Overview

URL javtk.com/142823/t-28622-studio-tma-teacher-i-want-a-baby-rara-kudo-with-a-student-who-seduces-me
IP104.21.31.61
ASNCLOUDFLARENET
Location
Report completed2022-07-01 15:37:57 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-01 2 pl15281306.toprevenuecpmnetwork.com/03/76/c5/0376c5049b3cdb93416e29fae5a4fc40.js Malware
2022-07-01 2 cdn.barscreative1.com/sb/notifications/rtb/mac/2/index.html Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Added / Verified Severity Host Comment
2022-07-01 2 go6shde9nj2itle.com Sinkholed
2022-07-01 2 addresseepaper.com Sinkholed
2022-07-01 2 steakeffort.com Sinkholed
2022-07-01 2 baradoot.com Sinkholed
2022-07-01 2 baradoot.com Sinkholed
2022-07-01 2 go6shde9nj2itle.com Sinkholed
2022-07-01 2 poshhateful.com Sinkholed
2022-07-01 2 crumbtypewriterhome.com Sinkholed
2022-07-01 2 crumbtypewriterhome.com Sinkholed
2022-07-01 2 crumbtypewriterhome.com Sinkholed
2022-07-01 2 crumbtypewriterhome.com Sinkholed
2022-07-01 2 crumbtypewriterhome.com Sinkholed
2022-07-01 2 unseenreport.com Sinkholed
2022-07-01 2 crumbtypewriterhome.com Sinkholed
2022-07-01 2 unseenreport.com Sinkholed


Files

No files detected



Passive DNS (56)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] cdn4ads.com (1) 46207 No data No data 216.59.63.128
[Mnemonic Passive DNS] cdn.sb4you1.com (1) 22321 No data No data 172.67.183.56
[Mnemonic Passive DNS] poshhateful.com (1) 0 No data No data 192.243.61.225 Unknown ranking
[Mnemonic Passive DNS] cdn.popcash.net (1) 109877 2017-01-30 08:09:36 UTC 2020-04-21 11:46:35 UTC 151.139.128.11
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-01 05:33:42 UTC 54.230.111.99
[Mnemonic Passive DNS] simplewebanalysis.com (1) 0 No data No data 52.29.132.48 Unknown ranking
[Mnemonic Passive DNS] w5tzd4neilxa.l4.adsco.re (1) 0 No data No data 185.200.118.90 Domain (adsco.re) ranked at: 8541
[Mnemonic Passive DNS] r3.o.lencr.org (9) 344 2020-12-02 08:52:13 UTC 2022-07-01 12:51:19 UTC 23.36.77.32
[Mnemonic Passive DNS] static-assets.highwebmedia.com (3) 16059 No data No data 104.16.94.42
[Mnemonic Passive DNS] javtk.com (5) 572362 No data No data 104.21.31.61
[Mnemonic Passive DNS] w5tzd4neilxa.n4.adsco.re (1) 0 No data No data 38.132.109.186 Domain (adsco.re) ranked at: 8541
[Mnemonic Passive DNS] mc.yandex.ru (4) 2672 2017-01-29 05:34:36 UTC 2022-07-01 08:41:16 UTC 87.250.250.119
[Mnemonic Passive DNS] crumbtypewriterhome.com (6) 0 No data No data 192.243.59.12 Unknown ranking
[Mnemonic Passive DNS] bam.nr-data.net (3) 630 2022-05-18 16:30:58 UTC 2022-07-01 14:38:29 UTC 162.247.241.14
[Mnemonic Passive DNS] e1.o.lencr.org (3) 6159 2021-08-20 07:36:30 UTC 2022-07-01 12:38:42 UTC 23.36.76.226
[Mnemonic Passive DNS] mycloudzz.com (1) 0 No data No data 104.21.3.245 Unknown ranking
[Mnemonic Passive DNS] dcba.popcash.net (1) 99174 2018-01-31 15:18:32 UTC 2022-07-01 04:05:35 UTC 184.73.177.33
[Mnemonic Passive DNS] thumb.fvs.io (1) 53071 No data No data 104.23.136.25
[Mnemonic Passive DNS] ocsp2.globalsign.com (2) 1544 2012-05-21 07:12:19 UTC 2022-07-01 12:43:16 UTC 104.18.21.226
[Mnemonic Passive DNS] pics.dmm.co.jp (1) 91114 2012-08-01 07:09:25 UTC 2022-07-01 12:30:05 UTC 202.6.246.10
[Mnemonic Passive DNS] cdn.barscreative1.com (1) 25648 No data No data 104.21.37.70
[Mnemonic Passive DNS] adsco.re (1) 8541 No data No data 162.252.214.5
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-07-01 14:13:52 UTC 34.120.237.76
[Mnemonic Passive DNS] pl15281306.toprevenuecpmnetwork.com (1) 0 No data No data 192.243.59.12 Domain (toprevenuecpmnetwork.com) ranked at: 565254
[Mnemonic Passive DNS] 4.adsco.re (2) 19179 No data No data 162.252.214.5
[Mnemonic Passive DNS] xml.realtime-bid.com (1) 30809 2019-04-01 01:31:25 UTC 2022-07-01 12:16:45 UTC 198.134.116.29
[Mnemonic Passive DNS] addresseepaper.com (1) 18169 No data No data 104.21.235.2
[Mnemonic Passive DNS] pl15968334.toprevenuecpmnetwork.com (1) 0 No data No data 192.243.61.227 Domain (toprevenuecpmnetwork.com) ranked at: 565254
[Mnemonic Passive DNS] creepingbrings.com (1) 0 No data No data 104.21.234.232 Unknown ranking
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-07-01 08:43:58 UTC 93.184.220.29
[Mnemonic Passive DNS] js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-07-01 14:38:29 UTC 151.101.86.137
[Mnemonic Passive DNS] c.adsco.re (2) 16577 2017-11-29 18:42:15 UTC 2018-05-10 22:29:51 UTC 104.17.166.186
[Mnemonic Passive DNS] ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-07-01 12:44:04 UTC 142.250.74.3
[Mnemonic Passive DNS] www.googletagmanager.com (1) 75 2017-01-30 05:00:47 UTC 2022-07-01 05:01:41 UTC 142.250.74.72
[Mnemonic Passive DNS] steakeffort.com (1) 0 No data No data 192.243.61.227 Unknown ranking
[Mnemonic Passive DNS] 6.adsco.re (2) 17812 No data No data 104.17.167.186
[Mnemonic Passive DNS] poweredby.jads.co (5) 30525 2021-05-21 13:33:01 UTC 2021-05-21 13:33:01 UTC 185.94.236.247
[Mnemonic Passive DNS] baradoot.com (2) 24601 No data No data 62.122.171.6
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.65
[Mnemonic Passive DNS] ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-07-01 14:38:28 UTC 104.18.21.226
[Mnemonic Passive DNS] go6shde9nj2itle.com (2) 0 No data No data 62.122.171.6 Unknown ranking
[Mnemonic Passive DNS] i.jads.co (1) 46788 2019-12-04 08:50:06 UTC 2022-07-01 05:43:55 UTC 69.16.175.10
[Mnemonic Passive DNS] roomimg.stream.highwebmedia.com (4) 23037 No data No data 104.19.241.83
[Mnemonic Passive DNS] fonts.gstatic.com (2) 0 2017-01-30 04:59:51 UTC 2022-07-01 04:59:46 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS] static.realtime-bid.com (1) 40686 2019-04-01 01:22:37 UTC 2022-07-01 12:16:45 UTC 151.139.128.11
[Mnemonic Passive DNS] fieldofbachus.com (2) 462010 No data No data 62.122.171.6
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-07-01 12:47:41 UTC 52.35.251.160
[Mnemonic Passive DNS] www.cdn4ads.com (1) 105393 2020-04-19 20:21:04 UTC 2022-06-30 15:43:21 UTC 185.76.9.25
[Mnemonic Passive DNS] chaturbate.com (1) 6807 2012-10-03 13:53:21 UTC 2022-06-21 21:06:18 UTC 104.18.100.40
[Mnemonic Passive DNS] streetmonumentemulate.com (1) 0 No data No data 192.243.61.227 Unknown ranking
[Mnemonic Passive DNS] fonts.googleapis.com (1) 8877 2017-01-30 04:59:43 UTC 2019-10-16 05:12:41 UTC 216.58.211.10
[Mnemonic Passive DNS] unseenreport.com (2) 0 No data No data 192.243.59.20 Unknown ranking
[Mnemonic Passive DNS] ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-07-01 11:07:24 UTC 172.64.155.188
[Mnemonic Passive DNS] www.google-analytics.com (1) 40 2017-01-30 05:00:06 UTC 2022-07-01 12:39:19 UTC 142.250.74.174
[Mnemonic Passive DNS] ocsp.sca1b.amazontrust.com (1) 1015 No data No data 54.230.245.118


