javvin.me/video/xQAPn/stars-575-c-free-jav-porn-height-difference-40-cm-my-favorite-big-guys-are-appearing-one-after-another-insert-immediately
172.67.193.132301 Moved Permanently 0 B URL HTTP/1.1 javvin.me/video/xQAPn/stars-575-c-free-jav-porn-height-difference-40-cm-my-favorite-big-guys-are-appearing-one-after-another-insert-immediately
IP 172.67.193.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /video/xQAPn/stars-575-c-free-jav-porn-height-difference-40-cm-my-favorite-big-guys-are-appearing-one-after-another-insert-immediately HTTP/1.1
Host: javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 25 Jan 2023 09:57:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 25 Jan 2023 10:57:47 GMT
Location: https://javvin.me/video/xQAPn/stars-575-c-free-jav-porn-height-difference-40-cm-my-favorite-big-guys-are-appearing-one-after-another-insert-immediately
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hN4Wmgmx3TYq28QmujK0pqYP%2F3jrF4iOIpxw2W1f7%2FTBW6k4JYwD1ZVz6%2Bai4T5ihT0qjkOABgh67z0a0l8X2MrmNExyVFMCmHvuemb4OIW4JQltpiXEQOhXW5Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78f0258df901b50c-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3838
Expires: Wed, 25 Jan 2023 11:01:45 GMT
Date: Wed, 25 Jan 2023 09:57:47 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10760
Expires: Wed, 25 Jan 2023 12:57:07 GMT
Date: Wed, 25 Jan 2023 09:57:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 09:35:11 GMT
content-type: application/json
age: 1356
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6796
Expires: Wed, 25 Jan 2023 11:51:04 GMT
Date: Wed, 25 Jan 2023 09:57:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ELSrd1bSiufGvd8yx/9NIiYDJn1d7uBWT2R3QDifTuwxuQBJ7VQ47a0m4I5B+N1QgTFUYqsVd28=
x-amz-request-id: QQZ6FYZTE4SZXZSA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 09:48:31 GMT
age: 557
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 09:41:40 GMT
age: 968
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12774
Expires: Wed, 25 Jan 2023 13:30:42 GMT
Date: Wed, 25 Jan 2023 09:57:48 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
104.17.25.14200 OK 5.1 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (17660)
Hash abe1df98b6ab4644bd567e6669d0da03
27e3bf22ef08b7ca0090721ed31b4f921d278e7c
cd40ba7dbf63d67511c0fd56b7e5327dbedb43d15c439d79a8aacb6377059540
GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 5117
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-45f4"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3509820
expires: Mon, 15 Jan 2024 09:57:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdzzSHgTyNaol0ki5btvRGnDIbJI8eHZQ0hSBc1tJ98U4CVob5IcRo8J3yTdjVmS6OyfBxZBUyD%2BVH9SB3JzqKWPe2fVto0aHqgck5IMW65pGtUbp5marSEQ5dkqPn9WYsEU1%2FPr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78f02592e885b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.javvin.me/data/caribbeancom-050510-366.jpg
188.114.96.1200 OK 94 kB URL HTTP/2 cdn.javvin.me/data/caribbeancom-050510-366.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 9273b758c3f86c4ebcbba62112ca69bb
e1ccdc6b41eccbdd700f0ede6f6e66db4c7a84df
f43b4d9457235780fb5414460d08d9a18d23e1607e892f6ab9b3b7461565d58f
GET /data/caribbeancom-050510-366.jpg HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: image/jpeg
content-length: 94402
last-modified: Tue, 21 Jan 2020 05:21:57 GMT
etag: "5e268a75-170c2"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 525690
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQyowj2n%2FaecyMSaD140JqkvR3%2FXufc3P%2FyezbGSlnu3J03g83Yd2qUbJCK96v7%2BAB%2B8WYvxmQpQhjIELcTMiiqnGAM19SLeWDRD%2B9S6NcUnD5TqZ%2BvoIzFw0wLbWHAx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f025935c04b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.javvin.me/data/caribbeancom-042110-353.jpg
188.114.96.1200 OK 88 kB URL HTTP/2 cdn.javvin.me/data/caribbeancom-042110-353.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash b10c43c1cf64fff3ea7f7902a5845d05
3311bf9f2753429c012e828e028fdf25e8b820f1
99e178d3a9fa4908c57b0749e02478f0552169463c53077f9ef263992b3eb621
GET /data/caribbeancom-042110-353.jpg HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: image/jpeg
content-length: 88420
last-modified: Sun, 19 Jan 2020 22:50:08 GMT
etag: "5e24dd20-15964"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 710045
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJ1%2BrZe7z0bNOBGGJpI%2FyySfxwtvOgFmpQBeIFCDt86raGFjBagtc7JwTpJQh4KS33pjw11TFmFOA1TDKNjfaSJ2qbBh6yqWWhX8AgEY2dSe%2Fb3D8hwud2OOyIFk2TUd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f025935c07b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.javvin.me/data/caribbeancom-012611-601.jpg
188.114.96.1200 OK 84 kB URL HTTP/2 cdn.javvin.me/data/caribbeancom-012611-601.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash d90c0a0e693b1ccffddb3e499bf8f579
eb34308e0933e21bb056a3c7d3a00447736c6e93
498ab74ef549109119c9d7d115422c410d4956d5d63e734b4fbedb9053e03ff5
GET /data/caribbeancom-012611-601.jpg HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: image/jpeg
content-length: 83772
last-modified: Sun, 31 May 2020 22:44:59 GMT
etag: "5ed4336b-1473c"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 697562
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hh3uvESkv%2BBXEtQLmvApuBeob5URJg0lARrg5sR3WS3ouPxoQykAIKrTzUbJjLTqGRxxtiUdlhKUYSnNO9E%2Fh%2FGWOCd%2Fq2M%2BfmApZz9TJkem69S66xU%2B%2BOqKMRun59tc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f025935c0db51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.javvin.me/data/caribbeancom-051910-378.jpg
188.114.96.1200 OK 68 kB URL HTTP/2 cdn.javvin.me/data/caribbeancom-051910-378.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash a4c8d9fa7bb991c71211fdfed339203c
b450355cfdc485e7a5982064bf106761ea5b3f3f
4f4ee8b18acc3364ea588ec3943539c96dabe0786c4fc77e5b1f1ca7e3455ac6
GET /data/caribbeancom-051910-378.jpg HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: image/jpeg
content-length: 68421
last-modified: Fri, 24 Jan 2020 11:45:11 GMT
etag: "5e2ad8c7-10b45"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 515205
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUhcaxhOH5lea%2BtbgANg%2FpaGSH1UuifZZZnK3OeE75Hwb7fsWowiNgtanJENN1Ym2FELjZOkrnGrSFgMZlTREO02G0PskaXIvaa4spCuM4AkYC4GT8JD9SO6Q1rjHRsP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f025935c10b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.javvin.me/data/caribbeancom-010511-581.jpg
188.114.96.1200 OK 102 kB URL HTTP/2 cdn.javvin.me/data/caribbeancom-010511-581.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Size 102 kB (102284 bytes)
Hash eb34cfd6241d6ab0a264ea240481d75f
2689360aea29182411bb20b9850401298d6e83a2
0ee5f3efb12506c8494059c449fd41bc92397c23653e364d295f87b91905227c
GET /data/caribbeancom-010511-581.jpg HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: image/jpeg
content-length: 102284
last-modified: Tue, 19 May 2020 18:25:57 GMT
etag: "5ec424b5-18f8c"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 697562
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2SrEMnCRhCz3h973m7lT6CrFUK7KYpRx5cTOEu6a1TF9LLGUmGZ0axk1Fd%2BRLxrQPgRt%2FgQMXL%2F65jda19WcEW076coNuBWoCpagV275WLFtH0ozIKyxb885fkPuCNO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f025935c13b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.javvin.me/data/tokyo-hot-21142.jpg
188.114.96.1200 OK 201 kB URL HTTP/2 cdn.javvin.me/data/tokyo-hot-21142.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 820x462, components 3\012- data
Size 201 kB (200763 bytes)
Hash b0ddfb0d12df5e9a895fe016e7806386
9b3988f614cc4e69506aaf2dbd83dc65f52b4597
3c04754b3af4ca00d857ffce206cdcc0e53c4c38b2a8505d5b6e9815076ea047
GET /data/tokyo-hot-21142.jpg HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: image/jpeg
content-length: 200763
last-modified: Mon, 20 Apr 2020 01:16:54 GMT
etag: "5e9cf806-3103b"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 697562
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBuuezw6ldciMRlAhxo9TfuUNNdFF1%2F6WHcf3bLdezgAtaxyLfAjrJrusNyUwr%2BbOM%2FgaAiSksbNJkZtJxKYKZqETMNg19PLdX78NpWx3%2FzdMOBYk7KUJE0C7iG5p23Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f025935c06b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.javvin.me/data/caribbeancom-070710-420.jpg
188.114.96.1200 OK 91 kB URL HTTP/2 cdn.javvin.me/data/caribbeancom-070710-420.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 30f4edf3fcbb28619da5483395ff7933
1f19a7f86cf8b0271f5d5ac00280a37d6b432146
9d927b6a4997fc5baa3ad4d8dd9847190991db344dd3c930f500897b8f70302e
GET /data/caribbeancom-070710-420.jpg HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: image/jpeg
content-length: 91305
last-modified: Wed, 12 Feb 2020 16:32:45 GMT
etag: "5e4428ad-164a9"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 697562
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQ7fHGGnMmy%2FpJtAxoWiCY%2FlCOAysZFwMTV6YttKucJf7ns2nzXpykTjpUE9aYRLI%2BBWnCqkTCzoQLmb0Mdg%2B5ZRplTbPcg6udOjMqyMB3LWqZD1AM7mbKl4F2SzWQEs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f025938c4fb51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 78ed7b7d814d987601b30851546309b5
12a653dabfd738fef99fad2295eec55e4651bc7c
a55164c954f0255d6d360ac0fac8b4598f8e0e01ec646105eed2e9b0abf5e2bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 09:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.javvin.me/v1/wp-content/themes/retrotube/style.css?v=1.0
188.114.96.1200 OK 14 kB URL HTTP/2 cdn.javvin.me/v1/wp-content/themes/retrotube/style.css?v=1.0
IP 188.114.96.1:0
File type assembler source, ASCII text, with CRLF line terminators
Hash 1c19400330eccf58b5a2164271dc0544
ce3faee3fe3e4ba788c18f0bec14abf163c3de41
eefc4accde90df2bb2fcc3e736cd15fa7ca811d2362ad735de35c9cf9816c6b8
GET /v1/wp-content/themes/retrotube/style.css?v=1.0 HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 08 Jul 2020 21:56:38 GMT
etag: W/"5f064116-1231f"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 710045
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxGyaGA44uY9pbGDqkIciykpooZ7H%2FQjYIcDYOuVJywde4NZR8iM9hBWZ1zLDFdQ3BLPG42MT853afaMGFO6AA8KiSpXaQeWOrlRRVfrhmq1aDX6F3drKUAwXGtgiKds"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f025939c5cb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-HKECK5KR78
142.250.74.72200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-HKECK5KR78
IP 142.250.74.72:0
File type ASCII text, with very long lines (21849)
Hash 7cc0aeacbf75a53949a78e874ba69b04
8ab4ad788dc560381158cc55b5355c28c0fc51d3
7dead757998adfee8f432659a374e40a266a5eed10e37911bec5569ce964022e
GET /gtag/js?id=G-HKECK5KR78 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 09:57:48 GMT
expires: Wed, 25 Jan 2023 09:57:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77657
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1005c9e99dc8d4390861d6730c7a403b
0e3858ae26a1c01e0160e3b60e400bea202ebd05
4ff7ceb81a3dad4fefd3a15ece4ce13898624c01bf5a0cb4fdd90958978ed6b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 09:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash be4ed23a13c3a9685addd44b2de34be3
39ce2063a66166c27cae0329c4d99b5112e1564b
13fa84e6512a62b4e4ef6caaa38d1bd5db84bd9c0ee0e9b27615db85825204c0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 09:57:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 23 Jan 2023 17:56:27 GMT
Expires: Mon, 30 Jan 2023 17:56:26 GMT
Etag: "39ce2063a66166c27cae0329c4d99b5112e1564b"
Cache-Control: max-age=460117,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f02593dd9a0b51-OSL
cdn.tsyndicate.com/sdk/v1/n.js
8.247.218.249200 OK 10 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/n.js
IP 8.247.218.249:0
File type ASCII text, with very long lines (28408)
Hash e2519788516ae1b7003eaf19e0393762
244160cebfcc1c40aed8da7985609af9b03498c0
99b5dafc018608b7fdc24924d0ead19282622371d75c1c39a6e03d325dda5de2
GET /sdk/v1/n.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: application/javascript
content-length: 10435
last-modified: Fri, 16 Dec 2022 12:41:56 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"639c6794-6f41"
age: 3445463
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.javvin.me/v1/wp-content/themes/retrotube/assets/js/skip-link-focus-fix.js?ver=1.0.0
188.114.96.1200 OK 704 B URL HTTP/2 cdn.javvin.me/v1/wp-content/themes/retrotube/assets/js/skip-link-focus-fix.js?ver=1.0.0
IP 188.114.96.1:0
Hash 758466c18eff432e0ff277d0d494a204
0a538426e1dd9c7ba6503603f1846f543345a846
a88327cb03bd3931da84472736c80911be177b53f5fc6dce656aca0dca0b22b3
GET /v1/wp-content/themes/retrotube/assets/js/skip-link-focus-fix.js?ver=1.0.0 HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: application/javascript
last-modified: Mon, 07 Oct 2019 19:27:40 GMT
etag: W/"5d9b91ac-1aa"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 536404
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BhjkqPpg2RmCOhZvzuiFlLqBCbblVPowxIMiWjWRA4u9CLybX5DMUviD407LFGcVIz0kNjv0OqHAe3NDW0ZkvuDvjWMv1sXdrIq7xO8JCH6d0IRxWZBcJ%2FS7hRGSj%2Bw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f025935c00b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.148.75.183101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.75.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /XQNo4eYcmrRwyMx0aYbyA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pb8ZztTNnxUUd8K/Huo8dDxk4S4=
cdn.tsyndicate.com/sdk/v1/n.js
8.247.218.249304 Not Modified 0 B URL HTTP/2 cdn.tsyndicate.com/sdk/v1/n.js
IP 8.247.218.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk/v1/n.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 16 Dec 2022 12:41:56 GMT
If-None-Match: W/"639c6794-6f41"
TE: trailers
HTTP/2 304 Not Modified
date: Wed, 25 Jan 2023 09:57:48 GMT
last-modified: Fri, 16 Dec 2022 12:41:56 GMT
server: nginx
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
etag: W/"639c6794-6f41"
age: 3445463
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d2a949fa1a934f9379369c93aa3e1c81
cf185abb4c85f7e6b1cc5522649fde286d25b22f
4cc2c34c3922e030084f2592cd6cc3b3a167b084cb5dcd0abf9d72a23006887d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CC2C34C3922E030084F2592CD6CC3B3A167B084CB5DCD0ABF9D72A23006887D"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5469
Expires: Wed, 25 Jan 2023 11:28:57 GMT
Date: Wed, 25 Jan 2023 09:57:48 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1005c9e99dc8d4390861d6730c7a403b
0e3858ae26a1c01e0160e3b60e400bea202ebd05
4ff7ceb81a3dad4fefd3a15ece4ce13898624c01bf5a0cb4fdd90958978ed6b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 09:57:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.tsyndicate.com/sdk/v1/n.css
8.247.218.249200 OK 19 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/n.css
IP 8.247.218.249:0
File type ASCII text, with very long lines (19411), with no line terminators
Hash f0c8bad08999a9d413b61c81c0e2a606
ebb86ba43d0f2386f2f3cdbb57f4746a1d8bcaf5
79ebc0f15cd767ec1f7e624730bedc0fdac746e41dbb8b2fbf1a1d1ec3b6877d
GET /sdk/v1/n.css HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: text/css
content-length: 19411
etag: "639c6765-4bd3"
last-modified: Fri, 16 Dec 2022 12:41:09 GMT
server: nginx
x-robots-tag: noindex, nofollow
age: 3445465
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.tsyndicate.com/sdk/v1/n.js
8.247.218.249304 Not Modified 0 B URL HTTP/2 cdn.tsyndicate.com/sdk/v1/n.js
IP 8.247.218.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk/v1/n.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 16 Dec 2022 12:41:56 GMT
If-None-Match: W/"639c6794-6f41"
TE: trailers
HTTP/2 304 Not Modified
date: Wed, 25 Jan 2023 09:57:48 GMT
last-modified: Fri, 16 Dec 2022 12:41:56 GMT
server: nginx
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
etag: W/"639c6794-6f41"
age: 3445463
X-Firefox-Spdy: h2
cdn.tsyndicate.com/sdk/v1/n.js
8.247.218.249304 Not Modified 0 B URL HTTP/2 cdn.tsyndicate.com/sdk/v1/n.js
IP 8.247.218.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk/v1/n.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 16 Dec 2022 12:41:56 GMT
If-None-Match: W/"639c6794-6f41"
TE: trailers
HTTP/2 304 Not Modified
date: Wed, 25 Jan 2023 09:57:48 GMT
last-modified: Fri, 16 Dec 2022 12:41:56 GMT
server: nginx
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
etag: W/"639c6794-6f41"
age: 3445463
X-Firefox-Spdy: h2
via.placeholder.com/640x360/7e7e7e/9d9d9d?text=No+Poster
188.114.96.1200 OK 1.9 kB URL HTTP/2 via.placeholder.com/640x360/7e7e7e/9d9d9d?text=No+Poster
IP 188.114.96.1:0
File type PNG image data, 640 x 360, 4-bit colormap, non-interlaced\012- data
Hash 616d21dec8ced2a5523a3f14a608b71b
f77e6ec4ef71e5de8d457c438f781cfca5f3a9ee
ba3064c959059b2ad1d61ea94de9d25c82ba853cefadc6b5e29d6cdb5d7ca2ab
GET /640x360/7e7e7e/9d9d9d?text=No+Poster HTTP/1.1
Host: via.placeholder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: image/png
content-length: 1896
last-modified: Wed, 25 Jan 2023 08:00:02 GMT
etag: "63d0e182-768"
expires: Wed, 01 Feb 2023 09:57:48 GMT
cache-control: max-age=604800
x-cache: L1
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3foJS%2F%2FqghDI1Bn3DyONx9QlsAtJXECaQlMdCGqvW3BXhB%2FzjS2YZEWroLeQQoRrjlolGx%2F3yxGraifD9hiZ7g2xKJmTEsbvYgTYcGhKvX7yCNYJcUYDS17I%2F9OIC3HLcY6Xf%2Fj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f02593f832b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
iy.subserecajones.com/tfTDkOVegijAfBl1/55714
172.255.6.242200 OK 25 B URL HTTP/1.1 iy.subserecajones.com/tfTDkOVegijAfBl1/55714
IP 172.255.6.242:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
Analyzer Verdict Alert quad9 Sinkholed
GET /tfTDkOVegijAfBl1/55714 HTTP/1.1
Host: iy.subserecajones.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 09:57:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://javvin.me
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Thu, 26-Jan-2023 09:57:48 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Thu, 26-Jan-2023 09:57:48 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 227031223563c48f604da76a0df4d262
1a891b4dd2dfaae4cf71ea458bca5bc0bb12c9e6
3efa8fcbe7cfc4cdb503513c1f90692a4b6a2c7cf2750bf704f888efbdb5cb45
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5889
Cache-Control: max-age=136755
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 09:57:48 GMT
Etag: "63d0594e-117"
Expires: Thu, 26 Jan 2023 23:57:03 GMT
Last-Modified: Tue, 24 Jan 2023 22:18:54 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
cdn.javvin.me/v1/wp-includes/js/wp-embed.min.js?ver=5.2.3
188.114.96.1200 OK 78 kB URL HTTP/2 cdn.javvin.me/v1/wp-includes/js/wp-embed.min.js?ver=5.2.3
IP 188.114.96.1:0
File type ASCII text, with very long lines (1403), with no line terminators
Hash f794fb722f25133ef8cb05ec73f7a373
ed2ca47ad51ea260d57a6a932e44b6a314edbd63
c5e99eed13b8eb872ef7dead881a6722ed4abc987db80f3021832a0187faf7eb
GET /v1/wp-includes/js/wp-embed.min.js?ver=5.2.3 HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 07 Oct 2019 19:27:41 GMT
etag: W/"5d9b91ad-57b"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 710045
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0J%2BTHQBmQS64rc9NxxEquxOZUxy0y3Mva5WgrEIIiGDVp0oxrHCaM%2Br5VrAIfPIRTrT7CzXxLHy5DNz4%2FE4mo5CQtDBIyfNhoQa5VsGN92Ja47SP7tPNaH0TsuKXbl3q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f025935c02b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
via.placeholder.com/305x255/000000/ffffff?text=ADS+300x250
188.114.96.1200 OK 942 B URL HTTP/2 via.placeholder.com/305x255/000000/ffffff?text=ADS+300x250
IP 188.114.96.1:0
File type PNG image data, 305 x 255, 4-bit colormap, non-interlaced\012- data
Hash a2aca725d2d7c35120fe92938f6dd375
202090a76698312b88003d379ccc264b23726458
3f3381efd629348c8167021666c681225c517f919de757f20190c2bf538cdf15
GET /305x255/000000/ffffff?text=ADS+300x250 HTTP/1.1
Host: via.placeholder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: image/png
content-length: 942
last-modified: Wed, 25 Jan 2023 07:05:02 GMT
etag: "63d0d49e-3ae"
expires: Wed, 01 Feb 2023 09:57:48 GMT
cache-control: max-age=604800
x-cache: L1
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axNdo5yHcd4LVLbARsFHMfRjqNfXT0PMuZfruDSD%2Bg3GzrO9rif70BJOruVWA00kVMe6T8mI%2BFTrWbrHJzeS%2FoPN%2FMYzB%2FyGKRR91ikfMYEyQeosplMGO3pYjJGqgyd5OHz2pqXn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f02594690fb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 09:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.javvin.me/v1/wp-content/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0
188.114.96.1200 OK 24 kB URL HTTP/2 cdn.javvin.me/v1/wp-content/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 188.114.96.1:0
File type ASCII text, with very long lines (30837)
Hash 2fd8bbc50dfc220f74f77c62ac615c21
ebcd7f1019feeac44debe7b3f8c44a016476352c
ab9c65cba0ed377cbc9b8fcc8c0cf991a9f52a18e97793f48923ea633eadb86f
GET /v1/wp-content/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 07 Oct 2019 19:29:11 GMT
etag: W/"5d9b9207-7918"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 565512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnvOn%2BeNW%2BnEnfD2xfmz7bBUpKVj1bgFaYV1yLmTzEx2cU0jUfVrzxmyT%2BUXrsYxCJtFK9fnuYydmBhQywT3y2x4hR83ji5fZVWwpSTnhDLLBSUkqlFpngTqDxnBT98y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f025939c5bb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 09:57:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.javvin.me/data/stars-293.jpg
188.114.96.1200 OK 191 kB URL HTTP/2 cdn.javvin.me/data/stars-293.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x564, components 3\012- data
Size 191 kB (190695 bytes)
Hash 4df495f6672206ab5e55a8cc9e15d86a
f068ed7775c3e238501b9680f1042ca419dd27e2
6f517d26e38a129a3ee67c52d8ec8de8572ceb8737dcfbd87776b5436753aa9d
GET /data/stars-293.jpg HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: image/jpeg
content-length: 190695
last-modified: Wed, 21 Oct 2020 19:25:28 GMT
etag: "5f908b28-2e8e7"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSzrcsgpYhhPoSJWci4TSvjZSdScKo9r%2FoFvXKEM7ROkHzSxFDHnCBnSXnazCr9GxHCz0eCalcqCfdUK4fXJ%2BfQ%2BIr5daqTHftKwkt4qqgXC50%2Fe4voyuwbttm5pAJKu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f025939c58b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.buypass.com/
23.33.119.18200 OK 1.7 kB IP 23.33.119.18:0
ASN #20940 Akamai International B.V.
