it.davalka.cc/templates/davalka/images/logo.png
200 OK 33 kB URL GET HTTP/3 it.davalka.cc/templates/davalka/images/logo.png
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type PNG image data, 250 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c0d5c420823efaea7f224e584023171
fbb0dd93efb8453a806d88b34ce510925ac31b36
c78116d28ba955c86c5aea32df53cfb7ded13e90805f4c1ebe8440094d101f8d
GET /templates/davalka/images/logo.png HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/templates/davalka/style/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:45 GMT
content-type: image/png
content-length: 33348
last-modified: Sat, 01 Jul 2023 07:59:24 GMT
etag: "649fdcdc-8244"
cache-control: max-age=86400
cf-cache-status: HIT
age: 652123
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEDMnAPLtSp1QxPaB9WkgyDeyAB5WhfCrLkf4vvXOvhwrmus1p%2FHiFipe%2B2roL2ojr2UQP%2FwHJhED01CmjOvBfa8CSHf6XBdASzRnqjrOQ7UhDXBbBJDYUttEO8cfiro"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a86f79d675691-OSL
alt-svc: h3=":443"; ma=86400
it.davalka.cc/templates/davalka/fonts/fontawesome-webfont.woff2?v=4.3.0
200 OK 57 kB URL GET HTTP/3 it.davalka.cc/templates/davalka/fonts/fontawesome-webfont.woff2?v=4.3.0
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
GET /templates/davalka/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/templates/davalka/style/font-awesome.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:45 GMT
content-type: font/woff2
content-length: 56780
last-modified: Thu, 06 Aug 2020 14:23:47 GMT
etag: "5f2c1273-ddcc"
cache-control: max-age=86400
cf-cache-status: HIT
age: 286905
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXCO%2B12aHNe6PFCTvc%2B5Wr2AhXXxyK1VcuykYdM1vfgSo%2Fzf12jaTM62VSCXwFbL1xCJvKQ7vFNxKSvV0ltqfVzzneh330oX6N2BVQ2FkqdZE9000vB5SNd2mm47kqTI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a86f7edb45691-OSL
alt-svc: h3=":443"; ma=86400
it.davalka.cc/cf-fonts/s/open-sans/5.0.15/latin/400/normal.woff2
200 OK 17 kB URL GET HTTP/3 it.davalka.cc/cf-fonts/s/open-sans/5.0.15/latin/400/normal.woff2
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /cf-fonts/s/open-sans/5.0.15/latin/400/normal.woff2 HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:45 GMT
content-length: 16740
cf-cache-status: HIT
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2F48tRCZm33mmsv7c6OFg7ovYaHdFlweGOYyvxyc3bbm1RLKSsxzwEWEb1Fsx%2FW6mFU9fVXCMk6HL7axtCfDndYEf44GqGHZwoPOcfq%2BeCgXriAwEDbtvQI5ihQQDE%2B3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a86f7edb05691-OSL
alt-svc: h3=":443"; ma=86400
it.davalka.cc/cf-fonts/s/open-sans/5.0.15/latin/700/normal.woff2
200 OK 16 kB URL GET HTTP/3 it.davalka.cc/cf-fonts/s/open-sans/5.0.15/latin/700/normal.woff2
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 16372, version 1.0\012- data
Hash e45478d4d6f15dafda1f25d9e0fb5fa1
52cb490cd0ee4442ede034085cda9652b206f91c
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
GET /cf-fonts/s/open-sans/5.0.15/latin/700/normal.woff2 HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:45 GMT
content-length: 16372
cf-cache-status: HIT
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BrotXVKskT1QYH2AlezuvFOrrbN2bAMbP8GHtFrfvzsO919Km9wYFu3hpqDvaZfsHZq4f%2F6ehD28OuciZliD5zJzJwPKF3UIsldO5%2BFpsaG%2FOrOXoMtn026j%2FphWcdS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a86f81dc65691-OSL
alt-svc: h3=":443"; ma=86400
it.davalka.cc/cf-fonts/s/open-sans/5.0.15/cyrillic/600/normal.woff2
200 OK 11 kB URL GET HTTP/3 it.davalka.cc/cf-fonts/s/open-sans/5.0.15/cyrillic/600/normal.woff2
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 10620, version 1.0\012- data
Hash 4514fa026105b9df8b92dc29da601c86
c18ed5ea75b3d7685afe1e5a7e4393dee0506933
58888d26f3d92ca567dcbca457056760f300389a94e237b1191862871ad296ba
GET /cf-fonts/s/open-sans/5.0.15/cyrillic/600/normal.woff2 HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:45 GMT
content-length: 10620
cf-cache-status: HIT
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cu9ST4vQFbGVV5ujAAogCXkVr9EYKrFNUbqebZ4muR573z%2FH9SqNoQTfPvpKnZts2ZQ%2Bvj271zdPCXqkqqtFJ%2Fhtm7lLfsZEVCHKEyhHF4TBZrt1u%2BABWVKEB4loNJ%2BK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a86f7edb35691-OSL
alt-svc: h3=":443"; ma=86400
it.davalka.cc/cf-fonts/s/open-sans/5.0.15/latin/600/normal.woff2
200 OK 17 kB URL GET HTTP/3 it.davalka.cc/cf-fonts/s/open-sans/5.0.15/latin/600/normal.woff2
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 16756, version 1.0\012- data
Hash 603c99275486a11982874425a0bc0dd1
ffeb62d105d2893d323574407b459fbae8cc90a6
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
GET /cf-fonts/s/open-sans/5.0.15/latin/600/normal.woff2 HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:45 GMT
content-length: 16756
cf-cache-status: HIT
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IW0y2QxPUVGGMyNfpzjxsDIT0m83Jo12GmxpkmkcdPIcrSEtLOp%2BPyC1sJApS1cVftckVTcBU2wxxrjINfGrGVDOGH%2B97wGBQj7sJJ8Ye1rgN%2Bhrm6i%2Badp2SYvjUWGd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a86f7edb15691-OSL
alt-svc: h3=":443"; ma=86400
31825.thanksgivingdelights.com/v3/a/pop/js/224674
200 OK 6.1 kB URL GET HTTP/2 31825.thanksgivingdelights.com/v3/a/pop/js/224674
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subject*.thanksgivingdelights.com
FingerprintCE:9C:43:8D:C8:5B:86:EC:E6:19:28:36:FC:E6:32:F7:DB:F3:0B:14
ValidityTue, 07 Nov 2023 10:55:57 GMT - Mon, 05 Feb 2024 10:55:56 GMT
File type ASCII text, with very long lines (15909), with no line terminators
Hash 8863d02be437d60069897acb8c3c75c5
b44b2d34d5b2c3ec3e2869e058ab55dc14c6c4b1
f7191ff77b35410728a13d636ad11bd5390cd945b522e89c168e9f70b5183cf4
GET /v3/a/pop/js/224674 HTTP/1.1
Host: 31825.thanksgivingdelights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 05:56:45 GMT
content-type: application/javascript; charset=UTF-8
content-length: 6117
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2
it.davalka.cc/cf-fonts/s/open-sans/5.0.15/cyrillic/400/normal.woff2
200 OK 11 kB URL GET HTTP/3 it.davalka.cc/cf-fonts/s/open-sans/5.0.15/cyrillic/400/normal.woff2
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 10652, version 1.0\012- data
Hash c010b23b2704126796a794818ca777fb
41d3c9ae6692a1ca032d420646cc49b395fb4c96
624b713241704e0993f7d2147c1f1408a8a0df1be297a490bfe8e2b89387ce93
GET /cf-fonts/s/open-sans/5.0.15/cyrillic/400/normal.woff2 HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:45 GMT
content-length: 10652
cf-cache-status: HIT
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWcBXSYb1poCNVlh3YL23QQWUfafEHbbNfgc07dvL6enJog0%2Bt%2BIi49qjM0aDOs2rJsclPXcGnKV5j2J3U3GVTZQ1QOZDIB9kw4n3BrPhl5%2BEnLembynVNl%2B8AU7D1pc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a86f83ddb5691-OSL
alt-svc: h3=":443"; ma=86400
it.davalka.cc/templates/davalka/images/favicon.png
200 OK 5.0 kB URL GET HTTP/3 it.davalka.cc/templates/davalka/images/favicon.png
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash e7228b9b24341c3d03d7db6133b2ae02
d2af8f9010fa10221769c9ae90b8fa1ec5af7361
c77ce116b93c433c48f164efec8ffa01121d1c5300efb7d872ba25fe50f27e91
GET /templates/davalka/images/favicon.png HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:45 GMT
content-type: image/png
content-length: 4957
last-modified: Thu, 06 Aug 2020 14:23:41 GMT
etag: "5f2c126d-135d"
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXTSg3PcJWImc1GIrt19wZtRs7d0LMX9WsT6WIAX6d%2FrKtOLzHW6Kij3c5K1qgvgPRQ%2BElOtr2kA8UtHmnI7u6u9ObW%2F2xDx4aUIupQlhZ2eT9SJa9klsooA%2B5U3a19B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a86fafefd5691-OSL
alt-svc: h3=":443"; ma=86400
31825.thanksgivingdelights.com/v3/a/ipn/js/224959
200 OK 6.9 kB URL GET HTTP/2 31825.thanksgivingdelights.com/v3/a/ipn/js/224959
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subject*.thanksgivingdelights.com
FingerprintCE:9C:43:8D:C8:5B:86:EC:E6:19:28:36:FC:E6:32:F7:DB:F3:0B:14
ValidityTue, 07 Nov 2023 10:55:57 GMT - Mon, 05 Feb 2024 10:55:56 GMT
File type gzip compressed data, from Unix\012- data
Hash 557fb24ef0b3288a502c6b055ec43f20
42b68c10fa17f307e9290e244b4a556896dbb857
c092099e9ae9a9abe8132d05a46959b3f92f62416398ad53caec509921c7a3b1
GET /v3/a/ipn/js/224959 HTTP/1.1
Host: 31825.thanksgivingdelights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 05:56:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
content-encoding: gzip
X-Firefox-Spdy: h2
pornogoogle.info/embed_teaser/9187/6453
2.3 kB URL GET pornogoogle.info/embed_teaser/9187/6453
IP
ASN #50340 OOO Network of data-centers Selectel
Certificate IssuerLet's Encrypt
Subjectpornogoogle.info
Fingerprint2F:DB:C3:3E:14:CC:55:63:3D:B1:59:1A:EA:55:40:7C:1B:2E:4A:B8
ValidityTue, 07 Nov 2023 22:31:33 GMT - Mon, 05 Feb 2024 22:31:32 GMT
File type gzip compressed data, from Unix\012- data
Hash 45575419a9994ac38e8a7653ecd1c33f
c22e6d3ba354d8fbe1a9f41e227b5c1cc2877a41
ab51c8a23653cb0e81416fe51e45ba6b166346da6bdc92be48ff1a9690a44a7d
GET /embed_teaser/9187/6453 HTTP/1.1
Host: pornogoogle.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.14.2
date: Thu, 07 Dec 2023 05:56:45 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
js.capndr.com/advertising.js
200 OK 0 B URL GET HTTP/2 js.capndr.com/advertising.js
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectjs.capndr.com
FingerprintD9:9C:A9:BD:64:40:4E:C3:80:FB:C1:63:4D:D6:8F:A9:F7:83:AC:F4
ValidityTue, 24 Oct 2023 01:02:38 GMT - Mon, 22 Jan 2024 01:02:37 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 05:56:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Thu, 07 Dec 2023 06:01:46 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=107579
204 No Content 0 B URL OPTIONS HTTP/1.1 fp.metricswpsh.com/fp?tag_id=107579
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint0D:7A:7C:53:DB:15:35:28:E9:E6:2B:90:43:BB:EF:E5:AB:BE:DA:E3
ValidityThu, 09 Nov 2023 09:29:43 GMT - Wed, 07 Feb 2024 09:29:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=107579 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://it.davalka.cc/
Origin: https://it.davalka.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Thu, 07 Dec 2023 05:56:46 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://it.davalka.cc
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
9797eebeee.f029332141.com/b287f90689b6fb0d7741c34c0bba1e69.js
200 OK 34 kB URL GET HTTP/2 9797eebeee.f029332141.com/b287f90689b6fb0d7741c34c0bba1e69.js
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subject9797eebeee.f029332141.com
Fingerprint9D:B9:A1:BF:03:55:A8:63:E1:97:8B:A5:CD:B2:DF:C9:18:96:7B:9D
ValidityMon, 04 Dec 2023 02:20:35 GMT - Sun, 03 Mar 2024 02:20:34 GMT
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 8bd1bec18448515d3ae46770cd1bbbca
aac714d17775fff26cb0442ad4ab05f05a7b6131
406b823b227942fe5c2c14b5062662778f56c1cff63e660836357810439e8801
GET /b287f90689b6fb0d7741c34c0bba1e69.js HTTP/1.1
Host: 9797eebeee.f029332141.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://it.davalka.cc
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 05:56:45 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 06 Dec 2023 08:14:23 GMT
etag: W/"65702d5f-196a0"
content-encoding: gzip
expires: Thu, 07 Dec 2023 06:01:45 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
4a486af9dd.c7aca91a6d.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDczOTc2ODYxOTcwMzczMDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjk1LjAiLCJ0YWdfaWQiOjEwNzU3OSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjI3LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJEYXZhbGthJTJDdmlkZW8lMkNwb3JubyUyQ29ubGluZSUyQ2dyYXR1aXRhbWVudGUlMkNQb3JubyUyQ3BlciUyQ2NhdGVnb3JpYSUyQ3Bvcm5vc3RhciUyQ2ltYnJvZ2xpb25pJTJDTnVvdmUlMkN0cm9pZSUyQ3Bvcm5vJTJDb2duaSUyQ2dpb3JubyUyQ1N1bCUyQ3NpdG8lMkNQb3JuJTJDRGF2YWxrYSUyQ3Zlbmdvbm8lMkNhZ2dpb3JuYXRpJTJDcXVvdGlkaWFuYW1lbnRlJTJDdmlkZW8lMkNwb3JubyUyQ2dyYXR1aXRpJTJDY2hlJTJDcHVvaSUyQ2d1YXJkYXJlJTJDb25saW5lJTJDc2VuemElMkNyZWdpc3RyYXppb25lJTJDZSUyQ1NNUy4ifQ==
