Overview

URL avgle.com/
IP172.67.219.47
ASNCLOUDFLARENET
Location United States
Report completed2022-09-27 16:04:18 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-27 2 reapinject.com Sinkholed
2022-09-27 2 banquetunarmedgrater.com Sinkholed


Files

No files detected



Passive DNS (45)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.3
mnemonic passive DNS addresseepaper.com (1) 18169 2021-11-01 21:11:31 UTC 2022-09-27 06:13:46 UTC 172.64.101.4
mnemonic passive DNS video.ktkjmp.com (1) 23778 2020-10-02 08:52:19 UTC 2022-09-27 16:04:08 UTC 104.18.42.40
mnemonic passive DNS ads.adxadserv.com (4) 113382 2018-07-07 20:22:47 UTC 2022-09-27 16:04:08 UTC 185.98.53.2
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.110
mnemonic passive DNS r.trwl1.com (5) 34565 2019-07-11 17:32:08 UTC 2022-09-27 16:04:08 UTC 185.98.53.17
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-27 13:22:33 UTC 34.120.237.76
mnemonic passive DNS avgle.com (2) 126596 2019-03-14 22:26:55 UTC 2022-09-27 16:04:01 UTC 104.21.45.211
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 143.204.55.25
mnemonic passive DNS go.xlviirdr.com (1) 0 2021-07-02 10:51:47 UTC 2022-09-27 16:04:07 UTC 104.18.42.40 Unknown ranking
mnemonic passive DNS reapinject.com (1) 0 2022-08-25 13:04:49 UTC 2022-09-27 10:22:32 UTC 192.243.59.13 Unknown ranking
mnemonic passive DNS go.xlivrdr.com (2) 0 2021-07-02 10:51:24 UTC 2022-09-27 05:22:35 UTC 172.64.145.216 Unknown ranking
mnemonic passive DNS go.xxxjmp.com (1) 14382 2021-07-02 10:31:24 UTC 2022-09-27 16:04:08 UTC 104.18.42.40
mnemonic passive DNS r3.o.lencr.org (18) 344 2020-12-02 08:52:13 UTC 2022-09-27 04:52:25 UTC 23.36.76.226
mnemonic passive DNS poweredby.jads.co (9) 30525 2019-12-04 10:34:12 UTC 2022-09-27 10:29:58 UTC 185.94.236.246
mnemonic passive DNS e1.o.lencr.org (2) 6159 2021-08-20 07:36:30 UTC 2022-09-27 05:36:01 UTC 23.36.77.32
mnemonic passive DNS i.jads.co (6) 46788 2019-12-04 08:50:06 UTC 2022-09-27 16:04:08 UTC 69.16.175.42
mnemonic passive DNS static.javhd.com (18) 39788 2013-11-18 08:31:48 UTC 2022-09-27 16:04:08 UTC 185.76.9.15
mnemonic passive DNS adxadserv.com (7) 85319 2018-06-28 23:50:00 UTC 2022-09-27 16:04:08 UTC 185.98.53.29
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-27 07:51:08 UTC 142.250.74.174
mnemonic passive DNS cdnjs.cloudflare.com (2) 235 2020-10-20 10:17:36 UTC 2022-09-27 05:23:18 UTC 104.17.25.14
mnemonic passive DNS s7.addthis.com (2) 1504 2012-05-21 03:34:04 UTC 2022-09-27 05:13:44 UTC 23.38.200.123
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-27 05:00:30 UTC 104.18.20.226
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-27 04:53:14 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS v1.addthisedge.com (1) 1721 2019-05-22 18:56:22 UTC 2022-09-27 05:13:45 UTC 23.38.200.123
mnemonic passive DNS z.moatads.com (1) 374 2014-02-11 16:19:47 UTC 2022-09-27 05:24:49 UTC 23.38.201.146
mnemonic passive DNS s10.histats.com (1) 15211 2012-05-21 17:14:14 UTC 2022-09-27 08:15:22 UTC 46.105.201.240
mnemonic passive DNS static.adxadserv.com (1) 128146 2018-06-12 13:18:14 UTC 2022-09-27 16:04:08 UTC 185.76.9.24
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-27 11:41:54 UTC 143.204.55.115
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-09-27 04:53:25 UTC 151.101.85.229
mnemonic passive DNS ocsp.sectigo.com (3) 487 2018-12-17 11:31:55 UTC 2022-09-27 09:44:42 UTC 104.18.32.68
mnemonic passive DNS static-clst.avgle.com (9) 289085 2018-05-23 06:17:04 UTC 2022-09-27 16:04:07 UTC 45.133.44.10
mnemonic passive DNS banquetunarmedgrater.com (1) 0 2022-08-04 15:12:50 UTC 2022-09-27 06:13:55 UTC 192.243.61.225 Unknown ranking
mnemonic passive DNS creepingbrings.com (1) 0 2022-05-27 14:56:26 UTC 2022-09-27 10:32:44 UTC 172.64.198.30 Unknown ranking
mnemonic passive DNS creative.xxxjmp.com (1) 24237 2021-07-02 10:51:24 UTC 2022-09-27 16:04:07 UTC 104.18.42.40
mnemonic passive DNS ocsp.digicert.com (9) 86 2012-05-21 07:02:23 UTC 2022-09-27 09:08:20 UTC 93.184.220.29
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS avgle.com (2) 126596 2019-03-14 22:26:55 UTC 2022-09-27 16:04:01 UTC 172.67.219.47
mnemonic passive DNS sc.3xdb.com (1) 214543 2021-06-05 04:51:16 UTC 2022-09-27 16:04:08 UTC 104.22.3.177
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 35.161.230.192
mnemonic passive DNS creative.xlivrdr.com (1) 0 2021-07-02 10:51:24 UTC 2022-09-27 16:04:08 UTC 104.18.42.40 Unknown ranking
mnemonic passive DNS daisycontroversy.com (1) 0 2022-02-18 15:34:23 UTC 2022-09-27 16:04:07 UTC 192.243.61.225 Unknown ranking
mnemonic passive DNS simplewebanalysis.com (1) 0 2022-02-25 04:06:25 UTC 2022-09-27 04:59:30 UTC 52.29.95.124 Unknown ranking
mnemonic passive DNS m.addthis.com (1) 1448 2013-11-06 20:12:22 UTC 2022-09-27 08:12:33 UTC 23.38.200.123
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-27 12:39:40 UTC 142.250.74.10


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.219.47

Date UQ / IDS / BL URL IP
2022-11-27 06:20:14 +0000
0 - 0 - 23 avgle.com/video/gib8l8lsD8k/%E8%A1%97%E8%A1%8 (...) 172.67.219.47
2022-11-24 18:52:22 +0000
0 - 0 - 2 www.jetpray.ru.com/pnjhq/sijomm871597bain/O88 (...) 172.67.219.47
2022-11-23 10:37:44 +0000
0 - 0 - 18 avgle.com/video/QuuHGHRGtHl/hnds-039-1 172.67.219.47
2022-09-27 16:04:18 +0000
0 - 0 - 2 avgle.com/ 172.67.219.47
2022-09-12 08:48:18 +0000
0 - 0 - 2 comunidaddeestudios.com/ 172.67.219.47

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-04 23:05:48 +0000
0 - 0 - 1 rehyk.ninas-lifestyle.com/ 104.21.35.154
2022-12-04 23:05:36 +0000
0 - 0 - 3 steamcommunityi.ru/profiles/7656119921279649211 188.114.97.1
2022-12-04 23:04:36 +0000
0 - 0 - 6 fa592ydj2d5e8bl2a1.youltube.biz/ 172.67.148.44
2022-12-04 23:04:18 +0000
0 - 0 - 1 aventura.espirituracer.com/ 104.21.76.224
2022-12-04 23:04:00 +0000
10 - 0 - 0 practicalweb.com.br/wellsfghkmm/login.php?cmd (...) 188.114.96.1

Last 3 reports on domain: avgle.com

Date UQ / IDS / BL URL IP
2022-11-27 06:20:14 +0000
0 - 0 - 23 avgle.com/video/gib8l8lsD8k/%E8%A1%97%E8%A1%8 (...) 172.67.219.47
2022-11-23 10:37:44 +0000
0 - 0 - 18 avgle.com/video/QuuHGHRGtHl/hnds-039-1 172.67.219.47
2022-09-27 16:04:18 +0000
0 - 0 - 2 avgle.com/ 172.67.219.47

No other reports with similar screenshot



JavaScript

Executed Scripts (62)


Executed Evals (2)

#1 JavaScript::Eval (size: 11, repeated: 1) - SHA256: 8ee784d797ce97ed9716bb42682346deb0c7ae8ff75d7ad8ae60508907054c16

                                        addthis.cbs
                                    

#2 JavaScript::Eval (size: 8, repeated: 1) - SHA256: 3c4b9b06fe520e9d07b2150eebd412a59c91d789706d99a2b2dc9bf217604d1f

                                        _ate.cbs
                                    

Executed Writes (0)



HTTP Transactions (138)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: avgle.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.45.211
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 27 Sep 2022 16:04:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Sep 2022 17:04:07 GMT
Location: https://avgle.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7I%2BD1sbvze68IQwZfT1M%2BO0Afp2ugmg%2BYIBtvirPnkUNHkmnn3rcbz0jSylM4KKbFCxmkn%2B4dETQ4pa%2Ba4xcZ3pfMuOLHedNE6RHio6qLd7gQHCqTdl0Bkd6ua4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751579289d7d0b61-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6622
Expires: Tue, 27 Sep 2022 17:54:29 GMT
Date: Tue, 27 Sep 2022 16:04:07 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 15:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AuBxwrnDIuMJFFo0ED1EWsAMuc49cGqKKJ9PP3RKw9zmiKKgAaBOCw==
Age: 2917


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u8Vuup6OdJxunm6YqFwsvs3HU4oJCmslUKmxcJAEu8_WMwuiFsyalA==
age: 23994
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4967
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 16:04:07 GMT
Last-Modified: Tue, 27 Sep 2022 14:41:21 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4967
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 16:04:07 GMT
Last-Modified: Tue, 27 Sep 2022 14:41:21 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 16:04:07 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 16:04:07 GMT
content-length: 30360
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-17b8b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 407049
expires: Sun, 17 Sep 2023 16:04:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmI76QwgOkgXIxJhRBXwWEiHBPFo3E0DOYJMLzYf1FUksJau9hw17uaz27iPItqXTexqwLnwPq3MSHyIv%2FSWhz8P1JPc5yLF0V8icQTKFgllLmR57k1%2FtTj2HVOmv1QkumxCAp9%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7515792bddc3b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32077)
Size:   30360
Md5:    5e4764d3c94d1a1db8c3d0890278b6d1
Sha1:   e5171f2f46e16d32df5f634ba21e47256fa9689c
Sha256: 5077e8927721a6a3ae5d78b456b7041230d627774a0a319beebacc88290b8328
                                        
                                            GET / HTTP/1.1 
Host: avgle.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         172.67.219.47
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 16:04:07 GMT
x-powered-by: PHP/7.4.14
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none
cache-control: public, s-maxage=1800
servedby: n2
last-modified: Tue, 27 Sep 2022 15:38:28 GMT
cf-cache-status: HIT
age: 550
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jq22plcVarTabGyylrH2bQOTwEcBJe6hficgSOAm%2FJatgx%2BXmT%2Fc8QNhugWBGHvt5HZ5tprDB4J4hmSQ3Z1XM1mXMZtj4URTCG0MgoelKKz7eOGCa%2FQdzVCb1Cs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7515792ace190b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4398), with CRLF, LF line terminators
Size:   38837
Md5:    47be9d9ddca13f55f614081c08d786b1
Sha1:   79e23104c72f571ee2bcacb83a6e33388e68c16f
Sha256: 4175713182fb5d587e1c0f67b8f56b0d424f34f090d704665bd10b861438c6a0
                                        
