porn-adventures.com/smljackpotpurple
301 Moved Permanently 134 B URL HTTP/1.1 porn-adventures.com/smljackpotpurple
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /smljackpotpurple HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Fri, 09 Dec 2022 23:14:26 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://porn-adventures.com:443/smljackpotpurple
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14097
Expires: Sat, 10 Dec 2022 03:09:24 GMT
Date: Fri, 09 Dec 2022 23:14:27 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8561
Expires: Sat, 10 Dec 2022 01:37:08 GMT
Date: Fri, 09 Dec 2022 23:14:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 23:08:21 GMT
content-type: application/json
age: 366
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3448
Expires: Sat, 10 Dec 2022 00:11:55 GMT
Date: Fri, 09 Dec 2022 23:14:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WD+9n2IqUTafevMG9EOD8Qchevso8gPgUDDXz2RJqFj8aAjej52SH1f/8RvXU8qdeskza0G69Bg=
x-amz-request-id: X1AW2FYKYWZC3A9D
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 22:48:33 GMT
age: 1554
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 23:14:27 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c83e7cc66a3437f52a77972912786344
e3e05cae5d040e72a59b74db1e015a8a8943d476
2567db4c8821756b313166692f34ce2d9b9505bd54b480a83cbf907faa4cd287
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124993
Date: Fri, 09 Dec 2022 23:14:27 GMT
Etag: "6392f503-1d7"
Expires: Sun, 11 Dec 2022 09:57:40 GMT
Last-Modified: Fri, 09 Dec 2022 08:42:43 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yy-6mgHhQ3O0DwmSbjvh4WT_bvEU5O5zIr51gDSn3Ap7HTwSdPzdMw==
Age: 4497
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 23:07:55 GMT
age: 392
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple
301 Moved Permanently 162 B URL HTTP/2 porn-adventures.com/smljackpotpurple
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /smljackpotpurple HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Fri, 09 Dec 2022 23:14:27 GMT
content-type: text/html
content-length: 162
location: http://porn-adventures.com/smljackpotpurple/
server: nginx
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/
301 Moved Permanently 134 B URL HTTP/1.1 porn-adventures.com/smljackpotpurple/
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /smljackpotpurple/ HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Fri, 09 Dec 2022 23:14:27 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://porn-adventures.com:443/smljackpotpurple/
ocsp.digicert.com/
200 OK 471 B IP
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 722
Cache-Control: max-age=122670
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 23:14:27 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 09:18:57 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 23:14:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 23:14:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
porn-adventures.com/smljackpotpurple/
200 OK 12 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (35554)
Hash 8a1691844bf769ec40e203a0504e457e
83c0c0cebb6202a35f8a2542d8e7e2078ea9a9f1
58d49ce8a6fb84db0672eee3271fefbb8a9fc3b8bcbe95b300a754b006f557a7
GET /smljackpotpurple/ HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:27 GMT
content-type: text/html
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:22 GMT
vary: Accept-Encoding
etag: W/"62aaf1da-28d6"
expires: Sun, 08 Jan 2023 23:14:27 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
200 OK 8.6 kB URL HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP
File type ASCII text, with very long lines (25088)
Hash 73069e532b7039778d3a7128c997c61a
c523bbf1ac7f4e612c8ade75434c42fbca885adc
b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 21:48:07 GMT
expires: Fri, 08 Dec 2023 21:48:07 GMT
cache-control: public, max-age=31536000
age: 91580
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 23:14:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
porn-adventures.com/smljackpotpurple/assets/images/logo-s8af.png
200 OK 15 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/logo-s8af.png
IP
File type PNG image data, 755 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash 531066ad49aede5b3dc1ec89fb1be952
87c79b74b86b9d6fee0060ae40b0cb2c037d0757
4ad29fd05be1209e88c0526e7679c008b3b655744bef8f1c73d9c7355d83685e
GET /smljackpotpurple/assets/images/logo-s8af.png HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:27 GMT
content-type: image/png
content-length: 15373
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:23 GMT
etag: "62aaf1db-3c0d"
expires: Sun, 08 Jan 2023 23:14:27 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/icons/sound-on-s8af.png
200 OK 5.1 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/icons/sound-on-s8af.png
IP
File type PNG image data, 110 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash abcfae4e12bd5b39f67af82fb1006e9e
1c0e8c7b910e749ca5e35ae4e09dddf1402802e7
2d1ec0bcfc06ec9046a7ed1bfb5a0399d48a4d9beaaa287f7a4c5e70e6954b03
GET /smljackpotpurple/assets/images/icons/sound-on-s8af.png HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:27 GMT
content-type: image/png
content-length: 5097
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:32 GMT
etag: "62aaf1e4-13e9"
expires: Sun, 08 Jan 2023 23:14:27 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Tscr6aZjIYKKS4ptkBnXyQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RpQPdcWW4QkYOnQ9caQWqeJut6s=
porn-adventures.com/smljackpotpurple/assets/images/icons/sound-off-s8af.png
200 OK 12 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/icons/sound-off-s8af.png
IP
File type PNG image data, 110 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash a7f2c88cbdb10310f424f5fe1b11f14e
b7740b10817ec42a835df62ff89483ae78af0b6e
b745981776c9a0a926faa0f3fcd204257093efcca7738be3d8d5154f4a75d6cd
GET /smljackpotpurple/assets/images/icons/sound-off-s8af.png HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:27 GMT
content-type: image/png
content-length: 11883
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:32 GMT
etag: "62aaf1e4-2e6b"
expires: Sun, 08 Jan 2023 23:14:27 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 47fc66e734e4fe2b3bcd0adee4a105eb
2feb502f2c6eb1d8abc7cd2f4a615f0b81536dde
a67cc3fb62bc835fb6588d08520d8bc3f10960c4e1dc8b88809b41dc0725d498
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=95426
Date: Fri, 09 Dec 2022 23:14:28 GMT
Etag: "63927d81-1d7"
Expires: Sun, 11 Dec 2022 01:44:54 GMT
Last-Modified: Fri, 09 Dec 2022 00:12:49 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2T7EX_zdEpnMjC_wZpwsMLl6lVqQ-52XhID4mToYJFBy3S_wErnsPw==
Age: 5525
porn-adventures.com/smljackpotpurple/assets/scripts/url-params.js
200 OK 597 B URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/scripts/url-params.js
