOiI4MzUyIiwicGFnZSI6Imh0dHBzOi8vbm90YWRzLjExMXN1cGphdmNvbS54eXovIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjgxODYwODk5YjRjMjdhMGQ2MzQxYzY2YTZiNTBkMGVjIn0sImV4dCI6eyJkdCI6MTY2NDMzMzk2OTA5OX19
IP 116.202.60.158:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2590)
Hash 47aa7c6b7499b752e60e9965ae023be2
8e21f822df5c726c9c3cd9d295db35df540b7368
416bd89550544ddf4b5ee83be4d99b807906ce18cab8230f5e3da0ff01db058c
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjgzNTIsImlkIjo4NjAsImxhYmVscyI6IiIsInNpdGVfaWQiOjgzNTIsInR5cGUiOiJiYW5uZXIiLCJzcGFjZWlkIjo4NjAsInNwb3RfaWQiOjAsImlkem9uZSI6MzgzMDgyMywiem9uZSI6InRjX3BhYl8zMDB4MTAwIiwiYWRfdGFncyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIzNzk4NTE4OTgiLCJ1dG0xIjoidGNiYW5faSIsInV0bTIiOiI4MzUyIiwidXRtMyI6IjEyNzMyIiwidXRtNCI6IiJ9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoxMDB9fV0sInNpdGUiOnsiaWQiOiI4MzUyIiwicGFnZSI6Imh0dHBzOi8vbm90YWRzLjExMXN1cGphdmNvbS54eXovIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjgxODYwODk5YjRjMjdhMGQ2MzQxYzY2YTZiNTBkMGVjIn0sImV4dCI6eyJkdCI6MTY2NDMzMzk2OTA5OX19 HTTP/1.1
Host: rtbbnr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.tubecorp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 28 Sep 2022 02:59:31 GMT
content-type: text/html
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=379851898&categories={{ad_tags}}
136.243.69.157200 OK 2.5 kB URL HTTP/2 tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=379851898&categories={{ad_tags}}
IP 136.243.69.157:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3840)
Hash 538bbecd4cbec01be3fc5302a6cef134
36058f8177eb6e76f5df75053d040bc434f5a93f
e12f2644a2ad5e4648b7f7c65763c756d0686472a7ddeab4666c7a1c504b5cec
GET /iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=379851898&categories={{ad_tags}} HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rtbbnr.com/
Connection: keep-alive
Cookie: ts_uid=664f416d-92d1-4017-a5ac-e82212104103
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:59:32 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: a7094caa9110b0d7
set-cookie: ts_uid=664f416d-92d1-4017-a5ac-e82212104103; expires=Tue, 28 Mar 2023 02:59:32 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZN2zUSAijCwsRYwpuieFQRBmJMWzYoEFDBowZN2R06aMg; expires=Thu, 29 Sep 2022 02:59:32 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
lcdn.tsyndicate.com/images/8/7/759a49949cef854dec60e72362ce1877984fd1/main.mp4
8.254.252.211206 Partial Content 61 kB URL HTTP/2 lcdn.tsyndicate.com/images/8/7/759a49949cef854dec60e72362ce1877984fd1/main.mp4
IP 8.254.252.211:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 4992d914122794df77f4f69cb51a55a8
a2fb8ed82a3c2fa7b175e4c83cc27f0f24238f66
bae61fc0a38f5de5a445de2094c6a9c81cb899c2ce3888219fc5fb04c49b7287
GET /images/8/7/759a49949cef854dec60e72362ce1877984fd1/main.mp4 HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=664f416d-92d1-4017-a5ac-e82212104103; bfq=APeIECNCxxYZN2zUSAijCwsRYwpuieFQRBmJMWzYoEFDBowZN2R06aMg
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 206 Partial Content
date: Wed, 28 Sep 2022 02:59:32 GMT
content-type: video/mp4
content-length: 60563
etag: "60530571-ec93"
last-modified: Thu, 18 Mar 2021 07:46:57 GMT
server: nginx
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
age: 18612169
content-range: bytes 0-60562/60563
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 254c5b2fc52c276e85e1a3edd0fc29cb
235c276fa232592072a2022dec9f828b937598d0
32bda2a4d732a0a91132ce039dc47a0e0b7f0d467359ebd71416c06693453db6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3828
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:32 GMT
Last-Modified: Wed, 28 Sep 2022 01:55:44 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 313
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WYMTODjJgyOci0mJFjTI4WNMjUCNMCR44aM0baIBNDBo0yMXDUEJNDxMMwdcZkHHODBg0bY2iYQUkmKcoaN260CLORpRgbYsKEqQEjDA0cZnr-JGNnoQwYUW88hFNHzMIZNnDcwPETDpy3NGDEmPFwDpyJOmjURJuDxsMxbe4GhvEyR0WIZMyYVStCjBs3k2fcmAHDxsM2bjAynCHj7FrQokvrhPGwjhw2b_UyRttaRkY0dOjAmaPjxQs7ZPKYYXNGzZg8eNyYcVHHTZoxb-S4gSMnzcGaM1xAb_OCjQs4aOD8gNNjjA43MGnowbNGjHvjY76o0ZODSx0YMGTM7GFDxg0bO-EQgxgxlNGfDDGMgUN_M5Rxgxgy2IeffnP0INhZNxQmYX5Y9eCfZpzZsKF-YljXAwwu4BfDiDbAYaIMT0iBRRF_NbFECzm0ASMeaCDBxhpR6LFGDVmEkYYY0slwBhposEHEGkYIgcQMTTgBhRJDfBGGEFqsMYYSVJQxgxZ1BEEFFFQc8UQORcRQhBF31FBDEEi4AcUYckihxhNUzEEFGXHUpEYdS1yURAt0GIHDEm4UkUcTY7TwxBlfnFFFEkRIUUUaLCJGXl6NrXgfh2uUkccd0ZHRA4tkyODhDazGYCFjNTjG6gwnskpDDzPktRerNfTgxBOs2tCDGmHYccYZLrhRBh2s3tBDVpchtAJnMOARA36s4uAhqznw6pMIZLzRRkZuvEGHQXO4EMO7c9QBB7J2bOcCHnnoMe4YYQC2xQwxdLGWHEIxVEYLnT0khmQ6oKjXYXC08QV1BTuMH2Vy2KEYZw-VMUbEC1n8WB11pJGRDTYoJdhMOMpAE0p6SbVVRC2UgUNpNW0rGAwzjJuGYiI45kIOKNIgg7s10DCuHF_8nJHQRLtgNNJKtxZGRk28oUcabLARxgs1pAgCCli8uwMITKThRh14gIDHgl-kfHbGOuRgQ4opgHCEx2u88cJZ28oWAwhGpCFHGWa8gccLdqe4b8EiDDtudF-MAbnkD7EBeRFOjHuQHV8cDhtDUM0FFw74PSTHGZjpIEMNcj30-RdILoQDXeSWAXobb5Bh1oKPkSHHG2899IZCrg-seB4LGSbC4QwPlNtuvb2Q7rpktPtuDPHOm6y9-Orxwrh3ZFQT6uOiYX5-VYswR8YZDb8uHdG10FwadLRgQw4uNFWT55A7yBf8ZxuLnIshKKPBDBaYgxs8hg46okgCF0gSB94AJmMJXRn8oiXAxGCCDHRgx0AXBjYghA7I-xcNBAYRMQAmd2YAChsmshbNhewwooFBHxQQEA%3D%3D&s=cbf81082c8bca1fc727b672265947599ec508c4b740ccb7566f00c4ca850d1f41664333971&w=t&r=1&d=38&priv=false
136.243.80.153200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WYMTODjJgyOci0mJFjTI4WNMjUCNMCR44aM0baIBNDBo0yMXDUEJNDxMMwdcZkHHODBg0bY2iYQUkmKcoaN260CLORpRgbYsKEqQEjDA0cZnr-JGNnoQwYUW88hFNHzMIZNnDcwPETDpy3NGDEmPFwDpyJOmjURJuDxsMxbe4GhvEyR0WIZMyYVStCjBs3k2fcmAHDxsM2bjAynCHj7FrQokvrhPGwjhw2b_UyRttaRkY0dOjAmaPjxQs7ZPKYYXNGzZg8eNyYcVHHTZoxb-S4gSMnzcGaM1xAb_OCjQs4aOD8gNNjjA43MGnowbNGjHvjY76o0ZODSx0YMGTM7GFDxg0bO-EQgxgxlNGfDDGMgUN_M5Rxgxgy2IeffnP0INhZNxQmYX5Y9eCfZpzZsKF-YljXAwwu4BfDiDbAYaIMT0iBRRF_NbFECzm0ASMeaCDBxhpR6LFGDVmEkYYY0slwBhposEHEGkYIgcQMTTgBhRJDfBGGEFqsMYYSVJQxgxZ1BEEFFFQc8UQORcRQhBF31FBDEEi4AcUYckihxhNUzEEFGXHUpEYdS1yURAt0GIHDEm4UkUcTY7TwxBlfnFFFEkRIUUUaLCJGXl6NrXgfh2uUkccd0ZHRA4tkyODhDazGYCFjNTjG6gwnskpDDzPktRerNfTgxBOs2tCDGmHYccYZLrhRBh2s3tBDVpchtAJnMOARA36s4uAhqznw6pMIZLzRRkZuvEGHQXO4EMO7c9QBB7J2bOcCHnnoMe4YYQC2xQwxdLGWHEIxVEYLnT0khmQ6oKjXYXC08QV1BTuMH2Vy2KEYZw-VMUbEC1n8WB11pJGRDTYoJdhMOMpAE0p6SbVVRC2UgUNpNW0rGAwzjJuGYiI45kIOKNIgg7s10DCuHF_8nJHQRLtgNNJKtxZGRk28oUcabLARxgs1pAgCCli8uwMITKThRh14gIDHgl-kfHbGOuRgQ4opgHCEx2u88cJZ28oWAwhGpCFHGWa8gccLdqe4b8EiDDtudF-MAbnkD7EBeRFOjHuQHV8cDhtDUM0FFw74PSTHGZjpIEMNcj30-RdILoQDXeSWAXobb5Bh1oKPkSHHG2899IZCrg-seB4LGSbC4QwPlNtuvb2Q7rpktPtuDPHOm6y9-Orxwrh3ZFQT6uOiYX5-VYswR8YZDb8uHdG10FwadLRgQw4uNFWT55A7yBf8ZxuLnIshKKPBDBaYgxs8hg46okgCF0gSB94AJmMJXRn8oiXAxGCCDHRgx0AXBjYghA7I-xcNBAYRMQAmd2YAChsmshbNhewwooFBHxQQEA%3D%3D&s=cbf81082c8bca1fc727b672265947599ec508c4b740ccb7566f00c4ca850d1f41664333971&w=t&r=1&d=38&priv=false
IP 136.243.80.153:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WYMTODjJgyOci0mJFjTI4WNMjUCNMCR44aM0baIBNDBo0yMXDUEJNDxMMwdcZkHHODBg0bY2iYQUkmKcoaN260CLORpRgbYsKEqQEjDA0cZnr-JGNnoQwYUW88hFNHzMIZNnDcwPETDpy3NGDEmPFwDpyJOmjURJuDxsMxbe4GhvEyR0WIZMyYVStCjBs3k2fcmAHDxsM2bjAynCHj7FrQokvrhPGwjhw2b_UyRttaRkY0dOjAmaPjxQs7ZPKYYXNGzZg8eNyYcVHHTZoxb-S4gSMnzcGaM1xAb_OCjQs4aOD8gNNjjA43MGnowbNGjHvjY76o0ZODSx0YMGTM7GFDxg0bO-EQgxgxlNGfDDGMgUN_M5Rxgxgy2IeffnP0INhZNxQmYX5Y9eCfZpzZsKF-YljXAwwu4BfDiDbAYaIMT0iBRRF_NbFECzm0ASMeaCDBxhpR6LFGDVmEkYYY0slwBhposEHEGkYIgcQMTTgBhRJDfBGGEFqsMYYSVJQxgxZ1BEEFFFQc8UQORcRQhBF31FBDEEi4AcUYckihxhNUzEEFGXHUpEYdS1yURAt0GIHDEm4UkUcTY7TwxBlfnFFFEkRIUUUaLCJGXl6NrXgfh2uUkccd0ZHRA4tkyODhDazGYCFjNTjG6gwnskpDDzPktRerNfTgxBOs2tCDGmHYccYZLrhRBh2s3tBDVpchtAJnMOARA36s4uAhqznw6pMIZLzRRkZuvEGHQXO4EMO7c9QBB7J2bOcCHnnoMe4YYQC2xQwxdLGWHEIxVEYLnT0khmQ6oKjXYXC08QV1BTuMH2Vy2KEYZw-VMUbEC1n8WB11pJGRDTYoJdhMOMpAE0p6SbVVRC2UgUNpNW0rGAwzjJuGYiI45kIOKNIgg7s10DCuHF_8nJHQRLtgNNJKtxZGRk28oUcabLARxgs1pAgCCli8uwMITKThRh14gIDHgl-kfHbGOuRgQ4opgHCEx2u88cJZ28oWAwhGpCFHGWa8gccLdqe4b8EiDDtudF-MAbnkD7EBeRFOjHuQHV8cDhtDUM0FFw74PSTHGZjpIEMNcj30-RdILoQDXeSWAXobb5Bh1oKPkSHHG2899IZCrg-seB4LGSbC4QwPlNtuvb2Q7rpktPtuDPHOm6y9-Orxwrh3ZFQT6uOiYX5-VYswR8YZDb8uHdG10FwadLRgQw4uNFWT55A7yBf8ZxuLnIshKKPBDBaYgxs8hg46okgCF0gSB94AJmMJXRn8oiXAxGCCDHRgx0AXBjYghA7I-xcNBAYRMQAmd2YAChsmshbNhewwooFBHxQQEA%3D%3D&s=cbf81082c8bca1fc727b672265947599ec508c4b740ccb7566f00c4ca850d1f41664333971&w=t&r=1&d=38&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=664f416d-92d1-4017-a5ac-e82212104103; bfq=APeIECNCxxYZN2zUSAijCwsRYwpuieFQRBmJMWzYoEFDBowZN2R06aMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:59:32 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/elapsedtime?f=banner%20300x100&sc=607f4e023c4447b99a1f4ca4ed500c5e&hn=notads.111supjavcom.xyz&et=184
136.243.80.153200 OK 0 B URL HTTP/2 pxl.tsyndicate.com/api/v1/elapsedtime?f=banner%20300x100&sc=607f4e023c4447b99a1f4ca4ed500c5e&hn=notads.111supjavcom.xyz&et=184
IP 136.243.80.153:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/elapsedtime?f=banner%20300x100&sc=607f4e023c4447b99a1f4ca4ed500c5e&hn=notads.111supjavcom.xyz&et=184 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notads.111supjavcom.xyz/
Cookie: ts_uid=664f416d-92d1-4017-a5ac-e82212104103; bfq=APeIECNCxxYZN2zUSAijCwsRYwpuieFQRBmJMWzYoEFDBowZN2R06aMg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:59:32 GMT
content-length: 0
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 9421671bd2ed2e02db30a5d0761d1ae9
6ea7d9b57b7262d2e26b8ff6c663d4a5bd0618c2
51c2414e3a55642659d0e53a10a4cb15483e4b1816668a17cd1c21ea8bb71284
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:59:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 02 Oct 2022 01:13:23 GMT
ETag: "6ea7d9b57b7262d2e26b8ff6c663d4a5bd0618c2"
Last-Modified: Wed, 28 Sep 2022 01:13:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1866
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7519393f98591bfa-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 9421671bd2ed2e02db30a5d0761d1ae9
6ea7d9b57b7262d2e26b8ff6c663d4a5bd0618c2
51c2414e3a55642659d0e53a10a4cb15483e4b1816668a17cd1c21ea8bb71284
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:59:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 02 Oct 2022 01:13:23 GMT
ETag: "6ea7d9b57b7262d2e26b8ff6c663d4a5bd0618c2"
Last-Modified: Wed, 28 Sep 2022 01:13:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1866
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7519393f9a48b4e8-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 9421671bd2ed2e02db30a5d0761d1ae9
6ea7d9b57b7262d2e26b8ff6c663d4a5bd0618c2
51c2414e3a55642659d0e53a10a4cb15483e4b1816668a17cd1c21ea8bb71284
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:59:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 02 Oct 2022 01:13:23 GMT
ETag: "6ea7d9b57b7262d2e26b8ff6c663d4a5bd0618c2"
Last-Modified: Wed, 28 Sep 2022 01:13:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1866
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7519393f9dd2b527-OSL
hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
209.197.3.25200 OK 17 kB URL HTTP/1.1 hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
IP 209.197.3.25:0
File type ASCII text, with very long lines (16885), with no line terminators
Hash 48c80c7c28b5b00a8b4ff94a22b72fe3
d57303c2ad2fd5cedc5cb20f264a6965a7819cee
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:59:32 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10721591
X-HW: 1664333972.dop222.sk1.t,1664333972.cds237.sk1.shn,1664333972.dop222.sk1.t,1664333972.cds228.sk1.c
Access-Control-Allow-Origin: *
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 9421671bd2ed2e02db30a5d0761d1ae9
6ea7d9b57b7262d2e26b8ff6c663d4a5bd0618c2
51c2414e3a55642659d0e53a10a4cb15483e4b1816668a17cd1c21ea8bb71284
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:59:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 02 Oct 2022 01:13:23 GMT
ETag: "6ea7d9b57b7262d2e26b8ff6c663d4a5bd0618c2"
Last-Modified: Wed, 28 Sep 2022 01:13:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1866
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7519393f9b571c0e-OSL
hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
205.185.208.20200 OK 5.0 kB URL HTTP/1.1 hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
IP 205.185.208.20:0
File type ASCII text, with very long lines (5027), with no line terminators
Hash 5e5817bcf4c82c7c85d1d88636d221ce
b5c32cc6c931c33c1297884016e13d3b9a5bf261
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:59:32 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Content-Type: application/javascript
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10575632
X-HW: 1664333972.dop020.sk1.t,1664333972.cds212.sk1.shn,1664333972.cds212.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/a7/creatives/24/124/814230/1027454/1027454_logo.png
205.185.208.20200 OK 2.5 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/24/124/814230/1027454/1027454_logo.png
IP 205.185.208.20:0
File type PNG image data, 300 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash ca45c1f7c9cc240572ebc5a5fa7cff3a
d3cfe8f57d87ca20636cd24acbbc0508375541fe
d6f7a3e51952a88fcf04cad98e06d4ff23c1f83f80847156a4867d029bcd3e01
GET /a7/creatives/24/124/814230/1027454/1027454_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:59:32 GMT
Connection: Keep-Alive
ETag: "1648235852"
Content-Length: 2532
Content-Type: image/png
Last-Modified: Fri, 25 Mar 2022 19:17:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10498750
X-HW: 1664333972.dop020.sk1.t,1664333972.cds212.sk1.shn,1664333972.dop020.sk1.t,1664333972.cds213.sk1.c
Access-Control-Allow-Origin: *
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XUwBGjTI4aMWq0uGGQRgsaMMzkaCEGxhgzLcKUiUGGDI2NOWzUoCHi4Rwxacgo1LFFxIwbOXCAxJFURJeHYeqMyagzjBkZNMKYtAHj48kxNmK0yBGmhkgZNnLcmAHDLJkZZmL0hEjGzsK0NmQ8hFNHDEUZaqHCgUMxRo4cM3zCmcjwRtijFce0IayDRowbXW1AJWNmoYwbD8W4cePZcQ3HMB62cYNRx-cZafeubh3DcgwcD-vI1TGQDh04c3S8eBHGhUE6rF2MedPmxZkydF7EgAFjOlYZP-ikaVOmR8gcWMHLwIHjxmcudaijDUNnTA_LmHOiV28jDBwxPYRQmVNGT9Y81LVgxxFlnBHHFHpIIUQROYxxRQ5UtFFHFVHcUUQMQwjhBgxT4KCEFFHQsYYUeLRhwxhYEPHFEWpowQYWNChhHx41hMGEHULY4cYcRehxwxhU9DgEFf6ZQUMda1DhRh5NwJHDEziwQcMSYURhRxktyEHEGmKwIcUTX5xRRRJESFFFGnPB0QZFD72hJpsikMFcRnLQIYZocig350NjsLfQFg09JQIcckylAwwuUFeRGJ0dmmhbfKr5BaGGIkpddY49JIcdlMWgmQhljPGmo5fKUFEddaDJmw020GCkp2SMJQMZYqF0WUw1jtFCGTjIYKqpMFgGwwxzpUGZCDnE4EIOiNIggwsh8aTpF8ZmlOyyzT4b7Vx1hJFRE2_okQYbbITxQg2JgoACFjHEsAMITKThRh14gIAHDjZ80eq7m-qQU6IpgEDgGGu88YIM1SlaHQhGpCFHGWa8gccL_8Iw1xiGiuDEE3O9IccXGGe08VxsZFyEE3MdZMcXD7NB0Wk34AAbDtRpegZprm0EWpxlrCyGHAuR95DKX7TxBhme4VsRGXK8sVBiIrwxlF6DNo1HHgvRoCnEGaHhG3DCvVDnnW7kuVxzc82xKZ1v0MGexy3U4UYadIyEKBljxCBDyhkf9AXees9Fx5o6eNrqDIirRfXgexfOKg2Iz6A4DDJAbRDLZcwBxxd-On544uY91DPnbCBEx1CA0iBoGGIwxrMZUbEx0V4lL5SaCGO0BkMfCgQE&s=d2ae36b878e595f358706391124079efaed0697de10ede91dc9538d84eff33cf1664333972&w=t&r=1&d=361&priv=false