Recent reports on same IP/ASN/Domain

Last 1 reports on IP: 104.21.31.61

Date UQ / IDS / BL URL IP
2022-07-19 15:59:47 +0000
0 - 0 - 16 javtk.com/1153/sivr-016-atildevratilde-new-st (...) 104.21.31.61

Last 10 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-08-09 11:40:31 +0000
0 - 0 - 1 b97bca39.srvr-cloudmail-srvr6754e5rte.pages.d (...) 172.66.47.35
2022-08-09 11:40:25 +0000
0 - 0 - 5 caioaraujo.vip/P1K/ 172.67.197.69
2022-08-09 11:36:05 +0000
0 - 0 - 2 new1.gdtot.sbs/file/8694275640 104.21.15.74
2022-08-09 11:35:31 +0000
0 - 0 - 2 document-cloud-secure.piltrimuging.workers.dev/ 172.67.160.144
2022-08-09 11:34:04 +0000
0 - 0 - 27 www.karllagfr.com/ 104.21.1.140
2022-08-09 11:33:25 +0000
0 - 0 - 3 piktina.com/blog/wp-content/uploads/NEFT_Paym (...) 104.26.12.219
2022-08-09 11:33:02 +0000
0 - 0 - 6 shop.fixyourdirtbike.com/087654UYHJ9786545/13 (...) 172.67.201.142
2022-08-09 11:32:56 +0000
0 - 0 - 3 aplintec.com.mx/snc.binb/5/login.php 104.21.87.83
2022-08-09 11:32:46 +0000
0 - 0 - 1 wheelsofmercy.org/dhl/DHL/DHL/dhl 172.67.176.188
2022-08-09 11:31:40 +0000
0 - 0 - 6 pulaubiru.xyz/login.php 172.67.161.145

Last 3 reports on domain: javtk.com

Date UQ / IDS / BL URL IP
2022-07-19 15:59:47 +0000
0 - 0 - 16 javtk.com/1153/sivr-016-atildevratilde-new-st (...) 104.21.31.61
2022-07-18 13:58:36 +0000
0 - 0 - 14 https://javtk.com/ 172.67.175.55
2022-06-30 15:43:33 +0000
0 - 0 - 20 javtk.com/download.php?link_download=asianclu (...) 172.67.175.55


JavaScript

Executed Scripts (45)


Executed Evals (139)

#1 JavaScript::Eval (size: 32, repeated: 1) - SHA256: 90190e51d410f9862884d5984262f9e1b8e46dd1010b50f1c22c9ef3fa1565fc

                                        window.opener.offscreenBuffering
                                    

#2 JavaScript::Eval (size: 33, repeated: 1) - SHA256: 0b543b4a53bd5beb9a294e018ea9a8c704e5487af1227121d60699a5ec715c5d

                                        navigator.connection.effectieType
                                    

#3 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 89e4c05e12e12f5bdf85a4fb89bad572dd85256091add09fdb9c6e42e703e2bb

                                        document.visibilityState
                                    

#4 JavaScript::Eval (size: 17, repeated: 1) - SHA256: b4a3a83fe09d48db0c0b4416fefb19af5f9e069c12d2af8793a18f159574bb79

                                        window.outerWidth
                                    

#5 JavaScript::Eval (size: 37, repeated: 1) - SHA256: 0e27576eb1e9c067b58d47b8749be97d9e94c1e3d67cdf541784148cd80a04b1

                                        MouseEvent.WEBKIT_FORCE_AT_MOUSE_DOWN
                                    

#6 JavaScript::Eval (size: 15, repeated: 1) - SHA256: 4f61f9e962c8c1d90b453b461dd9431c1d3a6a706e61ab5c2a9faf6a71aea93f

                                        screen.availTop
                                    

#7 JavaScript::Eval (size: 18, repeated: 1) - SHA256: 64e360e85164e7675724c7fe1ed681b25a138c51d437bac5ff97e8910ccf2aa7

                                        window.innerHeight
                                    

#8 JavaScript::Eval (size: 32, repeated: 1) - SHA256: 8d8003d5d1afbb2b7118b1f14afe89138588ed08982c3e8ff31dd4123e7cb076

                                        performance.timing.responseStart
                                    

#9 JavaScript::Eval (size: 20, repeated: 1) - SHA256: 6af0594857ab3b4e97420ca6bf7e098fc0901e86860d2e6a26cdf1d176c37dec

                                        navigator.doNotTrack
                                    

#10 JavaScript::Eval (size: 34, repeated: 1) - SHA256: fa103a26e90f8e37ab2371d0dd320ca199c0ff194f4ded9cee3ccfa85c22f713

                                        window.ScriptEngineMajorVersion();
                                    

#11 JavaScript::Eval (size: 12, repeated: 1) - SHA256: 27f88609267c27a6f4e778dcb686f1f2fdf0f4f7cd29ad34826b916266ae45a8

                                        window.close
                                    

#12 JavaScript::Eval (size: 20, repeated: 1) - SHA256: 3688d7e88d248ea850c456f0233738d10695a410a3dec97785ca7422c3f562c1

                                        document.innerHeight
                                    

#13 JavaScript::Eval (size: 19, repeated: 1) - SHA256: b37d024d71bdbd575b951acfa9a59a5e84dc2f9d7c89748081ccb862ff3c9033

                                        navigator.vendorSub
                                    

#14 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 526c9d85cebcd21526a3b7ffdb87a9c2b6229e00b0bf210634abf6c84e0ad143

                                        navigator.msDoNotTrack
                                    

#15 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 9094a3d888951e5671f4b6dce42ef291cd071cb196d8761fef42c010ecf5b142

                                        navigator.plugins
                                    

#16 JavaScript::Eval (size: 23, repeated: 1) - SHA256: 2ef7ca07ed70c4ffbc59b1d3fa8df8cd2be1bfc66d1604246926066c9f44fd0c

                                        screen.orientation.type
                                    

#17 JavaScript::Eval (size: 17, repeated: 1) - SHA256: e5ee82e31ec94cc385b3637227b4435f0547b3d0a4aa60cdda1d8fada4779df3

                                        screen.availWidth
                                    

#18 JavaScript::Eval (size: 26, repeated: 1) - SHA256: 2638f8c5d74932a6dfe72bc21a585ef3525f7e26bd3dbb1f480071141c325af1

                                        navigator.msMaxTouchPoints
                                    

#19 JavaScript::Eval (size: 22, repeated: 1) - SHA256: e924fcaf65b8ea057cb30e32bbdf04fdafe2bde622539d6d1abc466b050917d5

                                        navigator.userLanguage
                                    

#20 JavaScript::Eval (size: 36, repeated: 1) - SHA256: 4105e0401cf30138cd3ec66def6e14b091f0617777c14cd703ba3e8be17d5777