IP
Hash ce4ac1e78737679df2100868f66b020b
6d359535ccca076fee1b86c32cd79cedf8093b6c
bb891acc564034d109a509e4ddf0dfb8a73dbb6615b7e68333afa54bf8a49988
GET /smljackpotpurple/assets/scripts/url-params.js HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:28 GMT
content-type: application/javascript
content-length: 597
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:28 GMT
etag: "62aaf1e0-255"
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/scripts/backoffer.js
200 OK 430 B URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/scripts/backoffer.js
IP
File type ASCII text, with very long lines (430), with no line terminators
Hash 6d5aa83d23ce0b9f72d3b87d000d8fae
034fb8768eb58ffc0b5849e2c162989741a6cbec
89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800
GET /smljackpotpurple/assets/scripts/backoffer.js HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:28 GMT
content-type: application/javascript
content-length: 430
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:25 GMT
etag: "62aaf1dd-1ae"
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/items/1-mob-s8af.jpg
200 OK 22 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/items/1-mob-s8af.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 313x200, components 3\012- data
Hash a933ae0a9dfb4c00864bf88f3ee969d9
9332c1fbc7700e7167dfc61cb01a9d665945fe1c
23384fb3c00228852f856f77545526c9b88fa8589ed46bc2d6c1d2da99b1a2b8
GET /smljackpotpurple/assets/images/items/1-mob-s8af.jpg HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:27 GMT
content-type: image/jpeg
content-length: 22188
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:32 GMT
etag: "62aaf1e4-56ac"
expires: Sun, 08 Jan 2023 23:14:27 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/items/2-mob-s8af.jpg
200 OK 22 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/items/2-mob-s8af.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 315x201, components 3\012- data
Hash dabbcc02bdcc7dc3d0cc44fce8429d8e
572069654e46cd9af0062a385e8381b4a3529e18
ef66374aa8934fbd598d00a3e2d9ea31d797716926f755e69f40141c7131d88a
GET /smljackpotpurple/assets/images/items/2-mob-s8af.jpg HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:27 GMT
content-type: image/jpeg
content-length: 21628
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:33 GMT
etag: "62aaf1e5-547c"
expires: Sun, 08 Jan 2023 23:14:27 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/items/3-mob-s8af.jpg
200 OK 19 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/items/3-mob-s8af.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 315x201, components 3\012- data
Hash 897f47ae2a8a1c970090b0e54165ebe1
01dbd6cf3c7253f84d119a730b01b7d8d8933fbc
6108f2d057fffdf1702ca20999ddb54369c471072c9658bc48ae3282f286ddf1
GET /smljackpotpurple/assets/images/items/3-mob-s8af.jpg HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:28 GMT
content-type: image/jpeg
content-length: 19325
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:34 GMT
etag: "62aaf1e6-4b7d"
expires: Sun, 08 Jan 2023 23:14:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/items/5-s8af.jpg
200 OK 30 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/items/5-s8af.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 501x308, components 3\012- data
Hash beba00fc1be95cc998ae1df559467ec4
d9b27310ff959d51b3988089a31fbcd04c470c49
287300e8438eb015dc6ae624d18186e60142515f2d9122f4dfa81d282bac7d7a
GET /smljackpotpurple/assets/images/items/5-s8af.jpg HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:28 GMT
content-type: image/jpeg
content-length: 29579
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:35 GMT
etag: "62aaf1e7-738b"
expires: Sun, 08 Jan 2023 23:14:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/items/1-s8af.jpg
200 OK 75 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/items/1-s8af.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x365, components 3\012- data
Hash bb1e70a4c74414fdae67e9750b77d6d2
2214f137c761c448a15137f79105425d0abc6e94
209e681a2a9e0332fcb1df980a814221bf571c77a9d075f5b74abc588c79c5f7
GET /smljackpotpurple/assets/images/items/1-s8af.jpg HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:27 GMT
content-type: image/jpeg
content-length: 75038
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:33 GMT
etag: "62aaf1e5-1251e"
expires: Sun, 08 Jan 2023 23:14:27 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/items/2-s8af.jpg
200 OK 64 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/items/2-s8af.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 746x364, components 3\012- data
Hash 87dd2050196f393d174847a108a8ca44
0244b0bdae5538f5e67d3e9ba25b8799cf0bd05a
f8531ec37146857f288097740afa695e9ad932bf3043b3c331dc3fbcf5064849
GET /smljackpotpurple/assets/images/items/2-s8af.jpg HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:27 GMT
content-type: image/jpeg
content-length: 64230
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:34 GMT
etag: "62aaf1e6-fae6"
expires: Sun, 08 Jan 2023 23:14:27 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/items/4-s8af.jpg
200 OK 60 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/items/4-s8af.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x375, components 3\012- data
Hash bcc468f5628ec81b5ffa64b35ced7960
f2d885a7684fcfc6d781599c0c335252cfae3ce3
25a16e8297f8fd5f92e71bd1985335727120484e95b14ff57fa1599b017b4a65
GET /smljackpotpurple/assets/images/items/4-s8af.jpg HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:28 GMT
content-type: image/jpeg
content-length: 59924
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:35 GMT
etag: "62aaf1e7-ea14"
expires: Sun, 08 Jan 2023 23:14:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/items/3-s8af.jpg
200 OK 52 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/items/3-s8af.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 748x371, components 3\012- data
Hash ea9184447132f7a7ca130b6cdd884aa7
1650311c7d15c231f7343d89f962d952e4e1d159
01670e2c0e055d4a52d7369d0be4ac477abc7763e5dfb33cfcb97f69f7503aff
GET /smljackpotpurple/assets/images/items/3-s8af.jpg HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:28 GMT
content-type: image/jpeg
content-length: 51890
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:34 GMT
etag: "62aaf1e6-cab2"
expires: Sun, 08 Jan 2023 23:14:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/icons/check-on-s8af.png
200 OK 1.1 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/icons/check-on-s8af.png
IP
File type PNG image data, 41 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e3efa3af1fed66b2ed62a85d50b053b
01dcb31d7cc9a6a2944bbb02730b702fe50f6610
119ad81304823e8196464d766c36d7263788d44eb7d0f974ccae8f4827a833c8