                                            GET /ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 16:04:07 GMT
content-length: 1120
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-d35"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2040623
expires: Sun, 17 Sep 2023 16:04:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87DGQp9KXFCnpt01Yj0N9vI6zuyBr87TVGjsohn7cVPqEO5FloQoCKHx2JKpkUeujwg3QBmjBnWhp1KG7WMYe4aUAEQDKB8QskhtoTXQqBG%2FmcLkEzMjpvtokHlPIu2UZKbp5w6z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7515792bddc6b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3309)
Size:   1120
Md5:    edf1dd25b1ab3d24fbf2444b4061838c
Sha1:   e59cb30ed49d56313ee1f770f6784f5faaa1199f
Sha256: c31915d8a610a15ca29180348abb37bdaff9d8bde76f13c0e78bc841e633c06e
                                        
                                            GET /npm/js-cookie@2/src/js.cookie.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 2.2.1
x-jsd-version-type: version
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 16:04:07 GMT
age: 36152
x-served-by: cache-fra19178-FRA, cache-bma1663-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1062
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1619)
Size:   1062
Md5:    0216b1edd2fa7ad9cfa258108fd95af4
Sha1:   39c12f744959428d391ab0593dcc69295e63fd18
Sha256: ae34cfdf4075a9766062b578ca857f1b10e53ea9979d87769b37bc388daf1138
                                        
                                            GET /js/300/addthis_widget.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116360
date: Tue, 27 Sep 2022 16:04:07 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (54602)
Size:   116360
Md5:    b87cd33d44e99d7bb4fa59f97915a154
Sha1:   429b6461bab5189d6987d39713c3405223c461b8
Sha256: 9ad12a8b1ed82ccdfc74eebce578bd8f146b04ba08476f8a9a237e346f1772b2
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 16:04:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "169B5A8928A36FAC9597B9DA8AD891BC6DEF1819"
Expires: Wed, 28 Sep 2022 03:00:00 GMT
Last-Modified: Tue, 27 Sep 2022 15:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 293
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7515792cab8a0b51-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    e902ba1f6dfdd446b565df5d121293b4
Sha1:   d2a4469f406762f7f2d74b66fd04cd7260584a08
Sha256: 0f6638d06d4fcb009f715336a78a4608c372b868c954e6a329719c2daf2df483
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 16:04:07 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 08:27:05 GMT
Expires: Tue, 04 Oct 2022 08:27:04 GMT
Etag: "d2c22fa085aae20ff7d563cc44f9d44f898614cc"
Cache-Control: max-age=576776,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7515792c7d31b4f7-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 16:04:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/jads.js HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.246
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Tue, 27 Sep 2022 16:04:07 GMT
Content-Length: 178
Connection: keep-alive
Location: jads2.js


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B4F0659A9C0F8D8B5856056A7D3550A4B8C7DA29F34635EA87E30474A2A2395E"
Last-Modified: Tue, 27 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2117
Expires: Tue, 27 Sep 2022 16:39:24 GMT
Date: Tue, 27 Sep 2022 16:04:07 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   4677
Md5:    e29859f1f711f19995bf8fd527528215
Sha1:   962f6f60e30ad16454898ad338e1bd85d3a8fad4
Sha256: fbb43acae2da96837790e6a474817dbd49d1b7b73339e915c02b323692139c6f
                                        
                                            GET /js/jads2.js HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avgle.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.246
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 16:04:07 GMT
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3758), with no line terminators
Size:   1719
Md5:    558e1b61fc513016183a3812938e79fb
Sha1:   5f72ea61a2aad8f7a0956321d3fd8524db70eddf
Sha256: a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 16:04:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   17860
Md5:    84de986905ee6f127348754e131def51
Sha1:   8fd9c28035849daca89e5dca9913658007043d4d
Sha256: eea4e36ea25133888fd98350ee88e5dcd32d513e6accdbb1b43da83286f07ddb
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 16:04:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://avgle.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 18:01:25 GMT
expires: Sun, 24 Sep 2023 18:01:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
age: 252162
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 16:04:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /smartpop/c60722964a88be492caed3fc1823b9568764746108f340ba90631cdf62b308db?userId=b17b07652808cd0fd770fa287c11f9818eef1c12cce3d22e7d30a87bdff6f1e8 HTTP/1.1 
Host: go.xlviirdr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.18.42.40
HTTP/2 302 Found
                                        
date: Tue, 27 Sep 2022 16:04:08 GMT
content-length: 0
location: https://creative.xlivrdr.com/widgets/Player?autoplay=all&autoplayForce=1&campaignId=c60722964a88be492caed3fc1823b9568764746108f340ba90631cdf62b308db&campaignType=smartpop&creativeId=2a4e0d3a59f3dcaefd23459460759431e47e05565a35daf5c932192b4b6b2ff8&iterationId=205170&masterSmartpopId=0&quality=240p&ruleId=0&showModal=signup&smartpopId=5749&tag=girls%2Fchinese&userId=b17b07652808cd0fd770fa287c11f9818eef1c12cce3d22e7d30a87bdff6f1e8&variationId=28407
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=67310770.28407; Path=/; HttpOnly; SameSite=Strict __cflb=02DiuDfsBaY2bRYJiCeScBLPeXxw9eebA1UBPbN9smwhW; SameSite=None; Secure; path=/; expires=Wed, 28-Sep-22 15:04:08 GMT; HttpOnly
server: cloudflare
cf-ray: 7515792e0a6afac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /av/6.gif HTTP/1.1 
Host: static-clst.avgle.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avgle.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         45.133.44.10
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 16:04:07 GMT
content-length: 1153301
server: nginx/1.16.1
x-object-meta-mtime: 1531720818.329547926
last-modified: Mon, 16 Jul 2018 06:00:17 GMT
etag: a4ce4c6503f6d92feb558cdd2ee460cd
x-timestamp: 1531720816.69402
x-trans-id: tx6d40801e09a84c4a95979-0062a87a25
x-openstack-request-id: tx6d40801e09a84c4a95979-0062a87a25
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 08 Nov 2022 07:04:07 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 250\012- data
Size:   1153301
Md5:    a4ce4c6503f6d92feb558cdd2ee460cd
Sha1:   f28447ecc9c8f63ff1849db3b1f06df1b92cbaf1
Sha256: 8d9afc247b27f7546132e1f91762713411746350534038a3fcd959a31957e6b0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F3DEA15E09217F08CA634065CB6D549D075DCEC67FA41B03FD86A04B6A5751FF"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19566
Expires: Tue, 27 Sep 2022 21:30:14 GMT
Date: Tue, 27 Sep 2022 16:04:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "505523E71573D4B89F2F18D0A7BCAFD7A76307EE94CC632611753249984D7D34"
Last-Modified: Mon, 26 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8359
Expires: Tue, 27 Sep 2022 18:23:27 GMT
Date: Tue, 27 Sep 2022 16:04:08 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 15:10:46 GMT
Expires: Tue, 27 Sep 2022 16:02:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Y3el9F4-ov6PI3Uf3p8OLIYUkky8V4Yab77PRLtq_z0Z9ay6CB_Q7A==
Age: 3202


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "505523E71573D4B89F2F18D0A7BCAFD7A76307EE94CC632611753249984D7D34"
Last-Modified: Mon, 26 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8359
Expires: Tue, 27 Sep 2022 18:23:27 GMT
Date: Tue, 27 Sep 2022 16:04:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "505523E71573D4B89F2F18D0A7BCAFD7A76307EE94CC632611753249984D7D34"
Last-Modified: Mon, 26 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8359
Expires: Tue, 27 Sep 2022 18:23:27 GMT
Date: Tue, 27 Sep 2022 16:04:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "505523E71573D4B89F2F18D0A7BCAFD7A76307EE94CC632611753249984D7D34"
Last-Modified: Mon, 26 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8359
Expires: Tue, 27 Sep 2022 18:23:27 GMT
Date: Tue, 27 Sep 2022 16:04:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5187
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 16:04:08 GMT
Last-Modified: Tue, 27 Sep 2022 14:37:41 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6519
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 16:04:08 GMT
Last-Modified: Tue, 27 Sep 2022 14:15:29 GMT
Server: ECS (amb/6B9F)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /uploaded/5ef10cf861d6e20be61ec4b8/600879c061d6e27c411512ea/600879fb61d6e2040d416c69/7/78eb6d1ebd28a1eabb34841f1f467177.gif HTTP/1.1 
Host: sc.3xdb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.22.3.177
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 16:04:08 GMT
content-length: 756814
last-modified: Wed, 20 Jan 2021 18:44:11 GMT
etag: "600879fb-b8c4e"
cache-control: max-age=172800
cf-cache-status: HIT
age: 6863
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751579310e0fb509-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 728 x 90\012- data
Size:   756814
Md5:    3dc1910991b70e93d61ceed3adc2e7b8
Sha1:   502543206e7b7f585eb761febf01ab6bc2c0c744
Sha256: 440eb99cf37c7ec5c4fdffb7543f4c11a9b0375a72f2a9598debfcc597027966
                                        
                                            GET /be/fd/41/befd41ae888030d201577e0b904c54e7.js HTTP/1.1 
Host: daisycontroversy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Tue, 27 Sep 2022 16:04:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 326cf62fa9898c893a52ed78a1a4a404
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size:   28763
Md5:    c0eaac2aee907ff34a1478b0003940c0
Sha1:   ca343d6263e2226ed2d66764d4242ffd5efadee0
Sha256: 27fd80f9c7d74df0d9b673223875d288a99503d7387887b42e6220c0894053f2
                                        
                                            GET /adsbygoogle.js HTTP/1.1 
Host: video.ktkjmp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xxxjmp.com/
Origin: https://creative.xxxjmp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.42.40
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 16:04:08 GMT
content-length: 16
x-amz-id-2: yfnLbjHcqiCKGcEggInepWRGzqSPmv9SpvNptQOeH+xbRhx1uK32oCBSNLBvi4pq6kvU5Qmg1r4=
x-amz-request-id: 3YWCRXYMJHDTCPQH
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.xxxjmp.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 4026
expires: Tue, 27 Sep 2022 20:04:08 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751579319fae0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   16
Md5:    3d7f7a60216d40dea48e495fef6903c9
Sha1:   fecdb5184f55cf012563d78940eb97b10b9cc99b
Sha256: 96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
                                        
                                            GET /ad?spotid=5cebd89161d6e21c7336d70a&type=300x250&output=iframe HTTP/1.1 
Host: ads.adxadserv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.98.53.2
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 16:04:08 GMT
cache-control: no-cache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2920
Md5:    1bfdcd45d28c578a3d4c47eb0b0561da
Sha1:   edf4970a4e76686f09cafd7ae2d18a8222319ad1
Sha256: e7c5a474de0d60bc232b60209725ce376b9eb4ea8714e987425eec47ead71537
                                        