                                        performance.navigation.redirectCount
                                    

#21 JavaScript::Eval (size: 12, repeated: 1) - SHA256: 5191a526bd66a118a4a51956503fdcf4555cc92b48b9a426d04a7af25d3980e1

                                        window.brave
                                    

#22 JavaScript::Eval (size: 25, repeated: 1) - SHA256: 02665a4c106fc96e71ef5a17511cf353ec3f5cccb82ec9fce719b23967728897

                                        typeof window.WebAssembly
                                    

#23 JavaScript::Eval (size: 13, repeated: 1) - SHA256: 56e57af29d4af8b1fb7008dbfdf84a764970a6673f1f19165f1a8498ce903d93

                                        screen.height
                                    

#24 JavaScript::Eval (size: 31, repeated: 1) - SHA256: df3486f2ca74e18e1c81ba55663a8dd4e668e36fed82949b9cca595051bd5064

                                        performance.timing.requestStart
                                    

#25 JavaScript::Eval (size: 9, repeated: 1) - SHA256: ebf49dcd836f810084c14e0f2dab4dc1768bbdc5980481bf201fcf76771dff7a

                                        navigator
                                    

#26 JavaScript::Eval (size: 18, repeated: 1) - SHA256: 0200f755a2c13b9335fe39b3a88f696c334e518e8407780c4731d8e6be966c4e

                                        window.outerHeight
                                    

#27 JavaScript::Eval (size: 17, repeated: 1) - SHA256: c66ced51cafdeb3a9e3544b0b2e7de4c955a4cd347c4d7b5d74f36923df5a7bd

                                        navigator.product
                                    

#28 JavaScript::Eval (size: 19, repeated: 1) - SHA256: c26c62a09a687d08a3ef9d9a960c5ae2ad47fecc853b4fb0380d71586d260a1b

                                        window.opener == null
                                    

#29 JavaScript::Eval (size: 20, repeated: 1) - SHA256: 3f3d3b81e8706983e30a63da7389e8cd3e70bd7778063d63f748984c42007425

                                        IntersectionObserver
                                    

#30 JavaScript::Eval (size: 15, repeated: 1) - SHA256: de7f7b137340e1d218833d7afef73ea711325f139a4428eed317ca0374f67c91

                                        navigator.oscpu
                                    

#31 JavaScript::Eval (size: 18, repeated: 1) - SHA256: 318e5db431b7c9515f38ae97da21d7c4e75ec281aea96271c0d0f4e22b35df92

                                        navigator.language
                                    

#32 JavaScript::Eval (size: 25, repeated: 1) - SHA256: de1b699e93a44c66a069974d1603aee656a6e063b19b8bbf5b09946a3a1b9904

                                        window.opener.innerHeight
                                    

#33 JavaScript::Eval (size: 31, repeated: 1) - SHA256: 043b61c407c6f51e3a4ee18efee76fac227501d805df309988fc1494ae0a30dc

                                        performance.timing.connectStart
                                    

#34 JavaScript::Eval (size: 46, repeated: 1) - SHA256: 30f73e7f08c8e6a25fec00672f75fa725d3fa7a30bf847fb1dcb0115ec2f8607

                                        Intl.DateTimeFormat().resolvedOptions().locale
                                    

#35 JavaScript::Eval (size: 14, repeated: 1) - SHA256: 28d9693460ce57dd4e01742e50a1baa10cbed3fa6c20c2a69f02424f80fb9a2e

                                        !(top == window)
                                    

#36 JavaScript::Eval (size: 11, repeated: 1) - SHA256: c42b2a75055edd538c357b5923a7eca102ebf4e63f14d7d8b6fa2778d6b1cdd2

                                        screen.left
                                    

#37 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 5c5bb18e544cb67f765d8a6d2c774838d3ae95df9b62f25660c64554a7302d8e

                                        document.referrer
                                    

#38 JavaScript::Eval (size: 16, repeated: 1) - SHA256: cd74e6a3b779a514972758fa195725f40176261af18fbcd246e5f401a3ecf849

                                        screen.availLeft
                                    

#39 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 031688cb60b9631e34bc623cf81a9eeef73de67ca290d15cccfaa65399420932

                                        screen.colorDepth
                                    

#40 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 893fe12669f916947d99616b788aa245f8b45c5b8b34544df4114a6a789217ab

                                        navigator.systemLanguage
                                    

#41 JavaScript::Eval (size: 29, repeated: 1) - SHA256: cb6f5b3573826ffd9a881e026fd85eb842d31266833666399582737149c5fc14

                                        navigator.connection.saveData
                                    

#42 JavaScript::Eval (size: 36, repeated: 1) - SHA256: a7dc60bd6993c201941ea0bfc5218f7fea0bc015ee5dc88e658db78d98f8d98a

                                        performance.timing.domainLookupStart
                                    

#43 JavaScript::Eval (size: 15, repeated: 1) - SHA256: 2daa1a91b2430e9867296c9cb26d1483785954a9bdd66f79b2c754bab7092cae

                                        typeof __gCrWeb
                                    

#44 JavaScript::Eval (size: 22, repeated: 1) - SHA256: b19d05a8d492320ab4db4d74ea0e9e90374bed47a18e805f8018ebb00af0c23c

                                        window.menubar.visible
                                    

#45 JavaScript::Eval (size: 22, repeated: 1) - SHA256: c49e342522959187d587f89ed7dde961d8df29cec6b02dce869f4aa1ac3ef254

                                        window.mozInnerScreenX
                                    

#46 JavaScript::Eval (size: 59, repeated: 1) - SHA256: f8aac102dc71390ed9b53b485b34d036f4c871e18d7015b307b95c8f1dcd9fa1

                                        window.external.getHostEnvironmentValue("os-architecture");
                                    

#47 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 28be88d787b6e773eaf5d0818a6c62446ce628dd8ec0659c6f78410588838337

                                        window.toolbar.visible
                                    

#48 JavaScript::Eval (size: 25, repeated: 1) - SHA256: 63d0de96ffe6e24d709e64517f883a6e6a72e3629aea379ee43b727541794c64

                                        navigator.browserLanguage
                                    

#49 JavaScript::Eval (size: 16, repeated: 1) - SHA256: d6b5ca1760fc8b29e007efc9c8d2cf7e8a2395825f6f77dada95483fc3171bdf

                                        navigator.onLine
                                    

#50 JavaScript::Eval (size: 26, repeated: 1) - SHA256: 92f68565a2781a0fbd595ff5c54717d6b87c6cf19d42c7f3d3d4c81193bb2cb4

                                        navigator.battery.charging
                                    

#51 JavaScript::Eval (size: 34, repeated: 1) - SHA256: 9e0e45f2f824eefaed5af40bcadf2c0ce7943df52cda4c3d67ddb03583418dab

                                        window.ScriptEngineMinorVersion();
                                    

#52 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 15dde2f8fcb5a8a423088da92307a50f6ba6c59577490e49e2ae24a15c75c2bd

                                        window.clientInformation
                                    

#53 JavaScript::Eval (size: 26, repeated: 1) - SHA256: e495f8780d35a18d80e09be6211760313cd30ac601a5c7478f9ddf4ebf8536ba

                                        navigator.pdfViewerEnabled
                                    

#54 JavaScript::Eval (size: 37, repeated: 1) - SHA256: 998158f6df4183edd82539e6dc971d32f50bc7ee075f64d4abc46d3011a9da27

                                        document.documentElement.clientHeight
                                    

#55 JavaScript::Eval (size: 21, repeated: 1) - SHA256: 023250096bcba5a18a624685884b3126896db722289f3281cea8ec5cc63476e7