200 OK 0 B URL GET HTTP/2 4a486af9dd.c7aca91a6d.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDczOTc2ODYxOTcwMzczMDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjk1LjAiLCJ0YWdfaWQiOjEwNzU3OSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjI3LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJEYXZhbGthJTJDdmlkZW8lMkNwb3JubyUyQ29ubGluZSUyQ2dyYXR1aXRhbWVudGUlMkNQb3JubyUyQ3BlciUyQ2NhdGVnb3JpYSUyQ3Bvcm5vc3RhciUyQ2ltYnJvZ2xpb25pJTJDTnVvdmUlMkN0cm9pZSUyQ3Bvcm5vJTJDb2duaSUyQ2dpb3JubyUyQ1N1bCUyQ3NpdG8lMkNQb3JuJTJDRGF2YWxrYSUyQ3Zlbmdvbm8lMkNhZ2dpb3JuYXRpJTJDcXVvdGlkaWFuYW1lbnRlJTJDdmlkZW8lMkNwb3JubyUyQ2dyYXR1aXRpJTJDY2hlJTJDcHVvaSUyQ2d1YXJkYXJlJTJDb25saW5lJTJDc2VuemElMkNyZWdpc3RyYXppb25lJTJDZSUyQ1NNUy4ifQ==
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subject4a486af9dd.c7aca91a6d.com
FingerprintF9:30:5A:39:28:22:FD:CA:EF:7E:89:B8:AA:00:20:68:BC:AA:6C:EF
ValidityMon, 04 Dec 2023 06:20:53 GMT - Sun, 03 Mar 2024 06:20:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDczOTc2ODYxOTcwMzczMDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjk1LjAiLCJ0YWdfaWQiOjEwNzU3OSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjI3LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJEYXZhbGthJTJDdmlkZW8lMkNwb3JubyUyQ29ubGluZSUyQ2dyYXR1aXRhbWVudGUlMkNQb3JubyUyQ3BlciUyQ2NhdGVnb3JpYSUyQ3Bvcm5vc3RhciUyQ2ltYnJvZ2xpb25pJTJDTnVvdmUlMkN0cm9pZSUyQ3Bvcm5vJTJDb2duaSUyQ2dpb3JubyUyQ1N1bCUyQ3NpdG8lMkNQb3JuJTJDRGF2YWxrYSUyQ3Zlbmdvbm8lMkNhZ2dpb3JuYXRpJTJDcXVvdGlkaWFuYW1lbnRlJTJDdmlkZW8lMkNwb3JubyUyQ2dyYXR1aXRpJTJDY2hlJTJDcHVvaSUyQ2d1YXJkYXJlJTJDb25saW5lJTJDc2VuemElMkNyZWdpc3RyYXppb25lJTJDZSUyQ1NNUy4ifQ== HTTP/1.1
Host: 4a486af9dd.c7aca91a6d.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://it.davalka.cc
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 05:56:46 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
nereserv.com/in/dip?site=native-push&wl=1&event_id=24bc6a42-270d-46e6-8b9a-4a15a99f6ef1&subid=787285550&sid=996071546&spot_id=406844&created_at=2023-12-07&timezone=0&ver=8.121.0&is_native=1
200 OK 0 B URL GET HTTP/2 nereserv.com/in/dip?site=native-push&wl=1&event_id=24bc6a42-270d-46e6-8b9a-4a15a99f6ef1&subid=787285550&sid=996071546&spot_id=406844&created_at=2023-12-07&timezone=0&ver=8.121.0&is_native=1
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint0D:7A:7C:53:DB:15:35:28:E9:E6:2B:90:43:BB:EF:E5:AB:BE:DA:E3
ValidityThu, 09 Nov 2023 09:29:43 GMT - Wed, 07 Feb 2024 09:29:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=24bc6a42-270d-46e6-8b9a-4a15a99f6ef1&subid=787285550&sid=996071546&spot_id=406844&created_at=2023-12-07&timezone=0&ver=8.121.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://it.davalka.cc
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 07 Dec 2023 05:56:46 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=107579
204 No Content 58 B URL OPTIONS HTTP/1.1 fp.metricswpsh.com/fp?tag_id=107579
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint0D:7A:7C:53:DB:15:35:28:E9:E6:2B:90:43:BB:EF:E5:AB:BE:DA:E3
ValidityThu, 09 Nov 2023 09:29:43 GMT - Wed, 07 Feb 2024 09:29:42 GMT
File type JSON data\012- , ASCII text
Hash 49cb75c0da6be8cc97daea0ae2498649
1dd230c3f22a2308b9c091fe1e952b5e8d44bc88
3f61f6927c8c29196e623750a164dcd6895cc2dc3a592ccc5d755b3d4d407841
POST /fp?tag_id=107579 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1773
Origin: https://it.davalka.cc
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 07 Dec 2023 05:56:46 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://it.davalka.cc
Set-Cookie: id=15674010243500093940; Expires=Fri, 06 Dec 2024 05:56:46 GMT; Secure; SameSite=None
Vary: Origin
ntvpforever.com/keywords
204 No Content 22 B IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint0D:7A:7C:53:DB:15:35:28:E9:E6:2B:90:43:BB:EF:E5:AB:BE:DA:E3
ValidityThu, 09 Nov 2023 09:29:43 GMT - Wed, 07 Feb 2024 09:29:42 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 803ed818708dd83bfae04bb20cf48cb0
3a32cabae01dd92a848ec427f4c69b85825e89e8
4c7d996ddffabca7f5a8fba7c3fa72a41f041ba7f96dfdbbd1818ec884aec396
POST /keywords HTTP/1.1
Host: ntvpforever.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 320
Origin: https://it.davalka.cc
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 07 Dec 2023 05:56:46 GMT
content-type: application/json
content-length: 22
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
e311b20b12.c538aefec6.com/in/multy
204 No Content 0 B URL OPTIONS HTTP/2 e311b20b12.c538aefec6.com/in/multy
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectc538aefec6.com
Fingerprint17:72:B7:6F:DB:E1:91:60:F7:C5:95:E5:02:44:3F:9C:21:D0:9A:60
ValidityMon, 04 Dec 2023 03:01:50 GMT - Sun, 03 Mar 2024 03:01:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /in/multy HTTP/1.1
Host: e311b20b12.c538aefec6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://it.davalka.cc/
Origin: https://it.davalka.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.20.1
date: Thu, 07 Dec 2023 05:56:46 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintF3:FB:54:1B:21:E9:69:01:41:02:BB:D0:97:A2:BA:45:72:5A:71:D8
ValidityMon, 20 Nov 2023 08:09:49 GMT - Mon, 12 Feb 2024 08:09:48 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:RKV_RAwdIwoGKpIrwmgzh-NfXMLMog:7y0eV70kWcJu4bp6; Expires=Sat, 06-Dec-2025 05:56:46 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 07 Dec 2023 05:56:46 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1CM4uNHht0En-1ztBO_7WOrEdhJTtdcsL9jUSqHbPC3JrnXrPAlU1nReyuVelo2vJYyncH6Q
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-TemBjYGNUeYyOwFpB8_EhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1CM4uNHht0En-1ztBO_7WOrEdhJTtdcsL9jUSqHbPC3JrnXrPAlU1nReyuVelo2vJYyncH6Q
302 Found 401 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1CM4uNHht0En-1ztBO_7WOrEdhJTtdcsL9jUSqHbPC3JrnXrPAlU1nReyuVelo2vJYyncH6Q
IP
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintF3:FB:54:1B:21:E9:69:01:41:02:BB:D0:97:A2:BA:45:72:5A:71:D8
ValidityMon, 20 Nov 2023 08:09:49 GMT - Mon, 12 Feb 2024 08:09:48 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (396)
Hash e0a411bf22d23574c39daa89d2795c0b
c0b81db5f826da8f194610b516b20a58985f01e2
66dac7f349aa82cff8363d0d315e54939b110a3f44c346c765f1ad9be6db04d9
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1CM4uNHht0En-1ztBO_7WOrEdhJTtdcsL9jUSqHbPC3JrnXrPAlU1nReyuVelo2vJYyncH6Q HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:3DYSrxeJhl6y9PrQfShIuBJhdeXzjQ:Ms8Ik_8uTWGgE1sU;Path=/;Expires=Sat, 06-Dec-2025 05:56:46 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 07 Dec 2023 05:56:46 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp29WrvuaAuOIBxNg-nHSR26uDECcJqEf3tG6jb3Vxzob7shPytqKYXNCwcCpnGcjiX_oJRGGA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S268746394%3A1701928606875982&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-2NmzYmqc-C5Q2H6v-Yw6pw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 401
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e311b20b12.c538aefec6.com/in/multy
204 No Content 5.6 kB URL OPTIONS HTTP/2 e311b20b12.c538aefec6.com/in/multy
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectc538aefec6.com
Fingerprint17:72:B7:6F:DB:E1:91:60:F7:C5:95:E5:02:44:3F:9C:21:D0:9A:60
ValidityMon, 04 Dec 2023 03:01:50 GMT - Sun, 03 Mar 2024 03:01:49 GMT
File type JSON data\012- , ASCII text, with very long lines (41025), with no line terminators
Hash 0bc9598c24b613182e0a8b5e677d030d
45aeb4d14ffaa17ecc274dcc867997b4bd5d0672
60ce7c39881d16a68039db73425dde25c37efde6c26fde7bb310f4fda2dacc0e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /in/multy HTTP/1.1
Host: e311b20b12.c538aefec6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1838
Origin: https://it.davalka.cc
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: application/json
content-length: 5643
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
it.davalka.cc/picture/Znatok-kamasutry-otodral-glamurnuiu-milashku-v-raznykh-pozakh.webp
301 Moved Permanently 0 B URL GET HTTP/3 it.davalka.cc/picture/Znatok-kamasutry-otodral-glamurnuiu-milashku-v-raznykh-pozakh.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /picture/Znatok-kamasutry-otodral-glamurnuiu-milashku-v-raznykh-pozakh.webp HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Thu, 07 Dec 2023 05:56:47 GMT
content-length: 0
location: https://davalka.cc/picture/Znatok-kamasutry-otodral-glamurnuiu-milashku-v-raznykh-pozakh.webp
cache-control: max-age=86400
expires: Thu, 07 Dec 2023 05:07:26 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKeniS3GrUxdUm4pjFj6L3tozDVFx6MQVFIeQYF9X%2FXPxL39L3RVYNjW5mYjqDzBcYPj%2FGrMBMOelMXBdMAQFD5Ch%2FrCAHdNf4CC5UThLf1%2BsCojvFCN9KT%2BZx7x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 831a87031b8c5691-OSL
it.davalka.cc/picture/Domashnii-seks-s-russkoi-podruzhkoi-ot-pervogo-litsa.webp
301 Moved Permanently 0 B URL GET HTTP/3 it.davalka.cc/picture/Domashnii-seks-s-russkoi-podruzhkoi-ot-pervogo-litsa.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /picture/Domashnii-seks-s-russkoi-podruzhkoi-ot-pervogo-litsa.webp HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Thu, 07 Dec 2023 05:56:47 GMT
content-length: 0
location: https://davalka.cc/picture/Domashnii-seks-s-russkoi-podruzhkoi-ot-pervogo-litsa.webp
cache-control: max-age=86400
expires: Wed, 06 Dec 2023 22:18:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrobND5QLxIEN0i%2F5EKhcQz9TMC5AJbY0J3lF72a7IQzrh6W6Emv0MPYzjGZeUGcSQNF2Y%2FuJnkceQbemXpsws06bg1stJw9vkloxgX%2F3pOqFwNlcen1ES7XKNqH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 831a87032b8f5691-OSL
it.davalka.cc/picture/Goriachaia-ukrainka-ublazhila-diadiu-Vudmana-i-pro-ego-druzei-ne-zabyla.webp
301 Moved Permanently 0 B URL GET HTTP/3 it.davalka.cc/picture/Goriachaia-ukrainka-ublazhila-diadiu-Vudmana-i-pro-ego-druzei-ne-zabyla.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /picture/Goriachaia-ukrainka-ublazhila-diadiu-Vudmana-i-pro-ego-druzei-ne-zabyla.webp HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Thu, 07 Dec 2023 05:56:47 GMT
content-length: 0
location: https://davalka.cc/picture/Goriachaia-ukrainka-ublazhila-diadiu-Vudmana-i-pro-ego-druzei-ne-zabyla.webp
cache-control: max-age=86400
expires: Sun, 03 Dec 2023 23:15:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BgwpkivbLZ748%2B3g%2FG8S9mZioqlN0zKFFaFhBbeBzJBOWu936E7%2BiAFZpXSip0fQkQgYZUvft%2BAt7Zb78c9STTFgILuz%2FbCyNUi76x2a630l94ZGPl7B0z6Ga%2Fr%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 286906
server: cloudflare
cf-ray: 831a87034b9d5691-OSL
it.davalka.cc/picture/Skinuv-oblegaiushchee-korotkoe-plate--sisiastaia-suchka-sdelala-glubokii-minet-i-nasadilas-na-chlen.webp
301 Moved Permanently 0 B URL GET HTTP/3 it.davalka.cc/picture/Skinuv-oblegaiushchee-korotkoe-plate--sisiastaia-suchka-sdelala-glubokii-minet-i-nasadilas-na-chlen.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /picture/Skinuv-oblegaiushchee-korotkoe-plate--sisiastaia-suchka-sdelala-glubokii-minet-i-nasadilas-na-chlen.webp HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Thu, 07 Dec 2023 05:56:47 GMT
content-length: 0
location: https://davalka.cc/picture/Skinuv-oblegaiushchee-korotkoe-plate--sisiastaia-suchka-sdelala-glubokii-minet-i-nasadilas-na-chlen.webp
cache-control: max-age=86400
expires: Sun, 03 Dec 2023 23:15:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sL6nnHzdHd%2BHt%2FhBv4Idv77HGVGiVflINh2vUdRj3pHWONiJj41NIfRvUxOSDN2ue5Kk%2BhbVgeYzjQIZ5xCVic08MJzOtDnQKFc%2BNpjvFvBuFdT6GFpwZJjUJ1Km"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 286906