GET /smljackpotpurple/assets/images/icons/check-on-s8af.png HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/assets/styles/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:28 GMT
content-type: image/png
content-length: 1064
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:32 GMT
etag: "62aaf1e4-428"
expires: Sun, 08 Jan 2023 23:14:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash df461557a41d14aa54cc2fed4dd237f0
3667b8e2da7b01d26eee75d3283b7282d403d21c
e66350dd9728acb3b66c4ed0e2dbd812978f7e0c823a9ad714eeda3087c50e7f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=94822
Date: Fri, 09 Dec 2022 23:14:28 GMT
Etag: "63928482-1d7"
Expires: Sun, 11 Dec 2022 01:34:50 GMT
Last-Modified: Fri, 09 Dec 2022 00:42:42 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 18j-scjLJyve6twHkO2YSnwkdTrRMmgrgXP-5aQoH2-GGfd84NLmwA==
Age: 3128
porn-adventures.com/favicon.ico
404 Not Found 146 B URL HTTP/2 porn-adventures.com/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /favicon.ico HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 09 Dec 2022 23:14:28 GMT
content-type: text/html
content-length: 146
server: nginx
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c381f6004ac928593a3c06e8719ef6f0
c99ad555f400552555f285d132984bf8f76796ae
51b7366d03c49504ce8ea8489d773a1694417dfb9323e872d2b203a82e6f7c20
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168029
Date: Fri, 09 Dec 2022 23:14:28 GMT
Etag: "6393a0ba-1d7"
Expires: Sun, 11 Dec 2022 21:54:57 GMT
Last-Modified: Fri, 09 Dec 2022 20:55:22 GMT
Server: ECS (dcb/7FA7)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7mI8Y3jYzVXu-BCANUrI6lw9U8BDOtdF6ppWpc6fWvRuTV2mK7ourw==
Age: 3575
porn-adventures.com/smljackpotpurple/assets/audio/music.mp3
206 Partial Content 4.7 MB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/audio/music.mp3
IP
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, Stereo\012- data
Size 4.7 MB (4738447 bytes)
Hash f0f3fede74d179210e780d0329635af5
9f795cb6cd0e468a10fd25b76533d2a3156607ae
6c9c084d95b2cbd4b6e6bbf23abd348a63e723f3062abc98b155051c63d4b889
GET /smljackpotpurple/assets/audio/music.mp3 HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Fri, 09 Dec 2022 23:14:28 GMT
content-type: audio/mpeg
content-length: 4738447
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:24 GMT
etag: "62aaf1dc-484d8f"
content-range: bytes 0-4738446/4738447
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5241
Expires: Sat, 10 Dec 2022 00:41:50 GMT
Date: Fri, 09 Dec 2022 23:14:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5241
Expires: Sat, 10 Dec 2022 00:41:50 GMT
Date: Fri, 09 Dec 2022 23:14:29 GMT
Connection: keep-alive
porn-adventures.com/smljackpotpurple/assets/scripts/functions.js
200 OK 1.2 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/scripts/functions.js
IP
Hash e32ef981665b0d6e90131d46f4b342eb
025e242ff741198fb4c923de0350031555d35c04
f54f2ba5df2ae3a07e76ab23c6045cb2048e735224a26c85007e19e8fbe43bab
GET /smljackpotpurple/assets/scripts/functions.js HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:28 GMT
content-type: application/javascript
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:25 GMT
vary: Accept-Encoding
etag: W/"62aaf1dd-90b"
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5241
Expires: Sat, 10 Dec 2022 00:41:50 GMT
Date: Fri, 09 Dec 2022 23:14:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 57674
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eba44f9-82c7-4919-bc2f-4f847f621994.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eba44f9-82c7-4919-bc2f-4f847f621994.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8a5e9d0cddf26cf3a1478d2942f2478
e8a228a857a414f04108c84670ed7bc74534407c
3a15851f412000f1647057745348bc6f6e2f0cfe481ca7a72f6e94fab8d5e52e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eba44f9-82c7-4919-bc2f-4f847f621994.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12990
x-amzn-requestid: 2e4f71f3-b81d-4822-a13a-e8367a76aa20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMREp3IAMFRJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-447650995616ab6a09780380;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DVOvH3hkkdKdQNGQSrJ90yGPigdD8UysVImEu_pMe_H69RagreIKsg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:07 GMT
age: 4882
etag: "e8a228a857a414f04108c84670ed7bc74534407c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9051770b3587c195bea670f8820e8cfe
abf58087f0e345202da088238daea85d177b431b
f687a10c0ae63699a551977e9a4ec5bc7ba606b1925178d7ed4ec6728889bb2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8841
x-amzn-requestid: 09b64f8e-60c0-4cf6-a0dc-15e597bd9d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMWH7MIAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-3471ee5f5a78b55c424e2c6d;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bVrZoVci4YfYCRAZqXhH60jeZdSTx3uS0lLKZB9DOfHBiqFvyAAkfw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:17 GMT
age: 4872
etag: "abf58087f0e345202da088238daea85d177b431b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/scripts/ua-parser.min.js
200 OK 20 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/scripts/ua-parser.min.js
IP
Hash c5a7ab39b033201ce56977fc9fcec4c0
fc6ec08c090b15c678eec277199499fb23db2e00
1883e95371c858413248b5a47a26a182944af90229da07e2694dcc75951b4466
GET /smljackpotpurple/assets/scripts/ua-parser.min.js HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:28 GMT
content-type: application/javascript
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:28 GMT
vary: Accept-Encoding
etag: W/"62aaf1e0-4bb3"
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05755b78-9a44-483c-9449-ae2df8a44bd0.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05755b78-9a44-483c-9449-ae2df8a44bd0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00ad01d32ff690b4a28f6d0555c7e146
c607a2782213afcc058882ffa11a08860a6de034
b5896253222e132fa68f11fba133195a20e4aad94f8cdbfef747ded7e9243b0c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05755b78-9a44-483c-9449-ae2df8a44bd0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7444
x-amzn-requestid: eaf9e585-6b52-46c3-a62a-fa591bbf2204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5f7BEV6IAMFbIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393ad13-3cab7e35787037ec74ff6e31;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:48:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: h4zD_i6WBAfsiXc-ajAK05qB4RFr5sqTzdlXOMsJ4lUqSzGTSGRpIg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:21 GMT
age: 4868
etag: "c607a2782213afcc058882ffa11a08860a6de034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcdc2c9891132c82cd09ef237930877
3e112ad867e159d1bfdf9bfd2e2a04fea8248494
8d543255c1272d77981913e4b0e0e5efede8f4ffaa91572a3eee9e44ac035946
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8473