                                            GET /videos/tmb2/78286/1.jpg HTTP/1.1 
Host: static-clst.avgle.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         45.133.44.10
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 16:04:08 GMT
content-length: 21024
server: nginx/1.16.1
last-modified: Thu, 17 May 2018 10:23:43 GMT
etag: 88cb8b16f78c33356048bde574852a20
x-timestamp: 1526552622.18533
x-object-meta-mtime: 1502966546.535221919
x-trans-id: tx68e8761e0e1447828b203-0062aa01c8
x-openstack-request-id: tx68e8761e0e1447828b203-0062aa01c8
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 08 Nov 2022 07:04:08 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Size:   21024
Md5:    88cb8b16f78c33356048bde574852a20
Sha1:   9042aa99dd92b7fc5df7c103c49077c26d243ae0
Sha256: 66a6c5a37d6aa8c80b8ca6776de18802484166c6e1e8e2ee1a5891392429b795
                                        
                                            GET /ad?spotid=5cebd83261d6e237774d8104&type=300x250&output=iframe HTTP/1.1 
Host: ads.adxadserv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.98.53.2
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 16:04:08 GMT
cache-control: no-cache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   13084
Md5:    f879c47adce7dde5f853fc6c4ab13cc6
Sha1:   e861e6a5c7fb8c98b050970d75d3506e1d58a754
Sha256: fba51122b9be4fa178d834b358488b6b8a4f8cedc5c66a3564defe819f960ac6
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "6389A79FA621D32138DAB9C0FAB190C515288EF534B023CC909A156979FCEF39"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4773
Expires: Tue, 27 Sep 2022 17:23:41 GMT
Date: Tue, 27 Sep 2022 16:04:08 GMT
Connection: keep-alive

                                        
                                            GET /videos/tmb3/107869/1.jpg HTTP/1.1 
Host: static-clst.avgle.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         45.133.44.10
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 16:04:08 GMT
content-length: 61668
server: nginx/1.16.1
last-modified: Thu, 17 May 2018 09:36:24 GMT
etag: 3a2a4c7e74d11f596858d7ffb8e295ce
x-timestamp: 1526549783.79335
x-object-meta-mtime: 1510331534.821368597
x-trans-id: tx6c189e2521454ca9ba382-0062aa9441
x-openstack-request-id: tx6c189e2521454ca9ba382-0062aa9441
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 08 Nov 2022 07:04:08 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Size:   61668
Md5:    3a2a4c7e74d11f596858d7ffb8e295ce
Sha1:   0c059ae8060bce01e5f3b00efc8f4eb70f2d8a69
Sha256: 7d0b39e3e7056b8c8ab9b539f5ec032eb58f41ebc2f7eeac3a7d785c7e9b0fbc
                                        
                                            GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 27 Sep 2022 16:04:08 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Size:   26421
Md5:    707317ccaabe08d32d1bd781754e6871
Sha1:   bb82dcd3e044c960e0861c2ce878f5504e628f78
Sha256: d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
                                        
                                            GET /videos/tmb4/130852/1.jpg HTTP/1.1 
Host: static-clst.avgle.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         45.133.44.10
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 16:04:08 GMT
content-length: 84169
server: nginx/1.16.1
last-modified: Thu, 17 May 2018 08:52:42 GMT
etag: 463a07d244ddac2d4b065ccaacb55501
x-timestamp: 1526547161.63632
x-object-meta-mtime: 1516820167.242132353
x-trans-id: tx7708ca102f854f93852e5-0062aa2d70
x-openstack-request-id: tx7708ca102f854f93852e5-0062aa2d70
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 08 Nov 2022 07:04:08 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2018:01:11 16:28:00], baseline, precision 8, 320x180, components 3\012- data
Size:   84169
Md5:    463a07d244ddac2d4b065ccaacb55501
Sha1:   7399a6150dd6d832c28a30646458c3449d1f0010
Sha256: 31392c0d8a58f3b48c20240989db0793be1848c4f4efe492d7ec227a9c4865f9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1149
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 16:04:08 GMT
Last-Modified: Tue, 27 Sep 2022 15:44:59 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /videos/tmb4/137166/1.jpg HTTP/1.1 
Host: static-clst.avgle.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         45.133.44.10
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 16:04:08 GMT
content-length: 21447
server: nginx/1.16.1
last-modified: Thu, 17 May 2018 09:48:45 GMT
etag: 54ea0719dcec08fac761cbc5521f299f
x-timestamp: 1526550524.48246
x-object-meta-mtime: 1519290883.545496371
x-trans-id: txd6cd4877d010462881536-0062a87bd1
x-openstack-request-id: txd6cd4877d010462881536-0062a87bd1
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 08 Nov 2022 07:04:08 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Size:   21447
Md5:    54ea0719dcec08fac761cbc5521f299f
Sha1:   f82513afef37fe677f46c2c463fb5e91f99dac5e
Sha256: 617f97e5d5e446a35c09d5e421a76edbb4c185a932bddfd027f0cad8feff27a0
                                        
                                            GET /videos/tmb5/166680/1.jpg HTTP/1.1 
Host: static-clst.avgle.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         45.133.44.10
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 16:04:08 GMT
content-length: 63551
server: nginx/1.16.1
last-modified: Thu, 17 May 2018 09:16:56 GMT
etag: ca0492b7abe89a3b32b38efd2752a043
x-timestamp: 1526548615.25943
x-object-meta-mtime: 1525402204.920644076
x-trans-id: txfdb850bbf0f84bf4a98db-0062a89fbf
x-openstack-request-id: txfdb850bbf0f84bf4a98db-0062a89fbf
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 08 Nov 2022 07:04:08 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Size:   63551
Md5:    ca0492b7abe89a3b32b38efd2752a043
Sha1:   002c220558f31cb5ba48a4f333f7a801048f017e
Sha256: 2609f00eadbc87afedfcb9f2112056e8c06216fbaf73471129e583689a14b805
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6GBVKpPwMzrGIICySAhdfA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.161.230.192
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: afVCbSy1DM2VO8c/+000Snvl6Dw=

                                        
                                            GET /videos/tmb5/188114/1.jpg HTTP/1.1 
Host: static-clst.avgle.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         45.133.44.10
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 16:04:08 GMT
content-length: 54406
server: nginx/1.16.1
last-modified: Fri, 13 Jul 2018 02:02:15 GMT
etag: 2994aa2d9782854117afb54e1a9c325f
x-timestamp: 1531447334.19896
x-object-meta-mtime: 1531447334.534195893
x-trans-id: txf509b898925441df93e1b-0062a8e851
x-openstack-request-id: txf509b898925441df93e1b-0062a8e851
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 08 Nov 2022 07:04:08 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 28x28, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 320x180, components 3\012- data
Size:   54406
Md5:    2994aa2d9782854117afb54e1a9c325f
Sha1:   920a67d52b6cdd5635d75d889c9940a07403b87e
Sha256: 1640fbc41c8359289e62daf1cec725f28125416c4960c9eb1add6cf9fe5a0c4f
                                        
                                            GET /videos/tmb8/265940/1.jpg HTTP/1.1 
Host: static-clst.avgle.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         45.133.44.10
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 16:04:08 GMT
content-length: 63909
server: nginx/1.16.1
last-modified: Wed, 23 Jan 2019 21:36:13 GMT
etag: 46731a2adca400d4103a3a628d9a0caf
x-timestamp: 1548279372.07452
x-object-meta-mtime: 1548279372.055013695
x-trans-id: txef80289266a74c9181031-0062a8b2d3
x-openstack-request-id: txef80289266a74c9181031-0062a8b2d3
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 08 Nov 2022 07:04:08 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Size:   63909
Md5:    46731a2adca400d4103a3a628d9a0caf
Sha1:   faa7e206a8863886ff8840dca90883a824b5c903
Sha256: 8526d556c84214c7948b2dae3b5a94c473fec07d160e2a7115813bf0a9e0813a
                                        
                                            GET /videos/tmb11/360031/1.jpg HTTP/1.1 
Host: static-clst.avgle.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         45.133.44.10
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 16:04:08 GMT
content-length: 19424
server: nginx/1.16.1
x-object-meta-mtime: 1579103786.62342207
last-modified: Wed, 15 Jan 2020 15:56:27 GMT
etag: 1c396b5e3bab28d6c17d824e2b8f738a
x-timestamp: 1579103786.64529
x-trans-id: tx6da333a01a27405d98991-0062a8cdd4
x-openstack-request-id: tx6da333a01a27405d98991-0062a8cdd4
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 08 Nov 2022 07:04:08 GMT
cache-control: max-age=3596400
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Size:   19424
Md5:    1c396b5e3bab28d6c17d824e2b8f738a
Sha1:   67952bde6f363d71d791bd7078c924400459f47c
Sha256: d27e1a349f386ec849240eebb3f702db497f0f0609b5c61e7c5bcd10d994c07a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1DDFC6FE9835AD89F2D59A02DC58CB60C82895A488DB64649BDC4F9ACDDF3DAC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12563
Expires: Tue, 27 Sep 2022 19:33:31 GMT
Date: Tue, 27 Sep 2022 16:04:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1DDFC6FE9835AD89F2D59A02DC58CB60C82895A488DB64649BDC4F9ACDDF3DAC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12563
Expires: Tue, 27 Sep 2022 19:33:31 GMT
Date: Tue, 27 Sep 2022 16:04:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1DDFC6FE9835AD89F2D59A02DC58CB60C82895A488DB64649BDC4F9ACDDF3DAC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12563
Expires: Tue, 27 Sep 2022 19:33:31 GMT
Date: Tue, 27 Sep 2022 16:04:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 16:04:08 GMT
Last-Modified: Tue, 27 Sep 2022 14:46:36 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gJDcY6TRraqlfA9sykesvkL1nwAqBf6sbtKKCqd3e6qWY4IqkvzhUQ==
Age: 4653

                                        
                                            GET /s1/71ecf247-65a7-4be4-8c6d-e8e2855141c9?externalId=049f7554-3e7e-11ed-bed6-52ca5d2668e1&cv1=049f7554-3e7e-11ed-bed6-52ca5d2668e1&cv2=4982d74cc5945eb5f443cbeab8c29c8c&cv3=desktop&cv4=623c966461d6e2757e4d7921&cv5=623c962a61d6e2790d5b93d2&cv6=en&cv7=300X250+Index+Middle+Page+Left&cv8=Firefox&cv9=5cebd83261d6e237774d8104&cv10=exim_adxad_stub2_300x250_ HTTP/1.1 
Host: r.trwl1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.98.53.17
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.20.1
Date: Tue, 27 Sep 2022 16:04:08 GMT
Content-Length: 942
Connection: close
Set-Cookie: uid=8B9ZNHatMp; Path=/; Domain=trwl1.com; Expires=Wed, 28 Sep 2022 16:04:08 GMT; HttpOnly
X-Request-Id: 9865592c-1f95-4b0b-b7f8-845837ae001e


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (746)
Size:   942
Md5:    d0db430c059fa4abb9c0e7040e413740
Sha1:   547237d7752c99bfdcb1d8d766e5987f3c066e21
Sha256: 15c9e304681068af427c0411fbe082cf98fda2d653e9ce4259642a134ac06509
                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://avgle.com
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.29.95.124
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 16:04:08 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://avgle.com
access-control-allow-credentials: true
set-cookie: uid_id2=15417837-1c23-41ac-b24b-7445fc20f86d:3:1; expires=Fri, 24 Sep 2032 16:04:08 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    e451192d675d95eb2f89bc8922ceb346
Sha1:   2f23a0607f60d5ff441d787b695bfaf6d8de8274
Sha256: 2701153a9bd6ada31d76f353f443698ffa8098d0ae7a659a9a66a2d3db91a986
                                        