server: cloudflare
cf-ray: 831a87036ba75691-OSL
it.davalka.cc/picture/Aziat-podobral-pianu-vypusknitsu-s-lavochki-i-doma-vzial-s-nee-platu-naturoi.webp
301 Moved Permanently 0 B URL GET HTTP/3 it.davalka.cc/picture/Aziat-podobral-pianu-vypusknitsu-s-lavochki-i-doma-vzial-s-nee-platu-naturoi.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /picture/Aziat-podobral-pianu-vypusknitsu-s-lavochki-i-doma-vzial-s-nee-platu-naturoi.webp HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Thu, 07 Dec 2023 05:56:47 GMT
content-length: 0
location: https://davalka.cc/picture/Aziat-podobral-pianu-vypusknitsu-s-lavochki-i-doma-vzial-s-nee-platu-naturoi.webp
cache-control: max-age=86400
expires: Sun, 03 Dec 2023 20:40:33 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XY3lPpBj8davPshiTv1CDrL8eEx537nuoOhIqqSAZINILWUdOyE7Hkh9IixhlZJeO7Sgv3ZTDCGzhfGJqJcskSC3H2vsSl5yavnuXX4UfMVs973g2etpBXwcV7dj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 286906
server: cloudflare
cf-ray: 831a87036ba85691-OSL
it.davalka.cc/picture/Molodozheny-zapisyvaiut-khoum-video-v-gorakh.webp
301 Moved Permanently 0 B URL GET HTTP/3 it.davalka.cc/picture/Molodozheny-zapisyvaiut-khoum-video-v-gorakh.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /picture/Molodozheny-zapisyvaiut-khoum-video-v-gorakh.webp HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Thu, 07 Dec 2023 05:56:47 GMT
content-length: 0
location: https://davalka.cc/picture/Molodozheny-zapisyvaiut-khoum-video-v-gorakh.webp
cache-control: max-age=86400
expires: Thu, 07 Dec 2023 05:07:26 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AtvLq8ZbkxLjMy%2FewAI4B5G9yPrjoWWXcxM04wZ4sSNHXQxr%2BwmmkW2ehAmjJoSfeG4TnC9Bi1Lz%2FPnCP1OsLIxTKryeHP7QrN7T7cN7OpDunqGmv2Ozgxao6Oi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 831a87033b9a5691-OSL
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp29WrvuaAuOIBxNg-nHSR26uDECcJqEf3tG6jb3Vxzob7shPytqKYXNCwcCpnGcjiX_oJRGGA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S268746394%3A1701928606875982&theme=glif
403 Forbidden 3.0 kB URL GET HTTP/2 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp29WrvuaAuOIBxNg-nHSR26uDECcJqEf3tG6jb3Vxzob7shPytqKYXNCwcCpnGcjiX_oJRGGA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S268746394%3A1701928606875982&theme=glif
IP
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintF3:FB:54:1B:21:E9:69:01:41:02:BB:D0:97:A2:BA:45:72:5A:71:D8
ValidityMon, 20 Nov 2023 08:09:49 GMT - Mon, 12 Feb 2024 08:09:48 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (9730), with no line terminators
Hash eeddea26d3b123e79d507162018cadac
97da4f27f942e199b5666bf6c5d7edd1eed15eed
cf4612b34b184c2162875ef4f40efcd2b21ce53c1662ef2124c5d986e0b19f33
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp29WrvuaAuOIBxNg-nHSR26uDECcJqEf3tG6jb3Vxzob7shPytqKYXNCwcCpnGcjiX_oJRGGA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S268746394%3A1701928606875982&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 07 Dec 2023 05:56:46 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-HYuAeNPLBni3JulPDPGbfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
it.davalka.cc/picture/Poka-muzha-net-doma--briunetka-vyzvala-na-dom-massazhista-i-sovratila-ego-na-analnyi-seks.webp
301 Moved Permanently 0 B URL GET HTTP/3 it.davalka.cc/picture/Poka-muzha-net-doma--briunetka-vyzvala-na-dom-massazhista-i-sovratila-ego-na-analnyi-seks.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /picture/Poka-muzha-net-doma--briunetka-vyzvala-na-dom-massazhista-i-sovratila-ego-na-analnyi-seks.webp HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Thu, 07 Dec 2023 05:56:47 GMT
content-length: 0
location: https://davalka.cc/picture/Poka-muzha-net-doma--briunetka-vyzvala-na-dom-massazhista-i-sovratila-ego-na-analnyi-seks.webp
cache-control: max-age=86400
expires: Sun, 03 Dec 2023 23:15:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNc2cmrs%2B2I2OVjcXAUAe4zSxXSZ15qSAXVy8CvJrFQeHjlZhNnwZ4Eouf7as8lxOPiNBQM5%2Bi5lh37GmPE5YaADlZ%2B9tXXSiaCC5A4eYqYTPqODBteeKKZvAMxp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 286906
server: cloudflare
cf-ray: 831a87037bb05691-OSL
it.davalka.cc/picture/Blondinka-spalila-druga-za-drochkoi-na-svoi-chastnye-zapisi-i-vospolzovalas-im.webp
301 Moved Permanently 0 B URL GET HTTP/3 it.davalka.cc/picture/Blondinka-spalila-druga-za-drochkoi-na-svoi-chastnye-zapisi-i-vospolzovalas-im.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /picture/Blondinka-spalila-druga-za-drochkoi-na-svoi-chastnye-zapisi-i-vospolzovalas-im.webp HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Thu, 07 Dec 2023 05:56:47 GMT
content-length: 0
location: https://davalka.cc/picture/Blondinka-spalila-druga-za-drochkoi-na-svoi-chastnye-zapisi-i-vospolzovalas-im.webp
cache-control: max-age=86400
expires: Sun, 03 Dec 2023 23:15:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gPB2yTscP2W%2BmpdJyi6oN%2FG7KSkem2zwYwaj4P61hfodvPgRw6KPlRGIQ6iewcMtaGtqS4jyUr2kX%2FhccrvSiR2lBAqqTczIw3vYifSjaafwNP%2BBPI9usEUD8TA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 286906
server: cloudflare
cf-ray: 831a87037bb25691-OSL
jkha742.xyz/wcm/?sh=it.davalka.cc&sth=7ab3624698f0bee984b8077f8dcf8922&d=e3b000ffe39c980c475b4478201afaac&m=02bd1f51ae5382fc49fdfe0471886ae4&sid=881_819346_99506447&stime=2586.00&curpage=https%3A%2F%2Fit.davalka.cc%2F&rand=0.05012247456226482
200 OK 0 B URL GET HTTP/2 jkha742.xyz/wcm/?sh=it.davalka.cc&sth=7ab3624698f0bee984b8077f8dcf8922&d=e3b000ffe39c980c475b4478201afaac&m=02bd1f51ae5382fc49fdfe0471886ae4&sid=881_819346_99506447&stime=2586.00&curpage=https%3A%2F%2Fit.davalka.cc%2F&rand=0.05012247456226482
IP
ASN #6681 Rozetka Sp. z o.o.
Certificate IssuerLet's Encrypt
Subjectjkha742.xyz
Fingerprint8B:A3:C6:6F:DB:36:FF:30:16:6F:DB:6C:F4:21:57:96:63:FD:3D:48
ValidityMon, 09 Oct 2023 23:40:18 GMT - Sun, 07 Jan 2024 23:40:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wcm/?sh=it.davalka.cc&sth=7ab3624698f0bee984b8077f8dcf8922&d=e3b000ffe39c980c475b4478201afaac&m=02bd1f51ae5382fc49fdfe0471886ae4&sid=881_819346_99506447&stime=2586.00&curpage=https%3A%2F%2Fit.davalka.cc%2F&rand=0.05012247456226482 HTTP/1.1
Host: jkha742.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
p3p: CP="NON DSP COR CURa TIA"
vary: Accept-Encoding
x-msr: TRUE
timing-allow-origin: *
X-Firefox-Spdy: h2
it.davalka.cc/picture/Ebet-moloduiu-blondinku-v-ochkakh-ot-pervogo-litsa.webp
301 Moved Permanently 0 B URL GET HTTP/3 it.davalka.cc/picture/Ebet-moloduiu-blondinku-v-ochkakh-ot-pervogo-litsa.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /picture/Ebet-moloduiu-blondinku-v-ochkakh-ot-pervogo-litsa.webp HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Thu, 07 Dec 2023 05:56:47 GMT
content-length: 0
location: https://davalka.cc/picture/Ebet-moloduiu-blondinku-v-ochkakh-ot-pervogo-litsa.webp
cache-control: max-age=86400
expires: Thu, 07 Dec 2023 06:09:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GN2pHK9Vvh2%2BigSEYZHlia%2BYgmiYTO7Nno4BylEy%2FQvObvGR9NyD%2Bn7Epa8wb3YgUDUDEt%2FvyvNAdJWW5FuTYhOSZ63QUcmG63v394aOw2FXesnL5oFQoQOHLIf8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 831a87035ba35691-OSL
it.davalka.cc/picture/Vozbuzhdennaia-aziatskaia-milashka-poziruet-i-drochit-svoiu-shchelku.webp
301 Moved Permanently 0 B URL GET HTTP/3 it.davalka.cc/picture/Vozbuzhdennaia-aziatskaia-milashka-poziruet-i-drochit-svoiu-shchelku.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /picture/Vozbuzhdennaia-aziatskaia-milashka-poziruet-i-drochit-svoiu-shchelku.webp HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Thu, 07 Dec 2023 05:56:47 GMT
content-length: 0
location: https://davalka.cc/picture/Vozbuzhdennaia-aziatskaia-milashka-poziruet-i-drochit-svoiu-shchelku.webp
cache-control: max-age=86400
expires: Thu, 07 Dec 2023 06:09:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPD6%2BCN%2FvQIT%2BwN1zq6t41v5XRy82IIRybWBkcSHnApioJRAWyuMzfOC7IDpQqkqCOg0E94WRwRFVW0gF5z7rvTgDqLR%2BPeyxC4FmIxMxn6jTSMIz4TojTPF5%2FDs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 831a87038bb95691-OSL
it.davalka.cc/picture/Kunimen-otlizal-kisku-vozliublennoi-i-trakhnul-perevozbuzhdennym-chlenom.webp
301 Moved Permanently 0 B URL GET HTTP/3 it.davalka.cc/picture/Kunimen-otlizal-kisku-vozliublennoi-i-trakhnul-perevozbuzhdennym-chlenom.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /picture/Kunimen-otlizal-kisku-vozliublennoi-i-trakhnul-perevozbuzhdennym-chlenom.webp HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Thu, 07 Dec 2023 05:56:47 GMT
content-length: 0
location: https://davalka.cc/picture/Kunimen-otlizal-kisku-vozliublennoi-i-trakhnul-perevozbuzhdennym-chlenom.webp
cache-control: max-age=86400
expires: Thu, 07 Dec 2023 06:09:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyaJuUX9GRph3UFIo6j4KTkeC0FSDcq6RIVv27Y5PppOJ1LcvSXm6zLedKp0HbchMdsOUSw9TvEzkLc3VBUsa8BCEvM6n0hCywoAjFTKnzdAKxBGN8E63UI0zGPe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 831a87039bbb5691-OSL
it.davalka.cc/picture/Amerikanka-mychit-vo-vremia-anala-pered-kotorym-ona-poluchila-chlen-v-rot-i-pizdu.webp
301 Moved Permanently 0 B URL GET HTTP/3 it.davalka.cc/picture/Amerikanka-mychit-vo-vremia-anala-pered-kotorym-ona-poluchila-chlen-v-rot-i-pizdu.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /picture/Amerikanka-mychit-vo-vremia-anala-pered-kotorym-ona-poluchila-chlen-v-rot-i-pizdu.webp HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Thu, 07 Dec 2023 05:56:47 GMT
content-length: 0
location: https://davalka.cc/picture/Amerikanka-mychit-vo-vremia-anala-pered-kotorym-ona-poluchila-chlen-v-rot-i-pizdu.webp
cache-control: max-age=86400
expires: Thu, 07 Dec 2023 00:13:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbHLoq9X%2BxTo8MLk6EDGp7lpJgkhBruf9v94GZTosK%2BFdoSCDRTOfWbXKCZmPbP1vlL1ofLL27CQrQspltAw47sdbF6UwLYTF%2F3ZlqsjXAv%2FOEqDdWTJ2Kof%2Bw3L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 831a87039bbe5691-OSL
storage.multstorage.com/log/count.html
200 OK 390 B URL GET HTTP/2 storage.multstorage.com/log/count.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectmultstorage.com
Fingerprint1F:90:8C:BB:6B:B0:99:41:3A:23:DF:A4:57:1A:25:0F:88:BA:C6:DE
ValidityMon, 20 Nov 2023 10:07:51 GMT - Sun, 18 Feb 2024 10:07:50 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (700)
Hash b728ca9cd183d1b7c3f72116b19b22a3
c1fd73f6b02cf00b8bc60b09cc99495e8494b739
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 05:56:46 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: f06115e61e94e13f797ef8fe7b1125b8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8Gf3%2BnFwPnkUBFcu5G%2BeqML8wcdUF3mu5cnMjGO1ZVvY4y8KAQ3tkklvsAJ4T9WztdxdIPAF25VAcrgLDarx3zAsOiWueJEbJ7%2FujGlsZV49GYSk%2Ffn85%2FNMulqvKcBSW5qdk1ViEohvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831a86fcfc81b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
it.davalka.cc/picture/Grudastaia-shliukha-soset-stoiak-i-shpilitsia-s-macho.webp
301 Moved Permanently 0 B URL GET HTTP/3 it.davalka.cc/picture/Grudastaia-shliukha-soset-stoiak-i-shpilitsia-s-macho.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /picture/Grudastaia-shliukha-soset-stoiak-i-shpilitsia-s-macho.webp HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Thu, 07 Dec 2023 05:56:47 GMT
content-length: 0
location: https://davalka.cc/picture/Grudastaia-shliukha-soset-stoiak-i-shpilitsia-s-macho.webp
cache-control: max-age=86400
expires: Thu, 07 Dec 2023 06:09:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8GwiDyEoRwZPvd7JKoafAdrO7dLd0HUESFKklP6644Vqr%2BcdxjDzBKacaAooeseBuip195V1knjRaFUQyAD%2FEdqMe1dzo4MlqweLoJUZf2Rrrf%2FBJi5XLndQSzK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 831a8703bbd75691-OSL
