javdoe.sh/73091/nhdta-710-studio-natural-high-i-couldn-t-ask-my-mother-to-get-me-off-in-the-hospital-so-i-asked-my/
301 Moved Permanently 0 B URL HTTP/1.1 javdoe.sh/73091/nhdta-710-studio-natural-high-i-couldn-t-ask-my-mother-to-get-me-off-in-the-hospital-so-i-asked-my/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /73091/nhdta-710-studio-natural-high-i-couldn-t-ask-my-mother-to-get-me-off-in-the-hospital-so-i-asked-my/ HTTP/1.1
Host: javdoe.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 14:34:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 15:34:52 GMT
Location: https://javdoe.sh/73091/nhdta-710-studio-natural-high-i-couldn-t-ask-my-mother-to-get-me-off-in-the-hospital-so-i-asked-my/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0UkeXokmOcZMa%2B97jB15l2zZ8H8nR3obuXkKeeuOUXT6DWgyQ5gIjlk0DkUqmsAGpTe1f1o9Qb35QGaJpvm6ZeR9eGX4MtPpgcZ5Wwn5XbzquXD5zKKUM%2FrCtM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a19b2eecd60b41-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 14:08:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PQvV-A-8gluovoylwcdqdj2IRQxFU4BKvs3YWt53O7guTQQNA0l5Ew==
Age: 1566
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8713
Expires: Tue, 13 Sep 2022 17:00:05 GMT
Date: Tue, 13 Sep 2022 14:34:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bQoIJ1xYIu3cx0DxSwIcF4lfxoKD66WUIh9WTKd8F2AeLWSOIcHq1g==
age: 35978
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
s7.addthis.com/js/300/addthis_widget.js
200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP
File type ASCII text, with very long lines (54602)
Size 116 kB (116401 bytes)
Hash 868623d1409b3a210c3d2fb002f0719d
62b6883ea77d31d81fbc939f7342bea9520079c8
b79b37bdcb4fabcafbfdb71d55b923f4e48579201675b9683f677c97dd782e7e
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116401
date: Tue, 13 Sep 2022 14:34:53 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4a68e0856575d52f7778bc821b5c881b
0956533f660fd0e7096540292f9b60451f60f148
0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 14:34:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 14:34:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-145699272-2
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-145699272-2
IP
File type ASCII text, with very long lines (1615)
Hash 477a69c951a7b09daf6528e74886d6b4
18c0ec2b7872771d92fcfa0682fd20792b05d026
11d7d06089b44f17b3cce4c8269bf10f6143443622c6a4792ad6f28effb0f621
GET /gtag/js?id=UA-145699272-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 14:34:53 GMT
expires: Tue, 13 Sep 2022 14:34:53 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41922
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto
200 OK 983 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto
IP
Hash 66917663627474c3e02ac92441f550cb
aa6b6eaaae536d22b3ea8cbc3d1488a3a40ccc78
0451fd5f11e42084137dc21a77fb36f5048985fea647885e694a085b29472155
GET /css?family=Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 14:34:53 GMT
date: Tue, 13 Sep 2022 14:34:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 486 B IP
Hash c3494a23c12eb5090a7f273bd5f0e4fc
d1fc4195c15958c4369cea08ba0fd8b78718913d
8e224f1f10de4f57e578820916d8ada90a29a5fe15a491cdf3c588eccef9dba5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 14:34:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 1.1 kB IP
Hash 9a733c0ce0cef9c0563a33ff55888df0
e5847c9435bb00603b3e9b13cc128e198d61dfe6
2863b1ab5a386ee0976deb86dfe6b3afb3287e6983292c721e6f69e58614e548
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 14:34:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 13:58:39 GMT
Expires: Tue, 20 Sep 2022 13:58:38 GMT
Etag: "e8f18d2bb2e17b06a694e570b8a9681d76011fbb"
Cache-Control: max-age=602024,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a19b3359bdb50b-OSL
poweredby.jads.co/js/jads.js
301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 13 Sep 2022 14:34:53 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0090d36ecf8cb19cdb5ed14ad44041ff
35b21a294fe20bdfe5c81fa175af5516bf213e84
a9ec3558e3aa2d363ff48ee9b6db4f4170712334f28c07da828fa5d4f3b46e78
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9EC3558E3AA2D363FF48EE9B6DB4F4170712334F28C07DA828FA5D4F3B46E78"
Last-Modified: Tue, 13 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11107
Expires: Tue, 13 Sep 2022 17:40:00 GMT
Date: Tue, 13 Sep 2022 14:34:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0090d36ecf8cb19cdb5ed14ad44041ff
35b21a294fe20bdfe5c81fa175af5516bf213e84
a9ec3558e3aa2d363ff48ee9b6db4f4170712334f28c07da828fa5d4f3b46e78
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9EC3558E3AA2D363FF48EE9B6DB4F4170712334F28C07DA828FA5D4F3B46E78"
Last-Modified: Tue, 13 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11107
Expires: Tue, 13 Sep 2022 17:40:00 GMT
Date: Tue, 13 Sep 2022 14:34:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 13 Sep 2022 14:03:22 GMT
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 14:06:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: R3OVphWBVpd8p65-ehfpDRJZjeVsyYFwoMl5zTCOV9sBfVUvaVza5w==
Age: 1891
poweredby.jads.co/js/jads2.js
200 OK 4.4 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP
Hash dcaacb15024d6403cb0ac38223a020cc
5937af91838e6c777d59b7e13c56617c98288da8
df3cfcb8e0ffe04fb472f00c99aa58769f8952c9ed647fe6200efd0e349b508f
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javdoe.sh/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 14:34:53 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip
morrowfreezer.com/19/d7/9f/19d79fa5948c69463cfd0e4c039deabb.js
200 OK 13 kB URL HTTP/1.1 morrowfreezer.com/19/d7/9f/19d79fa5948c69463cfd0e4c039deabb.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37151), with no line terminators
Hash ce0937f13b80cf91fcde934d5ecb2974
fc56c88b13fce8f81118482f28eca19bed99679e
44f82c62d255d185a0a3513f8414c24fc80862f286abf339078f011f2ed49768
Analyzer Verdict Alert quad9 Sinkholed
GET /19/d7/9f/19d79fa5948c69463cfd0e4c039deabb.js HTTP/1.1
Host: morrowfreezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 13 Sep 2022 14:34:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8fbcb0b617a9ec9988f347f51df21621
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6484
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 14:34:53 GMT
Last-Modified: Tue, 13 Sep 2022 12:46:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
morrowfreezer.com/9c/65/50/9c655092bf22243dee2b573fbfc72490.js
200 OK 20 kB URL HTTP/1.1 morrowfreezer.com/9c/65/50/9c655092bf22243dee2b573fbfc72490.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59624)
Hash 2383b8a4019aaed0228163e8ae530e68
245a01367ca667534d223372a70a29693facfc15
f162fe0527307f1506518f1b6f6bea69abc4f3745cc4966aa311ce600c6c8157
Analyzer Verdict Alert quad9 Sinkholed
GET /9c/65/50/9c655092bf22243dee2b573fbfc72490.js HTTP/1.1
Host: morrowfreezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 13 Sep 2022 14:34:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_hd28118=1; expires=Wed, 21 Sep 2022 14:34:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 38e5662e301fa4d2afbb3fab2e518676
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 14:34:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 500446
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 2d6891616af65aebebfd5277681cbb99
fc8dd4dfa4b3245c2d9f3d2469306ba3ce03c599
ead4ddad3bb0b9034fe33c6d03ec1aae7f08d11610ea797ba61e01eb9a53745e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EAD4DDAD3BB0B9034FE33C6D03EC1AAE7F08D11610EA797BA61E01EB9A53745E"
Last-Modified: Mon, 12 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12019
Expires: Tue, 13 Sep 2022 17:55:13 GMT
Date: Tue, 13 Sep 2022 14:34:54 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 1621e0f22bd3620f72a75af1e541f612
c8af40b5773164225c0c768dd20d43b150ad4282
32cb4323e151d5a36261465892e586d490fb8e831f98d6c2f31396ab29ada8ce
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 14:34:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 17 Sep 2022 11:35:58 GMT
ETag: "c8af40b5773164225c0c768dd20d43b150ad4282"
Last-Modified: Tue, 13 Sep 2022 11:35:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1404
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a19b393e1c0b55-OSL
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 1621e0f22bd3620f72a75af1e541f612
c8af40b5773164225c0c768dd20d43b150ad4282
32cb4323e151d5a36261465892e586d490fb8e831f98d6c2f31396ab29ada8ce
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 14:34:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 17 Sep 2022 11:35:58 GMT
ETag: "c8af40b5773164225c0c768dd20d43b150ad4282"
Last-Modified: Tue, 13 Sep 2022 11:35:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1404
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a19b393ab9b523-OSL
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pRZwgn1gp02/kSeX1f6RMA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gGAR6j/DJ26eBRRjDZwP41w/WSA=
use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
200 OK 67 kB URL HTTP/2 use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 67400, version 1.0\012- data
Hash 14a08198ec7d1eb96d515362293fed36
965d78c34637d1bdab6277805faecb6caa959669
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
GET /releases/v5.3.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: font/woff2
content-length: 67400
x-amz-id-2: hCd9mnw3LDBp+SXvJ8ltuN7Z/BJH8nHCbgdTBKnBmwHZHgf1LlXNX2T9E74prHoqPDwD0jcZgYo=
x-amz-request-id: HMDKG90H6PWJERA5
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:42:33 GMT
etag: "14a08198ec7d1eb96d515362293fed36"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 440593
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXCjVTfT4EMJB9Y7Vu5zsmkeKpD8wPNB8nn1dzKAwwOXH5AoGJ9OF9JtiJXJH1K2zI16BLI49%2Fd9dKq9pCCQnS1%2BseHD1FVPV0JR8wtDp6uM7NM6s1qrr8GDtadW%2FI1XzYgcGOTq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a19b39cb9cb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 14:34:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 2fc3b5eb9085eca43e4d88936932d44c
e59ae2e54c872725e60eb6d333a716be9677fba3
199fc94cedc302abb9b72051981be93564893258027f7e821646766f0ce1fb9c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 14:34:54 GMT
Last-Modified: Tue, 13 Sep 2022 13:06:33 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XYzyylAV4SNPgOwaSxCV-U05qb9Q_z5cI7HWwAHJbJ-EXwSdnrYOrQ==
Age: 5301
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 2fc3b5eb9085eca43e4d88936932d44c
e59ae2e54c872725e60eb6d333a716be9677fba3
199fc94cedc302abb9b72051981be93564893258027f7e821646766f0ce1fb9c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170412
Date: Tue, 13 Sep 2022 14:34:54 GMT
Etag: "63207801-1d7"
Expires: Thu, 15 Sep 2022 13:55:06 GMT
Last-Modified: Tue, 13 Sep 2022 12:30:57 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: a_gkg9Oyv3QN7_0WKNTSEJ6O6Db8JgH9Mv13I4HIFujlYjTgdT3rHQ==
Age: 5049
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 13 Sep 2022 14:34:54 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash a01c9aecd50b8f5afa33e30fbd97e4ab
b8f0765307315ec7d42960c1d4d2bdad36d91ac8
7716f00dc4eab1281c4bdd096d9b63c9bcf13bcf871d34367db1fe0b0bc8d77f
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://javdoe.sh
access-control-allow-credentials: true
set-cookie: uid_id2=ecf291cd-1f26-4cbc-988a-b71b3802a470:1:1; expires=Fri, 10 Sep 2032 14:34:54 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 4dc60a2b6cac919de8b2fad5e124f296
c531ec2061395b1182e5cc158312f5811529d004
ff23c90d42446501764f532a23f41e6f1173e9ccc3c0fd2f7fface285d457ae9
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://javdoe.sh
access-control-allow-credentials: true
set-cookie: uid_id2=3664a298-c3c7-491a-83d5-72f2f3083b28:2:1; expires=Fri, 10 Sep 2032 14:34:54 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5dc25adbca638e4a493bb2f9bdccd722
18168b8a51f6ab9e331eade0e76cffeb649eaf4b
502928763c74d2aea7774a18a586c69b9c2d7a1cc50e276f1366abfc3473aaa1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "502928763C74D2AEA7774A18A586C69B9C2D7A1CC50E276F1366ABFC3473AAA1"
Last-Modified: Mon, 12 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11060
Expires: Tue, 13 Sep 2022 17:39:14 GMT
Date: Tue, 13 Sep 2022 14:34:54 GMT
Connection: keep-alive
akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_7
200 OK 48 kB URL HTTP/2 akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_7
IP
Hash 55f6d3b1a32bde8140cbdffc32c20ce3
e986c775c25feed175fa86bdce49878d7b1cf8da
85963220093d260fd05c53f8622bb961b63b6bcc9931a95ed0c9204ac3a3c916
GET /lv/esnk/1872197/code.js?pid=_cb-1872197_7 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1e740"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
reapinject.com/pixel/purst?dl=0&th=0&sc=0&rs=1554&rd=1554&fd=1089&bv=22.9.v.5&tmpl=70
200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/purst?dl=0&th=0&sc=0&rs=1554&rd=1554&fd=1089&bv=22.9.v.5&tmpl=70