136.243.80.153200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XUwBGjTI4aMWq0uGGQRgsaMMzkaCEGxhgzLcKUiUGGDI2NOWzUoCHi4Rwxacgo1LFFxIwbOXCAxJFURJeHYeqMyagzjBkZNMKYtAHj48kxNmK0yBGmhkgZNnLcmAHDLJkZZmL0hEjGzsK0NmQ8hFNHDEUZaqHCgUMxRo4cM3zCmcjwRtijFce0IayDRowbXW1AJWNmoYwbD8W4cePZcQ3HMB62cYNRx-cZafeubh3DcgwcD-vI1TGQDh04c3S8eBHGhUE6rF2MedPmxZkydF7EgAFjOlYZP-ikaVOmR8gcWMHLwIHjxmcudaijDUNnTA_LmHOiV28jDBwxPYRQmVNGT9Y81LVgxxFlnBHHFHpIIUQROYxxRQ5UtFFHFVHcUUQMQwjhBgxT4KCEFFHQsYYUeLRhwxhYEPHFEWpowQYWNChhHx41hMGEHULY4cYcRehxwxhU9DgEFf6ZQUMda1DhRh5NwJHDEziwQcMSYURhRxktyEHEGmKwIcUTX5xRRRJESFFFGnPB0QZFD72hJpsikMFcRnLQIYZocig350NjsLfQFg09JQIcckylAwwuUFeRGJ0dmmhbfKr5BaGGIkpddY49JIcdlMWgmQhljPGmo5fKUFEddaDJmw020GCkp2SMJQMZYqF0WUw1jtFCGTjIYKqpMFgGwwxzpUGZCDnE4EIOiNIggwsh8aTpF8ZmlOyyzT4b7Vx1hJFRE2_okQYbbITxQg2JgoACFjHEsAMITKThRh14gIAHDjZ80eq7m-qQU6IpgEDgGGu88YIM1SlaHQhGpCFHGWa8gccL_8Iw1xiGiuDEE3O9IccXGGe08VxsZFyEE3MdZMcXD7NB0Wk34AAbDtRpegZprm0EWpxlrCyGHAuR95DKX7TxBhme4VsRGXK8sVBiIrwxlF6DNo1HHgvRoCnEGaHhG3DCvVDnnW7kuVxzc82xKZ1v0MGexy3U4UYadIyEKBljxCBDyhkf9AXees9Fx5o6eNrqDIirRfXgexfOKg2Iz6A4DDJAbRDLZcwBxxd-On544uY91DPnbCBEx1CA0iBoGGIwxrMZUbEx0V4lL5SaCGO0BkMfCgQE&s=d2ae36b878e595f358706391124079efaed0697de10ede91dc9538d84eff33cf1664333972&w=t&r=1&d=361&priv=false
IP 136.243.80.153:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0DEjBgsRYcbQWehQBJ0zC0XUwBGjTI4aMWq0uGGQRgsaMMzkaCEGxhgzLcKUiUGGDI2NOWzUoCHi4Rwxacgo1LFFxIwbOXCAxJFURJeHYeqMyagzjBkZNMKYtAHj48kxNmK0yBGmhkgZNnLcmAHDLJkZZmL0hEjGzsK0NmQ8hFNHDEUZaqHCgUMxRo4cM3zCmcjwRtijFce0IayDRowbXW1AJWNmoYwbD8W4cePZcQ3HMB62cYNRx-cZafeubh3DcgwcD-vI1TGQDh04c3S8eBHGhUE6rF2MedPmxZkydF7EgAFjOlYZP-ikaVOmR8gcWMHLwIHjxmcudaijDUNnTA_LmHOiV28jDBwxPYRQmVNGT9Y81LVgxxFlnBHHFHpIIUQROYxxRQ5UtFFHFVHcUUQMQwjhBgxT4KCEFFHQsYYUeLRhwxhYEPHFEWpowQYWNChhHx41hMGEHULY4cYcRehxwxhU9DgEFf6ZQUMda1DhRh5NwJHDEziwQcMSYURhRxktyEHEGmKwIcUTX5xRRRJESFFFGnPB0QZFD72hJpsikMFcRnLQIYZocig350NjsLfQFg09JQIcckylAwwuUFeRGJ0dmmhbfKr5BaGGIkpddY49JIcdlMWgmQhljPGmo5fKUFEddaDJmw020GCkp2SMJQMZYqF0WUw1jtFCGTjIYKqpMFgGwwxzpUGZCDnE4EIOiNIggwsh8aTpF8ZmlOyyzT4b7Vx1hJFRE2_okQYbbITxQg2JgoACFjHEsAMITKThRh14gIAHDjZ80eq7m-qQU6IpgEDgGGu88YIM1SlaHQhGpCFHGWa8gccL_8Iw1xiGiuDEE3O9IccXGGe08VxsZFyEE3MdZMcXD7NB0Wk34AAbDtRpegZprm0EWpxlrCyGHAuR95DKX7TxBhme4VsRGXK8sVBiIrwxlF6DNo1HHgvRoCnEGaHhG3DCvVDnnW7kuVxzc82xKZ1v0MGexy3U4UYadIyEKBljxCBDyhkf9AXees9Fx5o6eNrqDIirRfXgexfOKg2Iz6A4DDJAbRDLZcwBxxd-On544uY91DPnbCBEx1CA0iBoGGIwxrMZUbEx0V4lL5SaCGO0BkMfCgQE&s=d2ae36b878e595f358706391124079efaed0697de10ede91dc9538d84eff33cf1664333972&w=t&r=1&d=361&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=664f416d-92d1-4017-a5ac-e82212104103; bfq=APeIECNCxxYZN2zUSAijCwsRYwpuieFQRBmJMWzYoEFDBowZN2R06aMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:59:32 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2461
Expires: Wed, 28 Sep 2022 03:40:33 GMT
Date: Wed, 28 Sep 2022 02:59:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2461
Expires: Wed, 28 Sep 2022 03:40:33 GMT
Date: Wed, 28 Sep 2022 02:59:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2461
Expires: Wed, 28 Sep 2022 03:40:33 GMT
Date: Wed, 28 Sep 2022 02:59:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
age: 18634
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-2.jpg
103.254.144.30200 OK 4.4 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-2.jpg
IP 103.254.144.30:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Hash d93b3b378229a498ea579f80722a541a
8764078fdd901016a87248a6b2844dc0dc5187d0
eac388b240cfbbb3ce324fda1506827e168d4e7562d579c8eb5fa0a1c782c005
GET /digital/video/1sdnm355/1sdnm355-2.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-type: image/jpeg
content-length: 4445
last-modified: Wed, 03 Aug 2022 07:19:17 GMT
etag: "62ea2175-115d"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzLQAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 0ceafc65-764c-4367-b031-257061eb65d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF00oAMFUpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-0d46481b7394081b14a81131;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ve8l6PxpMuBLt5BxwywNpqM2ISt0zy2r_gweYnVw4X65PBEhpMbckg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:00 GMT
age: 18812
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff14e2acf-9d43-48bc-ab80-1dc73fa7dfc8.webp
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff14e2acf-9d43-48bc-ab80-1dc73fa7dfc8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c301dff6ddda16fd64692c19173cfa8c
2afdfb716192540a61327137706462c53588bf23
fd0f33a778fec87dbfa323ffa6b24ca5f94aa16d102e62683ad54b759208058b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff14e2acf-9d43-48bc-ab80-1dc73fa7dfc8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5377
x-amzn-requestid: 28ddd5cd-c299-4b36-98be-b6dbeaadc1ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI4KRGo7oAMFUiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336d74-27ebe6e974ee5b7d06227fca;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TEv_Z7_1FsPBC2ugxBvTbts1ubHFeZjRhrSFAGt2liOt-Z5GQhmu-g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:28:53 GMT
age: 16239
etag: "2afdfb716192540a61327137706462c53588bf23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 18654
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3e1fd3401c5e635a8dbeec5f78b721d
2142075b27d0d355c51231ab06fea46e25eb9c59
2e17a43985b624e6b6592d402c36dd45b915cd6e1ac84e187c18c46420eb9a1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9733
x-amzn-requestid: fff8214b-48f7-4b45-bd91-69ea4db871d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCAWhG9HIAMFloQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330adc3-1cffa63711378c525e49e11d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 19:36:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vak91l2UKRnX0Go62y1yPwJ8E-Af7XBurmQATw5MSZXBqhUJrIgOCQ==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 04:59:08 GMT
age: 79224
etag: "2142075b27d0d355c51231ab06fea46e25eb9c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccfb4931d41ca01aa55b4b8e9ef6b4e1
2351d2547f4bd0aac45bb21a5aa8277e80ef15f2
89de9954ee2874b476c907810189812efe13234a46910180f34f68082429260f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7020
x-amzn-requestid: 1258ee7b-987a-4454-8963-e76b7c1470f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4EVxIAMFrmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7a1fbaa251600686757f9583;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ISJfVYtY7kLIm87GZEvqMmEr3D4vYcZDi-WJAu4GyaxLQKRUDbVjg==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 18809
etag: "2351d2547f4bd0aac45bb21a5aa8277e80ef15f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7157863cd22922e3e5f528b52c3163f7
84316ac848a731aa3edb9c8025a60fb56aa8c6e9
000e08d74207538eca3e2a59c40a18ff12aaf74a7a0a32f7333c43f7cbdebcd3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "000E08D74207538ECA3E2A59C40A18FF12AAF74A7A0A32F7333C43F7CBDEBCD3"
Last-Modified: Mon, 26 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4293
Expires: Wed, 28 Sep 2022 04:11:05 GMT
Date: Wed, 28 Sep 2022 02:59:32 GMT
Connection: keep-alive
pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-7.jpg
103.254.144.30200 OK 4.2 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-7.jpg
IP 103.254.144.30:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Hash ac4fb57732bc81ae1e88f965be774d22
639191ad4d13d5dd797f320eec29cc541d54cfee
5725f4b30af5e84f6e360ba75ea4518e6a29aa8a1919a0fcae4b87ea229a353a
GET /digital/video/1sdnm355/1sdnm355-7.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-type: image/jpeg
content-length: 4232
last-modified: Wed, 03 Aug 2022 07:19:20 GMT
etag: "62ea2178-1088"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzLRAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-8.jpg
103.254.144.30200 OK 5.2 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-8.jpg
IP 103.254.144.30:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Hash ce63648e79a74be3d7f8e5fd86fec6c1
918a50197b9d1ced039a8a11bb62ee9a643ec926
3ec69b92de35ff4309d299baff872fcabe7e1048a3c3412011a4d2ca164e396d
GET /digital/video/1sdnm355/1sdnm355-8.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-type: image/jpeg
content-length: 5170
last-modified: Wed, 03 Aug 2022 07:19:20 GMT
etag: "62ea2178-1432"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzLSAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-9.jpg
103.254.144.30200 OK 5.1 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-9.jpg
IP 103.254.144.30:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Hash 0b629069193f7c1613b5c54e77911635
f6cd6cc2098b76c53fe906d9e0de412fe745d1ec
9e8fc8731fea45e9a8d87245aab73ef175e4eadbf73b4e5ee743b65a2c25a941
GET /digital/video/1sdnm355/1sdnm355-9.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-type: image/jpeg
content-length: 5054
last-modified: Wed, 03 Aug 2022 07:19:23 GMT
etag: "62ea217b-13be"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzLTAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-10.jpg
103.254.144.30200 OK 4.8 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-10.jpg
IP 103.254.144.30:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Hash ef26c21346ceb0685caff0d79f1b8f26
3568e946ee7ec0927887c40191c89c37c19b5437
8920c923806f53553fb9080349e1636aa5a7d0c0bb40635d781ecb5dff610725
GET /digital/video/1sdnm355/1sdnm355-10.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-type: image/jpeg
content-length: 4802
last-modified: Wed, 03 Aug 2022 07:19:11 GMT
etag: "62ea216f-12c2"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzLUAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-11.jpg
103.254.144.30200 OK 4.8 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-11.jpg
IP 103.254.144.30:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Hash da53b9d13d3440c37d9af19d4ba4b015
e7d95813826432b3b886cbeab1495e90a74de4cd
a5ffc66880f478e58cb0257e7055855ec0545d8b0eebf75d412165f40eff6bc3
GET /digital/video/1sdnm355/1sdnm355-11.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-type: image/jpeg
content-length: 4801
last-modified: Wed, 03 Aug 2022 07:19:11 GMT
etag: "62ea216f-12c1"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzLVAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-12.jpg
103.254.144.30200 OK 5.4 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-12.jpg
IP 103.254.144.30:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Hash e71e2d8f8a124f168e318d9e996db0a8
8ed2c6e651feb84c8a07090feffe9f7d54f55306
0904c75155e6f37e05635b70b7bd6cb57be802d05fb58ba86af48eef7cce7602
GET /digital/video/1sdnm355/1sdnm355-12.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-type: image/jpeg
content-length: 5391
last-modified: Wed, 03 Aug 2022 07:19:14 GMT
etag: "62ea2172-150f"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzLWAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
incomprehensibleacrid.com/sbar.json?key=53b23c00e857c12b9ec3a6750b627447
173.233.137.52200 OK 4.3 kB URL HTTP/1.1 incomprehensibleacrid.com/sbar.json?key=53b23c00e857c12b9ec3a6750b627447
IP 173.233.137.52:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5977), with no line terminators
Hash 7354e6dda3f7e3f0ec31998b6f51fef8
e468c52df4ce73b46c4895256488096f77788add
3a6dced62c213e2f99d9525b72fbad1de5af88959265f1363a3ab7cb0292771d
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=53b23c00e857c12b9ec3a6750b627447 HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 02:59:33 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://javgg.net
Access-Control-Allow-Origin: https://javgg.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16525306; expires=Thu, 29 Sep 2022 02:59:32 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 29 Sep 2022 02:59:33 GMT; secure; SameSite=None
uncs=1; expires=Thu, 29 Sep 2022 02:59:33 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 29 Sep 2022 02:59:33 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 29 Sep 2022 02:59:33 GMT; secure; SameSite=None
slec53b23c00e857c12b9ec3a6750b627447=[3520333]; expires=Wed, 28 Sep 2022 02:59:38 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 32035e7c82a3aeab862408291695a704
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
javgg.net/wp-content/themes/javggnet/assets/js/front.scripts.min.js
104.21.6.180200 OK 5.6 kB URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/js/front.scripts.min.js
IP 104.21.6.180:0
File type ASCII text, with very long lines (4817), with no line terminators
Hash 12734d84b56133c8ee003aa6d0786e47
0d5ebd5d9cc1f0eb1c74c75c1450fa35da33ffb3
4306c92dc8b0906244f06027167195786ede557db78bef099db0427f53dee20f
GET /wp-content/themes/javggnet/assets/js/front.scripts.min.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript
last-modified: Fri, 05 Mar 2021 18:57:40 GMT
vary: Accept-Encoding
etag: W/"60427f24-12d1"
expires: Thu, 27 Oct 2022 19:13:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2bm3UxuQSSo1tiqS8Iuf1bzxS8L1zCuNBMym6nxs2ta2AZzsYpYf%2FnyEk4VHTe%2FNO4xYXdd901XopyCTjVR2Hfr2foMDB6U7A7cGBd82Th7oQHS%2F8O%2FMkPEzNQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939326a31b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
c29bbe639d.517a6efd5d.com/f77022b90356faf8846be454cfb4e93c.js
45.133.44.24200 OK 38 kB URL HTTP/2 c29bbe639d.517a6efd5d.com/f77022b90356faf8846be454cfb4e93c.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash 3a3c9e5775f35a7365f0a6aae9989911
d57a6a3080adaab38e133d30d335400fb9f67077
2bf1a9212672c97042e60d133f39635ce2c67de38f197f5e6760c265156b6fae
GET /f77022b90356faf8846be454cfb4e93c.js HTTP/1.1
Host: c29bbe639d.517a6efd5d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 23 Sep 2022 12:39:30 GMT
etag: W/"632da902-15a62"
content-encoding: gzip
expires: Wed, 28 Sep 2022 03:04:30 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-3.jpg
103.254.144.30200 OK 3.6 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-3.jpg
IP 103.254.144.30:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Hash d200be0a87c320b1b80240f64cbb506d
736243c53b3e3875c410320cb80f3a9ebe259f91
b244e2786a14ed8bcb392fba75e5fda2909a73359d22f88ea7c44d3ab2a64aa7
GET /digital/video/1sdnm355/1sdnm355-3.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-type: image/jpeg
content-length: 3594
last-modified: Wed, 03 Aug 2022 07:19:14 GMT
etag: "62ea2172-e0a"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzMQAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-4.jpg
103.254.144.30200 OK 5.6 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-4.jpg
IP 103.254.144.30:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Hash 7b0c634a3f6a44417e31ce26854b8030
ee8294402642480e465148d6108e4ba6ff29992d
79e245ed17ad88eba6238b84c6b389cac8bea2d02d26319abc8aa8d3d897e7f1
GET /digital/video/1sdnm355/1sdnm355-4.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-type: image/jpeg
content-length: 5602
last-modified: Wed, 03 Aug 2022 07:19:17 GMT
etag: "62ea2175-15e2"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzMRAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-5.jpg
103.254.144.30200 OK 4.7 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1sdnm355/1sdnm355-5.jpg
IP 103.254.144.30:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 120x90, components 3\012- data
Hash 34cec363cf4960ba6faaeb431725efac
f0f12c5851c32ea9d5d583b66cda81657591e944
7934205d90bfb92ca37ce25c02e4fe476189d1f17bdf82befe36b16005295b26
GET /digital/video/1sdnm355/1sdnm355-5.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-type: image/jpeg
content-length: 4716
last-modified: Wed, 03 Aug 2022 07:19:17 GMT
etag: "62ea2175-126c"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6QHmMzuJRJLy32XzMSAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