                                        navigator.appCodeName
                                    

#56 JavaScript::Eval (size: 25, repeated: 1) - SHA256: 11ae4500086472eb307c6d2459f0d1446b2cc02b1afda7925d800e2d49f1c9d1

                                        window.opener.outerHeight
                                    

#57 JavaScript::Eval (size: 30, repeated: 1) - SHA256: b6a3c0492b8e7ae0ff680b4806058d22f740029707c1f7dda3cad6f985020ba3

                                        (new Date).getTimezoneOffset()
                                    

#58 JavaScript::Eval (size: 31, repeated: 1) - SHA256: 7f96f13e41030d403da6d3c41ed3e161053572b43346d4e7c6ade69c0861d6ca

                                        typeof document.visibilityState
                                    

#59 JavaScript::Eval (size: 30, repeated: 1) - SHA256: c2ea2223b59cfea384b15228f4cdc0f7337d4909e20e97e2fa42648ef8ecf610

                                        window.webkitRTCPeerConnection
                                    

#60 JavaScript::Eval (size: 17, repeated: 1) - SHA256: d204422e9d49293ab422bfabae9607635876cb30f77215f133603bac691f6f4b

                                        document.location
                                    

#61 JavaScript::Eval (size: 15, repeated: 1) - SHA256: da82a56eb8524f5d12a2afcf2c5d0cb6184f26995167212a0ccb3bc2ba0def36

                                        document.hidden
                                    

#62 JavaScript::Eval (size: 23, repeated: 1) - SHA256: 76fae4cd7853897c738cd23148b2ebab825379d6ba153e245965183cc3304082

                                        navigator.battery.level
                                    

#63 JavaScript::Eval (size: 46, repeated: 1) - SHA256: b1101545a9bed4591a67166c932701b5ec44cb1976bb9df3d584fa2ab8ba8245

                                        window.opener.screenY || window.opener.screenTop
                                    

#64 JavaScript::Eval (size: 6, repeated: 1) - SHA256: 44ff7b02c80d38b26dd6aa31d9470aed81b32e10331a3c994fb1a9945fd847ba

                                        window
                                    

#65 JavaScript::Eval (size: 6, repeated: 1) - SHA256: 4cd6c2914887dd4a68e4c9ffbed8b077f048cf795d6cfa0b801d43e0ea5a1560

                                        screen
                                    

#66 JavaScript::Eval (size: 13, repeated: 1) - SHA256: 32c6c6c6d07bb5224356b89b5de1adc4c02b1f7b2f464830005443afc6624e85

                                        window.google
                                    

#67 JavaScript::Eval (size: 26, repeated: 1) - SHA256: e5a13721b456c9e090f80944728fc91767f5ae01b01f59160e73ff2c7cacc587

                                        window.locationbar.visible
                                    

#68 JavaScript::Eval (size: 32, repeated: 1) - SHA256: 1138f8c1bb11f4a5f7d8354b8c8a642ef94c9c741d76a7f476bac6473b7de085

                                        window.screenY || window.screenTop
                                    

#69 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 13871edf9ac7e58046d0f0d03811464e388c3f2323eebc6b61954c79dc883459

                                        screen.deviceXDPI
                                    

#70 JavaScript::Eval (size: 27, repeated: 1) - SHA256: d411f352f2428265f0fc9f43b7429dafafad74f69cf4022cd51d9df23a67f157

                                        performance.navigation.type
                                    

#71 JavaScript::Eval (size: 18, repeated: 1) - SHA256: 17720ad70d18a072962c7509a9e8f79d6227be2728fb0e89dafb5a1edbc19f40

                                        window.console.log
                                    

#72 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 6e880572810251d722d33109fc0420864f46d69522d25a1df47338c553e38e07

                                        window.isSecureContext
                                    

#73 JavaScript::Eval (size: 48, repeated: 1) - SHA256: e7678fa8be4ae3ca69e517858903bb107391f9de7ae346a75288b81b57630269

                                        Intl.DateTimeFormat().resolvedOptions().timeZone
                                    

#74 JavaScript::Eval (size: 18, repeated: 1) - SHA256: addd231a2f2807fb0b4ebdadd2bc23ae2a1cb93a92b07fa6e20ee9af832a8b47

                                        navigator.platform
                                    

#75 JavaScript::Eval (size: 24, repeated: 1) - SHA256: ebca0f427d949e5889ac01faf63de6370743bddd0169c9354c84bc47e3e8a0b1

                                        window.opener.innerWidth
                                    

#76 JavaScript::Eval (size: 24, repeated: 1) - SHA256: a097c9a52546fb53f0340afda7f34b4e47b836e551135e5ad0b5339ebb314a30

                                        window.opener.outerWidth
                                    

#77 JavaScript::Eval (size: 29, repeated: 1) - SHA256: a9dc93ae3dc52ac584bff8e382bf1db1f87b8e3a54243eae8d1e3badb180e834

                                        navigator.connection.downlink
                                    

#78 JavaScript::Eval (size: 24, repeated: 1) - SHA256: ae3766b014bf6a5b6452d14a9f1de103d584e98933db2577122c136bfb9eb0c6

                                        navigator.connection.rtt
                                    

#79 JavaScript::Eval (size: 41, repeated: 1) - SHA256: af18ee7d06fe2ee2da28af260ea0c78923664ecbc220f3ce395c50b1822dab7a

                                        window.performance.memory.jsHeapSizeLimit
                                    

#80 JavaScript::Eval (size: 18, repeated: 1) - SHA256: c1fcce173bd0b08415367c934d5db7c4ed130c7f83a485c91682873bff2954ee

                                        screen.availHeight
                                    

#81 JavaScript::Eval (size: 52, repeated: 1) - SHA256: b218e02bbc9cda846447b2e8fff62bc41f7f5b0e12ad8adfc05380f8df3288a4

                                        window.external.getHostEnvironmentValue("os-build");
                                    

#82 JavaScript::Eval (size: 47, repeated: 1) - SHA256: 423946cdca01d4915fdc795bb03491ce4251b32ed1717a7c0146ce14c838d373

                                        window.opener.screenX || window.opener.screenLeft
                                    

#83 JavaScript::Eval (size: 30, repeated: 1) - SHA256: ca1a06e2314f272f03bc401a7ae0f4056692895b060fd13c00280536b6c56e85

                                        performance.timing.responseEnd
                                    

#84 JavaScript::Eval (size: 26, repeated: 1) - SHA256: 7510742fba4d25113b6124987e97cba40776bc5030a6a3678974dc8ba075bf81

                                        window.personalbar.visible
                                    

#85 JavaScript::Eval (size: 27, repeated: 1) - SHA256: bc9c06f981e7daa0478c449324d4010cdbc3c83c9a95879b99a0b531f5cabb87

                                        window.navigator.standalone
                                    

#86 JavaScript::Eval (size: 17, repeated: 1) - SHA256: f8b516a2a0538b8599ab0452be3f3aa473cf3b0c510275d0a30565cefd564701

                                        screen.pixelDepth
                                    

#87 JavaScript::Eval (size: 29, repeated: 1) - SHA256: 95b2bbef556b3dc3b807638cb7b08274af9b8998def0c82d81e3a1517100d68f

                                        performance.timing.fetchStart
                                    

#88 JavaScript::Eval (size: 21, repeated: 1) - SHA256: 561f7f2574775993811ac7bc852a2054ede9fb58a62eb0804030e1ff877f4350

                                        document.webkitHidden
                                    

#89 JavaScript::Eval (size: 12, repeated: 1) - SHA256: 20dbc48604a9afee27f0eaf4b84634fabbf1b2c09f78e795896b6fa1747b154a

                                        window.alert
                                    

#90 JavaScript::Eval (size: 20, repeated: 1) - SHA256: a5e2bc908c3bd3196d273564d073484f9905d13817490eca5aa249e701139cdc