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1554&rd=1554&fd=1089&bv=22.9.v.5&tmpl=70 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 13 Sep 2022 14:34:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
2qj7mq3w4uxe.com/solid.gif?z=1881613&abvar=0
200 OK 43 B URL HTTP/2 2qj7mq3w4uxe.com/solid.gif?z=1881613&abvar=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1881613&abvar=0 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/get/1872197?zoneid=1872197&pid=_cb-1872197_11&jp=_clb79qz9wxlftpjg95pjoc&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=390466566720184
200 OK 1.1 kB URL HTTP/2 akmxts.com/get/1872197?zoneid=1872197&pid=_cb-1872197_11&jp=_clb79qz9wxlftpjg95pjoc&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=390466566720184
IP
Hash 53ff200ccb15d17184948de8558a331a
31a268c2dd2b08bb681a1b7fec308ef2e52e5f9f
8fe0f18dfe14c48ba49831e32be1287fd26e62c2b4f9f09cc4f056698b7dc2a1
GET /get/1872197?zoneid=1872197&pid=_cb-1872197_11&jp=_clb79qz9wxlftpjg95pjoc&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=390466566720184 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: UID=2209130934a572849deb3f4e8e963b186c96
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/solid.gif?z=1881613&abvar=0
200 OK 43 B URL HTTP/2 2qj7mq3w4uxe.com/solid.gif?z=1881613&abvar=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1881613&abvar=0 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/solid.gif?z=1881613&abvar=0
200 OK 43 B URL HTTP/2 2qj7mq3w4uxe.com/solid.gif?z=1881613&abvar=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1881613&abvar=0 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/solid.gif?z=1881613&abvar=0
200 OK 43 B URL HTTP/2 2qj7mq3w4uxe.com/solid.gif?z=1881613&abvar=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1881613&abvar=0 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/get/1872197?zoneid=1872197&pid=_cb-1872197_7&jp=_clt7mv868togtl2p160nkm&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=7990290937880613
200 OK 1.1 kB URL HTTP/2 akmxts.com/get/1872197?zoneid=1872197&pid=_cb-1872197_7&jp=_clt7mv868togtl2p160nkm&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=7990290937880613
IP
Hash 80e59995dae7ef972f33162c2d42f943
7cdb9205d82debd31318c92eaef86145dfc09cb6
a25a792f3debbf1520d4f72371e3f148cabbdda1b76f36af0cb639ba445152de
GET /get/1872197?zoneid=1872197&pid=_cb-1872197_7&jp=_clt7mv868togtl2p160nkm&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=7990290937880613 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: UID=2209130934a572849deb3f4e8e963b186c96
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/solid.gif?z=1881613&abvar=0
200 OK 43 B URL HTTP/2 2qj7mq3w4uxe.com/solid.gif?z=1881613&abvar=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1881613&abvar=0 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_6
200 OK 47 kB URL HTTP/2 akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_6
IP
Hash dfdc8b9acf03f40331be4cae6675e1de
a939ea6109654ce00724a8e164130ddae0c758fc
2d102793de90a9b279680eec55d3ff4f56384d7873bc07cb848d24eabb769449
GET /lv/esnk/1872197/code.js?pid=_cb-1872197_6 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1e740"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_9
200 OK 47 kB URL HTTP/2 akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_9
IP
Hash a334adb0d045400556ed7e0946005c84
c9e02aa3db8a996edb1d616a9883864bdaa0bd68
adbf43b54dd63fe5d2dec3356c36deed73ddfe153152531c0cf07165338c41ba
GET /lv/esnk/1872197/code.js?pid=_cb-1872197_9 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1e740"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/solid.gif?z=1881613&abvar=0
200 OK 43 B URL HTTP/2 2qj7mq3w4uxe.com/solid.gif?z=1881613&abvar=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1881613&abvar=0 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/solid.gif?z=1881613&abvar=0
200 OK 43 B URL HTTP/2 2qj7mq3w4uxe.com/solid.gif?z=1881613&abvar=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1881613&abvar=0 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_8
200 OK 48 kB URL HTTP/2 akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_8
IP
Hash 6f661b708c90385a67a21a861b4ab5ed
1e32de6f791113214b72fbce385e222318712455
04271c9efeaf6d8bd79b35a80b3b1dae42f9c67a66ff8e1de725168e58fd99dd
GET /lv/esnk/1872197/code.js?pid=_cb-1872197_8 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1e740"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.bncloudfl.com/bn/29a/3a1/a7a/29a3a1a7aeef1bd0afeeef8efd0153cb1bcc3c03.jpg
200 OK 29 kB URL HTTP/2 cdn.bncloudfl.com/bn/29a/3a1/a7a/29a3a1a7aeef1bd0afeeef8efd0153cb1bcc3c03.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Hash cf52c3d752482626fa3c015f1cd22f85
f79bf0ca99d4ba1f5fc4818f58b466ec2330ed28
e323992227f04fa6c50efcac28dc6d377351cddc33a0013b7675dff4153e5ada
GET /bn/29a/3a1/a7a/29a3a1a7aeef1bd0afeeef8efd0153cb1bcc3c03.jpg HTTP/1.1
Host: cdn.bncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: image/jpeg
content-length: 29234
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=432000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=31637, status=webp_bigger
etag: 3cd93e51b543bdca8d688d32f582895f
expires: Wed, 14 Sep 2022 21:34:01 GMT
last-modified: Wed, 17 Nov 2021 14:56:48 GMT
x-openstack-request-id: tx4ca664767b9b4034ae95d-0061b095bd
x-proxy-cache: HIT
x-timestamp: 1637161007.65278
x-trans-id: tx4ca664767b9b4034ae95d-0061b095bd
cf-cache-status: HIT
age: 61254
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 74a19b3e8a18b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/solid.gif?z=1881613&abvar=0
200 OK 43 B URL HTTP/2 2qj7mq3w4uxe.com/solid.gif?z=1881613&abvar=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1881613&abvar=0 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/solid.gif?z=1881613&abvar=0
200 OK 43 B URL HTTP/2 2qj7mq3w4uxe.com/solid.gif?z=1881613&abvar=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1881613&abvar=0 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_12
200 OK 47 kB URL HTTP/2 akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_12
IP
Hash 722f5ecb5cf0f1567eda4faa9d409b2d
273ed53f96fa107fa9a52acf00913cde953bafdd
a25020b8b52cfdbf9571eb891b402d110dccfedd97110ee35e21cda8ae779656
GET /lv/esnk/1872197/code.js?pid=_cb-1872197_12 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1e740"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_clj17uz14baku6be29lvna&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=3768166287304415
200 OK 100 B URL HTTP/2 2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_clj17uz14baku6be29lvna&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=3768166287304415
IP
Hash 1edf4e18257b5a6b03aa2f6bbba37e0c
44182c9aaacc2561e3f32a8edcebbe4bcdfa1191
4a2e9f57b51da7ea3174200d627fe72b486e13672b957fe33e0800a24f1f4069
GET /get/1881613?zoneid=1881613&jp=_clj17uz14baku6be29lvna&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=3768166287304415 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=220913093414402667887b45a1a60b2b57b5; Path=/; Expires=Wed, 13 Sep 2023 14:34:55 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_clpghvezn583uhivn4tk6a&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2642266380497622
200 OK 100 B URL HTTP/2 2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_clpghvezn583uhivn4tk6a&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2642266380497622
IP
Hash 1edf4e18257b5a6b03aa2f6bbba37e0c
44182c9aaacc2561e3f32a8edcebbe4bcdfa1191
4a2e9f57b51da7ea3174200d627fe72b486e13672b957fe33e0800a24f1f4069
GET /get/1881613?zoneid=1881613&jp=_clpghvezn583uhivn4tk6a&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2642266380497622 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: UID=2209130934d7ad10d1d16e4fd48594eed010
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_clkq1vjvgb66uwl4b557rx&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2360791403783330
200 OK 157 B URL HTTP/2 2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_clkq1vjvgb66uwl4b557rx&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2360791403783330
IP
Hash 65e2e9feaa0ca2323c5256768654fc40
c4da468c6e92aff7592c8c654f4254699615669d
bd7f63d5e256516d3b60d8c0c4ae5c41a6a136a2d0becf7b8db1c0517caf508f
GET /get/1881613?zoneid=1881613&jp=_clkq1vjvgb66uwl4b557rx&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2360791403783330 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2209130934cfc921706e4943a7b5333a269c; Path=/; Expires=Wed, 13 Sep 2023 14:34:55 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_clhv95azh473vral08z2g9&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=671941543509076
200 OK 100 B URL HTTP/2 2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_clhv95azh473vral08z2g9&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=671941543509076
IP
Hash 1edf4e18257b5a6b03aa2f6bbba37e0c
44182c9aaacc2561e3f32a8edcebbe4bcdfa1191
4a2e9f57b51da7ea3174200d627fe72b486e13672b957fe33e0800a24f1f4069
GET /get/1881613?zoneid=1881613&jp=_clhv95azh473vral08z2g9&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=671941543509076 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: UID=2209130934d7ad10d1d16e4fd48594eed010
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-1.jpg
200 OK 60 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash 7cf636124286c2f01d2ec774511c3c3a
fde5a05d8ad63eccf5454d1b2fad8e06d9a0d2b7
493a2038a0f1c7c7d216865c53e137bd3733743b8112f7b02afe530f896c47a0
GET /digital/video/1nhdta00710/1nhdta00710jp-1.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: image/jpeg
content-length: 60068
last-modified: Tue, 11 Aug 2015 05:16:29 GMT
etag: "55c9852d-eaa4"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=ygb0XWMglQ4PbhFHcq2FAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_cl8w8xk4240z7zn3zj2aib&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=953416520232627
200 OK 100 B URL HTTP/2 2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_cl8w8xk4240z7zn3zj2aib&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=953416520232627
IP
Hash 1edf4e18257b5a6b03aa2f6bbba37e0c
44182c9aaacc2561e3f32a8edcebbe4bcdfa1191
4a2e9f57b51da7ea3174200d627fe72b486e13672b957fe33e0800a24f1f4069
GET /get/1881613?zoneid=1881613&jp=_cl8w8xk4240z7zn3zj2aib&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=953416520232627 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: UID=2209130934d7ad10d1d16e4fd48594eed010
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/chicken.gif?z=1872197&pid=_cb-1872197_8&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=6KGnf5DIkdC-ahVvdFXun_GtMOyzciKpQlK1y5pR-YvlR1JF9cL3q8jskrpC8hlfVOiB9regRB-qGOdlxvyRG1o4HqTTNsg20q216EZgInUiSd7vlEtu-vtL6ue1xPf5yOwDZWV79BJlbECpUqum_08MxKevgWFttnV91KPkEo2HXJ1LLot8GMAzYTuSK41EE2zSMqlHHfvPOjTB8x_acneBnn1edV0ma8B5HPVVicO-7TvduZogEkVpvmvmK1GB7YpfCJ1teFdIu5wc6PfKm1AxnNVT2spRQsyTfrFwBJ46BFpcK5OMxbuwsIHdRKHjA0uJlCMa25Mrr2ya5c6Zwzv2P2VfRYWhfAzUPXYemZ0cOTb5sDaVPTcQjQVvQp5qlpTBjy5IoLOkbFFkRj6TMY8NLj5aUCoX6GPerNUS1ZC59-u29QQ_J6hijydwypyYvuEH9u_3hP9FjPCOXSpOuEB54KZMXe9jcJqjKnlhOCWGqn85N3gqXnTZljz0VyqPxHm4KVhfsM4TV8COZGnlvEhqxIdkc4jNVaP6no2zIKCJmOUdzV-DZ6yMNIFvkPkE8b4MRq8lDY85cQGAF1JIUEbjqUeKAsY7eXfaf8nKEJsk5O_qjH7SVJYjM04zj902xmGkFZuEVJUFr6fZElfXQbIECviCSCJtMNZDFqnKqw==&abvar=0&os=0
200 OK 66 kB URL HTTP/2 akmxts.com/chicken.gif?z=1872197&pid=_cb-1872197_8&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=6KGnf5DIkdC-ahVvdFXun_GtMOyzciKpQlK1y5pR-YvlR1JF9cL3q8jskrpC8hlfVOiB9regRB-qGOdlxvyRG1o4HqTTNsg20q216EZgInUiSd7vlEtu-vtL6ue1xPf5yOwDZWV79BJlbECpUqum_08MxKevgWFttnV91KPkEo2HXJ1LLot8GMAzYTuSK41EE2zSMqlHHfvPOjTB8x_acneBnn1edV0ma8B5HPVVicO-7TvduZogEkVpvmvmK1GB7YpfCJ1teFdIu5wc6PfKm1AxnNVT2spRQsyTfrFwBJ46BFpcK5OMxbuwsIHdRKHjA0uJlCMa25Mrr2ya5c6Zwzv2P2VfRYWhfAzUPXYemZ0cOTb5sDaVPTcQjQVvQp5qlpTBjy5IoLOkbFFkRj6TMY8NLj5aUCoX6GPerNUS1ZC59-u29QQ_J6hijydwypyYvuEH9u_3hP9FjPCOXSpOuEB54KZMXe9jcJqjKnlhOCWGqn85N3gqXnTZljz0VyqPxHm4KVhfsM4TV8COZGnlvEhqxIdkc4jNVaP6no2zIKCJmOUdzV-DZ6yMNIFvkPkE8b4MRq8lDY85cQGAF1JIUEbjqUeKAsY7eXfaf8nKEJsk5O_qjH7SVJYjM04zj902xmGkFZuEVJUFr6fZElfXQbIECviCSCJtMNZDFqnKqw==&abvar=0&os=0
IP
Hash dbe31cf14c12c09befa9bd034ecfe173
2908da8e668cbc3a03954a5ab40f949a751173b1
5fd10b78c7e8166a8b907fd32a23cfd9b519dbe29595e2bc2c201369b359e053
GET /chicken.gif?z=1872197&pid=_cb-1872197_8&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=6KGnf5DIkdC-ahVvdFXun_GtMOyzciKpQlK1y5pR-YvlR1JF9cL3q8jskrpC8hlfVOiB9regRB-qGOdlxvyRG1o4HqTTNsg20q216EZgInUiSd7vlEtu-vtL6ue1xPf5yOwDZWV79BJlbECpUqum_08MxKevgWFttnV91KPkEo2HXJ1LLot8GMAzYTuSK41EE2zSMqlHHfvPOjTB8x_acneBnn1edV0ma8B5HPVVicO-7TvduZogEkVpvmvmK1GB7YpfCJ1teFdIu5wc6PfKm1AxnNVT2spRQsyTfrFwBJ46BFpcK5OMxbuwsIHdRKHjA0uJlCMa25Mrr2ya5c6Zwzv2P2VfRYWhfAzUPXYemZ0cOTb5sDaVPTcQjQVvQp5qlpTBjy5IoLOkbFFkRj6TMY8NLj5aUCoX6GPerNUS1ZC59-u29QQ_J6hijydwypyYvuEH9u_3hP9FjPCOXSpOuEB54KZMXe9jcJqjKnlhOCWGqn85N3gqXnTZljz0VyqPxHm4KVhfsM4TV8COZGnlvEhqxIdkc4jNVaP6no2zIKCJmOUdzV-DZ6yMNIFvkPkE8b4MRq8lDY85cQGAF1JIUEbjqUeKAsY7eXfaf8nKEJsk5O_qjH7SVJYjM04zj902xmGkFZuEVJUFr6fZElfXQbIECviCSCJtMNZDFqnKqw==&abvar=0&os=0 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2209130934a572849deb3f4e8e963b186c96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ABsllgAAAAAAAAAB; Path=/; Expires=Thu, 13 Oct 2022 14:34:55 GMT; Secure; SameSite=None