Hash 98de3994f45c54ed521766ff9f901afb
7f7025c85bd85b8cfbeae15ee0bfc8147ab584a9
eec3b5840d0cdee41cd408ddeff312a880212de0f8ed859d8af1d43bdd38b2ad
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: fe726b16-6991-4332-9809-509f5c2a2964
Content-Length: 1701
Date: Wed, 25 Jan 2023 09:57:49 GMT
Connection: keep-alive
ocsp.buypass.com/
23.33.119.18200 OK 1.7 kB IP 23.33.119.18:0
ASN #20940 Akamai International B.V.
Hash 98de3994f45c54ed521766ff9f901afb
7f7025c85bd85b8cfbeae15ee0bfc8147ab584a9
eec3b5840d0cdee41cd408ddeff312a880212de0f8ed859d8af1d43bdd38b2ad
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 9bee3071-b2d4-44e0-8668-31960c5bd339
Content-Length: 1701
Date: Wed, 25 Jan 2023 09:57:49 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 06a028c9b8fe8bd69045b4eb464a40cb
1868d508cbba55f9a05a6ea52f02a1d39110b64e
bdc727d6917e39f0a350890beab1c0d9334ef85d0a1fc380b60cbeaf7b1f6e2f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 09:57:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 03:56:21 GMT
Expires: Wed, 01 Feb 2023 03:56:20 GMT
Etag: "1868d508cbba55f9a05a6ea52f02a1d39110b64e"
Cache-Control: max-age=582510,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f02596c8c50b51-OSL
tsyndicate.com/iframes2/a028e9c9577743e1992fcb7b9ecaf451.html?
168.119.1.208200 OK 9.4 kB URL HTTP/2 tsyndicate.com/iframes2/a028e9c9577743e1992fcb7b9ecaf451.html?
IP 168.119.1.208:0
ASN #24940 Hetzner Online GmbH
Hash 12511758f601ea62fa581766988a57b8
2cd1649561ef7fcd8a6161effe60dadc7f2c9810
16251614dfbc24cd96d86e02ae3cf761847d4dbf8d22e99acebb4dd89cc4f6ca
GET /iframes2/a028e9c9577743e1992fcb7b9ecaf451.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-request-id: 33ca57beebf99e30
set-cookie: ts_uid=8e2aced0-e52b-4daa-b410-412d4065a736; expires=Tue, 25 Jul 2023 09:57:49 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 06a028c9b8fe8bd69045b4eb464a40cb
1868d508cbba55f9a05a6ea52f02a1d39110b64e
bdc727d6917e39f0a350890beab1c0d9334ef85d0a1fc380b60cbeaf7b1f6e2f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 09:57:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 03:56:21 GMT
Expires: Wed, 01 Feb 2023 03:56:20 GMT
Etag: "1868d508cbba55f9a05a6ea52f02a1d39110b64e"
Cache-Control: max-age=582510,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f02596ce1fb511-OSL
lcdn.tsyndicate.com/images/a/e/1baea15452576323044a9220863cbc4364790f/main.webp
8.254.252.211200 OK 8.0 kB URL HTTP/2 lcdn.tsyndicate.com/images/a/e/1baea15452576323044a9220863cbc4364790f/main.webp
IP 8.254.252.211:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 60afe6ea88842d01e79b6de3226042d7
a89b8f81aa15b8262d5070967e4652dff1d25343
6295786ac20b37c1a23096956f75a9fefc7c7be659341348a969fb499efed359
GET /images/a/e/1baea15452576323044a9220863cbc4364790f/main.webp HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Cookie: ts_uid=9130ab27-16b6-4513-a185-2cb06cf85371
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: image/webp
content-length: 8049
last-modified: Fri, 04 Mar 2022 08:58:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"6221d4a7-1f5a"
age: 28256010
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ccbd1c34da3db276241af6776e934cbf
b7c12ce7686ccb76f25ac516532a090d5c8c0674
b4027d255ce14b15346b1b24295b198b4d725557d29820ca1b418410eb7a512e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B4027D255CE14B15346B1B24295B198B4D725557D29820CA1B418410EB7A512E"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4930
Expires: Wed, 25 Jan 2023 11:19:59 GMT
Date: Wed, 25 Jan 2023 09:57:49 GMT
Connection: keep-alive
tsyndicate.com/do2/09b3018b06a74c7baf6469b3f4d37c83/dynamic?format=jsonp&count=4&w=1280&h=1024&keywords=Watch,Video,JAV,STARS,Free,Jav,Porn,Height,Difference,Favorite,Big,Guys,Are,Appearing,One,After,Another,Insert,Immediately,JAVVIN,STARS,Free,Jav,Porn,Height,Difference,Favorite,Big,Guys,Are,Appearing,One,After,Another,Insert,Immediately,JAVVIN,stars,free,jav,porn,height,difference,favorite,big,guys,are,appearing,one,after,another,insert,immediately&adtype=label-under&tz=0&callback=callback_ViZK7
168.119.1.208200 OK 17 kB URL HTTP/2 tsyndicate.com/do2/09b3018b06a74c7baf6469b3f4d37c83/dynamic?format=jsonp&count=4&w=1280&h=1024&keywords=Watch,Video,JAV,STARS,Free,Jav,Porn,Height,Difference,Favorite,Big,Guys,Are,Appearing,One,After,Another,Insert,Immediately,JAVVIN,STARS,Free,Jav,Porn,Height,Difference,Favorite,Big,Guys,Are,Appearing,One,After,Another,Insert,Immediately,JAVVIN,stars,free,jav,porn,height,difference,favorite,big,guys,are,appearing,one,after,another,insert,immediately&adtype=label-under&tz=0&callback=callback_ViZK7
IP 168.119.1.208:0
ASN #24940 Hetzner Online GmbH
Hash f81ea3acf82c55a259ba54d566d6476b
dbf9525caa1cfcb56befa79fd4eb79a728055678
2c100365a49417839dae92a20e662f70ed86cba6a0191478a2ad470df19681e2
GET /do2/09b3018b06a74c7baf6469b3f4d37c83/dynamic?format=jsonp&count=4&w=1280&h=1024&keywords=Watch,Video,JAV,STARS,Free,Jav,Porn,Height,Difference,Favorite,Big,Guys,Are,Appearing,One,After,Another,Insert,Immediately,JAVVIN,STARS,Free,Jav,Porn,Height,Difference,Favorite,Big,Guys,Are,Appearing,One,After,Another,Insert,Immediately,JAVVIN,stars,free,jav,porn,height,difference,favorite,big,guys,are,appearing,one,after,another,insert,immediately&adtype=label-under&tz=0&callback=callback_ViZK7 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: application/javascript; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-request-id: 095c0ee4c5c48ec2
set-cookie: ts_uid=9130ab27-16b6-4513-a185-2cb06cf85371; expires=Tue, 25 Jul 2023 09:57:49 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 06a028c9b8fe8bd69045b4eb464a40cb
1868d508cbba55f9a05a6ea52f02a1d39110b64e
bdc727d6917e39f0a350890beab1c0d9334ef85d0a1fc380b60cbeaf7b1f6e2f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 09:57:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 03:56:21 GMT
Expires: Wed, 01 Feb 2023 03:56:20 GMT
Etag: "1868d508cbba55f9a05a6ea52f02a1d39110b64e"
Cache-Control: max-age=582510,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f02596fb67b506-OSL
lcdn.tsyndicate.com/images/d/a/8cda8d80a1d5024c843ae725bec44fc5a9effa/main.webp
8.254.252.211200 OK 7.6 kB URL HTTP/2 lcdn.tsyndicate.com/images/d/a/8cda8d80a1d5024c843ae725bec44fc5a9effa/main.webp
IP 8.254.252.211:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e4f213e461314b76f502b7ffe3bf4d11
76bc4a3707dda7c958b790a945b90d7321f917c9
c0f38cacf0532542bdc6b7ead302d7134f92f4dc0437089b37b0118faa4f6c6f
GET /images/d/a/8cda8d80a1d5024c843ae725bec44fc5a9effa/main.webp HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Cookie: ts_uid=9130ab27-16b6-4513-a185-2cb06cf85371
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: image/webp
content-length: 7553
last-modified: Fri, 21 Jan 2022 04:19:41 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"61ea345d-1d6a"
age: 348723
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1f1be9cec3941aca66b1783cdc0ecfa9
8dc84c8fbd99a0f8e4ce3fef3f6cdf13eaeef980
73b0d617fcaf093c095cf30e03cc3fba56b15ea160192c11c02276d08fc34aeb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3558
Cache-Control: max-age=136558
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 09:57:49 GMT
Etag: "63d061a5-118"
Expires: Thu, 26 Jan 2023 23:53:47 GMT
Last-Modified: Tue, 24 Jan 2023 22:54:29 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 06a028c9b8fe8bd69045b4eb464a40cb
1868d508cbba55f9a05a6ea52f02a1d39110b64e
bdc727d6917e39f0a350890beab1c0d9334ef85d0a1fc380b60cbeaf7b1f6e2f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 09:57:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 03:56:21 GMT
Expires: Wed, 01 Feb 2023 03:56:20 GMT
Etag: "1868d508cbba55f9a05a6ea52f02a1d39110b64e"
Cache-Control: max-age=582510,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f02596cdb6b50c-OSL
tsyndicate.com/iframes2/8983dafbe3ec46aa86ff3344658d745e.html?
168.119.1.208200 OK 5.4 kB URL HTTP/2 tsyndicate.com/iframes2/8983dafbe3ec46aa86ff3344658d745e.html?
IP 168.119.1.208:0
ASN #24940 Hetzner Online GmbH
Hash 56b0c55fb9693c5110af8d5f6a8937ba
847289eb89dded5db8dbe4e351d626632706e842
360b7400198160c3f261f879c4a45b1f4a0f08e07dc47b57d4af49214e09adad
GET /iframes2/8983dafbe3ec46aa86ff3344658d745e.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-request-id: 9fe3151b00a76853
set-cookie: ts_uid=5a2d848a-95bf-4cc5-a4dd-66ae126e6e95; expires=Tue, 25 Jul 2023 09:57:49 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
static.adxadserv.com/js/adb.js
185.76.9.24200 OK 665 B URL HTTP/2 static.adxadserv.com/js/adb.js
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (511), with CRLF line terminators
Hash 76b973253efc3c80738e977ebc7444b7
a98b0a301451d0d5700ddc2bfa415e01ad5f7bc8
60e763a7499e58cc580d7d38dbaa7ab2b302214b2ca05f96f718292c6e3dee11
GET /js/adb.js HTTP/1.1
Host: static.adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: application/javascript
last-modified: Tue, 24 Mar 2020 11:15:59 GMT
etag: W/"5e79ebef-532"
x-accel-expires: @1674982880
server: CDN77-Turbo
x-77-nzt: AblMCRSO4/3/PZkKAA
x-77-nzt-ray: af585630465b03ea1dfdd06388446113
x-cache: HIT
x-age: 694589
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.pncloudfl.com/pn/71a/dd2/7d5/71add27d5bb61aab24af91ebe2af7f4205a35feb.jpg
104.22.58.221200 OK 49 kB URL HTTP/2 cdn.pncloudfl.com/pn/71a/dd2/7d5/71add27d5bb61aab24af91ebe2af7f4205a35feb.jpg
IP 104.22.58.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash eedf689c4a33b79c440062e703d60ff6
a8300edf1b950a50086eb44165a6f6ae278e5057
b8b368d98eb9d04ce213fa62fa781f3bad8d48e5a57f98359cb880ab9600579f
GET /pn/71a/dd2/7d5/71add27d5bb61aab24af91ebe2af7f4205a35feb.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: image/webp
content-length: 48676
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=83221
content-disposition: inline; filename="71add27d5bb61aab24af91ebe2af7f4205a35feb.webp"
etag: 1df69ad2c9b78c9186aaa33fa40c237f
expires: Wed, 25 Jan 2023 19:02:01 GMT
last-modified: Thu, 06 Oct 2022 02:00:51 GMT
vary: Accept
x-openstack-request-id: txe73bad396e604f28ab17d-00633e3eef
x-proxy-cache: HIT
x-timestamp: 1665021650.87526
x-trans-id: txe73bad396e604f28ab17d-00633e3eef
cf-cache-status: HIT
age: 140148
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 78f025981a63b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 06a028c9b8fe8bd69045b4eb464a40cb
1868d508cbba55f9a05a6ea52f02a1d39110b64e
bdc727d6917e39f0a350890beab1c0d9334ef85d0a1fc380b60cbeaf7b1f6e2f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 09:57:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 03:56:21 GMT
Expires: Wed, 01 Feb 2023 03:56:20 GMT
Etag: "1868d508cbba55f9a05a6ea52f02a1d39110b64e"
Cache-Control: max-age=582510,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f02596fd831c06-OSL
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1f1be9cec3941aca66b1783cdc0ecfa9
8dc84c8fbd99a0f8e4ce3fef3f6cdf13eaeef980
73b0d617fcaf093c095cf30e03cc3fba56b15ea160192c11c02276d08fc34aeb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3558
Cache-Control: max-age=136558
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 09:57:49 GMT
Etag: "63d061a5-118"
Expires: Thu, 26 Jan 2023 23:53:47 GMT
Last-Modified: Tue, 24 Jan 2023 22:54:29 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0dbf1415c368521b7db41d5e68ec3c13
a8fd9dec35d871858027107a7ffb20a8b8eb76aa
82868653285b7451d57d36a5b4a8fb58df9430e7e8e858993c437b822b6d95a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82868653285B7451D57D36A5B4A8FB58DF9430E7E8E858993C437B822B6D95A1"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=127
Expires: Wed, 25 Jan 2023 09:59:56 GMT
Date: Wed, 25 Jan 2023 09:57:49 GMT
Connection: keep-alive
lcdn.tsyndicate.com/images/8/6/acaf6a36ca48c48cde831d128f7a20941343d6/main.webp
8.254.252.211200 OK 6.6 kB URL HTTP/2 lcdn.tsyndicate.com/images/8/6/acaf6a36ca48c48cde831d128f7a20941343d6/main.webp
IP 8.254.252.211:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eb8a8385c7ce99f40f6c39232954e6a2
881c000d9e9bb91f5f6df304b52e282b94e74e83
d3846cdcccd80dbeca7f1c2cbcf1e31130f66ea2f9cb574bc02204002db1891b
GET /images/8/6/acaf6a36ca48c48cde831d128f7a20941343d6/main.webp HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Cookie: ts_uid=9130ab27-16b6-4513-a185-2cb06cf85371
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: image/webp
content-length: 6585
last-modified: Fri, 21 Jan 2022 04:19:37 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"61ea3459-19a2"
age: 2962265
accept-ranges: bytes
X-Firefox-Spdy: h2
go6shde9nj2itle.com/chicken.gif?z=1909509&pb=121e08beeadeea652e74525613d298ef1674647869&psp=b-pA6QQw0uvSZFMLtbOHlSdZ7UTweHNL8s45yf04BPCzVdqGDfMbeIXP2AgXgUbTAw96KKqvUL7mvkMrzshg11X10r-SjYv_2nu-vD8V1aQxxYj2pQA8ijac2sPgi7tyRHTBuCKOEFv1dlU3nBAmNGorD83PoR7Yyqe1rJijZj6KMXaPnTpFNJT1f1KulKXvSX-YsIlREyEuJCuabJOrQhEzFs6W7iA7A2I16_WuS9l4se4euMB0Z9Q8qCrpB7TbFUiQbw7L9njgP7PGS28iuDwnVvWhtjclzhTmJ0vM3trl0n3bWrffuqvA2RqHSXMfzp2AEVANY65eYV8_ypnICIgAm6PUNhFl0l-8nYH0ycD7VVu8WCecCMwHcbIwYLjMfsp26d7YjOAvcPhW1OVOINJNd-W-N_klnJxavuXCGMHmSdhSrti-S_8dJToVAjQZat_FYHDB_QvhS6I79b3kWDTOaQoLDtc3nm4fm2kYfy9Nk-fVkmWdMrWSt4xLU7nLRSw4R9FEfqHngGlbQ5zokJwSiCCkrr6YTyNiuaK73aKU2Hl_9zxEwahgZ1Gj2B7GQSDlJP_QIoUe6ShpzgL-B58GfKwqDgD-AJ5rtMQZErCpj5tbplsjefJqaG-maSKWLXtcyprD4k8ineI7N5o5EFCnv3MFcfDcgzjIAhTo3wDvvigt6jM5_mOD2vjKweJdXC9Cy0zXgOx1TBNaOcKehiWQSZN7lFAYbOQ6aHQ3jc5SF2Etug==&abvar=13&os=0
62.122.171.6200 OK 43 B URL HTTP/2 go6shde9nj2itle.com/chicken.gif?z=1909509&pb=121e08beeadeea652e74525613d298ef1674647869&psp=b-pA6QQw0uvSZFMLtbOHlSdZ7UTweHNL8s45yf04BPCzVdqGDfMbeIXP2AgXgUbTAw96KKqvUL7mvkMrzshg11X10r-SjYv_2nu-vD8V1aQxxYj2pQA8ijac2sPgi7tyRHTBuCKOEFv1dlU3nBAmNGorD83PoR7Yyqe1rJijZj6KMXaPnTpFNJT1f1KulKXvSX-YsIlREyEuJCuabJOrQhEzFs6W7iA7A2I16_WuS9l4se4euMB0Z9Q8qCrpB7TbFUiQbw7L9njgP7PGS28iuDwnVvWhtjclzhTmJ0vM3trl0n3bWrffuqvA2RqHSXMfzp2AEVANY65eYV8_ypnICIgAm6PUNhFl0l-8nYH0ycD7VVu8WCecCMwHcbIwYLjMfsp26d7YjOAvcPhW1OVOINJNd-W-N_klnJxavuXCGMHmSdhSrti-S_8dJToVAjQZat_FYHDB_QvhS6I79b3kWDTOaQoLDtc3nm4fm2kYfy9Nk-fVkmWdMrWSt4xLU7nLRSw4R9FEfqHngGlbQ5zokJwSiCCkrr6YTyNiuaK73aKU2Hl_9zxEwahgZ1Gj2B7GQSDlJP_QIoUe6ShpzgL-B58GfKwqDgD-AJ5rtMQZErCpj5tbplsjefJqaG-maSKWLXtcyprD4k8ineI7N5o5EFCnv3MFcfDcgzjIAhTo3wDvvigt6jM5_mOD2vjKweJdXC9Cy0zXgOx1TBNaOcKehiWQSZN7lFAYbOQ6aHQ3jc5SF2Etug==&abvar=13&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1909509&pb=121e08beeadeea652e74525613d298ef1674647869&psp=b-pA6QQw0uvSZFMLtbOHlSdZ7UTweHNL8s45yf04BPCzVdqGDfMbeIXP2AgXgUbTAw96KKqvUL7mvkMrzshg11X10r-SjYv_2nu-vD8V1aQxxYj2pQA8ijac2sPgi7tyRHTBuCKOEFv1dlU3nBAmNGorD83PoR7Yyqe1rJijZj6KMXaPnTpFNJT1f1KulKXvSX-YsIlREyEuJCuabJOrQhEzFs6W7iA7A2I16_WuS9l4se4euMB0Z9Q8qCrpB7TbFUiQbw7L9njgP7PGS28iuDwnVvWhtjclzhTmJ0vM3trl0n3bWrffuqvA2RqHSXMfzp2AEVANY65eYV8_ypnICIgAm6PUNhFl0l-8nYH0ycD7VVu8WCecCMwHcbIwYLjMfsp26d7YjOAvcPhW1OVOINJNd-W-N_klnJxavuXCGMHmSdhSrti-S_8dJToVAjQZat_FYHDB_QvhS6I79b3kWDTOaQoLDtc3nm4fm2kYfy9Nk-fVkmWdMrWSt4xLU7nLRSw4R9FEfqHngGlbQ5zokJwSiCCkrr6YTyNiuaK73aKU2Hl_9zxEwahgZ1Gj2B7GQSDlJP_QIoUe6ShpzgL-B58GfKwqDgD-AJ5rtMQZErCpj5tbplsjefJqaG-maSKWLXtcyprD4k8ineI7N5o5EFCnv3MFcfDcgzjIAhTo3wDvvigt6jM5_mOD2vjKweJdXC9Cy0zXgOx1TBNaOcKehiWQSZN7lFAYbOQ6aHQ3jc5SF2Etug==&abvar=13&os=0 HTTP/1.1
Host: go6shde9nj2itle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=23012504572a532b33281f44b88f89aa42ad
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACQ6xAAAAAAAAAAB; Path=/; Expires=Fri, 24 Feb 2023 09:57:49 GMT; Secure; SameSite=None
OACIBLOCK=ACQ6xAAAAABj0LdQ; Path=/; Expires=Fri, 24 Feb 2023 09:57:49 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Thu, 26 Jan 2023 09:57:49 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
go6shde9nj2itle.com/whob.gif?z=1909509&pb=121e08beeadeea652e74525613d298ef1674647869&psp=b-pA6QQw0uvSZFMLtbOHlSdZ7UTweHNL8s45yf04BPCzVdqGDfMbeIXP2AgXgUbTAw96KKqvUL7mvkMrzshg11X10r-SjYv_2nu-vD8V1aQxxYj2pQA8ijac2sPgi7tyRHTBuCKOEFv1dlU3nBAmNGorD83PoR7Yyqe1rJijZj6KMXaPnTpFNJT1f1KulKXvSX-YsIlREyEuJCuabJOrQhEzFs6W7iA7A2I16_WuS9l4se4euMB0Z9Q8qCrpB7TbFUiQbw7L9njgP7PGS28iuDwnVvWhtjclzhTmJ0vM3trl0n3bWrffuqvA2RqHSXMfzp2AEVANY65eYV8_ypnICIgAm6PUNhFl0l-8nYH0ycD7VVu8WCecCMwHcbIwYLjMfsp26d7YjOAvcPhW1OVOINJNd-W-N_klnJxavuXCGMHmSdhSrti-S_8dJToVAjQZat_FYHDB_QvhS6I79b3kWDTOaQoLDtc3nm4fm2kYfy9Nk-fVkmWdMrWSt4xLU7nLRSw4R9FEfqHngGlbQ5zokJwSiCCkrr6YTyNiuaK73aKU2Hl_9zxEwahgZ1Gj2B7GQSDlJP_QIoUe6ShpzgL-B58GfKwqDgD-AJ5rtMQZErCpj5tbplsjefJqaG-maSKWLXtcyprD4k8ineI7N5o5EFCnv3MFcfDcgzjIAhTo3wDvvigt6jM5_mOD2vjKweJdXC9Cy0zXgOx1TBNaOcKehiWQSZN7lFAYbOQ6aHQ3jc5SF2Etug==&abvar=13&os=0
62.122.171.6200 OK 43 B URL HTTP/2 go6shde9nj2itle.com/whob.gif?z=1909509&pb=121e08beeadeea652e74525613d298ef1674647869&psp=b-pA6QQw0uvSZFMLtbOHlSdZ7UTweHNL8s45yf04BPCzVdqGDfMbeIXP2AgXgUbTAw96KKqvUL7mvkMrzshg11X10r-SjYv_2nu-vD8V1aQxxYj2pQA8ijac2sPgi7tyRHTBuCKOEFv1dlU3nBAmNGorD83PoR7Yyqe1rJijZj6KMXaPnTpFNJT1f1KulKXvSX-YsIlREyEuJCuabJOrQhEzFs6W7iA7A2I16_WuS9l4se4euMB0Z9Q8qCrpB7TbFUiQbw7L9njgP7PGS28iuDwnVvWhtjclzhTmJ0vM3trl0n3bWrffuqvA2RqHSXMfzp2AEVANY65eYV8_ypnICIgAm6PUNhFl0l-8nYH0ycD7VVu8WCecCMwHcbIwYLjMfsp26d7YjOAvcPhW1OVOINJNd-W-N_klnJxavuXCGMHmSdhSrti-S_8dJToVAjQZat_FYHDB_QvhS6I79b3kWDTOaQoLDtc3nm4fm2kYfy9Nk-fVkmWdMrWSt4xLU7nLRSw4R9FEfqHngGlbQ5zokJwSiCCkrr6YTyNiuaK73aKU2Hl_9zxEwahgZ1Gj2B7GQSDlJP_QIoUe6ShpzgL-B58GfKwqDgD-AJ5rtMQZErCpj5tbplsjefJqaG-maSKWLXtcyprD4k8ineI7N5o5EFCnv3MFcfDcgzjIAhTo3wDvvigt6jM5_mOD2vjKweJdXC9Cy0zXgOx1TBNaOcKehiWQSZN7lFAYbOQ6aHQ3jc5SF2Etug==&abvar=13&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /whob.gif?z=1909509&pb=121e08beeadeea652e74525613d298ef1674647869&psp=b-pA6QQw0uvSZFMLtbOHlSdZ7UTweHNL8s45yf04BPCzVdqGDfMbeIXP2AgXgUbTAw96KKqvUL7mvkMrzshg11X10r-SjYv_2nu-vD8V1aQxxYj2pQA8ijac2sPgi7tyRHTBuCKOEFv1dlU3nBAmNGorD83PoR7Yyqe1rJijZj6KMXaPnTpFNJT1f1KulKXvSX-YsIlREyEuJCuabJOrQhEzFs6W7iA7A2I16_WuS9l4se4euMB0Z9Q8qCrpB7TbFUiQbw7L9njgP7PGS28iuDwnVvWhtjclzhTmJ0vM3trl0n3bWrffuqvA2RqHSXMfzp2AEVANY65eYV8_ypnICIgAm6PUNhFl0l-8nYH0ycD7VVu8WCecCMwHcbIwYLjMfsp26d7YjOAvcPhW1OVOINJNd-W-N_klnJxavuXCGMHmSdhSrti-S_8dJToVAjQZat_FYHDB_QvhS6I79b3kWDTOaQoLDtc3nm4fm2kYfy9Nk-fVkmWdMrWSt4xLU7nLRSw4R9FEfqHngGlbQ5zokJwSiCCkrr6YTyNiuaK73aKU2Hl_9zxEwahgZ1Gj2B7GQSDlJP_QIoUe6ShpzgL-B58GfKwqDgD-AJ5rtMQZErCpj5tbplsjefJqaG-maSKWLXtcyprD4k8ineI7N5o5EFCnv3MFcfDcgzjIAhTo3wDvvigt6jM5_mOD2vjKweJdXC9Cy0zXgOx1TBNaOcKehiWQSZN7lFAYbOQ6aHQ3jc5SF2Etug==&abvar=13&os=0 HTTP/1.1