x-amzn-requestid: 40260408-5f10-42ed-832e-a8bc5d02e95c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5e9hGqwIAMFl2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393ab89-078ecefb64853b047acc2de7;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:41:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IlrFT2ydf78BXS67A0IN1KSc_OghPx7hpoY9wmwUxtX8Ivwth70F1w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:13:10 GMT
age: 3679
etag: "3e112ad867e159d1bfdf9bfd2e2a04fea8248494"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash fa402d93749c0c755875f4893dab1ce5
a052ca70148912eae6a5c09da152d7f8d9bfdc58
b45a2016c8b519abb40244763b7444c8b37beb8338fb3d644aac24bc43c3f288
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 09 Dec 2022 23:14:29 GMT
Etag: "63925355-1d7"
Server: ECS (dcb/7EEB)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 74huDGajwTrAaSJiVv2yO36ESVYbuC7J22nQfearyyab5GhI4406EA==
fastlnd.com/ep.php/JK-prmagms:75813/69181:%7Bsubid%7D.%7BclickID%7D?crpx=xYI2120983669
302 Found 10 kB URL HTTP/2 fastlnd.com/ep.php/JK-prmagms:75813/69181:%7Bsubid%7D.%7BclickID%7D?crpx=xYI2120983669
IP
File type gzip compressed data, max compression\012- data
Hash fa9987a23f5a9d865766e952511baa30
f2e620b99ee61a01671ba6a9e22ca75d58a1b52d
655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
GET /ep.php/JK-prmagms:75813/69181:%7Bsubid%7D.%7BclickID%7D?crpx=xYI2120983669 HTTP/1.1
Host: fastlnd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://porn-adventures.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 09 Dec 2022 23:14:30 GMT
content-type: text/html; charset=UTF-8
location: https://secadmt.com/signup/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47363-662808.{subid}.{clickID}
set-cookie: AWSALB=YJgeiQ2O6TZgDiC8kU4K/zJgensn+NLGyK/CpD79qI80rWfZra75UXZIFPwW/Xv0KehOLjOqONp0YKzddMO7StfFgajR9zEh0WbvslJ74/x/BUqSt2gm69saaH+M; Expires=Fri, 16 Dec 2022 23:14:30 GMT; Path=/
AWSALBCORS=YJgeiQ2O6TZgDiC8kU4K/zJgensn+NLGyK/CpD79qI80rWfZra75UXZIFPwW/Xv0KehOLjOqONp0YKzddMO7StfFgajR9zEh0WbvslJ74/x/BUqSt2gm69saaH+M; Expires=Fri, 16 Dec 2022 23:14:30 GMT; Path=/; SameSite=None; Secure
vip_id=69181.47363-662808; expires=Mon, 12-Dec-2022 23:14:30 GMT; Max-Age=259200; path=/
server: Apache
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 5e5ca3b6b0e7ddfaf6f390ba893c0633
481d44297df75151beadbe4dc1a4c70028adb18f
c054de6c331a90de48ede7af8a85d923757f6b712d070a239f10c5621fd295d3
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 23:14:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 13 Dec 2022 21:21:35 GMT
ETag: "481d44297df75151beadbe4dc1a4c70028adb18f"
Last-Modified: Fri, 09 Dec 2022 21:21:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2051
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77716ffdc923b51e-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c8189e0c166f3c2efc7121e19cdbe834
3bf31eba0c955856e0f63bb0e8d2e04aababfc88
64408848fecce621a13e79a5eed3b60bd6ff72a7a08218678cb745c32e0c3a98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64408848FECCE621A13E79A5EED3B60BD6FF72A7A08218678CB745C32E0C3A98"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6837
Expires: Sat, 10 Dec 2022 01:08:28 GMT
Date: Fri, 09 Dec 2022 23:14:31 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash b46d1fab23b05fdaf31f0d173a14d60a
00a17681393a87c1641127246e419d59a7396053
a94d07180e234c0523fba1b937fe0c479d3b861f78f2f2b582a54a1a38208cf2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4990
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 23:14:31 GMT
Last-Modified: Fri, 09 Dec 2022 21:51:21 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 23:14:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 23:14:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 23:14:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
200 OK 20 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
IP
File type ASCII text, with very long lines (65371)
Hash 7e2bb6028f0b19917a1a2d1944fc72b1
e1837fc75ee2ddd24c6e1df6b309ea212b57e681
cc6093bd7162882fd34252fb5d3e8e7d07247e3b70fad894320bf2a960abeda5
GET /ajax/bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 15354407
cache-control: public,max-age=31536000
content-type: text/css
date: Fri, 09 Dec 2022 23:14:31 GMT
etag: "0e914f2cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:10:18 GMT
server: ECAcc (ska/F740)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19629
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
200 OK 9.8 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
IP
File type ASCII text, with very long lines (32033)
Hash 432ca07a1a844dbb27f9e0ab0d468be5
7fdaf858d702f84536a515c675b4028ce2eb0cfa
12732099d21835fabf83a93eec52f7cf1847cd64a0572d18917b2e13b06d5cf0
GET /ajax/bootstrap/3.3.7/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bkdwbvx.com
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 12260216
cache-control: public,max-age=31536000
content-type: application/javascript
date: Fri, 09 Dec 2022 23:14:31 GMT
etag: "80bdc1e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:59 GMT
server: ECAcc (ska/F6C5)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9839
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bkdwbvx.com
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 06:48:11 GMT
expires: Thu, 07 Dec 2023 06:48:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
age: 231980
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bkdwbvx.com/common_tpls/compactML/css/epcggpa3.css
200 OK 7.2 kB URL HTTP/2 bkdwbvx.com/common_tpls/compactML/css/epcggpa3.css
IP
File type ASCII text, with very long lines (41067), with no line terminators
Hash 710c884f5c6635501825497fb8d1295a
f10358a63ae7857fac02cbf488ea45096e191206
57a20b7e3985fe4b1ed0d4b3b6089778635ee2f788612fb8fb78f4e1c74e0596
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/compactML/css/epcggpa3.css HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47363-662808.%7Bsubid%7D.%7BclickID%7D&epcCID=K4qfS5v980U6l3W4P7YaO2Ve3bkbg8Aei&rtid=71189001241
Cookie: PHPSESSID=f731e0993d2614e82cc1ff4a6ce2cf6a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:31 GMT
content-type: text/css
content-length: 7248
last-modified: Tue, 17 Aug 2021 16:01:49 GMT
etag: "611bdd6d-a06b"
content-encoding: gzip
vary: Accept-Encoding
section-io-cache-id: fe547d364bb755e4a96ab31b954fa510
x-varnish: 13294131 13333224
age: 17798
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 3f98f69cbb4f26ac2ed7d97f5853376e
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 23:14:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bkdwbvx.com/common_tpls/images/icons/email.png
200 OK 1.3 kB URL HTTP/2 bkdwbvx.com/common_tpls/images/icons/email.png
IP
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash a86d99b9176d82a211cfa29b2f0b353f
62947ddfd87e3a21869818885e4bfa4e55ad0c11