it.davalka.cc/picture/Molodaia-briunetka-soblaznila-svoego-brata-i-otdalas-emu-v-gostinoi-na-divane.webp
301 Moved Permanently 0 B URL GET HTTP/3 it.davalka.cc/picture/Molodaia-briunetka-soblaznila-svoego-brata-i-otdalas-emu-v-gostinoi-na-divane.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /picture/Molodaia-briunetka-soblaznila-svoego-brata-i-otdalas-emu-v-gostinoi-na-divane.webp HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Thu, 07 Dec 2023 05:56:47 GMT
content-length: 0
location: https://davalka.cc/picture/Molodaia-briunetka-soblaznila-svoego-brata-i-otdalas-emu-v-gostinoi-na-divane.webp
cache-control: max-age=86400
expires: Thu, 07 Dec 2023 06:56:47 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQl9NYqu7Zrq8DVIKxrty2tGrWB3PCZIBN4UmvLFMASpAleEaKVlkKEWERpzXD9oqCurdtVswL4FFHETNY36BHQb98Q1oDGAUB5BjAmtACmQpd8Qksc9uNlbUQ0P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
server: cloudflare
cf-ray: 831a87034b9f5691-OSL
e311b20b12.c538aefec6.com/in/show/?tag_ab=b&site_id=31406844&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fit.davalka.cc%2F&refdom=it.davalka.cc&auction_time=1701928606&subid=787285550&sid=996071546&tcid=0&ver=8.121.0&ver_c=&spot_id=406844&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-12-07&iabcat=IAB25-3&keywords=adult&user_fp=12961408236061558084&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D787285550%26spot_id%3D406844%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fit.davalka.cc%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDMYxEGWUqREmTIsxZGSMaUFDxg0aLQzSsBGzTI4cMmyUtFEwhwiHc8SkIaNQxxYRN3DckIGjhlMYIro4HOOmaAwYM2A4DFNnDMarMmrYuAEjhowcTXMqlQGDxk8RQslgTEOnTJsvMd4atLPQhg0aMx3CqSNmYY0ZNWRshXNRhwwZNGLYAApHoo7IN2zUwIHDYRk8dL7MqYzRoJ43bsrg5Wzj7Zg2jZ3WMEtjKxkzCxvCdeNm4YyWOG5OFtHGjUeGNmbEqJ2x-PEYZGEMr5NXx0A6FufoePFiDpqNLsigXlMmz8EwbFyMedPmBR05ENf8iNODLBosOc4kgcGEhhg3abwlXhtz0RFeGHagt0YY6nk1VRiWbaGcVBnJ4ZUOMLgAQ1k31OCQGLjpEIMLZsWQww26jQHHXXBYOJELNCjloQhy2NFYDDOWoSKBIrrQoUN11BGgdWblYMNyMOAgwww2SIfjZkm65VAajYmQw4g5ZNgSiTVIKUIdYWDUxBt6pMEGG2G8UIOGIKBwRRpuiHfHHCA4QQUIV2m4AwhvuvHXnnj8CUKNIsKwJgwpgHCEjmu88QJbV5VVFghGpCFHGWa8gccLVx3q2oUiOPHEW2_I8cUYoIr6FhugFuGEgGXY8cWlbExUA4o4MInDhg7JcUZvjm2m20GyiiHHQpw5ROwXbbwhl2M4HKmsHG_45tAbRTHXoqZ5GNYrphihgR0c2nFH14EJsrFggy-8NUeNGFFLB4SltlAHgHS0MIMM4Y1xA6nv8qWDrkfmcOtYyoJ60Bdk-PsWHTxCVxZO0UpXURsyTESWiUw1ORaTts1axmhfQKjxxB1bLEKsJbOBEB1FSVgDhWGIYZkIB5nBFRsSCcbqQlqJMMZxMPShQEA%253D%26s%3D0f1201b11cbe0d41e063f8e7df20b0c0cc7302a0ba49f0664fa91684b3f116761701928606&icons=R331JYNPAalQCckFQMlgLVfoHa-yqCypDAdQ7qj8GBWauha4WLyBagQnntXvTAfGpmm-gsz-57m3-IDAIvS9w7uPhZPomLOEjdfzaN-EiOiTmk-xmH7fxMwShYkZs-bnYBaSviElAFPh5DslGdCgCDQj-1DKUnsWNJl0OZPsd-1zNixShw&ext_cid=0&pop_price=0.0014875&pop_ecpm=0.042358513979167074&px_id=406844&min_cpm=0.03674076252445351&out_id=1&campaign_type=lq-pop-ext&aid=2010&cid=10966&uniq=&mid=1025670129852687204&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.2935299970209542&cpm=0&verify_hash=8611812b3609bbe6383fb7341622bfd5&is_native=3&real_bid=1.2935299970209542&pop_real_cpm=1.4875&pop_real_bid=0.0012935299970209542&original_bid_usd=1.4875&original_bid=1.4875&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=130,5,27,129,108,0,4&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&site=native-push-adult&price=1.4875&hostname=auc-inpage-hz-3-a&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0014875&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=7e99ace8-1b53-4a7d-8c66-5257e3351c34
200 OK 0 B URL GET HTTP/2 e311b20b12.c538aefec6.com/in/show/?tag_ab=b&site_id=31406844&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fit.davalka.cc%2F&refdom=it.davalka.cc&auction_time=1701928606&subid=787285550&sid=996071546&tcid=0&ver=8.121.0&ver_c=&spot_id=406844&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-12-07&iabcat=IAB25-3&keywords=adult&user_fp=12961408236061558084&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D787285550%26spot_id%3D406844%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fit.davalka.cc%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDMYxEGWUqREmTIsxZGSMaUFDxg0aLQzSsBGzTI4cMmyUtFEwhwiHc8SkIaNQxxYRN3DckIGjhlMYIro4HOOmaAwYM2A4DFNnDMarMmrYuAEjhowcTXMqlQGDxk8RQslgTEOnTJsvMd4atLPQhg0aMx3CqSNmYY0ZNWRshXNRhwwZNGLYAApHoo7IN2zUwIHDYRk8dL7MqYzRoJ43bsrg5Wzj7Zg2jZ3WMEtjKxkzCxvCdeNm4YyWOG5OFtHGjUeGNmbEqJ2x-PEYZGEMr5NXx0A6FufoePFiDpqNLsigXlMmz8EwbFyMedPmBR05ENf8iNODLBosOc4kgcGEhhg3abwlXhtz0RFeGHagt0YY6nk1VRiWbaGcVBnJ4ZUOMLgAQ1k31OCQGLjpEIMLZsWQww26jQHHXXBYOJELNCjloQhy2NFYDDOWoSKBIrrQoUN11BGgdWblYMNyMOAgwww2SIfjZkm65VAajYmQw4g5ZNgSiTVIKUIdYWDUxBt6pMEGG2G8UIOGIKBwRRpuiHfHHCA4QQUIV2m4AwhvuvHXnnj8CUKNIsKwJgwpgHCEjmu88QJbV5VVFghGpCFHGWa8gccLVx3q2oUiOPHEW2_I8cUYoIr6FhugFuGEgGXY8cWlbExUA4o4MInDhg7JcUZvjm2m20GyiiHHQpw5ROwXbbwhl2M4HKmsHG_45tAbRTHXoqZ5GNYrphihgR0c2nFH14EJsrFggy-8NUeNGFFLB4SltlAHgHS0MIMM4Y1xA6nv8qWDrkfmcOtYyoJ60Bdk-PsWHTxCVxZO0UpXURsyTESWiUw1ORaTts1axmhfQKjxxB1bLEKsJbOBEB1FSVgDhWGIYZkIB5nBFRsSCcbqQlqJMMZxMPShQEA%253D%26s%3D0f1201b11cbe0d41e063f8e7df20b0c0cc7302a0ba49f0664fa91684b3f116761701928606&icons=R331JYNPAalQCckFQMlgLVfoHa-yqCypDAdQ7qj8GBWauha4WLyBagQnntXvTAfGpmm-gsz-57m3-IDAIvS9w7uPhZPomLOEjdfzaN-EiOiTmk-xmH7fxMwShYkZs-bnYBaSviElAFPh5DslGdCgCDQj-1DKUnsWNJl0OZPsd-1zNixShw&ext_cid=0&pop_price=0.0014875&pop_ecpm=0.042358513979167074&px_id=406844&min_cpm=0.03674076252445351&out_id=1&campaign_type=lq-pop-ext&aid=2010&cid=10966&uniq=&mid=1025670129852687204&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.2935299970209542&cpm=0&verify_hash=8611812b3609bbe6383fb7341622bfd5&is_native=3&real_bid=1.2935299970209542&pop_real_cpm=1.4875&pop_real_bid=0.0012935299970209542&original_bid_usd=1.4875&original_bid=1.4875&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=130,5,27,129,108,0,4&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&site=native-push-adult&price=1.4875&hostname=auc-inpage-hz-3-a&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0014875&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=7e99ace8-1b53-4a7d-8c66-5257e3351c34
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectc538aefec6.com
Fingerprint17:72:B7:6F:DB:E1:91:60:F7:C5:95:E5:02:44:3F:9C:21:D0:9A:60
ValidityMon, 04 Dec 2023 03:01:50 GMT - Sun, 03 Mar 2024 03:01:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /in/show/?tag_ab=b&site_id=31406844&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fit.davalka.cc%2F&refdom=it.davalka.cc&auction_time=1701928606&subid=787285550&sid=996071546&tcid=0&ver=8.121.0&ver_c=&spot_id=406844&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-12-07&iabcat=IAB25-3&keywords=adult&user_fp=12961408236061558084&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D787285550%26spot_id%3D406844%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fit.davalka.cc%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDMYxEGWUqREmTIsxZGSMaUFDxg0aLQzSsBGzTI4cMmyUtFEwhwiHc8SkIaNQxxYRN3DckIGjhlMYIro4HOOmaAwYM2A4DFNnDMarMmrYuAEjhowcTXMqlQGDxk8RQslgTEOnTJsvMd4atLPQhg0aMx3CqSNmYY0ZNWRshXNRhwwZNGLYAApHoo7IN2zUwIHDYRk8dL7MqYzRoJ43bsrg5Wzj7Zg2jZ3WMEtjKxkzCxvCdeNm4YyWOG5OFtHGjUeGNmbEqJ2x-PEYZGEMr5NXx0A6FufoePFiDpqNLsigXlMmz8EwbFyMedPmBR05ENf8iNODLBosOc4kgcGEhhg3abwlXhtz0RFeGHagt0YY6nk1VRiWbaGcVBnJ4ZUOMLgAQ1k31OCQGLjpEIMLZsWQww26jQHHXXBYOJELNCjloQhy2NFYDDOWoSKBIrrQoUN11BGgdWblYMNyMOAgwww2SIfjZkm65VAajYmQw4g5ZNgSiTVIKUIdYWDUxBt6pMEGG2G8UIOGIKBwRRpuiHfHHCA4QQUIV2m4AwhvuvHXnnj8CUKNIsKwJgwpgHCEjmu88QJbV5VVFghGpCFHGWa8gccLVx3q2oUiOPHEW2_I8cUYoIr6FhugFuGEgGXY8cWlbExUA4o4MInDhg7JcUZvjm2m20GyiiHHQpw5ROwXbbwhl2M4HKmsHG_45tAbRTHXoqZ5GNYrphihgR0c2nFH14EJsrFggy-8NUeNGFFLB4SltlAHgHS0MIMM4Y1xA6nv8qWDrkfmcOtYyoJ60Bdk-PsWHTxCVxZO0UpXURsyTESWiUw1ORaTts1axmhfQKjxxB1bLEKsJbOBEB1FSVgDhWGIYZkIB5nBFRsSCcbqQlqJMMZxMPShQEA%253D%26s%3D0f1201b11cbe0d41e063f8e7df20b0c0cc7302a0ba49f0664fa91684b3f116761701928606&icons=R331JYNPAalQCckFQMlgLVfoHa-yqCypDAdQ7qj8GBWauha4WLyBagQnntXvTAfGpmm-gsz-57m3-IDAIvS9w7uPhZPomLOEjdfzaN-EiOiTmk-xmH7fxMwShYkZs-bnYBaSviElAFPh5DslGdCgCDQj-1DKUnsWNJl0OZPsd-1zNixShw&ext_cid=0&pop_price=0.0014875&pop_ecpm=0.042358513979167074&px_id=406844&min_cpm=0.03674076252445351&out_id=1&campaign_type=lq-pop-ext&aid=2010&cid=10966&uniq=&mid=1025670129852687204&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.2935299970209542&cpm=0&verify_hash=8611812b3609bbe6383fb7341622bfd5&is_native=3&real_bid=1.2935299970209542&pop_real_cpm=1.4875&pop_real_bid=0.0012935299970209542&original_bid_usd=1.4875&original_bid=1.4875&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=130,5,27,129,108,0,4&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&site=native-push-adult&price=1.4875&hostname=auc-inpage-hz-3-a&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0014875&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=7e99ace8-1b53-4a7d-8c66-5257e3351c34 HTTP/1.1
Host: e311b20b12.c538aefec6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 07 Dec 2023 05:56:47 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
e311b20b12.c538aefec6.com/in/show/?tag_ab=b&site_id=31406844&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fit.davalka.cc%2F&refdom=it.davalka.cc&auction_time=1701928606&subid=787285550&sid=996071546&tcid=0&ver=8.121.0&ver_c=&spot_id=406844&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-12-07&iabcat=IAB25-3&keywords=adult&user_fp=12961408236061558084&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D787285550%26spot_id%3D406844%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fit.davalka.cc%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDMYxEGWUqREmTIsxZGSMaUFDxg0aLQzSsBGzTI4cMmyUtFEwhwiHc8SkIaNQxxYRN3DckIGjhlMYIro4HOOmaAwYM2A4DFNnDMarMmrYuAEjhowcTXMqlQGDxk8RQslgTEOnTJsvMd4atLPQhg0aMx3CqSNmYY0ZNWRshXNRhwwZNGLYAApHoo7IN2zUwIHDYRk8dL7MqYzRoJ43bsrg5Wzj7Zg2jZ3WMEtjKxkzCxvCdeNm4YyWOG5OFtHGjUeGNmbEqJ2x-PEYZGEMr5NXx0A6FufoePFiDpqNLsigXlMmz8EwbFyMedPmBR05ENf8iNODLBosOc4kgcGEhhg3abwlXhtz0RFeGHagt0YY6nk1VRiWbaGcVBnJ4ZUOMLgAQ1k31OCQGLjpEIMLZsWQww26jQHHXXBYOJELNCjloQhy2NFYDDOWoSKBIrrQoUN11BGgdWblYMNyMOAgwww2SIfjZkm65VAajYmQw4g5ZNgSiTVIKUIdYWDUxBt6pMEGG2G8UIOGIKBwRRpuiHfHHCA4QQUIV2m4AwhvuvHXnnj8CUKNIsKwJgwpgHCEjmu88QJbV5VVFghGpCFHGWa8gccLVx3q2oUiOPHEW2_I8cUYoIr6FhugFuGEgGXY8cWlbExUA4o4MInDhg7JcUZvjm2m20GyiiHHQpw5ROwXbbwhl2M4HKmsHG_45tAbRTHXoqZ5GNYrphihgR0c2nFH14EJsrFggy-8NUeNGFFLB4SltlAHgHS0MIMM4Y1xA6nv8qWDrkfmcOtYyoJ60Bdk-PsWHTxCVxZO0UpXURsyTESWiUw1ORaTts1axmhfQKjxxB1bLEKsJbOBEB1FSVgDhWGIYZkIB5nBFRsSCcbqQlqJMMZxMPShQEA%253D%26s%3D0f1201b11cbe0d41e063f8e7df20b0c0cc7302a0ba49f0664fa91684b3f116761701928606&icons=I3toXDdHsrs4I1L8bN5XUZu2w5eZqAmRjKjcsgy2K9iUl0NWQeUGYBQSJrsOAabHgafq_O-Clu8lfR0apLihnT12m7qcYF57FoKUlk1YaYTJBoNCXlzClX0rvUgsEsMCydbdApAJx__6WatLjgd7da3taJvZ_mDxsSpan4ThWXTw_1_VfQ&ext_cid=0&pop_price=0.0014875&pop_ecpm=0.042358513979167074&px_id=406844&min_cpm=0.03674076252445351&out_id=0&campaign_type=lq-pop-ext&aid=2010&cid=10966&uniq=&mid=1025670129852687204&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.2935299970209542&cpm=0&verify_hash=8611812b3609bbe6383fb7341622bfd5&is_native=3&real_bid=1.2935299970209542&pop_real_cpm=1.4875&pop_real_bid=0.0012935299970209542&original_bid_usd=1.4875&original_bid=1.4875&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,5,27,129,130,108,0&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&site=native-push-adult&price=1.4875&hostname=auc-inpage-hz-3-a&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0014875&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.02&cpa=8dff0a6e-4b79-43c0-bf2a-fc76549b018f