javgg.net/wp-content/uploads/2020/07/140_Gg_logo_logos-512.png
104.21.6.180200 OK 2.0 kB URL HTTP/2 javgg.net/wp-content/uploads/2020/07/140_Gg_logo_logos-512.png
IP 104.21.6.180:0
File type PNG image data, 512 x 512, 4-bit colormap, non-interlaced\012- data
Hash a5abf07ffe14012dd6e7fb604525065e
cc6323f6e65b0872716da70fa2b326a2e6c2c8cb
eee2844ba1a641b18681dc9c566927ee9a3208ccf010f7edbf337b7ce62e2ed4
GET /wp-content/uploads/2020/07/140_Gg_logo_logos-512.png HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:33 GMT
content-type: image/png
content-length: 2026
last-modified: Tue, 01 Feb 2022 12:17:26 GMT
etag: "61f924d6-7ea"
expires: Thu, 27 Oct 2022 19:13:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27685
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYLNueBJvCYfsPR0fk988Gkm2buytZ6jFOkJyXLCNHvmpQ2iY8HPMPmhYdDuFX30y9FdiSTn6uOkQjQxdLKtHaB1R4DMnjOLk5%2FEv9aTwJZMZfhoVZUGvlsAwF8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193944facfb517-OSL
X-Firefox-Spdy: h2
javgg.net/wp-admin/admin-ajax.php
104.21.6.180200 OK 94 kB URL HTTP/2 javgg.net/wp-admin/admin-ajax.php
IP 104.21.6.180:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d86991a5cb976f8db505e780a71f0e23
0496610b712c5d7224ead02728707d2163c73bc9
2995495a67cd46933200ce12d283af4dc8b79066f57e34dce55e29af09d50965
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 41
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Cookie: _ga=GA1.2.81713717.1664333969; _gid=GA1.2.213513287.1664333969; _gat=1; sb_main_53b23c00e857c12b9ec3a6750b627447=1; sb_count_53b23c00e857c12b9ec3a6750b627447=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:33 GMT
content-type: application/json; charset=UTF-8
set-cookie: starstruck_049b550d94aa443d7d092a8280918509=c85a124ccddc0d4464aecbae61f39ed1; expires=Thu, 28-Sep-2023 02:59:33 GMT; Max-Age=31536000; path=/
access-control-allow-origin: https://javgg.net
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHizR7gyDD3GgfILF5g9IzTxIh8w2Zy5CjbDbqIzHJJXd0Io%2Fh1YjhKBIoE%2BJ1GzeFdRTVB6J8L4Jg6yMOF03PB0HmcYN5P6QRSOobwXfbv9xWBlBjsi6DJxFpc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75193943ca43b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.66.118.16200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.66.118.16:0
File type ASCII text, with no line terminators
Hash 9ab948ffaca8406919d9adc58180f2e3
cb2ce9f25b2f69ed0c6e2e82b7dcb401e49bc6f4
9ec8a7e39012bc0624fa85b86ed284f186ec3e9ce07ae2cad9c5f1a88eb79182
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Cookie: uid_id2=c10b66c0-6c05-43ea-a64a-7b3a927289d4:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://javgg.net
access-control-allow-credentials: true
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01Oy2rEMAz8lf5AzEiWLGvPPbfQ0g9InHihh720LFvQx9fJ0qUaBHqMRsNgnuAT2xPzSf2UEU7JkYQTqcTL61sIxed8PZ/TZfsOkSpKYSaWa3h2dYSoqQKhNJKLFyphSiI8OKSRAwOsWWSvEjAUEB/vz0fSDkQGbjRU6PgaPHRHjdt+C+9rdW7urW3Grt26FYUvm+UVy0785xJ3JBAPA8F/g8gkmYVjokcjMQJxrOevn0uLeNDv0ENgmBHZ3VmxTfosGZnW5t17sdpdsNGy1Cq/ZB923VUBAAA=
95.211.229.245200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01Oy2rEMAz8lf5AzEiWLGvPPbfQ0g9InHihh720LFvQx9fJ0qUaBHqMRsNgnuAT2xPzSf2UEU7JkYQTqcTL61sIxed8PZ/TZfsOkSpKYSaWa3h2dYSoqQKhNJKLFyphSiI8OKSRAwOsWWSvEjAUEB/vz0fSDkQGbjRU6PgaPHRHjdt+C+9rdW7urW3Grt26FYUvm+UVy0785xJ3JBAPA8F/g8gkmYVjokcjMQJxrOevn0uLeNDv0ENgmBHZ3VmxTfosGZnW5t17sdpdsNGy1Cq/ZB923VUBAAA=
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01Oy2rEMAz8lf5AzEiWLGvPPbfQ0g9InHihh720LFvQx9fJ0qUaBHqMRsNgnuAT2xPzSf2UEU7JkYQTqcTL61sIxed8PZ/TZfsOkSpKYSaWa3h2dYSoqQKhNJKLFyphSiI8OKSRAwOsWWSvEjAUEB/vz0fSDkQGbjRU6PgaPHRHjdt+C+9rdW7urW3Grt26FYUvm+UVy0785xJ3JBAPA8F/g8gkmYVjokcjMQJxrOevn0uLeNDv0ENgmBHZ3VmxTfosGZnW5t17sdpdsNGy1Cq/ZB923VUBAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226333b892e2b071.422643241480154876%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 02:59:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://javgg.net
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226333b892e2b071.422643241480154876%22%3B%7D; expires=Fri, 27 Sep 2024 02:59:33 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%226333b892e2b071.422643241480154876%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22510.0199%22%7D; expires=Fri, 27 Sep 2024 02:59:33 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
incomprehensibleacrid.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHqze5%2FPhdVBZFUJmbuyCT7p6Z7hn3sLgbI9HsZt1V9CBIdVXNpDY1XU1V9%2FQkp%2BCCBBGcPei5851kw2qQ9aJeXKSzIBgR0noJaP6JxT2IB5nZYPRB8V7V91vwea%2Fqw63smLjI6NH8Fb0ulaJzrbpbO%2Feu512oLck4G9aG7eD9oHmhZgYvd4K6e772mmCres53Pdf1XK%2B2II3o6uHcRIRM9jpevePWm37dazUxNP%2Fd28yBpQ744Jg8Bcmr2QfOWUhWIu7fmxd2NdXJS6%2F2M0VTbTDgu2%2FHq7HOY%2FRPy65x0I13T9zQ9nDhPnS8M8WFHvxjjGRFnB%2FuI4p3TyARDbannJGCiBHx%2FyMflBCqhKQlmL4FyQ8JwDiuLiPu37mqTU7XHqt0olZk9tFDyLwis7%2BfRdz%2F8pKSw9oNrbJU6thi2C0ghyVkr0SS7SNdPwOZ74OlH0Dyn8ncoyXE%2Fe1lqzQkL6a9S1lCdksoMQK1DrLJkg6yroMscdDnRzXmeV7ockbddoexBg9FFHDXo2HXo54btJGxCd4IaTICUyMws4HEbGBV3q4I%2Bfp1mOx72JUCljuwaUWcNzcw4AVyQZBbgpwS5JIgTwnyQbHDlfVtcYcrm0XeSfZPcqMY67S3RXd02hMx2UqOyZPT4fz14p9YFUe1ViPyG8x1RbsVMs%2BPOoI1aBC23Cjww2YzhJUFpD0z7XddVuTpXxUSWZGZ33JEdB9W7YPJJ0Cz50Hzcei7oCvjZtvFenz3Jh30evVYpOC6QJLOIl1zttQxeXYK0frmCgQ7uPjTuT%2FKT947D2YKJKbATfmAoKc2x9d1Trav69ySr5aTVPblOp283o2UpmLm8zfEWq4NX5y3o7uvsIkwKffeEjZdojGXcc%2BSLy5JzoVZ0IYJ8t2ifUdE1zK7cikzcZYsXbu8sNhPjLBW6rgElYf2YzBZkf9RPf2Wzz3zEaQpYbIC%2FeyAnASk3gdLNmCTU3qrZ2DUqSdKHORZMTZ%2BdHqoZEX8hz9CiYOL98je8PLmZ6BRASv%2BdfG03rKb6JkXQNNbiPsFBqbAQBWgagSbzYzTxBxc%2FKUxDUTKGUfKONuRMur24%2FFaeVQLGw2XBp2WF4ZUhFHTb3cDj1PqNwM%2FCGgDqa1Y49tP%2FwYAAP%2F%2FAQAA%2F%2F%2FNvsgbZQQAAA%3D%3D
173.233.137.52200 OK 7 B URL HTTP/1.1 incomprehensibleacrid.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHqze5%2FPhdVBZFUJmbuyCT7p6Z7hn3sLgbI9HsZt1V9CBIdVXNpDY1XU1V9%2FQkp%2BCCBBGcPei5851kw2qQ9aJeXKSzIBgR0noJaP6JxT2IB5nZYPRB8V7V91vwea%2Fqw63smLjI6NH8Fb0ulaJzrbpbO%2Feu512oLck4G9aG7eD9oHmhZgYvd4K6e772mmCres53Pdf1XK%2B2II3o6uHcRIRM9jpevePWm37dazUxNP%2Fd28yBpQ744Jg8Bcmr2QfOWUhWIu7fmxd2NdXJS6%2F2M0VTbTDgu2%2FHq7HOY%2FRPy65x0I13T9zQ9nDhPnS8M8WFHvxjjGRFnB%2FuI4p3TyARDbannJGCiBHx%2FyMflBCqhKQlmL4FyQ8JwDiuLiPu37mqTU7XHqt0olZk9tFDyLwis7%2BfRdz%2F8pKSw9oNrbJU6thi2C0ghyVkr0SS7SNdPwOZ74OlH0Dyn8ncoyXE%2Fe1lqzQkL6a9S1lCdksoMQK1DrLJkg6yroMscdDnRzXmeV7ockbddoexBg9FFHDXo2HXo54btJGxCd4IaTICUyMws4HEbGBV3q4I%2Bfp1mOx72JUCljuwaUWcNzcw4AVyQZBbgpwS5JIgTwnyQbHDlfVtcYcrm0XeSfZPcqMY67S3RXd02hMx2UqOyZPT4fz14p9YFUe1ViPyG8x1RbsVMs%2BPOoI1aBC23Cjww2YzhJUFpD0z7XddVuTpXxUSWZGZ33JEdB9W7YPJJ0Cz50Hzcei7oCvjZtvFenz3Jh30evVYpOC6QJLOIl1zttQxeXYK0frmCgQ7uPjTuT%2FKT947D2YKJKbATfmAoKc2x9d1Trav69ySr5aTVPblOp283o2UpmLm8zfEWq4NX5y3o7uvsIkwKffeEjZdojGXcc%2BSLy5JzoVZ0IYJ8t2ifUdE1zK7cikzcZYsXbu8sNhPjLBW6rgElYf2YzBZkf9RPf2Wzz3zEaQpYbIC%2FeyAnASk3gdLNmCTU3qrZ2DUqSdKHORZMTZ%2BdHqoZEX8hz9CiYOL98je8PLmZ6BRASv%2BdfG03rKb6JkXQNNbiPsFBqbAQBWgagSbzYzTxBxc%2FKUxDUTKGUfKONuRMur24%2FFaeVQLGw2XBp2WF4ZUhFHTb3cDj1PqNwM%2FCGgDqa1Y49tP%2FwYAAP%2F%2FAQAA%2F%2F%2FNvsgbZQQAAA%3D%3D
IP 173.233.137.52:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwWskxRfHqze5%2FPhdVBZFUJmbuyCT7p6Z7hn3sLgbI9HsZt1V9CBIdVXNpDY1XU1V9%2FQkp%2BCCBBGcPei5851kw2qQ9aJeXKSzIBgR0noJaP6JxT2IB5nZYPRB8V7V91vwea%2Fqw63smLjI6NH8Fb0ulaJzrbpbO%2Feu512oLck4G9aG7eD9oHmhZgYvd4K6e772mmCres53Pdf1XK%2B2II3o6uHcRIRM9jpevePWm37dazUxNP%2Fd28yBpQ744Jg8Bcmr2QfOWUhWIu7fmxd2NdXJS6%2F2M0VTbTDgu2%2FHq7HOY%2FRPy65x0I13T9zQ9nDhPnS8M8WFHvxjjGRFnB%2FuI4p3TyARDbannJGCiBHx%2FyMflBCqhKQlmL4FyQ8JwDiuLiPu37mqTU7XHqt0olZk9tFDyLwis7%2BfRdz%2F8pKSw9oNrbJU6thi2C0ghyVkr0SS7SNdPwOZ74OlH0Dyn8ncoyXE%2Fe1lqzQkL6a9S1lCdksoMQK1DrLJkg6yroMscdDnRzXmeV7ockbddoexBg9FFHDXo2HXo54btJGxCd4IaTICUyMws4HEbGBV3q4I%2Bfp1mOx72JUCljuwaUWcNzcw4AVyQZBbgpwS5JIgTwnyQbHDlfVtcYcrm0XeSfZPcqMY67S3RXd02hMx2UqOyZPT4fz14p9YFUe1ViPyG8x1RbsVMs%2BPOoI1aBC23Cjww2YzhJUFpD0z7XddVuTpXxUSWZGZ33JEdB9W7YPJJ0Cz50Hzcei7oCvjZtvFenz3Jh30evVYpOC6QJLOIl1zttQxeXYK0frmCgQ7uPjTuT%2FKT947D2YKJKbATfmAoKc2x9d1Trav69ySr5aTVPblOp283o2UpmLm8zfEWq4NX5y3o7uvsIkwKffeEjZdojGXcc%2BSLy5JzoVZ0IYJ8t2ifUdE1zK7cikzcZYsXbu8sNhPjLBW6rgElYf2YzBZkf9RPf2Wzz3zEaQpYbIC%2FeyAnASk3gdLNmCTU3qrZ2DUqSdKHORZMTZ%2BdHqoZEX8hz9CiYOL98je8PLmZ6BRASv%2BdfG03rKb6JkXQNNbiPsFBqbAQBWgagSbzYzTxBxc%2FKUxDUTKGUfKONuRMur24%2FFaeVQLGw2XBp2WF4ZUhFHTb3cDj1PqNwM%2FCGgDqa1Y49tP%2FwYAAP%2F%2FAQAA%2F%2F%2FNvsgbZQQAAA%3D%3D HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: u_pl=16525306; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec53b23c00e857c12b9ec3a6750b627447=[3520333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 02:59:33 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a391b414194e3fcf99703346adbcb766
Strict-Transport-Security: max-age=0; includeSubdomains
s3t3d2y8.afcdn.net/library/448451/e1854b9c9aacd74ca5a5ba971fbcee29dec61d1f.mp4
185.76.9.25206 Partial Content 20 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/448451/e1854b9c9aacd74ca5a5ba971fbcee29dec61d1f.mp4
IP 185.76.9.25:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 3ea9b335bfa30f346ba6640b0d59d75a
e1854b9c9aacd74ca5a5ba971fbcee29dec61d1f
26fcff889cf6cd649f461ac43376b5f1a6e53b64ee2a36e6f9e5d8390052a31b
GET /library/448451/e1854b9c9aacd74ca5a5ba971fbcee29dec61d1f.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Wed, 28 Sep 2022 02:59:33 GMT
content-type: video/mp4
content-length: 19553
last-modified: Tue, 09 Aug 2022 11:14:51 GMT
etag: "62f241ab-4c61"
expires: Wed, 09 Aug 2023 11:38:13 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1691581155
server: CDN77-Turbo
x-77-nzt: AblMCRSYPsD/MnFBAA
x-77-nzt-ray: wJeKrQH9UBw
x-cache: HIT
x-age: 4288818
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-19552/19553
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 17660c2573efae96e0be2cd1e91793c2
471d77949f1bb950f290dac7966e79c55c793bf9
9c170e91bcf1525666fbc19da62f3b53fb69d2d1afbef0d3fc1b603784d82cff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C170E91BCF1525666FBC19DA62F3B53FB69D2D1AFBEF0D3FC1B603784D82CFF"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3898
Expires: Wed, 28 Sep 2022 04:04:31 GMT
Date: Wed, 28 Sep 2022 02:59:33 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e080fece08156ec53ad041163b97549a
e0e46ee66144f21eeb7038b94c75bda87daf0a02
00cb5bf7d3af6936124c200fd5004abad8c3d587cff068078e310d8ae6bf480d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5344
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:33 GMT
Last-Modified: Wed, 28 Sep 2022 01:30:29 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
notification.tubecup.net/tags?tag_id=9625&timezone_olson=UTC&version_name=a
94.130.197.136200 OK 1.8 kB URL HTTP/2 notification.tubecup.net/tags?tag_id=9625&timezone_olson=UTC&version_name=a
IP 94.130.197.136:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (1812), with no line terminators
Hash ee7127c3bf60d3b71f9f62ad85af89be
3ccd5f69c8a79cbd583dc72239c7c93d7ee3394f
614fa7e2a3c6c60b0f2c8ef33d91e5b16746e6cecb0c67d187ecb4f7ee48aaa2
GET /tags?tag_id=9625&timezone_olson=UTC&version_name=a HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 28 Sep 2022 02:59:33 GMT
content-type: application/json
content-length: 1812
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e080fece08156ec53ad041163b97549a
e0e46ee66144f21eeb7038b94c75bda87daf0a02
00cb5bf7d3af6936124c200fd5004abad8c3d587cff068078e310d8ae6bf480d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5344
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:33 GMT
Last-Modified: Wed, 28 Sep 2022 01:30:29 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
fp.metricswpsh.com/fp?tag_id=9625
157.90.84.244204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=9625
IP 157.90.84.244:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=9625 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://javgg.net/
Origin: https://javgg.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Wed, 28 Sep 2022 02:59:33 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://javgg.net
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
img.strpst.com/thumbs/1664333778/83014846
104.16.61.52200 OK 45 kB URL HTTP/2 img.strpst.com/thumbs/1664333778/83014846
IP 104.16.61.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 648x360, components 3\012- data
Hash 66066bd70ff7538785a34c6d9298190e
2fb49cf7af46e3b1512ba3d0015c220b087e34a4
3ebe75758b9735441ee203b5f22a8207dc30b968a5ded04b9d4567f569527278
GET /thumbs/1664333778/83014846 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxvjmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:33 GMT
content-type: image/jpeg
content-length: 45231
cf-bgj: imgq:100,h2pri
cf-polished: origSize=46946, status=webp_bigger
etag: "cba3072450d524f2d35078ceada6326b"
last-modified: Wed, 28 Sep 2022 02:56:43 GMT
cf-cache-status: HIT
expires: Wed, 28 Sep 2022 03:04:33 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751939479e190b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1664333778/82617775
104.16.61.52200 OK 62 kB URL HTTP/2 img.strpst.com/thumbs/1664333778/82617775
IP 104.16.61.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 0a15428447ea0323d0474506acae746a
69519fca279bfb0643e3bf3c74c3b9eaa3371ffc
1094ad306c58c5d36ecf36bfb1e5d764bbfc13b92bebc4ae96ae1a0819e395ee
GET /thumbs/1664333778/82617775 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xxxvjmp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:33 GMT
content-type: image/jpeg
content-length: 61904
cf-bgj: imgq:100,h2pri
cf-polished: origSize=64030, status=webp_bigger
etag: "8846e79ac7479adf05a1082dd833fc40"
last-modified: Wed, 28 Sep 2022 02:56:43 GMT
cf-cache-status: HIT
expires: Wed, 28 Sep 2022 03:04:33 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193947be2a0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e080fece08156ec53ad041163b97549a
e0e46ee66144f21eeb7038b94c75bda87daf0a02
00cb5bf7d3af6936124c200fd5004abad8c3d587cff068078e310d8ae6bf480d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5344
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:33 GMT
Last-Modified: Wed, 28 Sep 2022 01:30:29 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
fp.metricswpsh.com/fp?tag_id=9625
157.90.84.244200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=9625
IP 157.90.84.244:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash d8ded99ae3089c609f0f3dfd190a3299
aa378c43d5b8dc4887db4f93f86a319f75731b6f
f5526ab1e5df71c978b3db3ada96990b256be308611834bea29d342b88338000
POST /fp?tag_id=9625 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22268
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 28 Sep 2022 02:59:33 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://javgg.net
Set-Cookie: id=3675182247278206455; Expires=Thu, 28 Sep 2023 02:59:33 GMT; Secure; SameSite=None
Vary: Origin
c29bbe639d.517a6efd5d.com/5eed51b2b5c2a5a10bbd11bc84c06131.js
45.133.44.24200 OK 72 kB URL HTTP/2 c29bbe639d.517a6efd5d.com/5eed51b2b5c2a5a10bbd11bc84c06131.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash 179ef8f64d90f37eee1fd31e6b89ae47
8c4a8553df5c8d8f439c82ab40bff57320a1c395
4a7180e94ed3af8bf905454a9d5c1fb1d855ab11748eb0bfeba9774cd3002668
GET /5eed51b2b5c2a5a10bbd11bc84c06131.js HTTP/1.1
Host: c29bbe639d.517a6efd5d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:33 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 12 Sep 2022 14:09:08 GMT