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/images/icons/email.png HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47363-662808.%7Bsubid%7D.%7BclickID%7D&epcCID=K4qfS5v980U6l3W4P7YaO2Ve3bkbg8Aei&rtid=71189001241
Cookie: PHPSESSID=f731e0993d2614e82cc1ff4a6ce2cf6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:31 GMT
content-type: image/png
content-length: 1254
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-4e6"
section-io-cache-id: bbf7c1e804bd0366abe1b0012c0ec3a8
x-varnish: 15420497 6596649
age: 17849
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 249e3fb376d9c52b7cab4ea630d2ecf9
X-Firefox-Spdy: h2
bkdwbvx.com/common_tpls/images/icons/fname.png
200 OK 1.6 kB URL HTTP/2 bkdwbvx.com/common_tpls/images/icons/fname.png
IP
File type PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c846870756544f39604e671d4111b9d
304938c74246e228fa82d8ca40201c3db6098074
d43abf8c5665519a3fe3f7e90298fc17b62e06d8ada1b90a44ea9985a62abb4d
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/images/icons/fname.png HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47363-662808.%7Bsubid%7D.%7BclickID%7D&epcCID=K4qfS5v980U6l3W4P7YaO2Ve3bkbg8Aei&rtid=71189001241
Cookie: PHPSESSID=f731e0993d2614e82cc1ff4a6ce2cf6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:31 GMT
content-type: image/png
content-length: 1649
last-modified: Tue, 28 Nov 2017 20:52:02 GMT
etag: "5a1dcc72-671"
section-io-cache-id: 2b50b1b65adf9bcdd5839fe6cb0cc761
x-varnish: 15420498 6596651
age: 17849
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: b555fcc0763f73cfd0b33f3dc928292f
X-Firefox-Spdy: h2
bkdwbvx.com/common_tpls/images/icons/password.png
200 OK 1.5 kB URL HTTP/2 bkdwbvx.com/common_tpls/images/icons/password.png
IP
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash 6f100f1cdbdce928118ffa4c9293ca5b
6b1a3593e792d4c00187d60560dd03fb42df1156
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/images/icons/password.png HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47363-662808.%7Bsubid%7D.%7BclickID%7D&epcCID=K4qfS5v980U6l3W4P7YaO2Ve3bkbg8Aei&rtid=71189001241
Cookie: PHPSESSID=f731e0993d2614e82cc1ff4a6ce2cf6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:31 GMT
content-type: image/png
content-length: 1452
last-modified: Tue, 22 Aug 2017 16:34:59 GMT
etag: "599c5d33-5ac"
section-io-cache-id: 8e0cd615c3ac3b8d315a4811e162d6b1
x-varnish: 13294133 2086572
age: 17843
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: e47ed3900df31d944e8b0a741bc304f7
X-Firefox-Spdy: h2
bkdwbvx.com/common_tpls/images/icons/address.png
200 OK 1.2 kB URL HTTP/2 bkdwbvx.com/common_tpls/images/icons/address.png
IP
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash b579e9868402d708e54e1a980166c444
1c58e2890b934c0b1ab057f3ac28bedd2a082d19
67756f8b542c7823bcdba421219c3b8e1ee472748d8c3463534f667271356dfb
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/images/icons/address.png HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47363-662808.%7Bsubid%7D.%7BclickID%7D&epcCID=K4qfS5v980U6l3W4P7YaO2Ve3bkbg8Aei&rtid=71189001241
Cookie: PHPSESSID=f731e0993d2614e82cc1ff4a6ce2cf6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:31 GMT
content-type: image/png
content-length: 1167
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-48f"
section-io-cache-id: 9ea85ac6710352116d59fe652e06da0a
x-varnish: 1240895 3720501
age: 11118
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 06ad96b5badaa9d32e7037582896eadd
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 23:14:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bkdwbvx.com/common_tpls/js/iframeResizer.contentWindow.min.js
200 OK 59 kB URL HTTP/2 bkdwbvx.com/common_tpls/js/iframeResizer.contentWindow.min.js
IP
File type ASCII text, with very long lines (52016)
Hash 3226d9c42636c7228dce0135c5c990d5
953a56e970cc328c8b5257ba9887e2d1f5fe52b3
1fd09225a9d1ccdf7c4d42c5bf4ae074c9019d156c85359752e96a33cc788e77
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47363-662808.%7Bsubid%7D.%7BclickID%7D&epcCID=K4qfS5v980U6l3W4P7YaO2Ve3bkbg8Aei&rtid=71189001241
Cookie: PHPSESSID=f731e0993d2614e82cc1ff4a6ce2cf6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:06:03 GMT
etag: W/"56b368db-3445"
section-io-cache-id: c4e8077d4d202328f6fdbce8bfc7bf53
x-varnish: 15420499 13660994
age: 17847
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: df4d9c4acfa601b6382f29ec6b023e34
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
200 OK 2.6 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
IP
File type ASCII text, with very long lines (27832)
Hash eaaabd3f60063923cd5333eb1d7a20a1
0da69706105e28896a1f6eeaa91d5bec1b82f7f1
f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70
GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bkdwbvx.com/
Origin: https://bkdwbvx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:31 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 706407
accept-ranges: bytes
server: cloudflare
cf-ray: 777170054f76b4ee-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
200 OK 4.2 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
IP
File type ASCII text, with very long lines (26366)
Hash 7fd743485fa194e25e2a207bff6c258a
97c999d752b95ee1ed6271a29aa58109dc17281e
dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bkdwbvx.com/
Origin: https://bkdwbvx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:31 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 706407
accept-ranges: bytes
server: cloudflare
cf-ray: 777170054f75b4ee-OSL
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 8f872683725810a53bbf4228698af6b4
2d71aec741f569720c4e3a23857c18a0882ba4ce
428ad1927ec0527cf4b1e41a2654f0679de229dbf5cb9452b235e58fd8e6143c
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 23:14:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 13 Dec 2022 19:42:26 GMT
ETag: "2d71aec741f569720c4e3a23857c18a0882ba4ce"
Last-Modified: Fri, 09 Dec 2022 19:42:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2087
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77717005dac8b51e-OSL
geoip.enlistsecureup.com/?v=1
200 OK 24 kB URL HTTP/2 geoip.enlistsecureup.com/?v=1
IP
ASN #54994 QUANTILNETWORKS
Hash b9dee5db03233d1f838bcc591978f88e
1758d68670aec82b07920707dd24b3871e8c71c8
b229d2c57f8207154748c585ba55d2a54207b3dc060fe513f6c04b59eae22fe1
GET /?v=1 HTTP/1.1
Host: geoip.enlistsecureup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:32 GMT
content-type: application/javascript
server: waf/4.32.3-0.el6
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-via: 1.1 PS-SJC-011UH181:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:15 (Cdn Cache Server V2.0)
x-ws-request-id: 6393c158_CSP-A15498_35510-43422