200 OK 0 B URL GET HTTP/2 e311b20b12.c538aefec6.com/in/show/?tag_ab=b&site_id=31406844&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fit.davalka.cc%2F&refdom=it.davalka.cc&auction_time=1701928606&subid=787285550&sid=996071546&tcid=0&ver=8.121.0&ver_c=&spot_id=406844&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-12-07&iabcat=IAB25-3&keywords=adult&user_fp=12961408236061558084&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D787285550%26spot_id%3D406844%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fit.davalka.cc%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDMYxEGWUqREmTIsxZGSMaUFDxg0aLQzSsBGzTI4cMmyUtFEwhwiHc8SkIaNQxxYRN3DckIGjhlMYIro4HOOmaAwYM2A4DFNnDMarMmrYuAEjhowcTXMqlQGDxk8RQslgTEOnTJsvMd4atLPQhg0aMx3CqSNmYY0ZNWRshXNRhwwZNGLYAApHoo7IN2zUwIHDYRk8dL7MqYzRoJ43bsrg5Wzj7Zg2jZ3WMEtjKxkzCxvCdeNm4YyWOG5OFtHGjUeGNmbEqJ2x-PEYZGEMr5NXx0A6FufoePFiDpqNLsigXlMmz8EwbFyMedPmBR05ENf8iNODLBosOc4kgcGEhhg3abwlXhtz0RFeGHagt0YY6nk1VRiWbaGcVBnJ4ZUOMLgAQ1k31OCQGLjpEIMLZsWQww26jQHHXXBYOJELNCjloQhy2NFYDDOWoSKBIrrQoUN11BGgdWblYMNyMOAgwww2SIfjZkm65VAajYmQw4g5ZNgSiTVIKUIdYWDUxBt6pMEGG2G8UIOGIKBwRRpuiHfHHCA4QQUIV2m4AwhvuvHXnnj8CUKNIsKwJgwpgHCEjmu88QJbV5VVFghGpCFHGWa8gccLVx3q2oUiOPHEW2_I8cUYoIr6FhugFuGEgGXY8cWlbExUA4o4MInDhg7JcUZvjm2m20GyiiHHQpw5ROwXbbwhl2M4HKmsHG_45tAbRTHXoqZ5GNYrphihgR0c2nFH14EJsrFggy-8NUeNGFFLB4SltlAHgHS0MIMM4Y1xA6nv8qWDrkfmcOtYyoJ60Bdk-PsWHTxCVxZO0UpXURsyTESWiUw1ORaTts1axmhfQKjxxB1bLEKsJbOBEB1FSVgDhWGIYZkIB5nBFRsSCcbqQlqJMMZxMPShQEA%253D%26s%3D0f1201b11cbe0d41e063f8e7df20b0c0cc7302a0ba49f0664fa91684b3f116761701928606&icons=I3toXDdHsrs4I1L8bN5XUZu2w5eZqAmRjKjcsgy2K9iUl0NWQeUGYBQSJrsOAabHgafq_O-Clu8lfR0apLihnT12m7qcYF57FoKUlk1YaYTJBoNCXlzClX0rvUgsEsMCydbdApAJx__6WatLjgd7da3taJvZ_mDxsSpan4ThWXTw_1_VfQ&ext_cid=0&pop_price=0.0014875&pop_ecpm=0.042358513979167074&px_id=406844&min_cpm=0.03674076252445351&out_id=0&campaign_type=lq-pop-ext&aid=2010&cid=10966&uniq=&mid=1025670129852687204&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.2935299970209542&cpm=0&verify_hash=8611812b3609bbe6383fb7341622bfd5&is_native=3&real_bid=1.2935299970209542&pop_real_cpm=1.4875&pop_real_bid=0.0012935299970209542&original_bid_usd=1.4875&original_bid=1.4875&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,5,27,129,130,108,0&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&site=native-push-adult&price=1.4875&hostname=auc-inpage-hz-3-a&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0014875&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.02&cpa=8dff0a6e-4b79-43c0-bf2a-fc76549b018f
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectc538aefec6.com
Fingerprint17:72:B7:6F:DB:E1:91:60:F7:C5:95:E5:02:44:3F:9C:21:D0:9A:60
ValidityMon, 04 Dec 2023 03:01:50 GMT - Sun, 03 Mar 2024 03:01:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /in/show/?tag_ab=b&site_id=31406844&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fit.davalka.cc%2F&refdom=it.davalka.cc&auction_time=1701928606&subid=787285550&sid=996071546&tcid=0&ver=8.121.0&ver_c=&spot_id=406844&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2023-12-07&iabcat=IAB25-3&keywords=adult&user_fp=12961408236061558084&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D787285550%26spot_id%3D406844%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fit.davalka.cc%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDMYxEGWUqREmTIsxZGSMaUFDxg0aLQzSsBGzTI4cMmyUtFEwhwiHc8SkIaNQxxYRN3DckIGjhlMYIro4HOOmaAwYM2A4DFNnDMarMmrYuAEjhowcTXMqlQGDxk8RQslgTEOnTJsvMd4atLPQhg0aMx3CqSNmYY0ZNWRshXNRhwwZNGLYAApHoo7IN2zUwIHDYRk8dL7MqYzRoJ43bsrg5Wzj7Zg2jZ3WMEtjKxkzCxvCdeNm4YyWOG5OFtHGjUeGNmbEqJ2x-PEYZGEMr5NXx0A6FufoePFiDpqNLsigXlMmz8EwbFyMedPmBR05ENf8iNODLBosOc4kgcGEhhg3abwlXhtz0RFeGHagt0YY6nk1VRiWbaGcVBnJ4ZUOMLgAQ1k31OCQGLjpEIMLZsWQww26jQHHXXBYOJELNCjloQhy2NFYDDOWoSKBIrrQoUN11BGgdWblYMNyMOAgwww2SIfjZkm65VAajYmQw4g5ZNgSiTVIKUIdYWDUxBt6pMEGG2G8UIOGIKBwRRpuiHfHHCA4QQUIV2m4AwhvuvHXnnj8CUKNIsKwJgwpgHCEjmu88QJbV5VVFghGpCFHGWa8gccLVx3q2oUiOPHEW2_I8cUYoIr6FhugFuGEgGXY8cWlbExUA4o4MInDhg7JcUZvjm2m20GyiiHHQpw5ROwXbbwhl2M4HKmsHG_45tAbRTHXoqZ5GNYrphihgR0c2nFH14EJsrFggy-8NUeNGFFLB4SltlAHgHS0MIMM4Y1xA6nv8qWDrkfmcOtYyoJ60Bdk-PsWHTxCVxZO0UpXURsyTESWiUw1ORaTts1axmhfQKjxxB1bLEKsJbOBEB1FSVgDhWGIYZkIB5nBFRsSCcbqQlqJMMZxMPShQEA%253D%26s%3D0f1201b11cbe0d41e063f8e7df20b0c0cc7302a0ba49f0664fa91684b3f116761701928606&icons=I3toXDdHsrs4I1L8bN5XUZu2w5eZqAmRjKjcsgy2K9iUl0NWQeUGYBQSJrsOAabHgafq_O-Clu8lfR0apLihnT12m7qcYF57FoKUlk1YaYTJBoNCXlzClX0rvUgsEsMCydbdApAJx__6WatLjgd7da3taJvZ_mDxsSpan4ThWXTw_1_VfQ&ext_cid=0&pop_price=0.0014875&pop_ecpm=0.042358513979167074&px_id=406844&min_cpm=0.03674076252445351&out_id=0&campaign_type=lq-pop-ext&aid=2010&cid=10966&uniq=&mid=1025670129852687204&skin_id=2&vertical_id=0&skin_test=0&from_cache=0&ecpm=1.2935299970209542&cpm=0&verify_hash=8611812b3609bbe6383fb7341622bfd5&is_native=3&real_bid=1.2935299970209542&pop_real_cpm=1.4875&pop_real_bid=0.0012935299970209542&original_bid_usd=1.4875&original_bid=1.4875&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=4,5,27,129,130,108,0&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&site=native-push-adult&price=1.4875&hostname=auc-inpage-hz-3-a&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0014875&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.02&cpa=8dff0a6e-4b79-43c0-bf2a-fc76549b018f HTTP/1.1
Host: e311b20b12.c538aefec6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 07 Dec 2023 05:56:47 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
davalka.cc/picture/Poka-muzha-net-doma--briunetka-vyzvala-na-dom-massazhista-i-sovratila-ego-na-analnyi-seks.webp
200 OK 11 kB URL GET HTTP/3 davalka.cc/picture/Poka-muzha-net-doma--briunetka-vyzvala-na-dom-massazhista-i-sovratila-ego-na-analnyi-seks.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x253, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6741a6dfe62a9392bfbeb766973d1b55
4305c662e419f3334f3a623dfed6251564f1879f
095b7013968c2394c5f5a3342636c06cc39d25812070b64cd658d8e6e9508d1d
GET /picture/Poka-muzha-net-doma--briunetka-vyzvala-na-dom-massazhista-i-sovratila-ego-na-analnyi-seks.webp HTTP/1.1
Host: davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.davalka.cc/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 10874
last-modified: Sat, 03 Jun 2023 09:06:38 GMT
etag: "647b029e-2a7a"
cache-control: max-age=86400
cf-cache-status: HIT
age: 922721
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOotMG%2FPgYK%2Bu9y2WwdhX%2FKwt1bdx8crsgdl67%2B%2BJRIwmCpSmTL3HcycUVzj28jVKy4GzA7Hr6p%2FTYY2ArX88HwoJLOGrC%2BwwChr5klTAQzSAWPAMDbC%2BONNyNtO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a87053c805691-OSL
alt-svc: h3=":443"; ma=86400
davalka.cc/picture/Molodozheny-zapisyvaiut-khoum-video-v-gorakh.webp
200 OK 21 kB URL GET HTTP/3 davalka.cc/picture/Molodozheny-zapisyvaiut-khoum-video-v-gorakh.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x253, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 895b03b20d5f17ca99615bc2e3cd1194
4c683ad95f618e134a14e37c2ac3de19c8950789
5598f2a78426977957e88cadf02e77165f09eaaa8b7863baa6beee23f86b532f
GET /picture/Molodozheny-zapisyvaiut-khoum-video-v-gorakh.webp HTTP/1.1
Host: davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.davalka.cc/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 20952
last-modified: Sat, 03 Jun 2023 09:01:34 GMT
etag: "647b016e-51d8"
cache-control: max-age=86400
cf-cache-status: HIT
age: 1111220
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vBVNBybEosdNX6TpPxRuXUr%2B3iitysVIzmjdoeNxPVc4fBcurQbi9uxJ7WucfCCcZSdBNcjXggSa4t1p6YS7f9qQh7eFTuTs2YMz7i7Ybu8pgxRIX99PHW5JEXp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a87053c7d5691-OSL
alt-svc: h3=":443"; ma=86400
davalka.cc/picture/Aziat-podobral-pianu-vypusknitsu-s-lavochki-i-doma-vzial-s-nee-platu-naturoi.webp
200 OK 5.9 kB URL GET HTTP/3 davalka.cc/picture/Aziat-podobral-pianu-vypusknitsu-s-lavochki-i-doma-vzial-s-nee-platu-naturoi.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x252, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a79607f70b8530280146edc216576d18
ae961f63a891964d1c322380f03ba90193217e6b
097194e66c7452a5e2f91f7cc84ce0086635ac5d4657b3da79d4fbd3c1d02560
GET /picture/Aziat-podobral-pianu-vypusknitsu-s-lavochki-i-doma-vzial-s-nee-platu-naturoi.webp HTTP/1.1
Host: davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.davalka.cc/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 5946
last-modified: Sat, 03 Jun 2023 08:50:08 GMT
etag: "647afec0-173a"
cache-control: max-age=86400
cf-cache-status: HIT
age: 467434
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xD35W86CUPwTlVU1aD%2Bh%2BicIdGzqIIIS5ml97VrGmGWw0qnc8ithxoz3M480nSv6PWl9%2BH0ekC%2FMD2wRlF%2Fxl5rTv9vuA%2BY2xuzkUQsAkOu0M3t6Ww9mz%2F6SwTEa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a87053c7b5691-OSL
alt-svc: h3=":443"; ma=86400
davalka.cc/picture/Znatok-kamasutry-otodral-glamurnuiu-milashku-v-raznykh-pozakh.webp
200 OK 6.3 kB URL GET HTTP/3 davalka.cc/picture/Znatok-kamasutry-otodral-glamurnuiu-milashku-v-raznykh-pozakh.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x253, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6125079eb2ce96c4713fd70125a005e1
210ebaefc4ac370ee240ab941fcfeea191757433
fb3c1e07ec696fa71ef73dc3889e37bbad129eed559c7022e0ea551a4a48c447
GET /picture/Znatok-kamasutry-otodral-glamurnuiu-milashku-v-raznykh-pozakh.webp HTTP/1.1
Host: davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.davalka.cc/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 6256
last-modified: Sat, 03 Jun 2023 09:28:39 GMT
etag: "647b07c7-1870"
cache-control: max-age=86400
cf-cache-status: HIT
age: 928579
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8iK7l1V6tnoQr8pPinHclgnil2i4gHtgqO48Z3jim9%2FtlCJ8gIKG26yQHjk677Ns8Rwhkoj2GC1C%2BB1xoNCNjupr6qcKCKSqEWN7nqeQRfFPDWAwtqgA8%2Bw2yDR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a87053c775691-OSL
alt-svc: h3=":443"; ma=86400
davalka.cc/picture/Blondinka-spalila-druga-za-drochkoi-na-svoi-chastnye-zapisi-i-vospolzovalas-im.webp
200 OK 10 kB URL GET HTTP/3 davalka.cc/picture/Blondinka-spalila-druga-za-drochkoi-na-svoi-chastnye-zapisi-i-vospolzovalas-im.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x253, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 81baaddb0c8576f79fe7d513308a4303
439ecb8ed3327da7d31b770b2898a439ea91e80a
3882cac6b639bb57cf4e500b21e576aca52466294d01d7c4bb6687e6410b25d0
GET /picture/Blondinka-spalila-druga-za-drochkoi-na-svoi-chastnye-zapisi-i-vospolzovalas-im.webp HTTP/1.1
Host: davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.davalka.cc/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 10430
last-modified: Sat, 03 Jun 2023 08:50:29 GMT
etag: "647afed5-28be"
cache-control: max-age=86400
cf-cache-status: HIT
age: 990221
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HM%2FLzae5VWRF%2BsdzY4xdXQZ%2BNnJKp0JpcEP5QDlps8gIgIPWB9DhNRycsQN5vagVek0WI3Gnkxe3ag5rtvPxlMuxeDA9cSe%2FT7YDmiHcVp6IkWf8HZ5hxYD%2FWt7T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a87053c825691-OSL
alt-svc: h3=":443"; ma=86400
davalka.cc/picture/Domashnii-seks-s-russkoi-podruzhkoi-ot-pervogo-litsa.webp
200 OK 14 kB URL GET HTTP/3 davalka.cc/picture/Domashnii-seks-s-russkoi-podruzhkoi-ot-pervogo-litsa.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x253, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a26e1d285bf72887b794c57d46bc6ee1
5d78f796a8c58e781f958e1a5ffeeb4e49ddbbf5
a779768598f135972f158e7e6b0960611c4f3c73b947e019ec84ad9799ea248b
GET /picture/Domashnii-seks-s-russkoi-podruzhkoi-ot-pervogo-litsa.webp HTTP/1.1
Host: davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.davalka.cc/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 13938