Host: go6shde9nj2itle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=23012504572a532b33281f44b88f89aa42ad
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
go6shde9nj2itle.com/chicken.gif?z=1909587&pb=121e08beeadeea652e74525613d298ef1674647869&psp=idS_KPt7l7DWbrLCOeTzwVL-HUgHYm4iEojZzDwShokXhaZsQrD-k66j0baHLSJ7-5FoQxkew6opHdkOFVqk5k7efnbOPZHSAmsaPhp6qW2j6ng149B3mfP7qc63ivAZvurrJbjuuoOwngJV-OJW4TgJC5WcoFfXVpat8tlFGOvV_CoPR_UvA2-DMApwpzNTxRvPT674l9IeZmcZe_JM77O4XvG48p1kYSfOXVDam31fbiyAhSeEIh9sER-5DBF58QzLN5CW72MfZ4iYuxYe4VmPB-vxftk00CEHd79dqnga9o3CH9-9usJTzE-4PzqpXpsywqlcKA3ZkijV1Y8PTW2XhB8udIpAduY_AWb1NphDS1Ls2HGatv5SqLBVR1R917Id4KgXLPLzx3mAJvaJyd4BL36N2APEdoeZ0CMSdBQiM9kTkZSzWUEKwbWAaKO4zPRfHRddl7a4LD1XgNwIc7diigtVZPNLQj1tZntFS7PyB7dPmVoAf4ty-cpKK2w67IpyGy8U2lBDD5l4XrP7BjvlB2eVayP_16Hc4Sh-4j47S9gHy86ZTpqlcnJ4EABcK2yGasEdbQmFZJ-3WH9tq5MiMuYdhnbg_q3JAfs9qTb4YqdukPINvi_5LlcCxeZ8YFyxdh5TTdV6TTSbEO4TcUQXFXn9FZEjgqMa0hkmAw4lICiejhrq5Y88aLKXgs5HL-rFDB-yuCAPEOFtH2hJP9jSqpuixffcp-W4SmwshTFb3ffk9g==&abvar=11&os=0
62.122.171.6200 OK 43 B URL HTTP/2 go6shde9nj2itle.com/chicken.gif?z=1909587&pb=121e08beeadeea652e74525613d298ef1674647869&psp=idS_KPt7l7DWbrLCOeTzwVL-HUgHYm4iEojZzDwShokXhaZsQrD-k66j0baHLSJ7-5FoQxkew6opHdkOFVqk5k7efnbOPZHSAmsaPhp6qW2j6ng149B3mfP7qc63ivAZvurrJbjuuoOwngJV-OJW4TgJC5WcoFfXVpat8tlFGOvV_CoPR_UvA2-DMApwpzNTxRvPT674l9IeZmcZe_JM77O4XvG48p1kYSfOXVDam31fbiyAhSeEIh9sER-5DBF58QzLN5CW72MfZ4iYuxYe4VmPB-vxftk00CEHd79dqnga9o3CH9-9usJTzE-4PzqpXpsywqlcKA3ZkijV1Y8PTW2XhB8udIpAduY_AWb1NphDS1Ls2HGatv5SqLBVR1R917Id4KgXLPLzx3mAJvaJyd4BL36N2APEdoeZ0CMSdBQiM9kTkZSzWUEKwbWAaKO4zPRfHRddl7a4LD1XgNwIc7diigtVZPNLQj1tZntFS7PyB7dPmVoAf4ty-cpKK2w67IpyGy8U2lBDD5l4XrP7BjvlB2eVayP_16Hc4Sh-4j47S9gHy86ZTpqlcnJ4EABcK2yGasEdbQmFZJ-3WH9tq5MiMuYdhnbg_q3JAfs9qTb4YqdukPINvi_5LlcCxeZ8YFyxdh5TTdV6TTSbEO4TcUQXFXn9FZEjgqMa0hkmAw4lICiejhrq5Y88aLKXgs5HL-rFDB-yuCAPEOFtH2hJP9jSqpuixffcp-W4SmwshTFb3ffk9g==&abvar=11&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1909587&pb=121e08beeadeea652e74525613d298ef1674647869&psp=idS_KPt7l7DWbrLCOeTzwVL-HUgHYm4iEojZzDwShokXhaZsQrD-k66j0baHLSJ7-5FoQxkew6opHdkOFVqk5k7efnbOPZHSAmsaPhp6qW2j6ng149B3mfP7qc63ivAZvurrJbjuuoOwngJV-OJW4TgJC5WcoFfXVpat8tlFGOvV_CoPR_UvA2-DMApwpzNTxRvPT674l9IeZmcZe_JM77O4XvG48p1kYSfOXVDam31fbiyAhSeEIh9sER-5DBF58QzLN5CW72MfZ4iYuxYe4VmPB-vxftk00CEHd79dqnga9o3CH9-9usJTzE-4PzqpXpsywqlcKA3ZkijV1Y8PTW2XhB8udIpAduY_AWb1NphDS1Ls2HGatv5SqLBVR1R917Id4KgXLPLzx3mAJvaJyd4BL36N2APEdoeZ0CMSdBQiM9kTkZSzWUEKwbWAaKO4zPRfHRddl7a4LD1XgNwIc7diigtVZPNLQj1tZntFS7PyB7dPmVoAf4ty-cpKK2w67IpyGy8U2lBDD5l4XrP7BjvlB2eVayP_16Hc4Sh-4j47S9gHy86ZTpqlcnJ4EABcK2yGasEdbQmFZJ-3WH9tq5MiMuYdhnbg_q3JAfs9qTb4YqdukPINvi_5LlcCxeZ8YFyxdh5TTdV6TTSbEO4TcUQXFXn9FZEjgqMa0hkmAw4lICiejhrq5Y88aLKXgs5HL-rFDB-yuCAPEOFtH2hJP9jSqpuixffcp-W4SmwshTFb3ffk9g==&abvar=11&os=0 HTTP/1.1
Host: go6shde9nj2itle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=23012504572a532b33281f44b88f89aa42ad
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACQ6xAAAAAAAAAAB; Path=/; Expires=Fri, 24 Feb 2023 09:57:49 GMT; Secure; SameSite=None
OACIBLOCK=ACQ6xAAAAABj0LdQ; Path=/; Expires=Fri, 24 Feb 2023 09:57:49 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Thu, 26 Jan 2023 09:57:49 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
go6shde9nj2itle.com/get/1909509?zoneid=1909509&jp=_cl91537pjetqn9ympeiwz7&nojs=0&ix=0&abvar=13&t=0&x=801&y=801&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5457773808258727
62.122.171.6200 OK 2.9 kB URL HTTP/2 go6shde9nj2itle.com/get/1909509?zoneid=1909509&jp=_cl91537pjetqn9ympeiwz7&nojs=0&ix=0&abvar=13&t=0&x=801&y=801&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5457773808258727
IP 62.122.171.6:0
Hash d4531293051e05aa2c167aff6c9da381
f282bedf5d71236567c089d73ca565d137a3ddeb
292cb1ffa53d278105df42bb35dbf198cb97713250193d7904e5cc7bb7c2162f
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1909509?zoneid=1909509&jp=_cl91537pjetqn9ympeiwz7&nojs=0&ix=0&abvar=13&t=0&x=801&y=801&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5457773808258727 HTTP/1.1
Host: go6shde9nj2itle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=23012504572a532b33281f44b88f89aa42ad; Path=/; Expires=Thu, 25 Jan 2024 09:57:49 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ads.adxadserv.com/ad?spotid=6284ab4761d6e2176f0243c1&type=300x250&output=html&extra1=0&ref=https%3A//javvin.me/&dt=1674640667468&screen=1280x1024&tags=
185.98.53.2200 OK 1.7 kB URL HTTP/2 ads.adxadserv.com/ad?spotid=6284ab4761d6e2176f0243c1&type=300x250&output=html&extra1=0&ref=https%3A//javvin.me/&dt=1674640667468&screen=1280x1024&tags=
IP 185.98.53.2:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (579)
Hash f40a04c6a4fe7a0de688fa3af58c791c
b41d26482bb1b119b7db5c2490565404660db3be
a8ded330358c909b7a1170be5c4fae8fd41a35860913c22b583b485c80ad6249
GET /ad?spotid=6284ab4761d6e2176f0243c1&type=300x250&output=html&extra1=0&ref=https%3A//javvin.me/&dt=1674640667468&screen=1280x1024&tags= HTTP/1.1
Host: ads.adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: text/html; charset=utf-8
content-length: 1721
cache-control: no-cache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
142.250.74.163200 OK 35 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.adxadserv.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 08:17:47 GMT
expires: Thu, 25 Jan 2024 08:17:47 GMT
cache-control: public, max-age=31536000
age: 6002
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 757fb6f3ddd82efa2befb3c42fce22e8
a8c806fe410afd7351df34821c97d43d6f26d7aa
8da86007e21d5ad31eb80e8edc331b9eb870b05529e8465709d2ed7bb115c7de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8DA86007E21D5AD31EB80E8EDC331B9EB870B05529E8465709D2ED7BB115C7DE"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6601
Expires: Wed, 25 Jan 2023 11:47:50 GMT
Date: Wed, 25 Jan 2023 09:57:49 GMT
Connection: keep-alive
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 08d6ed3d1c5e0d1049829835b43a2b07
fa283c8c1edf4fb4aa5acd158e897f0366b7e5be
1d549c096a104bba8ac57684b686e7ad2e815243467c977bc944b342a4118be9
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 09:57:49 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sun, 29 Jan 2023 08:44:14 GMT
ETag: "fa283c8c1edf4fb4aa5acd158e897f0366b7e5be"
Last-Modified: Wed, 25 Jan 2023 08:44:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 242
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78f0259a0eec1bfa-OSL
r.trwl1.com/s1/a8ec3868-5be4-44f0-9183-b8d5fb50a83f?externalId=b9da75be-9c96-11ed-8703-e25a5bb9767f&cv1=b9da75be-9c96-11ed-8703-e25a5bb9767f&cv9=6284ab4761d6e2176f0243c1
185.98.53.17200 OK 767 B URL HTTP/1.1 r.trwl1.com/s1/a8ec3868-5be4-44f0-9183-b8d5fb50a83f?externalId=b9da75be-9c96-11ed-8703-e25a5bb9767f&cv1=b9da75be-9c96-11ed-8703-e25a5bb9767f&cv9=6284ab4761d6e2176f0243c1
IP 185.98.53.17:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (571)
Hash e32991f279c45217c215e70a8ba49ce6
c8774ae016aeda2ad6c38fd72b35989fcce008cc
efd768b4f2fffd0880fef69ac67ef2510ea00e977cdb0c792b251af43eb58de8
GET /s1/a8ec3868-5be4-44f0-9183-b8d5fb50a83f?externalId=b9da75be-9c96-11ed-8703-e25a5bb9767f&cv1=b9da75be-9c96-11ed-8703-e25a5bb9767f&cv9=6284ab4761d6e2176f0243c1 HTTP/1.1
Host: r.trwl1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 25 Jan 2023 09:57:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 767
Connection: close
Set-Cookie: uid=5TUpmKOaM; Path=/; Domain=trwl1.com; Expires=Thu, 26 Jan 2023 09:57:49 GMT; HttpOnly
X-Request-Id: 04d8eccd-235d-4f7e-9d27-41e68f0fa66b
region1.google-analytics.com/g/collect?v=2&tid=G-HKECK5KR78>m=2oe1n0&_p=1008682776&cid=567792863.1674640667&ul=en-us&sr=1280x1024&_s=1&sid=1674640667&sct=1&seg=0&dl=https%3A%2F%2Fjavvin.me%2Fvideo%2FxQAPn%2Fstars-575-c-free-jav-porn-height-difference-40-cm-my-favorite-big-guys-are-appearing-one-after-another-insert-immediately&dt=STARS-575-C%20Free%20Jav%20Porn%20Height%20Difference%2040%20Cm%20My%20Favorite%20Big%20Guys%20Are%20Appearing%20One%20After%20Another%20Insert%20Immediately%20-%20JAVVIN.ME&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-HKECK5KR78>m=2oe1n0&_p=1008682776&cid=567792863.1674640667&ul=en-us&sr=1280x1024&_s=1&sid=1674640667&sct=1&seg=0&dl=https%3A%2F%2Fjavvin.me%2Fvideo%2FxQAPn%2Fstars-575-c-free-jav-porn-height-difference-40-cm-my-favorite-big-guys-are-appearing-one-after-another-insert-immediately&dt=STARS-575-C%20Free%20Jav%20Porn%20Height%20Difference%2040%20Cm%20My%20Favorite%20Big%20Guys%20Are%20Appearing%20One%20After%20Another%20Insert%20Immediately%20-%20JAVVIN.ME&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HKECK5KR78>m=2oe1n0&_p=1008682776&cid=567792863.1674640667&ul=en-us&sr=1280x1024&_s=1&sid=1674640667&sct=1&seg=0&dl=https%3A%2F%2Fjavvin.me%2Fvideo%2FxQAPn%2Fstars-575-c-free-jav-porn-height-difference-40-cm-my-favorite-big-guys-are-appearing-one-after-another-insert-immediately&dt=STARS-575-C%20Free%20Jav%20Porn%20Height%20Difference%2040%20Cm%20My%20Favorite%20Big%20Guys%20Are%20Appearing%20One%20After%20Another%20Insert%20Immediately%20-%20JAVVIN.ME&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javvin.me
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://javvin.me
date: Wed, 25 Jan 2023 09:57:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adxadserv.com/ascripts/pxl.js
185.98.53.29200 OK 78 kB URL HTTP/1.1 adxadserv.com/ascripts/pxl.js
IP 185.98.53.29:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (36114)
Hash 8348b78d100940ba1808a8e9b93f2e94
c2aa612dc3256c9f235dcfc6e330d0ecaf957768
9c983adf86ebc949957bdf55d524dfa278a79bea8d13f2efa9512c6dd37b86f5
GET /ascripts/pxl.js HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 25 Jan 2023 09:57:49 GMT
Content-Type: application/javascript
Content-Length: 77806
Connection: keep-alive
Last-Modified: Fri, 25 Sep 2020 09:55:25 GMT
ETag: "5f6dbe8d-12fee"
Expires: Wed, 25 Jan 2023 14:15:40 GMT
Cache-Control: max-age=86400, public
X-77-NZT: AblMCgpXHlX/ERUBAA
X-77-NZT-Ray: 2109d1107c4ac23a1dfdd0639222c22e
X-Cache: HIT
X-Age: 70929
X-77-POP: amsterdamNL
X-77-Cache: HIT
Accept-Ranges: bytes
fp.metricswpsh.com/fp?tag_id=27211
157.90.84.242204 No Content 96 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=27211
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
Hash 9ff72d56a8b743f362a38ec66f7aac16
0e43e723c6b5e311a098c8b0f1dc43c327a773fb
5518a3a1342d49c5a0091746e7b539610959e13f90eaf33ed3faa139a93a1f14
OPTIONS /fp?tag_id=27211 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://tsyndicate.com/
Origin: https://tsyndicate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Wed, 25 Jan 2023 09:57:49 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://tsyndicate.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash a236c7014c1f1a1e52d356f59e5d665a
b66c638eb2346287364c37725819bbab1f409d66
ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73769
date: Wed, 25 Jan 2023 09:57:49 GMT
access-control-allow-origin: *
etag: "63c93a4b-12029"
expires: Wed, 25 Jan 2023 10:57:49 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
widgets.amung.us/small/02/284.png
172.67.8.141200 OK 323 B URL HTTP/2 widgets.amung.us/small/02/284.png
IP 172.67.8.141:0
File type PNG image data, 80 x 15, 8-bit colormap, non-interlaced\012- data
Hash c8c031cd4e68c958ff7598887a60331d
4b329fe71ad88eef191231acf2775ddf99bc6367
aac87fcfd68ab4eeccdb139b5a1751eb119a80615ceaa5d1af94f213bc570789
GET /small/02/284.png HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://javvin.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: image/png
content-length: 323
last-modified: Sun, 13 Jun 2010 09:48:29 GMT
etag: "4c14a96d-143"
expires: Sat, 21 Jan 2023 01:08:10 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 463779
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f0259b3bceb511-OSL
X-Firefox-Spdy: h2
adxadserv.com/px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D6284ab4761d6e2176f0243c1%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fjavvin.me%252F%2526dt%253D1674640667468%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Ftsyndicate.com%252F&d_r=1&d_s=1280x1024&d_w=300x250&t_s=1674640667720&t_i=1674640667771&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=62ec39ff-4411-4aa8-a62a-b5581955149d&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=b9da75be-9c96-11ed-8703-e25a5bb9767f&spid=6284ab4761d6e2176f0243c1&fpid_sa=1674640667771&fpid=&feid_sa=1674640667771&sid_sa=1674640667771&feid=50c1c6d3600ff87baca384717c3bd96a&sid=cc7bf17d8b75abbfe5c724a7a055c9d6&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=tsyndicate.com&s_rst=1&e_d=%7B%22isResetRequired%22%3Atrue%7D&t_op=0.306
185.98.53.29200 OK 0 B URL HTTP/1.1 adxadserv.com/px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D6284ab4761d6e2176f0243c1%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fjavvin.me%252F%2526dt%253D1674640667468%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Ftsyndicate.com%252F&d_r=1&d_s=1280x1024&d_w=300x250&t_s=1674640667720&t_i=1674640667771&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=62ec39ff-4411-4aa8-a62a-b5581955149d&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=b9da75be-9c96-11ed-8703-e25a5bb9767f&spid=6284ab4761d6e2176f0243c1&fpid_sa=1674640667771&fpid=&feid_sa=1674640667771&sid_sa=1674640667771&feid=50c1c6d3600ff87baca384717c3bd96a&sid=cc7bf17d8b75abbfe5c724a7a055c9d6&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=tsyndicate.com&s_rst=1&e_d=%7B%22isResetRequired%22%3Atrue%7D&t_op=0.306
IP 185.98.53.29:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D6284ab4761d6e2176f0243c1%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fjavvin.me%252F%2526dt%253D1674640667468%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Ftsyndicate.com%252F&d_r=1&d_s=1280x1024&d_w=300x250&t_s=1674640667720&t_i=1674640667771&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=62ec39ff-4411-4aa8-a62a-b5581955149d&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=b9da75be-9c96-11ed-8703-e25a5bb9767f&spid=6284ab4761d6e2176f0243c1&fpid_sa=1674640667771&fpid=&feid_sa=1674640667771&sid_sa=1674640667771&feid=50c1c6d3600ff87baca384717c3bd96a&sid=cc7bf17d8b75abbfe5c724a7a055c9d6&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=tsyndicate.com&s_rst=1&e_d=%7B%22isResetRequired%22%3Atrue%7D&t_op=0.306 HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 25 Jan 2023 09:57:49 GMT
Content-Length: 0
Connection: keep-alive
fp.metricswpsh.com/fp?tag_id=27211
157.90.84.242200 OK 27 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=27211
IP 157.90.84.242:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash 893fd00d21cb2eafe2596e686ceaa7fd
5264446ff184115148de18a8885471fc116dd20f
b00f2b2b4f9190facc972e354768684fdc04f94d78bd9fac3050911bca41183f
POST /fp?tag_id=27211 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22286
Origin: https://tsyndicate.com
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 25 Jan 2023 09:57:49 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 27
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://tsyndicate.com
Set-Cookie: id=3909998548130709343; Expires=Thu, 25 Jan 2024 09:57:49 GMT; Secure; SameSite=None
Vary: Origin
go6shde9nj2itle.com/lv/esnk/1909587/code.js
62.122.171.6200 OK 44 kB URL HTTP/2 go6shde9nj2itle.com/lv/esnk/1909587/code.js
IP 62.122.171.6:0
Hash c401ead9123059054dc72f9b24e0d48e
eae21d95699c4df544c4b66aaadd28b43f187944
66210eb162864ff4877036500d4ba074b6d1bf18c838ef87265462466076a0cc
Analyzer Verdict Alert quad9 Sinkholed
GET /lv/esnk/1909587/code.js HTTP/1.1
Host: go6shde9nj2itle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: application/javascript
last-modified: Fri, 20 Jan 2023 10:35:18 GMT
vary: Accept-Encoding
etag: W/"63ca6e66-1a4d7"
x-js-ab1: var11
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
static.javhd.com/h5/files/overlay/1142-overlay.png
185.76.9.19200 OK 2.3 kB URL HTTP/2 static.javhd.com/h5/files/overlay/1142-overlay.png
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash c94604cd6e0f48b99f838935401390da
e31e1114a05ab87d88402038f4423354c66356ca
182fcef8cb4c0c0aaf6253a6fff930613b850c4867043169e98087cd6c3388d9
GET /h5/files/overlay/1142-overlay.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/10592/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F7dd524f6-5653-4001-b2c7-bd4477af0f42%3Fcv1%3Db9da75be-9c96-11ed-8703-e25a5bb9767f%26cv9%3D6284ab4761d6e2176f0243c1%26externalId%3Db9da75be-9c96-11ed-8703-e25a5bb9767f%26p%3DeyJiIjoyNzIyNTIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIxNDIwfQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:50 GMT
content-type: image/png
content-length: 2331
last-modified: Tue, 07 May 2019 11:52:13 GMT
etag: "5cd1716d-91b"
expires: Tue, 23 May 2023 11:05:34 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839934
server: CDN77-Turbo
x-77-nzt: AblMCQ3Hq+n/oJJFAQ
x-77-nzt-ray: c0a4cc284e84fb271efdd063003a1203
x-cache: HIT
x-age: 21336736
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