set-cookie: HMF_CI=df40557b6ceee77c2c9f69b526b1d591f2a5f8f1cf770cc94e95023ce01bf66149737d191291f6f90fd5111f4499f43e284ccf5715527e8c6224fe76a8ef536bab; Expires=Sun, 08-Jan-23 23:14:32 GMT; Path=/
X-Firefox-Spdy: h2
js-agent.newrelic.com/552.2d6a2503-1220.js
200 OK 5.9 kB URL HTTP/2 js-agent.newrelic.com/552.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (21423)
Hash 097ef34c5f5d635a147bca3721bd605b
3b31ef3cfb1d62d9884d631ec2467b9d6b0d46e2
3e05d4e42c1e87b516b525574b20d2570dccc50d1bd1b2956d6421699aa19914
GET /552.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Lx7LUNyC193WWpSv5hW/L7UEeNSlDwufm33KpA2sv5a1ht8efI/6s62/R2OVbNZKkoG/gUHXaFI=
x-amz-request-id: VK0V8BCV38T7WVVS
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "777ac0df4dba632ad1b2955c88dd51ac"
x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 23:14:32 GMT
via: 1.1 varnish
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 3745
x-timer: S1670627672.335063,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5890
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bkdwbvx.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:11 GMT
expires: Sat, 09 Dec 2023 13:33:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
age: 34881
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/mulish/v3/1Ptyg83HX_SGhgqO0yLcmjzUAuWexc1RwaA.ttf
200 OK 42 kB URL HTTP/2 fonts.gstatic.com/s/mulish/v3/1Ptyg83HX_SGhgqO0yLcmjzUAuWexc1RwaA.ttf
IP
File type TrueType Font data, 18 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2011 The Mulish Project Authors (github.com/googlefonts/mulish)Mulish LightRegular2.10\012- data
Hash 8befc3aee189c7cb3fb9d0efdb657256
f2053c67ec447d9cf645a8cb635f99bf17a84958
13dc393f90dc2feb20567822ef7ffd6b45b02f57849096806076bda5569b3ae0
GET /s/mulish/v3/1Ptyg83HX_SGhgqO0yLcmjzUAuWexc1RwaA.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bkdwbvx.com
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 41723
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 20:08:26 GMT
expires: Wed, 06 Dec 2023 20:08:26 GMT
cache-control: public, max-age=31536000
age: 270366
last-modified: Thu, 21 Jan 2021 05:38:47 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/mulish/v3/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNRwaA.ttf
200 OK 42 kB URL HTTP/2 fonts.gstatic.com/s/mulish/v3/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNRwaA.ttf
IP
File type TrueType Font data, 18 tables, 1st "GDEF", 12 names, Microsoft, language 0x409, Copyright 2011 The Mulish Project Authors (github.com/googlefonts/mulish)MulishRegular2.100;NONE\012- data
Hash 140e4c19f32bf9be05e539e9288726ec
4f9819fd553e9bf97a4f7f614c38c639e994e451
cdfd700cc4d106344778b96165d2d7dd86e05feac184660d5ec49fcfd81948bd
GET /s/mulish/v3/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNRwaA.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bkdwbvx.com
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 41867
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 09:07:15 GMT
expires: Fri, 08 Dec 2023 09:07:15 GMT
cache-control: public, max-age=31536000
age: 137237
last-modified: Wed, 20 Jan 2021 21:08:26 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/mulish/v3/1Ptyg83HX_SGhgqO0yLcmjzUAuWexXRWwaA.ttf
200 OK 42 kB URL HTTP/2 fonts.gstatic.com/s/mulish/v3/1Ptyg83HX_SGhgqO0yLcmjzUAuWexXRWwaA.ttf
IP
File type TrueType Font data, 18 tables, 1st "GDEF", 12 names, Microsoft, language 0x409, Copyright 2011 The Mulish Project Authors (github.com/googlefonts/mulish)MulishBold2.100;NONE;Mu\012- data
Hash 9f883a328891bb8ccb6b976b63f42aca
57879c0320c9dd3de779b21c308c21f2572d34a2
1d447afef436b7b2d0be166b5871c807fc0fec0ae8b9e2a88fbc7bd44cca4af9
GET /s/mulish/v3/1Ptyg83HX_SGhgqO0yLcmjzUAuWexXRWwaA.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bkdwbvx.com
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 41999
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 06:18:37 GMT
expires: Fri, 08 Dec 2023 06:18:37 GMT
cache-control: public, max-age=31536000
age: 147355
last-modified: Thu, 21 Jan 2021 06:26:30 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
readyrtr.com/cr.php?cid=910&ACT=69181&TRK={subid}.{clickID}
302 Found 7.4 kB URL HTTP/2 readyrtr.com/cr.php?cid=910&ACT=69181&TRK={subid}.{clickID}
IP
File type gzip compressed data, from Unix\012- data
Hash 498dfe3703ba6827b6fd72ccd5e146fd
babccbf00201eef93fd3daeb43a5cce4cdf8142b
a8e8ea7486cbcc98f2734a19e3648844d642cf3a1401653c9f6909201e232d43
GET /cr.php?cid=910&ACT=69181&TRK={subid}.{clickID} HTTP/1.1
Host: readyrtr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 09 Dec 2022 23:14:29 GMT
content-type: text/html; charset=UTF-8
location: https://fastlnd.com/ep.php/JK-prmagms:75813/69181:%7Bsubid%7D.%7BclickID%7D?crpx=xYI2120983669
set-cookie: AWSALB=i6oCjIKLo/V0Rq6D5EPqao0wcou+E/nxtg1Pmw9+pq9Ep/4EXsPbPkaOdYUA3nvP18s9U9z58wri2cnY1EROsb+5Xy/+IgzpCgcByoV1/mRT3x9CJ7cTuCwWbLNG; Expires=Fri, 16 Dec 2022 23:14:29 GMT; Path=/
AWSALBCORS=i6oCjIKLo/V0Rq6D5EPqao0wcou+E/nxtg1Pmw9+pq9Ep/4EXsPbPkaOdYUA3nvP18s9U9z58wri2cnY1EROsb+5Xy/+IgzpCgcByoV1/mRT3x9CJ7cTuCwWbLNG; Expires=Fri, 16 Dec 2022 23:14:29 GMT; Path=/; SameSite=None; Secure
hskp=xYI2120983669%2C; expires=Fri, 23-Dec-2022 23:14:29 GMT; Max-Age=1209600
skip=-1670627669%2C2518; expires=Fri, 09-Dec-2022 23:24:29 GMT; Max-Age=600
910_2518_0=1670627669; expires=Sat, 10-Dec-2022 23:14:29 GMT; Max-Age=86400
server: Apache
X-Firefox-Spdy: h2
js-agent.newrelic.com/368.2d6a2503-1220.js
200 OK 1.4 kB URL HTTP/2 js-agent.newrelic.com/368.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (3382)
Hash fa50a55750d1d0978fca32be5dbc3988
a7f447621d48b3ecf7fc0192b515d506d3d1ad18
c621038fb07e536af8a1ec6d260853dfe69055dc2fb526700919c53b3b7e5f20
GET /368.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: kwoAxcBtx2IMbi3IHVdur3TxF/StXF2YgQ/J5F/J0LqxQRcevbbS10v8PBtCq89jFlCdbzEZt0Y=
x-amz-request-id: VK0S7FDBAB0EX9VY
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "16b4f3676c3859e1378a2ccdebbad675"
x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 23:14:32 GMT
via: 1.1 varnish
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 3731
x-timer: S1670627673.559536,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1443
X-Firefox-Spdy: h2
js-agent.newrelic.com/768.2d6a2503-1220.js
200 OK 2.2 kB URL HTTP/2 js-agent.newrelic.com/768.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (5523)
Hash 98a96a3306b7723c0b8c4bff074cdd9f
e9070da7daa34fa2d8ac2e4ec00e3c499ea37516
a6079d50fa4c72b521fd865e67be080b5b21c336a71dbf7a1800a12ad42384f7
GET /768.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: YghQGw//W98CcE+uLEc2bIpyY1zfBy1cvSl3ZbHItGIBbBbjBYrgjjDhKdNnyagoNGaVfLpI2xM=
x-amz-request-id: VK0XNZM280HMN60Q
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "d6cc8b42eda6fd7734014b03b87b5787"
x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 23:14:32 GMT
via: 1.1 varnish