OACIBLOCK=ABsllgAAAABjIA5Q; Path=/; Expires=Thu, 13 Oct 2022 14:34:55 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Wed, 14 Sep 2022 14:34:55 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_clm939jfyng2r9aau4fjqn&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=5457016147599041
200 OK 100 B URL HTTP/2 2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_clm939jfyng2r9aau4fjqn&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=5457016147599041
IP
Hash 1edf4e18257b5a6b03aa2f6bbba37e0c
44182c9aaacc2561e3f32a8edcebbe4bcdfa1191
4a2e9f57b51da7ea3174200d627fe72b486e13672b957fe33e0800a24f1f4069
GET /get/1881613?zoneid=1881613&jp=_clm939jfyng2r9aau4fjqn&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=5457016147599041 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: UID=2209130934cfc921706e4943a7b5333a269c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/aas/r45d/vki/1881613/105dadc5.js
200 OK 30 kB URL HTTP/2 2qj7mq3w4uxe.com/aas/r45d/vki/1881613/105dadc5.js
IP
Hash da50aae314606d5b579b26f83659009b
b4e76054b7e70c51e9a0e8d8961142047ffe1ecc
18e68bb06a341fe4e1a0664774c15fd667383bdbbbebbb3c9bd887c8ee2b41e0
GET /aas/r45d/vki/1881613/105dadc5.js HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1091a"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_cl6ffy2nxmby5ufml24th7&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=1516366473648303
200 OK 157 B URL HTTP/2 2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_cl6ffy2nxmby5ufml24th7&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=1516366473648303
IP
Hash 65e2e9feaa0ca2323c5256768654fc40
c4da468c6e92aff7592c8c654f4254699615669d
bd7f63d5e256516d3b60d8c0c4ae5c41a6a136a2d0becf7b8db1c0517caf508f
GET /get/1881613?zoneid=1881613&jp=_cl6ffy2nxmby5ufml24th7&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=1516366473648303 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2209130934d7ad10d1d16e4fd48594eed010; Path=/; Expires=Wed, 13 Sep 2023 14:34:55 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/chicken.gif?z=1872197&pid=_cb-1872197_11&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=Y2FvzkUyfsp1g2gsj0PVe07MLd2tx-NzhnbirQ29nZNEA7d5SKOI-Z_rjuPlDUI8bSJoH9cIwbKN6cLgfkQxcX6ln4LlxMc7-zuT5AE6kqkoOdN62RxID45v0CwxtMQYj6qsZz5DKZwYuMSq6t5OZv5H3VZsPYl2vMRWML_sW7AawPAnxnt5Ujp_Sa-gVToKzFYbznzL574dGzcBSfHad3KX6rQswOqD2n-iYriIcdhkXdcchO7GAmtC7oQSuWsMRqvo8pSp6OLhTbLrjWc4HyYrmKF-GCzNE9wRrs0fDBVxlzvC4K_VQTBgq6g9uH514Vpxjbpxy0imPFq78vB4sNgWYDFETCpaE0X9_0Dpf1ymd6EiugHNKqy2CXr-AAt5ZPj6JqqO8kiEE_m4TS2vAxsJvjs3YAbFxXZQ4BczRsy3ZNyUQbvXbfBVzMH_YbQjKwLYU_2kv17qNM79ypPtzS9J_25KoICX63oRBHySe0iIuBNxAw2gbK9Ij00lcG-y_TUhHH0r7ZwEQEXB7E7IV-qdIglxKiAAiV4vtf4JAklD2o31YuCfpjzGqXRlcSOjyMPlVJAGBfmi73YWjjMlMJ5xQ-tWftdIipaxNC4w-oJ4p8D_7eg7EcfAaqDzpluUNN3QJ-OKuTJpDQWydeuYVQvDmOrKT_1KN8bPs7h3Pg==&abvar=0&os=0
200 OK 43 B URL HTTP/2 akmxts.com/chicken.gif?z=1872197&pid=_cb-1872197_11&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=Y2FvzkUyfsp1g2gsj0PVe07MLd2tx-NzhnbirQ29nZNEA7d5SKOI-Z_rjuPlDUI8bSJoH9cIwbKN6cLgfkQxcX6ln4LlxMc7-zuT5AE6kqkoOdN62RxID45v0CwxtMQYj6qsZz5DKZwYuMSq6t5OZv5H3VZsPYl2vMRWML_sW7AawPAnxnt5Ujp_Sa-gVToKzFYbznzL574dGzcBSfHad3KX6rQswOqD2n-iYriIcdhkXdcchO7GAmtC7oQSuWsMRqvo8pSp6OLhTbLrjWc4HyYrmKF-GCzNE9wRrs0fDBVxlzvC4K_VQTBgq6g9uH514Vpxjbpxy0imPFq78vB4sNgWYDFETCpaE0X9_0Dpf1ymd6EiugHNKqy2CXr-AAt5ZPj6JqqO8kiEE_m4TS2vAxsJvjs3YAbFxXZQ4BczRsy3ZNyUQbvXbfBVzMH_YbQjKwLYU_2kv17qNM79ypPtzS9J_25KoICX63oRBHySe0iIuBNxAw2gbK9Ij00lcG-y_TUhHH0r7ZwEQEXB7E7IV-qdIglxKiAAiV4vtf4JAklD2o31YuCfpjzGqXRlcSOjyMPlVJAGBfmi73YWjjMlMJ5xQ-tWftdIipaxNC4w-oJ4p8D_7eg7EcfAaqDzpluUNN3QJ-OKuTJpDQWydeuYVQvDmOrKT_1KN8bPs7h3Pg==&abvar=0&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1872197&pid=_cb-1872197_11&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=Y2FvzkUyfsp1g2gsj0PVe07MLd2tx-NzhnbirQ29nZNEA7d5SKOI-Z_rjuPlDUI8bSJoH9cIwbKN6cLgfkQxcX6ln4LlxMc7-zuT5AE6kqkoOdN62RxID45v0CwxtMQYj6qsZz5DKZwYuMSq6t5OZv5H3VZsPYl2vMRWML_sW7AawPAnxnt5Ujp_Sa-gVToKzFYbznzL574dGzcBSfHad3KX6rQswOqD2n-iYriIcdhkXdcchO7GAmtC7oQSuWsMRqvo8pSp6OLhTbLrjWc4HyYrmKF-GCzNE9wRrs0fDBVxlzvC4K_VQTBgq6g9uH514Vpxjbpxy0imPFq78vB4sNgWYDFETCpaE0X9_0Dpf1ymd6EiugHNKqy2CXr-AAt5ZPj6JqqO8kiEE_m4TS2vAxsJvjs3YAbFxXZQ4BczRsy3ZNyUQbvXbfBVzMH_YbQjKwLYU_2kv17qNM79ypPtzS9J_25KoICX63oRBHySe0iIuBNxAw2gbK9Ij00lcG-y_TUhHH0r7ZwEQEXB7E7IV-qdIglxKiAAiV4vtf4JAklD2o31YuCfpjzGqXRlcSOjyMPlVJAGBfmi73YWjjMlMJ5xQ-tWftdIipaxNC4w-oJ4p8D_7eg7EcfAaqDzpluUNN3QJ-OKuTJpDQWydeuYVQvDmOrKT_1KN8bPs7h3Pg==&abvar=0&os=0 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2209130934a572849deb3f4e8e963b186c96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ABsllgAAAAAAAAAB; Path=/; Expires=Thu, 13 Oct 2022 14:34:55 GMT; Secure; SameSite=None
OACIBLOCK=ABsllgAAAABjIA5Q; Path=/; Expires=Thu, 13 Oct 2022 14:34:55 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Wed, 14 Sep 2022 14:34:55 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_14
200 OK 47 kB URL HTTP/2 akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_14
IP
Hash ede888589b12dc40f0b26286dca90150
ab12340ced1934be91989aaae5b27f167028f8bf
2fe2a9432f14302fcf2728f87a22785c41f64149874dd18de19969ef066d291a
GET /lv/esnk/1872197/code.js?pid=_cb-1872197_14 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1e740"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
akmxts.com/chicken.gif?z=1872197&pid=_cb-1872197_12&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=kMzEjg_RCFf7XAUEHZJMkgANuSOIjjDahAaiFaHhilsTPvDCqeF3eEFB5UreSUZaArqFK8_KPq4uVVkTx9-ALsQDXP-vR2xjjk7kafsk4qod7qAHNq_xtRl9LP3fS43_cjqLA5alIoIiyJsIxYJaj23lYsAeNhfnbgeLH6S0URl-5H6INxOq93J_F1M5s7F3rzSSQRDg-XV3kzVlhoOCLVpuNWanQ5d_qARJT3WhhEqPTVLKHFr23ocA97KyGYz2zkXStIki6D4Xfoa_0PJmHjFhDyVMd6VFpWbiPctqGPFrpANsApcxpRCgG4G-CidDJHtDOiVA1mltr0UywKoltN7Jc3X-iKtnIviUa-L9lzWRHaPrB-Ob3B4U2DZCDJHjA8CLQKAL5jkSBq_kjOkvyKyxSqYQZkDZqOsbr0UvUJNnU7ext1LOWU5uCRQBUKA6wGOebkfdetjJIyQtJbZe7ptKqOYlyt9xQWg4URfrzGGM3IzvPILJ0_D6OBRb8x3n25acQJVEt1cNDhSOhoha3hm8odHYIei-S4IrN8RBAzObENbLgN-5rre_hRCEc1LSgbUp9oN7m3bCqgYATh4HByQVumxZfylS2LrZPaownnU0SOwyez4UUUxu6eJj96KzQwURjPyfAsusUDICs-amoGzMkOh_8vj1hzM72NGs1g==&abvar=0&os=0
200 OK 43 B URL HTTP/2 akmxts.com/chicken.gif?z=1872197&pid=_cb-1872197_12&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=kMzEjg_RCFf7XAUEHZJMkgANuSOIjjDahAaiFaHhilsTPvDCqeF3eEFB5UreSUZaArqFK8_KPq4uVVkTx9-ALsQDXP-vR2xjjk7kafsk4qod7qAHNq_xtRl9LP3fS43_cjqLA5alIoIiyJsIxYJaj23lYsAeNhfnbgeLH6S0URl-5H6INxOq93J_F1M5s7F3rzSSQRDg-XV3kzVlhoOCLVpuNWanQ5d_qARJT3WhhEqPTVLKHFr23ocA97KyGYz2zkXStIki6D4Xfoa_0PJmHjFhDyVMd6VFpWbiPctqGPFrpANsApcxpRCgG4G-CidDJHtDOiVA1mltr0UywKoltN7Jc3X-iKtnIviUa-L9lzWRHaPrB-Ob3B4U2DZCDJHjA8CLQKAL5jkSBq_kjOkvyKyxSqYQZkDZqOsbr0UvUJNnU7ext1LOWU5uCRQBUKA6wGOebkfdetjJIyQtJbZe7ptKqOYlyt9xQWg4URfrzGGM3IzvPILJ0_D6OBRb8x3n25acQJVEt1cNDhSOhoha3hm8odHYIei-S4IrN8RBAzObENbLgN-5rre_hRCEc1LSgbUp9oN7m3bCqgYATh4HByQVumxZfylS2LrZPaownnU0SOwyez4UUUxu6eJj96KzQwURjPyfAsusUDICs-amoGzMkOh_8vj1hzM72NGs1g==&abvar=0&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1872197&pid=_cb-1872197_12&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=kMzEjg_RCFf7XAUEHZJMkgANuSOIjjDahAaiFaHhilsTPvDCqeF3eEFB5UreSUZaArqFK8_KPq4uVVkTx9-ALsQDXP-vR2xjjk7kafsk4qod7qAHNq_xtRl9LP3fS43_cjqLA5alIoIiyJsIxYJaj23lYsAeNhfnbgeLH6S0URl-5H6INxOq93J_F1M5s7F3rzSSQRDg-XV3kzVlhoOCLVpuNWanQ5d_qARJT3WhhEqPTVLKHFr23ocA97KyGYz2zkXStIki6D4Xfoa_0PJmHjFhDyVMd6VFpWbiPctqGPFrpANsApcxpRCgG4G-CidDJHtDOiVA1mltr0UywKoltN7Jc3X-iKtnIviUa-L9lzWRHaPrB-Ob3B4U2DZCDJHjA8CLQKAL5jkSBq_kjOkvyKyxSqYQZkDZqOsbr0UvUJNnU7ext1LOWU5uCRQBUKA6wGOebkfdetjJIyQtJbZe7ptKqOYlyt9xQWg4URfrzGGM3IzvPILJ0_D6OBRb8x3n25acQJVEt1cNDhSOhoha3hm8odHYIei-S4IrN8RBAzObENbLgN-5rre_hRCEc1LSgbUp9oN7m3bCqgYATh4HByQVumxZfylS2LrZPaownnU0SOwyez4UUUxu6eJj96KzQwURjPyfAsusUDICs-amoGzMkOh_8vj1hzM72NGs1g==&abvar=0&os=0 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2209130934a572849deb3f4e8e963b186c96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ABsllgAAAAAAAAAB; Path=/; Expires=Thu, 13 Oct 2022 14:34:55 GMT; Secure; SameSite=None
OACIBLOCK=ABsllgAAAABjIA5Q; Path=/; Expires=Thu, 13 Oct 2022 14:34:55 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Wed, 14 Sep 2022 14:34:55 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/chicken.gif?z=1872197&pid=_cb-1872197_14&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=eKkp0qL4EsQomQ1mVS5xmvUJjSr91kbrux4Jplm3uOCdibTtdsCTGrJBHC_A-99anY0_Z3pjqpMaP08nPRVMYmt1OrpuldGGHChdokewxNCeJ1z1v4eME4_wHcsz0tXzmHsj4FD617sGtPDT9P7hWpkYDUHpWbGwaXbwpHE0Imbg5zv8IA_3kK5iAyyW697sNvA5wUsiVqtgSggb0xkCNZHNUcDkfOGisN4BzlEAFhH8zeWZ-T87oCCs8m6_rJa5Clz2nuu9VRQsxluVQ6pNdOA9Bq2xzUgmDrWRBYE2LVaIOaQjMGFjeQRvGWlz-vz-n8qzEb6FLcXBqaA4EF22fKsaTz8wkIAq--NdRej-gmI5lbHedhKFf9zURDAx3X1xGBKnCQzEpUeL1cT4pxkp-Znt-2aq8-oGJ7Y22aOgWaKe0UhopJY3X0CoOqh44KOukkpPV69ADStBQOomO08CRmAOy_VzC0b0D8voJqjahdOKO6K6xwr1XhDnn7mzqenfALNrDjR_syUm4qdK6nanH03by_oII4sg-8PNBWrS1XpCXXq4PN73QoHyyn5gFcIMpwlLddkxLmLyVVYBVZCMDTGaO-ro_EEI4jLqnAKAHCgq2J1O7Ia6ezIZgZFbS5cctE7dEgbGqi2thsfIigHQiRHduNgx2QiTeE7HIAJ-sw==&abvar=0&os=0
200 OK 43 B URL HTTP/2 akmxts.com/chicken.gif?z=1872197&pid=_cb-1872197_14&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=eKkp0qL4EsQomQ1mVS5xmvUJjSr91kbrux4Jplm3uOCdibTtdsCTGrJBHC_A-99anY0_Z3pjqpMaP08nPRVMYmt1OrpuldGGHChdokewxNCeJ1z1v4eME4_wHcsz0tXzmHsj4FD617sGtPDT9P7hWpkYDUHpWbGwaXbwpHE0Imbg5zv8IA_3kK5iAyyW697sNvA5wUsiVqtgSggb0xkCNZHNUcDkfOGisN4BzlEAFhH8zeWZ-T87oCCs8m6_rJa5Clz2nuu9VRQsxluVQ6pNdOA9Bq2xzUgmDrWRBYE2LVaIOaQjMGFjeQRvGWlz-vz-n8qzEb6FLcXBqaA4EF22fKsaTz8wkIAq--NdRej-gmI5lbHedhKFf9zURDAx3X1xGBKnCQzEpUeL1cT4pxkp-Znt-2aq8-oGJ7Y22aOgWaKe0UhopJY3X0CoOqh44KOukkpPV69ADStBQOomO08CRmAOy_VzC0b0D8voJqjahdOKO6K6xwr1XhDnn7mzqenfALNrDjR_syUm4qdK6nanH03by_oII4sg-8PNBWrS1XpCXXq4PN73QoHyyn5gFcIMpwlLddkxLmLyVVYBVZCMDTGaO-ro_EEI4jLqnAKAHCgq2J1O7Ia6ezIZgZFbS5cctE7dEgbGqi2thsfIigHQiRHduNgx2QiTeE7HIAJ-sw==&abvar=0&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1872197&pid=_cb-1872197_14&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=eKkp0qL4EsQomQ1mVS5xmvUJjSr91kbrux4Jplm3uOCdibTtdsCTGrJBHC_A-99anY0_Z3pjqpMaP08nPRVMYmt1OrpuldGGHChdokewxNCeJ1z1v4eME4_wHcsz0tXzmHsj4FD617sGtPDT9P7hWpkYDUHpWbGwaXbwpHE0Imbg5zv8IA_3kK5iAyyW697sNvA5wUsiVqtgSggb0xkCNZHNUcDkfOGisN4BzlEAFhH8zeWZ-T87oCCs8m6_rJa5Clz2nuu9VRQsxluVQ6pNdOA9Bq2xzUgmDrWRBYE2LVaIOaQjMGFjeQRvGWlz-vz-n8qzEb6FLcXBqaA4EF22fKsaTz8wkIAq--NdRej-gmI5lbHedhKFf9zURDAx3X1xGBKnCQzEpUeL1cT4pxkp-Znt-2aq8-oGJ7Y22aOgWaKe0UhopJY3X0CoOqh44KOukkpPV69ADStBQOomO08CRmAOy_VzC0b0D8voJqjahdOKO6K6xwr1XhDnn7mzqenfALNrDjR_syUm4qdK6nanH03by_oII4sg-8PNBWrS1XpCXXq4PN73QoHyyn5gFcIMpwlLddkxLmLyVVYBVZCMDTGaO-ro_EEI4jLqnAKAHCgq2J1O7Ia6ezIZgZFbS5cctE7dEgbGqi2thsfIigHQiRHduNgx2QiTeE7HIAJ-sw==&abvar=0&os=0 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2209130934a572849deb3f4e8e963b186c96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ABsllgAAAAAAAAAB; Path=/; Expires=Thu, 13 Oct 2022 14:34:55 GMT; Secure; SameSite=None
OACIBLOCK=ABsllgAAAABjIA5Q; Path=/; Expires=Thu, 13 Oct 2022 14:34:55 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Wed, 14 Sep 2022 14:34:55 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/chicken.gif?z=1872197&pid=_cb-1872197_2&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=eUhX4YpofiGWFTUgmIYptAJn6PCsEt-WE-04xpWqzWuAwAoHPMMGzHGCsAoXm3wRYKqr1UcXId24lobkzXJ2yDVcjWElg9CBDvsYTTfX90Iyv0vPxhi6mZvwOtDDoirEsEyIPBRZyKZevwc1NviZPsG_Q1Faf-PZh5UNqULe5W0LdtMe4YlVroUeCND0W9PxfjJpowSnsEV4Pd3TxPu8NCEMOaZ7oAjrFoanhFCBr46jGxkl_G6B4p9LiF5UNMEha7pBu6KNCjbn3wzpfsr2D4AxKFCQCxtgICxFZVZN2wpBe9XxU4DpBajU4hDVt5OZm4v85t6_QdU2YaEo5shis6knc61XChWfJOGdNa4t-MyVpRZCZTaWtHCMjT43UvAUTHH8xKWXFYRbBYtlnRkuctt3NUegn4yDgDr1uMexYNsHgv91X73qjT1VZXn3qdtIAC9OSF7TvFg3TzZsusUozO7Fhp5ba-A0giZHaPjcM1EiZk2wFC-xdL6e6JXdb9s1bYYuBy60CkB_Y_0_YkVeUQZ_FjuaUMkW5cK7T-0R07vaH6hyeykcXh4HRQgDNWQiOl-aUei_Zj--V5t2gzcB049fa0PReSNzFPwZJSHD3Ag6uS1gJnt-A5MU1KkJbZQjgTrGKai4w0Iat_DDBP1B2O454Okqw9n29M4zZgJbZQ==&abvar=25&os=0