                                        typeof window.chrome
                                    

#91 JavaScript::Eval (size: 50, repeated: 1) - SHA256: 203d92af34680f7fe84b0047f738fae4e2d401f5d28af8d70f067dc77f5acb6a

                                        window.external.getHostEnvironmentValue("os-sku");
                                    

#92 JavaScript::Eval (size: 20, repeated: 1) - SHA256: 6b612f597a0ed972ce30182713c197e510528ac68ff1711b560641d5f47afefa

                                        navigator.productSub
                                    

#93 JavaScript::Eval (size: 32, repeated: 1) - SHA256: d0ea77c33d12565615b751dd5d753895e6287577bc0cfe0522961048b211daa6

                                        navigator.connection.downlinkMax
                                    

#94 JavaScript::Eval (size: 30, repeated: 1) - SHA256: 55ef02d9591328210e59a68fcd1945791f4d0f70cdc7cd3999eb4ba175adbafb

                                        performance.timing.redirectEnd
                                    

#95 JavaScript::Eval (size: 51, repeated: 1) - SHA256: 8c6276b2ab288fa398c4bc128bf765ffc10696c7adb7b2db18019870fa29cbdd

                                        window.external.getHostEnvironmentValue("os-mode");
                                    

#96 JavaScript::Eval (size: 19, repeated: 1) - SHA256: 63fd63a33ca43f07ce872672d604657ec0fbfbe24bec43f4b322c0f7a1c2ce25

                                        document.hasFocus()
                                    

#97 JavaScript::Eval (size: 10, repeated: 1) - SHA256: f73e4e03067983dd5196907f86c9020b174651f1bd0b5d291b217dc927ff068f

                                        screen.top
                                    

#98 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 13e19bbb45d0bb1d1915240763b5bca4ddef99d01edd749954115168c7842c9c

                                        navigator.buildID
                                    

#99 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 4b653dda0da63fbe970902ed9a8dc33f1f0555edd3d9f2ae1ad8ed9284632d72

                                        navigator.maxTouchPoints
                                    

#100 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 51c1083130407a8772738aa2380eb5a583240a47d98f2204b124c06fd11aabd5

                                        top.frames.length
                                    

#101 JavaScript::Eval (size: 17, repeated: 1) - SHA256: b18f7c2e4dbfe2926b0413634f7cd6781be55e27b4b885dc68a8f740a80d72e1

                                        window.innerWidth
                                    

#102 JavaScript::Eval (size: 25, repeated: 1) - SHA256: 0098b3fb5f82abbebff8c293e42863b93e210b01f0032c4147fe1457f5b48a93

                                        window.offscreenBuffering
                                    

#103 JavaScript::Eval (size: 23, repeated: 1) - SHA256: fac21d8a86a99b88e4eb395a35aa2970ffb8ffdac1b12280959be2c117e3a09c

                                        window.devicePixelRatio
                                    

#104 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 42c1dc825c7afb2edca4a8bca3f669784ae08b69226a5ec5044ee7600fccb397

                                        window.mozInnerScreenY
                                    

#105 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 38be2b1c1c886666cd4ac85d71bb8b65e51d95c7c5f40b0c575f7d196a0442cd

                                        window.statusbar.visible
                                    

#106 JavaScript::Eval (size: 17, repeated: 1) - SHA256: e0bc19473df9795cd42be5da545b5a6828d31527b4ffa3769564f735abec0deb

                                        document.hasFocus
                                    

#107 JavaScript::Eval (size: 18, repeated: 1) - SHA256: 793401a4baa2fb67b2049b633d5ebb8c25d2dc67d41071aabd7c180ddbdd2599

                                        navigator.cpuClass
                                    

#108 JavaScript::Eval (size: 40, repeated: 1) - SHA256: ba8f16658b19940e1168ca8394756fb18272a9ef95d5fb11442ba56601568687

                                        performance.timing.secureConnectionStart
                                    

#109 JavaScript::Eval (size: 36, repeated: 1) - SHA256: 436179ef4964c80a03e62015696ba10c5ae70602c6538d07f50b75f35bd72a27

                                        document.documentElement.clientWidth
                                    

#110 JavaScript::Eval (size: 20, repeated: 1) - SHA256: 1b0f9a28e673c21b9a668e2973157b075ac420eda7f39fd5727a77bb32b45ffe

                                        navigator.appVersion
                                    

#111 JavaScript::Eval (size: 4, repeated: 1) - SHA256: 1bbd174404efbce95f1af489ef93f4aa0f4d55718f24c3504682216afa7b7fb1

                                        eval
                                    

#112 JavaScript::Eval (size: 17, repeated: 1) - SHA256: c03ab22471edc55763f012b82b8d32f981b31ca921a55cc4a663b8bd953b96e7

                                        screen.deviceYDPI
                                    

#113 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 4b14cf9e41e192a741c1cb8ec58f13b0495941f984f312bec01ab28807fe99ab

                                        navigator.deviceMemory
                                    

#114 JavaScript::Eval (size: 29, repeated: 1) - SHA256: 12c1e4b959357815447bdfe9fde3665a628e0cd4bbd622c9915820ea57fe01e3

                                        window.InstallTrigger.install
                                    

#115 JavaScript::Eval (size: 29, repeated: 1) - SHA256: 876f3c9374f7069c7cabd0907ddad5466010a649a0f34984e5e2cc72f64878a5

                                        navigator.hardwareConcurrency
                                    

#116 JavaScript::Eval (size: 30, repeated: 1) - SHA256: 44e10caa26e37d5f8678a008f0d667c1975fbaec0f613439eb60694249001780

                                        navigator.languages.toString()
                                    

#117 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 15eb7e222abfc64660d0f94c04053839498df20ea9ac9a13a201701a56ce3bf6

                                        typeof window.chrome.csi
                                    

#118 JavaScript::Eval (size: 21, repeated: 1) - SHA256: 61e43d202b6cd0ebf29ac8014115fcb890eb5593c4160b9ae285206ca911bce6

                                        window.history.length
                                    

#119 JavaScript::Eval (size: 12, repeated: 1) - SHA256: bc1a6bd7f4ddbcd78987ea609d4595bdf2422cb1be9e85af5d6c199f62000d6c

                                        screen.width
                                    

#120 JavaScript::Eval (size: 28, repeated: 1) - SHA256: ef184af14e9e4c14bc286dcbd2a00161c209ce5cf6f9e30c4e7de6d929e9aa4d

                                        typeof document.ontouchstart
                                    

#121 JavaScript::Eval (size: 19, repeated: 1) - SHA256: 9b078b8e24e4655c21a5876570daac97f2ddc241bfdb259644582b6a7a60930b

                                        navigator.userAgent
                                    

#122 JavaScript::Eval (size: 27, repeated: 1) - SHA256: 1c82db5b05628505080952437a7fd64f03942b6e8ec97f799f4f867eaf492134

                                        typeof window.ondevicelight
                                    

#123 JavaScript::Eval (size: 108, repeated: 1) - SHA256: 8eab171b0d256cf386d222b71fbf5380f2051b67452dbd83f41401a6216a789c

                                        !!document.fullscreen || !!document.mozFullscreen || !!document.webkitIsFullScreen || !!document.fullScreenElement
                                    

#124 JavaScript::Eval (size: 19, repeated: 1) - SHA256: fc5a1ffc9513896711ec2c788490995715c8d32ccda8c4e2c68a9bd8cb214e77

                                        document.innerWidth
                                    

#125 JavaScript::Eval (size: 27, repeated: 1) - SHA256: e94a47b072c1a87127e88c17e992124bcf93c5d0d6b4e96c73a909444a7cd0d6

                                        window.mozRTCPeerConnection
                                    

#126 JavaScript::Eval (size: 25, repeated: 1) - SHA256: 791b28f4c489619d78906b8af22fbc11b48c0576134d36470ef92468e47da29c