mc.yandex.ru/watch/88694088/1?wmode=7&page-url=https%3A%2F%2Fjavvin.me%2Fvideo%2FxQAPn%2Fstars-575-c-free-jav-porn-height-difference-40-cm-my-favorite-big-guys-are-appearing-one-after-another-insert-immediately&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1075%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1454603603316%3Ahid%3A930079043%3Az%3A0%3Ai%3A20230125095748%3Aet%3A1674640668%3Ac%3A1%3Arn%3A434263619%3Arqn%3A1%3Au%3A167464066880392961%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C28%2C379%2C0%2C192%2C0%2C%2C647%2C43%2C%2C%2C%2C1279%3Aco%3A0%3Ans%3A1674640665905%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674640668%3At%3ASTARS-575-C%20Free%20Jav%20Porn%20Height%20Difference%2040%20Cm%20My%20Favorite%20Big%20Guys%20Are%20Appearing%20One%20After%20Another%20Insert%20Immediately%20-%20JAVVIN.ME&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.251.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/88694088/1?wmode=7&page-url=https%3A%2F%2Fjavvin.me%2Fvideo%2FxQAPn%2Fstars-575-c-free-jav-porn-height-difference-40-cm-my-favorite-big-guys-are-appearing-one-after-another-insert-immediately&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1075%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1454603603316%3Ahid%3A930079043%3Az%3A0%3Ai%3A20230125095748%3Aet%3A1674640668%3Ac%3A1%3Arn%3A434263619%3Arqn%3A1%3Au%3A167464066880392961%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C28%2C379%2C0%2C192%2C0%2C%2C647%2C43%2C%2C%2C%2C1279%3Aco%3A0%3Ans%3A1674640665905%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674640668%3At%3ASTARS-575-C%20Free%20Jav%20Porn%20Height%20Difference%2040%20Cm%20My%20Favorite%20Big%20Guys%20Are%20Appearing%20One%20After%20Another%20Insert%20Immediately%20-%20JAVVIN.ME&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 96df6e5e99bb33ee8bb1cf1fb2683f48
6a48069439f425853bc129cdf1cc1a5b81887cf9
cd4e7105d6bfed09455e265e54ccd3d2fd1a444862a326d883dbc97b3eab787b
GET /watch/88694088/1?wmode=7&page-url=https%3A%2F%2Fjavvin.me%2Fvideo%2FxQAPn%2Fstars-575-c-free-jav-porn-height-difference-40-cm-my-favorite-big-guys-are-appearing-one-after-another-insert-immediately&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1075%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1454603603316%3Ahid%3A930079043%3Az%3A0%3Ai%3A20230125095748%3Aet%3A1674640668%3Ac%3A1%3Arn%3A434263619%3Arqn%3A1%3Au%3A167464066880392961%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C28%2C379%2C0%2C192%2C0%2C%2C647%2C43%2C%2C%2C%2C1279%3Aco%3A0%3Ans%3A1674640665905%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674640668%3At%3ASTARS-575-C%20Free%20Jav%20Porn%20Height%20Difference%2040%20Cm%20My%20Favorite%20Big%20Guys%20Are%20Appearing%20One%20After%20Another%20Insert%20Immediately%20-%20JAVVIN.ME&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javvin.me
Referer: https://javvin.me/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Wed, 25 Jan 2023 09:57:50 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://javvin.me
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 25-Jan-2023 09:57:50 GMT
last-modified: Wed, 25-Jan-2023 09:57:50 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8132
Expires: Wed, 25 Jan 2023 12:13:22 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8132
Expires: Wed, 25 Jan 2023 12:13:22 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8132
Expires: Wed, 25 Jan 2023 12:13:22 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8132
Expires: Wed, 25 Jan 2023 12:13:22 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8132
Expires: Wed, 25 Jan 2023 12:13:22 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:33:54 GMT
age: 8636
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05ff19472d4870833d7c6b495099a86c
6ad7424d14301c62a93ea71843238d2ff0699a02
1f2c62b3be1147d1ed12d1e28caa86c97684d5c5da87ebe3a709ce01cd878abb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: eaa1dff1-44ea-47ff-b211-1dd709d9b259
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLP5IGAHIAMFm9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdf9d3-3ccb4f9322744f546fff8a9a;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:06:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3ImH7pi4LZOZo6IqNquoa5C97jI9U0LdwbEKSDU1Cf4R9pITWYhyAw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 04:04:43 GMT
age: 21187
etag: "6ad7424d14301c62a93ea71843238d2ff0699a02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b458c619b07de23b3620f392b0f56f6
e45a3cfee589406e1ea0f1ebd6e8d321487474e1
9927c7a8e606180964b6e052e1eb2bacb007d05a46c1f04e28c48a74096d3c03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8736
x-amzn-requestid: 65bdef1c-0389-4d16-b5fd-931d4753d75d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYVuF_4oAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca0757-1569aec44c54b7c87663feae;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3fzmJ8iZrVvBDurLOdAJXB6uuvk6KHvIBuKzMKAMSjKUzWICg1cCjQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:47:09 GMT
age: 15041
etag: "e45a3cfee589406e1ea0f1ebd6e8d321487474e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc3762f9-ecc0-4ad9-9272-0a3e8e55d247.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc3762f9-ecc0-4ad9-9272-0a3e8e55d247.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7d50173f78bef1429160a353679dd91
695d7913e35a7e086d76c38d7c6f43462b0896df
4c761d1f9fd523750102aea0cce3f8c3cd92918d4c59853415745278292afa4b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc3762f9-ecc0-4ad9-9272-0a3e8e55d247.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6231
x-amzn-requestid: 85406169-05a4-4ba9-8a20-5ed2badec48a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEXPmGB_oAMF7Zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb38ca-607a23df395511207f5958cd;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 00:58:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t8iFgYP3qA9gX0Cr2RgSJzQZ3QNTBHyEKwmKqYYx9EXdM60WOp6AaQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 06:25:50 GMT
age: 12720
etag: "695d7913e35a7e086d76c38d7c6f43462b0896df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59be5df3-0d3c-4611-9b91-9ce5041a7a57.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59be5df3-0d3c-4611-9b91-9ce5041a7a57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbbcba4403c1ea4e45ff47894d66e984
8555e8d6a38b78829a7dd2f10eb99bdbb254d89a
c9acd732889f9a58b085ceee3ceb8040fedb1e85ddb9f5b933960472c2f8d147
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59be5df3-0d3c-4611-9b91-9ce5041a7a57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3109
x-amzn-requestid: 89df621b-47d8-4127-8e4f-8e57f3244419
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKV9hFNKIAMFtlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cd9d23-0b4c0b5d2bf8c22b2ada0e9c;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 20:31:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: B62xY4rlFNdJGd5ethwkCIwQTsegDVJy6s7OptIr1g_E8GvwttW2sQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 10:04:44 GMT
age: 85986
etag: "8555e8d6a38b78829a7dd2f10eb99bdbb254d89a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0e7609-9fe9-4d8e-8e5d-d900bbac3bcf.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0e7609-9fe9-4d8e-8e5d-d900bbac3bcf.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 946d8485d39fbe598dc6af86e735061d
4934319819697b4c89466949cd4ef93bb8b9c8b2
7bd130762bfaa189b24e3620e4a54b8e0cc7046ea2d917c37d11a8f248803840
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0e7609-9fe9-4d8e-8e5d-d900bbac3bcf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9343
x-amzn-requestid: 5786e270-1aae-45e2-b406-ad9ce4e90c20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHH8hEcBIAMFyjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5383-3b3fb6220035b4e34db73fee;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:05:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ffDYSL3N0ZZ2vGX3d94Evnu0SeEkLWwv4HRHdyUYXQ19MstDR4jROA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 09:04:06 GMT
age: 3224
etag: "4934319819697b4c89466949cd4ef93bb8b9c8b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 25 Jan 2023 09:57:50 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Wed, 25 Jan 2023 10:57:50 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a39d76af3a183e51ee3d5079db8f8b6b
f9b5ca4b6b57ab6d179e58e01e50bf9eaa0592b5
6859771f58ff83a24cea5ec1559bce3ccebad1d2c01f8c98e31131eacc6de665
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6859771F58FF83A24CEA5EC1559BCE3CCEBAD1D2C01F8C98E31131EACC6DE665"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7005
Expires: Wed, 25 Jan 2023 11:54:35 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ab448afff68c74987a5bc101e1627340
794fd97e74f9f5225338ad906a1929c8f1d708e6
e6517d65f2080f708822f17a1a2c7634ca4839ef62123038748bd18b13f16483
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6517D65F2080F708822F17A1A2C7634CA4839EF62123038748BD18B13F16483"
Last-Modified: Mon, 23 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15821
Expires: Wed, 25 Jan 2023 14:21:31 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ab448afff68c74987a5bc101e1627340
794fd97e74f9f5225338ad906a1929c8f1d708e6
e6517d65f2080f708822f17a1a2c7634ca4839ef62123038748bd18b13f16483
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6517D65F2080F708822F17A1A2C7634CA4839EF62123038748BD18B13F16483"
Last-Modified: Mon, 23 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15821
Expires: Wed, 25 Jan 2023 14:21:31 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 58a129686b24b901067395eb771738af
20ba2762b6238a531392299f6690cd142beb1597
247b49c773353a0ccc09c9cdc9a5edba2cf3f36ac1f9e8272a494a0c13cc2f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "247B49C773353A0CCC09C9CDC9A5EDBA2CF3F36AC1F9E8272A494A0C13CC2F29"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8361
Expires: Wed, 25 Jan 2023 12:17:11 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash aa0348f481aaa550e520ad37dc9d4b41
381130d72422f4a09ea67868b7056a9dc2a50e75
715df29e168b5f56007d71d34070fdedafbde78f0ca36facd549028e2b067156
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "715DF29E168B5F56007D71D34070FDEDAFBDE78F0CA36FACD549028E2B067156"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10949
Expires: Wed, 25 Jan 2023 13:00:19 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 50fe474501329196076ce0107e596e02
433f8f4b2efc5d47db33a1965ac114e1a19e1f6c
ac436a944369a6ee0c6d322b2c0984e6dccdf8d8b33ec4c82de61d04801e8128
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC436A944369A6EE0C6D322B2C0984E6DCCDF8D8B33EC4C82DE61D04801E8128"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5817
Expires: Wed, 25 Jan 2023 11:34:47 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 044fb4a6ac082f7e507932b2f8586d2c
da835a7e3cadf8b8a91373e689f0e36c97adbb64
d7c07661d7b6af48e827ad6711d47f47e1c2aebed2917f7cafb69d704a7ddb19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7C07661D7B6AF48E827AD6711D47F47E1C2AEBED2917F7CAFB69D704A7DDB19"
Last-Modified: Tue, 24 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3736
Expires: Wed, 25 Jan 2023 11:00:06 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b1dcc9805b9b4fb22fedaff845c60af1
c76efd5f0e5c93654e1e60d1be584810f8f18256
3a4925ebea683ce507bba0e1657936f0b5c3228ca40c345ecd86913d44be98de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A4925EBEA683CE507BBA0E1657936F0B5C3228CA40C345ECD86913D44BE98DE"
Last-Modified: Tue, 24 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5321
Expires: Wed, 25 Jan 2023 11:26:31 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
2ba4e39106.ca14e8e9e9.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIyMDEwMDI4NDg2MjA5NzY5NTAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMjEuMSIsInRhZ19pZCI6MjcyMTEsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC43NCwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiIn0=
45.133.44.24200 OK 0 B URL HTTP/2 2ba4e39106.ca14e8e9e9.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIyMDEwMDI4NDg2MjA5NzY5NTAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMjEuMSIsInRhZ19pZCI6MjcyMTEsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC43NCwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiIn0=
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIyMDEwMDI4NDg2MjA5NzY5NTAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMjEuMSIsInRhZ19pZCI6MjcyMTEsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC43NCwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiIn0= HTTP/1.1
Host: 2ba4e39106.ca14e8e9e9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tsyndicate.com
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:50 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/wp-banners.js
45.133.44.25200 OK 0 B URL HTTP/2 js.wpshsdk.com/npc/sdk/wp-banners.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Wed, 25 Jan 2023 10:02:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash aaccd4124d11de7e369549ba3b6dbcec
55969597e4d73dc0d50891346877e7e234a94966
94213ea8ce8ffecd0b6bd602a4cb44aa4bdafc272e7e9bc03fa0f9e954836ab1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94213EA8CE8FFECD0B6BD602A4CB44AA4BDAFC272E7E9BC03FA0F9E954836AB1"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8757
Expires: Wed, 25 Jan 2023 12:23:47 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash aaccd4124d11de7e369549ba3b6dbcec
55969597e4d73dc0d50891346877e7e234a94966
94213ea8ce8ffecd0b6bd602a4cb44aa4bdafc272e7e9bc03fa0f9e954836ab1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94213EA8CE8FFECD0B6BD602A4CB44AA4BDAFC272E7E9BC03FA0F9E954836AB1"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8757
Expires: Wed, 25 Jan 2023 12:23:47 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1a52fdff0c0e67e261f5fd129451540f
1536035aa9ca84365664c5b627b5e492722b9d3f
aea553549ab00693fc5bbf1334de4cb6e858c070a61379df33aac1b038be9b46
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEA553549AB00693FC5BBF1334DE4CB6E858C070A61379DF33AAC1B038BE9B46"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3948
Expires: Wed, 25 Jan 2023 11:03:38 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
js.capndr.com/popunder-admanager/build.m.js
45.133.44.24200 OK 29 kB URL HTTP/2 js.capndr.com/popunder-admanager/build.m.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (46453)
Hash dd1b6985d737f96b853bc2a950555408
92668302fe7e2e0c403b4ec9a9fc4fdf213a268f
4e56d12cbb95ddfc26f0f25cbc822842daebbd3a445123260f4e92882ef43ddf
GET /popunder-admanager/build.m.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 25 Jan 2023 09:48:07 GMT
etag: W/"63d0fad7-b577"
content-encoding: gzip
expires: Wed, 25 Jan 2023 10:02:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b74f5f4e5fe95d77edb9f8a98c2569d
81a9feb50d60da79b669b70e7fc0aa2b03d22d5f
31c0b247cf0aa06e93f5dbb3f3dcf0ff5c3347d64222219f3a8bd7c8183c121f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31C0B247CF0AA06E93F5DBB3F3DCF0FF5C3347D64222219F3A8BD7C8183C121F"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7400
Expires: Wed, 25 Jan 2023 12:01:10 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
466c1dd533.d3facc45b5.com/health/
159.69.163.6200 OK 0 B URL HTTP/2 466c1dd533.d3facc45b5.com/health/
IP 159.69.163.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /health/ HTTP/1.1
Host: 466c1dd533.d3facc45b5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 25 Jan 2023 09:57:50 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
js.natsdk.com/npc/sdk/native.m.js
45.133.44.25200 OK 15 kB URL HTTP/2 js.natsdk.com/npc/sdk/native.m.js
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (45618), with no line terminators
Hash 537af9728cefbc837681a504e734998d
be689e112c962a6deb33b4cce31900c88a0a6943
94be201b5c9ea50937dc7863a9933795d7777cdcbd7a606c92c69163579a2d53
GET /npc/sdk/native.m.js HTTP/1.1
Host: js.natsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 20 Dec 2022 14:01:44 GMT
etag: W/"63a1c048-b232"
content-encoding: gzip
expires: Wed, 25 Jan 2023 10:02:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6f9b140194cbbac0e86f16cf77b9d750
2792ac5ed70d44e256ca982b0acdb586d9f302a4
b5c49054bf6aca4817c4b510056f2143b5fe6766770ad9a37106674ee6167148
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5C49054BF6ACA4817C4B510056F2143B5FE6766770AD9A37106674EE6167148"
Last-Modified: Tue, 24 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11310
Expires: Wed, 25 Jan 2023 13:06:20 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
js.wpshsdk.com/npc/sdk/push.m.js?v=1
45.133.44.25200 OK 26 kB URL HTTP/2 js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (63644), with no line terminators
Hash 3e43ff6476b2303131a0436eb5756693
48b7cd7097a4e36c57ac5bc2b4671acd980303db
22fab9fa9f48df3c1550fcdc947549cc34547b15011993b596e3a94ab9273b17
GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 11 Jan 2023 09:42:43 GMT
etag: W/"63be8493-f953"
content-encoding: gzip
expires: Wed, 25 Jan 2023 10:02:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.cabnnr.com/banner-admanager/build.m.js
45.133.44.24200 OK 18 kB URL HTTP/2 js.cabnnr.com/banner-admanager/build.m.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (53365), with no line terminators
Hash 01dcbecab1798f493a91b03815ffaebf
9a7857232659ccaf5a798f15f91932d71c3d90e9
ceb2d53fa279a11a5f7da6f3cd9b0fd8db308b9395db7121b01ea953018f11cf
GET /banner-admanager/build.m.js HTTP/1.1
Host: js.cabnnr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 06 Dec 2022 14:48:02 GMT
etag: W/"638f5622-d077"
content-encoding: gzip
expires: Wed, 25 Jan 2023 10:02:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.canstrm.com/vast-vpaid-player/main.js
45.133.44.24200 OK 45 kB URL HTTP/2 js.canstrm.com/vast-vpaid-player/main.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (48740)
Hash 31792c09d686e9f9d1a5fab285feae4c
d56dc9226f198a3117baa8ebde33857d9cf0690d
aa4c69918f854e64aabe3fe6418069ff76da61f3f00b8f72bb20a3350be51ab3
GET /vast-vpaid-player/main.js HTTP/1.1
Host: js.canstrm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 12 Jan 2023 13:38:15 GMT
etag: W/"63c00d47-209da"
content-encoding: gzip
expires: Wed, 25 Jan 2023 10:02:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c99254e2c3f67963bf43d10a16eeeb26
969bfc2c26f744eacb96ccf4240efa98c89b3783
6fdd068a8dbcc458b2ffba6d815c2519e30c5e3dd930dda63420d1ff57e006c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FDD068A8DBCC458B2FFBA6D815C2519E30C5E3DD930DDA63420D1FF57E006C4"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11715
Expires: Wed, 25 Jan 2023 13:13:05 GMT
Date: Wed, 25 Jan 2023 09:57:50 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b362bb90c9cee43ea8988a9bee929826
b51f47957f8fe55c980e0a49b85854b79b807cbe
cc293fb421a2f28ebba781341cf2a6d76e0fb31310222730f72b739b990f3034
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3283
Cache-Control: max-age=112554
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 09:57:50 GMT