200 OK 43 B URL HTTP/2 akmxts.com/chicken.gif?z=1872197&pid=_cb-1872197_2&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=eUhX4YpofiGWFTUgmIYptAJn6PCsEt-WE-04xpWqzWuAwAoHPMMGzHGCsAoXm3wRYKqr1UcXId24lobkzXJ2yDVcjWElg9CBDvsYTTfX90Iyv0vPxhi6mZvwOtDDoirEsEyIPBRZyKZevwc1NviZPsG_Q1Faf-PZh5UNqULe5W0LdtMe4YlVroUeCND0W9PxfjJpowSnsEV4Pd3TxPu8NCEMOaZ7oAjrFoanhFCBr46jGxkl_G6B4p9LiF5UNMEha7pBu6KNCjbn3wzpfsr2D4AxKFCQCxtgICxFZVZN2wpBe9XxU4DpBajU4hDVt5OZm4v85t6_QdU2YaEo5shis6knc61XChWfJOGdNa4t-MyVpRZCZTaWtHCMjT43UvAUTHH8xKWXFYRbBYtlnRkuctt3NUegn4yDgDr1uMexYNsHgv91X73qjT1VZXn3qdtIAC9OSF7TvFg3TzZsusUozO7Fhp5ba-A0giZHaPjcM1EiZk2wFC-xdL6e6JXdb9s1bYYuBy60CkB_Y_0_YkVeUQZ_FjuaUMkW5cK7T-0R07vaH6hyeykcXh4HRQgDNWQiOl-aUei_Zj--V5t2gzcB049fa0PReSNzFPwZJSHD3Ag6uS1gJnt-A5MU1KkJbZQjgTrGKai4w0Iat_DDBP1B2O454Okqw9n29M4zZgJbZQ==&abvar=25&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1872197&pid=_cb-1872197_2&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=eUhX4YpofiGWFTUgmIYptAJn6PCsEt-WE-04xpWqzWuAwAoHPMMGzHGCsAoXm3wRYKqr1UcXId24lobkzXJ2yDVcjWElg9CBDvsYTTfX90Iyv0vPxhi6mZvwOtDDoirEsEyIPBRZyKZevwc1NviZPsG_Q1Faf-PZh5UNqULe5W0LdtMe4YlVroUeCND0W9PxfjJpowSnsEV4Pd3TxPu8NCEMOaZ7oAjrFoanhFCBr46jGxkl_G6B4p9LiF5UNMEha7pBu6KNCjbn3wzpfsr2D4AxKFCQCxtgICxFZVZN2wpBe9XxU4DpBajU4hDVt5OZm4v85t6_QdU2YaEo5shis6knc61XChWfJOGdNa4t-MyVpRZCZTaWtHCMjT43UvAUTHH8xKWXFYRbBYtlnRkuctt3NUegn4yDgDr1uMexYNsHgv91X73qjT1VZXn3qdtIAC9OSF7TvFg3TzZsusUozO7Fhp5ba-A0giZHaPjcM1EiZk2wFC-xdL6e6JXdb9s1bYYuBy60CkB_Y_0_YkVeUQZ_FjuaUMkW5cK7T-0R07vaH6hyeykcXh4HRQgDNWQiOl-aUei_Zj--V5t2gzcB049fa0PReSNzFPwZJSHD3Ag6uS1gJnt-A5MU1KkJbZQjgTrGKai4w0Iat_DDBP1B2O454Okqw9n29M4zZgJbZQ==&abvar=25&os=0 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2209130934a572849deb3f4e8e963b186c96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ABsllgAAAAAAAAAB; Path=/; Expires=Thu, 13 Oct 2022 14:34:55 GMT; Secure; SameSite=None
OACIBLOCK=ABsllgAAAABjIA5Q; Path=/; Expires=Thu, 13 Oct 2022 14:34:55 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Wed, 14 Sep 2022 14:34:55 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/chicken.gif?z=1872197&pid=_cb-1872197_15&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=U-l7FBaqEzUJ0hGllqJdISqijCwv3GpKC8Ci8CuGX053my1qFiYlKGIDHpeTtR-PbqEAUi75fKzm9i5MFee68OpZ4W49aJqg-PqpuFkU1h7U_jqWNaiuSeMp2EyWuM2vvZWsO8LEsL1wfuE9zDeSrtGNPtlwCuXhhSvIJM7IO78W3-93b4mZClVGfIvf3sFNBkwPnswFDAzAg124psDnVRrc66wllh7MhfDHfnkCVDcdGBy0OxUXxYHWrueCoKv2uDsuTHW_lFOV49YMn4w2XtnnIUs-b8xZtbeFwzMtkUfIXf925R3MtC4zh_lF44WDoGpDMr18IAC8UefnvZdrmfcS5PSHRou9pPcJwnoSqTtNFHiOZ3TiYKlmuiKiN6XFZihmqJZlp8XdpByreZ4_usJpJCKNWAVlrlJiwGq8OhFEb3C0uq6LTrNp3ln6juDWzhDLxDtfjpTGRB3VpcyNON2k5yrg00D-oK831yFrq6u-KjX5IWu65xuO8Ksd2tzZ6g4DDvnoS0oMo033pgQg7cyUc1HXff5b9Pgu6pNSF42uQTz5Muy5Hla7bKdEFlsZgOSnaXaZ2g0k55hSj1IHpQcWFOLhdFeelEmwCwYx-L845TThAiC_70S5mzlivNSvEA5WGUYyAQQGzo9dP6zVFol2n1KN3J5Dc1co1u71GA==&abvar=0&os=0
200 OK 43 B URL HTTP/2 akmxts.com/chicken.gif?z=1872197&pid=_cb-1872197_15&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=U-l7FBaqEzUJ0hGllqJdISqijCwv3GpKC8Ci8CuGX053my1qFiYlKGIDHpeTtR-PbqEAUi75fKzm9i5MFee68OpZ4W49aJqg-PqpuFkU1h7U_jqWNaiuSeMp2EyWuM2vvZWsO8LEsL1wfuE9zDeSrtGNPtlwCuXhhSvIJM7IO78W3-93b4mZClVGfIvf3sFNBkwPnswFDAzAg124psDnVRrc66wllh7MhfDHfnkCVDcdGBy0OxUXxYHWrueCoKv2uDsuTHW_lFOV49YMn4w2XtnnIUs-b8xZtbeFwzMtkUfIXf925R3MtC4zh_lF44WDoGpDMr18IAC8UefnvZdrmfcS5PSHRou9pPcJwnoSqTtNFHiOZ3TiYKlmuiKiN6XFZihmqJZlp8XdpByreZ4_usJpJCKNWAVlrlJiwGq8OhFEb3C0uq6LTrNp3ln6juDWzhDLxDtfjpTGRB3VpcyNON2k5yrg00D-oK831yFrq6u-KjX5IWu65xuO8Ksd2tzZ6g4DDvnoS0oMo033pgQg7cyUc1HXff5b9Pgu6pNSF42uQTz5Muy5Hla7bKdEFlsZgOSnaXaZ2g0k55hSj1IHpQcWFOLhdFeelEmwCwYx-L845TThAiC_70S5mzlivNSvEA5WGUYyAQQGzo9dP6zVFol2n1KN3J5Dc1co1u71GA==&abvar=0&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1872197&pid=_cb-1872197_15&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=U-l7FBaqEzUJ0hGllqJdISqijCwv3GpKC8Ci8CuGX053my1qFiYlKGIDHpeTtR-PbqEAUi75fKzm9i5MFee68OpZ4W49aJqg-PqpuFkU1h7U_jqWNaiuSeMp2EyWuM2vvZWsO8LEsL1wfuE9zDeSrtGNPtlwCuXhhSvIJM7IO78W3-93b4mZClVGfIvf3sFNBkwPnswFDAzAg124psDnVRrc66wllh7MhfDHfnkCVDcdGBy0OxUXxYHWrueCoKv2uDsuTHW_lFOV49YMn4w2XtnnIUs-b8xZtbeFwzMtkUfIXf925R3MtC4zh_lF44WDoGpDMr18IAC8UefnvZdrmfcS5PSHRou9pPcJwnoSqTtNFHiOZ3TiYKlmuiKiN6XFZihmqJZlp8XdpByreZ4_usJpJCKNWAVlrlJiwGq8OhFEb3C0uq6LTrNp3ln6juDWzhDLxDtfjpTGRB3VpcyNON2k5yrg00D-oK831yFrq6u-KjX5IWu65xuO8Ksd2tzZ6g4DDvnoS0oMo033pgQg7cyUc1HXff5b9Pgu6pNSF42uQTz5Muy5Hla7bKdEFlsZgOSnaXaZ2g0k55hSj1IHpQcWFOLhdFeelEmwCwYx-L845TThAiC_70S5mzlivNSvEA5WGUYyAQQGzo9dP6zVFol2n1KN3J5Dc1co1u71GA==&abvar=0&os=0 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2209130934a572849deb3f4e8e963b186c96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ABsllgAAAAAAAAAB; Path=/; Expires=Thu, 13 Oct 2022 14:34:55 GMT; Secure; SameSite=None
OACIBLOCK=ABsllgAAAABjIA5Q; Path=/; Expires=Thu, 13 Oct 2022 14:34:55 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Wed, 14 Sep 2022 14:34:55 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/chicken.gif?z=1872197&pid=_cb-1872197_0&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=hXKusGHskmfgKvg-wtFCTb9bKQEOEKiDk09fnk8kcTJ1v7fAOplp0VVfIXSdGt7fDMagPFhNwcqarn9xgWmfg478rdQK1LX5WijEhpNOdIL4SvWbIGHU4mggG4Wq2sVY1DKt1Eh8AtkI9KSqBy90DS9L9XKwOoGWYsgMB8oStfbqq22E2MdLhohkQt_kQ7DMoFLwV7fKoC7AHz1SaUsymBI38o7WsGPdrCkZH2MU5FbPYqRfO7Gn00COYvybmLAdoolXjlLSrZ1A7qbZUVI-6ZhLFBbzcAH__kIosqpAPoq9xGF0-bZjmDnbYgcx_B4azdMxUSEHQAXYqaogx0R_DW4PrXOWIfak2IWmFNAXkZsT8yTUyDg0x2wSfWhbN_AiFx3DMawWzwlOg1fpVoHK4k4ZGOJ50Oj6Jd40Aw67QRDr8G0kBiG-pI2VRMgQo_anv23gVHqsKvailgXXbirKqQL1e4JyYRn0qnVuNSkc2soHDgf8J6v-Z4uLy9osnrkKArSXu5t5bPsknROfkys_NzsYMjRxajctYK3eISw0NJwiDWy9gAp0EZZmIIIlSvP8Xj2E9F2dCdUEMGjDtyYM0-aaG_6kNyW8r5yxqnsJpq8hrCWaOVVgHdHdZWgBOWQEfgHAue3VJ-KGhp9QVXThspbxSMrLQWVVulHBZ4cQ6Q==&abvar=0&os=0
200 OK 43 B URL HTTP/2 akmxts.com/chicken.gif?z=1872197&pid=_cb-1872197_0&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=hXKusGHskmfgKvg-wtFCTb9bKQEOEKiDk09fnk8kcTJ1v7fAOplp0VVfIXSdGt7fDMagPFhNwcqarn9xgWmfg478rdQK1LX5WijEhpNOdIL4SvWbIGHU4mggG4Wq2sVY1DKt1Eh8AtkI9KSqBy90DS9L9XKwOoGWYsgMB8oStfbqq22E2MdLhohkQt_kQ7DMoFLwV7fKoC7AHz1SaUsymBI38o7WsGPdrCkZH2MU5FbPYqRfO7Gn00COYvybmLAdoolXjlLSrZ1A7qbZUVI-6ZhLFBbzcAH__kIosqpAPoq9xGF0-bZjmDnbYgcx_B4azdMxUSEHQAXYqaogx0R_DW4PrXOWIfak2IWmFNAXkZsT8yTUyDg0x2wSfWhbN_AiFx3DMawWzwlOg1fpVoHK4k4ZGOJ50Oj6Jd40Aw67QRDr8G0kBiG-pI2VRMgQo_anv23gVHqsKvailgXXbirKqQL1e4JyYRn0qnVuNSkc2soHDgf8J6v-Z4uLy9osnrkKArSXu5t5bPsknROfkys_NzsYMjRxajctYK3eISw0NJwiDWy9gAp0EZZmIIIlSvP8Xj2E9F2dCdUEMGjDtyYM0-aaG_6kNyW8r5yxqnsJpq8hrCWaOVVgHdHdZWgBOWQEfgHAue3VJ-KGhp9QVXThspbxSMrLQWVVulHBZ4cQ6Q==&abvar=0&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1872197&pid=_cb-1872197_0&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=hXKusGHskmfgKvg-wtFCTb9bKQEOEKiDk09fnk8kcTJ1v7fAOplp0VVfIXSdGt7fDMagPFhNwcqarn9xgWmfg478rdQK1LX5WijEhpNOdIL4SvWbIGHU4mggG4Wq2sVY1DKt1Eh8AtkI9KSqBy90DS9L9XKwOoGWYsgMB8oStfbqq22E2MdLhohkQt_kQ7DMoFLwV7fKoC7AHz1SaUsymBI38o7WsGPdrCkZH2MU5FbPYqRfO7Gn00COYvybmLAdoolXjlLSrZ1A7qbZUVI-6ZhLFBbzcAH__kIosqpAPoq9xGF0-bZjmDnbYgcx_B4azdMxUSEHQAXYqaogx0R_DW4PrXOWIfak2IWmFNAXkZsT8yTUyDg0x2wSfWhbN_AiFx3DMawWzwlOg1fpVoHK4k4ZGOJ50Oj6Jd40Aw67QRDr8G0kBiG-pI2VRMgQo_anv23gVHqsKvailgXXbirKqQL1e4JyYRn0qnVuNSkc2soHDgf8J6v-Z4uLy9osnrkKArSXu5t5bPsknROfkys_NzsYMjRxajctYK3eISw0NJwiDWy9gAp0EZZmIIIlSvP8Xj2E9F2dCdUEMGjDtyYM0-aaG_6kNyW8r5yxqnsJpq8hrCWaOVVgHdHdZWgBOWQEfgHAue3VJ-KGhp9QVXThspbxSMrLQWVVulHBZ4cQ6Q==&abvar=0&os=0 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2209130934a572849deb3f4e8e963b186c96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ABsllgAAAAAAAAAB; Path=/; Expires=Thu, 13 Oct 2022 14:34:55 GMT; Secure; SameSite=None
OACIBLOCK=ABsllgAAAABjIA5Q; Path=/; Expires=Thu, 13 Oct 2022 14:34:55 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Wed, 14 Sep 2022 14:34:55 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/chicken.gif?z=1872197&pid=_cb-1872197_1&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=Cbi_nn3sM5WXdnv7D20mKEv2cjZ7USc61CvcKNfJZmgCpVE1iAmH9LX-6FgrvKmZrqflGr-ikoPOdm4CU1IyFbAZDnR_CZUhOzRTJ5Jt1UrSAQ0U73gYM5-iapHkDpizGxwvTGKaRu2I1gcmAemCeAvRr6ZIgqA7tRePRXmHVZCFmS36gfWFfH2NltM51fpIJmcW22uN9UA660-N67FUZi0bacagCJVZv3METQv0UXvqkXCpsKlD89-C91dMstci4JOPvdCrwdsJ5xS9TlnSLyXpy0weVS0rf0pgaXCgDK5fOK_xndrtrpPe7u-yyAWp8ySXgwlyDeBJst5TipVBoFwXE8V8HcxYuQ68oUnCjy8yZ43NkSv2vNSR99Kuh3h7p0SMoNlVXbPaom2DfRs6EZ5UyYqopjqAAzysPEK5HQ-jY4E_1sxQbQiBrJ0s9-14E_Zcif_o50oiQLZF5f7ir2FOfIpSi0o3ioZ8jeGE99h0JROfGtJtLvF_pN8PpCkRb1Cef2kv71SYLh3ySzoSki9EPQT0bGwbGEkqIr9_5qTa7wW8WaIeICcING1OWj4mbmDcxHMsS1CIDY1pRI7vHqwHT9HY1nnjX_BkEL3GaO27Jhv-xvw1uYZzzw91sYTGHju1KzL98DmeeNGs9XBsj1hqYq9A9lFqDI2JALgrrA==&abvar=26&os=0
200 OK 43 B URL HTTP/2 akmxts.com/chicken.gif?z=1872197&pid=_cb-1872197_1&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=Cbi_nn3sM5WXdnv7D20mKEv2cjZ7USc61CvcKNfJZmgCpVE1iAmH9LX-6FgrvKmZrqflGr-ikoPOdm4CU1IyFbAZDnR_CZUhOzRTJ5Jt1UrSAQ0U73gYM5-iapHkDpizGxwvTGKaRu2I1gcmAemCeAvRr6ZIgqA7tRePRXmHVZCFmS36gfWFfH2NltM51fpIJmcW22uN9UA660-N67FUZi0bacagCJVZv3METQv0UXvqkXCpsKlD89-C91dMstci4JOPvdCrwdsJ5xS9TlnSLyXpy0weVS0rf0pgaXCgDK5fOK_xndrtrpPe7u-yyAWp8ySXgwlyDeBJst5TipVBoFwXE8V8HcxYuQ68oUnCjy8yZ43NkSv2vNSR99Kuh3h7p0SMoNlVXbPaom2DfRs6EZ5UyYqopjqAAzysPEK5HQ-jY4E_1sxQbQiBrJ0s9-14E_Zcif_o50oiQLZF5f7ir2FOfIpSi0o3ioZ8jeGE99h0JROfGtJtLvF_pN8PpCkRb1Cef2kv71SYLh3ySzoSki9EPQT0bGwbGEkqIr9_5qTa7wW8WaIeICcING1OWj4mbmDcxHMsS1CIDY1pRI7vHqwHT9HY1nnjX_BkEL3GaO27Jhv-xvw1uYZzzw91sYTGHju1KzL98DmeeNGs9XBsj1hqYq9A9lFqDI2JALgrrA==&abvar=26&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1872197&pid=_cb-1872197_1&pb=833e1fe2af77e56a457c5ff574f7c09a1663086894&psp=Cbi_nn3sM5WXdnv7D20mKEv2cjZ7USc61CvcKNfJZmgCpVE1iAmH9LX-6FgrvKmZrqflGr-ikoPOdm4CU1IyFbAZDnR_CZUhOzRTJ5Jt1UrSAQ0U73gYM5-iapHkDpizGxwvTGKaRu2I1gcmAemCeAvRr6ZIgqA7tRePRXmHVZCFmS36gfWFfH2NltM51fpIJmcW22uN9UA660-N67FUZi0bacagCJVZv3METQv0UXvqkXCpsKlD89-C91dMstci4JOPvdCrwdsJ5xS9TlnSLyXpy0weVS0rf0pgaXCgDK5fOK_xndrtrpPe7u-yyAWp8ySXgwlyDeBJst5TipVBoFwXE8V8HcxYuQ68oUnCjy8yZ43NkSv2vNSR99Kuh3h7p0SMoNlVXbPaom2DfRs6EZ5UyYqopjqAAzysPEK5HQ-jY4E_1sxQbQiBrJ0s9-14E_Zcif_o50oiQLZF5f7ir2FOfIpSi0o3ioZ8jeGE99h0JROfGtJtLvF_pN8PpCkRb1Cef2kv71SYLh3ySzoSki9EPQT0bGwbGEkqIr9_5qTa7wW8WaIeICcING1OWj4mbmDcxHMsS1CIDY1pRI7vHqwHT9HY1nnjX_BkEL3GaO27Jhv-xvw1uYZzzw91sYTGHju1KzL98DmeeNGs9XBsj1hqYq9A9lFqDI2JALgrrA==&abvar=26&os=0 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2209130934a572849deb3f4e8e963b186c96
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ABsllgAAAAAAAAAB; Path=/; Expires=Thu, 13 Oct 2022 14:34:55 GMT; Secure; SameSite=None
OACIBLOCK=ABsllgAAAABjIA5Q; Path=/; Expires=Thu, 13 Oct 2022 14:34:55 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Wed, 14 Sep 2022 14:34:55 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8777
Expires: Tue, 13 Sep 2022 17:01:12 GMT
Date: Tue, 13 Sep 2022 14:34:55 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8777
Expires: Tue, 13 Sep 2022 17:01:12 GMT
Date: Tue, 13 Sep 2022 14:34:55 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8777
Expires: Tue, 13 Sep 2022 17:01:12 GMT
Date: Tue, 13 Sep 2022 14:34:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 838f709437b2dfbede4ee15307afe217
2ab2ee20e720b78be6deb55f967ac0d8b7dad048
a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4rpwcrZLDlgcwBtH7wpoHMOb8hhFbKbZSQpjWqUqbt_Sl4ud3dm9Vg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:18 GMT
age: 60757
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9ab2ec10c79b91d15edb1d1e3dc763c
744fee4a0baa22ba3aa352d60620a916972b47dd
f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lZ3FmD1gM8YBgZNt97kuYSol1kj0GQqRjyLT_7715VtH9GR1WpMDxA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:20 GMT
age: 60755
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4acf448-2a96-49a3-8257-7743a38525f5.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4acf448-2a96-49a3-8257-7743a38525f5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae7d16fad4da4300a1953a916fb59688
488c58f73c81bb4d45e496c458fe3197a0884c26
4d4946932d53caad6e97bcc66527bd9cad658c0cf6f4215d01943b8a9e832959
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4acf448-2a96-49a3-8257-7743a38525f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7720
x-amzn-requestid: 7670a969-cb9c-4583-8455-10f7512ee9c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YT9YJG__oAMF4YA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e429a-674ef5a4727826ab0d60529e;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 20:18:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OOCryyfLht-3ebVn-5aWtQI_JnVkWxMGggv07cUoomDlgb5ogru7vg==
via: 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:01:55 GMT
age: 59580
etag: "488c58f73c81bb4d45e496c458fe3197a0884c26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c824a7db30839607b01c7a164f6f6ec
bbab791971056750a46dd6ed9c5d7c8e12ab457e
872262a28a383a9eafd1f453014a3edfde4872160b772874271be6358a47449f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9606
x-amzn-requestid: bf72ce8c-1272-42df-8958-d392210106c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIR7NFh2oAMFXIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631996ad-4646091a428db21e2dce1a61;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:15:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4skZVE5BinFMAJV196j5-qtDez6m26DtU8NZvU6K2VuhFnC7E1zXWw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:56:19 GMT
age: 59916
etag: "bbab791971056750a46dd6ed9c5d7c8e12ab457e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 04:49:30 GMT
age: 35125
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d97e56f75165efcc71ae54952ded405
28d47359e70789115b2954b6c94711bb783b3c8c
564eac2ae99724e5f43aa1ae0afe4dec03697f888f51774e70e1b9c273c2d9d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8764