                                        navigator.appMinorVersion
                                    

#127 JavaScript::Eval (size: 27, repeated: 1) - SHA256: c66fd00bf884bbcc3f43284fb1c86bcea447ce653124ca7b7202d0e5fd30ae08

                                        window.opener.location.href
                                    

#128 JavaScript::Eval (size: 34, repeated: 1) - SHA256: de98f45cade0178e1fd1a8257ab99e8431b3d5b35a393217e74ad6caa4efed60

                                        performance.timing.domainLookupEnd
                                    

#129 JavaScript::Eval (size: 11, repeated: 1) - SHA256: 2c6631ee0cabea9afb499cec860aab5fcf40ed956651a0b0ea7b3411e1a31cd9

                                        window.open
                                    

#130 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 6b5c93eab3b74dadfbe0f6c5949ab9f1ec8f012df8f49495664b96b51881ed85

                                        window.RTCPeerConnection
                                    

#131 JavaScript::Eval (size: 20, repeated: 1) - SHA256: dfafe4f2e08c006ec277e8042267c6237512a1a93bfcf57657420d4becc0a97b

                                        window.mozPaintCount
                                    

#132 JavaScript::Eval (size: 33, repeated: 1) - SHA256: 511e9d231c9360fcb7670f7cbaffb35bf8180f124fc080ebbfa5962d4c8bb089

                                        window.screenX || window.screenLeft
                                    

#133 JavaScript::Eval (size: 29, repeated: 1) - SHA256: d01a385e50e8e57c5f15bc18b82e1304ed42dcbe38967d66a30a786e39ed847b

                                        performance.timing.connectEnd
                                    

#134 JavaScript::Eval (size: 25, repeated: 1) - SHA256: cfab5312f1cfff1e8162225ab27453306ff627f512bcf18225c0a305ca093e1c

                                        window.scrollbars.visible
                                    

#135 JavaScript::Eval (size: 16, repeated: 1) - SHA256: d17194a96291e963420dd3361221101c8fdb7d8d382fc8993563576d3fd29dd6

                                        navigator.vendor
                                    

#136 JavaScript::Eval (size: 34, repeated: 1) - SHA256: 3db042ba8dbf234b0ba7ed8b47e5c8cb58b267af983635a41652258f1e282c0c

                                        window.ScriptEngineBuildVersion();
                                    

#137 JavaScript::Eval (size: 37, repeated: 1) - SHA256: 6530649612f535f1adde48ecf8b5de0677e9b5d77db12eb3dfd90b79b363559e

                                        HTMLCanvasElement.prototype.toDataURL
                                    

#138 JavaScript::Eval (size: 23, repeated: 1) - SHA256: c5d184acbefde172c402f1100cb756d11e8a1c83484977f1d5975bc65a79a7c5

                                        navigator.cookieEnabled
                                    

#139 JavaScript::Eval (size: 25, repeated: 1) - SHA256: 329a9b85817fb7d3bb2492cbcb23f12b14cf9abd181473b838250e3b745fab50

                                        navigator.connection.type
                                    

Executed Writes (0)



HTTP Transactions (105)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 01 Jul 2022 14:48:58 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rTi0ttcFp46iQMSP04Onw4Z1o-Ik8CDF36n_wQGmJJEkGJvn75R5fQ==
Age: 2925


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3E2650132BC75A58C9B08C2A69EC353237F48E840D9D2481F9D5E63D92ABBC6F"
Last-Modified: Wed, 29 Jun 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8129
Expires: Fri, 01 Jul 2022 17:53:12 GMT
Date: Fri, 01 Jul 2022 15:37:43 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.99
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 01 Jul 2022 03:26:42 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DeswVUedlELMOI53ukRDjkDM-EIcSPFzsTVXOTdzrt9rinVZaq9Y9w==
age: 43862
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 01 Jul 2022 15:37:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /142823/t-28622-studio-tma-teacher-i-want-a-baby-rara-kudo-with-a-student-who-seduces-me HTTP/1.1 
Host: javtk.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.31.61
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 01 Jul 2022 15:37:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5y5ZD9kO9guu%2F7PKE%2BRpT1TosiFB%2BJEpiD%2Br1CVMQTejFsi0%2BCg3Xzzk1smgLx9IxYm7D%2B22sgWpPIZoOBrVgShPV6geDXM1YBXbFTCLFd6Hyq%2FhUk2iB%2Fh2G6s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7240397f9e23b4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2781)
Size:   7576
Md5:    1abdceb094d03858a4184edeb1a5009d
Sha1:   9fb49d96b8c3077ba704662bb56778b503918da0
Sha256: a5ce8da093a9e428867dc91f3a08f61d71bd9aec1b2f5852649fd3b9b37ed3ee
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6431
Cache-Control: 'max-age=158059'
Date: Fri, 01 Jul 2022 15:37:44 GMT
Last-Modified: Fri, 01 Jul 2022 13:50:33 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /css/main1.css HTTP/1.1 
Host: javtk.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/142823/t-28622-studio-tma-teacher-i-want-a-baby-rara-kudo-with-a-student-who-seduces-me

                                         
                                         104.21.31.61
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 01 Jul 2022 15:37:44 GMT
Content-Length: 37159
Connection: keep-alive
Last-Modified: Thu, 15 Oct 2020 21:29:26 GMT
ETag: "3b488-5b1bc57a5b980-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7195
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eA8KxkZ4FnYgBFX18NCgxNvxED5ZnBwLosb9BrjKqeo80XzvNrVS2PxiPJMJiYmdbUxH%2BJfSJlXlO%2BiLaLNqM8scuyqiczEZhkq%2FM5%2Fi%2F4dkXjAa6X1Tl%2FhCq1A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 724039861e23b4e8-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (34323)
Size:   37159
Md5:    ede18bd72cadfe49525e999bff2bb696
Sha1:   e65c1a6961f7055fdf488ed03dd836df1d24bbee
Sha256: 161ee11d380a293357588fc0f68d14210d052600877eb08f01e4b601807c4460
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 01 Jul 2022 15:37:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=UA-151939506-25 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://javtk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
                                        
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 01 Jul 2022 15:37:44 GMT
expires: Fri, 01 Jul 2022 15:37:44 GMT
cache-control: private, max-age=900
last-modified: Fri, 01 Jul 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 40326
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1596)
Size:   40326
Md5:    e609277c3acaa1d3d11c97b8a740d9cc
Sha1:   7e7851952a42c7586793a22f6810909e068d9b42
Sha256: 316bdd4f418dbf8f14ec56d04578454332da808c1e597b8ef2788d8ad2b6e98e
                                        
                                            GET /lv/esnk/1915108/code.js HTTP/1.1 
Host: go6shde9nj2itle.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         62.122.171.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 01 Jul 2022 15:37:44 GMT
Last-Modified: Wed, 29 Jun 2022 12:49:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62bc4a4c-20354"
X-JS-AB1: current
Timing-Allow-Origin: *
Accept-CH: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65530)
Size:   47690
Md5:    8e4d6ca9b4f232315e3a83fcbae116cb
Sha1:   8906b55883ac359873ec3fb5bd2a9a7f4e9a8168
Sha256: 4e7df1b744654d5b78d8c4cd1c250982b71169bd899b722c4768909b99e85443