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 3739
x-timer: S1670627673.559931,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2225
X-Firefox-Spdy: h2
js-agent.newrelic.com/775.2d6a2503-1220.js
200 OK 632 B URL HTTP/2 js-agent.newrelic.com/775.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (1169)
Hash 661520fd0dfebb919d68a69b60ca426f
b85ef80a0e0d95bf4904f9ce4fad56c49ae035be
ecd489671c6255fee8370fc1f8f4e99519ef8d4c4c0ab06640b0c021642e1db7
GET /775.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: n5W3M8HU3EdwDhPARC2iiAf1as95kdLfrN2+qdL0W35SMVzIqjIlMR9W7ck8oTAzeIw6lrJi5fM=
x-amz-request-id: VK0MRM6MJ78HXF3Y
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "1dfdb74c0491489bf04c6deadb56add2"
x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 23:14:32 GMT
via: 1.1 varnish
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 3728
x-timer: S1670627673.560145,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 632
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/scripts/trls.js
200 OK 17 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/scripts/trls.js
IP
File type Unicode text, UTF-8 text, with very long lines (7169)
Hash 195eb8aefb839b4b79c3549a50098c2d
1e2011c19d16d9397f8d3ab05258cf0dc425619e
1e596f9e30d57daf95533fb2ada80f74d5fbdd6759adba04c9cdfc6ec0a796db
GET /smljackpotpurple/assets/scripts/trls.js HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:28 GMT
content-type: application/javascript
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:28 GMT
vary: Accept-Encoding
etag: W/"62aaf1e0-c303"
content-encoding: gzip
X-Firefox-Spdy: h2
js-agent.newrelic.com/0.2d6a2503-1220.js
200 OK 2.3 kB URL HTTP/2 js-agent.newrelic.com/0.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (5198)
Hash 852267b16c136b977ccd94900c6c6308
e013e1b2c6de5b625ebbfe2e7cf3cfb09cee6c16
9bb09a133a1b33e9cecb06aa44e1ea67b3ad4ea74df5c6a89b1580064364cced
GET /0.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: yaLgSlI/o1YgPR64REKW7tJGngFFiymXOCq3qvC8FibvMh/NPjIov1s2Y43sA3Nk7dOb/Jeu8n0=
x-amz-request-id: VK0HGZZCMTDZKH5X
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "cc9b3d207e9ea2c79974f46bf474e6dd"
x-amz-version-id: 5C7ygpPS6JvoVHQoGDIm5lCTgaPcqmFc
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 23:14:32 GMT
via: 1.1 varnish
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 2204
x-timer: S1670627673.560504,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2349
X-Firefox-Spdy: h2
js-agent.newrelic.com/571.2d6a2503-1220.js
200 OK 1.1 kB URL HTTP/2 js-agent.newrelic.com/571.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (2412)
Hash d392a55faa7a0a2a43781a495891c9aa
1998ba6f85354606c186fa1a29285676f0b596f0
33b4cb21373961aa88430ff72406d46e95ceddf50afc086598ea5bdc3a311815
GET /571.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Yb3onr5wgE7GyebmH4WnkKwnI2MQKfjQMqMso3BN0Y71/Vtt12keZBjkbAuB5UJTI/GRzVXSccI=
x-amz-request-id: VK0WTM9PM29FXD43
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "04b00905b32fd8d29459545bc125cff6"
x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 23:14:32 GMT
via: 1.1 varnish
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 2203
x-timer: S1670627673.560803,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1108
X-Firefox-Spdy: h2
js-agent.newrelic.com/820.2d6a2503-1220.js
200 OK 3.0 kB URL HTTP/2 js-agent.newrelic.com/820.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (7460)
Hash 7d1295a839190615b34d5a62acceee4f
eef26f5c6d2ae14cb81b3a9b669da224faceacd0
4d59d58f31b6638fbc3792a0b5fddca6e8eafc19a0c9e9aabadb5ad4d9197198
GET /820.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: FgITvf3WklEMWkZwakon8gl0N9aTQ94pdNptn966xzqmGm/5HblQmQGcNcywcu4tvf5sbwoyl9E=
x-amz-request-id: VK0ZG74SYEQQ4TER
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "897a1a72a47e4f4a24c05aec49af638f"
x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 23:14:32 GMT
via: 1.1 varnish
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 2200
x-timer: S1670627673.560992,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2979
X-Firefox-Spdy: h2
bkdwbvx.com/common_tpls/js/validate_form_v2.js?jsv=29
200 OK 5.8 kB URL HTTP/2 bkdwbvx.com/common_tpls/js/validate_form_v2.js?jsv=29
IP
Hash fc4e58a8c5c8b6d7b7544a8eac584420
f379641afa277f92fb3f6738047c8429d98b93fa
1b08d5c0024b0483bfb38e29a188d9e1c945cdbcddc48fbf66797c399a7bec92
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/js/validate_form_v2.js?jsv=29 HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47363-662808.%7Bsubid%7D.%7BclickID%7D&epcCID=K4qfS5v980U6l3W4P7YaO2Ve3bkbg8Aei&rtid=71189001241
Cookie: PHPSESSID=f731e0993d2614e82cc1ff4a6ce2cf6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 01 Nov 2022 21:07:07 GMT
etag: W/"63618a7b-614a"
section-io-cache-id: cf58c5f9b1d4448754e6b2619c128ecd
x-varnish: 13294132 15142880
age: 17858
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 7d8b1690f7f0cefec8b30020393a459a
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4082&ck=0&s=592dcd0c2e8694cb&ref=https://bkdwbvx.com/acct/epc69181/add/&ap=77&be=3177&fe=552&dc=547&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670627667480,%22n%22:0,%22f%22:2364,%22dn%22:2365,%22dne%22:2394,%22c%22:2394,%22s%22:2502,%22ce%22:2729,%22rq%22:2729,%22rp%22:3059,%22rpe%22:3059,%22dl%22:3063,%22di%22:3708,%22ds%22:3724,%22de%22:3728,%22dc%22:3728,%22l%22:3728,%22le%22:3732%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4082&ck=0&s=592dcd0c2e8694cb&ref=https://bkdwbvx.com/acct/epc69181/add/&ap=77&be=3177&fe=552&dc=547&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670627667480,%22n%22:0,%22f%22:2364,%22dn%22:2365,%22dne%22:2394,%22c%22:2394,%22s%22:2502,%22ce%22:2729,%22rq%22:2729,%22rp%22:3059,%22rpe%22:3059,%22dl%22:3063,%22di%22:3708,%22ds%22:3724,%22de%22:3728,%22dc%22:3728,%22l%22:3728,%22le%22:3732%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
IP
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4082&ck=0&s=592dcd0c2e8694cb&ref=https://bkdwbvx.com/acct/epc69181/add/&ap=77&be=3177&fe=552&dc=547&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670627667480,%22n%22:0,%22f%22:2364,%22dn%22:2365,%22dne%22:2394,%22c%22:2394,%22s%22:2502,%22ce%22:2729,%22rq%22:2729,%22rp%22:3059,%22rpe%22:3059,%22dl%22:3063,%22di%22:3708,%22ds%22:3724,%22de%22:3728,%22dc%22:3728,%22l%22:3728,%22le%22:3732%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 23:14:33 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7771700a2cd5b500-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4855&ck=0&s=592dcd0c2e8694cb&ref=https://bkdwbvx.com/acct/epc69181/add/
200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4855&ck=0&s=592dcd0c2e8694cb&ref=https://bkdwbvx.com/acct/epc69181/add/
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4855&ck=0&s=592dcd0c2e8694cb&ref=https://bkdwbvx.com/acct/epc69181/add/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 681