                                            GET /s1/71ecf247-65a7-4be4-8c6d-e8e2855141c9?externalId=049ca203-3e7e-11ed-900a-e2e38133f3a0&cv1=049ca203-3e7e-11ed-900a-e2e38133f3a0&cv2=4982d74cc5945eb5f443cbeab8c29c8c&cv3=desktop&cv4=623c966461d6e2757e4d7921&cv5=623c962a61d6e2790d5b93d2&cv6=en&cv7=300X250+Index+Middle+Page+Right&cv8=Firefox&cv9=5cebd90a61d6e21c7336d70d&cv10=exim_adxad_stub2_300x250_ HTTP/1.1 
Host: r.trwl1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.98.53.17
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.20.1
Date: Tue, 27 Sep 2022 16:04:08 GMT
Content-Length: 939
Connection: close
Set-Cookie: uid=VB9SNTttM; Path=/; Domain=trwl1.com; Expires=Wed, 28 Sep 2022 16:04:08 GMT; HttpOnly
X-Request-Id: a6ba8928-351b-4883-ae09-40ffc9bacd42


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (743)
Size:   939
Md5:    3e3939889cec1abb21d4be224d1315c9
Sha1:   ca67cd94b048408031128330f1d8344e50eef9f5
Sha256: d5e5fed6a0ccafbe3b6f400dc905560db652393e9b7e3c10ceec050e23622c5a
                                        
                                            GET /s1/71ecf247-65a7-4be4-8c6d-e8e2855141c9?externalId=049db014-3e7e-11ed-91a1-e25a5bb9767f&cv1=049db014-3e7e-11ed-91a1-e25a5bb9767f&cv2=4982d74cc5945eb5f443cbeab8c29c8c&cv3=desktop&cv4=623c966461d6e2757e4d7921&cv5=623c962a61d6e2790d5b93d2&cv6=en&cv7=300X250+Index+Middle+Page+Center&cv8=Firefox&cv9=5cebd89161d6e21c7336d70a&cv10=exim_adxad_stub2_300x250_ HTTP/1.1 
Host: r.trwl1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.98.53.17
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.20.1
Date: Tue, 27 Sep 2022 16:04:08 GMT
Content-Length: 944
Connection: close
Set-Cookie: uid=Np9SNTtaMp; Path=/; Domain=trwl1.com; Expires=Wed, 28 Sep 2022 16:04:08 GMT; HttpOnly
X-Request-Id: 7025a633-57d7-44fb-95a5-d54f63e34aa3


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (748)
Size:   944
Md5:    63fcb0a10787983dcad5324817e4ede7
Sha1:   6a1a76a62c6b52da3bd65c6943fe625c9be888f6
Sha256: 94fa60a6c798e9409c18c259d45f1af07dc31dbccbaee35027ecd9840600ce7a
                                        
                                            GET /adshow.php?adzone=614639 HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.246
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 27 Sep 2022 16:04:08 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=0e68176be7c47454b5b86fbb713b1f53; expires=Wed, 27-Sep-2023 16:04:08 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co imps29764=1; expires=Wed, 28-Sep-2022 16:04:08 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co juicy_data_1=YToxOntpOjY5NjM0ODtpOjE2NjQ1NTM4NDg7fQ%3D%3D; expires=Fri, 30-Sep-2022 16:04:08 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 30-Sep-2022 16:04:08 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (412), with CRLF, LF line terminators
Size:   1512
Md5:    8f786d62c2019e762885b3224909bdf0
Sha1:   5d11bad2f0dc3dd560b9af4f4a86838b1ab9fe85
Sha256: a525f04f829c74f7016685de75acc5b7c5bf7da259c22c94909ebc0c2b8edb30
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "6389A79FA621D32138DAB9C0FAB190C515288EF534B023CC909A156979FCEF39"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4773
Expires: Tue, 27 Sep 2022 17:23:41 GMT
Date: Tue, 27 Sep 2022 16:04:08 GMT
Connection: keep-alive

                                        
                                            GET /adshow.php?adzone=685698 HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.246
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 27 Sep 2022 16:04:09 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=0e68176be7c47454b5b86fbb713b1f53; expires=Wed, 27-Sep-2023 16:04:08 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co juicy_data_1=YTowOnt9; expires=Fri, 30-Sep-2022 16:04:08 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 30-Sep-2022 16:04:08 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (404), with CRLF, LF line terminators
Size:   1514
Md5:    360be458d57c73a0957ce9e8027aeff9
Sha1:   90f572fc013ea9ba313a7cdf6948b6a09ff47862
Sha256: e32d058defb0bdcdb9f2109f18b865b11f788cc470555f649883f99a47ac3df1
                                        
                                            GET /network/user22416/29763-1538682381-0894967001538682381.jpg HTTP/1.1 
Host: i.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=0e68176be7c47454b5b86fbb713b1f53; imps29764=1; juicy_data_1=YToxOntpOjY5NjM0ODtpOjE2NjQ1NTM4NDg7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
etag: "1538682381"
cache-control: max-age=4849600
content-length: 55399
last-modified: Thu, 04 Oct 2018 19:46:21 GMT
accept-ranges: bytes
x-hw: 1664294649.dop023.sk1.t,1664294649.cds230.sk1.hn,1664294649.cds240.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=250, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=300], baseline, precision 8, 300x250, components 3\012- data
Size:   55399
Md5:    c3348fbaa05f8e7e87c6852295108c29
Sha1:   6c34181d01614498abee447e37c765e7e0b614fa
Sha256: 801475bc7efdfb518e6e583539f7f2e75707e3ba043d9d0d27e1e682cb96c860
                                        
                                            GET /network/user1037/78-1639151697-0324899001639151697.jpg HTTP/1.1 
Host: i.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=0e68176be7c47454b5b86fbb713b1f53; imps29764=1; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
etag: "1639151697"
cache-control: max-age=9344903
content-length: 36542
last-modified: Fri, 10 Dec 2021 15:54:57 GMT
accept-ranges: bytes
x-hw: 1664294649.dop023.sk1.t,1664294649.cds230.sk1.hn,1664294649.cds207.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Size:   36542
Md5:    2aeab316e738140feea3d8e6e841aafa
Sha1:   d9505c0a4f803d9e18f7dee02dd8ad5f6b65745e
Sha256: dd1ec02cb97c9bed95bda4931284f16a6e4997bb35f9ef6ac266a052e9d93dd1
                                        
                                            GET /h5/files/overlay/1008-overlay-preview.png HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/10432/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3D049ca203-3e7e-11ed-900a-e2e38133f3a0%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3D300X250%2BIndex%2BMiddle%2BPage%2BRight%26cv8%3DFirefox%26cv9%3D5cebd90a61d6e21c7336d70d%26externalId%3D049ca203-3e7e-11ed-900a-e2e38133f3a0%26p%3DeyJiIjoyOTUsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjMsInAiOjEsInMiOjI1MzE5fQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.76.9.15
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
content-length: 1688
last-modified: Wed, 28 Nov 2018 13:40:15 GMT
etag: "5bfe9abf-698"
expires: Tue, 23 May 2023 11:06:09 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839969
server: CDN77-Turbo
x-77-nzt: AblMCQ2SE2D/WLSnAA
x-77-nzt-ray: mV3viTr0ers
x-cache: HIT
x-age: 10990680
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 315 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size:   1688
Md5:    c2aea5fec0422e7884ce101b7173e4b2
Sha1:   3ddab7f0acb5c2fdc4e34f5a5683602f689471db
Sha256: dbdc556177a5b6acc00668e4ab8a956f2941d1c6467ad1cef90baa89b45c598d
                                        
                                            GET /h5/files/overlay/1008-overlay.gif HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/10432/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3D049ca203-3e7e-11ed-900a-e2e38133f3a0%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3D300X250%2BIndex%2BMiddle%2BPage%2BRight%26cv8%3DFirefox%26cv9%3D5cebd90a61d6e21c7336d70d%26externalId%3D049ca203-3e7e-11ed-900a-e2e38133f3a0%26p%3DeyJiIjoyOTUsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjMsInAiOjEsInMiOjI1MzE5fQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.76.9.15
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
content-length: 4146
last-modified: Wed, 28 Nov 2018 13:42:51 GMT
etag: "5bfe9b5b-1032"
expires: Tue, 23 May 2023 11:06:09 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839969
server: CDN77-Turbo
x-77-nzt: AblMCQ3PYyL/WLSnAA
x-77-nzt-ray: 0s33EzQxZa8
x-cache: HIT
x-age: 10990680
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 250\012- data
Size:   4146
Md5:    70bd93b1be91a693b8ab49b92111206c
Sha1:   a342dd6e52ae6c9b8e1b0850d4c6c605942eb686
Sha256: 647a347b3284577e87852b63003ebf9f5b0f7ba09ad6694c4a5564d65ef4f7f2
                                        
                                            GET /h5/files/button/29-button.png HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/10432/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3D049ca203-3e7e-11ed-900a-e2e38133f3a0%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3D300X250%2BIndex%2BMiddle%2BPage%2BRight%26cv8%3DFirefox%26cv9%3D5cebd90a61d6e21c7336d70d%26externalId%3D049ca203-3e7e-11ed-900a-e2e38133f3a0%26p%3DeyJiIjoyOTUsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjMsInAiOjEsInMiOjI1MzE5fQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.76.9.15
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
content-length: 733
last-modified: Tue, 22 Dec 2015 18:41:22 GMT
etag: "56799952-2dd"
expires: Tue, 23 May 2023 11:04:47 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839887
server: CDN77-Turbo
x-77-nzt: AblMCQ14Lzj/qrSnAA
x-77-nzt-ray: 8/p4L1qUZiE
x-cache: HIT
x-age: 10990762
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size:   733
Md5:    82a66a2d222379716ca9a03ff50d8f42
Sha1:   ae43d917ff791f9172edc527baa6266416182aaa
Sha256: cc5da7b40e498d30bf5eaae43e59cae32202737076422676489dd8d3030803de
                                        
                                            GET /h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3D049f7554-3e7e-11ed-bed6-52ca5d2668e1%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3D300X250%2BIndex%2BMiddle%2BPage%2BLeft%26cv8%3DFirefox%26cv9%3D5cebd83261d6e237774d8104%26externalId%3D049f7554-3e7e-11ed-bed6-52ca5d2668e1%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjMsInAiOjEsInMiOjI1MzE5fQ HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trwl1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.76.9.15
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
last-modified: Wed, 20 Apr 2022 13:56:46 GMT
etag: W/"6260111e-c86"
expires: Thu, 27 Oct 2022 16:04:08 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1666886649
server: CDN77-Turbo
x-77-nzt: AblMCQ3CBBih
x-77-nzt-ray: Cm0ZfK0iq0M
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   11124
Md5:    51dd860d2a2dbb34884ef772cbff8e51
Sha1:   ffdedd2a9a008dda8b466878515a1acd485c3a17
Sha256: f665362e0b3ef86f35586b293dfaa0e79ec9a1aef5eee67f271e9839ae559439
                                        