etag: W/"631f3d84-4185c"
content-encoding: gzip
expires: Wed, 28 Sep 2022 03:04:33 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
192d42a802.20e2b2c425.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI2ODIxMDg4Nzk0ODAyOTYwMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuOC4xIiwidGFnX2lkIjo5NjI1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjIuNjMsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbCwidXNlcl9rZXl3b3JkcyI6IlNETk0tMzU1JTJDTW90aGVyJTJDV2hvJTJDUmFpc2VzJTJDMyUyQ0NoaWxkcmVuJTJDV2l0Li4lMkMlMkNKYXZHRy5uZXQlMkNTRE5NLTM1NSUyQ0pBViUyQ01vdGhlciUyQ1dobyUyQ1JhaXNlcyUyQzMlMkNDaGlsZHJlbiUyQ1dpdGglMkNBJTJDTG90JTJDT2YlMkNCcmVhc3QlMkNNaWxrJTJDS2FobyUyQ1RhbWFraSUyQzI5JTJDWWVhcnMlMkNPbGQlMkNTT0QlMkNDcmVhdGUlMkNUYW1ha2klMkNLYWhvJTJDJUU3JThFJTg5JUU1JTlGJThFJUU1JUE0JThGJUU1JUI4JTg2JTJDU0ROTTM1NSUyMCJ9
45.133.44.25200 OK 0 B URL HTTP/2 192d42a802.20e2b2c425.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI2ODIxMDg4Nzk0ODAyOTYwMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuOC4xIiwidGFnX2lkIjo5NjI1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjIuNjMsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbCwidXNlcl9rZXl3b3JkcyI6IlNETk0tMzU1JTJDTW90aGVyJTJDV2hvJTJDUmFpc2VzJTJDMyUyQ0NoaWxkcmVuJTJDV2l0Li4lMkMlMkNKYXZHRy5uZXQlMkNTRE5NLTM1NSUyQ0pBViUyQ01vdGhlciUyQ1dobyUyQ1JhaXNlcyUyQzMlMkNDaGlsZHJlbiUyQ1dpdGglMkNBJTJDTG90JTJDT2YlMkNCcmVhc3QlMkNNaWxrJTJDS2FobyUyQ1RhbWFraSUyQzI5JTJDWWVhcnMlMkNPbGQlMkNTT0QlMkNDcmVhdGUlMkNUYW1ha2klMkNLYWhvJTJDJUU3JThFJTg5JUU1JTlGJThFJUU1JUE0JThGJUU1JUI4JTg2JTJDU0ROTTM1NSUyMCJ9
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI2ODIxMDg4Nzk0ODAyOTYwMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuOC4xIiwidGFnX2lkIjo5NjI1LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjIuNjMsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbCwidXNlcl9rZXl3b3JkcyI6IlNETk0tMzU1JTJDTW90aGVyJTJDV2hvJTJDUmFpc2VzJTJDMyUyQ0NoaWxkcmVuJTJDV2l0Li4lMkMlMkNKYXZHRy5uZXQlMkNTRE5NLTM1NSUyQ0pBViUyQ01vdGhlciUyQ1dobyUyQ1JhaXNlcyUyQzMlMkNDaGlsZHJlbiUyQ1dpdGglMkNBJTJDTG90JTJDT2YlMkNCcmVhc3QlMkNNaWxrJTJDS2FobyUyQ1RhbWFraSUyQzI5JTJDWWVhcnMlMkNPbGQlMkNTT0QlMkNDcmVhdGUlMkNUYW1ha2klMkNLYWhvJTJDJUU3JThFJTg5JUU1JTlGJThFJUU1JUE0JThGJUU1JUI4JTg2JTJDU0ROTTM1NSUyMCJ9 HTTP/1.1
Host: 192d42a802.20e2b2c425.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:33 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
go.xxxvjmp.com/thumbs/view
172.64.145.216200 OK 593 B URL HTTP/2 go.xxxvjmp.com/thumbs/view
IP 172.64.145.216:0
File type JSON data\012- , ASCII text
Hash aa58674e2b4d26bdc47633ef20a069c1
103a41e3893b9e0e5eec56b970a09c23e6ae7aa3
64ae7bcaaf2cb9a850fe77cf09795c6143ad0c75e32e6a8be4b0d65dd11d426e
POST /thumbs/view HTTP/1.1
Host: go.xxxvjmp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xxxvjmp.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://creative.xxxvjmp.com
Content-Length: 144
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:33 GMT
content-type: application/json
access-control-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28uukSkGJRy5UBr1MAvzNuwf2BatEpi3jkeifczkC; SameSite=None; Secure; path=/; expires=Thu, 29-Sep-22 01:59:33 GMT; HttpOnly
server: cloudflare
cf-ray: 751939487da01c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c29bbe639d.517a6efd5d.com/30a6d8967ffb6d74401f6ef56a180d5a.js
45.133.44.24200 OK 13 kB URL HTTP/2 c29bbe639d.517a6efd5d.com/30a6d8967ffb6d74401f6ef56a180d5a.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash 50933d057808739ab0e4da5d35382cef
1a98e947f0d32af2a5624c3c54651083f0c4d448
337707d12216d5e4cf1b9a6d7ff73b2b25575332540f64490bc8ff9a5d5f58de
GET /30a6d8967ffb6d74401f6ef56a180d5a.js HTTP/1.1
Host: c29bbe639d.517a6efd5d.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:33 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 13 Sep 2022 12:49:57 GMT
etag: W/"63207c75-d220"
content-encoding: gzip
expires: Wed, 28 Sep 2022 03:04:33 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 18cf22b4e3cc429a7729bcf4525947ab
aa55e230bd256b7d93ade17a174ceadae789dca5
38edbe70f90ed5a050c0b2c954a5ff5982facd46318e891035925b96b3eddf21
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "38EDBE70F90ED5A050C0B2C954A5FF5982FACD46318E891035925B96B3EDDF21"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12867
Expires: Wed, 28 Sep 2022 06:34:01 GMT
Date: Wed, 28 Sep 2022 02:59:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 23684bf8f44b9a88a8b5cca8519d63d6
b8fd969fd47d392b126c9bc726713d5c359d7375
d01727520812c38ec361173e7b2790dbc572bdf378cdc12bc11caee749dc6541
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D01727520812C38EC361173E7B2790DBC572BDF378CDC12BC11CAEE749DC6541"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18996
Expires: Wed, 28 Sep 2022 08:16:10 GMT
Date: Wed, 28 Sep 2022 02:59:34 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 18cf22b4e3cc429a7729bcf4525947ab
aa55e230bd256b7d93ade17a174ceadae789dca5
38edbe70f90ed5a050c0b2c954a5ff5982facd46318e891035925b96b3eddf21
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "38EDBE70F90ED5A050C0B2C954A5FF5982FACD46318E891035925B96B3EDDF21"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12867
Expires: Wed, 28 Sep 2022 06:34:01 GMT
Date: Wed, 28 Sep 2022 02:59:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 23684bf8f44b9a88a8b5cca8519d63d6
b8fd969fd47d392b126c9bc726713d5c359d7375
d01727520812c38ec361173e7b2790dbc572bdf378cdc12bc11caee749dc6541
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D01727520812C38EC361173E7B2790DBC572BDF378CDC12BC11CAEE749DC6541"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18996
Expires: Wed, 28 Sep 2022 08:16:10 GMT
Date: Wed, 28 Sep 2022 02:59:34 GMT
Connection: keep-alive
incomprehensibleacrid.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5d%2F1e%2F66%2F5d1e6654b79f5bf053b789353432e45e%2F1613739250.html&l=1274&fd=432
173.233.137.52200 OK 0 B URL HTTP/1.1 incomprehensibleacrid.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5d%2F1e%2F66%2F5d1e6654b79f5bf053b789353432e45e%2F1613739250.html&l=1274&fd=432
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5d%2F1e%2F66%2F5d1e6654b79f5bf053b789353432e45e%2F1613739250.html&l=1274&fd=432 HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: u_pl=16525306; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec53b23c00e857c12b9ec3a6750b627447=[3520333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 02:59:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
bd2ca6c82d.20e2b2c425.com/in/multy
168.119.25.22204 No Content 0 B URL HTTP/2 bd2ca6c82d.20e2b2c425.com/in/multy
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /in/multy HTTP/1.1
Host: bd2ca6c82d.20e2b2c425.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://javgg.net/
Origin: https://javgg.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.18.0
date: Wed, 28 Sep 2022 02:59:34 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
nereserv.com/in/dip?site=native-push&wl=1&event_id=942986a9-8804-41d0-ab26-2c8add97cb66&subid=1925659414&sid=3907982844&spot_id=8228&created_at=2022-09-28&timezone=0&ver=7.3.0&is_native=1
168.119.25.22200 OK 0 B URL HTTP/2 nereserv.com/in/dip?site=native-push&wl=1&event_id=942986a9-8804-41d0-ab26-2c8add97cb66&subid=1925659414&sid=3907982844&spot_id=8228&created_at=2022-09-28&timezone=0&ver=7.3.0&is_native=1
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=942986a9-8804-41d0-ab26-2c8add97cb66&subid=1925659414&sid=3907982844&spot_id=8228&created_at=2022-09-28&timezone=0&ver=7.3.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 28 Sep 2022 02:59:34 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8e8875e1d01f3cfb802924da39423312
bb0fd5fc279cafe09b8ce5d00e3a31bdd03cf9ad
fc0a2cdc09ce8365b0eb9fdf07ae268d11cdcc69c92bc045764843bc6f2b05b6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC0A2CDC09CE8365B0EB9FDF07AE268D11CDCC69C92BC045764843BC6F2B05B6"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2867
Expires: Wed, 28 Sep 2022 03:47:21 GMT
Date: Wed, 28 Sep 2022 02:59:34 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 18cf22b4e3cc429a7729bcf4525947ab
aa55e230bd256b7d93ade17a174ceadae789dca5
38edbe70f90ed5a050c0b2c954a5ff5982facd46318e891035925b96b3eddf21
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "38EDBE70F90ED5A050C0B2C954A5FF5982FACD46318E891035925B96B3EDDF21"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12867
Expires: Wed, 28 Sep 2022 06:34:01 GMT
Date: Wed, 28 Sep 2022 02:59:34 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/5a/64/23/5a6423eabb734da73b97371ea67be959/1658144657.jpg
45.133.44.9200 OK 17 kB URL HTTP/2 cdn.cloudimagesb.com/si/5a/64/23/5a6423eabb734da73b97371ea67be959/1658144657.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash c22ff55c863b2414205b04cc3747edfb
5490b3da882c95fa66913143eb4d472457c0e045
b3f3ebb3a107d88eb97d98ef637c97f2315f1186b52a38fd3a10af6868c8452b
GET /si/5a/64/23/5a6423eabb734da73b97371ea67be959/1658144657.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:34 GMT
content-type: image/jpeg
content-length: 16979
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:44:25 GMT
etag: "62d54799-4253"
expires: Fri, 30 Sep 2022 02:59:34 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
incomprehensibleacrid.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=131
173.233.137.52200 OK 0 B URL HTTP/1.1 incomprehensibleacrid.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=131
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=131 HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: u_pl=16525306; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec53b23c00e857c12b9ec3a6750b627447=[3520333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 02:59:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b56134771794748d7d8788b4f4e677c2
104d818d4b9ef1f1bd8e96c860766d021fc628f5
da1ae9892ad3e3453af5b255d0c5a3cd145f45e1444a1406cbbb5e663959c2b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA1AE9892AD3E3453AF5B255D0C5A3CD145F45E1444A1406CBBB5E663959C2B3"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11622
Expires: Wed, 28 Sep 2022 06:13:16 GMT
Date: Wed, 28 Sep 2022 02:59:34 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/img/close.svg
172.64.200.2200 OK 585 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/img/close.svg
IP 172.64.200.2:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash bce897c680cae17c899994ba9f1a68da
698c9fbcd96ab6e61b7bb9b6039eb439a24839fd
8313e273fc788c1d37c114316ecf3b22cc7cd3c65c8585acc9c6b3595dd06734
GET /sb/ssp/utility/social-media/whatsapp/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:34 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:19:43 GMT
etag: W/"60254b0f-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4812904
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5E5yxDjfYmx6yuj1VAuh237Ihf0iRDak9CBlsNRkWX16ZVFRugd8RMagPdwSApGsxV%2BICGR2hu%2BBBhCgAxnI8z57rG3rbhG6u5zOGNPLf%2BIgI4wYH9SMyjdIFXRHKH9dtH0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193949ecea8e26-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
incomprehensibleacrid.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fstyle.css&l=6334&fd=144
173.233.137.52200 OK 0 B URL HTTP/1.1 incomprehensibleacrid.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fstyle.css&l=6334&fd=144
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fstyle.css&l=6334&fd=144 HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: u_pl=16525306; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec53b23c00e857c12b9ec3a6750b627447=[3520333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 02:59:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
unseenreport.com/pxf.gif?uuid=c10b66c0-6c05-43ea-a64a-7b3a927289d4&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=53b23c00e857c12b9ec3a6750b627447&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=c10b66c0-6c05-43ea-a64a-7b3a927289d4&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=53b23c00e857c12b9ec3a6750b627447&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=c10b66c0-6c05-43ea-a64a-7b3a927289d4&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=53b23c00e857c12b9ec3a6750b627447&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 28 Sep 2022 02:59:34 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a02cbd7e48db530d06fda1f676bb3704
Strict-Transport-Security: max-age=0; includeSubdomains
incomprehensibleacrid.com/pixel/sbs?c=1
173.233.137.52200 OK 0 B URL HTTP/1.1 incomprehensibleacrid.com/pixel/sbs?c=1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: u_pl=16525306; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec53b23c00e857c12b9ec3a6750b627447=[3520333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 02:59:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
incomprehensibleacrid.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSzWtdxRvH5zTZ%2FPhtVIoiqNydLcjNOfc9dhFMYySaNrVVdCHIvN2baeaeOcycl5usggUJIni70PXJ9yYN1SB1o24sclIQjAg5uglo%2FoliF%2BJC7m0w%2BsDwPDPf78DneWY%2B3E5OiI%2BEHi9cMRtKazrTrPqVC%2B8GwaXKsgqTQWXQab3falyq2PTl2VbVv1h5TfI1M1PzA98P%2FKCyqKzsmsHMWISK9meD6qxfbdSqQbOBgf3v3iUeHPUg0hPyFJQopx9456F4gbB%2Fb0G6tdhEL73aTzSNjUUq9t4O10KTheiflV3roRvunbph3NHifZhwd4ILk%2F5jZKok3g%2F3wcK9U0iwdGfCyTRkCCb%2BjywtIHUBRQtwcwtKHBGAC1xdQdi%2Fc9XYjK4%2FVulYLcn0o4dQWUmmfz%2BPsP%2FlvFaDyg2jk1iZ0GHQzaEGBVSvQJQcIN44B5UdgMcfQImfycyjZYT9nRWnDZTIJ70rVUB1C2g5BHUekvFSHpKuhyTy0BfHFR4EQdsXnPqdWc7roi1ZS%2FgBbXcDGvitDhI%2BxhsijobgeghuNxHZTayp2yUhX78Om3wPt5rDCQ8uLon35iZSkSOTBJkjyChBpgiymCBL812hXc3ld4R2CQtOc%2B001%2FORiXvbdNfEPRmS7eiEPDkZzl8v%2Fok1eVxp1lmtzn1fdpptHtTYrOR12mo3fdaqtRuNNpzKody5Sb8bqiRP%2F6oRqZJM%2FZaB0QM4fQCungBNngfNRu2aD7o6anR8bIR3b9K016uGMoYwOaJ4GvG6t61PyLMTiOY3VyD54dxPF%2F4oPnnvIrjNEdkcN9UDgp7eGl03Gdm5bjJHvlqJYtVXG3T8ejdiGsupz9%2BQ65mxYmnBDe%2B%2BwsfCuNx%2FS7p4mYZChT1HvphXQki7aCyX5Lsl945k1xK3Op%2FYMImWr11eXOpHVjqnTFiAqiP3Mbgqyf%2BomXzL5575CMoWsEmOfnJITgPKHIBHm3DRGb0zU7D6zMMiD1mSj2yNnR1qVZLawx%2Bh5eHcPbI%2FuLz1GSjL4eS%2FLp7V224LPfsCaHwLYT9HanOkOgfVQ7hkahRH9nDul%2FokwLQ3Ytp6O0xbffvxeJ06rtR90WayK9tMNpqNruSCNZvM513O6qLT4Yhdyevffvo3AAAA%2F%2F8BAAD%2F%2F01qHfNlBAAA
173.233.137.52200 OK 7 B URL HTTP/1.1 incomprehensibleacrid.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSzWtdxRvH5zTZ%2FPhtVIoiqNydLcjNOfc9dhFMYySaNrVVdCHIvN2baeaeOcycl5usggUJIni70PXJ9yYN1SB1o24sclIQjAg5uglo%2FoliF%2BJC7m0w%2BsDwPDPf78DneWY%2B3E5OiI%2BEHi9cMRtKazrTrPqVC%2B8GwaXKsgqTQWXQab3falyq2PTl2VbVv1h5TfI1M1PzA98P%2FKCyqKzsmsHMWISK9meD6qxfbdSqQbOBgf3v3iUeHPUg0hPyFJQopx9456F4gbB%2Fb0G6tdhEL73aTzSNjUUq9t4O10KTheiflV3roRvunbph3NHifZhwd4ILk%2F5jZKok3g%2F3wcK9U0iwdGfCyTRkCCb%2BjywtIHUBRQtwcwtKHBGAC1xdQdi%2Fc9XYjK4%2FVulYLcn0o4dQWUmmfz%2BPsP%2FlvFaDyg2jk1iZ0GHQzaEGBVSvQJQcIN44B5UdgMcfQImfycyjZYT9nRWnDZTIJ70rVUB1C2g5BHUekvFSHpKuhyTy0BfHFR4EQdsXnPqdWc7roi1ZS%2FgBbXcDGvitDhI%2BxhsijobgeghuNxHZTayp2yUhX78Om3wPt5rDCQ8uLon35iZSkSOTBJkjyChBpgiymCBL812hXc3ld4R2CQtOc%2B001%2FORiXvbdNfEPRmS7eiEPDkZzl8v%2Fok1eVxp1lmtzn1fdpptHtTYrOR12mo3fdaqtRuNNpzKody5Sb8bqiRP%2F6oRqZJM%2FZaB0QM4fQCungBNngfNRu2aD7o6anR8bIR3b9K016uGMoYwOaJ4GvG6t61PyLMTiOY3VyD54dxPF%2F4oPnnvIrjNEdkcN9UDgp7eGl03Gdm5bjJHvlqJYtVXG3T8ejdiGsupz9%2BQ65mxYmnBDe%2B%2BwsfCuNx%2FS7p4mYZChT1HvphXQki7aCyX5Lsl945k1xK3Op%2FYMImWr11eXOpHVjqnTFiAqiP3Mbgqyf%2BomXzL5575CMoWsEmOfnJITgPKHIBHm3DRGb0zU7D6zMMiD1mSj2yNnR1qVZLawx%2Bh5eHcPbI%2FuLz1GSjL4eS%2FLp7V224LPfsCaHwLYT9HanOkOgfVQ7hkahRH9nDul%2FokwLQ3Ytp6O0xbffvxeJ06rtR90WayK9tMNpqNruSCNZvM513O6qLT4Yhdyevffvo3AAAA%2F%2F8BAAD%2F%2F01qHfNlBAAA