Etag: "63d004f5-116"
Expires: Thu, 26 Jan 2023 17:13:44 GMT
Last-Modified: Tue, 24 Jan 2023 16:19:01 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
lcdn.tsyndicate.com/images/a/e/1baea15452576323044a9220863cbc4364790f/main.jpg
8.254.252.211200 OK 14 kB URL HTTP/2 lcdn.tsyndicate.com/images/a/e/1baea15452576323044a9220863cbc4364790f/main.jpg
IP 8.254.252.211:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Hash 9fd8a43298102526be12e82fb852477f
e367e34721691f3ca71c847b2f924b749117ff6b
83e802074fec6561c900e3f253b688402adaefa8884c53a42d4f3e9a399de80f
GET /images/a/e/1baea15452576323044a9220863cbc4364790f/main.jpg HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://466c1dd533.d3facc45b5.com/
Cookie: ts_uid=9130ab27-16b6-4513-a185-2cb06cf85371
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:50 GMT
content-type: image/jpeg
content-length: 13886
last-modified: Fri, 04 Mar 2022 08:58:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"6221d4a7-3696"
age: 28256000
accept-ranges: bytes
X-Firefox-Spdy: h2
go.xlivrdr.com/smartpop/165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=ooc4ASOoumtqutdVdTdRZXO6VzqpbXUzOodTK6V0rpXT1UU0uldK6V0zpXSuldK6Z0rpXTOc6amemieuWepxirBt3rmbePUP7nOldK6V0rpXSuldK6VwfYA-&sourceId=3918598&p1=4581534&skipOffset=00:00:05
104.18.59.150302 Found 0 B URL HTTP/2 go.xlivrdr.com/smartpop/165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=ooc4ASOoumtqutdVdTdRZXO6VzqpbXUzOodTK6V0rpXT1UU0uldK6V0zpXSuldK6Z0rpXTOc6amemieuWepxirBt3rmbePUP7nOldK6V0rpXSuldK6VwfYA-&sourceId=3918598&p1=4581534&skipOffset=00:00:05
IP 104.18.59.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=ooc4ASOoumtqutdVdTdRZXO6VzqpbXUzOodTK6V0rpXT1UU0uldK6V0zpXSuldK6Z0rpXTOc6amemieuWepxirBt3rmbePUP7nOldK6V0rpXSuldK6VwfYA-&sourceId=3918598&p1=4581534&skipOffset=00:00:05 HTTP/1.1
Host: go.xlivrdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tsyndicate.com/
Origin: https://tsyndicate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 25 Jan 2023 09:57:51 GMT
content-length: 0
location: https://go.xlivrdr.com/api/models/vast?campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=1aa4022af61bfad6ec7c637003dfb79b6edb7465c731eac0e6955245fc823c00&duration=00%3A00%3A30&endpoint=room&iterationId=397613&masterSmartpopId=2683&memberId=ooc4ASOoumtqutdVdTdRZXO6VzqpbXUzOodTK6V0rpXT1UU0uldK6V0zpXSuldK6Z0rpXTOc6amemieuWepxirBt3rmbePUP7nOldK6V0rpXSuldK6VwfYA-&p1=4581534&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=3918598&tag=-girls%2Findian&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=30208&videosList=oil-show11
access-control-allow-origin: https://tsyndicate.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=7868025.30208; Path=/; HttpOnly; SameSite=Strict
__cflb=04dToQvE4FPLng5Mz6amGAT9NT3YTLCf4wmJd42qYg; SameSite=None; Secure; path=/; expires=Thu, 26-Jan-23 08:57:51 GMT; HttpOnly
server: cloudflare
cf-ray: 78f025a18a6bb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b362bb90c9cee43ea8988a9bee929826
b51f47957f8fe55c980e0a49b85854b79b807cbe
cc293fb421a2f28ebba781341cf2a6d76e0fb31310222730f72b739b990f3034
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3284
Cache-Control: max-age=112554
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 09:57:51 GMT
Etag: "63d004f5-116"
Expires: Thu, 26 Jan 2023 17:13:45 GMT
Last-Modified: Tue, 24 Jan 2023 16:19:01 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
466c1dd533.d3facc45b5.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTQ5Niwic3BhY2VpZCI6MTQ5NiwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IiwiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI2ODI3NjcxMDMiLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjo0Njg4NiwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOnRydWUsInJlZmRvbWFpbiI6ImphdnZpbi5tZSIsInBsIjoyNjksInN0cmF0YWdlbSI6Im5sYWJlbC1hIiwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6MH0sImJhbm5lciI6eyJ3IjozMDAsImgiOjI1MH19XSwic2l0ZSI6eyJpZCI6IjQ2ODg2IiwiY2F0IjpbIklBQjI1Il0sInBhZ2UiOiJodHRwczovL2phdnZpbi5tZS8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiYjAxNDM1MThlODQxYjI0NzBhZjg0ZDg2ZTFiMDlkM2IiLCJmcCI6bnVsbH0sImV4dCI6eyJkdCI6MTY3NDY0MDY2ODc2MH19
159.69.163.6200 OK 3.7 kB URL HTTP/2 466c1dd533.d3facc45b5.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTQ5Niwic3BhY2VpZCI6MTQ5NiwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IiwiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI2ODI3NjcxMDMiLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjo0Njg4NiwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOnRydWUsInJlZmRvbWFpbiI6ImphdnZpbi5tZSIsInBsIjoyNjksInN0cmF0YWdlbSI6Im5sYWJlbC1hIiwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6MH0sImJhbm5lciI6eyJ3IjozMDAsImgiOjI1MH19XSwic2l0ZSI6eyJpZCI6IjQ2ODg2IiwiY2F0IjpbIklBQjI1Il0sInBhZ2UiOiJodHRwczovL2phdnZpbi5tZS8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiYjAxNDM1MThlODQxYjI0NzBhZjg0ZDg2ZTFiMDlkM2IiLCJmcCI6bnVsbH0sImV4dCI6eyJkdCI6MTY3NDY0MDY2ODc2MH19
IP 159.69.163.6:0
ASN #24940 Hetzner Online GmbH
Hash 6692c668603c5cb39b1d30ec683360a6
73c1da6af6a809622c017a196bbd4b5a28a21c64
5773f00d717a0650236df05e9f26678ca72ef3bebfb0c67d8c0b434290560df8
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTQ5Niwic3BhY2VpZCI6MTQ5NiwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IiwiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI2ODI3NjcxMDMiLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjo0Njg4NiwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOnRydWUsInJlZmRvbWFpbiI6ImphdnZpbi5tZSIsInBsIjoyNjksInN0cmF0YWdlbSI6Im5sYWJlbC1hIiwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6MH0sImJhbm5lciI6eyJ3IjozMDAsImgiOjI1MH19XSwic2l0ZSI6eyJpZCI6IjQ2ODg2IiwiY2F0IjpbIklBQjI1Il0sInBhZ2UiOiJodHRwczovL2phdnZpbi5tZS8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiYjAxNDM1MThlODQxYjI0NzBhZjg0ZDg2ZTFiMDlkM2IiLCJmcCI6bnVsbH0sImV4dCI6eyJkdCI6MTY3NDY0MDY2ODc2MH19 HTTP/1.1
Host: 466c1dd533.d3facc45b5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 25 Jan 2023 09:57:50 GMT
content-type: text/html
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIQFMmDJkycuaI0HGDhYgwY-gsjOGQzpmFImKQoUFDxhgaYVrImHHjRgsaM2bIaCEGxwwyLQrSEENmRhkZMnLMwCHC4Rwxacgo1LFFhA0cMm7YuBEDxgwRXRyOcTM0B40aDsPUGYOxhtIaMnDQuDEjhssYNWrMyMG0pwigZDCmoVOmzZcYbg3aWWgjhw0ZDuHUEbNQLdiscOAslBHDL0URc-BI1EEjhlIZNWA4LIOHzpfIkx-S0fPGTZm7NPy6HdNGsY4aMWTQcJqVjBm-gN-6cbNQ5Yy0OTSLaOPmoo6kM_oGJm7cMgwYNhzWkcOmd-rZNXJIl4ERDR06cOboePGCTRg3ZNIUdyFGThg9ehDOMU3nzhs5a1yMedPmxY8wdMzRQxl5KIFGEmq8gYcTamQxQxNEBDFHEm00kcYTalRBgxNUJKFHE1REUQMTQyhRB4IKOjHEHWmMkUcSNjxBhYQUVnGhGmfQAGETE7oRxI1F4GFGFD1wUcdzMtgA4Bg9wCabU0YiqSQcYvSwRhBWCIFEDli88UUUUrAhQxlzYcEEDDRQgQQSRRhhxhR4DCEFGnEQ8UUWbsAmBBNW4AEDEXHcgcUdatixxBU0pIHGFEhdMQUZb8xxhBBSCPHbFG7ggQQeaSgRRg1xuIGGFXI8YQQWbGihxBJvFEHFE1VoIUYTUiCBgxvnGVHDFGGccUcUX5xRRRJESGGjW5C2gZEaYdhhh3outFHGagAutEVZUYkAhxxc6WBTC9A5JMZtOsDgwnNYiTAGHHZt2625SNLgkBx2uCaDcGWsq2y559ImQh11pIGRGDDEgBJsOJQhVgxiyHYDDGGYIRYZONhQBsMw5FATYQ6l4ZoIOcTgQnAudOQCWjS4VUcYGDXxhh5psGHeCzWcCwIKV6gH6R1zgMAhCE2duwMIObthAw1D43H00PTq0FTNMKQAwhH5rvHGC_c2VXDBIBiRhhxlmKHgC0-fu1q3IjjxhFv3fTEG2mq7xQbaRTiBbBl2fAF2dU57dYNLRz037xm8HVcDDg2JcFDe7S2EAw4OLf5FG2_EdVzFj5Ehxxu9ORTpQvJquzkeeYA-b9jdfRfeeC8w6yy00r7g1hz0YrQ5HQDe10IdbswFrshkjHEDsmgf9EXww1e0bwxL0XA0dA8rz53TzT-_FHRp1aZ3GZF9US31Nzg_2_Wb5R0GGwgFaO1vLMxAQ7ZhiBHaQWZoxYZEgc29kHD65u0eHWngnNOk0hwZ9EEBAQE%3D&r=1&s=b620298f041a1bfa25726ab7a3342f46f07e8439a0c3ba5f4805d6d8c8397c581674640670&w=t
136.243.81.150200 OK 35 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIQFMmDJkycuaI0HGDhYgwY-gsjOGQzpmFImKQoUFDxhgaYVrImHHjRgsaM2bIaCEGxwwyLQrSEENmRhkZMnLMwCHC4Rwxacgo1LFFhA0cMm7YuBEDxgwRXRyOcTM0B40aDsPUGYOxhtIaMnDQuDEjhssYNWrMyMG0pwigZDCmoVOmzZcYbg3aWWgjhw0ZDuHUEbNQLdiscOAslBHDL0URc-BI1EEjhlIZNWA4LIOHzpfIkx-S0fPGTZm7NPy6HdNGsY4aMWTQcJqVjBm-gN-6cbNQ5Yy0OTSLaOPmoo6kM_oGJm7cMgwYNhzWkcOmd-rZNXJIl4ERDR06cOboePGCTRg3ZNIUdyFGThg9ehDOMU3nzhs5a1yMedPmxY8wdMzRQxl5KIFGEmq8gYcTamQxQxNEBDFHEm00kcYTalRBgxNUJKFHE1REUQMTQyhRB4IKOjHEHWmMkUcSNjxBhYQUVnGhGmfQAGETE7oRxI1F4GFGFD1wUcdzMtgA4Bg9wCabU0YiqSQcYvSwRhBWCIFEDli88UUUUrAhQxlzYcEEDDRQgQQSRRhhxhR4DCEFGnEQ8UUWbsAmBBNW4AEDEXHcgcUdatixxBU0pIHGFEhdMQUZb8xxhBBSCPHbFG7ggQQeaSgRRg1xuIGGFXI8YQQWbGihxBJvFEHFE1VoIUYTUiCBgxvnGVHDFGGccUcUX5xRRRJESGGjW5C2gZEaYdhhh3outFHGagAutEVZUYkAhxxc6WBTC9A5JMZtOsDgwnNYiTAGHHZt2625SNLgkBx2uCaDcGWsq2y559ImQh11pIGRGDDEgBJsOJQhVgxiyHYDDGGYIRYZONhQBsMw5FATYQ6l4ZoIOcTgQnAudOQCWjS4VUcYGDXxhh5psGHeCzWcCwIKV6gH6R1zgMAhCE2duwMIObthAw1D43H00PTq0FTNMKQAwhH5rvHGC_c2VXDBIBiRhhxlmKHgC0-fu1q3IjjxhFv3fTEG2mq7xQbaRTiBbBl2fAF2dU57dYNLRz037xm8HVcDDg2JcFDe7S2EAw4OLf5FG2_EdVzFj5Ehxxu9ORTpQvJquzkeeYA-b9jdfRfeeC8w6yy00r7g1hz0YrQ5HQDe10IdbswFrshkjHEDsmgf9EXww1e0bwxL0XA0dA8rz53TzT-_FHRp1aZ3GZF9US31Nzg_2_Wb5R0GGwgFaO1vLMxAQ7ZhiBHaQWZoxYZEgc29kHD65u0eHWngnNOk0hwZ9EEBAQE%3D&r=1&s=b620298f041a1bfa25726ab7a3342f46f07e8439a0c3ba5f4805d6d8c8397c581674640670&w=t
IP 136.243.81.150:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/p/p.gif?p=APeIQFMmDJkycuaI0HGDhYgwY-gsjOGQzpmFImKQoUFDxhgaYVrImHHjRgsaM2bIaCEGxwwyLQrSEENmRhkZMnLMwCHC4Rwxacgo1LFFhA0cMm7YuBEDxgwRXRyOcTM0B40aDsPUGYOxhtIaMnDQuDEjhssYNWrMyMG0pwigZDCmoVOmzZcYbg3aWWgjhw0ZDuHUEbNQLdiscOAslBHDL0URc-BI1EEjhlIZNWA4LIOHzpfIkx-S0fPGTZm7NPy6HdNGsY4aMWTQcJqVjBm-gN-6cbNQ5Yy0OTSLaOPmoo6kM_oGJm7cMgwYNhzWkcOmd-rZNXJIl4ERDR06cOboePGCTRg3ZNIUdyFGThg9ehDOMU3nzhs5a1yMedPmxY8wdMzRQxl5KIFGEmq8gYcTamQxQxNEBDFHEm00kcYTalRBgxNUJKFHE1REUQMTQyhRB4IKOjHEHWmMkUcSNjxBhYQUVnGhGmfQAGETE7oRxI1F4GFGFD1wUcdzMtgA4Bg9wCabU0YiqSQcYvSwRhBWCIFEDli88UUUUrAhQxlzYcEEDDRQgQQSRRhhxhR4DCEFGnEQ8UUWbsAmBBNW4AEDEXHcgcUdatixxBU0pIHGFEhdMQUZb8xxhBBSCPHbFG7ggQQeaSgRRg1xuIGGFXI8YQQWbGihxBJvFEHFE1VoIUYTUiCBgxvnGVHDFGGccUcUX5xRRRJESGGjW5C2gZEaYdhhh3outFHGagAutEVZUYkAhxxc6WBTC9A5JMZtOsDgwnNYiTAGHHZt2625SNLgkBx2uCaDcGWsq2y559ImQh11pIGRGDDEgBJsOJQhVgxiyHYDDGGYIRYZONhQBsMw5FATYQ6l4ZoIOcTgQnAudOQCWjS4VUcYGDXxhh5psGHeCzWcCwIKV6gH6R1zgMAhCE2duwMIObthAw1D43H00PTq0FTNMKQAwhH5rvHGC_c2VXDBIBiRhhxlmKHgC0-fu1q3IjjxhFv3fTEG2mq7xQbaRTiBbBl2fAF2dU57dYNLRz037xm8HVcDDg2JcFDe7S2EAw4OLf5FG2_EdVzFj5Ehxxu9ORTpQvJquzkeeYA-b9jdfRfeeC8w6yy00r7g1hz0YrQ5HQDe10IdbswFrshkjHEDsmgf9EXww1e0bwxL0XA0dA8rz53TzT-_FHRp1aZ3GZF9US31Nzg_2_Wb5R0GGwgFaO1vLMxAQ7ZhiBHaQWZoxYZEgc29kHD65u0eHWngnNOk0hwZ9EEBAQE%3D&r=1&s=b620298f041a1bfa25726ab7a3342f46f07e8439a0c3ba5f4805d6d8c8397c581674640670&w=t HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://466c1dd533.d3facc45b5.com/
Cookie: ts_uid=9130ab27-16b6-4513-a185-2cb06cf85371
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 09:57:51 GMT
content-type: text/plain; charset=utf-8
content-length: 35
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
rtbrennab.com/banner/in/show/?mid=5765284731831553971&pid=0&site=46886&sc=NO&usage_type=DCH&subid=682767103&sid=0&cid=10920&price=0&is_cpm=1&cpm=0.0024&ecpm=0.0019339199999999998&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=javvin.me&hostname=auc-banner-hz-5&site_id=0&spot_id=46886&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25&min_cpm=0.00012410027302060066&placement_type_id=269&skin_test=&verify_hash=&score=0&ml=&tag_ab=a&ttl=&space_id=1496&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fpreroll.hostave3.net%2Fnotifications%2Fzeropixel.png&pr=javvin.me&bid_crid=&bid_cid=&is_iframe=1&ad_tags=,&stratagem=nlabel-a&ssp=3758
162.55.139.130302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=5765284731831553971&pid=0&site=46886&sc=NO&usage_type=DCH&subid=682767103&sid=0&cid=10920&price=0&is_cpm=1&cpm=0.0024&ecpm=0.0019339199999999998&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=javvin.me&hostname=auc-banner-hz-5&site_id=0&spot_id=46886&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25&min_cpm=0.00012410027302060066&placement_type_id=269&skin_test=&verify_hash=&score=0&ml=&tag_ab=a&ttl=&space_id=1496&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fpreroll.hostave3.net%2Fnotifications%2Fzeropixel.png&pr=javvin.me&bid_crid=&bid_cid=&is_iframe=1&ad_tags=,&stratagem=nlabel-a&ssp=3758
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=5765284731831553971&pid=0&site=46886&sc=NO&usage_type=DCH&subid=682767103&sid=0&cid=10920&price=0&is_cpm=1&cpm=0.0024&ecpm=0.0019339199999999998&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=javvin.me&hostname=auc-banner-hz-5&site_id=0&spot_id=46886&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=native&iabcat=IAB25&min_cpm=0.00012410027302060066&placement_type_id=269&skin_test=&verify_hash=&score=0&ml=&tag_ab=a&ttl=&space_id=1496&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fpreroll.hostave3.net%2Fnotifications%2Fzeropixel.png&pr=javvin.me&bid_crid=&bid_cid=&is_iframe=1&ad_tags=,&stratagem=nlabel-a&ssp=3758 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://466c1dd533.d3facc45b5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 25 Jan 2023 09:57:51 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://preroll.hostave3.net/notifications/zeropixel.png
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8e0ccb8709b8e38019cfad7d7e8b59cf
946fa7ceae3771fb00507ed800c185c67f946b70
b24d912a8247bd2863800c049ccda30120accb391f3b61a91d8789a7c4b9c4c9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B24D912A8247BD2863800C049CCDA30120ACCB391F3B61A91D8789A7C4B9C4C9"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5870
Expires: Wed, 25 Jan 2023 11:35:41 GMT
Date: Wed, 25 Jan 2023 09:57:51 GMT
Connection: keep-alive
kts.cvastico.com/in/kevents/?e_type=start&sid=46885&stype=slider&iab=IAB25&feed_id=0&uid=61a113beeb5c1307f0131429d929c04f&auction_id=16175275629914138882&score=95.914372
62.122.173.18200 OK 0 B URL HTTP/2 kts.cvastico.com/in/kevents/?e_type=start&sid=46885&stype=slider&iab=IAB25&feed_id=0&uid=61a113beeb5c1307f0131429d929c04f&auction_id=16175275629914138882&score=95.914372
IP 62.122.173.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/kevents/?e_type=start&sid=46885&stype=slider&iab=IAB25&feed_id=0&uid=61a113beeb5c1307f0131429d929c04f&auction_id=16175275629914138882&score=95.914372 HTTP/1.1
Host: kts.cvastico.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 25 Jan 2023 09:57:50 GMT
content-type: text/xml
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
set-cookie: 1226.0=1; expires=Thu, 26 Jan 2023 09:57:50 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
mcpuwpsh.com/get/
94.130.197.134204 No Content 0 B IP 94.130.197.134:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tsyndicate.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://tsyndicate.com
Content-Length: 611
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.0
date: Wed, 25 Jan 2023 09:57:51 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
preroll.hostave3.net/notifications/zeropixel.png
104.21.235.4200 OK 42 B URL HTTP/2 preroll.hostave3.net/notifications/zeropixel.png
IP 104.21.235.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /notifications/zeropixel.png HTTP/1.1
Host: preroll.hostave3.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://466c1dd533.d3facc45b5.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:51 GMT
content-type: image/png
content-length: 42
last-modified: Tue, 11 Sep 2018 08:40:52 GMT
etag: "5b977f94-2a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 1088596
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4eQaP4UUYc2gqAUFMDaa9LhHCmkwjUi7zrUis39zt1F6Vw9l8agMx8mI0AwOJHYZ1nNfpfZLjvfOvCESzUQKpkOagFeRnWxUvzZNMWUfT%2Bwc1%2FwjH0ro7IhZn7nv2aF5shpcVn5%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78f025a36e4073e7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 184bcc373312baf633c3d7dcf3ed06c4
4d5937b71c3f38ab127422d3a2240fa9c6d4ee6a
340b0e3ccbdc0dd3376b63280ed7582d639a6c26150694e5a834046cf141f968
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "340B0E3CCBDC0DD3376B63280ED7582D639A6C26150694E5A834046CF141F968"
Last-Modified: Mon, 23 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11750
Expires: Wed, 25 Jan 2023 13:13:41 GMT
Date: Wed, 25 Jan 2023 09:57:51 GMT
Connection: keep-alive
btds.zog.link/in/va?spot_id=46886&view=1&tag_ab=a
109.206.191.198200 OK 2 B URL HTTP/2 btds.zog.link/in/va?spot_id=46886&view=1&tag_ab=a
IP 109.206.191.198:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /in/va?spot_id=46886&view=1&tag_ab=a HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tsyndicate.com
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 25 Jan 2023 09:57:51 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
set-cookie: 1840.0=1; expires=Thu, 26 Jan 2023 09:57:51 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
af158e4bd8.7b39be508c.com/in/multy
168.119.25.22200 OK 19 kB URL HTTP/2 af158e4bd8.7b39be508c.com/in/multy
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (19261), with no line terminators
Hash eb1e3c037e46f1d11c9bba2c366ed6c1
3347e70f7a5804b14a9985d56146e4389b741c37
aa5b3ad65832fb3f2725bde800acccda1e2da0c6edf523a9ffa7a181d21e8fd7
POST /in/multy HTTP/1.1
Host: af158e4bd8.7b39be508c.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 745
Origin: https://tsyndicate.com
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 25 Jan 2023 09:57:51 GMT
content-type: application/json
content-length: 19286
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
af158e4bd8.7b39be508c.com/in/show/?mid=5256984811639299728&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=76099205&sid=3054775692&cid=13433&price=0.0031&is_cpm=0&cpm=0&ecpm=0.3230401584321401&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=8.20.1&ver_c=&refdom=tsyndicate.com&hostname=auc-inpage-hz-3-b&site_id=3118774&spot_id=18774&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2023-01-25&is_native=2&auction_queue=0&burl=NSLcreT378G3VMQV6io7RyEz3NdK_lEKyh7NA5sjJgHkZuGHWNsPBQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5318774&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.021026225658308268&placement_type_id=&skin_test=0&verify_hash=c152933ce6bebcb09c59bc5f8ddf8b51&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D76099205%26spot_id%3D18774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Ftsyndicate.com%252F%26idzone%3D0%26sid%3D1546&ml=&tag_ab=a&original_bid=0.0031&user_fp=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=frCVkRZKF9HbhBNoe3Y1qT0sNZBlmgqQNhQCSxo-wjW4Rwf6FeUipxQu9a6ZIrHymxzub19lyEzm_uRdKuzav07vU8cowPCg4pgcCUUd0GWO50p0Ye3OP-zVILJSYmzk_gkd6r1_C_TyjFrHtBZDuW97j6uRQLpIE45ODSB0L5Rrt7f8qQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=25&vertical_id=0&real_bid=0.00269018&pr=javvin.me&user_keywords=&auc_type=1&aid=3335&ext_cid=0&device_theme=light&keywords=&label_ids=4,83,89,0&conditions=dch_ip,tz_offset&need_redirect_show=0&mlf=1&cpa=790d5420-68a3-4c56-9ddb-2896c93c5765&mlc=1&format=compact2-slide-b_r-embed