last-modified: Sat, 03 Jun 2023 08:52:18 GMT
etag: "647aff42-3672"
cache-control: max-age=86400
cf-cache-status: HIT
age: 758248
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZdlSpxfdsu9v90z3w%2B2jF3rTxkN2fU5FZ86HBoVKNMSXMe8LGvRFnqn9UN97t2mmMHtk9%2BKC0piBmC%2BX%2BNOGja67FsTXvIKgAOUxUCKVOUSsLpjuzlyZAQCk3Wp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a87053c785691-OSL
alt-svc: h3=":443"; ma=86400
davalka.cc/picture/Goriachaia-ukrainka-ublazhila-diadiu-Vudmana-i-pro-ego-druzei-ne-zabyla.webp
200 OK 10 kB URL GET HTTP/3 davalka.cc/picture/Goriachaia-ukrainka-ublazhila-diadiu-Vudmana-i-pro-ego-druzei-ne-zabyla.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x253, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dd712bcd780663a9e0ca0a6d42e002e8
82c3d4e2648fc0aaf8c40d2b238faf15fff10dbb
248b0e3f0338bfff62a1d69d0141cc3664f3e5cc6cc1b6fdf403ef4beb01890f
GET /picture/Goriachaia-ukrainka-ublazhila-diadiu-Vudmana-i-pro-ego-druzei-ne-zabyla.webp HTTP/1.1
Host: davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.davalka.cc/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 10394
last-modified: Sat, 03 Jun 2023 08:53:27 GMT
etag: "647aff87-289a"
cache-control: max-age=86400
cf-cache-status: HIT
age: 1083773
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QZ4HbgtoY%2FQboFHMSvdqMW8b11GMtwK14%2BEto3Kq11oLEgW19ClkH8oZ0wcxYDu0xx6QyT4wrazFjTQKe%2BjxhP5u%2BKkHkBOsyzwzkl6GONXIgqbT0DyOmP%2BEOff"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a87053c795691-OSL
alt-svc: h3=":443"; ma=86400
davalka.cc/picture/Kunimen-otlizal-kisku-vozliublennoi-i-trakhnul-perevozbuzhdennym-chlenom.webp
200 OK 13 kB URL GET HTTP/3 davalka.cc/picture/Kunimen-otlizal-kisku-vozliublennoi-i-trakhnul-perevozbuzhdennym-chlenom.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x253, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fe176da3514a4296f0e4026069b327dc
f68d4dad27ebb21055703c5051aeebf67d81bb8b
2fe9716b0dd7d788b89c7d3d8a9d19f0974d93a288f7e10b9aebe4b1cf6b9360
GET /picture/Kunimen-otlizal-kisku-vozliublennoi-i-trakhnul-perevozbuzhdennym-chlenom.webp HTTP/1.1
Host: davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.davalka.cc/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 13246
last-modified: Sat, 03 Jun 2023 08:56:51 GMT
etag: "647b0053-33be"
cache-control: max-age=86400
cf-cache-status: HIT
age: 286906
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PRIGskVMmttjNcG2cB%2BbrqmjMxF2WzxhmNRRxc1ne%2BNM5RJog7Bzb0igRz8%2Fi0sWZ%2FPMojv%2BUC7Vw0R6pwwnTzMVlq3LJbMDKbPrX5ZkUjmdve0Bv6WmYr5ewCy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a87053c885691-OSL
alt-svc: h3=":443"; ma=86400
davalka.cc/picture/Amerikanka-mychit-vo-vremia-anala-pered-kotorym-ona-poluchila-chlen-v-rot-i-pizdu.webp
200 OK 9.7 kB URL GET HTTP/3 davalka.cc/picture/Amerikanka-mychit-vo-vremia-anala-pered-kotorym-ona-poluchila-chlen-v-rot-i-pizdu.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x253, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7ae902d3145b2493d6f4b34c5de3377c
c7972d749f12377da3b49111825fe766fd551dec
09e647793a42d8b87b91db0101b6a318975e9c6920b01a46cbddfac6d1a959de
GET /picture/Amerikanka-mychit-vo-vremia-anala-pered-kotorym-ona-poluchila-chlen-v-rot-i-pizdu.webp HTTP/1.1
Host: davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.davalka.cc/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 9738
last-modified: Sat, 03 Jun 2023 08:49:49 GMT
etag: "647afead-260a"
cache-control: max-age=86400
cf-cache-status: HIT
age: 286906
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fnk61fpjGwIDLmXFTgrwRzqRAZ3ghWHzDqsrVhU9%2BQka4iatQyqP233aS9t2m%2BS4XMNqV3sKBdvEJn9W7eXKpf7QvgdMdePLtvIig7mSyuTVOqolBHxvbBLuOAEu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a87053c8a5691-OSL
alt-svc: h3=":443"; ma=86400
davalka.cc/picture/Ebet-moloduiu-blondinku-v-ochkakh-ot-pervogo-litsa.webp
200 OK 7.3 kB URL GET HTTP/3 davalka.cc/picture/Ebet-moloduiu-blondinku-v-ochkakh-ot-pervogo-litsa.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x253, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bc80aeae4848589680cd521f65ce3a2a
c12984db5dbf4c6470ada2a621f0ca04eb604b1c
1b6321a6ccc8820d6473d26a66c3b83cc148b0062de7f6f737c7190c65da523b
GET /picture/Ebet-moloduiu-blondinku-v-ochkakh-ot-pervogo-litsa.webp HTTP/1.1
Host: davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.davalka.cc/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 7328
last-modified: Sat, 03 Jun 2023 08:52:51 GMT
etag: "647aff63-1ca0"
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0paOgTeBgWoJ7YTWUpyV6KAzyD9DIyn06maBOdXJBweAmTBm8dYfuH5Ptx9%2BCtQTNYkO5tCLbtHxU1q67Ahn0BA4t8rFdf7IIAZ4wv3PbvH6ahrTDnWq%2F5PZwVx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a87053c845691-OSL
alt-svc: h3=":443"; ma=86400
davalka.cc/picture/Klubnaia-davalka-prodala-zhopu-na-otieeb-izvratu-v-leginsakh.webp
200 OK 14 kB URL GET HTTP/3 davalka.cc/picture/Klubnaia-davalka-prodala-zhopu-na-otieeb-izvratu-v-leginsakh.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x253, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 95f6120abd4c73ee802afaba91943d9a
e11cf54032b8766bd2d53ad422d9a1b3d97dab2c
3c8ae3cf2400ea404cfba59a055efbb569d7bded2c23302340c08690be0882b5
GET /picture/Klubnaia-davalka-prodala-zhopu-na-otieeb-izvratu-v-leginsakh.webp HTTP/1.1
Host: davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.davalka.cc/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 14434
last-modified: Sat, 03 Jun 2023 08:55:05 GMT
etag: "647affe9-3862"
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fso%2BvqmqqCuq69U%2FdHqY39%2FK2x75%2B7NAvwae0eMRaQNdTpCA0UHWPNVbilHY%2FDj0kkci6Y%2Bb9515wxTFvw6nCBql6KiqegGVpH86gbhrQfTAyl%2FPz2VnMDG9niqC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a87053c8b5691-OSL
alt-svc: h3=":443"; ma=86400
davalka.cc/picture/Molodaia-briunetka-soblaznila-svoego-brata-i-otdalas-emu-v-gostinoi-na-divane.webp
200 OK 8.0 kB URL GET HTTP/3 davalka.cc/picture/Molodaia-briunetka-soblaznila-svoego-brata-i-otdalas-emu-v-gostinoi-na-divane.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x253, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 680353f2dfad53bbfff87bfe1ec124d7
11f658bbce4232ed987caf29330da94593683e46
cae3a76feca0c743f5385dd32832a5906cde1d68b023f2b96ebfb673cabbb444
GET /picture/Molodaia-briunetka-soblaznila-svoego-brata-i-otdalas-emu-v-gostinoi-na-divane.webp HTTP/1.1
Host: davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.davalka.cc/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 7988
last-modified: Sat, 03 Jun 2023 09:01:12 GMT
etag: "647b0158-1f34"
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcwbdTcfUwFVIuDo7bKd4jCDuYX3RD0cR3qH3S2JmXZyOBoabJgo2jRF5olDxAUhTyQheNq0ltD4%2F%2B6ocdNFJUgz2NQMqk7GBLNjRsi8Fr5IKecc0uchsK2PH8EI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a87053c8d5691-OSL
alt-svc: h3=":443"; ma=86400
davalka.cc/picture/Khudoshchavaia-belosnezhka-otomstila-nevernomu-muzhu-s-chernym-ochkarikom.webp
200 OK 8.8 kB URL GET HTTP/3 davalka.cc/picture/Khudoshchavaia-belosnezhka-otomstila-nevernomu-muzhu-s-chernym-ochkarikom.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x253, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0b073b06926be8fae18d642f1e132e9a
26acbde81e1a73a9e6c652507dbfe218bb7c19ec
450dceb1332edecd533d8a9b5224a4688384b06a39bb51cad1c42acd9fa012d0
GET /picture/Khudoshchavaia-belosnezhka-otomstila-nevernomu-muzhu-s-chernym-ochkarikom.webp HTTP/1.1
Host: davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.davalka.cc/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 8758
last-modified: Sat, 03 Jun 2023 08:54:53 GMT
etag: "647affdd-2236"
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6y1FFwztENhf7Xdf%2B0ONGS3WimEhJT2Z5xNpLCRrH0ASCFUWDkTH5spFBRF7wp86fn0U8uIJORRlJomR2L7qMz8FlIbulfwiCROFDRPmOPh3h%2FxytWSBAtbo9Z67"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a87053c7f5691-OSL
alt-svc: h3=":443"; ma=86400
davalka.cc/picture/Grudastaia-shliukha-soset-stoiak-i-shpilitsia-s-macho.webp
200 OK 4.2 kB URL GET HTTP/3 davalka.cc/picture/Grudastaia-shliukha-soset-stoiak-i-shpilitsia-s-macho.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x253, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 60659d1eb6c9b4848542d9e80fd49abe
9ef32a357d9a7a78d01e6bb11a8d6ce8ea457e41
11c72849d23ecc17b07ae09674c6053d8ffb10e2223ba3bd47150870deccddd7
GET /picture/Grudastaia-shliukha-soset-stoiak-i-shpilitsia-s-macho.webp HTTP/1.1
Host: davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.davalka.cc/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 4158
last-modified: Sat, 03 Jun 2023 08:53:43 GMT
etag: "647aff97-103e"
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8VfcA%2FgaCEPRQiY3iQDSjdjQWkfVPzne2aH3xgEO%2Bx9JNSDvHlH4VCxvkkTy6Bf2ZX00wephnN5eL%2Fi0NzrIvtslXZjcCys6yu7WLno61HvktD8Z8HuoZHfQ%2Bpe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a87053c8c5691-OSL
alt-svc: h3=":443"; ma=86400
davalka.cc/picture/Vozbuzhdennaia-aziatskaia-milashka-poziruet-i-drochit-svoiu-shchelku.webp
200 OK 5.4 kB URL GET HTTP/3 davalka.cc/picture/Vozbuzhdennaia-aziatskaia-milashka-poziruet-i-drochit-svoiu-shchelku.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 424x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d8be6689c9aab5a581cc5d6f4dabc6b0
b839c623a5a2ae6304085290710f229402dcc43c
62772ba865fe5e17320e96d35c5fba1ad15b86d605516e0c0dfc0dea44d108be
GET /picture/Vozbuzhdennaia-aziatskaia-milashka-poziruet-i-drochit-svoiu-shchelku.webp HTTP/1.1
Host: davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.davalka.cc/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 5444
last-modified: Sat, 03 Jun 2023 09:25:42 GMT
etag: "647b0716-1544"
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsohhRh5m8v7aCHjAxbmhwMwjaizQA04DqXIDjAZjbiX3zUnWW7U8C%2BIVVtlqNBrC%2BIdPGcAHXYendRbMHxfQX92W22DcwEvpsPtr544KUdCnNNffm4ZyhMl5G3s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a87053c875691-OSL
alt-svc: h3=":443"; ma=86400
davalka.cc/picture/Skinuv-oblegaiushchee-korotkoe-plate--sisiastaia-suchka-sdelala-glubokii-minet-i-nasadilas-na-chlen.webp
200 OK 11 kB URL GET HTTP/3 davalka.cc/picture/Skinuv-oblegaiushchee-korotkoe-plate--sisiastaia-suchka-sdelala-glubokii-minet-i-nasadilas-na-chlen.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x253, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0acc619856aec33403ba3e78a0717333
3cb7d0581ae4973e290616f0d62e03efc64c0bf5
229caca43261d65f1ad4b34e27adc331dca165aea264204bc17b7724e898a386
GET /picture/Skinuv-oblegaiushchee-korotkoe-plate--sisiastaia-suchka-sdelala-glubokii-minet-i-nasadilas-na-chlen.webp HTTP/1.1
Host: davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://it.davalka.cc/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 10558
last-modified: Sat, 03 Jun 2023 09:18:02 GMT
etag: "647b054a-293e"
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHUpRC4q%2FJZNVIpU63%2BDsGIBDKhYrJl9hlxPYUBosDOSefGJzW%2FU%2F4gG9ZngKpgzTtbSghB6IISh3lNimfn3nLL3rsQGXX%2FjftBKVInRRgdReqEUkSxysdUB5iBy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a87053c7a5691-OSL
alt-svc: h3=":443"; ma=86400
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=af8b74a4-7295-4f17-92c3-dc893e1bf498
200 OK 590 B URL GET HTTP/2 static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=af8b74a4-7295-4f17-92c3-dc893e1bf498
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectbookmsg.com
Fingerprint84:FF:B2:EC:22:57:12:AF:98:D1:21:28:6D:29:74:88:74:C2:08:C4
ValiditySat, 11 Nov 2023 01:54:54 GMT - Fri, 09 Feb 2024 01:54:53 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579
GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&mlc=1&st=0.02&cpa=af8b74a4-7295-4f17-92c3-dc893e1bf498 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 590