x-amzn-requestid: 48f44e2c-3d91-46cf-8701-3c5028e0a86d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-gLG4_oAMFn-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184467-46abfc77601bd90f39a2c840;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:12:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tE5GZDktiELwfFRC_IEAqoat6cN7vb_TA17d-zRO6saTLEGRqB94Pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:01:47 GMT
age: 59588
etag: "28d47359e70789115b2954b6c94711bb783b3c8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-2.jpg
200 OK 60 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-2.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash fe9126e718553a5745da1855c8966ce0
2fb3db9b6d2d07dea97c0d77098ecf4ded3cc8ce
4f716205c6959ebbe1efa5193724e1b30c0e654667d05aed29d83f811b38c7fd
GET /digital/video/1nhdta00710/1nhdta00710jp-2.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: image/jpeg
content-length: 60472
last-modified: Tue, 11 Aug 2015 05:16:31 GMT
etag: "55c9852f-ec38"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=ygb0XWMglQ4PbhFHcq2GAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=929853
200 OK 1.6 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=929853
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (351), with CRLF, LF line terminators
Hash 0a6c6d87b9157f083e887b37cbf96645
b717f05eaf9b94ee2052e54c23a95bece16a67fa
2bdec86f27e7995bc90346798a0a4546bac37a589423e77302fd22d38a39ff49
GET /adshow.php?adzone=929853 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 14:34:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=efe3aa591177ff87ed50c37fb439c26e; expires=Wed, 13-Sep-2023 14:34:54 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Fri, 16-Sep-2022 14:34:54 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 16-Sep-2022 14:34:54 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
ocsp.globalsign.com/gseccovsslca2018
200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 64ced829387c2249f9a18f179819ddd9
f7bed8d03d26eb5e825419c45948b19b9588fbe9
998fe15d7982fcf18b06348fd3f177e9cdd36cfea2c4d73a9c82b66f6f0295d9
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 14:34:55 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Sat, 17 Sep 2022 12:26:52 GMT
ETag: "f7bed8d03d26eb5e825419c45948b19b9588fbe9"
Last-Modified: Tue, 13 Sep 2022 12:26:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1558
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a19b4178310b55-OSL
reapinject.com/pixel/pure
204 No Content 0 B URL HTTP/1.1 reapinject.com/pixel/pure
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /pixel/pure HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://javdoe.sh/
Origin: https://javdoe.sh
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.17.6
Date: Tue, 13 Sep 2022 14:34:55 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
reapinject.com/pixel/pure
204 No Content 0 B URL HTTP/1.1 reapinject.com/pixel/pure
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /pixel/pure HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://javdoe.sh/
Origin: https://javdoe.sh
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.17.6
Date: Tue, 13 Sep 2022 14:34:55 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 98b6fb62bf5f09aaa5606590e1290c98
1e62f8b30fb1d9930475d6cdb2fc28a3fc75ce03
4f48702370f07fddd465ae17e3a1f0f36322b004dfda6191e5cf4ec26fb89418
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F48702370F07FDDD465AE17E3A1F0F36322B004DFDA6191E5CF4EC26FB89418"
Last-Modified: Mon, 12 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8542
Expires: Tue, 13 Sep 2022 16:57:17 GMT
Date: Tue, 13 Sep 2022 14:34:55 GMT
Connection: keep-alive
r.trwl1.com/s1/eeb416a0-b627-47d4-b090-5ea400cf4ba0?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=90781&cv4=259972&cv5=929853&cv6=
200 OK 893 B URL HTTP/1.1 r.trwl1.com/s1/eeb416a0-b627-47d4-b090-5ea400cf4ba0?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=90781&cv4=259972&cv5=929853&cv6=
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (697)
Hash edefc15180e664398365f3d6deb234e8
fcb3de1e8582627b84f749b0543f2909de9f5250
fac794e27365d0466a8ee853f6a15c3cb41531dd5abcf76de53a080e70ffe120
GET /s1/eeb416a0-b627-47d4-b090-5ea400cf4ba0?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=90781&cv4=259972&cv5=929853&cv6= HTTP/1.1
Host: r.trwl1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 13 Sep 2022 14:34:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 893
Connection: close
Set-Cookie: uid=3xVqEmDapp; Path=/; Domain=trwl1.com; Expires=Wed, 14 Sep 2022 14:34:55 GMT; HttpOnly
X-Request-Id: bedd9d81-3da2-49f0-9d29-d6d3b1a7940b
r3.o.lencr.org/
200 OK 1.7 kB IP
ASN #20940 Akamai International B.V.
Hash df6d57dc783e4e49daa1a969df77a32e
8ba7cc09b6589a016cb3304aab2bbdad66d8f591
791937488d77bef179153746614b57bd64cb76b17ea0225a83e1162ecb245c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16380371AE5FC51CA985271A1FCCDCD8E203B4AF6134E8FFBE4E957A04180764"
Last-Modified: Sun, 11 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13266
Expires: Tue, 13 Sep 2022 18:16:01 GMT
Date: Tue, 13 Sep 2022 14:34:55 GMT
Connection: keep-alive
akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_13
200 OK 49 kB URL HTTP/2 akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_13
IP
Hash 7c77ca40f093aa6fbe81870d22e31fbb
629ed8c1bc90f61087c5a97b6f4869ae882b7bfe
d28ad6f3dc22b0fe67c072beca2289389605eaa36dba6bc0c8747e765c7d26ee
GET /lv/esnk/1872197/code.js?pid=_cb-1872197_13 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 09:27:43 GMT
vary: Accept-Encoding
etag: W/"6311cc8f-20df9"
x-js-ab1: var27
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (681)
Hash 034d4604beaddff5783b9878fadfaee6
64d5e1e0dbbbd62d6a64349dd964763b7ab4cbea
f8a957ee3468693f465da61d899438a2b674369b80c9d5c9ffff1111a7091290
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playerjavhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 71985
date: Tue, 13 Sep 2022 14:34:55 GMT
access-control-allow-origin: *
etag: "63076de4-11931"
expires: Tue, 13 Sep 2022 15:34:55 GMT
last-modified: Thu, 25 Aug 2022 15:41:08 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-3.jpg
200 OK 61 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-3.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash 73664e49061e557c9d3c17637419c071
8a029d4828864c72266a7b1635bcf579247e7514
75e5949c63e7611e79e88541806410ec4b5d3f294e3fd45ea511b6d8fac55c1f
GET /digital/video/1nhdta00710/1nhdta00710jp-3.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: image/jpeg
content-length: 60662
last-modified: Tue, 11 Aug 2015 05:16:32 GMT
etag: "55c98530-ecf6"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=ygb0XWMglQ4PbhFHcq2HAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
reapinject.com/pixel/pure
200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/pure
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /pixel/pure HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 72
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 13 Sep 2022 14:34:55 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
go.xlrdr.com/i?campaignId=profit1001&creativeId=profit1001&modelsCountry=&modelsLanguage=&sourceId=profit1001&tag=girls/asian&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=1&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&memberId={clickid}&landing=WidgetV4Universal
302 Found 0 B URL HTTP/2 go.xlrdr.com/i?campaignId=profit1001&creativeId=profit1001&modelsCountry=&modelsLanguage=&sourceId=profit1001&tag=girls/asian&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=1&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&memberId={clickid}&landing=WidgetV4Universal
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i?campaignId=profit1001&creativeId=profit1001&modelsCountry=&modelsLanguage=&sourceId=profit1001&tag=girls/asian&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=1&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d&autoplay=all&autoplayForce=1&memberId={clickid}&landing=WidgetV4Universal HTTP/1.1
Host: go.xlrdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trwl1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 13 Sep 2022 14:34:55 GMT
content-length: 0
location: https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=profit1001&creativeId=profit1001&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&modelsCountry=&modelsLanguage=&showButton=1&showLiveBadge=1&showModelName=1&showTitle=1&sound=off&sourceId=profit1001&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d
access-control-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToQvE4FPLng5Mz6amGAT9NT3YTMeDUEoN1fpTiU; SameSite=None; Secure; path=/; expires=Wed, 14-Sep-22 13:34:55 GMT; HttpOnly
server: cloudflare
cf-ray: 74a19b42dc1bb4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 13 Sep 2022 14:34:55 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2da9bec53a4d698092adba39ef8bdd84
Strict-Transport-Security: max-age=0; includeSubdomains
pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-4.jpg
200 OK 56 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-4.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash 07d9d28b59841db9ed73b4358ce3ac21
87881c0368433c210d83972e366cdba020055902
28da02100abbf330e0cbca5c657d053288ccecffbbb4c7ef7438cabe39e67767
GET /digital/video/1nhdta00710/1nhdta00710jp-4.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: image/jpeg
content-length: 56398
last-modified: Tue, 11 Aug 2015 05:16:32 GMT
etag: "55c98530-dc4e"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=ygb0XWMglQ4PbhFHcq2IAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-5.jpg
200 OK 70 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-5.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash 42d30c68161c51592e3aac9f9ce15903
5bd58499f41ce00f4c735387d46dbea8ca620791
444299d790b77363f697942fa879ec0e93e5f12ad561d1b25e12395d7d7c2d4d
GET /digital/video/1nhdta00710/1nhdta00710jp-5.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: image/jpeg
content-length: 69674
last-modified: Tue, 11 Aug 2015 05:16:32 GMT
etag: "55c98530-1102a"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=ygb0XWMglQ4PbhFHcq2JAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
video.ktkjmp.com/adsbygoogle.js
200 OK 4.2 kB URL HTTP/2 video.ktkjmp.com/adsbygoogle.js
IP
Hash a250acb08b1fd45018520d6b1ab0c500
7c8c1e01cfe5e1aafcf4c3ec67a8a80afeb42e31
927ddad091e6147a4c630ea67830db3939fe6e0486b15c77d13676c09adfcdbd
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlrdr.com/
Origin: https://creative.xlrdr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:56 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: Mv8OESzYbOq2FpsmWAckvIIj3q/yG16pw1Jtwf2xyzBL16GREdXn40zTJX9Q4ya3tY4pdVUVHrs=
x-amz-request-id: 74D1Z2NCCYMR758V
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.xlrdr.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 6302
expires: Tue, 13 Sep 2022 18:34:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a19b44cfa9b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
200 OK 137 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
Hash 3d42a4897c0b361837772868532b4cf9
9576787e01e143ab3242fbba406d69ed4c5b277e
3ff5247a1f383f81d396b596b140e851ad85962de4d3aaa1feac4cf9c197a644
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playerjavhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 13 Sep 2022 14:34:56 GMT
access-control-allow-origin: *
etag: "63076e51-2b"
expires: Tue, 13 Sep 2022 15:34:56 GMT
accept-ranges: bytes
last-modified: Thu, 25 Aug 2022 15:42:57 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/88698312/1
200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/88698312/1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/88698312/1 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://playerjavhd.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 13 Sep 2022 14:34:56 GMT
pragma: no-cache
expires: Tue, 13-Sep-2022 14:34:56 GMT
x-xss-protection: 1; mode=block
last-modified: Tue, 13-Sep-2022 14:34:56 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_claws1qoeyluwtc4qsb53c&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=6301441077688366
200 OK 476 B URL HTTP/2 2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_claws1qoeyluwtc4qsb53c&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=6301441077688366
IP
Hash a58e55feca28366cbddb1d416fc7f186
64042731b71dbfe5097ae8e81cb61ef74f72fe78
863829ff527d3d67b642ca539e68e8779f776dcd601ad577d3e71f7ac8b86b61
GET /get/1881613?zoneid=1881613&jp=_claws1qoeyluwtc4qsb53c&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=6301441077688366 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: UID=2209130934d7ad10d1d16e4fd48594eed010
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
sleazyparliamentarybikini.com/sbar.json?key=19d79fa5948c69463cfd0e4c039deabb
200 OK 4.0 kB URL HTTP/1.1 sleazyparliamentarybikini.com/sbar.json?key=19d79fa5948c69463cfd0e4c039deabb
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5953), with no line terminators