Origin: https://bkdwbvx.com
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 23:14:34 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 7771700eba04b500-OSL
Access-Control-Allow-Origin: https://bkdwbvx.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
porn-adventures.com/smljackpotpurple/assets/styles/reset.css
200 OK 0 B URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/styles/reset.css
IP
GET /smljackpotpurple/assets/styles/reset.css HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/assets/styles/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:28 GMT
content-type: text/css
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:29 GMT
vary: Accept-Encoding
etag: W/"62aaf1e1-61c"
content-encoding: gzip
X-Firefox-Spdy: h2
porn-adventures.com/pushjs/1.0.0/subscriber.js
200 OK 0 B URL HTTP/2 porn-adventures.com/pushjs/1.0.0/subscriber.js
IP
GET /pushjs/1.0.0/subscriber.js HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:27 GMT
content-type: application/javascript
server: nginx
last-modified: Wed, 27 Apr 2022 09:23:15 GMT
vary: Accept-Encoding
etag: W/"62690b83-385c"
content-encoding: gzip
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/media/video.mp4
206 Partial Content 0 B URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/media/video.mp4
IP
GET /smljackpotpurple/assets/media/video.mp4 HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Fri, 09 Dec 2022 23:14:28 GMT
content-type: video/mp4
content-length: 5848902
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:27 GMT
etag: "62aaf1df-593f46"
expires: Sun, 08 Jan 2023 23:14:28 GMT
cache-control: max-age=2592000
content-range: bytes 0-5848901/5848902
X-Firefox-Spdy: h2
secadmt.com/signup/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47363-662808.{subid}.{clickID}
302 Found 0 B URL HTTP/2 secadmt.com/signup/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47363-662808.{subid}.{clickID}
IP
ASN #54994 QUANTILNETWORKS
GET /signup/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47363-662808.{subid}.{clickID} HTTP/1.1
Host: secadmt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://porn-adventures.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 09 Dec 2022 23:14:30 GMT
content-type: text/html; charset=UTF-8
server: PWS/8.3.1.0.8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://bkdwbvx.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47363-662808.%7Bsubid%7D.%7BclickID%7D&epcCID=K4qfS5v980U6l3W4P7YaO2Ve3bkbg8Aei&rtid=71189001241
via: 1.1 PSmglsjLAX2hu177:8 (W), 1.1 PSdgflkfFRA1vg90:11 (W)
x-px: ms PSdgflkfFRA1vg90FRA,ms PSmglsjLAX2hu177LAX(origin)
x-ws-request-id: 6393c156_CSP-A15498_35438-33811
set-cookie: PHPSESSID=02b3fad94a2d37ca3f15d6ccf30639ad; path=/; secure; SameSite=None
HMF_CI=5e77aa305432fbf0784e750a9951c153d3db41e568b98c90bc1102b88b4d8f333e92fdc8b8e3e59fac4dc5784fa25c35b5f51ead52aacd28a21d51ab272abfbfaf; Expires=Sun, 08-Jan-23 23:14:30 GMT; Path=/
X-Firefox-Spdy: h2
js-agent.newrelic.com/790.2d6a2503-1220.js
200 OK 0 B URL HTTP/2 js-agent.newrelic.com/790.2d6a2503-1220.js
IP
GET /790.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: veWtlyFq4FXZZ3C91QZ1ydEfJVdBNkWk12lPeQHXsOtJd4oL/94W2O+vIrequr5Q4TsFmN49oJA=
x-amz-request-id: VK0VJC72617ZJQFB
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "af8c077a247e90dff929d7af81c94f57"
x-amz-version-id: TFyNie.wEelbO4xbna5bJ14MRDIkKCak
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 23:14:32 GMT
via: 1.1 varnish
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 1575
x-timer: S1670627673.561122,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 6064
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/styles/style.css
200 OK 0 B URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/styles/style.css
IP
GET /smljackpotpurple/assets/styles/style.css HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:27 GMT
content-type: text/css
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:29 GMT
vary: Accept-Encoding
etag: W/"62aaf1e1-2528"
content-encoding: gzip
X-Firefox-Spdy: h2
bkdwbvx.com/common_tpls/js/form_support.js?v=1101202201
200 OK 0 B URL HTTP/2 bkdwbvx.com/common_tpls/js/form_support.js?v=1101202201
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/js/form_support.js?v=1101202201 HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47363-662808.%7Bsubid%7D.%7BclickID%7D&epcCID=K4qfS5v980U6l3W4P7YaO2Ve3bkbg8Aei&rtid=71189001241
Cookie: PHPSESSID=f731e0993d2614e82cc1ff4a6ce2cf6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 18 Nov 2022 21:23:38 GMT
etag: W/"6377f7da-ed7"
section-io-cache-id: 01e2e22c390586b5cde8dec19c1caac5
x-varnish: 15420496 14664141
age: 17859
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: e96ae61d9bca9f494cb7a54af629620c
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins:wght@300;400;600&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:wght@300;400;600&display=swap
IP
GET /css2?family=Poppins:wght@300;400;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 23:14:31 GMT
date: Fri, 09 Dec 2022 23:14:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
porn-adventures.com/pushjs/1.0.0/config/lang-config.js
200 OK 0 B URL HTTP/2 porn-adventures.com/pushjs/1.0.0/config/lang-config.js
IP
GET /pushjs/1.0.0/config/lang-config.js HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:27 GMT
content-type: application/javascript
server: nginx
last-modified: Wed, 27 Apr 2022 09:23:16 GMT
vary: Accept-Encoding
etag: W/"62690b84-23c2"
content-encoding: gzip
X-Firefox-Spdy: h2
statisticresearch.com/user-segments/?pid=TH
200 OK 0 B URL HTTP/2 statisticresearch.com/user-segments/?pid=TH
IP
GET /user-segments/?pid=TH HTTP/1.1
Host: statisticresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:28 GMT
server: nginx
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/scripts/jquery.min.js
200 OK 0 B URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/scripts/jquery.min.js
IP
GET /smljackpotpurple/assets/scripts/jquery.min.js HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:28 GMT
content-type: application/javascript
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:26 GMT
vary: Accept-Encoding
etag: W/"62aaf1de-15851"
content-encoding: gzip
X-Firefox-Spdy: h2
daailynews.com/pushjs/1.0.0/utils.js
200 OK 0 B URL HTTP/2 daailynews.com/pushjs/1.0.0/utils.js
IP
GET /pushjs/1.0.0/utils.js HTTP/1.1
Host: daailynews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 23:14:28 GMT
content-type: application/javascript
server: nginx
last-modified: Wed, 16 Sep 2020 11:36:15 GMT
vary: Accept-Encoding
etag: W/"5f61f8af-20f2"
content-encoding: gzip
X-Firefox-Spdy: h2
34.203.102.179
163.171.128.172
23.36.77.32
104.18.21.226
93.184.220.29