IP 173.233.137.52:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSzWtdxRvH5zTZ%2FPhtVIoiqNydLcjNOfc9dhFMYySaNrVVdCHIvN2baeaeOcycl5usggUJIni70PXJ9yYN1SB1o24sclIQjAg5uglo%2FoliF%2BJC7m0w%2BsDwPDPf78DneWY%2B3E5OiI%2BEHi9cMRtKazrTrPqVC%2B8GwaXKsgqTQWXQab3falyq2PTl2VbVv1h5TfI1M1PzA98P%2FKCyqKzsmsHMWISK9meD6qxfbdSqQbOBgf3v3iUeHPUg0hPyFJQopx9456F4gbB%2Fb0G6tdhEL73aTzSNjUUq9t4O10KTheiflV3roRvunbph3NHifZhwd4ILk%2F5jZKok3g%2F3wcK9U0iwdGfCyTRkCCb%2BjywtIHUBRQtwcwtKHBGAC1xdQdi%2Fc9XYjK4%2FVulYLcn0o4dQWUmmfz%2BPsP%2FlvFaDyg2jk1iZ0GHQzaEGBVSvQJQcIN44B5UdgMcfQImfycyjZYT9nRWnDZTIJ70rVUB1C2g5BHUekvFSHpKuhyTy0BfHFR4EQdsXnPqdWc7roi1ZS%2FgBbXcDGvitDhI%2BxhsijobgeghuNxHZTayp2yUhX78Om3wPt5rDCQ8uLon35iZSkSOTBJkjyChBpgiymCBL812hXc3ld4R2CQtOc%2B001%2FORiXvbdNfEPRmS7eiEPDkZzl8v%2Fok1eVxp1lmtzn1fdpptHtTYrOR12mo3fdaqtRuNNpzKody5Sb8bqiRP%2F6oRqZJM%2FZaB0QM4fQCungBNngfNRu2aD7o6anR8bIR3b9K016uGMoYwOaJ4GvG6t61PyLMTiOY3VyD54dxPF%2F4oPnnvIrjNEdkcN9UDgp7eGl03Gdm5bjJHvlqJYtVXG3T8ejdiGsupz9%2BQ65mxYmnBDe%2B%2BwsfCuNx%2FS7p4mYZChT1HvphXQki7aCyX5Lsl945k1xK3Op%2FYMImWr11eXOpHVjqnTFiAqiP3Mbgqyf%2BomXzL5575CMoWsEmOfnJITgPKHIBHm3DRGb0zU7D6zMMiD1mSj2yNnR1qVZLawx%2Bh5eHcPbI%2FuLz1GSjL4eS%2FLp7V224LPfsCaHwLYT9HanOkOgfVQ7hkahRH9nDul%2FokwLQ3Ytp6O0xbffvxeJ06rtR90WayK9tMNpqNruSCNZvM513O6qLT4Yhdyevffvo3AAAA%2F%2F8BAAD%2F%2F01qHfNlBAAA HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Cookie: u_pl=16525306; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec53b23c00e857c12b9ec3a6750b627447=[3520333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 02:59:34 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 45e8eadc7ba08eae1dd71b7dd341ea3e
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-175022170-1&cid=81713717.1664333969&jid=58774268&gjid=210560058&_gid=213513287.1664333969&_u=IEBAAEAAAAAAAC~&z=170275473
64.233.165.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-175022170-1&cid=81713717.1664333969&jid=58774268&gjid=210560058&_gid=213513287.1664333969&_u=IEBAAEAAAAAAAC~&z=170275473
IP 64.233.165.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-175022170-1&cid=81713717.1664333969&jid=58774268&gjid=210560058&_gid=213513287.1664333969&_u=IEBAAEAAAAAAAC~&z=170275473 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://javgg.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 02:59:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bd2ca6c82d.20e2b2c425.com/in/multy
168.119.25.22200 OK 11 kB URL HTTP/2 bd2ca6c82d.20e2b2c425.com/in/multy
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (11290), with no line terminators
Hash c7dc3b609ee3bd6ccc5467693a4e1b49
c4f0cc105b0b7fbb322c2db5e59b4138d8152310
a9e3f8be27071eb78ab54a2e69f68e91f36e6459eb200e904a5c83eefd5592ba
POST /in/multy HTTP/1.1
Host: bd2ca6c82d.20e2b2c425.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 920
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 28 Sep 2022 02:59:35 GMT
content-type: application/json
content-length: 11291
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
bd2ca6c82d.20e2b2c425.com/in/show/?mid=1245060633&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=1925659414&sid=3907982844&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=7.3.0&ver_c=&refdom=javgg.net&hostname=auc-inpage-hz-2-a&site_id=318228&spot_id=8228&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=2022-09-28&is_native=4&auction_queue=0&burl=yzqxh4vLvIjZpJfAoDKjhnmBrFeC1sVOuzQg2GtUA9g3ytL0-UAo9g&pop_winurl=&ip=91.90.42.154&testab=0&px_id=0&adblock=0&auction_host=dch&mm=0&yc=0&render_type=mq&campaign_type=pop-default&uniq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&exp=0&resp_type=&iabcat=IAB25-3&min_cpm=0&placement_type_id=&skin_test=0&verify_hash=9cde91da3e517a8381b35a732e72c44e&score=71.9553689222333&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1925659414%26spot_id%3D8228%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjavgg.net%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=a&original_bid=0&v2_track=0&url=18c9B0Dxm3QJICQiy7RhaMNOEWx7obYWRl_Yx93rRH_O1-SgP_b3z22sicE5GEUUcZrgiygiUbp9iHiUiHdAs-v33risxADcL9LaBjQtYxtg8hbbf83YQwF6rLUG0khOU1OjP2lCVynimGUhlWdrAHWFbJLjz2_uydtSfT0AX1q5fAWg8A&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=2&vertical_id=0&real_bid=0&pr=&user_keywords=&auc_type=1&aid=0&ext_cid=0&device_theme=light&keywords=Japanese&mlc=1&format=default-slide-b_r-container&mlf=1&cpa=d634c722-62ec-450d-939e-225450fb3da3
168.119.25.22302 Found 0 B URL HTTP/2 bd2ca6c82d.20e2b2c425.com/in/show/?mid=1245060633&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=1925659414&sid=3907982844&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=7.3.0&ver_c=&refdom=javgg.net&hostname=auc-inpage-hz-2-a&site_id=318228&spot_id=8228&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=2022-09-28&is_native=4&auction_queue=0&burl=yzqxh4vLvIjZpJfAoDKjhnmBrFeC1sVOuzQg2GtUA9g3ytL0-UAo9g&pop_winurl=&ip=91.90.42.154&testab=0&px_id=0&adblock=0&auction_host=dch&mm=0&yc=0&render_type=mq&campaign_type=pop-default&uniq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&exp=0&resp_type=&iabcat=IAB25-3&min_cpm=0&placement_type_id=&skin_test=0&verify_hash=9cde91da3e517a8381b35a732e72c44e&score=71.9553689222333&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1925659414%26spot_id%3D8228%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjavgg.net%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=a&original_bid=0&v2_track=0&url=18c9B0Dxm3QJICQiy7RhaMNOEWx7obYWRl_Yx93rRH_O1-SgP_b3z22sicE5GEUUcZrgiygiUbp9iHiUiHdAs-v33risxADcL9LaBjQtYxtg8hbbf83YQwF6rLUG0khOU1OjP2lCVynimGUhlWdrAHWFbJLjz2_uydtSfT0AX1q5fAWg8A&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=2&vertical_id=0&real_bid=0&pr=&user_keywords=&auc_type=1&aid=0&ext_cid=0&device_theme=light&keywords=Japanese&mlc=1&format=default-slide-b_r-container&mlf=1&cpa=d634c722-62ec-450d-939e-225450fb3da3
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?mid=1245060633&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=1925659414&sid=3907982844&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=7.3.0&ver_c=&refdom=javgg.net&hostname=auc-inpage-hz-2-a&site_id=318228&spot_id=8228&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=2022-09-28&is_native=4&auction_queue=0&burl=yzqxh4vLvIjZpJfAoDKjhnmBrFeC1sVOuzQg2GtUA9g3ytL0-UAo9g&pop_winurl=&ip=91.90.42.154&testab=0&px_id=0&adblock=0&auction_host=dch&mm=0&yc=0&render_type=mq&campaign_type=pop-default&uniq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&exp=0&resp_type=&iabcat=IAB25-3&min_cpm=0&placement_type_id=&skin_test=0&verify_hash=9cde91da3e517a8381b35a732e72c44e&score=71.9553689222333&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1925659414%26spot_id%3D8228%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjavgg.net%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=a&original_bid=0&v2_track=0&url=18c9B0Dxm3QJICQiy7RhaMNOEWx7obYWRl_Yx93rRH_O1-SgP_b3z22sicE5GEUUcZrgiygiUbp9iHiUiHdAs-v33risxADcL9LaBjQtYxtg8hbbf83YQwF6rLUG0khOU1OjP2lCVynimGUhlWdrAHWFbJLjz2_uydtSfT0AX1q5fAWg8A&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=2&vertical_id=0&real_bid=0&pr=&user_keywords=&auc_type=1&aid=0&ext_cid=0&device_theme=light&keywords=Japanese&mlc=1&format=default-slide-b_r-container&mlf=1&cpa=d634c722-62ec-450d-939e-225450fb3da3 HTTP/1.1
Host: bd2ca6c82d.20e2b2c425.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Wed, 28 Sep 2022 02:59:35 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
X-Firefox-Spdy: h2
bd2ca6c82d.20e2b2c425.com/in/show/?mid=1245060633&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=1925659414&sid=3907982844&cid=12188&price=0.001617&is_cpm=0&cpm=0&ecpm=0.004714950470617266&crid=&crtid=d4adb719d19fc68115cafb63ff02d639&tcid=0&out_id=0&ver=7.3.0&ver_c=&refdom=javgg.net&hostname=auc-inpage-hz-2-a&site_id=318228&spot_id=8228&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1664355575&created_at=2022-09-28&is_native=1&auction_queue=0&burl=nv0OuuZyV-bBgbbADE7aSt0WlEgXpNtoLiJxxH-cr9VUqRq-ihyX6w&pop_winurl=&ip=91.90.42.154&testab=0&px_id=318228&adblock=0&auction_host=dch&mm=0&yc=0&render_type=mq&campaign_type=mq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0010894103004497177&placement_type_id=&skin_test=0&verify_hash=a3069c4f11d7c992849110e04860a030&score=71.9553689222333&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1925659414%26spot_id%3D8228%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjavgg.net%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=a&original_bid=0.001617&v2_track=0&url=p58hVaZQEixFRGjESb5MSahhqh-qjaZmzBjI2UvNKwpGewtI8aJvyBJ1CPJrwbhVGDhm7rYcAf27oQKMDzvsIBf2P5lFyDsa5EvcPxLEbDfzL8gYHKQ8gnfnEmaUq3ll9IdxvtI1EgNXCJwMyYyHw1JAmhx9P90iVzKA6w_1f_QFFfrnZW_I3wDKAf_ZGVL6GmdmG6a88QSp_hEL76PwjmC8ZmrzdoihnBqmPaD4U4ONe3UyvXgO9G2yrtpHftXiNybboSTE-KQQCLELM1OHHwIKAlaVwkYoqDowgjBfeNCP4TTbF6CDOsBnddCtW80FgziyWKS8XZSD-dU8mbaKIGxfv9KFfFvvN8IF_DgiAMeH-r4iu1cHcH1oyVpikqASTkiCtdzKeCj6oGyuYyghvK2vjajZQjExBOHLoP58xtFjmqKqqsLNxpy2GB74AP1dgAfSQqpTwyq2G3kfdwkohbU7QjhKrql49XQKLc0DzI1_XD4tCAwWTOyh76k89YTbpXyOxn_FKxeyV8VVbkd_DEPgtbvr2NnDsbZVoIY4JFoaejjaVQ85Zq8U9bpozsYI7YoaFRCfPPkxKdMR4jOQh567CN6ykE4ftIfekEiKpIgoEJtO6So1Q7q3o1bYIMnPCPC5baB_xWooG90783NIQ8EydA7Te_4OiZIsFuWk7mPbTRzY7UOyDvgKllxWs1PFnXtfTpt7YBlg74XxV8Ts1Hv7YU1LDRwS8qdvIq7YSRV-xKntscWqwiYskn2Bi5Tu8JPq6JaQvQLCQALuxMefn5q-ToN4WxvAQFk82EuMj2n1SJSfGZnZVCV52rgGBRhiPQ-hwaaNhSPl-s40rpDcY3VeWz-YqJi0gYxHV7KEG9SPTReaqFzo4XpGEFZWKpB5blV6GKSTXmC91NOnk5BPtWMh68y1kwdrboPmuNyvhZCz6wmKIfVWq1UoufAyzeXKc1iXIGzdGKRd4rqmT3Ni8b3G3rafVBhDrzJ1Pegm4ooMQe5kqbS4wfi4oQCcuWq0EKDDGPzr920YgdP1RDEKKVKZmFYnwyXx_7jf4LAYI4R1S5Tcsx-DpUGlkOm7So5Oie_9z5rWSgKQ4H3xI8lt7lx3Do00ydgq8bi9OD5_NLNhO_OOZ0CwrT84nMo5c9FjGzo0juCkI803ac_k_XMJY3C0vU22PuXinb0jZORpgbTVb6Ix9a6Fze0T-0lZvY_Zl4c6Y6lMIumJEQ6p3YzLuWmp0Pt_XtDd5HcVJ1OLGKf11Zg6PShb864_TDvs6Qf3Hj_Fg0WfMfcrLyN8GYeI_OyZdV1rkUqKD8t93RfWdHprDZGN4FwP_jtqej7mJyWfWc3dhyPOEhFn9i2V1uwsgh73g9w76jUuPcIm2ovtUneS6r6uI7yDYWSv7EqZ3A5-ImpBU0BC4kyRV0H8DFzlri9k42tPFB-RlDLBf61eo1LHMIaNfvtrUvts8Vi9LGM5-vOkynz8uj3gb2jHiW_MtfjQSeokTtznCw5uNMsoHc41b7Js_91IO4yoLmyQxx9COzmrAX0OCxVInHwNflMQWz-dt_afmGEPyiwrqv4o487tO6OnN8gJhcEXZww0dax9pydPSUqvtRchyGTkntMzreOJRFIH-EhmkSt8rOttkolmeMWbKEgCuDhgx3PPTnCOfh1u6zjuF0yaAWzJGrQvD-eoVfcbElWlVVge_dCfGquHZZ10SFUFldiHM9zejTlle5Q3Nkri3vGn6rgES4xJGTm99k4SRz65QLR1R9kMZmanS0rXwhoGEnr2yJS25EPgXj8vgdiqNIb5dG8OkyXxY5KwoX-H8CtH5yi1cnvqvXs0yceGRl5rGnn-XjDyKhHkv5E02tzqzZ49GHnXXS5Go2xHP6-1TTnL3u7h_PstMTSoizK8UiY0-tr3qjRhL042XjlgiU3LO0cNhSAEpMDrcOrnWmVrHKJt7MHq3nXRIc-8DBRyWEGqqLVykvza3jqAmJlJEbZgbE425Wn1hqmaqbnrysuIxJf4Snd3hArqZya9xZPtP-ZbFT5gvu40cERfRcJ5b1DZZ4Ikzyk4pm8A9nmGtZ0Q9LnSXVpav33UZEiXDPLtQbnw9CDyhprV8Bv-dkr3GWpqcWmMOh5erhyy1D0BSy5V_y3MjiEXVjbab0GPD4B0FRhaiz-Zwi8BgHPpHQuqeuhxB_w1gZKVKf0PG8bUwM6vSzxuwkroOBzyyPmr_KsMjd778hQrPkTsEVx7FLJjzjlLemwBnrICIZ5eTJoF0z4REH9xPfIt8Xu09-nqfLE0ndD1YFlA0tU3AZxhdf4oN_1oBS475p825wpZtqC3UmM9yKYv4OcuP5qxpMLkC5XDDWTFlG0YTP_3gA40IRs3pJv_z_yBWCM-9Zry4CaeQf2w4reieazvwwG9AzuWKl23XiJbeaa-2JGLOr9mp16uJ9J6sWQj1oM6zB8XZf0KJP9QWsC41HuAsXKZF7j3E7fxIrs5-w&image_url=https%3A%2F%2Fimcdn.co%2Frz1mZBpUGu8OU1RP35qwznWwvYyP2iubifWmJh5i.png&skin_id=2&vertical_id=5&real_bid=0.001617&pr=&user_keywords=&auc_type=1&aid=61&ext_cid=0&device_theme=light&keywords=Japanese&format=default-slide-b_r-container&cpa=9398630e-e6cd-4335-813b-eae7f1281965
168.119.25.22302 Found 0 B URL HTTP/2 bd2ca6c82d.20e2b2c425.com/in/show/?mid=1245060633&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=1925659414&sid=3907982844&cid=12188&price=0.001617&is_cpm=0&cpm=0&ecpm=0.004714950470617266&crid=&crtid=d4adb719d19fc68115cafb63ff02d639&tcid=0&out_id=0&ver=7.3.0&ver_c=&refdom=javgg.net&hostname=auc-inpage-hz-2-a&site_id=318228&spot_id=8228&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1664355575&created_at=2022-09-28&is_native=1&auction_queue=0&burl=nv0OuuZyV-bBgbbADE7aSt0WlEgXpNtoLiJxxH-cr9VUqRq-ihyX6w&pop_winurl=&ip=91.90.42.154&testab=0&px_id=318228&adblock=0&auction_host=dch&mm=0&yc=0&render_type=mq&campaign_type=mq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0010894103004497177&placement_type_id=&skin_test=0&verify_hash=a3069c4f11d7c992849110e04860a030&score=71.9553689222333&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1925659414%26spot_id%3D8228%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjavgg.net%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=a&original_bid=0.001617&v2_track=0&url=p58hVaZQEixFRGjESb5MSahhqh-qjaZmzBjI2UvNKwpGewtI8aJvyBJ1CPJrwbhVGDhm7rYcAf27oQKMDzvsIBf2P5lFyDsa5EvcPxLEbDfzL8gYHKQ8gnfnEmaUq3ll9IdxvtI1EgNXCJwMyYyHw1JAmhx9P90iVzKA6w_1f_QFFfrnZW_I3wDKAf_ZGVL6GmdmG6a88QSp_hEL76PwjmC8ZmrzdoihnBqmPaD4U4ONe3UyvXgO9G2yrtpHftXiNybboSTE-KQQCLELM1OHHwIKAlaVwkYoqDowgjBfeNCP4TTbF6CDOsBnddCtW80FgziyWKS8XZSD-dU8mbaKIGxfv9KFfFvvN8IF_DgiAMeH-r4iu1cHcH1oyVpikqASTkiCtdzKeCj6oGyuYyghvK2vjajZQjExBOHLoP58xtFjmqKqqsLNxpy2GB74AP1dgAfSQqpTwyq2G3kfdwkohbU7QjhKrql49XQKLc0DzI1_XD4tCAwWTOyh76k89YTbpXyOxn_FKxeyV8VVbkd_DEPgtbvr2NnDsbZVoIY4JFoaejjaVQ85Zq8U9bpozsYI7YoaFRCfPPkxKdMR4jOQh567CN6ykE4ftIfekEiKpIgoEJtO6So1Q7q3o1bYIMnPCPC5baB_xWooG90783NIQ8EydA7Te_4OiZIsFuWk7mPbTRzY7UOyDvgKllxWs1PFnXtfTpt7YBlg74XxV8Ts1Hv7YU1LDRwS8qdvIq7YSRV-xKntscWqwiYskn2Bi5Tu8JPq6JaQvQLCQALuxMefn5q-ToN4WxvAQFk82EuMj2n1SJSfGZnZVCV52rgGBRhiPQ-hwaaNhSPl-s40rpDcY3VeWz-YqJi0gYxHV7KEG9SPTReaqFzo4XpGEFZWKpB5blV6GKSTXmC91NOnk5BPtWMh68y1kwdrboPmuNyvhZCz6wmKIfVWq1UoufAyzeXKc1iXIGzdGKRd4rqmT3Ni8b3G3rafVBhDrzJ1Pegm4ooMQe5kqbS4wfi4oQCcuWq0EKDDGPzr920YgdP1RDEKKVKZmFYnwyXx_7jf4LAYI4R1S5Tcsx-DpUGlkOm7So5Oie_9z5rWSgKQ4H3xI8lt7lx3Do00ydgq8bi9OD5_NLNhO_OOZ0CwrT84nMo5c9FjGzo0juCkI803ac_k_XMJY3C0vU22PuXinb0jZORpgbTVb6Ix9a6Fze0T-0lZvY_Zl4c6Y6lMIumJEQ6p3YzLuWmp0Pt_XtDd5HcVJ1OLGKf11Zg6PShb864_TDvs6Qf3Hj_Fg0WfMfcrLyN8GYeI_OyZdV1rkUqKD8t93RfWdHprDZGN4FwP_jtqej7mJyWfWc3dhyPOEhFn9i2V1uwsgh73g9w76jUuPcIm2ovtUneS6r6uI7yDYWSv7EqZ3A5-ImpBU0BC4kyRV0H8DFzlri9k42tPFB-RlDLBf61eo1LHMIaNfvtrUvts8Vi9LGM5-vOkynz8uj3gb2jHiW_MtfjQSeokTtznCw5uNMsoHc41b7Js_91IO4yoLmyQxx9COzmrAX0OCxVInHwNflMQWz-dt_afmGEPyiwrqv4o487tO6OnN8gJhcEXZww0dax9pydPSUqvtRchyGTkntMzreOJRFIH-EhmkSt8rOttkolmeMWbKEgCuDhgx3PPTnCOfh1u6zjuF0yaAWzJGrQvD-eoVfcbElWlVVge_dCfGquHZZ10SFUFldiHM9zejTlle5Q3Nkri3vGn6rgES4xJGTm99k4SRz65QLR1R9kMZmanS0rXwhoGEnr2yJS25EPgXj8vgdiqNIb5dG8OkyXxY5KwoX-H8CtH5yi1cnvqvXs0yceGRl5rGnn-XjDyKhHkv5E02tzqzZ49GHnXXS5Go2xHP6-1TTnL3u7h_PstMTSoizK8UiY0-tr3qjRhL042XjlgiU3LO0cNhSAEpMDrcOrnWmVrHKJt7MHq3nXRIc-8DBRyWEGqqLVykvza3jqAmJlJEbZgbE425Wn1hqmaqbnrysuIxJf4Snd3hArqZya9xZPtP-ZbFT5gvu40cERfRcJ5b1DZZ4Ikzyk4pm8A9nmGtZ0Q9LnSXVpav33UZEiXDPLtQbnw9CDyhprV8Bv-dkr3GWpqcWmMOh5erhyy1D0BSy5V_y3MjiEXVjbab0GPD4B0FRhaiz-Zwi8BgHPpHQuqeuhxB_w1gZKVKf0PG8bUwM6vSzxuwkroOBzyyPmr_KsMjd778hQrPkTsEVx7FLJjzjlLemwBnrICIZ5eTJoF0z4REH9xPfIt8Xu09-nqfLE0ndD1YFlA0tU3AZxhdf4oN_1oBS475p825wpZtqC3UmM9yKYv4OcuP5qxpMLkC5XDDWTFlG0YTP_3gA40IRs3pJv_z_yBWCM-9Zry4CaeQf2w4reieazvwwG9AzuWKl23XiJbeaa-2JGLOr9mp16uJ9J6sWQj1oM6zB8XZf0KJP9QWsC41HuAsXKZF7j3E7fxIrs5-w&image_url=https%3A%2F%2Fimcdn.co%2Frz1mZBpUGu8OU1RP35qwznWwvYyP2iubifWmJh5i.png&skin_id=2&vertical_id=5&real_bid=0.001617&pr=&user_keywords=&auc_type=1&aid=61&ext_cid=0&device_theme=light&keywords=Japanese&format=default-slide-b_r-container&cpa=9398630e-e6cd-4335-813b-eae7f1281965