                                            GET /h5/files/css/style.css HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/10432/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3D049ca203-3e7e-11ed-900a-e2e38133f3a0%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3D300X250%2BIndex%2BMiddle%2BPage%2BRight%26cv8%3DFirefox%26cv9%3D5cebd90a61d6e21c7336d70d%26externalId%3D049ca203-3e7e-11ed-900a-e2e38133f3a0%26p%3DeyJiIjoyOTUsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjMsInAiOjEsInMiOjI1MzE5fQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.76.9.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
last-modified: Wed, 25 May 2016 08:29:12 GMT
etag: W/"57456258-7bd"
expires: Tue, 23 May 2023 11:04:47 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839887
server: CDN77-Turbo
x-77-nzt: AblMCQ2BdiD/qrSnAA
x-77-nzt-ray: VsesZc6TNEQ
x-cache: HIT
x-age: 10990762
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2303
Md5:    3b92e2aa0b272e632471eddd6be3df22
Sha1:   2b8ef6fa476e239dc50cbeb724b37e5bb81ceffb
Sha256: c1ea680d37287e88507e078e5a6ffaa2a20f6ba1f397204e7c252ce30761522d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "50550EF7F7740AF0116453D289F44B37199DF7FA2CEFEC6DBE1AF49B1EC77FED"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5890
Expires: Tue, 27 Sep 2022 17:42:19 GMT
Date: Tue, 27 Sep 2022 16:04:09 GMT
Connection: keep-alive

                                        
                                            GET /h5/files/video/3849-30453-300x250.medium.mp4 HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3D049f7554-3e7e-11ed-bed6-52ca5d2668e1%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3D300X250%2BIndex%2BMiddle%2BPage%2BLeft%26cv8%3DFirefox%26cv9%3D5cebd83261d6e237774d8104%26externalId%3D049f7554-3e7e-11ed-bed6-52ca5d2668e1%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjMsInAiOjEsInMiOjI1MzE5fQ
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.76.9.15
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
content-length: 431883
last-modified: Mon, 07 Feb 2022 07:42:29 GMT
etag: "6200cd65-6970b"
expires: Tue, 24 May 2022 11:06:30 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-accel-expires: @1664364866
server: CDN77-Turbo
x-77-nzt: AblMCQ3+dSL/Nz8AAA
x-77-nzt-ray: oo639QGnYbg
x-cache: HIT
x-age: 16183
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-431882/431883
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   431883
Md5:    1c6cc0e006fbcbe3ea94216b9bc0dcef
Sha1:   fe8ee7a562043af39d0b9422eb09ee7bcd26a4a3
Sha256: 2de8221645cf78c35fa8dd9396999c833b46ec732af49b87655349f9c1f4c42e
                                        
                                            GET /h5/files/video/6461-19699-300x250.medium.mp4 HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/16441/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3D049db014-3e7e-11ed-91a1-e25a5bb9767f%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3D300X250%2BIndex%2BMiddle%2BPage%2BCenter%26cv8%3DFirefox%26cv9%3D5cebd89161d6e21c7336d70a%26externalId%3D049db014-3e7e-11ed-91a1-e25a5bb9767f%26p%3DeyJiIjoyNzgxNTYsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI1MzE5fQ
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.76.9.15
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
content-length: 524664
last-modified: Tue, 26 Jul 2022 12:47:15 GMT
etag: "62dfe253-80178"
expires: Sun, 31 Jul 2022 08:21:00 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-accel-expires: @1664379553
server: CDN77-Turbo
x-77-nzt: AblMCQ2bSKj/2AUAAA
x-77-nzt-ray: 6LbDry0+Eqk
x-cache: HIT
x-age: 1496
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-524663/524664
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   524664
Md5:    7b7babf9b21bfb17e3d901c38880b8be
Sha1:   2efcd027da66afbf123a65f33895121558003943
Sha256: c0c002c4f3865023d969f22bffe96b8255638643c3083088cb271a44158e203f
                                        
                                            GET /adshow.php?adzone=615792 HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.246
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 27 Sep 2022 16:04:09 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=0e68176be7c47454b5b86fbb713b1f53; expires=Wed, 27-Sep-2023 16:04:08 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co imps131=1; expires=Wed, 28-Sep-2022 16:04:08 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co juicy_data_1=YToxOntpOjEyMDM0NDE7aToxNjY0NTUzODQ4O30%3D; expires=Fri, 30-Sep-2022 16:04:08 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 30-Sep-2022 16:04:08 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1332), with CRLF, LF line terminators
Size:   1690
Md5:    8636fb82bf2911080c6d8aa41e2d3213
Sha1:   8b4fd181e6cdd206162730b7322e2aa83af77fb0
Sha256: d1c0758cc39effb45ba4a64f5f4206eca5f5b46845f0d583ef57e8100e81697e
                                        
                                            GET /live/boost/ra-58a2e9d645e86f23/_ate.track.config_resp HTTP/1.1 
Host: v1.addthisedge.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 34
date: Tue, 27 Sep 2022 16:04:09 GMT
cache-control: no-transform, s-maxage=0, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   34
Md5:    3a9241a346d3b446f471156301fabaa4
Sha1:   4a108436729c1373ca5a639e2eccd1c758862aac
Sha256: 2cfc87cde7d1d87e0e1cb7cae35006a9a842d436e348d4b223b87efc484b5b5d
                                        
                                            GET /live/red_lojson/300lo.json?si=63331ef5a50f53d0&bkl=0&bl=1&pdt=486&sid=63331ef5a50f53d0&pub=ra-58a2e9d645e86f23&rev=v8.28.8-wp&ln=en&pc=men&cb=1&ab=-&dp=avgle.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1664294646471&jsl=1&uvs=63331ef54b10f577000&skipb=1&callback=addthis.cbs.jsonp__018897816775134580 HTTP/1.1 
Host: m.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 49
date: Tue, 27 Sep 2022 16:04:09 GMT
cache-control: no-transform, s-maxage=0, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   49
Md5:    6b61c636c06599f5b7b567f3b2590392
Sha1:   961f5df97beb0b5589b9337bdedee93b528e2f00
Sha256: ce90c1b84f11c5515adb20c528772a39683383af23e61bd3601bedd77dcb39df
                                        
                                            GET /adshow.php?adzone=615793 HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.246
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 27 Sep 2022 16:04:09 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=0e68176be7c47454b5b86fbb713b1f53; expires=Wed, 27-Sep-2023 16:04:08 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co juicy_data_1=YTowOnt9; expires=Fri, 30-Sep-2022 16:04:08 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 30-Sep-2022 16:04:08 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (354), with CRLF, LF line terminators
Size:   1478
Md5:    7c696463a144fc33531e708d6418580a
Sha1:   e32bc868e1a62348b9cf7b1148961b06ecbdbc55
Sha256: 88f6df3c3b1d14bb61268a9a15b7e884c9a0309f0764720c6546ec5dd1833838
                                        
                                            GET /1x1.gif HTTP/1.1 
Host: i.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=0e68176be7c47454b5b86fbb713b1f53; imps29764=1; juicy_data_1=YToxOntpOjEyMDM0NDE7aToxNjY0NTUzODQ4O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps131=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
etag: "1457030838"
cache-control: max-age=22930617
content-length: 43
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
accept-ranges: bytes
x-hw: 1664294649.dop023.sk1.t,1664294649.cds230.sk1.hn,1664294649.cds217.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    9bb191c6827273aa978cab39a3587950
Sha1:   25d8043336eb799e52b1a0e15ff6b95e09c24e35
Sha256: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
                                        
                                            GET /network/user33/61-1480791155.gif HTTP/1.1 
Host: i.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=0e68176be7c47454b5b86fbb713b1f53; imps29764=1; juicy_data_1=YToxOntpOjEyMDM0NDE7aToxNjY0NTUzODQ4O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps131=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
etag: "1480791155"
cache-control: max-age=21271976
content-length: 32596
last-modified: Sat, 03 Dec 2016 18:52:35 GMT
accept-ranges: bytes
x-hw: 1664294649.dop023.sk1.t,1664294649.cds230.sk1.hn,1664294649.cds015.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 250\012- data
Size:   32596
Md5:    dd2e9928231e724d87ba488b8cbdb20b
Sha1:   f264be3d24a7b77c3fcecdf2b9e131e099d04201
Sha256: df4860b765d169c07be0ca8a6d58d82208260f4f51b553a2ef2c6a0c28e743ea
                                        
                                            GET /addthismoatframe568911941483/moatframe.js HTTP/1.1 
Host: z.moatads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.201.146
HTTP/2 200 OK
content-type: application/x-javascript
                                        
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=47938
date: Tue, 27 Sep 2022 16:04:09 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (523)
Size:   948
Md5:    f14b4e1f799b14f798a195f43cf58376
Sha1:   b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
Sha256: 92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 16:04:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "10724FF231265F6C0DA44EB9ADE0A936362252CAD64CBCEBB1D4414F4985730A"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15345
Expires: Tue, 27 Sep 2022 20:19:54 GMT
Date: Tue, 27 Sep 2022 16:04:09 GMT
Connection: keep-alive

                                        
                                            GET /ads/user178351/ad1412934-1661878079.jpg HTTP/1.1 
Host: i.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=0e68176be7c47454b5b86fbb713b1f53; imps29764=1; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps131=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
etag: "1661878079"
cache-control: max-age=29119560
content-length: 36199
last-modified: Tue, 30 Aug 2022 16:47:59 GMT
accept-ranges: bytes
x-hw: 1664294649.dop023.sk1.t,1664294649.cds230.sk1.hn,1664294649.cds018.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x250, components 3\012- data
Size:   36199
Md5:    c84592898b0ccad0942e7f64a340e0ac
Sha1:   6c060d08ec67fa6655029632d9a7328959471935
Sha256: 462b63fc7bf7824e9c1beaa896153a8804c74214988fd6e6ccfb1c2f44e217a5
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 14:41:09 GMT
expires: Tue, 27 Sep 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 4980
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            GET /pixel/purst?dl=0&th=0&sc=0&rs=1459&rd=1459&fd=972&bv=22.8.v.2&tmpl=136 HTTP/1.1 
Host: reapinject.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.13
HTTP/1.1 200 OK
                                        
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 16:04:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  data
Size:   1434
Md5:    b768fe30a84d870be63117138f328e0b
Sha1:   bc0a888490f0d3e5275bbe4a089da0e58d7382a9
Sha256: 56108dd932bf394b92de6f30789284eda582ec263b262754b95603f11da399b6

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /h5/files/js/video.js HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/10432/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3D049ca203-3e7e-11ed-900a-e2e38133f3a0%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3D300X250%2BIndex%2BMiddle%2BPage%2BRight%26cv8%3DFirefox%26cv9%3D5cebd90a61d6e21c7336d70d%26externalId%3D049ca203-3e7e-11ed-900a-e2e38133f3a0%26p%3DeyJiIjoyOTUsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjMsInAiOjEsInMiOjI1MzE5fQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.76.9.15
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
last-modified: Tue, 10 Nov 2015 10:24:20 GMT
etag: W/"5641c5d4-1cf02"
expires: Tue, 23 May 2023 11:05:24 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839924
server: CDN77-Turbo
x-77-nzt: AblMCQ32ThT/hbSnAA
x-77-nzt-ray: OyV0X5YlEvQ
x-cache: HIT
x-age: 10990725
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (691)
Size:   36349
Md5:    e57838cfc3633970e5abd0f43c55c396
Sha1:   ac1469f03dfecce50d3a8b6ba2401c50d20f892e
Sha256: ad1d8875f75930618e297c12d48ac96469075199b9d8ba4e5104b8b71f5e78df
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 16:04:09 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 07:08:29 GMT
Expires: Tue, 04 Oct 2022 07:08:28 GMT
Etag: "6e5b6c1258397c2dab9c393ad728f867f30cfc55"
Cache-Control: max-age=572058,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751579365c3cb4f7-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 16:04:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /h5/files/16441/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3D049db014-3e7e-11ed-91a1-e25a5bb9767f%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3D300X250%2BIndex%2BMiddle%2BPage%2BCenter%26cv8%3DFirefox%26cv9%3D5cebd89161d6e21c7336d70a%26externalId%3D049db014-3e7e-11ed-91a1-e25a5bb9767f%26p%3DeyJiIjoyNzgxNTYsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI1MzE5fQ HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trwl1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.76.9.15
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
last-modified: Tue, 26 Jul 2022 12:47:16 GMT
etag: W/"62dfe254-c86"
expires: Thu, 27 Oct 2022 16:04:08 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1666886649
server: CDN77-Turbo
x-77-nzt: AblMCQ3FjVah
x-77-nzt-ray: r/gbChZAMxM
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   2691
Md5:    1694bfaf7a71d24828071ee783177b4e
Sha1:   053e76c0ee0c1af5293539cd709a16150c9bb913
Sha256: 1c06ae51be3b9454bcad21335ae535b722f06ea431fdcd900081864cb6a7a7cb
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4BDBB015229744095C9F75A84AEFB115F57E0D363E8D9AF43268E66592971CB4"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8258
Expires: Tue, 27 Sep 2022 18:21:47 GMT
Date: Tue, 27 Sep 2022 16:04:09 GMT
Connection: keep-alive