168.119.25.22200 OK 0 B URL HTTP/2 af158e4bd8.7b39be508c.com/in/show/?mid=5256984811639299728&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=76099205&sid=3054775692&cid=13433&price=0.0031&is_cpm=0&cpm=0&ecpm=0.3230401584321401&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=8.20.1&ver_c=&refdom=tsyndicate.com&hostname=auc-inpage-hz-3-b&site_id=3118774&spot_id=18774&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2023-01-25&is_native=2&auction_queue=0&burl=NSLcreT378G3VMQV6io7RyEz3NdK_lEKyh7NA5sjJgHkZuGHWNsPBQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5318774&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.021026225658308268&placement_type_id=&skin_test=0&verify_hash=c152933ce6bebcb09c59bc5f8ddf8b51&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D76099205%26spot_id%3D18774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Ftsyndicate.com%252F%26idzone%3D0%26sid%3D1546&ml=&tag_ab=a&original_bid=0.0031&user_fp=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=frCVkRZKF9HbhBNoe3Y1qT0sNZBlmgqQNhQCSxo-wjW4Rwf6FeUipxQu9a6ZIrHymxzub19lyEzm_uRdKuzav07vU8cowPCg4pgcCUUd0GWO50p0Ye3OP-zVILJSYmzk_gkd6r1_C_TyjFrHtBZDuW97j6uRQLpIE45ODSB0L5Rrt7f8qQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=25&vertical_id=0&real_bid=0.00269018&pr=javvin.me&user_keywords=&auc_type=1&aid=3335&ext_cid=0&device_theme=light&keywords=&label_ids=4,83,89,0&conditions=dch_ip,tz_offset&need_redirect_show=0&mlf=1&cpa=790d5420-68a3-4c56-9ddb-2896c93c5765&mlc=1&format=compact2-slide-b_r-embed
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?mid=5256984811639299728&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=76099205&sid=3054775692&cid=13433&price=0.0031&is_cpm=0&cpm=0&ecpm=0.3230401584321401&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=8.20.1&ver_c=&refdom=tsyndicate.com&hostname=auc-inpage-hz-3-b&site_id=3118774&spot_id=18774&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=2023-01-25&is_native=2&auction_queue=0&burl=NSLcreT378G3VMQV6io7RyEz3NdK_lEKyh7NA5sjJgHkZuGHWNsPBQ&pop_winurl=&ip=91.90.42.154&testab=0&px_id=5318774&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.021026225658308268&placement_type_id=&skin_test=0&verify_hash=c152933ce6bebcb09c59bc5f8ddf8b51&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D76099205%26spot_id%3D18774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Ftsyndicate.com%252F%26idzone%3D0%26sid%3D1546&ml=&tag_ab=a&original_bid=0.0031&user_fp=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=frCVkRZKF9HbhBNoe3Y1qT0sNZBlmgqQNhQCSxo-wjW4Rwf6FeUipxQu9a6ZIrHymxzub19lyEzm_uRdKuzav07vU8cowPCg4pgcCUUd0GWO50p0Ye3OP-zVILJSYmzk_gkd6r1_C_TyjFrHtBZDuW97j6uRQLpIE45ODSB0L5Rrt7f8qQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=25&vertical_id=0&real_bid=0.00269018&pr=javvin.me&user_keywords=&auc_type=1&aid=3335&ext_cid=0&device_theme=light&keywords=&label_ids=4,83,89,0&conditions=dch_ip,tz_offset&need_redirect_show=0&mlf=1&cpa=790d5420-68a3-4c56-9ddb-2896c93c5765&mlc=1&format=compact2-slide-b_r-embed HTTP/1.1
Host: af158e4bd8.7b39be508c.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 25 Jan 2023 09:57:51 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
af158e4bd8.7b39be508c.com/in/show/?mid=5256984811639299728&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=76099205&sid=3054775692&cid=2928&price=0.0001425&is_cpm=0&cpm=0&ecpm=0.0014044534569618294&crid=71516&crtid=ffd3520af8e288840ea28728931eb82f&tcid=0&out_id=0&ver=8.20.1&ver_c=&refdom=tsyndicate.com&hostname=auc-inpage-hz-3-b&site_id=3118774&spot_id=18774&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1674698270&created_at=2023-01-25&is_native=1&auction_queue=0&burl=PbRhtaS0I4V26a9rFmQHUt9EBZ1TJtCRlf5Se_XSmmOHebg6Jvdy0w&pop_winurl=&ip=91.90.42.154&testab=0&px_id=3118774&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=mq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0018782683768608663&placement_type_id=&skin_test=0&verify_hash=c6d5d83da6b2fa92c9f84f1e1e5102b3&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D76099205%26spot_id%3D18774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Ftsyndicate.com%252F%26idzone%3D0%26sid%3D1546&ml=&tag_ab=a&original_bid=0.0001425&user_fp=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=1ACofPTY1Iqp-OEqNxwasrLGtx9iz1nUmDGNPUC8fcPcutBTGlKGHY6Tc-RB1Nefbxnpf-Xz38v1jECCZGW2g33U9H2ZCr-bINHBbGdGwzpgJ0PEw8k8JjVFb83uV1wx7NXaJk0LFSlnQEuynwdmjoVfDAJE5d12VXtre9hE5NLwMD7JF1x3QksvWIZDl5QGepewFV4s_cYV8T8atShVxnvphbln-af_g6tK0Zko_S8o372pF-NuZPhUvcxGR_yE7fUdKeTCTDQH3s9XnsOlFGY1ROt_5XVUIoVxNLolnhmsbgEoyrLp1xY_vUSzkz0Jhi8zOVvEVQCvmZeKaIxRYT4qkg8UmqTReAKrp7bthJx_0AQKxHVNnZbkXh8UvDPWpBZfdFkwyC81z1ejKrKJSFpzrMQZzIKYrEC7961tVcgy2OA04qAeRqBWgZ3FgYC99N4v4R1XlhLXx19JR4asomxH_qs-P1Lgid6cqhhzXIgIER4z1YdlDwJEq2PN24sb1JDNyOm1iM6qOR5qdVlF7wmVYbBL8Unr1U4-gJyJlH1a_J6pMlGTFbDl-E8eDYRvnhFKQjK1W9L62EFve0W6-JJw6l-qQXSb8sM0rkrkz-jb_Pso-aS5pwWQ6X8E-hsUnRZPRlNCwkskAqM5IRSY2RPGrvZzHi5Dx42So4RXN-r8rXP4PM3iw27NmnenGMwIaMuse13YjWiRjQ&image_url=https%3A%2F%2Fimgdelnw.com%2Fie%3Fv%3D4%26c%3DmhFfs3YQUiLHGLKMWQFeS_n3hcMXegVvnwa7M-vwHPoJ-YlXu4mBuHVt5r5VhU4lNufgZu3MIUaOdZXSzAHp9qm6CQ70olrIK9SlrR3RVzwxgDX2SihLkGtIhCJVagHaHz2bnP-Q2i0TWocexLgFs0_HVa61SciCFSnIdF3uPnEqBD6_19gksl2s7L5wrji5xCiIaztzOJRcylTb7edZExEjfg-CbpRP2_BfTfLBJVEirYloyY7fxyKm7ZmYikIAgLj4oNKZKfoDIjlJZbSy4FhT2P09gniQ6V-fIbRSottVpZkH0GUdgtGvitNCZug17NFoDoJFw27CfeJbGqbCpKQw7ZopFKmw1Unfl_HJcSLY6VLtjoxiyt50EuQDTKku5TJKDMjrc2e7qpok_uoteli-HxFmW66Q9wDfJiVFk2dM6AngO7AUDg0YubpesJaFucgunhs%3D&skin_id=25&vertical_id=4&real_bid=0.00013092899999999998&pr=javvin.me&user_keywords=&auc_type=1&aid=291&ext_cid=0&device_theme=light&keywords=&label_ids=101,4&conditions=dch_ip,tz_offset&need_redirect_show=0&cpa=6939b98b-4329-46d7-8360-15722ae18fa0&format=compact2-slide-b_r-embed
168.119.25.22200 OK 0 B URL HTTP/2 af158e4bd8.7b39be508c.com/in/show/?mid=5256984811639299728&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=76099205&sid=3054775692&cid=2928&price=0.0001425&is_cpm=0&cpm=0&ecpm=0.0014044534569618294&crid=71516&crtid=ffd3520af8e288840ea28728931eb82f&tcid=0&out_id=0&ver=8.20.1&ver_c=&refdom=tsyndicate.com&hostname=auc-inpage-hz-3-b&site_id=3118774&spot_id=18774&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1674698270&created_at=2023-01-25&is_native=1&auction_queue=0&burl=PbRhtaS0I4V26a9rFmQHUt9EBZ1TJtCRlf5Se_XSmmOHebg6Jvdy0w&pop_winurl=&ip=91.90.42.154&testab=0&px_id=3118774&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=mq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0018782683768608663&placement_type_id=&skin_test=0&verify_hash=c6d5d83da6b2fa92c9f84f1e1e5102b3&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D76099205%26spot_id%3D18774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Ftsyndicate.com%252F%26idzone%3D0%26sid%3D1546&ml=&tag_ab=a&original_bid=0.0001425&user_fp=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=1ACofPTY1Iqp-OEqNxwasrLGtx9iz1nUmDGNPUC8fcPcutBTGlKGHY6Tc-RB1Nefbxnpf-Xz38v1jECCZGW2g33U9H2ZCr-bINHBbGdGwzpgJ0PEw8k8JjVFb83uV1wx7NXaJk0LFSlnQEuynwdmjoVfDAJE5d12VXtre9hE5NLwMD7JF1x3QksvWIZDl5QGepewFV4s_cYV8T8atShVxnvphbln-af_g6tK0Zko_S8o372pF-NuZPhUvcxGR_yE7fUdKeTCTDQH3s9XnsOlFGY1ROt_5XVUIoVxNLolnhmsbgEoyrLp1xY_vUSzkz0Jhi8zOVvEVQCvmZeKaIxRYT4qkg8UmqTReAKrp7bthJx_0AQKxHVNnZbkXh8UvDPWpBZfdFkwyC81z1ejKrKJSFpzrMQZzIKYrEC7961tVcgy2OA04qAeRqBWgZ3FgYC99N4v4R1XlhLXx19JR4asomxH_qs-P1Lgid6cqhhzXIgIER4z1YdlDwJEq2PN24sb1JDNyOm1iM6qOR5qdVlF7wmVYbBL8Unr1U4-gJyJlH1a_J6pMlGTFbDl-E8eDYRvnhFKQjK1W9L62EFve0W6-JJw6l-qQXSb8sM0rkrkz-jb_Pso-aS5pwWQ6X8E-hsUnRZPRlNCwkskAqM5IRSY2RPGrvZzHi5Dx42So4RXN-r8rXP4PM3iw27NmnenGMwIaMuse13YjWiRjQ&image_url=https%3A%2F%2Fimgdelnw.com%2Fie%3Fv%3D4%26c%3DmhFfs3YQUiLHGLKMWQFeS_n3hcMXegVvnwa7M-vwHPoJ-YlXu4mBuHVt5r5VhU4lNufgZu3MIUaOdZXSzAHp9qm6CQ70olrIK9SlrR3RVzwxgDX2SihLkGtIhCJVagHaHz2bnP-Q2i0TWocexLgFs0_HVa61SciCFSnIdF3uPnEqBD6_19gksl2s7L5wrji5xCiIaztzOJRcylTb7edZExEjfg-CbpRP2_BfTfLBJVEirYloyY7fxyKm7ZmYikIAgLj4oNKZKfoDIjlJZbSy4FhT2P09gniQ6V-fIbRSottVpZkH0GUdgtGvitNCZug17NFoDoJFw27CfeJbGqbCpKQw7ZopFKmw1Unfl_HJcSLY6VLtjoxiyt50EuQDTKku5TJKDMjrc2e7qpok_uoteli-HxFmW66Q9wDfJiVFk2dM6AngO7AUDg0YubpesJaFucgunhs%3D&skin_id=25&vertical_id=4&real_bid=0.00013092899999999998&pr=javvin.me&user_keywords=&auc_type=1&aid=291&ext_cid=0&device_theme=light&keywords=&label_ids=101,4&conditions=dch_ip,tz_offset&need_redirect_show=0&cpa=6939b98b-4329-46d7-8360-15722ae18fa0&format=compact2-slide-b_r-embed
IP 168.119.25.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?mid=5256984811639299728&pid=0&site=native-push-adult&sc=NO&usage_type=DCH&subid=76099205&sid=3054775692&cid=2928&price=0.0001425&is_cpm=0&cpm=0&ecpm=0.0014044534569618294&crid=71516&crtid=ffd3520af8e288840ea28728931eb82f&tcid=0&out_id=0&ver=8.20.1&ver_c=&refdom=tsyndicate.com&hostname=auc-inpage-hz-3-b&site_id=3118774&spot_id=18774&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=1674698270&created_at=2023-01-25&is_native=1&auction_queue=0&burl=PbRhtaS0I4V26a9rFmQHUt9EBZ1TJtCRlf5Se_XSmmOHebg6Jvdy0w&pop_winurl=&ip=91.90.42.154&testab=0&px_id=3118774&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=mq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0018782683768608663&placement_type_id=&skin_test=0&verify_hash=c6d5d83da6b2fa92c9f84f1e1e5102b3&score=0&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D76099205%26spot_id%3D18774%26is_adult%3D1%26p%3Dhttps%253A%252F%252Ftsyndicate.com%252F%26idzone%3D0%26sid%3D1546&ml=&tag_ab=a&original_bid=0.0001425&user_fp=0&v2_track=0&is_pop_cpc=0&applied_features=main-skins-settings&url=1ACofPTY1Iqp-OEqNxwasrLGtx9iz1nUmDGNPUC8fcPcutBTGlKGHY6Tc-RB1Nefbxnpf-Xz38v1jECCZGW2g33U9H2ZCr-bINHBbGdGwzpgJ0PEw8k8JjVFb83uV1wx7NXaJk0LFSlnQEuynwdmjoVfDAJE5d12VXtre9hE5NLwMD7JF1x3QksvWIZDl5QGepewFV4s_cYV8T8atShVxnvphbln-af_g6tK0Zko_S8o372pF-NuZPhUvcxGR_yE7fUdKeTCTDQH3s9XnsOlFGY1ROt_5XVUIoVxNLolnhmsbgEoyrLp1xY_vUSzkz0Jhi8zOVvEVQCvmZeKaIxRYT4qkg8UmqTReAKrp7bthJx_0AQKxHVNnZbkXh8UvDPWpBZfdFkwyC81z1ejKrKJSFpzrMQZzIKYrEC7961tVcgy2OA04qAeRqBWgZ3FgYC99N4v4R1XlhLXx19JR4asomxH_qs-P1Lgid6cqhhzXIgIER4z1YdlDwJEq2PN24sb1JDNyOm1iM6qOR5qdVlF7wmVYbBL8Unr1U4-gJyJlH1a_J6pMlGTFbDl-E8eDYRvnhFKQjK1W9L62EFve0W6-JJw6l-qQXSb8sM0rkrkz-jb_Pso-aS5pwWQ6X8E-hsUnRZPRlNCwkskAqM5IRSY2RPGrvZzHi5Dx42So4RXN-r8rXP4PM3iw27NmnenGMwIaMuse13YjWiRjQ&image_url=https%3A%2F%2Fimgdelnw.com%2Fie%3Fv%3D4%26c%3DmhFfs3YQUiLHGLKMWQFeS_n3hcMXegVvnwa7M-vwHPoJ-YlXu4mBuHVt5r5VhU4lNufgZu3MIUaOdZXSzAHp9qm6CQ70olrIK9SlrR3RVzwxgDX2SihLkGtIhCJVagHaHz2bnP-Q2i0TWocexLgFs0_HVa61SciCFSnIdF3uPnEqBD6_19gksl2s7L5wrji5xCiIaztzOJRcylTb7edZExEjfg-CbpRP2_BfTfLBJVEirYloyY7fxyKm7ZmYikIAgLj4oNKZKfoDIjlJZbSy4FhT2P09gniQ6V-fIbRSottVpZkH0GUdgtGvitNCZug17NFoDoJFw27CfeJbGqbCpKQw7ZopFKmw1Unfl_HJcSLY6VLtjoxiyt50EuQDTKku5TJKDMjrc2e7qpok_uoteli-HxFmW66Q9wDfJiVFk2dM6AngO7AUDg0YubpesJaFucgunhs%3D&skin_id=25&vertical_id=4&real_bid=0.00013092899999999998&pr=javvin.me&user_keywords=&auc_type=1&aid=291&ext_cid=0&device_theme=light&keywords=&label_ids=101,4&conditions=dch_ip,tz_offset&need_redirect_show=0&cpa=6939b98b-4329-46d7-8360-15722ae18fa0&format=compact2-slide-b_r-embed HTTP/1.1
Host: af158e4bd8.7b39be508c.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 25 Jan 2023 09:57:51 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0d67ee16471e318879bf2d6205106588
61aa9300e6f47ed933bd5028a95abac82d24d126
2183c6fa2fbe5cacd8479247fa5aeed4fe1ad09bc1b246f052525aa786d87d31
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2183C6FA2FBE5CACD8479247FA5AEED4FE1AD09BC1B246F052525AA786D87D31"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16530
Expires: Wed, 25 Jan 2023 14:33:22 GMT
Date: Wed, 25 Jan 2023 09:57:52 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0d67ee16471e318879bf2d6205106588
61aa9300e6f47ed933bd5028a95abac82d24d126
2183c6fa2fbe5cacd8479247fa5aeed4fe1ad09bc1b246f052525aa786d87d31
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2183C6FA2FBE5CACD8479247FA5AEED4FE1AD09BC1B246F052525AA786D87D31"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16530
Expires: Wed, 25 Jan 2023 14:33:22 GMT
Date: Wed, 25 Jan 2023 09:57:52 GMT
Connection: keep-alive
imgdelnw.com/ie?v=4&c=mhFfs3YQUiLHGLKMWQFeS_n3hcMXegVvnwa7M-vwHPoJ-YlXu4mBuHVt5r5VhU4lNufgZu3MIUaOdZXSzAHp9qm6CQ70olrIK9SlrR3RVzwxgDX2SihLkGtIhCJVagHaHz2bnP-Q2i0TWocexLgFs0_HVa61SciCFSnIdF3uPnEqBD6_19gksl2s7L5wrji5xCiIaztzOJRcylTb7edZExEjfg-CbpRP2_BfTfLBJVEirYloyY7fxyKm7ZmYikIAgLj4oNKZKfoDIjlJZbSy4FhT2P09gniQ6V-fIbRSottVpZkH0GUdgtGvitNCZug17NFoDoJFw27CfeJbGqbCpKQw7ZopFKmw1Unfl_HJcSLY6VLtjoxiyt50EuQDTKku5TJKDMjrc2e7qpok_uoteli-HxFmW66Q9wDfJiVFk2dM6AngO7AUDg0YubpesJaFucgunhs=
213.239.207.252301 Moved Permanently 0 B URL HTTP/1.1 imgdelnw.com/ie?v=4&c=mhFfs3YQUiLHGLKMWQFeS_n3hcMXegVvnwa7M-vwHPoJ-YlXu4mBuHVt5r5VhU4lNufgZu3MIUaOdZXSzAHp9qm6CQ70olrIK9SlrR3RVzwxgDX2SihLkGtIhCJVagHaHz2bnP-Q2i0TWocexLgFs0_HVa61SciCFSnIdF3uPnEqBD6_19gksl2s7L5wrji5xCiIaztzOJRcylTb7edZExEjfg-CbpRP2_BfTfLBJVEirYloyY7fxyKm7ZmYikIAgLj4oNKZKfoDIjlJZbSy4FhT2P09gniQ6V-fIbRSottVpZkH0GUdgtGvitNCZug17NFoDoJFw27CfeJbGqbCpKQw7ZopFKmw1Unfl_HJcSLY6VLtjoxiyt50EuQDTKku5TJKDMjrc2e7qpok_uoteli-HxFmW66Q9wDfJiVFk2dM6AngO7AUDg0YubpesJaFucgunhs=
IP 213.239.207.252:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=mhFfs3YQUiLHGLKMWQFeS_n3hcMXegVvnwa7M-vwHPoJ-YlXu4mBuHVt5r5VhU4lNufgZu3MIUaOdZXSzAHp9qm6CQ70olrIK9SlrR3RVzwxgDX2SihLkGtIhCJVagHaHz2bnP-Q2i0TWocexLgFs0_HVa61SciCFSnIdF3uPnEqBD6_19gksl2s7L5wrji5xCiIaztzOJRcylTb7edZExEjfg-CbpRP2_BfTfLBJVEirYloyY7fxyKm7ZmYikIAgLj4oNKZKfoDIjlJZbSy4FhT2P09gniQ6V-fIbRSottVpZkH0GUdgtGvitNCZug17NFoDoJFw27CfeJbGqbCpKQw7ZopFKmw1Unfl_HJcSLY6VLtjoxiyt50EuQDTKku5TJKDMjrc2e7qpok_uoteli-HxFmW66Q9wDfJiVFk2dM6AngO7AUDg0YubpesJaFucgunhs= HTTP/1.1
Host: imgdelnw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Wed, 25 Jan 2023 09:57:51 GMT
content-length: 0
location: https://img.vmmcdn.com/get/69765037/238426_image.jpg
x-app-id: 12
imgdelnw.com/ie?v=4&c=LWc5g2_Uj3poq2iD7qj8V-zXGiNIzZOiHiQ8aldNEwdIbMvcS9ypxK94rldtoeY10ZluFiqK9KMk8YF7_a5j_NdxdszGFt974dUarELkbO_NwSPv9Ncf0HnVBoAP2PYTKVvyfurtj0kwbBJBnYZeRjA-TTVGa8C5qY049FX8Ml7dlczpJU7Okpt-C6uzpCGQlG5fh7rU42hjNj26gD6GjE5vH_Qv8gVBR_f5LbGJJ1eCgK224mF6LeDW9Yah1YJk10S-C7-01xo-x6GqfbNZup2BtXNnsioPmy6t4Gw85mbzBoGVHmHI5Q9TUj4-CVfAfh9_eFNJ4Li8_EsQoyT81mbinI5IcemxTLQDUe0B0FjwED_iAbovCG2wHU_4kNkAIRZ5ohGcUvID7WS-YvtqEtAZOyswZVAjSXVnv37gLnvaP8G33PN9TXONPjHxsGqwjJzd&v1=531&v2=71516&cpa=d71f85ba-7cfd-46a1-a2dd-6112b7d57a89&format=compact2-slide-b_r-embed
213.239.207.252301 Moved Permanently 0 B URL HTTP/1.1 imgdelnw.com/ie?v=4&c=LWc5g2_Uj3poq2iD7qj8V-zXGiNIzZOiHiQ8aldNEwdIbMvcS9ypxK94rldtoeY10ZluFiqK9KMk8YF7_a5j_NdxdszGFt974dUarELkbO_NwSPv9Ncf0HnVBoAP2PYTKVvyfurtj0kwbBJBnYZeRjA-TTVGa8C5qY049FX8Ml7dlczpJU7Okpt-C6uzpCGQlG5fh7rU42hjNj26gD6GjE5vH_Qv8gVBR_f5LbGJJ1eCgK224mF6LeDW9Yah1YJk10S-C7-01xo-x6GqfbNZup2BtXNnsioPmy6t4Gw85mbzBoGVHmHI5Q9TUj4-CVfAfh9_eFNJ4Li8_EsQoyT81mbinI5IcemxTLQDUe0B0FjwED_iAbovCG2wHU_4kNkAIRZ5ohGcUvID7WS-YvtqEtAZOyswZVAjSXVnv37gLnvaP8G33PN9TXONPjHxsGqwjJzd&v1=531&v2=71516&cpa=d71f85ba-7cfd-46a1-a2dd-6112b7d57a89&format=compact2-slide-b_r-embed
IP 213.239.207.252:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=LWc5g2_Uj3poq2iD7qj8V-zXGiNIzZOiHiQ8aldNEwdIbMvcS9ypxK94rldtoeY10ZluFiqK9KMk8YF7_a5j_NdxdszGFt974dUarELkbO_NwSPv9Ncf0HnVBoAP2PYTKVvyfurtj0kwbBJBnYZeRjA-TTVGa8C5qY049FX8Ml7dlczpJU7Okpt-C6uzpCGQlG5fh7rU42hjNj26gD6GjE5vH_Qv8gVBR_f5LbGJJ1eCgK224mF6LeDW9Yah1YJk10S-C7-01xo-x6GqfbNZup2BtXNnsioPmy6t4Gw85mbzBoGVHmHI5Q9TUj4-CVfAfh9_eFNJ4Li8_EsQoyT81mbinI5IcemxTLQDUe0B0FjwED_iAbovCG2wHU_4kNkAIRZ5ohGcUvID7WS-YvtqEtAZOyswZVAjSXVnv37gLnvaP8G33PN9TXONPjHxsGqwjJzd&v1=531&v2=71516&cpa=d71f85ba-7cfd-46a1-a2dd-6112b7d57a89&format=compact2-slide-b_r-embed HTTP/1.1
Host: imgdelnw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Wed, 25 Jan 2023 09:57:51 GMT
content-length: 0
location: https://img.vmmcdn.com/get/1684855/238426_icon.png
x-app-id: 12
static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
88.198.136.228200 OK 790 B URL HTTP/2 static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
IP 88.198.136.228:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 65156a660e465299370ebd90d84aa461
12ff60b17f579a77e42a8be7b6b1892fc71be33d
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18
GET /creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 25 Jan 2023 09:57:52 GMT
content-type: image/webp
content-length: 790
last-modified: Tue, 24 Nov 2020 14:20:43 GMT
etag: "5fbd16bb-316"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?mlf=1&cpa=33b33e34-e735-4913-b020-6aa118b9ca45&mlc=1&format=compact2-slide-b_r-embed
88.198.136.228200 OK 790 B URL HTTP/2 static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?mlf=1&cpa=33b33e34-e735-4913-b020-6aa118b9ca45&mlc=1&format=compact2-slide-b_r-embed
IP 88.198.136.228:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 65156a660e465299370ebd90d84aa461
12ff60b17f579a77e42a8be7b6b1892fc71be33d
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18
GET /creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp?mlf=1&cpa=33b33e34-e735-4913-b020-6aa118b9ca45&mlc=1&format=compact2-slide-b_r-embed HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 25 Jan 2023 09:57:52 GMT
content-type: image/webp
content-length: 790
last-modified: Tue, 24 Nov 2020 14:20:43 GMT
etag: "5fbd16bb-316"
cache-control: public, max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76bd84a3c5132e14b080b752b5651691
62906793b74f3439700d80c6e4cc08867a7a142b