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?mid=1245060633&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=1925659414&sid=3907982844&cid=12188&price=0.001617&is_cpm=0&cpm=0&ecpm=0.004714950470617266&crid=&crtid=d4adb719d19fc68115cafb63ff02d639&tcid=0&out_id=0&ver=7.3.0&ver_c=&refdom=javgg.net&hostname=auc-inpage-hz-2-a&site_id=318228&spot_id=8228&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1664355575&created_at=2022-09-28&is_native=1&auction_queue=0&burl=nv0OuuZyV-bBgbbADE7aSt0WlEgXpNtoLiJxxH-cr9VUqRq-ihyX6w&pop_winurl=&ip=91.90.42.154&testab=0&px_id=318228&adblock=0&auction_host=dch&mm=0&yc=0&render_type=mq&campaign_type=mq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0010894103004497177&placement_type_id=&skin_test=0&verify_hash=a3069c4f11d7c992849110e04860a030&score=71.9553689222333&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1925659414%26spot_id%3D8228%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fjavgg.net%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=a&original_bid=0.001617&v2_track=0&url=p58hVaZQEixFRGjESb5MSahhqh-qjaZmzBjI2UvNKwpGewtI8aJvyBJ1CPJrwbhVGDhm7rYcAf27oQKMDzvsIBf2P5lFyDsa5EvcPxLEbDfzL8gYHKQ8gnfnEmaUq3ll9IdxvtI1EgNXCJwMyYyHw1JAmhx9P90iVzKA6w_1f_QFFfrnZW_I3wDKAf_ZGVL6GmdmG6a88QSp_hEL76PwjmC8ZmrzdoihnBqmPaD4U4ONe3UyvXgO9G2yrtpHftXiNybboSTE-KQQCLELM1OHHwIKAlaVwkYoqDowgjBfeNCP4TTbF6CDOsBnddCtW80FgziyWKS8XZSD-dU8mbaKIGxfv9KFfFvvN8IF_DgiAMeH-r4iu1cHcH1oyVpikqASTkiCtdzKeCj6oGyuYyghvK2vjajZQjExBOHLoP58xtFjmqKqqsLNxpy2GB74AP1dgAfSQqpTwyq2G3kfdwkohbU7QjhKrql49XQKLc0DzI1_XD4tCAwWTOyh76k89YTbpXyOxn_FKxeyV8VVbkd_DEPgtbvr2NnDsbZVoIY4JFoaejjaVQ85Zq8U9bpozsYI7YoaFRCfPPkxKdMR4jOQh567CN6ykE4ftIfekEiKpIgoEJtO6So1Q7q3o1bYIMnPCPC5baB_xWooG90783NIQ8EydA7Te_4OiZIsFuWk7mPbTRzY7UOyDvgKllxWs1PFnXtfTpt7YBlg74XxV8Ts1Hv7YU1LDRwS8qdvIq7YSRV-xKntscWqwiYskn2Bi5Tu8JPq6JaQvQLCQALuxMefn5q-ToN4WxvAQFk82EuMj2n1SJSfGZnZVCV52rgGBRhiPQ-hwaaNhSPl-s40rpDcY3VeWz-YqJi0gYxHV7KEG9SPTReaqFzo4XpGEFZWKpB5blV6GKSTXmC91NOnk5BPtWMh68y1kwdrboPmuNyvhZCz6wmKIfVWq1UoufAyzeXKc1iXIGzdGKRd4rqmT3Ni8b3G3rafVBhDrzJ1Pegm4ooMQe5kqbS4wfi4oQCcuWq0EKDDGPzr920YgdP1RDEKKVKZmFYnwyXx_7jf4LAYI4R1S5Tcsx-DpUGlkOm7So5Oie_9z5rWSgKQ4H3xI8lt7lx3Do00ydgq8bi9OD5_NLNhO_OOZ0CwrT84nMo5c9FjGzo0juCkI803ac_k_XMJY3C0vU22PuXinb0jZORpgbTVb6Ix9a6Fze0T-0lZvY_Zl4c6Y6lMIumJEQ6p3YzLuWmp0Pt_XtDd5HcVJ1OLGKf11Zg6PShb864_TDvs6Qf3Hj_Fg0WfMfcrLyN8GYeI_OyZdV1rkUqKD8t93RfWdHprDZGN4FwP_jtqej7mJyWfWc3dhyPOEhFn9i2V1uwsgh73g9w76jUuPcIm2ovtUneS6r6uI7yDYWSv7EqZ3A5-ImpBU0BC4kyRV0H8DFzlri9k42tPFB-RlDLBf61eo1LHMIaNfvtrUvts8Vi9LGM5-vOkynz8uj3gb2jHiW_MtfjQSeokTtznCw5uNMsoHc41b7Js_91IO4yoLmyQxx9COzmrAX0OCxVInHwNflMQWz-dt_afmGEPyiwrqv4o487tO6OnN8gJhcEXZww0dax9pydPSUqvtRchyGTkntMzreOJRFIH-EhmkSt8rOttkolmeMWbKEgCuDhgx3PPTnCOfh1u6zjuF0yaAWzJGrQvD-eoVfcbElWlVVge_dCfGquHZZ10SFUFldiHM9zejTlle5Q3Nkri3vGn6rgES4xJGTm99k4SRz65QLR1R9kMZmanS0rXwhoGEnr2yJS25EPgXj8vgdiqNIb5dG8OkyXxY5KwoX-H8CtH5yi1cnvqvXs0yceGRl5rGnn-XjDyKhHkv5E02tzqzZ49GHnXXS5Go2xHP6-1TTnL3u7h_PstMTSoizK8UiY0-tr3qjRhL042XjlgiU3LO0cNhSAEpMDrcOrnWmVrHKJt7MHq3nXRIc-8DBRyWEGqqLVykvza3jqAmJlJEbZgbE425Wn1hqmaqbnrysuIxJf4Snd3hArqZya9xZPtP-ZbFT5gvu40cERfRcJ5b1DZZ4Ikzyk4pm8A9nmGtZ0Q9LnSXVpav33UZEiXDPLtQbnw9CDyhprV8Bv-dkr3GWpqcWmMOh5erhyy1D0BSy5V_y3MjiEXVjbab0GPD4B0FRhaiz-Zwi8BgHPpHQuqeuhxB_w1gZKVKf0PG8bUwM6vSzxuwkroOBzyyPmr_KsMjd778hQrPkTsEVx7FLJjzjlLemwBnrICIZ5eTJoF0z4REH9xPfIt8Xu09-nqfLE0ndD1YFlA0tU3AZxhdf4oN_1oBS475p825wpZtqC3UmM9yKYv4OcuP5qxpMLkC5XDDWTFlG0YTP_3gA40IRs3pJv_z_yBWCM-9Zry4CaeQf2w4reieazvwwG9AzuWKl23XiJbeaa-2JGLOr9mp16uJ9J6sWQj1oM6zB8XZf0KJP9QWsC41HuAsXKZF7j3E7fxIrs5-w&image_url=https%3A%2F%2Fimcdn.co%2Frz1mZBpUGu8OU1RP35qwznWwvYyP2iubifWmJh5i.png&skin_id=2&vertical_id=5&real_bid=0.001617&pr=&user_keywords=&auc_type=1&aid=61&ext_cid=0&device_theme=light&keywords=Japanese&format=default-slide-b_r-container&cpa=9398630e-e6cd-4335-813b-eae7f1281965 HTTP/1.1
Host: bd2ca6c82d.20e2b2c425.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Wed, 28 Sep 2022 02:59:35 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://iconcnd.net/b2/l/i/icon?cid=1&eid=734&n=23357c0526768dc3d5c2d95a&nid=1&sid=XNm%2BfyTJmpQkU37Ipwp0zkGZ44XFmTUUYvJa5C5ZmypNnDt%2Fk9SK8PNK8bdODxrb61Z05%2FwPRI2wH9fYbaKjTD5Folx85fUtM34VTjEFbRF4%2BsyOgq5BCsDLicUD9mAo5wL4DaJJxT9KM2GaTR1zCI9G8k5%2F7h2RF8vreZ9i04%2B5LDrckG97FNEVlC9C3Hrm2vLeVjcjlLlv1vrkuIpEc8JQJfSWw3zhdt%2BUxUUnFMNDX9P%2Bwxsj2XnAMy9x2hl447KvhrZNON9lCd6H00rxMtBkS%2FH42cYPZNRvSdoVgdu5lwMB%2FfucEdNrB3r215GNIatixDuaz4T5g%2BEBQJHWdVtYfOtyYrO8Fxb9LyhoUoZWFS8sEdbUqH1Jt%2FupzNjsqhfycaOOcUiv7HaV1Je5rdSexn5T5S5YWTThRRfnXDkjY5FlS8PX%2FLTrvessIeyfzaGM2ufro3EzPX7f974YWUZ1XGS6K1v%2BziuxfQcSEaH5EcVcfeeFCcpZy9%2Fm1DVAmAqQDpiWIU5i1rEUeJ52Ykzf3GSgddaxEqWYPjZYyH72HOgIJI5h7m8fqk3u2wTtqHlnt5djT5icFbkrcDky2VvycHH2bIF8Pq9If%2F1Sw1Rbla0CuUq5gM%2FjvdI6Sacl5qrnBfU5StRypb8IBjtA7P4uflf4OLi1rFnRNI4wCKQbJpw0GMcLmN%2BoIHjXKmCFBkozThYvd0f49WOhHGntHcm6r%2B%2BkIHIM7RLbTuuWOQmX%2FOAJOPCB%2BMyvWfDdFh1gu%2Fe7I87ISWTOVTI6pRrhoocdUUVhYJwWEymSkSIwOsVtRuTwaqNvHZi0ojeAOlkra5bCjYkJK%2BMs0BbTDL1Q2GVEiy3OJH8phTKRC9M1n%2B7WEGn9%2Bk02%2BJUvrzMTPZbz5o5SgqPHb1J1jU3toK%2F5%2BBYU1oVZCrJ6oa6PdC%2FJc%2BNYUGFp2jQEL3TR%2FeZDbzJiEDbenSyK%2Bu36n7xxG2HyJw%2FGUUirdGnUQxHJQsanw%2B5RrZvRp%2FoAUWUhxtSH9ZWSf0LcbFhNYtIBXwFcxvlRy%2BBW4MfHHH2vzwhIgYwOsURn5zKc62WNxu3PIVYCltVXcMTHH4oJJXHS4nXY%2Ff%2Bqo5A1I8%2BkALX5ttLDJtpV3DjJV%2Bgy6cl7pXkqlagwEZkHyr78LLN16hTBWrWHrCDqSYprRmfie6tEzTQvzWWikm92ihi9M%2BBKSQJopmetqzaRxll6GCYd30XAu5uOZWPqSTroFD8i1ZLOz%2BzThZBRHvlzERaDEcp63kR5L8QLAALPHJ3pyDIQcnHL5RyDSLgQkLcPYHWMfBijleQJNhe6DEJKZbm22nWJYAiqkVx%2BIvKTUigWFHodk%2FyV70RWdzJjXhW5Kx%2BnWtaqKVhg5bUgBJmrKFjKkKn5cwwKH4VFONHIb%2F5SL%2BDMGPnalhydltJC8mt1j3ppx%2FDT9vZuLLW7UsEalKJhc%2FYFRaeecyBpU3HG6pAleH7H3j9oFYHjPQbYfANqdxzVhJyyclV0q0ESQ4lWIqB9w8m6arNKiQ82g3anC85DZe0tsvs0QNOWpe1NVjbt7yXCjefj%2F9qDCtMfiRkL%2Bjo3r8BSps0cd9N0b0MZEmk&ts=1664333974&ttl=43200&v=v5.4.13
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f543bb561ec4757907e009929295a84e
ee0266ec0266ca59f839256d83acb8f87ca6788e
ffc6d582c95b9f51f3fd2ba9e2fed6602e7be3b56342bd6dbb05a0628dd183dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3918
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:35 GMT
Last-Modified: Wed, 28 Sep 2022 01:54:17 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
imcdn.co/rz1mZBpUGu8OU1RP35qwznWwvYyP2iubifWmJh5i.png
172.64.103.28200 OK 14 kB URL HTTP/2 imcdn.co/rz1mZBpUGu8OU1RP35qwznWwvYyP2iubifWmJh5i.png
IP 172.64.103.28:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f2c65c53206d219865f10e353f6e5170
93eb92631a93dcbb9e42c8602a91047902efea92
b28feaf4f13e1d9579ee886eba780a6fc6079047cc1395ad73785af0c946dbf4
GET /rz1mZBpUGu8OU1RP35qwznWwvYyP2iubifWmJh5i.png HTTP/1.1
Host: imcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:35 GMT
content-type: image/webp
content-length: 14194
expires: Sun, 23 Oct 2022 16:20:18 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 383956
last-modified: Fri, 23 Sep 2022 16:20:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1Paog5wzWTBn6lWoPfN4ALb4n3%2FP9ER2U0tDdnXkRVgEZSMHWWDc7mgBTXnz5oxifJ9hH00yTVjgpBpH1evwYbJrI7KYaOMK5pGTjHvC5aTonGsVXdn06exfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193951ca3f76f0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f543bb561ec4757907e009929295a84e
ee0266ec0266ca59f839256d83acb8f87ca6788e
ffc6d582c95b9f51f3fd2ba9e2fed6602e7be3b56342bd6dbb05a0628dd183dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3918
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:59:35 GMT
Last-Modified: Wed, 28 Sep 2022 01:54:17 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
88.198.209.34200 OK 790 B URL HTTP/2 static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
IP 88.198.209.34:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 65156a660e465299370ebd90d84aa461
12ff60b17f579a77e42a8be7b6b1892fc71be33d
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18
GET /creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 28 Sep 2022 02:59:35 GMT
content-type: image/webp
content-length: 790
last-modified: Tue, 24 Nov 2020 14:20:43 GMT
etag: "5fbd16bb-316"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de385c5d3385f7cf589044388360bce3
bd2b0136f35d5409cdf000431cb4b42cb2e8ce87
a1fcc1c1594c4cabcb1430becb6611cb87f0154dd761e050f1c0571f0e8ee424
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1FCC1C1594C4CABCB1430BECB6611CB87F0154DD761E050F1C0571F0E8EE424"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2401
Expires: Wed, 28 Sep 2022 03:39:36 GMT
Date: Wed, 28 Sep 2022 02:59:35 GMT
Connection: keep-alive
iconcnd.net/b2/l/i/icon?cid=1&eid=734&n=23357c0526768dc3d5c2d95a&nid=1&sid=XNm%2BfyTJmpQkU37Ipwp0zkGZ44XFmTUUYvJa5C5ZmypNnDt%2Fk9SK8PNK8bdODxrb61Z05%2FwPRI2wH9fYbaKjTD5Folx85fUtM34VTjEFbRF4%2BsyOgq5BCsDLicUD9mAo5wL4DaJJxT9KM2GaTR1zCI9G8k5%2F7h2RF8vreZ9i04%2B5LDrckG97FNEVlC9C3Hrm2vLeVjcjlLlv1vrkuIpEc8JQJfSWw3zhdt%2BUxUUnFMNDX9P%2Bwxsj2XnAMy9x2hl447KvhrZNON9lCd6H00rxMtBkS%2FH42cYPZNRvSdoVgdu5lwMB%2FfucEdNrB3r215GNIatixDuaz4T5g%2BEBQJHWdVtYfOtyYrO8Fxb9LyhoUoZWFS8sEdbUqH1Jt%2FupzNjsqhfycaOOcUiv7HaV1Je5rdSexn5T5S5YWTThRRfnXDkjY5FlS8PX%2FLTrvessIeyfzaGM2ufro3EzPX7f974YWUZ1XGS6K1v%2BziuxfQcSEaH5EcVcfeeFCcpZy9%2Fm1DVAmAqQDpiWIU5i1rEUeJ52Ykzf3GSgddaxEqWYPjZYyH72HOgIJI5h7m8fqk3u2wTtqHlnt5djT5icFbkrcDky2VvycHH2bIF8Pq9If%2F1Sw1Rbla0CuUq5gM%2FjvdI6Sacl5qrnBfU5StRypb8IBjtA7P4uflf4OLi1rFnRNI4wCKQbJpw0GMcLmN%2BoIHjXKmCFBkozThYvd0f49WOhHGntHcm6r%2B%2BkIHIM7RLbTuuWOQmX%2FOAJOPCB%2BMyvWfDdFh1gu%2Fe7I87ISWTOVTI6pRrhoocdUUVhYJwWEymSkSIwOsVtRuTwaqNvHZi0ojeAOlkra5bCjYkJK%2BMs0BbTDL1Q2GVEiy3OJH8phTKRC9M1n%2B7WEGn9%2Bk02%2BJUvrzMTPZbz5o5SgqPHb1J1jU3toK%2F5%2BBYU1oVZCrJ6oa6PdC%2FJc%2BNYUGFp2jQEL3TR%2FeZDbzJiEDbenSyK%2Bu36n7xxG2HyJw%2FGUUirdGnUQxHJQsanw%2B5RrZvRp%2FoAUWUhxtSH9ZWSf0LcbFhNYtIBXwFcxvlRy%2BBW4MfHHH2vzwhIgYwOsURn5zKc62WNxu3PIVYCltVXcMTHH4oJJXHS4nXY%2Ff%2Bqo5A1I8%2BkALX5ttLDJtpV3DjJV%2Bgy6cl7pXkqlagwEZkHyr78LLN16hTBWrWHrCDqSYprRmfie6tEzTQvzWWikm92ihi9M%2BBKSQJopmetqzaRxll6GCYd30XAu5uOZWPqSTroFD8i1ZLOz%2BzThZBRHvlzERaDEcp63kR5L8QLAALPHJ3pyDIQcnHL5RyDSLgQkLcPYHWMfBijleQJNhe6DEJKZbm22nWJYAiqkVx%2BIvKTUigWFHodk%2FyV70RWdzJjXhW5Kx%2BnWtaqKVhg5bUgBJmrKFjKkKn5cwwKH4VFONHIb%2F5SL%2BDMGPnalhydltJC8mt1j3ppx%2FDT9vZuLLW7UsEalKJhc%2FYFRaeecyBpU3HG6pAleH7H3j9oFYHjPQbYfANqdxzVhJyyclV0q0ESQ4lWIqB9w8m6arNKiQ82g3anC85DZe0tsvs0QNOWpe1NVjbt7yXCjefj%2F9qDCtMfiRkL%2Bjo3r8BSps0cd9N0b0MZEmk&ts=1664333974&ttl=43200&v=v5.4.13
109.206.162.121302 Found 0 B URL HTTP/2 iconcnd.net/b2/l/i/icon?cid=1&eid=734&n=23357c0526768dc3d5c2d95a&nid=1&sid=XNm%2BfyTJmpQkU37Ipwp0zkGZ44XFmTUUYvJa5C5ZmypNnDt%2Fk9SK8PNK8bdODxrb61Z05%2FwPRI2wH9fYbaKjTD5Folx85fUtM34VTjEFbRF4%2BsyOgq5BCsDLicUD9mAo5wL4DaJJxT9KM2GaTR1zCI9G8k5%2F7h2RF8vreZ9i04%2B5LDrckG97FNEVlC9C3Hrm2vLeVjcjlLlv1vrkuIpEc8JQJfSWw3zhdt%2BUxUUnFMNDX9P%2Bwxsj2XnAMy9x2hl447KvhrZNON9lCd6H00rxMtBkS%2FH42cYPZNRvSdoVgdu5lwMB%2FfucEdNrB3r215GNIatixDuaz4T5g%2BEBQJHWdVtYfOtyYrO8Fxb9LyhoUoZWFS8sEdbUqH1Jt%2FupzNjsqhfycaOOcUiv7HaV1Je5rdSexn5T5S5YWTThRRfnXDkjY5FlS8PX%2FLTrvessIeyfzaGM2ufro3EzPX7f974YWUZ1XGS6K1v%2BziuxfQcSEaH5EcVcfeeFCcpZy9%2Fm1DVAmAqQDpiWIU5i1rEUeJ52Ykzf3GSgddaxEqWYPjZYyH72HOgIJI5h7m8fqk3u2wTtqHlnt5djT5icFbkrcDky2VvycHH2bIF8Pq9If%2F1Sw1Rbla0CuUq5gM%2FjvdI6Sacl5qrnBfU5StRypb8IBjtA7P4uflf4OLi1rFnRNI4wCKQbJpw0GMcLmN%2BoIHjXKmCFBkozThYvd0f49WOhHGntHcm6r%2B%2BkIHIM7RLbTuuWOQmX%2FOAJOPCB%2BMyvWfDdFh1gu%2Fe7I87ISWTOVTI6pRrhoocdUUVhYJwWEymSkSIwOsVtRuTwaqNvHZi0ojeAOlkra5bCjYkJK%2BMs0BbTDL1Q2GVEiy3OJH8phTKRC9M1n%2B7WEGn9%2Bk02%2BJUvrzMTPZbz5o5SgqPHb1J1jU3toK%2F5%2BBYU1oVZCrJ6oa6PdC%2FJc%2BNYUGFp2jQEL3TR%2FeZDbzJiEDbenSyK%2Bu36n7xxG2HyJw%2FGUUirdGnUQxHJQsanw%2B5RrZvRp%2FoAUWUhxtSH9ZWSf0LcbFhNYtIBXwFcxvlRy%2BBW4MfHHH2vzwhIgYwOsURn5zKc62WNxu3PIVYCltVXcMTHH4oJJXHS4nXY%2Ff%2Bqo5A1I8%2BkALX5ttLDJtpV3DjJV%2Bgy6cl7pXkqlagwEZkHyr78LLN16hTBWrWHrCDqSYprRmfie6tEzTQvzWWikm92ihi9M%2BBKSQJopmetqzaRxll6GCYd30XAu5uOZWPqSTroFD8i1ZLOz%2BzThZBRHvlzERaDEcp63kR5L8QLAALPHJ3pyDIQcnHL5RyDSLgQkLcPYHWMfBijleQJNhe6DEJKZbm22nWJYAiqkVx%2BIvKTUigWFHodk%2FyV70RWdzJjXhW5Kx%2BnWtaqKVhg5bUgBJmrKFjKkKn5cwwKH4VFONHIb%2F5SL%2BDMGPnalhydltJC8mt1j3ppx%2FDT9vZuLLW7UsEalKJhc%2FYFRaeecyBpU3HG6pAleH7H3j9oFYHjPQbYfANqdxzVhJyyclV0q0ESQ4lWIqB9w8m6arNKiQ82g3anC85DZe0tsvs0QNOWpe1NVjbt7yXCjefj%2F9qDCtMfiRkL%2Bjo3r8BSps0cd9N0b0MZEmk&ts=1664333974&ttl=43200&v=v5.4.13
IP 109.206.162.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b2/l/i/icon?cid=1&eid=734&n=23357c0526768dc3d5c2d95a&nid=1&sid=XNm%2BfyTJmpQkU37Ipwp0zkGZ44XFmTUUYvJa5C5ZmypNnDt%2Fk9SK8PNK8bdODxrb61Z05%2FwPRI2wH9fYbaKjTD5Folx85fUtM34VTjEFbRF4%2BsyOgq5BCsDLicUD9mAo5wL4DaJJxT9KM2GaTR1zCI9G8k5%2F7h2RF8vreZ9i04%2B5LDrckG97FNEVlC9C3Hrm2vLeVjcjlLlv1vrkuIpEc8JQJfSWw3zhdt%2BUxUUnFMNDX9P%2Bwxsj2XnAMy9x2hl447KvhrZNON9lCd6H00rxMtBkS%2FH42cYPZNRvSdoVgdu5lwMB%2FfucEdNrB3r215GNIatixDuaz4T5g%2BEBQJHWdVtYfOtyYrO8Fxb9LyhoUoZWFS8sEdbUqH1Jt%2FupzNjsqhfycaOOcUiv7HaV1Je5rdSexn5T5S5YWTThRRfnXDkjY5FlS8PX%2FLTrvessIeyfzaGM2ufro3EzPX7f974YWUZ1XGS6K1v%2BziuxfQcSEaH5EcVcfeeFCcpZy9%2Fm1DVAmAqQDpiWIU5i1rEUeJ52Ykzf3GSgddaxEqWYPjZYyH72HOgIJI5h7m8fqk3u2wTtqHlnt5djT5icFbkrcDky2VvycHH2bIF8Pq9If%2F1Sw1Rbla0CuUq5gM%2FjvdI6Sacl5qrnBfU5StRypb8IBjtA7P4uflf4OLi1rFnRNI4wCKQbJpw0GMcLmN%2BoIHjXKmCFBkozThYvd0f49WOhHGntHcm6r%2B%2BkIHIM7RLbTuuWOQmX%2FOAJOPCB%2BMyvWfDdFh1gu%2Fe7I87ISWTOVTI6pRrhoocdUUVhYJwWEymSkSIwOsVtRuTwaqNvHZi0ojeAOlkra5bCjYkJK%2BMs0BbTDL1Q2GVEiy3OJH8phTKRC9M1n%2B7WEGn9%2Bk02%2BJUvrzMTPZbz5o5SgqPHb1J1jU3toK%2F5%2BBYU1oVZCrJ6oa6PdC%2FJc%2BNYUGFp2jQEL3TR%2FeZDbzJiEDbenSyK%2Bu36n7xxG2HyJw%2FGUUirdGnUQxHJQsanw%2B5RrZvRp%2FoAUWUhxtSH9ZWSf0LcbFhNYtIBXwFcxvlRy%2BBW4MfHHH2vzwhIgYwOsURn5zKc62WNxu3PIVYCltVXcMTHH4oJJXHS4nXY%2Ff%2Bqo5A1I8%2BkALX5ttLDJtpV3DjJV%2Bgy6cl7pXkqlagwEZkHyr78LLN16hTBWrWHrCDqSYprRmfie6tEzTQvzWWikm92ihi9M%2BBKSQJopmetqzaRxll6GCYd30XAu5uOZWPqSTroFD8i1ZLOz%2BzThZBRHvlzERaDEcp63kR5L8QLAALPHJ3pyDIQcnHL5RyDSLgQkLcPYHWMfBijleQJNhe6DEJKZbm22nWJYAiqkVx%2BIvKTUigWFHodk%2FyV70RWdzJjXhW5Kx%2BnWtaqKVhg5bUgBJmrKFjKkKn5cwwKH4VFONHIb%2F5SL%2BDMGPnalhydltJC8mt1j3ppx%2FDT9vZuLLW7UsEalKJhc%2FYFRaeecyBpU3HG6pAleH7H3j9oFYHjPQbYfANqdxzVhJyyclV0q0ESQ4lWIqB9w8m6arNKiQ82g3anC85DZe0tsvs0QNOWpe1NVjbt7yXCjefj%2F9qDCtMfiRkL%2Bjo3r8BSps0cd9N0b0MZEmk&ts=1664333974&ttl=43200&v=v5.4.13 HTTP/1.1
Host: iconcnd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: dspclick-v3.7.20.1
date: Wed, 28 Sep 2022 02:59:34 GMT
content-length: 0
location: https://imcdn.co/zD0MucTj5KrZ1BDfG2CeysxmQGHqz1aj3doHJ3oA.png
set-cookie: adcsid-i-3335622826xPTHhEyQ=1; expires=Thu, 29 Sep 2022 02:59:35 GMT; path=/
referrer-policy: no-referrer
X-Firefox-Spdy: h2
eced49d8e5.20e2b2c425.com/health/
159.69.163.6200 OK 0 B URL HTTP/2 eced49d8e5.20e2b2c425.com/health/
IP 159.69.163.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /health/ HTTP/1.1
Host: eced49d8e5.20e2b2c425.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 28 Sep 2022 02:59:37 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