                                        
                                            GET /ad?spotid=5cebd79561d6e21c7336d707&type=728x90&output=iframe HTTP/1.1 
Host: ads.adxadserv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.98.53.2
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 16:04:08 GMT
cache-control: no-cache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16463
Md5:    9ecbf7be2975159f567f1c8f00f10343
Sha1:   c4477d386c469883db2f154b63be151496f6d97e
Sha256: 41ab4575816840340b766c8ce5bb2515f01900daf01d750111ec63c60d478328
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1929
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 16:04:09 GMT
Last-Modified: Tue, 27 Sep 2022 15:32:00 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /h5/files/video/2720-24866-300x250.mp4 HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/10432/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3D049ca203-3e7e-11ed-900a-e2e38133f3a0%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3D300X250%2BIndex%2BMiddle%2BPage%2BRight%26cv8%3DFirefox%26cv9%3D5cebd90a61d6e21c7336d70d%26externalId%3D049ca203-3e7e-11ed-900a-e2e38133f3a0%26p%3DeyJiIjoyOTUsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjMsInAiOjEsInMiOjI1MzE5fQ
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.76.9.15
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
content-length: 633517
last-modified: Mon, 25 Mar 2019 12:46:36 GMT
etag: "5c98cdac-9aaad"
expires: Tue, 24 May 2022 11:08:24 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-accel-expires: @1664371304
server: CDN77-Turbo
x-77-nzt: AblMCQ0hFhT/ESYAAA
x-77-nzt-ray: DC9NwZyIODU
x-cache: HIT
x-age: 9745
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-633516/633517
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   40434
Md5:    21e929e79640e8ba653acab58a6c2f45
Sha1:   7587209840cc9dc3f85a821685dbc3011aebf489
Sha256: 2cde7ec6294a1ea3796bf18cb76f48c685c8ebd856a8d083b3c8fc9f406d42bc
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1929
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 16:04:09 GMT
Last-Modified: Tue, 27 Sep 2022 15:32:00 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5493
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 16:04:09 GMT
Last-Modified: Tue, 27 Sep 2022 14:32:36 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /adshow.php?adzone=731568 HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.246
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 27 Sep 2022 16:04:09 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=0e68176be7c47454b5b86fbb713b1f53; expires=Wed, 27-Sep-2023 16:04:08 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co juicy_data_1=YTowOnt9; expires=Fri, 30-Sep-2022 16:04:08 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 30-Sep-2022 16:04:08 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (354), with CRLF, LF line terminators
Size:   1477
Md5:    7a935f122f29a9317a9d1a648138636b
Sha1:   c8a47ed78fb13fe7a1621ac88f1c90cbe78a6bad
Sha256: 5c764643440c0f09ea38ff7e2a3fc341547744b48f2110a1183803814501d1de
                                        
                                            GET /adshow.php?adzone=625950 HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.246
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 27 Sep 2022 16:04:09 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=f494c2e32ffbf41936147532e57f71ca; expires=Wed, 27-Sep-2023 16:04:09 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co juicy_data_1=YTowOnt9; expires=Fri, 30-Sep-2022 16:04:09 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 30-Sep-2022 16:04:09 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   1347
Md5:    b4d103aaa010e41d8d6ba3d3fab99b46
Sha1:   eab33f747e18d5a0bb600107383d5c869f5c3c15
Sha256: 0ef92e7ce5eb9625156bb772bb3379203704d9882119ee62bf32dda4b06792ad
                                        
                                            GET /advertisers.js HTTP/1.1 
Host: banquetunarmedgrater.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Tue, 27 Sep 2022 16:04:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bb6ba97df3d2e4cffbc11eb32115d5c6
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ads/user179712/ad1561560-1663981598.png HTTP/1.1 
Host: i.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=0e68176be7c47454b5b86fbb713b1f53; imps29764=1; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps131=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
etag: "1663981598"
cache-control: max-age=31223159
content-length: 106285
last-modified: Sat, 24 Sep 2022 01:06:38 GMT
accept-ranges: bytes
x-hw: 1664294649.dop023.sk1.t,1664294649.cds230.sk1.hn,1664294649.cds201.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   107373
Md5:    8fa3dc6c28147dba425ec10e2c32b549
Sha1:   de505222c945554144a001b9e6bf48b95046072b
Sha256: 119f41b7858645521b4ad0e345d7b039399e8c1264f7026be9898984571f550b
                                        
                                            GET /adshow.php?adzone=731565 HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.246
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 27 Sep 2022 16:04:09 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=0e68176be7c47454b5b86fbb713b1f53; expires=Wed, 27-Sep-2023 16:04:08 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co juicy_data_1=YTowOnt9; expires=Fri, 30-Sep-2022 16:04:08 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 30-Sep-2022 16:04:08 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (351), with CRLF, LF line terminators
Size:   1467
Md5:    aa0e57a94f31a9558b90b2fa3780474f
Sha1:   6b5f6cebd5d739010cff424b08d7550853b7eb9b
Sha256: cbe99f3c2a036d681b2cd4b39975e510ac17c277e00f5ba81c602035a8e0758a
                                        
                                            GET /s1/a97db98e-14af-4bef-8897-321d1c4a6c8b?externalId=remnant HTTP/1.1 
Host: r.trwl1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.98.53.17
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.20.1
Date: Tue, 27 Sep 2022 16:04:09 GMT
Content-Length: 599
Connection: close
Set-Cookie: uid=_wrS7TatM; Path=/; Domain=trwl1.com; Expires=Wed, 28 Sep 2022 16:04:09 GMT; HttpOnly
X-Request-Id: a75f4fe3-3eea-4d3e-a73c-4bff9aa924b5


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (403)
Size:   599
Md5:    dd2771da070054d6aab83c68ac949390
Sha1:   464fe1390e299009aad78df035345cab42f7dee4
Sha256: 5ef1474af0a92c49e57609bb9faa09db552ea1b264a169a76f35432f269d6ae6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5493
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 16:04:09 GMT
Last-Modified: Tue, 27 Sep 2022 14:32:36 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /s1/f7108064-7613-499a-b1a7-8fb7ab791c3d?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=105385&cv4=200571&cv5=731565&cv6= HTTP/1.1 
Host: r.trwl1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.98.53.17
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.20.1
Date: Tue, 27 Sep 2022 16:04:09 GMT
Content-Length: 745
Connection: close
Set-Cookie: uid=rLrS7Ttapp; Path=/; Domain=trwl1.com; Expires=Wed, 28 Sep 2022 16:04:09 GMT; HttpOnly
X-Request-Id: 7bf13208-8754-40d1-a363-09573e301234


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (549)
Size:   745
Md5:    26a43290eb9f5e8ba2bee744c5cc5a1b
Sha1:   f4764085f36ef64da4587fa2fe9a05b5678c2034
Sha256: 778d2cd6c1324b7484b26a6cb5810a55ddec790c26ad29af5cc73f2bd9d8b7d9
                                        
                                            GET /h5/files/15541/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F91327398-1fe9-4c41-8b24-ad4626de6385%3FexternalId%3Dremnant%26p%3DeyJiIjoyNzY4NzUsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MywicCI6MSwicyI6MjE2NTR9 HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trwl1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.76.9.15
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
last-modified: Mon, 07 Feb 2022 07:41:28 GMT
etag: W/"6200cd28-c7f"
expires: Thu, 15 Sep 2022 10:54:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1665831726
server: CDN77-Turbo
x-77-nzt: AblMCQ1F5Sj/yxgQAA
x-77-nzt-ray: p+a8mhbXNLo
x-cache: HIT
x-age: 1054923
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1479
Md5:    476df416d630ba069cf2f2fdf278edf8
Sha1:   9ca7d06f845dec8e95e77ca2fb7860cf92a3ef2d
Sha256: f1e3d2ecdcbad9e7a3997a963269262b0951a9dcf903ab26005649f094dd9a7a
                                        
                                            GET /h5/files/overlay/16-overlay.png HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/15541/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F91327398-1fe9-4c41-8b24-ad4626de6385%3FexternalId%3Dremnant%26p%3DeyJiIjoyNzY4NzUsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MywicCI6MSwicyI6MjE2NTR9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.76.9.15
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
content-length: 4224
last-modified: Tue, 06 Feb 2018 18:15:47 GMT
etag: "5a79f0d3-1080"
expires: Tue, 23 May 2023 11:06:55 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684840015
server: CDN77-Turbo
x-77-nzt: AblMCQ0jetD/KrSnAA
x-77-nzt-ray: IyxlXNwJ9+A
x-cache: HIT
x-age: 10990634
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size:   4224
Md5:    d66274c14945df9c552f3f29b2edb39e
Sha1:   ab31d71d26c8486aa6e5662459341e1db4171ecb
Sha256: eca2a576dcb0e650c0701e96f1d4e7336cd0adc970cedbc7e8a72638ca2aa43e
                                        
                                            GET /h5/files/button/19-button.png HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/15541/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F91327398-1fe9-4c41-8b24-ad4626de6385%3FexternalId%3Dremnant%26p%3DeyJiIjoyNzY4NzUsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MywicCI6MSwicyI6MjE2NTR9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.76.9.15
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
content-length: 504
last-modified: Fri, 11 Dec 2015 19:04:22 GMT
etag: "566b1e36-1f8"
expires: Tue, 23 May 2023 11:05:44 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839944
server: CDN77-Turbo
x-77-nzt: AblMCQ1hyNP/cbSnAA
x-77-nzt-ray: +jaifsexy5k
x-cache: HIT
x-age: 10990705
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size:   504
Md5:    6b9292b2f016f0dca094f08e98b10e4f
Sha1:   032fb37c0956d518c289b727d4f2b1f7d300f9e1
Sha256: 549b9bd0060e105223af22424e20b6dce5b9276b90bda0af13a1b0fc503bd673
                                        
                                            GET /h5/files/video/1934-18586-728x90.medium.mp4 HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/15541/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F91327398-1fe9-4c41-8b24-ad4626de6385%3FexternalId%3Dremnant%26p%3DeyJiIjoyNzY4NzUsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MywicCI6MSwicyI6MjE2NTR9
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.76.9.15
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
content-length: 429648
last-modified: Mon, 07 Feb 2022 07:41:26 GMT
etag: "6200cd26-68e50"
expires: Tue, 24 May 2022 11:15:59 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-accel-expires: @1664360080
server: CDN77-Turbo
x-77-nzt: AblMCQ2n/Vz/6VEAAA
x-77-nzt-ray: RnV1yjPaDbk
x-cache: HIT
x-age: 20969
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-429647/429648
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   429648
Md5:    1b43621d87c60ea606c14ea425205a50
Sha1:   5216be9ada04594ace6a2d719fd641c56b1231fb
Sha256: f0e48a2bf05f1a29981edc57035ecf4ee7d5e507927d8c3bde0d8c93c237bc04
                                        