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /t/9/fret/meow4/1766729/brt.js HTTP/1.1 
Host: fieldofbachus.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         62.122.171.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 01 Jul 2022 15:37:44 GMT
Last-Modified: Wed, 29 Jun 2022 12:49:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62bc4a4c-10838"
X-JS-AB1: current
Timing-Allow-Origin: *
Accept-CH: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65530)
Size:   25917
Md5:    e831597354587aaca64571281a22823a
Sha1:   241f9f0b6d724775e0a58010f1a1a284f8653650
Sha256: 51129517959da2ffb3310aadce7f67166e77aac9e2786c78b8a095a5a0719331
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 01 Jul 2022 15:37:44 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 28 Jun 2022 08:27:05 GMT
Expires: Tue, 05 Jul 2022 08:27:05 GMT
ETag: 6B681347909496FE61A8A122EAFC4873C6390DC0
Cache-Control: max-age=319160,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp4
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 72403986bac6b512-OSL

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EhZ1pBC4ZsoQuDe39BQf/Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.35.251.160
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IHHlIF+M38l1tKIJaP8Vn8u2F9E=

                                        
                                            GET /js/jads.js HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://javtk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.247
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 01 Jul 2022 15:37:44 GMT
Content-Length: 178
Connection: keep-alive
Location: jads2.js


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 01 Jul 2022 15:37:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 01 Jul 2022 14:38:48 GMT
Cache-Control: max-age=3600
Expires: Fri, 01 Jul 2022 15:19:15 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BG61DAGaqFxOm5lfw1flQycbbiD9u3-70chGquzT9pY163llW-Ewwg==
Age: 3536


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /js/jads2.js HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://javtk.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.247
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Fri, 01 Jul 2022 15:37:44 GMT
Last-Modified: Tue, 24 Dec 2019 19:10:29 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"5e0262a5-eae"
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3758), with no line terminators
Size:   1719
Md5:    558e1b61fc513016183a3812938e79fb
Sha1:   5f72ea61a2aad8f7a0956321d3fd8524db70eddf
Sha256: a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
                                        
                                            GET /c5/3b/93/c53b937a4f8b2f30be51036e594c33eb.js HTTP/1.1 
Host: pl15968334.toprevenuecpmnetwork.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Fri, 01 Jul 2022 15:37:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f8ca2448229a724c4b0028709c16aa9c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (33835), with no line terminators
Size:   11415
Md5:    b8dd651cff68476a19dca7845b8aab0c
Sha1:   9e6de38f8eea39b7fffdd16cda893ec91c39cb08
Sha256: d6df85ccb2286c6b167ac5feaba07f2c705372251c56902ad1c7847fd421e65c
                                        
                                            GET /03/76/c5/0376c5049b3cdb93416e29fae5a4fc40.js HTTP/1.1 
Host: pl15281306.toprevenuecpmnetwork.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         192.243.59.12
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.6
Date: Fri, 01 Jul 2022 15:37:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 02adc88e5f597b3ea735f7d0003b9ff4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (59690), with no line terminators
Size:   20537
Md5:    91c6c0e668987735ae5138e19a9cfc7f
Sha1:   e517bf1c3ebdbf91923a91ed39283338c9798805
Sha256: 2d36ba1f3e2d3350840b181e14724b94e06b66a57b044def047ee45b8a908b37

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /solid.gif?z=1766729&abvar=0 HTTP/1.1 
Host: fieldofbachus.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://javtk.com
Connection: keep-alive
Referer: http://javtk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         62.122.171.6
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 01 Jul 2022 15:37:45 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    28e463819a210071de3b45ebe7633613
Sha1:   6dccd571828ec0912629119cf7eabfea9f33ddbc
Sha256: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
                                        
                                            GET /sfp.js HTTP/1.1 
Host: addresseepaper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         104.21.235.2
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 01 Jul 2022 15:37:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 3ab68a32feb044fd9fb23474b24ff311
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Fri, 01 Jul 2022 15:37:45 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmx0wvqOpKD1jXGaWIl9cVJnuCw3MzytjsoQdE0oclVKcRxRNyYdST9oggOVU3nUb1%2BCn7MRyuVFxG43HTinyae0DpCbMrmtgoDV1CPyaiUqusJJyyJSv576Qp3peLprXrFOtIs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7240398a4c8372c6-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (49470), with no line terminators
Size:   14176
Md5:    2de9fb00f6f19c29e081dda2693bc32f
Sha1:   1f51956e718cb3b82816095a55204b8e56067841
Sha256: 98764e1a7e176610dcff6af21d572a28ae765096fa0f194e41c46fb5c2ddc19b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pixel/purst?dl=0&th=0&sc=0&rs=1715&rd=1715&fd=666&bv=22.4.v.1&tmpl=70 HTTP/1.1 
Host: steakeffort.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Fri, 01 Jul 2022 15:37:45 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165118
Date: Fri, 01 Jul 2022 15:37:45 GMT
Etag: "62bee974-1d7"
Expires: Sun, 03 Jul 2022 13:29:43 GMT
Last-Modified: Fri, 01 Jul 2022 12:32:52 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CZOW1eyphwFqkIMX59tkJizCFPpY7FlQuM7GHMOQkRHVNLAy424FcQ==
Age: 3411

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://javtk.com
Connection: keep-alive
Referer: http://javtk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.29.132.48
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 15:37:45 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://javtk.com
access-control-allow-credentials: true
set-cookie: uid_id2=68ce39d9-c4ad-4d8e-bd21-c15d411802e9:1:1; expires=Mon, 28 Jun 2032 15:37:45 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    be9fc426f1ebd70dfcdfd7aec0736b9e
Sha1:   4ed9350624eff46fdfba6c408180a1de0f07b7ce
Sha256: 0cb58d1b87ec0e50e79833ba9f9d7c5d3c54f3adf01b3f982c84c66343855dd7
                                        
                                            GET /ssp/req/1766729/?pb=c599f72c4b287b892c9248bf4365c4f81656697065&psp=39b0EjdFNNmeCMS4xb1RY4DBAjQtvnmM-2tCEwUy1mM1tUKjYvZwXhbVsJnV85Prd2R_KleKnklwiQ_cBy5eEEnKrj_Bcbfunu5cGlL-DS2NBc2ecZ1Kp2nHMLKbSVvPIVndLxwGpbiTqwMd9OJ2Dng3NaLZGnkofg-fGakFa_GwIks6iOFxt_EbVKpMGbaKfSugx6R5rwEhpDa4BSf5HIcSxlv0ocmUlUpOQj48VcTLlkeX3hoWc8czTM4PuXMoCki8DNDoKZsQIue2p40j4sAFLI1XSEFdGkJhOf9y3xlh5xz6cL9dG14-dqunrXiEvrO_fKhFQRXgZI8SiaxBC_8TyB9V4Juqkejge7_UKEr6Vq1xDahKIUaPwjdLTRbGo8V14uK68fJYD5vpHg512Iav7tJ8-QgzNqZaSpWUGczbdm4KatMVeXVdhQZYCd0S5TYirNGk_7wmfRVBtanoADCaafDc6l0x3zPy8cN1UBUPfa8_8OVJf8H86UuPgGZ8_PBqcvq1g_-t7a3l9GFGYegu6oo68nAayr6warALqMRQGa6VI7jYUGsgATmvzPik8YvY8vzwgKeEZ6KAAHRt7qw=&cb=_clm4iav6ni2dd2bt0w5rxi&nojs=0&ix=0&abvar=0&t=0&x=1152&y=921&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1 
Host: baradoot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://javtk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         62.122.171.6
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 01 Jul 2022 15:37:45 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22070110376cbdecc077854176b22faf929e; Path=/; Expires=Sat, 01 Jul 2023 15:37:45 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    a97eb6fbe6f13b601d5d48c0eba8baae
Sha1:   736efb938caf3d0edec406932ada889f1a4f2268
Sha256: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /js/main1.js HTTP/1.1 
Host: javtk.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/142823/t-28622-studio-tma-teacher-i-want-a-baby-rara-kudo-with-a-student-who-seduces-me