Hash 64bb75da1d232d6103f29a3d4350988d
75b876716057ec3cc5500b2a0d37df59de42b09e
bc538027e07a3339449ca7779f9b5d218723dabd421798a038d739cd757c44b1
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=19d79fa5948c69463cfd0e4c039deabb HTTP/1.1
Host: sleazyparliamentarybikini.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 13 Sep 2022 14:34:56 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://javdoe.sh
Access-Control-Allow-Origin: https://javdoe.sh
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15859131; expires=Wed, 14 Sep 2022 14:34:56 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 14 Sep 2022 14:34:56 GMT; secure; SameSite=None
uncs=1; expires=Wed, 14 Sep 2022 14:34:56 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 14 Sep 2022 14:34:56 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 14 Sep 2022 14:34:56 GMT; secure; SameSite=None
slec19d79fa5948c69463cfd0e4c039deabb=[3520334]; expires=Tue, 13 Sep 2022 14:35:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a262bf47454a3c6555b9cedae71a4b85
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-6.jpg
200 OK 68 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-6.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash 995ece8f39e63b47b2383f6c01724228
e7390c241a94a2a992ba4b01fe19259acdb9d612
b8eab7187e2ed118f605c14f1f4ffe829ac816dd934de9ed3a15a6599331eb20
GET /digital/video/1nhdta00710/1nhdta00710jp-6.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: image/jpeg
content-length: 68244
last-modified: Tue, 11 Aug 2015 05:16:33 GMT
etag: "55c98531-10a94"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=ygb0XWMglQ4PbhFHcq2KAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1663079102/86981682
200 OK 21 kB URL HTTP/2 img.strpst.com/thumbs/1663079102/86981682
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash eb01e4d3dc43ddca730b09c79e4b084d
62683cd056a91b4d7a14eeaffcd342038ff30634
4bc496790283d0151f2e7f7f13182c39467a810414582e7c58e6ca300dd210a6
GET /thumbs/1663079102/86981682 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:56 GMT
content-type: image/jpeg
content-length: 21356
cf-bgj: imgq:100,h2pri
cf-polished: origSize=21939, status=webp_bigger
etag: "58d1ef94975a365d0fcaa64212c8f9b2"
last-modified: Tue, 13 Sep 2022 14:25:41 GMT
cf-cache-status: HIT
age: 488
expires: Tue, 13 Sep 2022 14:39:56 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a19b469d1db503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1663079101/87923970
200 OK 21 kB URL HTTP/2 img.strpst.com/thumbs/1663079101/87923970
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Hash e50af955929000af1dd3b05e010235aa
e632974eb33d277fe3bea511da9e18382a3aaadd
3adc853f86405e986737a1788843a0dc4ab58c73f1f98b008e83d1c24a7c4dd2
GET /thumbs/1663079101/87923970 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:56 GMT
content-type: image/jpeg
content-length: 21196
cf-bgj: imgq:100,h2pri
cf-polished: origSize=22170, status=webp_bigger
etag: "58fee4a44be2d025c4b1aa67ec32cced"
last-modified: Tue, 13 Sep 2022 14:25:42 GMT
cf-cache-status: HIT
age: 228
expires: Tue, 13 Sep 2022 14:39:56 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a19b469d24b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
thumb.fvs.io/asset/userdata/198861/poster/p/xg/pxg0eum2zeqmd48.png?v=1661869508
200 OK 197 kB URL HTTP/2 thumb.fvs.io/asset/userdata/198861/poster/p/xg/pxg0eum2zeqmd48.png?v=1661869508
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x536, components 3\012- data
Size 197 kB (196964 bytes)
Hash 3e39731bc2e9d5f6cb5b857dd651d605
846d22882e87f531e6147fd9b707e9e9a1786040
b073e365f055347dd3fe1706577aa2caa10532d8a9f5a39a82b02c5b241f10e0
GET /asset/userdata/198861/poster/p/xg/pxg0eum2zeqmd48.png?v=1661869508 HTTP/1.1
Host: thumb.fvs.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://playerjavhd.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:56 GMT
content-type: image/png
content-length: 196964
last-modified: Tue, 30 Aug 2022 14:25:08 GMT
etag: "630e1dc4-30164"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a19b432d5f1bfe-OSL
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
200 OK 23 kB URL HTTP/2 creepingbrings.com/sfp.js
IP
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 506828123879d0cbbb3d138cafea056e
08be5a3473ece8248e5487b1cd93872193d0bb90
266395cf35ed60ba56c82aabd7289bd2db57a57939b5c6eeef63c7abf10399d1
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 0dc8dedbee3c0ba13dc9da891fce8220
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 13 Sep 2022 14:34:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wrmoP73ByPGpQG0K%2BSJxtqOodif89UEH%2F%2FE7EQexaCedzHMAR4wahOt2zJeGdQriI%2FCElZLpsUm50%2B5%2BTrkqsCN34aiOXj6Z94%2Bo9h5mcL9r1uXZo%2FuG5fcxgFdsIOMgTY%2BO0w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a19b390afbe620-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-7.jpg
200 OK 60 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-7.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash 3b8ca5f313c9876a854c4e078472ef4a
502fa5ddde36bda35fdd94c6f15e8c689512d565
95f132d1c941dcde7c37344d2863a288a61d7fbd62be95c01bf428427d04ab9c
GET /digital/video/1nhdta00710/1nhdta00710jp-7.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: image/jpeg
content-length: 59703
last-modified: Tue, 11 Aug 2015 05:16:33 GMT
etag: "55c98531-e937"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=ygb0XWMglQ4PbhFHcq2LAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-8.jpg
200 OK 61 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-8.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash 929f247042c8f09e9609c962e6ef6094
7ce1e8416d95d80fec4f19166d3595b25b0bb849
df03da9ab39853587e076021e2d3e2d081d407a61828b3b35a8605141054c368
GET /digital/video/1nhdta00710/1nhdta00710jp-8.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: image/jpeg
content-length: 60792
last-modified: Tue, 11 Aug 2015 05:16:33 GMT
etag: "55c98531-ed78"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=ygb0XWMglQ4PbhFHcq2cAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 1.6 kB IP
ASN #20940 Akamai International B.V.
Hash 08a82234a894f52e14a096b6544d3b26
d587d3ac45700e8ee368853d87de880f96625cd3
622148eb5aab2ec7c79f61d4a542444f17081735a3e27ef03e160636607b5cc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61B3A9E35540544087489993AC1A95C0B9C43C2DB2C9ECDF5953B57B79268909"
Last-Modified: Mon, 12 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14684
Expires: Tue, 13 Sep 2022 18:39:40 GMT
Date: Tue, 13 Sep 2022 14:34:56 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 172647e6d49f4c9371eed4810f281b75
641fb454b48c22e4dcf47bd3d7c6f4f81228e9cb
6c77330a2c7a5c75c626c74c73e6bfc85f2f9f0ef969fc22c67d58988cf7dd87
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6C77330A2C7A5C75C626C74C73E6BFC85F2F9F0EF969FC22C67D58988CF7DD87"
Last-Modified: Mon, 12 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11079
Expires: Tue, 13 Sep 2022 17:39:35 GMT
Date: Tue, 13 Sep 2022 14:34:56 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 172647e6d49f4c9371eed4810f281b75
641fb454b48c22e4dcf47bd3d7c6f4f81228e9cb
6c77330a2c7a5c75c626c74c73e6bfc85f2f9f0ef969fc22c67d58988cf7dd87
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6C77330A2C7A5C75C626C74C73E6BFC85F2F9F0EF969FC22C67D58988CF7DD87"
Last-Modified: Mon, 12 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11079
Expires: Tue, 13 Sep 2022 17:39:35 GMT
Date: Tue, 13 Sep 2022 14:34:56 GMT
Connection: keep-alive
pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-9.jpg
200 OK 65 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-9.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash 493e56b6221d8a44e540889356ff90a3
dd6328e09c0777b0643d3bd41f29bc2e4a949665
2e13c9fedf9f68498a623b0f2ef281a99002fd0f6ccc7c08fbc44ee6dd6db24b
GET /digital/video/1nhdta00710/1nhdta00710jp-9.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: image/jpeg
content-length: 64978
last-modified: Tue, 11 Aug 2015 05:16:33 GMT
etag: "55c98531-fdd2"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=ygb0XWMglQ4PbhFHcq3MAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-10.jpg
200 OK 60 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710jp-10.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash 6f0e8769e3ace6b766b71ac3f16efd0f
119c6685e8cfc54e65e0acf1fff1fc67386c58ae
be7d2ed578dbe762a3c46511e43dcef13d7f85761e0301aa79b31ccb7031082f
GET /digital/video/1nhdta00710/1nhdta00710jp-10.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: image/jpeg
content-length: 60134
last-modified: Tue, 11 Aug 2015 05:16:29 GMT
etag: "55c9852d-eae6"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=ygb0XWMglQ4PbhFHcq3NAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49788082?wmode=7&page-url=https%3A%2F%2Fplayerjavhd.com%2Fv%2Fpxg0eum2zeqmd48&page-ref=https%3A%2F%2Fjavdoe.sh%2F&charset=utf-8&site-info=%7B%22owner%22%3A%22198861%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1166%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A543793706544%3Ahid%3A283504502%3Az%3A0%3Ai%3A20220913143442%3Aet%3A1663079683%3Arn%3A368134332%3Arqn%3A1%3Au%3A1663079683512032634%3Aw%3A880x495%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1663079681150%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C753%2C0%2C%2C%2C%2C1139%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663079683%3At%3AVideo%20Cloned%20video%20eFIsvyYABTs%20from%20Openload%20(cloned)&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
302 Found 78 kB URL HTTP/2 mc.yandex.ru/watch/49788082?wmode=7&page-url=https%3A%2F%2Fplayerjavhd.com%2Fv%2Fpxg0eum2zeqmd48&page-ref=https%3A%2F%2Fjavdoe.sh%2F&charset=utf-8&site-info=%7B%22owner%22%3A%22198861%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1166%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A543793706544%3Ahid%3A283504502%3Az%3A0%3Ai%3A20220913143442%3Aet%3A1663079683%3Arn%3A368134332%3Arqn%3A1%3Au%3A1663079683512032634%3Aw%3A880x495%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1663079681150%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C753%2C0%2C%2C%2C%2C1139%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663079683%3At%3AVideo%20Cloned%20video%20eFIsvyYABTs%20from%20Openload%20(cloned)&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP
Hash c1e81535d71451206fe9db9f0f0281c4
f7320cfae2c297969e4935248c80d892eb81abf8
a4e4b742652f5635d7412414f4ac58236ab6a12fd25b088455d2d6d0fa3ece3a
GET /watch/49788082?wmode=7&page-url=https%3A%2F%2Fplayerjavhd.com%2Fv%2Fpxg0eum2zeqmd48&page-ref=https%3A%2F%2Fjavdoe.sh%2F&charset=utf-8&site-info=%7B%22owner%22%3A%22198861%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1166%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A543793706544%3Ahid%3A283504502%3Az%3A0%3Ai%3A20220913143442%3Aet%3A1663079683%3Arn%3A368134332%3Arqn%3A1%3Au%3A1663079683512032634%3Aw%3A880x495%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1663079681150%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C753%2C0%2C%2C%2C%2C1139%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663079683%3At%3AVideo%20Cloned%20video%20eFIsvyYABTs%20from%20Openload%20(cloned)&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playerjavhd.com
Connection: keep-alive
Referer: https://playerjavhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/49788082/1?wmode=7&page-url=https%3A%2F%2Fplayerjavhd.com%2Fv%2Fpxg0eum2zeqmd48&page-ref=https%3A%2F%2Fjavdoe.sh%2F&charset=utf-8&site-info=%7B%22owner%22%3A%22198861%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1166%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A543793706544%3Ahid%3A283504502%3Az%3A0%3Ai%3A20220913143442%3Aet%3A1663079683%3Arn%3A368134332%3Arqn%3A1%3Au%3A1663079683512032634%3Aw%3A880x495%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1663079681150%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C753%2C0%2C%2C%2C%2C1139%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663079683%3At%3AVideo%20Cloned%20video%20eFIsvyYABTs%20from%20Openload%20%28cloned%29&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Tue, 13 Sep 2022 14:34:56 GMT
access-control-allow-origin: https://playerjavhd.com
set-cookie: yandexuid=3116373741663079696; Expires=Wed, 13-Sep-2023 14:34:56 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3116373741663079696; Expires=Wed, 13-Sep-2023 14:34:56 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2669851961663079696; Path=/; SameSite=None; Secure
i=kBLO31w15qfTP9ulgELhHZ79jaJ6ooGWtaNVg0R63ehBwROiou6CydFp3mtp2rX56ocT+pgf5qClELIspi3kMYGQNGE=; Expires=Fri, 10-Sep-2032 14:34:55 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694615696.yrts.1663079696#1694615696.yrtsi.1663079696; Expires=Wed, 13-Sep-2023 14:34:56 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 13-Sep-2022 14:34:56 GMT
last-modified: Tue, 13-Sep-2022 14:34:56 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 2.0 kB IP
ASN #20940 Akamai International B.V.