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
etag: "5fbd178c-24e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.02&cpa=274a5f29-20ee-4545-909e-4a5692183026
200 OK 590 B URL GET HTTP/2 static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.02&cpa=274a5f29-20ee-4545-909e-4a5692183026
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectbookmsg.com
Fingerprint84:FF:B2:EC:22:57:12:AF:98:D1:21:28:6D:29:74:88:74:C2:08:C4
ValiditySat, 11 Nov 2023 01:54:54 GMT - Fri, 09 Feb 2024 01:54:53 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579
GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=default-view-t_r-body&mlf=1&st=0.02&cpa=274a5f29-20ee-4545-909e-4a5692183026 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 590
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
etag: "5fbd178c-24e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
200 OK 590 B URL GET HTTP/2 static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectbookmsg.com
Fingerprint84:FF:B2:EC:22:57:12:AF:98:D1:21:28:6D:29:74:88:74:C2:08:C4
ValiditySat, 11 Nov 2023 01:54:54 GMT - Fri, 09 Feb 2024 01:54:53 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579
GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 590
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
etag: "5fbd178c-24e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
200 OK 590 B URL GET HTTP/2 static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectbookmsg.com
Fingerprint84:FF:B2:EC:22:57:12:AF:98:D1:21:28:6D:29:74:88:74:C2:08:C4
ValiditySat, 11 Nov 2023 01:54:54 GMT - Fri, 09 Feb 2024 01:54:53 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash debce753f1ce6652c1637491fd72b1b1
fd102eb3f058f7a43b0f9ec03541681699f5895e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579
GET /creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/webp
content-length: 590
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
etag: "5fbd178c-24e"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.1qy.info/banners/tZ/Nw/tZNwO7Ly1ST1IAMvfw3m.gif
200 OK 62 kB URL GET HTTP/2 cdn.1qy.info/banners/tZ/Nw/tZNwO7Ly1ST1IAMvfw3m.gif
IP
Certificate IssuerLet's Encrypt
Subject1qy.info
Fingerprint8B:D1:0B:00:D4:4C:E6:B2:11:BC:0A:9B:2F:9A:FC:4B:7E:9A:52:08
ValiditySun, 03 Dec 2023 12:16:52 GMT - Sat, 02 Mar 2024 12:16:51 GMT
File type GIF image data, version 89a, 300 x 300\012- data
Hash f31db9b2018513774e25d114cea2ec38
8363fe737850a9ce1d4f4d203b6e14a0366cd4a6
71351895de2940632adf0499176d4cebcdb25eaca7e689e2b0e1a424233a8f03
GET /banners/tZ/Nw/tZNwO7Ly1ST1IAMvfw3m.gif HTTP/1.1
Host: cdn.1qy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/gif
content-length: 62197
last-modified: Tue, 21 Jan 2020 13:32:34 GMT
etag: "5e26fd72-f2f5"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46qPXYGl29VZKt%2FY7Jwl1eFYJGy6VrYhRaKO8UFEPEQZlX3VCZ7Bn%2F%2FGzQUJCr1LhjheQVlvdGnSymhVRzaj%2BkXnRl7RkcFcZyuMzZle23Itu%2BNWeqFuZjqkelb5qi8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a8705bd9fb4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
9797eebeee.f029332141.com/59729580b249e8fcf1fd13a8bf2f5442.js
200 OK 154 kB URL GET HTTP/2 9797eebeee.f029332141.com/59729580b249e8fcf1fd13a8bf2f5442.js
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subject9797eebeee.f029332141.com
Fingerprint9D:B9:A1:BF:03:55:A8:63:E1:97:8B:A5:CD:B2:DF:C9:18:96:7B:9D
ValidityMon, 04 Dec 2023 02:20:35 GMT - Sun, 03 Mar 2024 02:20:34 GMT
File type gzip compressed data, from Unix\012- data
Size 154 kB (154516 bytes)
Hash ee64ca8d87fbea7c420514220a35971d
ea0323f4518b1214fca3a27cf1fadd870eeccbc8
69b03ff72c5ecb3b40736b2f0e5cb3c0ce643c86a58fd27d9389321fce46de0e
GET /59729580b249e8fcf1fd13a8bf2f5442.js HTTP/1.1
Host: 9797eebeee.f029332141.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 07 Dec 2023 05:56:46 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 30 Nov 2023 09:44:58 GMT
etag: W/"6568599a-8746e"
content-encoding: gzip
expires: Thu, 07 Dec 2023 06:01:46 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
69v.club/dear_code/9187/goclick?t=every_sec&c=&ref=
0 B URL GET 69v.club/dear_code/9187/goclick?t=every_sec&c=&ref=
IP
Certificate IssuerGoogle Trust Services LLC
Subject69v.club
FingerprintD4:6F:69:B4:34:78:A0:6F:CD:F2:4B:6F:3E:72:29:CD:E4:1B:DB:C6
ValidityWed, 06 Dec 2023 11:55:09 GMT - Tue, 05 Mar 2024 11:55:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dear_code/9187/goclick?t=every_sec&c=&ref= HTTP/1.1
Host: 69v.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
expires: Thu, 07 Dec 2023 05:56:46 GMT
cache-control: no-cache
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ny5ZGHV8bsJGKRy2soWdZR2fzB5ZwI%2FRFLMITR7EMX%2BZ%2FC4nPvzZB6YT%2FwpecgqRtEDx1EKDszNGnBDAtZ9tMltwIAWcFsHaSfMsAVzdf4C9wMUhoS0ofDbpjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831a870228f0b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
it.davalka.cc/templates/davalka/js/lazyload.js
200 OK 2.4 kB URL GET HTTP/3 it.davalka.cc/templates/davalka/js/lazyload.js
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type ASCII text, with very long lines (2442), with no line terminators
Hash 4ec8e7e4098d9d58e515d3625d1ee9d0
90c3e11bb15fca656e0deebd03900b9cf778c87a
b05aa209e18dada2aa0ee7b8ffa5d31fd2c1f1527a8da88f21ebbeb7ec304d88
GET /templates/davalka/js/lazyload.js HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:45 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2431
etag: W/"5f2c126c-97f"
last-modified: Thu, 06 Aug 2020 14:23:40 GMT
vary: Accept-Encoding
cache-control: max-age=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLAUOAtf4I0SlerIYVMiZUuHPmVYra0FhfcIlitgqYOSHuhR%2BQ8g%2Bb4WGIuFZjj1pfb%2FJJWxmp0DksRIJDp7bZi2HaL10lYDxwFRcYiCytfdm9QbVe%2FMUfp4u%2Fy%2B7s7d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831a86f88dfb5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
it.davalka.cc/engine/classes/min/index.php?charset=utf-8&g=general&19
200 OK 208 kB URL GET HTTP/3 it.davalka.cc/engine/classes/min/index.php?charset=utf-8&g=general&19
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 208 kB (208336 bytes)
Hash f773d15da634656a9368777eeb343f8a
2473c03f7c1505b01faece9e7d8b94a193ecd7df
9a68b32711c579b23cb31e8b5e605bde66095d28f84ae6f871b3d8e5091d2744
GET /engine/classes/min/index.php?charset=utf-8&g=general&19 HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:45 GMT
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=208376
etag: W/"pub1596723752;gz"
expires: Fri, 22 Nov 2024 08:57:03 GMT
last-modified: Thu, 06 Aug 2020 14:22:32 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
cf-cache-status: HIT
age: 1099687
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuAcRFigiFRbYJlNP%2FPFZ7XwfNsnB8SN%2F3cu0MFhhARQS8F4un4%2FyMf%2FWtG56a%2Bu%2B3QkhLT929uVA9Un8QRpztCDSXgCG%2FzZxfpOamankW7CtsWmM2wV4f5hh5UJlajl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831a86f89e0c5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
9797eebeee.f029332141.com/d1f164542896e982c8bffb24c3e74e9b/107579?version_name=b
200 OK 1.2 kB URL GET HTTP/2 9797eebeee.f029332141.com/d1f164542896e982c8bffb24c3e74e9b/107579?version_name=b
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subject9797eebeee.f029332141.com
Fingerprint9D:B9:A1:BF:03:55:A8:63:E1:97:8B:A5:CD:B2:DF:C9:18:96:7B:9D
ValidityMon, 04 Dec 2023 02:20:35 GMT - Sun, 03 Mar 2024 02:20:34 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1359), with no line terminators
Hash 2448a0c90184bbd3a821bdbc41ece407
f0a558c428a1b963adb6ad99c5d109b67b1b9dd5
1e2f916e95e307ea40ef2ec28bd0f28ef698b7cb7376945a0e1c1efea635d206
GET /d1f164542896e982c8bffb24c3e74e9b/107579?version_name=b HTTP/1.1
Host: 9797eebeee.f029332141.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://it.davalka.cc
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 05:56:45 GMT
content-type: application/json
content-length: 1201
server: nginx/1.18.0
cache-control: max-age=300
expires: Thu, 07 Dec 2023 06:01:45 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.1qy.info/banners/Bx/as/Bxas81vLzVTO96zQjRTu.gif/r/160x160
200 OK 18 kB URL GET HTTP/2 cdn.1qy.info/banners/Bx/as/Bxas81vLzVTO96zQjRTu.gif/r/160x160
IP
Certificate IssuerLet's Encrypt
Subject1qy.info
Fingerprint8B:D1:0B:00:D4:4C:E6:B2:11:BC:0A:9B:2F:9A:FC:4B:7E:9A:52:08
ValiditySun, 03 Dec 2023 12:16:52 GMT - Sat, 02 Mar 2024 12:16:51 GMT
File type GIF image data, version 87a, 160 x 160\012- data
Hash 73a9756ec7740b3ae25fb9405abe266f
2e4657021b1851041e4f600cc5ea4767466ab9b1
305465b97bf6cb59ebf3d22e46bff29e6d7fc564e47c1f170c9a97be612bac5f
GET /banners/Bx/as/Bxas81vLzVTO96zQjRTu.gif/r/160x160 HTTP/1.1
Host: cdn.1qy.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: image/gif
content-length: 18327
last-modified: Tue, 21 Jan 2020 13:30:39 GMT
etag: W/"5e26fcff-75f7"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIF1tDjw3hr5sBwGRKMS5%2Bw3ToGP3OvotNJc2LTdOx%2FMNv0PZ7kxSK3I2ZOUR%2Bv99p2QfZ5vlF2v1c54%2F8y0QN%2BvfCrPrxOTJsBreVUNVm2IYFXCaPf4rATqxjs94Nk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831a8705ad97b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pornogoogle.info/banner/9187/teaser?callback=MP_TEASER_9187&width=210&refer=https%3A%2F%2Fit.davalka.cc%2F&r=&installation_id[]=6453&width_id[6453]=210&_=1701928613401&start=1701928605740
200 OK 8.2 kB URL GET HTTP/2 pornogoogle.info/banner/9187/teaser?callback=MP_TEASER_9187&width=210&refer=https%3A%2F%2Fit.davalka.cc%2F&r=&installation_id[]=6453&width_id[6453]=210&_=1701928613401&start=1701928605740
IP
ASN #50340 OOO Network of data-centers Selectel
Certificate IssuerLet's Encrypt
Subjectpornogoogle.info
Fingerprint2F:DB:C3:3E:14:CC:55:63:3D:B1:59:1A:EA:55:40:7C:1B:2E:4A:B8
ValidityTue, 07 Nov 2023 22:31:33 GMT - Mon, 05 Feb 2024 22:31:32 GMT
File type Unicode text, UTF-8 text, with very long lines (8562), with no line terminators
Hash 42a2bb40f07d0d088c2b8970c6045de8
d66ec9db5e0711e266b91d91b3ed0ba0d2c2f0f5
60bbca610cafced9448d788f9fe25dd34628e3eeb10c0945cdaec64c91f75d0f
GET /banner/9187/teaser?callback=MP_TEASER_9187&width=210&refer=https%3A%2F%2Fit.davalka.cc%2F&r=&installation_id[]=6453&width_id[6453]=210&_=1701928613401&start=1701928605740 HTTP/1.1
Host: pornogoogle.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.14.2
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: application/javascript; charset=UTF-8
set-cookie: key_visitor=953ea8301ede6511715dc1442887902b1fb69f1849de4180cb33bb9024a5837ea%3A2%3A%7Bi%3A0%3Bs%3A11%3A%22key_visitor%22%3Bi%3A1%3Bs%3A23%3A%22Z5TxykXrvRThh7NyVHN58h%7C%22%3B%7D; expires=Thu, 14-Dec-2023 05:56:47 GMT; Max-Age=604800; path=/; HttpOnly
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2
it.davalka.cc/templates/davalka/style/font-awesome.css
200 OK 24 kB URL GET HTTP/3 it.davalka.cc/templates/davalka/style/font-awesome.css
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type ASCII text, with very long lines (23629)
Hash 183540cd2e86c4fb48612ab38f94d28e
ff1c3a56b406d546dd37a64b42069317ad682968
1ea4dfe698af85b8c0be2bea33995932214934666bf103846330a3ed3fda3ce0
GET /templates/davalka/style/font-awesome.css HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:45 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=28747
etag: W/"5f2c1270-704b"
last-modified: Thu, 06 Aug 2020 14:23:44 GMT
vary: Accept-Encoding
cache-control: max-age=86400
cf-cache-status: HIT
age: 575915
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TzJU2Y1PvzbMp58qhlvdH9Zp4pmsLyznF9YP0qXmwvpsS4mwqjbNKNYktKI6s6DjUO4YoOxlFHR30pPXzSZfGR%2FUHa1IEAYv9NhXyuTZ79GFvAtFAM%2FDPRw0pTRQkgV3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831a86f55c7d5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