eced49d8e5.20e2b2c425.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IlNETk0tMzU1JTJDTW90aGVyJTJDV2hvJTJDUmFpc2VzJTJDMyUyQ0NoaWxkcmVuJTJDV2l0Li4lMkMlMkNKYXZHRy5uZXQlMkNTRE5NLTM1NSUyQ0pBViUyQ01vdGhlciUyQ1dobyUyQ1JhaXNlcyUyQzMlMkNDaGlsZHJlbiUyQ1dpdGglMkNBJTJDTG90JTJDT2YlMkNCcmVhc3QlMkNNaWxrJTJDS2FobyUyQ1RhbWFraSUyQzI5JTJDWWVhcnMlMkNPbGQlMkNTT0QlMkNDcmVhdGUlMkNUYW1ha2klMkNLYWhvJTJDJUU3JThFJTg5JUU1JTlGJThFJUU1JUE0JThGJUU1JUI4JTg2JTJDU0ROTTM1NSUyMCIsImxhYmVscyI6IiIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjE0MDg1MTk0MzAiLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjoxMjk3MCwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MCwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMjk3MCIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly9qYXZnZy5uZXQvamF2L3Nkbm0tMzU1LyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NjQzMzM5NzQ5MzR9fQ==
159.69.163.6302 Found 0 B URL HTTP/2 eced49d8e5.20e2b2c425.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IlNETk0tMzU1JTJDTW90aGVyJTJDV2hvJTJDUmFpc2VzJTJDMyUyQ0NoaWxkcmVuJTJDV2l0Li4lMkMlMkNKYXZHRy5uZXQlMkNTRE5NLTM1NSUyQ0pBViUyQ01vdGhlciUyQ1dobyUyQ1JhaXNlcyUyQzMlMkNDaGlsZHJlbiUyQ1dpdGglMkNBJTJDTG90JTJDT2YlMkNCcmVhc3QlMkNNaWxrJTJDS2FobyUyQ1RhbWFraSUyQzI5JTJDWWVhcnMlMkNPbGQlMkNTT0QlMkNDcmVhdGUlMkNUYW1ha2klMkNLYWhvJTJDJUU3JThFJTg5JUU1JTlGJThFJUU1JUE0JThGJUU1JUI4JTg2JTJDU0ROTTM1NSUyMCIsImxhYmVscyI6IiIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjE0MDg1MTk0MzAiLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjoxMjk3MCwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MCwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMjk3MCIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly9qYXZnZy5uZXQvamF2L3Nkbm0tMzU1LyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NjQzMzM5NzQ5MzR9fQ==
IP 159.69.163.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IlNETk0tMzU1JTJDTW90aGVyJTJDV2hvJTJDUmFpc2VzJTJDMyUyQ0NoaWxkcmVuJTJDV2l0Li4lMkMlMkNKYXZHRy5uZXQlMkNTRE5NLTM1NSUyQ0pBViUyQ01vdGhlciUyQ1dobyUyQ1JhaXNlcyUyQzMlMkNDaGlsZHJlbiUyQ1dpdGglMkNBJTJDTG90JTJDT2YlMkNCcmVhc3QlMkNNaWxrJTJDS2FobyUyQ1RhbWFraSUyQzI5JTJDWWVhcnMlMkNPbGQlMkNTT0QlMkNDcmVhdGUlMkNUYW1ha2klMkNLYWhvJTJDJUU3JThFJTg5JUU1JTlGJThFJUU1JUE0JThGJUU1JUI4JTg2JTJDU0ROTTM1NSUyMCIsImxhYmVscyI6IiIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjE0MDg1MTk0MzAiLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjoxMjk3MCwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MCwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMjk3MCIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly9qYXZnZy5uZXQvamF2L3Nkbm0tMzU1LyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NjQzMzM5NzQ5MzR9fQ== HTTP/1.1
Host: eced49d8e5.20e2b2c425.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Wed, 28 Sep 2022 02:59:37 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://rtbrennab.com/banner/in/show/?mid=1481505505&pid=0&site=12970&sc=NO&usage_type=DCH&subid=1408519430&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=javgg.net&hostname=auc-banner-hz-5&site_id=0&spot_id=12970&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=86&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D12970%26source%3D1408519430%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D12970%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DSDNM-355%252CMother%252CWho%252CRaises%252C3%252CChildren%252CWit..%252C%252CJavGG.net%252CSDNM-355%252CJAV%252CMother%252CWho%252CRaises%252C3%252CChildren%252CWith%252CA%252CLot%252COf%252CBreast%252CMilk%252CKaho%252CTamaki%252C29%252CYears%252COld%252CSOD%252CCreate%252CTamaki%252CKaho%252C%25E7%258E%2589%25E5%259F%258E%25E5%25A4%258F%25E5%25B8%2586%252CSDNM355%2520%26spot_id%3D12970%26p%3Dhttps%253A%252F%252Fjavgg.net%252Fjav%252Fsdnm-355%252F%26katds_labels%3D%26btype%3D0%26score%3D86&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=SDNM-355%2CMother%2CWho%2CRaises%2C3%2CChildren%2CWit..%2C%2CJavGG.net%2CSDNM-355%2CJAV%2CMother%2CWho%2CRaises%2C3%2CChildren%2CWith%2CA%2CLot%2COf%2CBreast%2CMilk%2CKaho%2CTamaki%2C29%2CYears%2COld%2CSOD%2CCreate%2CTamaki%2CKaho%2C%E7%8E%89%E5%9F%8E%E5%A4%8F%E5%B8%86%2CSDNM355%20&stratagem=&ssp=3758
X-Firefox-Spdy: h2
rtbrennab.com/banner/in/show/?mid=1481505505&pid=0&site=12970&sc=NO&usage_type=DCH&subid=1408519430&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=javgg.net&hostname=auc-banner-hz-5&site_id=0&spot_id=12970&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=86&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D12970%26source%3D1408519430%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D12970%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DSDNM-355%252CMother%252CWho%252CRaises%252C3%252CChildren%252CWit..%252C%252CJavGG.net%252CSDNM-355%252CJAV%252CMother%252CWho%252CRaises%252C3%252CChildren%252CWith%252CA%252CLot%252COf%252CBreast%252CMilk%252CKaho%252CTamaki%252C29%252CYears%252COld%252CSOD%252CCreate%252CTamaki%252CKaho%252C%25E7%258E%2589%25E5%259F%258E%25E5%25A4%258F%25E5%25B8%2586%252CSDNM355%2520%26spot_id%3D12970%26p%3Dhttps%253A%252F%252Fjavgg.net%252Fjav%252Fsdnm-355%252F%26katds_labels%3D%26btype%3D0%26score%3D86&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=SDNM-355%2CMother%2CWho%2CRaises%2C3%2CChildren%2CWit..%2C%2CJavGG.net%2CSDNM-355%2CJAV%2CMother%2CWho%2CRaises%2C3%2CChildren%2CWith%2CA%2CLot%2COf%2CBreast%2CMilk%2CKaho%2CTamaki%2C29%2CYears%2COld%2CSOD%2CCreate%2CTamaki%2CKaho%2C%E7%8E%89%E5%9F%8E%E5%A4%8F%E5%B8%86%2CSDNM355%20&stratagem=&ssp=3758
116.202.60.158302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=1481505505&pid=0&site=12970&sc=NO&usage_type=DCH&subid=1408519430&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=javgg.net&hostname=auc-banner-hz-5&site_id=0&spot_id=12970&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=86&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D12970%26source%3D1408519430%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D12970%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DSDNM-355%252CMother%252CWho%252CRaises%252C3%252CChildren%252CWit..%252C%252CJavGG.net%252CSDNM-355%252CJAV%252CMother%252CWho%252CRaises%252C3%252CChildren%252CWith%252CA%252CLot%252COf%252CBreast%252CMilk%252CKaho%252CTamaki%252C29%252CYears%252COld%252CSOD%252CCreate%252CTamaki%252CKaho%252C%25E7%258E%2589%25E5%259F%258E%25E5%25A4%258F%25E5%25B8%2586%252CSDNM355%2520%26spot_id%3D12970%26p%3Dhttps%253A%252F%252Fjavgg.net%252Fjav%252Fsdnm-355%252F%26katds_labels%3D%26btype%3D0%26score%3D86&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=SDNM-355%2CMother%2CWho%2CRaises%2C3%2CChildren%2CWit..%2C%2CJavGG.net%2CSDNM-355%2CJAV%2CMother%2CWho%2CRaises%2C3%2CChildren%2CWith%2CA%2CLot%2COf%2CBreast%2CMilk%2CKaho%2CTamaki%2C29%2CYears%2COld%2CSOD%2CCreate%2CTamaki%2CKaho%2C%E7%8E%89%E5%9F%8E%E5%A4%8F%E5%B8%86%2CSDNM355%20&stratagem=&ssp=3758
IP 116.202.60.158:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=1481505505&pid=0&site=12970&sc=NO&usage_type=DCH&subid=1408519430&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=javgg.net&hostname=auc-banner-hz-5&site_id=0&spot_id=12970&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=86&ml=&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D12970%26source%3D1408519430%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D12970%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DSDNM-355%252CMother%252CWho%252CRaises%252C3%252CChildren%252CWit..%252C%252CJavGG.net%252CSDNM-355%252CJAV%252CMother%252CWho%252CRaises%252C3%252CChildren%252CWith%252CA%252CLot%252COf%252CBreast%252CMilk%252CKaho%252CTamaki%252C29%252CYears%252COld%252CSOD%252CCreate%252CTamaki%252CKaho%252C%25E7%258E%2589%25E5%259F%258E%25E5%25A4%258F%25E5%25B8%2586%252CSDNM355%2520%26spot_id%3D12970%26p%3Dhttps%253A%252F%252Fjavgg.net%252Fjav%252Fsdnm-355%252F%26katds_labels%3D%26btype%3D0%26score%3D86&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=SDNM-355%2CMother%2CWho%2CRaises%2C3%2CChildren%2CWit..%2C%2CJavGG.net%2CSDNM-355%2CJAV%2CMother%2CWho%2CRaises%2C3%2CChildren%2CWith%2CA%2CLot%2COf%2CBreast%2CMilk%2CKaho%2CTamaki%2C29%2CYears%2COld%2CSOD%2CCreate%2CTamaki%2CKaho%2C%E7%8E%89%E5%9F%8E%E5%A4%8F%E5%B8%86%2CSDNM355%20&stratagem=&ssp=3758 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javgg.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Wed, 28 Sep 2022 02:59:37 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://btds.zog.link/in/912/?sid=12970&source=1408519430&idzone=0&w=1&h=1&mo=&ve=&site_id=12970&utm1=&utm2=&utm3=&utm4=&ad_tags=SDNM-355%2CMother%2CWho%2CRaises%2C3%2CChildren%2CWit..%2C%2CJavGG.net%2CSDNM-355%2CJAV%2CMother%2CWho%2CRaises%2C3%2CChildren%2CWith%2CA%2CLot%2COf%2CBreast%2CMilk%2CKaho%2CTamaki%2C29%2CYears%2COld%2CSOD%2CCreate%2CTamaki%2CKaho%2C%E7%8E%89%E5%9F%8E%E5%A4%8F%E5%B8%86%2CSDNM355%20&spot_id=12970&p=https%3A%2F%2Fjavgg.net%2Fjav%2Fsdnm-355%2F&katds_labels=&btype=0&score=86
X-Firefox-Spdy: h2
btds.zog.link/in/912/?sid=12970&source=1408519430&idzone=0&w=1&h=1&mo=&ve=&site_id=12970&utm1=&utm2=&utm3=&utm4=&ad_tags=SDNM-355%2CMother%2CWho%2CRaises%2C3%2CChildren%2CWit..%2C%2CJavGG.net%2CSDNM-355%2CJAV%2CMother%2CWho%2CRaises%2C3%2CChildren%2CWith%2CA%2CLot%2COf%2CBreast%2CMilk%2CKaho%2CTamaki%2C29%2CYears%2COld%2CSOD%2CCreate%2CTamaki%2CKaho%2C%E7%8E%89%E5%9F%8E%E5%A4%8F%E5%B8%86%2CSDNM355%20&spot_id=12970&p=https%3A%2F%2Fjavgg.net%2Fjav%2Fsdnm-355%2F&katds_labels=&btype=0&score=86
109.206.161.16302 Found 0 B URL HTTP/2 btds.zog.link/in/912/?sid=12970&source=1408519430&idzone=0&w=1&h=1&mo=&ve=&site_id=12970&utm1=&utm2=&utm3=&utm4=&ad_tags=SDNM-355%2CMother%2CWho%2CRaises%2C3%2CChildren%2CWit..%2C%2CJavGG.net%2CSDNM-355%2CJAV%2CMother%2CWho%2CRaises%2C3%2CChildren%2CWith%2CA%2CLot%2COf%2CBreast%2CMilk%2CKaho%2CTamaki%2C29%2CYears%2COld%2CSOD%2CCreate%2CTamaki%2CKaho%2C%E7%8E%89%E5%9F%8E%E5%A4%8F%E5%B8%86%2CSDNM355%20&spot_id=12970&p=https%3A%2F%2Fjavgg.net%2Fjav%2Fsdnm-355%2F&katds_labels=&btype=0&score=86
IP 109.206.161.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/912/?sid=12970&source=1408519430&idzone=0&w=1&h=1&mo=&ve=&site_id=12970&utm1=&utm2=&utm3=&utm4=&ad_tags=SDNM-355%2CMother%2CWho%2CRaises%2C3%2CChildren%2CWit..%2C%2CJavGG.net%2CSDNM-355%2CJAV%2CMother%2CWho%2CRaises%2C3%2CChildren%2CWith%2CA%2CLot%2COf%2CBreast%2CMilk%2CKaho%2CTamaki%2C29%2CYears%2COld%2CSOD%2CCreate%2CTamaki%2CKaho%2C%E7%8E%89%E5%9F%8E%E5%A4%8F%E5%B8%86%2CSDNM355%20&spot_id=12970&p=https%3A%2F%2Fjavgg.net%2Fjav%2Fsdnm-355%2F&katds_labels=&btype=0&score=86 HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javgg.net/
Connection: keep-alive
Cookie: 912.0=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.20.1
date: Wed, 28 Sep 2022 02:59:37 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://cdn.1vag.com/1x1.png
vary: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
set-cookie: 912.0=1; expires=Thu, 29 Sep 2022 02:59:37 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd179c15ea3a8a2100fdec4ab6b17069
826b0420eab48d9958195373cdb7dff61e31a992
3eb5f1b29419bcf36886668d21730b5f51f565b867b145283a510a95d7d67189
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3EB5F1B29419BCF36886668D21730B5F51F565B867B145283A510A95D7D67189"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3243
Expires: Wed, 28 Sep 2022 03:53:40 GMT
Date: Wed, 28 Sep 2022 02:59:37 GMT
Connection: keep-alive
cdn.1vag.com/1x1.png
45.133.44.25200 OK 68 B IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /1x1.png HTTP/1.1
Host: cdn.1vag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javgg.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:37 GMT
content-type: image/png
content-length: 68
server: nginx/1.20.1
last-modified: Wed, 15 Apr 2020 13:30:15 GMT
etag: "5e970c67-44"
cache-control: max-age=3600
x-request-id: 28eea0836f6cd5562d41ccabe8fa4a5b
expires: Wed, 28 Sep 2022 03:59:37 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
javgg.net/wp-content/themes/javggnet/assets/css/front.style.min.css
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/css/front.style.min.css
IP 104.21.6.180:0
GET /wp-content/themes/javggnet/assets/css/front.style.min.css HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: text/css
last-modified: Wed, 23 Feb 2022 13:48:14 GMT
vary: Accept-Encoding
etag: W/"62163b1e-18685"
expires: Thu, 27 Oct 2022 19:13:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5RhMcm9Rjzzq2W%2FnbasGRTcFMbkOtMcx3eDi7t7Wg5SoAu7Bpi0Z73uxW688pcFv3Oznrw5KbU31Z0z5GI0U1R4amcOq49xMeSOD8bosciHeAZu%2BMiYd7PlmRI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939324a12b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
javgg.net/wp-content/themes/javggnet/assets/js/front.livesearch.min.js
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/js/front.livesearch.min.js
IP 104.21.6.180:0
GET /wp-content/themes/javggnet/assets/js/front.livesearch.min.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript
last-modified: Fri, 05 Mar 2021 18:57:36 GMT
vary: Accept-Encoding
etag: W/"60427f20-1322"
expires: Thu, 27 Oct 2022 19:13:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yq7FbKx8v9aOnf7wc43tjoUk0lF5KKUhpaWoAeQ8d5xzbiUKzKHlgbucGYOQqUjkEPt6yWaeu0vlldLGqQ3SGW%2BwJyVEJ9BxXZLtKrRfleanJ7Daw4w2jbPCqq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939326a32b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
javgg.net/wp-content/themes/javggnet/assets/css/front.crollbar.min.css
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/css/front.crollbar.min.css
IP 104.21.6.180:0
GET /wp-content/themes/javggnet/assets/css/front.crollbar.min.css HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: text/css
last-modified: Tue, 09 Mar 2021 23:20:42 GMT
vary: Accept-Encoding
etag: W/"604802ca-1c1a"
expires: Thu, 27 Oct 2022 19:13:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=et%2BUEugrXJVVnGqzcERucjj%2Fj7eP%2B9LSmhMImX2UJZ%2Fq1mWDMETQxXmFPhgi1wLyiLbz1WE4AdxF4rg4WuFzPyc4AHkCHmEcaYgNuqobaAbuLIGjbvAY1xxkuxw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939324a11b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
javgg.net/wp-includes/js/jquery/jquery-migrate.min.js
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/wp-includes/js/jquery/jquery-migrate.min.js
IP 104.21.6.180:0
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript
last-modified: Wed, 09 Dec 2020 02:26:24 GMT
vary: Accept-Encoding
etag: W/"5fd035d0-2bd8"
expires: Thu, 27 Oct 2022 19:13:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnb%2BDms5wzJh2Ji2mXcGX87IwaH4VeDNgSSOHf8Cz%2BkbpRMBhbsyoKNON1yyHbwx6A91NHTcAPc4Heu%2FD2XflBIWp%2FNhuRV6zy7cNR0Ub0uySmh%2BudhBxORK%2Bbw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939324a1bb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.tubecorp.com/i/b.html?spot=8352&src=379851898&pid=12732&width=300&height=100&spaceid=860
45.133.44.25200 OK 0 B URL HTTP/2 cdn.tubecorp.com/i/b.html?spot=8352&src=379851898&pid=12732&width=300&height=100&spaceid=860
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
GET /i/b.html?spot=8352&src=379851898&pid=12732&width=300&height=100&spaceid=860 HTTP/1.1
Host: cdn.tubecorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notads.111supjavcom.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.20.1
last-modified: Sat, 20 Nov 2021 06:50:54 GMT
etag: W/"df-5d132d02c9e77"
x-request-id: 3d665f1e58ddb5ba71ed01787a051209
content-encoding: gzip
expires: Wed, 28 Sep 2022 03:59:30 GMT
cache-control: max-age=3600
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
javgg.net/cdn-cgi/rum?