                                            GET /h5/files/overlay/1605-overlay-preview.png HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/16000/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F3f9260db-2b48-4f54-9793-5f757a08128e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D105385%26cv4%3D200571%26cv5%3D731565%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0ODAsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjI1NjV9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.76.9.15
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
content-length: 1320
last-modified: Wed, 20 Apr 2022 13:57:38 GMT
etag: "62601152-528"
expires: Tue, 23 May 2023 11:05:44 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839944
server: CDN77-Turbo
x-77-nzt: AblMCQ3dlRj/cbSnAA
x-77-nzt-ray: PtAf2oT4hr0
x-cache: HIT
x-age: 10990705
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size:   1320
Md5:    ef5dc9face6a1c8fa2416ff171ef7294
Sha1:   9f3f3086b4bc395cdf6fa9fc646fcb586d3a6dd3
Sha256: 19561b14de8300fa5df0c993f762bf554165b2ab4edbae97fd388c7bf8f35a5a
                                        
                                            GET /h5/files/16000/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F3f9260db-2b48-4f54-9793-5f757a08128e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D105385%26cv4%3D200571%26cv5%3D731565%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0ODAsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjI1NjV9 HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trwl1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.76.9.15
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
last-modified: Wed, 20 Apr 2022 14:41:07 GMT
etag: W/"62601b83-c83"
expires: Sun, 23 Oct 2022 13:41:32 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1666532492
server: CDN77-Turbo
x-77-nzt: AblMCQ2zgcbvbWcFAA
x-77-nzt-ray: 7Fj5a3Fi7xg
x-cache: HIT
x-age: 354157
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   2797
Md5:    813bc36d46535078698ac4d423fa5ce2
Sha1:   740d3670a9436246380a53c5796742b9deffd381
Sha256: a8bf5c9d9da0110b9acd77b763d7383aa352f5f66d5397dcbb84b0b425495c9d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 16:04:10 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 07:08:29 GMT
Expires: Tue, 04 Oct 2022 07:08:28 GMT
Etag: "6e5b6c1258397c2dab9c393ad728f867f30cfc55"
Cache-Control: max-age=572058,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751579366ff80b39-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10688
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 16:04:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10688
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 16:04:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10688
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 16:04:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10688
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 16:04:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10688
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 16:04:10 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kRSg9NTTAgeAJgIZ_C9_rRodCX4bzGduJEvNPNHUya0Moa2vsmWSoQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 66313
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13213
Md5:    62e68c3cd08dd94d910507512a67e85f
Sha1:   3d4fa8701f17e8818c25584ef5f04bfbee8440cd
Sha256: 058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10318
x-amzn-requestid: 6a205445-8a9e-4f25-b144-ba6e6934d383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhFNAIAMFmBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-61ecbf9154cd56131b940ac0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qP5-TglQAoTGc78-rIK27mKRTS_WthN0OpiiMqSF-y2rmWxVOyfNVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 19:30:21 GMT
age: 74029
etag: "cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10318
Md5:    a90590f26bae9ad9e95ffdfbfb7dd21d
Sha1:   cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3
Sha256: 33fe3394213e01d11c3e005cb5a678ba74511704d4132fc2bd9f7ad4e1b7dbfc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IWzfDNFlgYdqYnbQ9uWfOvqb5zl3I3mgTZrT5pU5P3EvetMRDN5P7w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:06:47 GMT
age: 53843
etag: "1a26007f761e439db575fb80fb403031260aecf4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7455
Md5:    5274e770cb5a704916c8965659709f4a
Sha1:   1a26007f761e439db575fb80fb403031260aecf4
Sha256: e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:37:50 GMT
age: 51980
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6390
Md5:    14218a43c5e5bbce546735a780c8ccce
Sha1:   61676358cdbb2373bc644e66f8a84fbc8cc5daf6
Sha256: 905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p1vYTqYjOmYHjVmJ8f6qyT_nLIsyXsr7ZI-DI7JBF9RJa0ZJNPiluA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:56:23 GMT
age: 65267
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10211
Md5:    347dca206e13a3b13953f0ab398310b4
Sha1:   be60bbc96c832ae385cc9ae5828bd32703011b21
Sha256: f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 66303
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9163
Md5:    deb8d1e3b6d7fbc8c8ba478269621676
Sha1:   84f5a4c8b38acde814bc790e5b514347718d5bb9
Sha256: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
                                        
                                            GET /sfp.js HTTP/1.1 
Host: creepingbrings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.198.30
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 32aa3a94b3e51dcf850bce991f7a7455
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 27 Sep 2022 16:04:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5WhcEwg1%2BAH%2BX0T3%2BabXzrPiI8ciN10h2jCA%2FRUV5snC%2Fm80uHrEt0fUatZF2W4nqyH%2F0%2FiKB3M%2BePOWFyjLUebthHQktrU7IFKWHifyTGYAMw8HOmxwixraEvEQ3Bdvny2IKI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75157937e9f771d4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size:   27239
Md5:    bf06496d6e28514aa614ca1bb72a1f37
Sha1:   584bbac08f801800db17731c2f00476ea3ae997e
Sha256: e2b2a7d4c978a5786cb430adf1871a7702c8b90301df8a8136391199478f4cea
                                        
                                            GET /counters/cc_1032.js HTTP/1.1 
Host: s10.histats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         46.105.201.240
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 27 Sep 2022 16:02:53 GMT
etag: "-33105628"
last-modified: Thu, 16 Apr 2020 10:44:41 GMT
x-request-id: 423297955
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5573
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (15441), with no line terminators
Size:   5573
Md5:    0ec7f2a21cef271e478d52652b3ce8f0
Sha1:   7644885c01d5197c2d8b26cfcdcbeb6d60b3f792
Sha256: ce0aaf0880f892c04c6e8070b036cbf3822255136e47052eca1f9b712d56e84b
                                        
                                            GET /ascripts/pxl.js HTTP/1.1 
Host: adxadserv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         185.98.53.29
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.20.1
Date: Tue, 27 Sep 2022 16:04:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Sep 2020 09:55:25 GMT
ETag: W/"5f6dbe8d-12fee"
Expires: Tue, 27 Sep 2022 08:32:02 GMT
Cache-Control: max-age=86400, public
X-77-NZT: AblMCgFIMWD/92kAAA
X-77-NZT-Ray: Xcf/YdwjCQ0
X-Cache: HIT
X-Age: 27127
X-77-POP: amsterdamNL
X-77-Cache: HIT
Content-Encoding: br


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (36114)
Size:   23098
Md5:    72d1139e9f2e6ebe3f51c9193edb4439
Sha1:   cd356eb9eaab433ac792406ba36d4304b6450571
Sha256: 74553d0effe74cd6a4f1424940f7fd133c5457ff1d5c53030e651ec6612bec88
                                        
                                            GET /config?url=https%3A%2F%2Fcreative.xxxjmp.com%2Fwidgets%2FPlayer%3FsourceId%3D%26tag%3Dgirls%2Fchinese%26autoplay%3Dall%26%26showModal%3Dsignup%26strict%3D1%26campaignId%3Dstreaming300250%26userId%3Db17b07652808cd0fd770fa287c11f9818eef1c12cce3d22e7d30a87bdff6f1e8%26p%3Dverify50af HTTP/1.1 
Host: go.xxxjmp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xxxjmp.com/
Origin: https://creative.xxxjmp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         104.18.42.40
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 27 Sep 2022 16:04:08 GMT
access-control-allow-origin: *
last-modified: Tue, 27 Sep 2022 15:56:06 GMT
cf-cache-status: EXPIRED
set-cookie: __cflb=02DiuDfsBaY2bRYJiCg3Rc4wrBy1LXpo997ZSy6DnJdMv; SameSite=None; Secure; path=/; expires=Wed, 28-Sep-22 15:04:08 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 75157931ca0ab51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   24943
Md5:    64dac197965b6e80259a1ec2cdfafa76
Sha1:   13d09ded5acc9162a812f43f65f669e2a1a22173
Sha256: 092ceb9ed92c98b917410b010fb23cf2411e409a308c48869ebd5cc792410e6a
                                        
                                            GET /ascripts/pxl.js HTTP/1.1 
Host: adxadserv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
If-Modified-Since: Fri, 25 Sep 2020 09:55:25 GMT
If-None-Match: W/"5f6dbe8d-12fee"

                                         
                                         185.98.53.29
HTTP/1.1 304 Not Modified
                                        
Server: nginx/1.20.1
Date: Tue, 27 Sep 2022 16:04:12 GMT
Connection: keep-alive
Last-Modified: Fri, 25 Sep 2020 09:55:25 GMT
ETag: "5f6dbe8d-12fee"
Expires: Tue, 27 Sep 2022 08:32:02 GMT
Cache-Control: max-age=86400, public
X-77-NZT: AblMCgER/Vz/+WkAAA
X-77-NZT-Ray: k/83ZgXnEK8
X-Cache: HIT
X-Age: 27129
X-77-POP: amsterdamNL
X-77-Cache: HIT

                                        
                                            GET /ascripts/pxl.js HTTP/1.1 
Host: adxadserv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
If-Modified-Since: Fri, 25 Sep 2020 09:55:25 GMT
If-None-Match: W/"5f6dbe8d-12fee"

                                         
                                         185.98.53.29
HTTP/1.1 304 Not Modified
                                        
Server: nginx/1.20.1
Date: Tue, 27 Sep 2022 16:04:13 GMT
Connection: keep-alive
Last-Modified: Fri, 25 Sep 2020 09:55:25 GMT
ETag: "5f6dbe8d-12fee"
Expires: Wed, 28 Sep 2022 08:32:17 GMT
Cache-Control: max-age=86400, public
X-77-NZT: AblMCgp32RX/7GkAAA
X-77-NZT-Ray: hQHFf8h1mYg
X-Cache: HIT
X-Age: 27116
X-77-POP: amsterdamNL
X-77-Cache: HIT

                                        
                                            GET /px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D5cebd83261d6e237774d8104%2526type%253D300x250%2526output%253Diframe&ref=https%253A%252F%252Favgle.com%252F&d_r=1&d_s=1280x1024&d_w=300x250&t_s=1664294646179&t_i=1664294646528&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=1ddc2dea-933a-4794-aac0-7d634f2f6068&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=049f7554-3e7e-11ed-bed6-52ca5d2668e1&spid=5cebd83261d6e237774d8104&fpid_sa=1664294646500&fpid=06b61c45186b25aa28faa3141c74e735&feid_sa=1664294646500&sid_sa=1664294646500&feid=91430d5d28abe4c6587e43288c0e3651&sid=618296670f6466163256b2a0b3106160&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=avgle.com&s_rst=0&e_d=%7B%7D&t_op=4.303 HTTP/1.1 
Host: adxadserv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         185.98.53.29
HTTP/1.1 200 OK
                                        