c122c7f04fc379ce1b83e4c442d94b93a91f5b74e276836302b1af484c282cc0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C122C7F04FC379CE1B83E4C442D94B93A91F5B74E276836302B1AF484C282CC0"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10569
Expires: Wed, 25 Jan 2023 12:54:01 GMT
Date: Wed, 25 Jan 2023 09:57:52 GMT
Connection: keep-alive
img.vmmcdn.com/get/69765037/238426_image.jpg
138.201.51.142200 OK 33 kB URL HTTP/1.1 img.vmmcdn.com/get/69765037/238426_image.jpg
IP 138.201.51.142:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 720x480, components 3\012- data
Hash 6b5dbf2358be02be76801a978fd38abb
21d126b32e108ef28c162fa77db6b7289c846156
c96153fed9a4d8aa6d9972ace3e091ff7cf4eb13c804d5d122de9ab1a5fcb65d
GET /get/69765037/238426_image.jpg HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 25 Jan 2023 09:57:52 GMT
Content-Type: image/jpeg
Content-Length: 33133
Connection: keep-alive
Last-Modified: Sun, 18 Dec 2022 10:47:54 GMT
Cache-Control: public, max-age=604800
ETag: "639eefda-816d"
X-Proxy-Cache: HIT
Accept-Ranges: bytes
img.vmmcdn.com/get/1684855/238426_icon.png
138.201.51.142200 OK 59 kB URL HTTP/1.1 img.vmmcdn.com/get/1684855/238426_icon.png
IP 138.201.51.142:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 669eb036e71ef2df4b1a7d3fa9e5ebb7
6a8686b1ce7276b8c6732245e340dbe38b30eb04
89edf6961767b760b3ff755a803457eee41b5f2df863cdeca95165bf4a126732
GET /get/1684855/238426_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 25 Jan 2023 09:57:52 GMT
Content-Type: image/png
Content-Length: 59035
Connection: keep-alive
Last-Modified: Sun, 18 Dec 2022 10:47:54 GMT
Cache-Control: public, max-age=604800
ETag: "639eefda-e69b"
X-Proxy-Cache: HIT
Accept-Ranges: bytes
466c1dd533.d3facc45b5.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IiwiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxNjMwMjI1NDA5IiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6NDg1MjksIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjp0cnVlLCJyZWZkb21haW4iOiJqYXZ2aW4ubWUiLCJwbCI6MCwic3RyYXRhZ2VtIjoibmxhYmVsLWEiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM5NzIsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiI0ODUyOSIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly9qYXZ2aW4ubWUvIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6ImIwMTQzNTE4ZTg0MWIyNDcwYWY4NGQ4NmUxYjA5ZDNiIiwiZnAiOm51bGx9LCJleHQiOnsiZHQiOjE2NzQ2NDA2NzE1MzN9fQ==
159.69.163.6302 Found 0 B URL HTTP/2 466c1dd533.d3facc45b5.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IiwiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxNjMwMjI1NDA5IiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6NDg1MjksIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjp0cnVlLCJyZWZkb21haW4iOiJqYXZ2aW4ubWUiLCJwbCI6MCwic3RyYXRhZ2VtIjoibmxhYmVsLWEiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM5NzIsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiI0ODUyOSIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly9qYXZ2aW4ubWUvIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6ImIwMTQzNTE4ZTg0MWIyNDcwYWY4NGQ4NmUxYjA5ZDNiIiwiZnAiOm51bGx9LCJleHQiOnsiZHQiOjE2NzQ2NDA2NzE1MzN9fQ==
IP 159.69.163.6:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImEiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IiwiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxNjMwMjI1NDA5IiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6NDg1MjksIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjp0cnVlLCJyZWZkb21haW4iOiJqYXZ2aW4ubWUiLCJwbCI6MCwic3RyYXRhZ2VtIjoibmxhYmVsLWEiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM5NzIsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiI0ODUyOSIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly9qYXZ2aW4ubWUvIn0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6ImIwMTQzNTE4ZTg0MWIyNDcwYWY4NGQ4NmUxYjA5ZDNiIiwiZnAiOm51bGx9LCJleHQiOnsiZHQiOjE2NzQ2NDA2NzE1MzN9fQ== HTTP/1.1
Host: 466c1dd533.d3facc45b5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Wed, 25 Jan 2023 09:57:53 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://rtbrennab.com/banner/in/show/?mid=1224757119446859356&pid=0&site=48529&sc=NO&usage_type=DCH&subid=1630225409&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=javvin.me&hostname=auc-banner-hz-2&site_id=0&spot_id=48529&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=25.0918101069592&ml=&tag_ab=a&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D48529%26source%3D1630225409%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D48529%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3D%2C%26spot_id%3D48529%26p%3Dhttps%253A%252F%252Fjavvin.me%252F%26katds_labels%3D%26btype%3D0%26score%3D25.0918101069592%26bf%3D0.0001&pr=javvin.me&bid_crid=&bid_cid=&is_iframe=1&ad_tags=,&stratagem=nlabel-a&ssp=3972
X-Firefox-Spdy: h2
rtbrennab.com/banner/in/show/?mid=1224757119446859356&pid=0&site=48529&sc=NO&usage_type=DCH&subid=1630225409&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=javvin.me&hostname=auc-banner-hz-2&site_id=0&spot_id=48529&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=25.0918101069592&ml=&tag_ab=a&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D48529%26source%3D1630225409%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D48529%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3D%2C%26spot_id%3D48529%26p%3Dhttps%253A%252F%252Fjavvin.me%252F%26katds_labels%3D%26btype%3D0%26score%3D25.0918101069592%26bf%3D0.0001&pr=javvin.me&bid_crid=&bid_cid=&is_iframe=1&ad_tags=,&stratagem=nlabel-a&ssp=3972
162.55.139.130302 Found 0 B URL HTTP/2 rtbrennab.com/banner/in/show/?mid=1224757119446859356&pid=0&site=48529&sc=NO&usage_type=DCH&subid=1630225409&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=javvin.me&hostname=auc-banner-hz-2&site_id=0&spot_id=48529&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=25.0918101069592&ml=&tag_ab=a&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D48529%26source%3D1630225409%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D48529%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3D%2C%26spot_id%3D48529%26p%3Dhttps%253A%252F%252Fjavvin.me%252F%26katds_labels%3D%26btype%3D0%26score%3D25.0918101069592%26bf%3D0.0001&pr=javvin.me&bid_crid=&bid_cid=&is_iframe=1&ad_tags=,&stratagem=nlabel-a&ssp=3972
IP 162.55.139.130:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner/in/show/?mid=1224757119446859356&pid=0&site=48529&sc=NO&usage_type=DCH&subid=1630225409&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=javvin.me&hostname=auc-banner-hz-2&site_id=0&spot_id=48529&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=25.0918101069592&ml=&tag_ab=a&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D48529%26source%3D1630225409%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D48529%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3D%2C%26spot_id%3D48529%26p%3Dhttps%253A%252F%252Fjavvin.me%252F%26katds_labels%3D%26btype%3D0%26score%3D25.0918101069592%26bf%3D0.0001&pr=javvin.me&bid_crid=&bid_cid=&is_iframe=1&ad_tags=,&stratagem=nlabel-a&ssp=3972 HTTP/1.1
Host: rtbrennab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tsyndicate.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 25 Jan 2023 09:57:53 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://btds.zog.link/in/912/?sid=48529&source=1630225409&idzone=0&w=1&h=1&mo=&ve=&site_id=48529&utm1=&utm2=&utm3=&utm4=&ad_tags=,&spot_id=48529&p=https%3A%2F%2Fjavvin.me%2F&katds_labels=&btype=0&score=25.0918101069592&bf=0.0001
X-Firefox-Spdy: h2
btds.zog.link/in/912/?sid=48529&source=1630225409&idzone=0&w=1&h=1&mo=&ve=&site_id=48529&utm1=&utm2=&utm3=&utm4=&ad_tags=,&spot_id=48529&p=https%3A%2F%2Fjavvin.me%2F&katds_labels=&btype=0&score=25.0918101069592&bf=0.0001
109.206.191.198302 Found 0 B URL HTTP/2 btds.zog.link/in/912/?sid=48529&source=1630225409&idzone=0&w=1&h=1&mo=&ve=&site_id=48529&utm1=&utm2=&utm3=&utm4=&ad_tags=,&spot_id=48529&p=https%3A%2F%2Fjavvin.me%2F&katds_labels=&btype=0&score=25.0918101069592&bf=0.0001
IP 109.206.191.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/912/?sid=48529&source=1630225409&idzone=0&w=1&h=1&mo=&ve=&site_id=48529&utm1=&utm2=&utm3=&utm4=&ad_tags=,&spot_id=48529&p=https%3A%2F%2Fjavvin.me%2F&katds_labels=&btype=0&score=25.0918101069592&bf=0.0001 HTTP/1.1
Host: btds.zog.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tsyndicate.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.20.1
date: Wed, 25 Jan 2023 09:57:53 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://cdn.1vag.com/1x1.png
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 912.0=1; expires=Thu, 26 Jan 2023 09:57:53 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 26d1ffe16543af8e18fc30b7bc7da050
cbe2d3390591d3efcc5adff1d3c20c2dc4050219
6a011bde70b592a06eb7118f7eafc11aef2de24dd45ebdee81e9e7d3b757b065
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A011BDE70B592A06EB7118F7EAFC11AEF2DE24DD45EBDEE81E9E7D3B757B065"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19883
Expires: Wed, 25 Jan 2023 15:29:16 GMT
Date: Wed, 25 Jan 2023 09:57:53 GMT
Connection: keep-alive
cdn.1vag.com/1x1.png
45.133.44.25200 OK 68 B IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /1x1.png HTTP/1.1
Host: cdn.1vag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tsyndicate.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:53 GMT
content-type: image/png
content-length: 68
server: nginx/1.20.1
last-modified: Wed, 15 Apr 2020 13:30:15 GMT
etag: "5e970c67-44"
cache-control: max-age=3600
x-request-id: e0cea73041c202c45e6ab3a8b14597f5
expires: Wed, 25 Jan 2023 10:57:53 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
adxadserv.com/px/heartbeat/v1?pv_uid=62ec39ff-4411-4aa8-a62a-b5581955149d&t_op=5.307&p_nn=adxad-rtb&fpid_sa=1674640667771&fpid=bc43f01a151639d4c69739dcaca30e3b&feid_sa=1674640667771&sid_sa=1674640667771&feid=50c1c6d3600ff87baca384717c3bd96a&sid=cc7bf17d8b75abbfe5c724a7a055c9d6&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=tsyndicate.com&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=16&dm=-1&dt=2&ed=0&sr=5497558139882&fb=10384
185.98.53.29200 OK 0 B URL HTTP/1.1 adxadserv.com/px/heartbeat/v1?pv_uid=62ec39ff-4411-4aa8-a62a-b5581955149d&t_op=5.307&p_nn=adxad-rtb&fpid_sa=1674640667771&fpid=bc43f01a151639d4c69739dcaca30e3b&feid_sa=1674640667771&sid_sa=1674640667771&feid=50c1c6d3600ff87baca384717c3bd96a&sid=cc7bf17d8b75abbfe5c724a7a055c9d6&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=tsyndicate.com&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=16&dm=-1&dt=2&ed=0&sr=5497558139882&fb=10384
IP 185.98.53.29:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /px/heartbeat/v1?pv_uid=62ec39ff-4411-4aa8-a62a-b5581955149d&t_op=5.307&p_nn=adxad-rtb&fpid_sa=1674640667771&fpid=bc43f01a151639d4c69739dcaca30e3b&feid_sa=1674640667771&sid_sa=1674640667771&feid=50c1c6d3600ff87baca384717c3bd96a&sid=cc7bf17d8b75abbfe5c724a7a055c9d6&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=tsyndicate.com&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=16&dm=-1&dt=2&ed=0&sr=5497558139882&fb=10384 HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1
Origin: https://ads.adxadserv.com
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 25 Jan 2023 09:57:55 GMT
Content-Length: 0
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb6c1403a1d3c878c08ccaf17f8b3d0a
7596b783e0da5fba63c49374933eccffc223d729
1524dbef51237950d4a14a0e2e053fad933dd92ee0831e2de5c45513122f1d58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6026
x-amzn-requestid: 4b05d7f7-783f-4a79-9eed-bbbeb53bc677
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRQ-QHmZIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d061f4-721f473c5c8dadd163ca7689;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 22:55:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uuhyzrUcYv-zqjLZvGNYsUuAhCW2vkKpEhQQKlmfSgHDtKz0jD2PNQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 23:18:31 GMT
age: 38366
etag: "7596b783e0da5fba63c49374933eccffc223d729"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
na.nawpush.com/tags/27211?version_name=a
45.133.44.25200 OK 0 B URL HTTP/2 na.nawpush.com/tags/27211?version_name=a
IP 45.133.44.25:0
ASN #39572 DataWeb Global Group B.V.
GET /tags/27211?version_name=a HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tsyndicate.com
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.wpadmngr.com/static/adManager.js
45.133.44.24200 OK 0 B URL HTTP/2 js.wpadmngr.com/static/adManager.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 05 Dec 2022 13:37:26 GMT
etag: W/"638df416-4dd"
content-encoding: gzip
expires: Wed, 25 Jan 2023 10:02:49 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.adxadserv.com/css/wm.css
185.76.9.24200 OK 0 B URL HTTP/2 static.adxadserv.com/css/wm.css
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /css/wm.css HTTP/1.1
Host: static.adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: text/css
last-modified: Mon, 03 Aug 2020 09:41:06 GMT
etag: W/"5f27dbb2-711"
x-accel-expires: @1674982900
server: CDN77-Turbo
x-77-nzt: AblMCRToPcf/KZkKAA
x-77-nzt-ray: af585630465b03ea1dfdd06305a27c23
x-cache: HIT
x-age: 694569
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
static.javhd.com/h5/files/10592/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F7dd524f6-5653-4001-b2c7-bd4477af0f42%3Fcv1%3Db9da75be-9c96-11ed-8703-e25a5bb9767f%26cv9%3D6284ab4761d6e2176f0243c1%26externalId%3Db9da75be-9c96-11ed-8703-e25a5bb9767f%26p%3DeyJiIjoyNzIyNTIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIxNDIwfQ
185.76.9.19200 OK 0 B URL HTTP/2 static.javhd.com/h5/files/10592/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F7dd524f6-5653-4001-b2c7-bd4477af0f42%3Fcv1%3Db9da75be-9c96-11ed-8703-e25a5bb9767f%26cv9%3D6284ab4761d6e2176f0243c1%26externalId%3Db9da75be-9c96-11ed-8703-e25a5bb9767f%26p%3DeyJiIjoyNzIyNTIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIxNDIwfQ
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
GET /h5/files/10592/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F7dd524f6-5653-4001-b2c7-bd4477af0f42%3Fcv1%3Db9da75be-9c96-11ed-8703-e25a5bb9767f%26cv9%3D6284ab4761d6e2176f0243c1%26externalId%3Db9da75be-9c96-11ed-8703-e25a5bb9767f%26p%3DeyJiIjoyNzIyNTIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIxNDIwfQ HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trwl1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: text/html
last-modified: Tue, 07 May 2019 11:54:04 GMT
etag: W/"5cd171dc-11e4"
expires: Fri, 24 Feb 2023 09:57:49 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1677232669
server: CDN77-Turbo
x-77-nzt: AblMCQ39EP2h
x-77-nzt-ray: c0a4cc284e84fb271dfdd063e93da237
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
js.canstrm.com/in-stream-ad-admanager/build.js
45.133.44.24200 OK 0 B URL HTTP/2 js.canstrm.com/in-stream-ad-admanager/build.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /in-stream-ad-admanager/build.js HTTP/1.1
Host: js.canstrm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 12 Jan 2023 13:39:12 GMT
etag: W/"63c00d80-50dc"
content-encoding: gzip
expires: Wed, 25 Jan 2023 10:02:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.javvin.me/v1/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
188.114.96.1200 OK 0 B URL HTTP/2 cdn.javvin.me/v1/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 188.114.96.1:0
GET /v1/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 07 Oct 2019 19:27:34 GMT
etag: W/"5d9b91a6-17a62"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 710046
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjdJUhcoZDbk415Zm0SC7lVfk%2BxQc9r7jt2Ctn2P5Zvvn1Z3egT1vFc%2FXDa5CxX8uvzb2q0DRvRCydTLSllKHxC6TotpvEexB6tf1x4oH%2Fyn6tFI19Ghr0jIQDQi8lF5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f025939c5db51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.javhd.com/h5/files/js/video.js
185.76.9.19200 OK 0 B URL HTTP/2 static.javhd.com/h5/files/js/video.js
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
GET /h5/files/js/video.js HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/10592/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F7dd524f6-5653-4001-b2c7-bd4477af0f42%3Fcv1%3Db9da75be-9c96-11ed-8703-e25a5bb9767f%26cv9%3D6284ab4761d6e2176f0243c1%26externalId%3Db9da75be-9c96-11ed-8703-e25a5bb9767f%26p%3DeyJiIjoyNzIyNTIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIxNDIwfQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:50 GMT
content-type: application/x-javascript
last-modified: Tue, 10 Nov 2015 10:24:20 GMT
etag: W/"5641c5d4-1cf02"
expires: Tue, 23 May 2023 11:05:24 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839924
server: CDN77-Turbo
x-77-nzt: AblMCQ38EWf/qpJFAQ
x-77-nzt-ray: c0a4cc284e84fb271efdd063f75fe002
x-cache: HIT
x-age: 21336746
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
static.javhd.com/h5/files/button/29-button.png
185.76.9.19200 OK 0 B URL HTTP/2 static.javhd.com/h5/files/button/29-button.png
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
GET /h5/files/button/29-button.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/10592/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F7dd524f6-5653-4001-b2c7-bd4477af0f42%3Fcv1%3Db9da75be-9c96-11ed-8703-e25a5bb9767f%26cv9%3D6284ab4761d6e2176f0243c1%26externalId%3Db9da75be-9c96-11ed-8703-e25a5bb9767f%26p%3DeyJiIjoyNzIyNTIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIxNDIwfQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:50 GMT
content-type: image/png
content-length: 733
last-modified: Tue, 22 Dec 2015 18:41:22 GMT
etag: "56799952-2dd"
expires: Tue, 23 May 2023 11:04:47 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839887
server: CDN77-Turbo
x-77-nzt: AblMCQ1TxZH/z5JFAQ
x-77-nzt-ray: c0a4cc284e84fb271efdd06317b31403
x-cache: HIT
x-age: 21336783
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans
IP 142.250.74.106:0
GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.javvin.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 25 Jan 2023 09:57:48 GMT
date: Wed, 25 Jan 2023 09:57:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tsyndicate.com/iframes2/d82b9592350d49a3bf7dab4164abf2a8.html?