104.21.6.180200 OK 0 B IP 104.21.6.180:0
POST /cdn-cgi/rum? HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1081
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Cookie: _ga=GA1.2.81713717.1664333969; _gid=GA1.2.213513287.1664333969; _gat=1; sb_main_53b23c00e857c12b9ec3a6750b627447=1; sb_count_53b23c00e857c12b9ec3a6750b627447=1; starstruck_049b550d94aa443d7d092a8280918509=c85a124ccddc0d4464aecbae61f39ed1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=incomprehensibleacrid.com; dom3ic8zudi28v8lr6fgphwffqoz0j6c=c10b66c0-6c05-43ea-a64a-7b3a927289d4%3A2%3A1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:33 GMT
content-type: text/plain
access-control-allow-origin: https://javgg.net
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 751939467b88b517-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:33 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 12:54:16 GMT
etag: W/"602fb4f8-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Wed, 28 Sep 2022 03:59:33 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
js.cabnnr.com/banner-admanager/build.m.js
45.133.44.25200 OK 0 B URL HTTP/2 js.cabnnr.com/banner-admanager/build.m.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
GET /banner-admanager/build.m.js HTTP/1.1
Host: js.cabnnr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:34 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 13 Sep 2022 14:00:41 GMT
etag: W/"63208d09-b395"
content-encoding: gzip
expires: Wed, 28 Sep 2022 03:04:34 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
javgg.net/wp-content/themes/javggnet/assets/css/front.mobile.min.css
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/css/front.mobile.min.css
IP 104.21.6.180:0
GET /wp-content/themes/javggnet/assets/css/front.mobile.min.css HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 14:44:38 GMT
vary: Accept-Encoding
etag: W/"62ea89d6-23d9"
expires: Thu, 27 Oct 2022 19:13:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjf0pX6hnWTJEwgtNr2IDeaaPF%2BC1G7Vc%2BmWDLZoexZbDtYPg1J2jbO94wb4nOMBYbsd20JtOAsBuSfN3iO7Zzh1HCVS9j1KFPsFg98W7PBuNGF10PAamdsauJA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939324a17b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
javgg.net/wp-content/themes/javggnet/assets/js/front.ajax.min.js
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/js/front.ajax.min.js
IP 104.21.6.180:0
GET /wp-content/themes/javggnet/assets/js/front.ajax.min.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript
last-modified: Fri, 05 Mar 2021 18:57:22 GMT
vary: Accept-Encoding
etag: W/"60427f12-3c52"
expires: Thu, 27 Oct 2022 19:13:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPiZC%2BeBkyx19YI8UkD%2FvXwatWb5GgBiDsqjUYKGkkf5YO%2B4XBhWHA1t80GdyOSj9vPYePREfeKYIw%2B9qgZtKhCwA%2Bc4FzendH8zKf4ThqI1HnskTvhNa0DwA98%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939325a23b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
javgg.net/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664323200
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664323200
IP 104.21.6.180:0
GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664323200 HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epH6X7GB%2FzHj%2BWIlR1rKLBcJwH63jxvnXXR4t%2Bs1I70MKvtsNcqKOrGIVWNC%2F1juGSg6c5E71TuRfrn2Pi2G%2F9K08QHFP2uGNsm9drr8oI8ru26KnDHbyGDcMs4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75193935ab96b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/animate.css
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/animate.css
IP 172.64.200.2:0
GET /sb/ssp/utility/social-media/whatsapp/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:34 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1272747
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfXERpXUl7cA5AksbjfiRg%2FSXUBE988tkXY46zJd1Rs5lHEUKoubcFxPGcTDDJh9pSqvN5iR%2BtpG3afGIIksliw7wlbG2iZspnTOa1uNG0gJQDdbalaodDzIlLQgkJxnFZ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193949ece68e26-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
javgg.net/cdn-cgi/rum?
104.21.6.180200 OK 0 B IP 104.21.6.180:0
POST /cdn-cgi/rum? HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 349
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Cookie: _ga=GA1.2.81713717.1664333969; _gid=GA1.2.213513287.1664333969; _gat=1; sb_main_53b23c00e857c12b9ec3a6750b627447=1; sb_count_53b23c00e857c12b9ec3a6750b627447=1; starstruck_049b550d94aa443d7d092a8280918509=c85a124ccddc0d4464aecbae61f39ed1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=incomprehensibleacrid.com; dom3ic8zudi28v8lr6fgphwffqoz0j6c=c10b66c0-6c05-43ea-a64a-7b3a927289d4%3A2%3A1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:39 GMT
content-type: text/plain
access-control-allow-origin: https://javgg.net
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 751939692b27b517-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.tubecorp.com/b/tcbanner.js?v=21
45.133.44.25200 OK 0 B URL HTTP/2 cdn.tubecorp.com/b/tcbanner.js?v=21
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
GET /b/tcbanner.js?v=21 HTTP/1.1
Host: cdn.tubecorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.tubecorp.com/i/b.html?spot=8352&src=379851898&pid=12732&width=300&height=100&spaceid=860
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:31 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.20.1
last-modified: Sat, 20 Nov 2021 06:50:35 GMT
etag: W/"61989abb-c604"
cache-control: max-age=3600
x-request-id: eb03ce2295c7cf6145769d1f48d5ab66
content-encoding: gzip
expires: Wed, 28 Sep 2022 03:59:31 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
javgg.net/jav/sdnm-355/
104.21.6.180200 OK 0 B IP 104.21.6.180:0
GET /jav/sdnm-355/ HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://javgg.net/wp-json/>; rel="https://api.w.org/", <https://javgg.net/?p=106751>; rel=shortlink
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 19:27:57 GMT
cache-control: max-age=3600
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUUZM80xrrGBCAs3xltECvu4kpAjYQE77f96vmizuEZPA47%2FBw5Okl5frjq6eujtJjBjRnmKQpPYSYjZRYBJdCppaoQd5jBvczkHLaKaShiJAKtZ%2F9YN%2BJ5oHDY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939312984b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
javgg.net/cdn-cgi/apps/head/M89UaTsofQaKWze2ZVBaZiwO3NQ.js
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/cdn-cgi/apps/head/M89UaTsofQaKWze2ZVBaZiwO3NQ.js
IP 104.21.6.180:0
GET /cdn-cgi/apps/head/M89UaTsofQaKWze2ZVBaZiwO3NQ.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: jj+bzsIilPzxav02SC+M8mB9j67qWQu29Svg4drDLr/tyioHt2bIBuooNl7kQPGJG/1tUo5Q8vI=
x-amz-request-id: DY87V5V2FD246V4M
cache-control: public, max-age=31536000
last-modified: Wed, 19 Jan 2022 02:19:33 GMT
x-amz-version-id: b9Jcnbr4wAr9_Jsm1r9ZeESWLjJKy_fS
etag: W/"6c2479e3ae0f0938b49e2141f0b68b01"
cf-cache-status: HIT
age: 27683
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywisoIGsw9cTKj3%2FJuk57vRsXYHxpUm5FHeo0d%2Fd0mzyqRqrbc3lYp8mIH%2FkNxZcdGs3HKL7Jfq7cWVFspsHNkcTyNNjbl2kEZOm7vkKrKvGKR1ItypBXQttBO8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751939323a08b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
javgg.net/wp-content/themes/javggnet/assets/css/colors.fusion.min.css
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/css/colors.fusion.min.css
IP 104.21.6.180:0
GET /wp-content/themes/javggnet/assets/css/colors.fusion.min.css HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: text/css
last-modified: Thu, 03 Feb 2022 12:08:13 GMT
vary: Accept-Encoding
etag: W/"61fbc5ad-8a49"
expires: Thu, 27 Oct 2022 19:13:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27683
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLBs7zcGRPXmGtAhLeHf2PM18ASz67baSBl4X10tL8XW1HRVneoBQpPDPsQqNZ76uzZM9ga2KFrhFPIjKS9C0UJD7XXsqOC3FHJkljn%2FJRi7FUbynqLAs2dwyYs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939324a14b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
javgg.net/wp-content/themes/javggnet/assets/js/lib/owlcarousel.js
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/js/lib/owlcarousel.js
IP 104.21.6.180:0
GET /wp-content/themes/javggnet/assets/js/lib/owlcarousel.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=23938
etag: W/"5c8f9f1a-5d82"
expires: Thu, 27 Oct 2022 19:13:35 GMT
last-modified: Mon, 18 Mar 2019 13:37:30 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAdjbgHIzGb3pwdyPSJeXwT8vpnLs3Xur2wyzswlqK%2BgN1l0TcFZhZ7mBQ%2FouOUozRNEmTntUGGLLjSniZ7CFOYlNJ%2FoZ4jQGoRGRXjYpgIHqRqjl3W2hDKN5I4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939324a1fb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
javgg.net/wp-content/themes/javggnet/assets/js/lib/starstruck.js
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/js/lib/starstruck.js
IP 104.21.6.180:0
GET /wp-content/themes/javggnet/assets/js/lib/starstruck.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=1311
etag: W/"5c8f9f1a-51f"
expires: Thu, 27 Oct 2022 19:13:35 GMT
last-modified: Mon, 18 Mar 2019 13:37:30 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27578
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMmabvBi%2FstPt1L1%2By%2B94SJXJbYc2OwRqmcLKXhDaamiU6Hf%2BH%2Bj7jIxjU5tBmTH3doSf5%2BI%2BN4oRjMF5PHL0psuXLGgGtJeVNbFx%2FKkjMwlj0pC%2BPY19kq0TDQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939326a2fb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
tsyndicate.com/iframes2/607f4e023c4447b99a1f4ca4ed500c5e.html?&adb=0&clientjs=1&w=1280&h=1024&tz=0
136.243.69.157200 OK 0 B URL HTTP/2 tsyndicate.com/iframes2/607f4e023c4447b99a1f4ca4ed500c5e.html?&adb=0&clientjs=1&w=1280&h=1024&tz=0
IP 136.243.69.157:0
ASN #24940 Hetzner Online GmbH
GET /iframes2/607f4e023c4447b99a1f4ca4ed500c5e.html?&adb=0&clientjs=1&w=1280&h=1024&tz=0 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://notads.111supjavcom.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:59:31 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: a8f3a362a6987d30
set-cookie: ts_uid=664f416d-92d1-4017-a5ac-e82212104103; expires=Tue, 28 Mar 2023 02:59:31 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
javgg.net/cdn-cgi/apps/body/AB9f-K672Ygo6-QjbJbi_OuWbG8.js
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/cdn-cgi/apps/body/AB9f-K672Ygo6-QjbJbi_OuWbG8.js
IP 104.21.6.180:0
GET /cdn-cgi/apps/body/AB9f-K672Ygo6-QjbJbi_OuWbG8.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: BBM3bK4ukGgsSBjR6exZEpAXWNyNh9gIn7gq+SLE+Ee8fmLDhWCs9DZDgdlrHetnsA4zk2mNPe4=
x-amz-request-id: DY86TPQR6Q3TJF1T
cache-control: public, max-age=31536000
last-modified: Wed, 19 Jan 2022 02:19:33 GMT
x-amz-version-id: JF9JigjF.JPHnrWL2uUG45Fs2iE8y2mk
etag: W/"f86815421a4a198c78096bffd3310ab5"
cf-cache-status: HIT
age: 27683
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzWoLjVRtoSj6KNG3ZJLODUJEMcsZc8EworjU0SmcUzo1Gy8Dou%2FAZoh2vUWBrNPbsUmSIxBnv4TWMBRS%2FhIK3mV3JzqSfpUnKy354dyAHCvYbapHbxPmpJecHg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193932fa6bb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.adtng.com/get/10010242?time=1592492288727&atc=417096&apb=mR3tmHSdQIEgEyNuD76mf9cAXPZxeOaJ2XsrMzUZfVcvDAyzeb8mGxCl03lLOB4OGGyfMsX9uYxGAmOoQ6t1RM7nA0Mv-URhFl_z7VYBiw-h_gUIDRUi
66.254.114.171200 OK 0 B URL HTTP/2 a.adtng.com/get/10010242?time=1592492288727&atc=417096&apb=mR3tmHSdQIEgEyNuD76mf9cAXPZxeOaJ2XsrMzUZfVcvDAyzeb8mGxCl03lLOB4OGGyfMsX9uYxGAmOoQ6t1RM7nA0Mv-URhFl_z7VYBiw-h_gUIDRUi
IP 66.254.114.171:0
GET /get/10010242?time=1592492288727&atc=417096&apb=mR3tmHSdQIEgEyNuD76mf9cAXPZxeOaJ2XsrMzUZfVcvDAyzeb8mGxCl03lLOB4OGGyfMsX9uYxGAmOoQ6t1RM7nA0Mv-URhFl_z7VYBiw-h_gUIDRUi HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 28 Sep 2022 02:59:32 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KFmMzuJRexmO1gJtuAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7040; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 6333B894-42FE72AB01BB2C06-3C1D36C1
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/style.css
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/style.css
IP 172.64.200.2:0
GET /sb/ssp/utility/social-media/whatsapp/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:34 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:30:40 GMT
etag: W/"6128daf0-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 410505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B97MrbZHwxRNrcm2zWtdJB7P%2Bt1FbqXE1Sv0%2Bv1Rj3EoBEwIIBQ%2Fa1pCoNUSeIDYoyeUIUPiDl6nSx%2FyRj3ifuYH%2BmHh11ldZFRPs3%2F%2BiCuMwtuFrh59h1B0AWhaQz7sZ6E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193949ece78e26-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
javgg.net/wp-content/themes/javggnet/assets/css/front.gallery.min.css
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/css/front.gallery.min.css
IP 104.21.6.180:0
GET /wp-content/themes/javggnet/assets/css/front.gallery.min.css HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: text/css
last-modified: Tue, 09 Mar 2021 23:20:54 GMT
vary: Accept-Encoding
etag: W/"604802d6-10a0"
expires: Thu, 27 Oct 2022 19:13:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2179
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2QeIzmi8g6mbuEo%2BkI1I4fq24nQFmoOM6TbGY2VQOCEqmh7UCKGCN%2FgWv9tlbCbQkVcixXTLNzjilFWEAk8wotvLQWdwpCj2oxXlsOQ2oAIM9BxUkkG7xn88y8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939324a18b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
javgg.net/wp-content/themes/javggnet/assets/js/lib/isrepeater.js
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/js/lib/isrepeater.js
IP 104.21.6.180:0
GET /wp-content/themes/javggnet/assets/js/lib/isrepeater.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=10380
etag: W/"5c8f9f1a-288c"
expires: Thu, 27 Oct 2022 19:13:35 GMT
last-modified: Mon, 18 Mar 2019 13:37:30 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAAsHYbDdXsZJ3rAqqy%2FMbtnM7jffzz%2BwbG%2FLYxYvhT4dAxdd855oMBIlwlJBfUpFz6MaCzbNXDv6QjOJSn2uGa8unwAGLspEq7o5llMDAgBWpRE7pEqw0Xh6tk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939325a22b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
javgg.net/wp-content/themes/javggnet/assets/css/front.owl.min.css
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/css/front.owl.min.css
IP 104.21.6.180:0
GET /wp-content/themes/javggnet/assets/css/front.owl.min.css HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: text/css
last-modified: Tue, 09 Mar 2021 23:21:34 GMT
vary: Accept-Encoding
etag: W/"604802fe-8fb"
expires: Thu, 27 Oct 2022 19:13:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27683
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtOsaTDEbrs1Wt5DEUqfFh2e8KxTTXDAjdl7XnCSqgOibJg9P8VoPX%2Bve9VYqkwblPtyWgSZyrMqRNAa5dm33Ei8xjQGQYgE8CplatyDLPhkHtKy3BbWWGxu%2Bvg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939323a0eb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
javgg.net/wp-includes/js/jquery/jquery.min.js
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/wp-includes/js/jquery/jquery.min.js
IP 104.21.6.180:0
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript
last-modified: Wed, 21 Jul 2021 03:00:31 GMT
vary: Accept-Encoding
etag: W/"60f78dcf-15db1"
expires: Thu, 27 Oct 2022 19:13:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d87ZvF1%2BKti3mDhidlR35oMVujiS305NLlZlg1bf%2FTlMNXWzCF16onEmedG9exlEElipeTk4rJYyr0ZpM6cwF9ea8wq67DAb7MB2udPgkyFNIEbxDdneqKVKuaw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939324a1ab517-OSL
content-encoding: br
X-Firefox-Spdy: h2
javgg.net/wp-content/themes/javggnet/assets/js/lib/starstruck.raty.js
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/wp-content/themes/javggnet/assets/js/lib/starstruck.raty.js
IP 104.21.6.180:0
GET /wp-content/themes/javggnet/assets/js/lib/starstruck.raty.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=10364
etag: W/"5c8f9f1a-287c"
expires: Thu, 27 Oct 2022 19:13:35 GMT
last-modified: Mon, 18 Mar 2019 13:37:30 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27578
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwUXpu%2FUT7DEKghOkar5ZJ9MbjjypDT0x%2Bg8cA4MfJXRgmiuRwb2X0fU0Re1f0oIQXAyI45E3EwlUjJUENCZGIOgIJ8F0AwEycjdqbbSRi5KqFiyq%2F%2BARYwbq2U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939325a29b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
javgg.net/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js
IP 104.21.6.180:0
GET /wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: application/javascript
last-modified: Tue, 23 Aug 2022 07:04:46 GMT
vary: Accept-Encoding
etag: W/"63047c0e-1eee"
expires: Thu, 27 Oct 2022 19:13:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1814
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjksA2YyNyiurxQGwY35syq2xlLdccXXjRjnn3y2D5O%2Fwf7XjsPducnueTws5GMMt15iArhkktHr9xpoyub3%2F0Jft7BzcGg8%2B%2BbzhPThZOFC3FeJK%2FMQLwxwadY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939326a34b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
theporndude.com.1111supjavcom.xyz/api/spots/310148?host=javgg.net&ev=196&wh=939&ww=1280&s1=%25subid1%25
135.181.208.216200 OK 0 B URL HTTP/2 theporndude.com.1111supjavcom.xyz/api/spots/310148?host=javgg.net&ev=196&wh=939&ww=1280&s1=%25subid1%25
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/310148?host=javgg.net&ev=196&wh=939&ww=1280&s1=%25subid1%25 HTTP/1.1
Host: theporndude.com.1111supjavcom.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:59:32 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=AC76GlB66udLI4VV2Bee; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
javgg.net/wp-includes/css/dist/block-library/style.min.css
104.21.6.180200 OK 0 B URL HTTP/2 javgg.net/wp-includes/css/dist/block-library/style.min.css
IP 104.21.6.180:0
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: javgg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/jav/sdnm-355/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 02:07:47 GMT
vary: Accept-Encoding
etag: W/"62ce28f3-15b64"
expires: Thu, 27 Oct 2022 19:13:33 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djJRKHgBhzpHs6fyr0Fc0x19z2WvRAyUXllZ2r9YOc1CLvKbFfqrbwfC5patKgECCbjlQ4DUNztpa0tN3KSzFmbmOeJiq69VS5UhsZhAgteFB5mQvPDo1lhAtwA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751939323a0cb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/js/script.js
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/js/script.js
IP 172.64.200.2:0
GET /sb/ssp/utility/social-media/whatsapp/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:34 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1272747
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GhH6lZ4y1Nm4mMQYxHXdmv9ApjKJKbZ535uTCLi6398OiWsDobc1aNO7%2B3hy0nph2i79Ungd2jez3OPBmVlVz2Z4KV97DytzCC6UOvh4ON%2BWogqoYRIHk7IyCVgdcTl%2FnOE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75193949dce18e26-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
104.18.47.230200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP 104.18.47.230:0
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javgg.net
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:59:30 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 751939328ed7b506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700
IP 142.250.74.10:0
GET /css?family=Roboto%3A300%2C400%2C500%2C700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javgg.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 02:59:30 GMT
date: Wed, 28 Sep 2022 02:59:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2