Server: nginx/1.20.1
Date: Tue, 27 Sep 2022 16:04:14 GMT
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D5cebd89161d6e21c7336d70a%2526type%253D300x250%2526output%253Diframe&ref=https%253A%252F%252Favgle.com%252F&d_r=1&d_s=1280x1024&d_w=300x250&t_s=1664294646176&t_i=1664294646519&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=b642a39f-9131-4b52-be36-b3507dfce5e6&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=049db014-3e7e-11ed-91a1-e25a5bb9767f&spid=5cebd89161d6e21c7336d70a&fpid_sa=1664294646500&fpid=06b61c45186b25aa28faa3141c74e735&feid_sa=1664294646500&sid_sa=1664294646500&feid=91430d5d28abe4c6587e43288c0e3651&sid=618296670f6466163256b2a0b3106160&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=avgle.com&s_rst=0&e_d=%7B%7D&t_op=4.325 HTTP/1.1 
Host: adxadserv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         185.98.53.29
HTTP/1.1 200 OK
                                        
Server: nginx/1.20.1
Date: Tue, 27 Sep 2022 16:04:15 GMT
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /t/re/v4?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D5cebd83261d6e237774d8104%2526type%253D300x250%2526output%253Diframe&ref=https%253A%252F%252Favgle.com%252F&d_r=1&d_s=1280x1024&d_w=300x250&t_s=1664294646179&t_i=1664294646526&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=080ffcbb-056c-49ad-8130-82653e1cab38&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_s=GUEST&fpid_sa=null&fpid=&feid_sa=null&sid_sa=null&feid=0c69951f8afe123cad5854df333da71c&sid=8ec188cdae16c8f8075c674f49dacecd&u_adb=0&vn=R-1.0&utm_typ=referral&utm_src=avgle.com&s_rst=0&st_d=%7B%7D&e_d=%7B%22spotId%22%3A%225cebd83261d6e237774d8104%22%2C%22impressionId%22%3A%22049f7554-3e7e-11ed-bed6-52ca5d2668e1%22%7D&t_op=4.388&cb=gl.cb.pv HTTP/1.1 
Host: adxadserv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         185.98.53.29
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx/1.20.1
Date: Tue, 27 Sep 2022 16:04:16 GMT
Content-Length: 65
Connection: keep-alive
Set-Cookie: xfeid=31109fbd3ca7ebc8b83dc14eb60d25ca; expires=Tue, 01 Jan 2030 00:00:00 GMT; path=/; domain=.adxadserv.com
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: content-type
Access-Control-Max-Age: 864000


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   65
Md5:    4a9543ad84bc40a450fca65e143ba7b2
Sha1:   f01914d4aa7610f7f034aeb5746f79d104c2df9e
Sha256: b90cf11a82925700af92254a0df12e7ac85aca5600a25943f88f01a7d5926c39
                                        
                                            GET /t/re/v4?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D5cebd89161d6e21c7336d70a%2526type%253D300x250%2526output%253Diframe&ref=https%253A%252F%252Favgle.com%252F&d_r=1&d_s=1280x1024&d_w=300x250&t_s=1664294646176&t_i=1664294646518&u_tz=0&u_l=en-US&u_l2=&u_l3=&n_c=&n_s=&pv_uid=a788de41-a130-466d-bc20-32af6ae074c8&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&p_tt=desktop&p_l=en&p_z=NONAUTHORIZED&p_u_s=GUEST&fpid_sa=null&fpid=&feid_sa=null&sid_sa=null&feid=0c69951f8afe123cad5854df333da71c&sid=8ec188cdae16c8f8075c674f49dacecd&u_adb=0&vn=R-1.0&utm_typ=referral&utm_src=avgle.com&s_rst=0&st_d=%7B%7D&e_d=%7B%22spotId%22%3A%225cebd89161d6e21c7336d70a%22%2C%22impressionId%22%3A%22049db014-3e7e-11ed-91a1-e25a5bb9767f%22%7D&t_op=4.452&cb=gl.cb.pv HTTP/1.1 
Host: adxadserv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         185.98.53.29
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx/1.20.1
Date: Tue, 27 Sep 2022 16:04:16 GMT
Content-Length: 65
Connection: keep-alive
Set-Cookie: xfeid=3d1f58b75e1e84c7f717529b0214230b; expires=Tue, 01 Jan 2030 00:00:00 GMT; path=/; domain=.adxadserv.com
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: content-type
Access-Control-Max-Age: 864000


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   65
Md5:    854b46d3ff68a8a3636a4dba67ab22c4
Sha1:   23947a84cfe9acb0052c4841c2fb3c08e18a2574
Sha256: 049f7a16a985c57596d47eb0dcd665aa0453fe605eec9cef83ce417ad5794ee9
                                        
                                            GET /css/wm.css HTTP/1.1 
Host: static.adxadserv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         185.76.9.24
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 16:04:08 GMT
last-modified: Mon, 03 Aug 2020 09:41:06 GMT
etag: W/"5f27dbb2-711"
x-accel-expires: @1664708822
server: CDN77-Turbo
x-77-nzt: AblMCRShRZ7/IoAJAA
x-77-nzt-ray: 9wXegAQloeI
x-cache: HIT
x-age: 622626
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Open+Sans:400,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 16:04:07 GMT
date: Tue, 27 Sep 2022 16:04:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sfp.js HTTP/1.1 
Host: addresseepaper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.101.4
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 16:04:08 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 8c0ee3599e75122281aeff7b8976d120
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 27 Sep 2022 16:04:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDUehGcZFgFUuTgNV3AZ6CQOrTN7R2a13zfea%2FA%2BG8qRHhNFfMSyM3J5EQPKBqVn6R2FM1s%2BwULU7QRGSsiRs91Kdkto%2FgS4hQuSQbn2tr%2F1eQk13HGjc2pUBiWsey6l4Sr%2BUTo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7515793289f64083-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /thumbs/view HTTP/1.1 
Host: go.xlivrdr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlivrdr.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://creative.xlivrdr.com
Content-Length: 81
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.64.145.216
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28uukSkGJRy5UBr1MAvzNuwf2BatG6PHGKFsfKuWt; SameSite=None; Secure; path=/; expires=Wed, 28-Sep-22 15:04:09 GMT; HttpOnly
server: cloudflare
cf-ray: 751579391af6b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /h5/files/10432/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F366cc4d5-e4be-4262-b19a-46011fc35104%3Fcv1%3D049ca203-3e7e-11ed-900a-e2e38133f3a0%26cv10%3Dexim_adxad_stub2_300x250_%26cv2%3D4982d74cc5945eb5f443cbeab8c29c8c%26cv3%3Ddesktop%26cv4%3D623c966461d6e2757e4d7921%26cv5%3D623c962a61d6e2790d5b93d2%26cv6%3Den%26cv7%3D300X250%2BIndex%2BMiddle%2BPage%2BRight%26cv8%3DFirefox%26cv9%3D5cebd90a61d6e21c7336d70d%26externalId%3D049ca203-3e7e-11ed-900a-e2e38133f3a0%26p%3DeyJiIjoyOTUsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjMsInAiOjEsInMiOjI1MzE5fQ HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trwl1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.76.9.15
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
last-modified: Mon, 25 Mar 2019 12:46:39 GMT
etag: W/"5c98cdaf-11e4"
expires: Thu, 27 Oct 2022 16:04:08 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1666886649
server: CDN77-Turbo
x-77-nzt: AblMCQ26dUGh
x-77-nzt-ray: PITU0bJVD3M
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /widgets/Player?sourceId=&tag=girls/chinese&autoplay=all&&showModal=signup&strict=1&campaignId=streaming300250&userId=b17b07652808cd0fd770fa287c11f9818eef1c12cce3d22e7d30a87bdff6f1e8&p=verify50af HTTP/1.1 
Host: creative.xxxjmp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.18.42.40
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 27 Sep 2022 16:04:08 GMT
last-modified: Mon, 26 Sep 2022 07:31:30 GMT
expires: Tue, 27 Sep 2022 16:04:14 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
cf-cache-status: HIT
set-cookie: __cflb=0H28uukSkGJRy5UBr1MAvzNuwf2BatG5eTk7hE34F2U; SameSite=None; Secure; path=/; expires=Wed, 28-Sep-22 15:04:08 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 7515792e1cb4b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /ad?spotid=5cebd90a61d6e21c7336d70d&type=300x250&output=iframe HTTP/1.1 
Host: ads.adxadserv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avgle.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.98.53.2
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 16:04:08 GMT
cache-control: no-cache
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /config?url=https%3A%2F%2Fcreative.xlivrdr.com%2Fwidgets%2FPlayer%3Fautoplay%3Dall%26autoplayForce%3D1%26campaignId%3Dc60722964a88be492caed3fc1823b9568764746108f340ba90631cdf62b308db%26campaignType%3Dsmartpop%26creativeId%3D2a4e0d3a59f3dcaefd23459460759431e47e05565a35daf5c932192b4b6b2ff8%26iterationId%3D205170%26masterSmartpopId%3D0%26quality%3D240p%26ruleId%3D0%26showModal%3Dsignup%26smartpopId%3D5749%26tag%3Dgirls%252Fchinese%26userId%3Db17b07652808cd0fd770fa287c11f9818eef1c12cce3d22e7d30a87bdff6f1e8%26variationId%3D28407 HTTP/1.1 
Host: go.xlivrdr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlivrdr.com/
Origin: https://creative.xlivrdr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         172.64.145.216
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 27 Sep 2022 16:04:08 GMT
access-control-allow-origin: *
last-modified: Tue, 27 Sep 2022 15:50:27 GMT
cf-cache-status: EXPIRED
set-cookie: __cflb=02DiuDfsBaY2bRYJiCdcdyuoKGiEHEbzYGmu498imk1hW; SameSite=None; Secure; path=/; expires=Wed, 28-Sep-22 15:04:08 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 75157931984bb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /h5/files/video/1505-18983-728x90.medium.mp4 HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/16000/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F3f9260db-2b48-4f54-9793-5f757a08128e%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D105385%26cv4%3D200571%26cv5%3D731565%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0ODAsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjI1NjV9
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.76.9.15
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
date: Tue, 27 Sep 2022 16:04:09 GMT
content-length: 556119
last-modified: Mon, 07 Feb 2022 07:42:13 GMT
etag: "6200cd55-87c57"
expires: Tue, 24 May 2022 11:06:28 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-accel-expires: @1664374396
server: CDN77-Turbo
x-77-nzt: AblMCQ1miAX//RkAAA
x-77-nzt-ray: AHeU2fdkyq4
x-cache: HIT
x-age: 6653
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-556118/556119
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /widgets/Player?autoplay=all&autoplayForce=1&campaignId=c60722964a88be492caed3fc1823b9568764746108f340ba90631cdf62b308db&campaignType=smartpop&creativeId=2a4e0d3a59f3dcaefd23459460759431e47e05565a35daf5c932192b4b6b2ff8&iterationId=205170&masterSmartpopId=0&quality=240p&ruleId=0&showModal=signup&smartpopId=5749&tag=girls%2Fchinese&userId=b17b07652808cd0fd770fa287c11f9818eef1c12cce3d22e7d30a87bdff6f1e8&variationId=28407 HTTP/1.1 
Host: creative.xlivrdr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://avgle.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.18.42.40
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 27 Sep 2022 16:04:08 GMT
last-modified: Mon, 26 Sep 2022 07:31:30 GMT
expires: Tue, 27 Sep 2022 16:04:18 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
cf-cache-status: HIT
set-cookie: __cflb=02DiuDfsBaY2bRYJiCddNhqGgfsRfgxda9gHGoPi7P7rc; SameSite=None; Secure; path=/; expires=Wed, 28-Sep-22 15:04:08 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 7515792f0d040afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---