Hash 92930e9e42f19b0452a21237e2e1a747
a1a2b96f18fcade078a2f065725c9ae40ec3785f
b04a435102ed1d3302f2e1f5e01f7952c6ea132a78e23443b23048cf9ff815b2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6C77330A2C7A5C75C626C74C73E6BFC85F2F9F0EF969FC22C67D58988CF7DD87"
Last-Modified: Mon, 12 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11079
Expires: Tue, 13 Sep 2022 17:39:35 GMT
Date: Tue, 13 Sep 2022 14:34:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 09ba627272befd0f5ff19db41767b0c4
e262f240ad6e9c4036a1469b5e1d8b9552806ec0
d5c2c3f9401d006b7e078d210c9760789889abd6d6fca60072e6c57f18c82fa6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5C2C3F9401D006B7E078D210C9760789889ABD6D6FCA60072E6C57F18C82FA6"
Last-Modified: Mon, 12 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10616
Expires: Tue, 13 Sep 2022 17:31:52 GMT
Date: Tue, 13 Sep 2022 14:34:56 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/a3/5e/dd/a35eddb8fcac26f73d0c87873d6db11e/1658144724.jpg
200 OK 17 kB URL HTTP/2 cdn.cloudimagesb.com/si/a3/5e/dd/a35eddb8fcac26f73d0c87873d6db11e/1658144724.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 809ffd9e1f1ac876ab9fd0dea65e9e3a
4ac08c834e987fffe8659e65ddca741c0c4ca76c
a4a3b8a6d269923e312691d560f9522a3c57e5b4f350e0cb20a5ff1b654ea2b6
GET /si/a3/5e/dd/a35eddb8fcac26f73d0c87873d6db11e/1658144724.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:57 GMT
content-type: image/jpeg
content-length: 16863
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:45:32 GMT
etag: "62d547dc-41df"
expires: Thu, 15 Sep 2022 14:34:57 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710pl.jpg
200 OK 197 kB URL HTTP/2 pics.dmm.co.jp/digital/video/1nhdta00710/1nhdta00710pl.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x536, components 3\012- data
Size 197 kB (196964 bytes)
Hash 3e39731bc2e9d5f6cb5b857dd651d605
846d22882e87f531e6147fd9b707e9e9a1786040
b073e365f055347dd3fe1706577aa2caa10532d8a9f5a39a82b02c5b241f10e0
GET /digital/video/1nhdta00710/1nhdta00710pl.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: image/jpeg
content-length: 196964
last-modified: Wed, 05 Aug 2015 07:13:14 GMT
etag: "55c1b78a-30164"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=ygb0XWMglQ4PbhFHcq3OAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-4f9d8c433d6f0bfa/_ate.track.config_resp
200 OK 995 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-4f9d8c433d6f0bfa/_ate.track.config_resp
IP
File type ASCII text, with very long lines (735)
Hash 36b798fb468aa52019e03d4c552b81ac
f65f3af61337977a926c62a5b7734c8d2ebe5c5a
07682df88579487029512dcca1b41be360d76d81a7cf5de1f4202a390ecce210
GET /live/boost/ra-4f9d8c433d6f0bfa/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 335
etag: 547718925--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=41, s-maxage=86400
date: Tue, 13 Sep 2022 14:34:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/style.css
200 OK 2.4 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/style.css
IP
Hash 62b652944365870bd919ca3c846e764f
9978736e63cb76e66a7eb2ae6abdce039b14246f
a1c060e44bba9f2ee2f632cc07b55e75e95ffd913447b77c5b8c4979c5fb501b
GET /sb/ssp/utility/social-media/whatsapp/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:57 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:30:40 GMT
etag: W/"6128daf0-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gh0vpXEXrXyhOliETFrKIdpTptzhCBwTWhZMIRhoeYgCuvxIrDMG1X58ilSTz3jx7jCqB81qcdzveaEFi%2FmuTqDgdaReTLmP3Hm8qGjVSMcFTmT2By1kyqq555oOFuontcY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a19b491bb3b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 13 Sep 2022 12:41:12 GMT
expires: Tue, 13 Sep 2022 14:41:12 GMT
cache-control: public, max-age=7200
age: 6825
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash ac1b5db6377f89a6d7f517c571b8ddba
87205f72f7338d717dd2966119ecb6aae22d5835
9164225c4ffa9eded3fd96fd8403249cf67e2047354fc245fb349216565d00a2
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77691
date: Tue, 13 Sep 2022 14:34:57 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/counter.d27508c102582d608697.js
200 OK 8.3 kB URL HTTP/2 s7.addthis.com/static/counter.d27508c102582d608697.js
IP
File type ASCII text, with very long lines (24530), with no line terminators
Hash 47fcfb824ad738c29e3195451d5c755e
8a955f27a30f4a8c9cde94567c041040e3c60d61
1508b4ae159e51231031ce58f3a5c31aca11a438f4ea3c12ea3581bbc97f4305
GET /static/counter.d27508c102582d608697.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5fd2"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 8265
date: Tue, 13 Sep 2022 14:34:57 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
mc.yandex.ru/watch/88698312
302 Found 4.9 kB URL HTTP/2 mc.yandex.ru/watch/88698312
IP
Hash 25caf7fae300e9bdc48f135de5c16e00
e71c152706af811202864fedf42cbe1b8026d7bc
62d7efaa8959ebcfc900d19a7a1744cf00803e95ba77f1c9e5b3ca76aa8b0505
GET /watch/88698312 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playerjavhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/88698312/1
date: Tue, 13 Sep 2022 14:34:55 GMT
set-cookie: yandexuid=5103167061663079695; Expires=Wed, 13-Sep-2023 14:34:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5103167061663079695; Expires=Wed, 13-Sep-2023 14:34:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1257694361663079695; Path=/; SameSite=None; Secure
i=l5WjKmfiGOrsBOoZOA3OVO2gWP/9TFa6ikx3ApInEyYXfHrrlPSqmkPZ+X4+jA9li8u7lDjYoEUWtEpplpc6p5I7tFM=; Expires=Fri, 10-Sep-2032 14:34:54 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694615695.yrts.1663079695#1694615695.yrtsi.1663079695; Expires=Wed, 13-Sep-2023 14:34:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 13-Sep-2022 14:34:55 GMT
last-modified: Tue, 13-Sep-2022 14:34:55 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 500449
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sleazyparliamentarybikini.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fstyle.css&l=6334&fd=344
200 OK 0 B URL HTTP/1.1 sleazyparliamentarybikini.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fstyle.css&l=6334&fd=344
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fstyle.css&l=6334&fd=344 HTTP/1.1
Host: sleazyparliamentarybikini.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: u_pl=15859131; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec19d79fa5948c69463cfd0e4c039deabb=[3520334]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 13 Sep 2022 14:34:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
sleazyparliamentarybikini.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=351
200 OK 0 B URL HTTP/1.1 sleazyparliamentarybikini.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=351
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=351 HTTP/1.1
Host: sleazyparliamentarybikini.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: u_pl=15859131; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec19d79fa5948c69463cfd0e4c039deabb=[3520334]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 13 Sep 2022 14:34:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
sleazyparliamentarybikini.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fanimate.css&l=79245&fd=346
200 OK 0 B URL HTTP/1.1 sleazyparliamentarybikini.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fanimate.css&l=79245&fd=346
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fanimate.css&l=79245&fd=346 HTTP/1.1
Host: sleazyparliamentarybikini.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: u_pl=15859131; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec19d79fa5948c69463cfd0e4c039deabb=[3520334]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 13 Sep 2022 14:34:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
sleazyparliamentarybikini.com/pixel/sbs?c=1
200 OK 0 B URL HTTP/1.1 sleazyparliamentarybikini.com/pixel/sbs?c=1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: sleazyparliamentarybikini.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: u_pl=15859131; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec19d79fa5948c69463cfd0e4c039deabb=[3520334]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 13 Sep 2022 14:34:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
sleazyparliamentarybikini.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSzWskRRjGqze5iJdVIiKozEVYYZl0z%2Fe4SDDGSDAm665fN6mvntSmpqup6o9JTsEFWVBw9uC980yyYXUR96QgBplZ8BAQMp5yMP%2BDCnsTZGYHoy8079v1PAW%2F933rs%2F30nPhI6dnKu2ZXaU0X62W%2FdOXjILhWWldR2iv1Wo1PGrVrJZu91m6U%2FVdLb0u%2BbRYrfuD7gR%2BUVpWVoektTkSo%2BEE7KLf9cq1SDuo19Oz%2F%2F13qwVEPIjsnz0KJ8fwjbwGKDxF1v1uRbjsx8dW3uqmmibHIxNEH0XZk8gjdizK0HsLoaOaGcaerxzDR4RQXJvvXyNSYeL8cg0VHM0iw7GDKyTRkBCaeRp4NIfUQig7BzW0ocUoALrCxiah7b8PYnO48UelEHZP5x39B5WMy%2F%2FsCou63y1r1SjeNThNlIodeWED1hlCdIeJ0hGT3ElQ%2BAk8%2BhRK%2FksXH64i6B5tOGyhRTHtXaggVDqFlH9R5SCef8pCGHtLYQ1eclXgQBE1fcOq32pxXRVOyhvAD2gwDGviNFlI%2Bwesjifvgug9u9xDbPWyru6fqFdj0Z7itAk54cMmYeO%2FtIRMFckmQO4KcEuSKIE8I8qw4FNpVXHFPaJeyYJYrs1wtBibp7NNDk3RkRPbjc%2FLMdDR%2F%2FP0jtuVZKWiLZjuk9XatxRvtWqPKQ%2BHLGverbSEpY3CqgHKXpt3uqjF57ngP8WRdjR%2FA6AhOj8DVZdD0JdB80Kz4oFuDWsvHbnT%2FFs2EkWW3BWEKxMk8kh1vX5%2BTF6YQ9e83IPnJ0qg6DXBbILYFbqlHBB19Z3DD5OTghskdebgZJ6qrdulkdzcTmsi5r9%2BRO7mxYm3F9e%2B%2FwSfCpHzwvnTJOo2EijqOfLOshJB21VguyU9r7iPJrqduazm1URqvX39zda0bW%2BmcMtEQVJ26L8DVmDxFzfRRvvj851B2CJsW6KYnZBZQZgQe78HFF%2FTOzMHqCw%2BLPeRpMbAVdnGo1ZhcWfgQWp4sHb5%2B9WHrzy9BWQEn%2F3Pxot53d9CxL4MmtxF1C2S2QKYLUN2HS%2BcGSWxPln6bATDtDZi23gHTVt99Ml6nzkpVXzSZDGWTyVq9FkouWL3OfB5yVhWtFkfixrz01eV%2FAAAA%2F%2F8BAAD%2F%2F1WYKjNjBAAA
200 OK 7 B URL HTTP/1.1 sleazyparliamentarybikini.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSzWskRRjGqze5iJdVIiKozEVYYZl0z%2Fe4SDDGSDAm665fN6mvntSmpqup6o9JTsEFWVBw9uC980yyYXUR96QgBplZ8BAQMp5yMP%2BDCnsTZGYHoy8079v1PAW%2F933rs%2F30nPhI6dnKu2ZXaU0X62W%2FdOXjILhWWldR2iv1Wo1PGrVrJZu91m6U%2FVdLb0u%2BbRYrfuD7gR%2BUVpWVoektTkSo%2BEE7KLf9cq1SDuo19Oz%2F%2F13qwVEPIjsnz0KJ8fwjbwGKDxF1v1uRbjsx8dW3uqmmibHIxNEH0XZk8gjdizK0HsLoaOaGcaerxzDR4RQXJvvXyNSYeL8cg0VHM0iw7GDKyTRkBCaeRp4NIfUQig7BzW0ocUoALrCxiah7b8PYnO48UelEHZP5x39B5WMy%2F%2FsCou63y1r1SjeNThNlIodeWED1hlCdIeJ0hGT3ElQ%2BAk8%2BhRK%2FksXH64i6B5tOGyhRTHtXaggVDqFlH9R5SCef8pCGHtLYQ1eclXgQBE1fcOq32pxXRVOyhvAD2gwDGviNFlI%2Bwesjifvgug9u9xDbPWyru6fqFdj0Z7itAk54cMmYeO%2FtIRMFckmQO4KcEuSKIE8I8qw4FNpVXHFPaJeyYJYrs1wtBibp7NNDk3RkRPbjc%2FLMdDR%2F%2FP0jtuVZKWiLZjuk9XatxRvtWqPKQ%2BHLGverbSEpY3CqgHKXpt3uqjF57ngP8WRdjR%2FA6AhOj8DVZdD0JdB80Kz4oFuDWsvHbnT%2FFs2EkWW3BWEKxMk8kh1vX5%2BTF6YQ9e83IPnJ0qg6DXBbILYFbqlHBB19Z3DD5OTghskdebgZJ6qrdulkdzcTmsi5r9%2BRO7mxYm3F9e%2B%2FwSfCpHzwvnTJOo2EijqOfLOshJB21VguyU9r7iPJrqduazm1URqvX39zda0bW%2BmcMtEQVJ26L8DVmDxFzfRRvvj851B2CJsW6KYnZBZQZgQe78HFF%2FTOzMHqCw%2BLPeRpMbAVdnGo1ZhcWfgQWp4sHb5%2B9WHrzy9BWQEn%2F3Pxot53d9CxL4MmtxF1C2S2QKYLUN2HS%2BcGSWxPln6bATDtDZi23gHTVt99Ml6nzkpVXzSZDGWTyVq9FkouWL3OfB5yVhWtFkfixrz01eV%2FAAAA%2F%2F8BAAD%2F%2F1WYKjNjBAAA
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSzWskRRjGqze5iJdVIiKozEVYYZl0z%2Fe4SDDGSDAm665fN6mvntSmpqup6o9JTsEFWVBw9uC980yyYXUR96QgBplZ8BAQMp5yMP%2BDCnsTZGYHoy8079v1PAW%2F933rs%2F30nPhI6dnKu2ZXaU0X62W%2FdOXjILhWWldR2iv1Wo1PGrVrJZu91m6U%2FVdLb0u%2BbRYrfuD7gR%2BUVpWVoektTkSo%2BEE7KLf9cq1SDuo19Oz%2F%2F13qwVEPIjsnz0KJ8fwjbwGKDxF1v1uRbjsx8dW3uqmmibHIxNEH0XZk8gjdizK0HsLoaOaGcaerxzDR4RQXJvvXyNSYeL8cg0VHM0iw7GDKyTRkBCaeRp4NIfUQig7BzW0ocUoALrCxiah7b8PYnO48UelEHZP5x39B5WMy%2F%2FsCou63y1r1SjeNThNlIodeWED1hlCdIeJ0hGT3ElQ%2BAk8%2BhRK%2FksXH64i6B5tOGyhRTHtXaggVDqFlH9R5SCef8pCGHtLYQ1eclXgQBE1fcOq32pxXRVOyhvAD2gwDGviNFlI%2Bwesjifvgug9u9xDbPWyru6fqFdj0Z7itAk54cMmYeO%2FtIRMFckmQO4KcEuSKIE8I8qw4FNpVXHFPaJeyYJYrs1wtBibp7NNDk3RkRPbjc%2FLMdDR%2F%2FP0jtuVZKWiLZjuk9XatxRvtWqPKQ%2BHLGverbSEpY3CqgHKXpt3uqjF57ngP8WRdjR%2FA6AhOj8DVZdD0JdB80Kz4oFuDWsvHbnT%2FFs2EkWW3BWEKxMk8kh1vX5%2BTF6YQ9e83IPnJ0qg6DXBbILYFbqlHBB19Z3DD5OTghskdebgZJ6qrdulkdzcTmsi5r9%2BRO7mxYm3F9e%2B%2FwSfCpHzwvnTJOo2EijqOfLOshJB21VguyU9r7iPJrqduazm1URqvX39zda0bW%2BmcMtEQVJ26L8DVmDxFzfRRvvj851B2CJsW6KYnZBZQZgQe78HFF%2FTOzMHqCw%2BLPeRpMbAVdnGo1ZhcWfgQWp4sHb5%2B9WHrzy9BWQEn%2F3Pxot53d9CxL4MmtxF1C2S2QKYLUN2HS%2BcGSWxPln6bATDtDZi23gHTVt99Ml6nzkpVXzSZDGWTyVq9FkouWL3OfB5yVhWtFkfixrz01eV%2FAAAA%2F%2F8BAAD%2F%2F1WYKjNjBAAA HTTP/1.1
Host: sleazyparliamentarybikini.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: u_pl=15859131; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec19d79fa5948c69463cfd0e4c039deabb=[3520334]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 13 Sep 2022 14:34:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 22665a9f8744efc473ddf8b282524419
Strict-Transport-Security: max-age=0; includeSubdomains
api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fjavdoe.sh%2F73091%2Fnhdta-710-studio-natural-high-i-couldn-t-ask-my-mother-to-get-me-off-in-the-hospital-so-i-asked-my%2F&callback=_ate.cbs.sc_httpsjavdoesh73091nhdta710studionaturalhighicouldntaskmymothertogetmeoffinthehospitalsoiaskedmy0
200 OK 126 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fjavdoe.sh%2F73091%2Fnhdta-710-studio-natural-high-i-couldn-t-ask-my-mother-to-get-me-off-in-the-hospital-so-i-asked-my%2F&callback=_ate.cbs.sc_httpsjavdoesh73091nhdta710studionaturalhighicouldntaskmymothertogetmeoffinthehospitalsoiaskedmy0
IP
File type ASCII text, with no line terminators
Hash cd99b2cda1983625805302050cd36eab
57f9327586ab2e596f8d81feed0a3bb0b01a45e3
e5a6cf8128801e250d76e350ae8ea1a7d2174b0644ce04ecff8ef8ba32f66a72
GET /url/shares.json?url=https%3A%2F%2Fjavdoe.sh%2F73091%2Fnhdta-710-studio-natural-high-i-couldn-t-ask-my-mother-to-get-me-off-in-the-hospital-so-i-asked-my%2F&callback=_ate.cbs.sc_httpsjavdoesh73091nhdta710studionaturalhighicouldntaskmymothertogetmeoffinthehospitalsoiaskedmy0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: javdoe.sh/73091/nhdta-710-studio-natural-high-i-couldn-t-ask-my-mother-to-get-me-off-in-the-hospital-so-i-asked-my/
last-modified: Tue, 13 Sep 2022 14:34:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 126
date: Tue, 13 Sep 2022 14:34:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 4dc60a2b6cac919de8b2fad5e124f296
c531ec2061395b1182e5cc158312f5811529d004
ff23c90d42446501764f532a23f41e6f1173e9ccc3c0fd2f7fface285d457ae9
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: uid_id2=3664a298-c3c7-491a-83d5-72f2f3083b28:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:57 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://javdoe.sh
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 4dc60a2b6cac919de8b2fad5e124f296
c531ec2061395b1182e5cc158312f5811529d004
ff23c90d42446501764f532a23f41e6f1173e9ccc3c0fd2f7fface285d457ae9
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: uid_id2=3664a298-c3c7-491a-83d5-72f2f3083b28:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:57 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://javdoe.sh
access-control-allow-credentials: true
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 42b63da6c6313abc8a4ad5e40cc9879f
46890c99dd612d363b080276dfb3f6a656f443b0
47e28a460ee3207f975d9e91d7232659cc625155137b45efa499bd92a0cc3cb2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47E28A460EE3207F975D9E91D7232659CC625155137B45EFA499BD92A0CC3CB2"
Last-Modified: Tue, 13 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10160
Expires: Tue, 13 Sep 2022 17:24:18 GMT
Date: Tue, 13 Sep 2022 14:34:58 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=3664a298-c3c7-491a-83d5-72f2f3083b28&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=9c655092bf22243dee2b573fbfc72490&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=3664a298-c3c7-491a-83d5-72f2f3083b28&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=9c655092bf22243dee2b573fbfc72490&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=3664a298-c3c7-491a-83d5-72f2f3083b28&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=9c655092bf22243dee2b573fbfc72490&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 13 Sep 2022 14:34:58 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 70b367ac9d75a799608535e02a1da054