it.davalka.cc/templates/davalka/style/reset-settings.css
200 OK 14 kB URL GET HTTP/3 it.davalka.cc/templates/davalka/style/reset-settings.css
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type ASCII text, with very long lines (14187), with no line terminators
Hash b518d35dd86a3a8bef771cc0a12ec0dc
fa796205d90605d5e88d671340c4ce095040bb35
6f9ef12233a62072c82f27a98fdede602d296f924e23b376a86ae8834870746c
GET /templates/davalka/style/reset-settings.css HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/templates/davalka/style/styles.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:45 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=16031
etag: W/"5f2c1270-3e9f"
last-modified: Thu, 06 Aug 2020 14:23:44 GMT
vary: Accept-Encoding
cache-control: max-age=86400
cf-cache-status: HIT
age: 652123
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LaPKNKXfpwj3eizNODj6CS7uRRcVDxtsYKHfAGr2YMojZ4gSc8%2Bb2ypc4ayd67%2Bpx8OczouPVwXc7JmrO7WS9EgGrzj7VMuYd3Nk31iov8PsfLcznYf%2Fhz2q4Gk70w9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831a86f5ac9f5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
it.davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
200 OK 12 kB URL GET HTTP/3 it.davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type ASCII text, with very long lines (12331)
Hash 88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:45 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 16:06:21 GMT
etag: W/"65660ffd-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33VAlcR55qP7EAuS3PUCOemIgusvvHy3Kgsrc65USl7oKZAHwehaW7L8F0a0JoidaP2ExBxb%2B5xOp7r6XzFH12CE6CCgDrFcFobPANMbp%2BfWY3EGRwiaacIw0qNG3yYF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831a86f55c7f5691-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 09 Dec 2023 05:56:45 GMT
cache-control: max-age=172800, public
content-encoding: gzip
it.davalka.cc/templates/davalka/style/styles.css
200 OK 28 kB URL GET HTTP/3 it.davalka.cc/templates/davalka/style/styles.css
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type ASCII text, with very long lines (28239), with no line terminators
Hash 28d775edfd5a9fcc9c2ebf51a70893d1
3f72096ce52ae9e0b0b31424535a8df0e6666a38
151c5837f1989c7dc4daadd4629f387d3f09e8d7d1fc5b33e05c2c823f0238b9
GET /templates/davalka/style/styles.css HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:45 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=32161
etag: W/"630e4d37-7da1"
last-modified: Tue, 30 Aug 2022 17:47:35 GMT
vary: Accept-Encoding
cache-control: max-age=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bSINFvq7fELu3el9ERB4stG1ENmSWjRKI4xGEt%2Ffii4eHO5ZU5BoEXfVVquNRfXqwl8y%2BGwxcYK%2BYFo3UAMUmKbda4YvCcCxOWn7rurdeX5iEeSyUPlKXVunRGKdDoB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831a86f54c7b5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
it.davalka.cc/templates/davalka/style/engine.css
200 OK 56 kB URL GET HTTP/3 it.davalka.cc/templates/davalka/style/engine.css
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type ASCII text, with very long lines (55708), with no line terminators
Hash 1043df47221c69aec00515a1a533e553
8e184dd8dab21587a532d63168a3e149da7f107f
c967bb5d1fbe2c614d86df1b81839addf8207d74f355a1d7b1bab9ea664f8f55
GET /templates/davalka/style/engine.css HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:45 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=61776
etag: W/"5f2c1270-f150"
last-modified: Thu, 06 Aug 2020 14:23:44 GMT
vary: Accept-Encoding
cache-control: max-age=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPEbX7eX0TkdRrJUC8kbSTidluBBB6u5zW2PCb4cZvdRn9cupZTxbrKDY2T93tHLjemHpTF%2FA%2FJKWCwDdpMlCPTNAtSME0I9Azq4puNoPJv56mg%2FG00k9qGErLuix2CL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831a86f55c7c5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
it.davalka.cc/picture/Khudoshchavaia-belosnezhka-otomstila-nevernomu-muzhu-s-chernym-ochkarikom.webp
301 Moved Permanently 8.8 kB URL GET HTTP/3 it.davalka.cc/picture/Khudoshchavaia-belosnezhka-otomstila-nevernomu-muzhu-s-chernym-ochkarikom.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /picture/Khudoshchavaia-belosnezhka-otomstila-nevernomu-muzhu-s-chernym-ochkarikom.webp HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Thu, 07 Dec 2023 05:56:47 GMT
content-length: 0
location: https://davalka.cc/picture/Khudoshchavaia-belosnezhka-otomstila-nevernomu-muzhu-s-chernym-ochkarikom.webp
cache-control: max-age=86400
expires: Sun, 03 Dec 2023 23:15:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fW9AdnKa3aaXkrfV77tMvbPDn6NAqHCHcVsWfHnPLEE8RbmfV3N%2B8L82v6WRY%2Fb97obpgfj8u2yfhYmytCqiE8FkIbw9kWE1vI4xJE%2FjwPrZKHWXncHZ5CdnUlf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 286906
server: cloudflare
cf-ray: 831a87036ba95691-OSL
it.davalka.cc/picture/Klubnaia-davalka-prodala-zhopu-na-otieeb-izvratu-v-leginsakh.webp
301 Moved Permanently 14 kB URL GET HTTP/3 it.davalka.cc/picture/Klubnaia-davalka-prodala-zhopu-na-otieeb-izvratu-v-leginsakh.webp
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /picture/Klubnaia-davalka-prodala-zhopu-na-otieeb-izvratu-v-leginsakh.webp HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Thu, 07 Dec 2023 05:56:47 GMT
content-length: 0
location: https://davalka.cc/picture/Klubnaia-davalka-prodala-zhopu-na-otieeb-izvratu-v-leginsakh.webp
cache-control: max-age=86400
expires: Thu, 07 Dec 2023 06:09:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kr4aVbLdUAaz3YMbIIQ65ueErHKg7zawSP7pLhIGknZdSyt8EqhV526Xr2qqLMXV%2B1P3umes%2FlnGNGK0G6CPCFqU9OBuJY7QgrY5ZfaN8JJ0gFMGKn5%2FptvXNafd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 831a87039bc05691-OSL
31825.thanksgivingdelights.com/iSFACIMzPQjlZtdxoEWUMWYX08lW-dyDfP1Yfo_FTpdGNc6c9opRoJuNW95heNLKkdgHcvR2jvrqFui6Hea9aS6VmqTCpLiCbQESLr0hJH9jv8pPrkA3MyZDK2Jy0SA4i_hUPVQ?kws=davalka%2Cvideo%2Cporno%2Conline%2Cgratuitamente%2Cper%2Ccategoria%2Cpornostar%2Cimbroglioni&abl=0&fsb=0&pageUri=https%3A%2F%2Fit.davalka.cc%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Thu%20Dec%2007%202023%2005%3A56%3A53%20GMT%2B0000%20(Coordinated%20Universal%20Time)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%223%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1
200 OK 2.4 kB URL GET HTTP/2 31825.thanksgivingdelights.com/iSFACIMzPQjlZtdxoEWUMWYX08lW-dyDfP1Yfo_FTpdGNc6c9opRoJuNW95heNLKkdgHcvR2jvrqFui6Hea9aS6VmqTCpLiCbQESLr0hJH9jv8pPrkA3MyZDK2Jy0SA4i_hUPVQ?kws=davalka%2Cvideo%2Cporno%2Conline%2Cgratuitamente%2Cper%2Ccategoria%2Cpornostar%2Cimbroglioni&abl=0&fsb=0&pageUri=https%3A%2F%2Fit.davalka.cc%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Thu%20Dec%2007%202023%2005%3A56%3A53%20GMT%2B0000%20(Coordinated%20Universal%20Time)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%223%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subject*.thanksgivingdelights.com
FingerprintCE:9C:43:8D:C8:5B:86:EC:E6:19:28:36:FC:E6:32:F7:DB:F3:0B:14
ValidityTue, 07 Nov 2023 10:55:57 GMT - Mon, 05 Feb 2024 10:55:56 GMT
File type ASCII text, with very long lines (2431), with no line terminators
Hash 35fb021b336171d9f678154ec90dd016
2f52453ea3d0b16a9096f6ff379c06f914eedd83
4d2941b526895485269fbe3d627997ba7110e72bbcfc7aa35da376fbafca7bbc
GET /iSFACIMzPQjlZtdxoEWUMWYX08lW-dyDfP1Yfo_FTpdGNc6c9opRoJuNW95heNLKkdgHcvR2jvrqFui6Hea9aS6VmqTCpLiCbQESLr0hJH9jv8pPrkA3MyZDK2Jy0SA4i_hUPVQ?kws=davalka%2Cvideo%2Cporno%2Conline%2Cgratuitamente%2Cper%2Ccategoria%2Cpornostar%2Cimbroglioni&abl=0&fsb=0&pageUri=https%3A%2F%2Fit.davalka.cc%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Thu%20Dec%2007%202023%2005%3A56%3A53%20GMT%2B0000%20(Coordinated%20Universal%20Time)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%223%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 HTTP/1.1
Host: 31825.thanksgivingdelights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://it.davalka.cc
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 05:56:50 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://it.davalka.cc
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Thu, 07 Dec 2023 05:56:50 UTC
expires: Thu, 07 Dec 2023 05:56:50 UTC
content-encoding: gzip
X-Firefox-Spdy: h2
69v.club/show/clickunder/9187?callback=__MPAY_CLICKUNDER_CALLBACK__&url=https%3A%2F%2Fit.davalka.cc%2F&referrer=&time=1701928613483
200 OK 575 B URL GET HTTP/3 69v.club/show/clickunder/9187?callback=__MPAY_CLICKUNDER_CALLBACK__&url=https%3A%2F%2Fit.davalka.cc%2F&referrer=&time=1701928613483
IP
Certificate IssuerGoogle Trust Services LLC
Subject69v.club
FingerprintD4:6F:69:B4:34:78:A0:6F:CD:F2:4B:6F:3E:72:29:CD:E4:1B:DB:C6
ValidityWed, 06 Dec 2023 11:55:09 GMT - Tue, 05 Mar 2024 11:55:08 GMT
File type ASCII text, with very long lines (633), with no line terminators
Hash ba7b75564ab0420cf56cd29c060ac1d0
880fca0bfd669b599b7cf1ec9e4297ecef8ffa9b
8354326ecce5efa292f68470dfc26e43cc045451eb38aa70d6bc54498b9c9ee8
GET /show/clickunder/9187?callback=__MPAY_CLICKUNDER_CALLBACK__&url=https%3A%2F%2Fit.davalka.cc%2F&referrer=&time=1701928613483 HTTP/1.1
Host: 69v.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:47 GMT
content-type: application/javascript; charset=UTF-8
set-cookie: key_visitor=2b2a350be109a3ce2a283e2906d7197eec663bb102b8cd380ce45b3ee60fa412a%3A2%3A%7Bi%3A0%3Bs%3A11%3A%22key_visitor%22%3Bi%3A1%3Bs%3A23%3A%22tuC8dXPw9MqZnZ418A78Nz%7C%22%3B%7D; expires=Thu, 14-Dec-2023 05:56:47 GMT; Max-Age=604800; path=/; HttpOnly
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WA%2Fr0Hhziq9DfZOYFW3TYS1Uo5%2Bfso%2BJ37RQsTnzcZudbTiyRnclC7cNGIWpX9h%2Fx856cdzn%2B01Wr9%2BAas0y2X3jdJpWEKjFsKgkfDRmkN8yS6fWj3D6MXUl0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831a87047dd1568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
200 OK 65 kB URL User Request GET HTTP/2 IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 05:56:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
cache-control: max-age=86400
expires: Thu, 23 Nov 2023 11:09:50 GMT
last-modified: Thu, 23 Nov 2023 11:09:50 GMT
cf-cache-status: HIT
age: 1099691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zh%2BHGKwmmYPXSQvo7KPEt1blH6lkT6cIyO%2B%2FdsJm5HXoFYrBrHG%2B24kv0naS8TE76i9s0aN%2FuFEQys%2FvjDAFkvx9tvYVgNuwq4US0CdWry225TdaUaMhi9jC%2FIoT6f6S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831a86f28cff7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
it.davalka.cc/templates/davalka/js/libs.js
200 OK 3.4 kB URL GET HTTP/3 it.davalka.cc/templates/davalka/js/libs.js
IP
Certificate IssuerLet's Encrypt
Subjectdavalka.cc
Fingerprint29:F4:1D:9E:0B:5F:3A:76:B7:CF:A2:95:5F:61:FA:F3:D3:FF:1B:F2
ValidityFri, 27 Oct 2023 06:44:43 GMT - Thu, 25 Jan 2024 06:44:42 GMT
File type Unicode text, UTF-8 text, with very long lines (3544), with no line terminators
Hash fe12c290cca58a634e9680d2b606d1ce
2cdca9575e99d74f31a3ba43e7875991ee81fe4a
e513b57d1eb54660383783751bf00894c874b9c25660de2cedbda0d0008b416e
GET /templates/davalka/js/libs.js HTTP/1.1
Host: it.davalka.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://it.davalka.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 07 Dec 2023 05:56:45 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3938
etag: W/"5f2c126b-f62"
last-modified: Thu, 06 Aug 2020 14:23:39 GMT
vary: Accept-Encoding
cache-control: max-age=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BH9QS3ZD1DBZb4bCuyKn2rok9uPmVU3LpiuR3J5EOLDXyX4ZDoRQBoYAq9I3yFy00RACC59ZJABal1qnRAw68StnwIsIesJ3jitSAVKhwo%2BVyt7pJhuxbqMcneg%2B6PR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831a86f89e0b5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
172.67.152.236
168.119.25.102
193.200.64.161
104.21.40.151
82.148.12.69