168.119.1.208200 OK 0 B URL HTTP/2 tsyndicate.com/iframes2/d82b9592350d49a3bf7dab4164abf2a8.html?
IP 168.119.1.208:0
ASN #24940 Hetzner Online GmbH
GET /iframes2/d82b9592350d49a3bf7dab4164abf2a8.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-request-id: f4c526b2cbf98b7c
set-cookie: ts_uid=34c7baa9-fe43-4893-bd61-5adef743ce84; expires=Tue, 25 Jul 2023 09:57:49 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
tsyndicate.com/do2/09b3018b06a74c7baf6469b3f4d37c83/dynamic?format=jsonp&count=4&w=1280&h=1024&keywords=Watch,Video,JAV,STARS,Free,Jav,Porn,Height,Difference,Favorite,Big,Guys,Are,Appearing,One,After,Another,Insert,Immediately,JAVVIN,STARS,Free,Jav,Porn,Height,Difference,Favorite,Big,Guys,Are,Appearing,One,After,Another,Insert,Immediately,JAVVIN,stars,free,jav,porn,height,difference,favorite,big,guys,are,appearing,one,after,another,insert,immediately&adtype=label-under&tz=0&callback=callback_fm5AP
168.119.1.208200 OK 0 B URL HTTP/2 tsyndicate.com/do2/09b3018b06a74c7baf6469b3f4d37c83/dynamic?format=jsonp&count=4&w=1280&h=1024&keywords=Watch,Video,JAV,STARS,Free,Jav,Porn,Height,Difference,Favorite,Big,Guys,Are,Appearing,One,After,Another,Insert,Immediately,JAVVIN,STARS,Free,Jav,Porn,Height,Difference,Favorite,Big,Guys,Are,Appearing,One,After,Another,Insert,Immediately,JAVVIN,stars,free,jav,porn,height,difference,favorite,big,guys,are,appearing,one,after,another,insert,immediately&adtype=label-under&tz=0&callback=callback_fm5AP
IP 168.119.1.208:0
ASN #24940 Hetzner Online GmbH
GET /do2/09b3018b06a74c7baf6469b3f4d37c83/dynamic?format=jsonp&count=4&w=1280&h=1024&keywords=Watch,Video,JAV,STARS,Free,Jav,Porn,Height,Difference,Favorite,Big,Guys,Are,Appearing,One,After,Another,Insert,Immediately,JAVVIN,STARS,Free,Jav,Porn,Height,Difference,Favorite,Big,Guys,Are,Appearing,One,After,Another,Insert,Immediately,JAVVIN,stars,free,jav,porn,height,difference,favorite,big,guys,are,appearing,one,after,another,insert,immediately&adtype=label-under&tz=0&callback=callback_fm5AP HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: application/javascript; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-request-id: 748574e2f887f31e
set-cookie: ts_uid=59f58554-87ab-491c-bca8-dd72ea525736; expires=Tue, 25 Jul 2023 09:57:49 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
vast.yomeno.xyz/vast
109.206.175.85200 OK 0 B IP 109.206.175.85:0
POST /vast HTTP/1.1
Host: vast.yomeno.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 574
Origin: https://tsyndicate.com
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 25 Jan 2023 09:57:50 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: Accept-Encoding, *
access-control-allow-credentials: true
access-control-allow-origin: https://tsyndicate.com
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
javvin.me/video/xQAPn/stars-575-c-free-jav-porn-height-difference-40-cm-my-favorite-big-guys-are-appearing-one-after-another-insert-immediately
104.21.65.223200 OK 0 B URL HTTP/2 javvin.me/video/xQAPn/stars-575-c-free-jav-porn-height-difference-40-cm-my-favorite-big-guys-are-appearing-one-after-another-insert-immediately
IP 104.21.65.223:0
GET /video/xQAPn/stars-575-c-free-jav-porn-height-difference-40-cm-my-favorite-big-guys-are-appearing-one-after-another-insert-immediately HTTP/1.1
Host: javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=86400
cf-cache-status: MISS
last-modified: Wed, 25 Jan 2023 09:57:48 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ETvn7FX%2F5zEyn6goGs6oewjoSskG4Zp2wntCF%2FQ7hoqqzys2HwY08UWYLBQceymjWQTjUwWiZGpyEY1U8ocykAmKCWAdqp6UMVOUBbvco50KgkbbzhLRa1hQXA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f0258f19a4b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.javvin.me/v1/wp-content/themes/retrotube/assets/js/navigation.js?ver=1.0.0
188.114.96.1200 OK 0 B URL HTTP/2 cdn.javvin.me/v1/wp-content/themes/retrotube/assets/js/navigation.js?ver=1.0.0
IP 188.114.96.1:0
GET /v1/wp-content/themes/retrotube/assets/js/navigation.js?ver=1.0.0 HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 07 Oct 2019 19:27:38 GMT
etag: W/"5d9b91aa-54d"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 710045
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ea%2FfdQbNu088x5KXyJPlwQ98exaiVPQUCaBKc3YmyMtr64DfaXvyV54VNwr68EUZUuC4RowrDQ1NUjKmWhFRuFqsJV%2BCRNdKJxSD4UJ7S%2FZiQHZPdjtuEWflpRPtkolx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f025934bf1b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.javvin.me/v1/wp-includes/css/dist/block-library/style.min.css?ver=5.2.3
188.114.96.1200 OK 0 B URL HTTP/2 cdn.javvin.me/v1/wp-includes/css/dist/block-library/style.min.css?ver=5.2.3
IP 188.114.96.1:0
GET /v1/wp-includes/css/dist/block-library/style.min.css?ver=5.2.3 HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 07 Oct 2019 19:27:42 GMT
etag: W/"5d9b91ae-726f"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 710045
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Unz9Z6zX4M43O6tqEgYMNty02qKtoJ94vb3YmwUtygnQVVE30RmOAb9U1cNeu4YGt0F8xwJKSZ7lUOY39pnxFpZbjMXQe3TtCrZvK41KRJuEgZSDvDu0X571eoDyGv%2FT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f025939c5ab51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.wpushsdk.com/npc/sdk/wpu/csub.m.js
45.133.44.24200 OK 0 B URL HTTP/2 js.wpushsdk.com/npc/sdk/wpu/csub.m.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /npc/sdk/wpu/csub.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 07 Dec 2022 08:28:22 GMT
etag: W/"63904ea6-16019"
content-encoding: gzip
expires: Wed, 25 Jan 2023 10:02:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
go.xlivrdr.com/api/models/vast?campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=1aa4022af61bfad6ec7c637003dfb79b6edb7465c731eac0e6955245fc823c00&duration=00%3A00%3A30&endpoint=room&iterationId=397613&masterSmartpopId=2683&memberId=ooc4ASOoumtqutdVdTdRZXO6VzqpbXUzOodTK6V0rpXT1UU0uldK6V0zpXSuldK6Z0rpXTOc6amemieuWepxirBt3rmbePUP7nOldK6V0rpXSuldK6VwfYA-&p1=4581534&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=3918598&tag=-girls%2Findian&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=30208&videosList=oil-show11
104.18.59.150200 OK 0 B URL HTTP/2 go.xlivrdr.com/api/models/vast?campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=1aa4022af61bfad6ec7c637003dfb79b6edb7465c731eac0e6955245fc823c00&duration=00%3A00%3A30&endpoint=room&iterationId=397613&masterSmartpopId=2683&memberId=ooc4ASOoumtqutdVdTdRZXO6VzqpbXUzOodTK6V0rpXT1UU0uldK6V0zpXSuldK6Z0rpXTOc6amemieuWepxirBt3rmbePUP7nOldK6V0rpXSuldK6VwfYA-&p1=4581534&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=3918598&tag=-girls%2Findian&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=30208&videosList=oil-show11
IP 104.18.59.150:0
GET /api/models/vast?campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=1aa4022af61bfad6ec7c637003dfb79b6edb7465c731eac0e6955245fc823c00&duration=00%3A00%3A30&endpoint=room&iterationId=397613&masterSmartpopId=2683&memberId=ooc4ASOoumtqutdVdTdRZXO6VzqpbXUzOodTK6V0rpXT1UU0uldK6V0zpXSuldK6Z0rpXTOc6amemieuWepxirBt3rmbePUP7nOldK6V0rpXSuldK6VwfYA-&p1=4581534&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=3918598&tag=-girls%2Findian&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=30208&videosList=oil-show11 HTTP/1.1
Host: go.xlivrdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tsyndicate.com
Referer: https://tsyndicate.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:51 GMT
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://tsyndicate.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDfsBaY2bRYJiCdcdyuoKGiEHEbzX8smRnkMHSLax; SameSite=None; Secure; path=/; expires=Thu, 26-Jan-23 08:57:51 GMT; HttpOnly
server: cloudflare
cf-ray: 78f025a1dad7b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.wpushsdk.com/npc/sdk/wpu/npush.m.js
45.133.44.24200 OK 0 B URL HTTP/2 js.wpushsdk.com/npc/sdk/wpu/npush.m.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /npc/sdk/wpu/npush.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 20 Jan 2023 11:15:05 GMT
etag: W/"63ca77b9-4c6b2"
content-encoding: gzip
expires: Wed, 25 Jan 2023 10:02:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.javvin.me/v1/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
188.114.96.1200 OK 0 B URL HTTP/2 cdn.javvin.me/v1/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 188.114.96.1:0
GET /v1/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 07 Oct 2019 19:27:35 GMT
etag: W/"5d9b91a7-2748"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 710046
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FUE7wnacQOFBBPJCoIOD%2BL3LOubB0WB8NtznQ%2B7YkV4oyafizg80MdHevmGvDE54wfq%2FxrS5FR%2FBC94UPrCkitZM1i%2BOrk%2FEaAkAAqN%2FvejSj%2BmMn7hMpjMaQ%2FSDI6P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f025939c59b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tsyndicate.com/iframes2/f7cfb2e5234c4735ad862723742e517e.html?
168.119.1.208200 OK 0 B URL HTTP/2 tsyndicate.com/iframes2/f7cfb2e5234c4735ad862723742e517e.html?
IP 168.119.1.208:0
ASN #24940 Hetzner Online GmbH
GET /iframes2/f7cfb2e5234c4735ad862723742e517e.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-request-id: 8e0581c7609796a5
set-cookie: ts_uid=36989d43-9b49-4a4c-86ca-e66386d0b54d; expires=Tue, 25 Jul 2023 09:57:49 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
static.javhd.com/h5/files/css/style.css
185.76.9.19200 OK 0 B URL HTTP/2 static.javhd.com/h5/files/css/style.css
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
GET /h5/files/css/style.css HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/10592/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F7dd524f6-5653-4001-b2c7-bd4477af0f42%3Fcv1%3Db9da75be-9c96-11ed-8703-e25a5bb9767f%26cv9%3D6284ab4761d6e2176f0243c1%26externalId%3Db9da75be-9c96-11ed-8703-e25a5bb9767f%26p%3DeyJiIjoyNzIyNTIsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIxNDIwfQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:50 GMT
content-type: text/css
last-modified: Wed, 25 May 2016 08:29:12 GMT
etag: W/"57456258-7bd"
expires: Tue, 23 May 2023 11:04:47 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839887
server: CDN77-Turbo
x-77-nzt: AblMCQ3R/DD/z5JFAQ
x-77-nzt-ray: c0a4cc284e84fb271efdd063c5f1c802
x-cache: HIT
x-age: 21336783
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/88694088?wmode=7&page-url=https%3A%2F%2Fjavvin.me%2Fvideo%2FxQAPn%2Fstars-575-c-free-jav-porn-height-difference-40-cm-my-favorite-big-guys-are-appearing-one-after-another-insert-immediately&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1075%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1454603603316%3Ahid%3A930079043%3Az%3A0%3Ai%3A20230125095748%3Aet%3A1674640668%3Ac%3A1%3Arn%3A434263619%3Arqn%3A1%3Au%3A167464066880392961%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C28%2C379%2C0%2C192%2C0%2C%2C647%2C43%2C%2C%2C%2C1279%3Aco%3A0%3Ans%3A1674640665905%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674640668%3At%3ASTARS-575-C%20Free%20Jav%20Porn%20Height%20Difference%2040%20Cm%20My%20Favorite%20Big%20Guys%20Are%20Appearing%20One%20After%20Another%20Insert%20Immediately%20-%20JAVVIN.ME&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/88694088?wmode=7&page-url=https%3A%2F%2Fjavvin.me%2Fvideo%2FxQAPn%2Fstars-575-c-free-jav-porn-height-difference-40-cm-my-favorite-big-guys-are-appearing-one-after-another-insert-immediately&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1075%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1454603603316%3Ahid%3A930079043%3Az%3A0%3Ai%3A20230125095748%3Aet%3A1674640668%3Ac%3A1%3Arn%3A434263619%3Arqn%3A1%3Au%3A167464066880392961%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C28%2C379%2C0%2C192%2C0%2C%2C647%2C43%2C%2C%2C%2C1279%3Aco%3A0%3Ans%3A1674640665905%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674640668%3At%3ASTARS-575-C%20Free%20Jav%20Porn%20Height%20Difference%2040%20Cm%20My%20Favorite%20Big%20Guys%20Are%20Appearing%20One%20After%20Another%20Insert%20Immediately%20-%20JAVVIN.ME&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
GET /watch/88694088?wmode=7&page-url=https%3A%2F%2Fjavvin.me%2Fvideo%2FxQAPn%2Fstars-575-c-free-jav-porn-height-difference-40-cm-my-favorite-big-guys-are-appearing-one-after-another-insert-immediately&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1075%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1454603603316%3Ahid%3A930079043%3Az%3A0%3Ai%3A20230125095748%3Aet%3A1674640668%3Ac%3A1%3Arn%3A434263619%3Arqn%3A1%3Au%3A167464066880392961%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C28%2C379%2C0%2C192%2C0%2C%2C647%2C43%2C%2C%2C%2C1279%3Aco%3A0%3Ans%3A1674640665905%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674640668%3At%3ASTARS-575-C%20Free%20Jav%20Porn%20Height%20Difference%2040%20Cm%20My%20Favorite%20Big%20Guys%20Are%20Appearing%20One%20After%20Another%20Insert%20Immediately%20-%20JAVVIN.ME&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://javvin.me
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/88694088/1?wmode=7&page-url=https%3A%2F%2Fjavvin.me%2Fvideo%2FxQAPn%2Fstars-575-c-free-jav-porn-height-difference-40-cm-my-favorite-big-guys-are-appearing-one-after-another-insert-immediately&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1075%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1454603603316%3Ahid%3A930079043%3Az%3A0%3Ai%3A20230125095748%3Aet%3A1674640668%3Ac%3A1%3Arn%3A434263619%3Arqn%3A1%3Au%3A167464066880392961%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C28%2C379%2C0%2C192%2C0%2C%2C647%2C43%2C%2C%2C%2C1279%3Aco%3A0%3Ans%3A1674640665905%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674640668%3At%3ASTARS-575-C%20Free%20Jav%20Porn%20Height%20Difference%2040%20Cm%20My%20Favorite%20Big%20Guys%20Are%20Appearing%20One%20After%20Another%20Insert%20Immediately%20-%20JAVVIN.ME&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Wed, 25 Jan 2023 09:57:50 GMT
access-control-allow-origin: https://javvin.me
set-cookie: yabs-sid=1806734711674640670; Path=/; SameSite=None; Secure
i=TLGSDYJxGEDau4Ij2MoQX/HHcb+KYfEsS3wr6QVNATmPxyq3se+NCGFIaKPKZ8vLxMb2J8qUhEOupG7jGJk59xUj2LA=; Expires=Sat, 22-Jan-2033 09:57:39 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=2795930501674640670; Expires=Thu, 25-Jan-2024 09:57:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2795930501674640670; Expires=Thu, 25-Jan-2024 09:57:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706176670.yc.1674640670#1706176670.yrts.1674640670#1706176670.yrtsi.1674640670; Expires=Thu, 25-Jan-2024 09:57:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 25-Jan-2023 09:57:50 GMT
last-modified: Wed, 25-Jan-2023 09:57:50 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdn.javvin.me/v1/wp-content/themes/retrotube/assets/js/jquery.touchSwipe.min.js?ver=1.6.18
188.114.96.1200 OK 0 B URL HTTP/2 cdn.javvin.me/v1/wp-content/themes/retrotube/assets/js/jquery.touchSwipe.min.js?ver=1.6.18
IP 188.114.96.1:0
GET /v1/wp-content/themes/retrotube/assets/js/jquery.touchSwipe.min.js?ver=1.6.18 HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 07 Oct 2019 19:27:40 GMT
etag: W/"5d9b91ac-4fdb"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 710045
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egZd%2BdQiAfeV87TYWppyebD7ADqiQsRF8PLU2V8NKmdefcOIYKOT88K%2F%2F6euc%2BQ%2FUoaP4YAkwO9KMefLhS4AYP2FCaCbpk7ohseDf2THPZdPcUPr%2BnAuXS2YpHmeqrep"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f025935bfeb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.javvin.me/v1/wp-content/themes/retrotube/assets/js/jquery.bxslider.js?ver=4.2.12
188.114.96.1200 OK 0 B URL HTTP/2 cdn.javvin.me/v1/wp-content/themes/retrotube/assets/js/jquery.bxslider.js?ver=4.2.12
IP 188.114.96.1:0
GET /v1/wp-content/themes/retrotube/assets/js/jquery.bxslider.js?ver=4.2.12 HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 07 Oct 2019 19:27:39 GMT
etag: W/"5d9b91ab-8152"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 710045
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mqc87T0zTHLJV3jtlX%2FmjWOSh9fGCWfKU3bq1bDBGikr2RT067HXwZdRanXZhbhSEG0figHHJc4NFyDQh8%2F5neSovL4g6ArDfAqnIgOAKewKfa6yqO0ocoTmUekt6GlE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f025935bfdb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.javvin.me/v1/wp-content/plugins/wp-rocket-master/assets/js/lazyload/11.0.6/lazyload.min.js
188.114.96.1200 OK 0 B URL HTTP/2 cdn.javvin.me/v1/wp-content/plugins/wp-rocket-master/assets/js/lazyload/11.0.6/lazyload.min.js
IP 188.114.96.1:0
GET /v1/wp-content/plugins/wp-rocket-master/assets/js/lazyload/11.0.6/lazyload.min.js HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 07 Oct 2019 19:27:41 GMT
etag: W/"5d9b91ad-1499"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 710045
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nD54g7O%2Fp2hzjUqGrEPaWWZS1P4ywa6BQndGp9exfwfZIuQPwa4ZCFXcVlw1qYYdvKYWgdSVIvr14DnIEkWlFh0y3n7tqswgrbowr9puPXhyjLmBqd3F%2F%2FBqZKyXwZ1n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f025935c03b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.javvin.me/v1/wp-content/themes/retrotube/assets/js/main.js?ver=1.2.9
188.114.96.1200 OK 0 B URL HTTP/2 cdn.javvin.me/v1/wp-content/themes/retrotube/assets/js/main.js?ver=1.2.9
IP 188.114.96.1:0
GET /v1/wp-content/themes/retrotube/assets/js/main.js?ver=1.2.9 HTTP/1.1
Host: cdn.javvin.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://javvin.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:48 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 07 Oct 2019 19:27:40 GMT
etag: W/"5d9b91ac-6436"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
age: 710045
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPsnxI%2FoTP7Qyw6A4ZEWHDu8o93qQ5%2FuaNR5UNBusOSlr3k1rH0z3sJMs287PgWckSe2lW195TLgA%2FrCspgIUHhEKkZsIEY88Ypy2WeXvjSx9DizBrwujfdmvd9XDLCB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f025935bffb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.wpadmngr.com/static/adManager.m.js
45.133.44.24200 OK 0 B URL HTTP/2 js.wpadmngr.com/static/adManager.m.js
IP 45.133.44.24:0
ASN #39572 DataWeb Global Group B.V.
GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 09:57:49 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 13 Jan 2023 14:07:40 GMT
etag: W/"63c165ac-188ee"
content-encoding: gzip
expires: Wed, 25 Jan 2023 10:02:49 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2