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=3664a298-c3c7-491a-83d5-72f2f3083b28&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=19d79fa5948c69463cfd0e4c039deabb&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=3664a298-c3c7-491a-83d5-72f2f3083b28&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=19d79fa5948c69463cfd0e4c039deabb&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=3664a298-c3c7-491a-83d5-72f2f3083b28&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=19d79fa5948c69463cfd0e4c039deabb&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 13 Sep 2022 14:34:58 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f3091e89c3252bdb0f8aa0caf8c09067
Strict-Transport-Security: max-age=0; includeSubdomains
2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_clb78nd21ou33ie25jjx28&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=108991590089878
200 OK 0 B URL HTTP/2 2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_clb78nd21ou33ie25jjx28&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=108991590089878
IP
GET /get/1881613?zoneid=1881613&jp=_clb78nd21ou33ie25jjx28&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=108991590089878 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: UID=2209130934d7ad10d1d16e4fd48594eed010
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_4
200 OK 0 B URL HTTP/2 akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_4
IP
GET /lv/esnk/1872197/code.js?pid=_cb-1872197_4 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1e740"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_2
200 OK 0 B URL HTTP/2 akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_2
IP
GET /lv/esnk/1872197/code.js?pid=_cb-1872197_2 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 09:14:55 GMT
vary: Accept-Encoding
etag: W/"6311c98f-1fce3"
x-js-ab1: var25
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_1
200 OK 0 B URL HTTP/2 akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_1
IP
GET /lv/esnk/1872197/code.js?pid=_cb-1872197_1 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 09:22:42 GMT
vary: Accept-Encoding
etag: W/"6311cb62-1f7de"
x-js-ab1: var26
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
akmxts.com/get/1872197?zoneid=1872197&pid=_cb-1872197_3&jp=_cl0bfzq11g9zdltjlp6ytn&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=3486691310543460
200 OK 0 B URL HTTP/2 akmxts.com/get/1872197?zoneid=1872197&pid=_cb-1872197_3&jp=_cl0bfzq11g9zdltjlp6ytn&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=3486691310543460
IP
GET /get/1872197?zoneid=1872197&pid=_cb-1872197_3&jp=_cl0bfzq11g9zdltjlp6ytn&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=3486691310543460 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2209130934a572849deb3f4e8e963b186c96; Path=/; Expires=Wed, 13 Sep 2023 14:34:54 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/get/1872197?zoneid=1872197&pid=_cb-1872197_4&jp=_clet8xdkjbdioyj4i4eppa&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6582916054352958
200 OK 0 B URL HTTP/2 akmxts.com/get/1872197?zoneid=1872197&pid=_cb-1872197_4&jp=_clet8xdkjbdioyj4i4eppa&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6582916054352958
IP
GET /get/1872197?zoneid=1872197&pid=_cb-1872197_4&jp=_clet8xdkjbdioyj4i4eppa&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6582916054352958 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: UID=2209130934a572849deb3f4e8e963b186c96
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/js/script.js
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/js/script.js
IP
GET /sb/ssp/utility/social-media/whatsapp/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:57 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0VV8OTAZy%2FQl9rSDq4ttnTPg8E%2FUbLM9uSk%2Bx%2FdRbn9tSk%2Bye8eWyPrWkGWbcB9RjMjwaj%2FdUALsGJtErWA4lJcO2qkJTAnQR4BNCBsjeFaXfBHcVMMkgm6km3xcubjUGA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a19b490bacb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_cln2b9xzxnlngxvi1q10ew&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=3768166287291913
200 OK 0 B URL HTTP/2 2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_cln2b9xzxnlngxvi1q10ew&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=3768166287291913
IP
GET /get/1881613?zoneid=1881613&jp=_cln2b9xzxnlngxvi1q10ew&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=3768166287291913 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: UID=2209130934cfc921706e4943a7b5333a269c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_3
200 OK 0 B URL HTTP/2 akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_3
IP
GET /lv/esnk/1872197/code.js?pid=_cb-1872197_3 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1e740"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_10
200 OK 0 B URL HTTP/2 akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_10
IP
GET /lv/esnk/1872197/code.js?pid=_cb-1872197_10 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1e740"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=profit1001&creativeId=profit1001&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&modelsCountry=&modelsLanguage=&showButton=1&showLiveBadge=1&showModelName=1&showTitle=1&sound=off&sourceId=profit1001&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d
200 OK 0 B URL HTTP/2 creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=profit1001&creativeId=profit1001&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&modelsCountry=&modelsLanguage=&showButton=1&showLiveBadge=1&showModelName=1&showTitle=1&sound=off&sourceId=profit1001&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d
IP
GET /widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=profit1001&creativeId=profit1001&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&modelsCountry=&modelsLanguage=&showButton=1&showLiveBadge=1&showModelName=1&showTitle=1&sound=off&sourceId=profit1001&tag=girls%2Fasian&targetDomain=&thumbSizeKey=small&trackOff=1&userId=2ff61e17e3557af46fe2d3810f37b5c411b3fbc3852006cff0fa2d8d6e4a6f7d HTTP/1.1
Host: creative.xlrdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://r.trwl1.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: text/html
last-modified: Wed, 24 Aug 2022 09:22:37 GMT
expires: Tue, 13 Sep 2022 14:34:56 GMT
cache-control: max-age=10
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
cf-cache-status: HIT
set-cookie: __cflb=02DiuDfsBaY2bRYJiCeSRSGTzNwtDfLbscHGYpgFVSYTW; SameSite=None; Secure; path=/; expires=Wed, 14-Sep-22 13:34:55 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a19b435ca7b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_15
200 OK 0 B URL HTTP/2 akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_15
IP
GET /lv/esnk/1872197/code.js?pid=_cb-1872197_15 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1e740"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 2a3326fe0241a293e2310bc9bf122b9e
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 13 Sep 2022 14:34:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3aw2xYh3Sexd1kIRqKdmgCY%2Bx0HLR2nkmS9JB%2FuCfHCrw7sIgrBESzlnCwRClN7r9ySIU1N7pd%2FK%2Fq%2BuYKEcylkCGV39KHjCR5otvzgV0PtGjbNQ6MA7DRyI3Ej5QsDMFCI4iE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a19b395baf8871-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
akmxts.com/get/1872197?zoneid=1872197&pid=_cb-1872197_8&jp=_clilxma6eucqbdrkmfof8c&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=1797841450285675
200 OK 0 B URL HTTP/2 akmxts.com/get/1872197?zoneid=1872197&pid=_cb-1872197_8&jp=_clilxma6eucqbdrkmfof8c&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=1797841450285675
IP
GET /get/1872197?zoneid=1872197&pid=_cb-1872197_8&jp=_clilxma6eucqbdrkmfof8c&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=1797841450285675 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: UID=2209130934a572849deb3f4e8e963b186c96
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/get/1872197?zoneid=1872197&pid=_cb-1872197_1&jp=_clemvdr6jmgu64cqkq593d&nojs=0&ix=0&abvar=26&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=7427340984470666
200 OK 0 B URL HTTP/2 akmxts.com/get/1872197?zoneid=1872197&pid=_cb-1872197_1&jp=_clemvdr6jmgu64cqkq593d&nojs=0&ix=0&abvar=26&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=7427340984470666
IP
GET /get/1872197?zoneid=1872197&pid=_cb-1872197_1&jp=_clemvdr6jmgu64cqkq593d&nojs=0&ix=0&abvar=26&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=7427340984470666 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: UID=2209130934a572849deb3f4e8e963b186c96
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_11
200 OK 0 B URL HTTP/2 akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_11
IP
GET /lv/esnk/1872197/code.js?pid=_cb-1872197_11 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1e740"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
playerjavhd.com/v/pxg0eum2zeqmd48
200 OK 0 B URL HTTP/2 playerjavhd.com/v/pxg0eum2zeqmd48
IP
GET /v/pxg0eum2zeqmd48 HTTP/1.1
Host: playerjavhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: text/html; charset=UTF-8
last-modified: Sun, 29 Mar 2020 14:23:39 GMT
vary: Accept-Encoding
etag: W/"5e80af6b-1bda"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrBURHTrl%2FH6PEkxsqtwqtNo%2Fq00W%2BXqohTrbGvMUnb0bUPXNn6dnzsSAgiv8pJLd88GbSvQMc2E4%2BQU66bBWkH7Bhjla0M0YkWrHNjcQLvGHXh3190H3HWq8gsB0pXyS%2FQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a19b3959dafab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
akmxts.com/get/1872197?zoneid=1872197&pid=_cb-1872197_5&jp=_cl445l7ic0taforvpty236&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=953416520139445
200 OK 0 B URL HTTP/2 akmxts.com/get/1872197?zoneid=1872197&pid=_cb-1872197_5&jp=_cl445l7ic0taforvpty236&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=953416520139445
IP
GET /get/1872197?zoneid=1872197&pid=_cb-1872197_5&jp=_cl445l7ic0taforvpty236&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=953416520139445 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: UID=2209130934a572849deb3f4e8e963b186c96
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
akmxts.com/get/1872197?zoneid=1872197&pid=_cb-1872197_6&jp=_clz6134e7ttayl31yqbljd&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=1797841450248895
200 OK 0 B URL HTTP/2 akmxts.com/get/1872197?zoneid=1872197&pid=_cb-1872197_6&jp=_clz6134e7ttayl31yqbljd&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=1797841450248895
IP
GET /get/1872197?zoneid=1872197&pid=_cb-1872197_6&jp=_clz6134e7ttayl31yqbljd&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=1797841450248895 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: UID=2209130934a572849deb3f4e8e963b186c96
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.3.1/css/all.css
200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.3.1/css/all.css
IP
GET /releases/v5.3.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:53 GMT
content-type: text/css
x-amz-id-2: kH38wX+KMHyCQAHVNw1PZLvH2GxVvOZI5sgPFxHIds4n4r1RkEg+iPe0TiugAZNUVzSXfrR0ELo=
x-amz-request-id: K92527T9Z36FQV4K
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:42:14 GMT
etag: W/"10519cfd3206802f58315b877a9beab5"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 518486
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzExivMn21n915bW80R9M1KN0OHwO9rl5kwg5DunWOKNQ50khgjaSaA1G2ixXI2xV9sdHYmgl2ZvySNfYy%2BxWZdhGt70wqBTH6yBfJjtoSWOZPCyYst%2BsV6NMHq5DkRMJ7CtgtR0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a19b326801b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_5
200 OK 0 B URL HTTP/2 akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_5
IP
GET /lv/esnk/1872197/code.js?pid=_cb-1872197_5 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1e740"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_0
200 OK 0 B URL HTTP/2 akmxts.com/lv/esnk/1872197/code.js?pid=_cb-1872197_0
IP
GET /lv/esnk/1872197/code.js?pid=_cb-1872197_0 HTTP/1.1
Host: akmxts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:54 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1e740"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/img/close.svg
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/img/close.svg
IP
GET /sb/ssp/utility/social-media/whatsapp/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:56 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:19:43 GMT
etag: W/"60254b0f-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3558632
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BD1d3OFWE%2FDBh5z5%2FdekP8aImz6hn%2FhICC8I9RYhaA3eLCXX816l%2FPRPQsit6YesGUQOnWR4dN8yq3Jxyd%2BBmvzeXXfpYkjlfluNgdxMiDTVhw%2BKDzqJRUU2cgEfQmwU79s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a19b499c9cb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html
200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html
IP
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javdoe.sh
Connection: keep-alive
Referer: https://javdoe.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:56 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 12:54:16 GMT
etag: W/"602fb4f8-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 13 Sep 2022 15:34:56 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
javdoe.sh/73091/nhdta-710-studio-natural-high-i-couldn-t-ask-my-mother-to-get-me-off-in-the-hospital-so-i-asked-my/
200 OK 0 B URL HTTP/2 javdoe.sh/73091/nhdta-710-studio-natural-high-i-couldn-t-ask-my-mother-to-get-me-off-in-the-hospital-so-i-asked-my/
IP
GET /73091/nhdta-710-studio-natural-high-i-couldn-t-ask-my-mother-to-get-me-off-in-the-hospital-so-i-asked-my/ HTTP/1.1
Host: javdoe.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:34:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: ASPro_a830e166eae51e65fca7725bb4ab3ca7=df9dc572a42fec90cf0ed30e3bfbafa4; path=/
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjvSHqMvHqOuTu8BkScSqCep1CA8XBzG2S0TMpGmffjzUyI6lEWtfPXEv4KkacNOMmfN%2BO8JdZVFZ98dzzFIUclQMFURZ3eUJxopQufq6aHQ%2FrC9wfDMK6AXg%2Fk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a19b308b34b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_cl62z9ngbcnwbtjp5ue2id&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4331116240739381
200 OK 0 B URL HTTP/2 2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_cl62z9ngbcnwbtjp5ue2id&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4331116240739381
IP
GET /get/1881613?zoneid=1881613&jp=_cl62z9ngbcnwbtjp5ue2id&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4331116240739381 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: UID=2209130934d7ad10d1d16e4fd48594eed010
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_clagyei9hu0igk8mp0w9g2&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=3205216333880890
200 OK 0 B URL HTTP/2 2qj7mq3w4uxe.com/get/1881613?zoneid=1881613&jp=_clagyei9hu0igk8mp0w9g2&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=3205216333880890
IP
GET /get/1881613?zoneid=1881613&jp=_clagyei9hu0igk8mp0w9g2&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=3205216333880890 HTTP/1.1
Host: 2qj7mq3w4uxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javdoe.sh/
Cookie: UID=2209130934d7ad10d1d16e4fd48594eed010
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:34:55 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
104.21.35.251
62.122.171.6
34.120.237.76
104.21.234.232
2.18.172.123
52.58.59.143
93.184.220.29
202.6.244.93
93.158.134.119