                                         
                                         104.21.31.61
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 01 Jul 2022 15:37:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 15 Oct 2020 21:29:58 GMT
ETag: "388c8-5b1bc598e0180-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5y6Bn3fe5OPU0faB1wn7mZaT2uh8TX0JviYmS5w9i0UTHa%2BY8sC3UBV4wFl2vmU30Ju5XFc03%2B0vand4T%2FhjmkKAqIcivnAmJHdg4ajY0k88rQ%2BiOSAmghZLRE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 724039862c68b4ee-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   70662
Md5:    3f5258c67bfcc01bd73575697917babb
Sha1:   d0f5a089154cf9595d100fdc0e353d1ded62eb7d
Sha256: 4de003054f17b7fe65218931318141477ccd7978635621ea6c77fa3d27102887
                                        
                                            GET /ssp/req/1766729/?pb=c599f72c4b287b892c9248bf4365c4f81656697065&psp=39b0EjdFNNmeCMS4xb1RY4DBAjQtvnmM-2tCEwUy1mM1tUKjYvZwXhbVsJnV85Prd2R_KleKnklwiQ_cBy5eEEnKrj_Bcbfunu5cGlL-DS2NBc2ecZ1Kp2nHMLKbSVvPIVndLxwGpbiTqwMd9OJ2Dng3NaLZGnkofg-fGakFa_GwIks6iOFxt_EbVKpMGbaKfSugx6R5rwEhpDa4BSf5HIcSxlv0ocmUlUpOQj48VcTLlkeX3hoWc8czTM4PuXMoCki8DNDoKZsQIue2p40j4sAFLI1XSEFdGkJhOf9y3xlh5xz6cL9dG14-dqunrXiEvrO_fKhFQRXgZI8SiaxBC_8TyB9V4Juqkejge7_UKEr6Vq1xDahKIUaPwjdLTRbGo8V14uK68fJYD5vpHg512Iav7tJ8-QgzNqZaSpWUGczbdm4KatMVeXVdhQZYCd0S5TYirNGk_7wmfRVBtanoADCaafDc6l0x3zPy8cN1UBUPfa8_8OVJf8H86UuPgGZ8_PBqcvq1g_-t7a3l9GFGYegu6oo68nAayr6warALqMRQGa6VI7jYUGsgATmvzPik8YvY8vzwgKeEZ6KAAHRt7qw=&cb=_clm4iav6ni2dd2bt0w5rxi&nojs=0&ix=0&abvar=0&t=0&x=1152&y=921&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1 
Host: baradoot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://javtk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         62.122.171.6
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 01 Jul 2022 15:37:45 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2207011037c162b355b52449dea37eb5667d; Path=/; Expires=Sat, 01 Jul 2023 15:37:45 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    a97eb6fbe6f13b601d5d48c0eba8baae
Sha1:   736efb938caf3d0edec406932ada889f1a4f2268
Sha256: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /chicken.gif?z=1915108&pb=c599f72c4b287b892c9248bf4365c4f81656697065&psp=F9IWXVj1FXD0G1f_uZPqqy0BdhROvj6E3n2bgY0OI31qDkTCLMo4oX1-rjvRiYqccV0f_LO6knptop9jqQ3seDmZg7HUam2ZKcyS-FATaWiIAWD9mmE3X2p7R-85vX65v1ycj0W19LGa-NZv0rUgNsc5sg5CR7p1aJ42jbAc8qjwOFFsHJPBomXfPhXIa8GVI1BW2kYWgWx8YKrq5BcxX8EnCQKkLeBAwem0Ga2M3QqKeTXQpLVicyGHEBtfN46T3ggWx8NoJYm2V6sdR7ucDD2NEDFkZqi6Sh5HwxUtFAuamXgm2W_EEDnT7JBvlbHEtWkuBVa4bo7en0g9NJl4LMkFf94cpOhBtCTYmYJWUiKqEFj8T301jY07i9rfGUoqNqqFBNn0Zo1heaEGB-uAtEuXhcdDthnXYESM35ImNBjiW-f3ydNKkg4IOc2YxtMYQWw9SuX-Lk4SsjSem7zqMLPssV9LqmoMb0NM3x0FtZ1PzLONOGm2ImSBPLJmT9SKFjOzszBwORDM3VcTzIxJD0RKywr2l4o0_6OIzYxJryTuI4EqWGyWYjcj0czlnw==&abvar=0&os=0 HTTP/1.1 
Host: go6shde9nj2itle.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=22070110377a95ace7933d4b5998cced094c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         62.122.171.6
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 01 Jul 2022 15:37:45 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OAICAP=ACvD1wAAAAAAAAAB; Path=/; Expires=Sun, 31 Jul 2022 15:37:45 GMT; Secure; SameSite=None OAIBLOCK=ACvD1wAAAABivn9Q; Path=/; Expires=Sun, 31 Jul 2022 15:37:45 GMT; Secure; SameSite=None OACICAP=ACCivQAAAAAAAAAB; Path=/; Expires=Sun, 31 Jul 2022 15:37:45 GMT; Secure; SameSite=None OACIBLOCK=ACCivQAAAABivn9Q; Path=/; Expires=Sun, 31 Jul 2022 15:37:45 GMT; Secure; SameSite=None ppucnt=0; Path=/; Expires=Sat, 02 Jul 2022 15:37:45 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    28e463819a210071de3b45ebe7633613
Sha1:   6dccd571828ec0912629119cf7eabfea9f33ddbc
Sha256: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: c.adsco.re
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://javtk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.166.186
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 15:37:45 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 01 Aug 2022 15:37:45 GMT
etag: W/"wV2/56Yx8F/L8kKxfXL2jw=="
cf-cache-status: HIT
age: 437415
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 7240398ccea40b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2253)
Size:   21866
Md5:    bb65b42ac5efb5dbbcde212b7278c214
Sha1:   12f7f8f1f395f3a4802fe7fa860eb4bd096d487b
Sha256: e86f9998cbf9644e82db79efeb2f7cb717127376d84585ed1cde54309fa5a357
                                        
                                            GET / HTTP/1.1 
Host: c.adsco.re
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/
Upgrade-Insecure-Requests: 1

                                         
                                         104.17.166.186
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Fri, 01 Jul 2022 15:37:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Mon, 01 Aug 2022 15:37:45 GMT
ETag: W/"wV2/56Yx8F/L8kKxfXL2jw=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 437415
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7240398d2d27b511-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2253)
Size:   24287
Md5:    75d6004cbd4bc6554897b9b2d607acbf
Sha1:   96e35241bfaea9e10b21769427b6037a391f2f3f
Sha256: 47767cddb607380cfc20783604ba1445c5a63346b96725d167fc1149d7a6f9d6
                                        
                                            GET / HTTP/1.1 
Host: 6.adsco.re
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://javtk.com
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         104.17.167.186
HTTP/1.1 200 OK
Content-Type: text/plain;charset=UTF-8
                                        
Date: Fri, 01 Jul 2022 15:37:45 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://javtk.com
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7240398d3fcdb518-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            GET / HTTP/1.1 
Host: 4.adsco.re
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://javtk.com
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         162.252.214.5
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 01 Jul 2022 15:37:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: http://javtk.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   62
Md5:    adde5febc7b5b6c2c759ec735cce83a0
Sha1:   77ec17be8a9970ff04663294d41c590d0d24fde4
Sha256: ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
                                        
                                            GET /adshow.php?adzone=821078 HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/
Upgrade-Insecure-Requests: 1

                                         
                                         185.94.236.247
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 01 Jul 2022 15:37:45 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=6a0afe412387f8bf9b852da989b33807; expires=Sat, 01-Jul-2023 15:37:45 GMT; Max-Age=31536000; path=/; domain=.jads.co imps50289=1; expires=Sat, 02-Jul-2022 15:37:45 GMT; Max-Age=86400; path=/; domain=.jads.co juicy_data_1=YToxOntpOjEzODkyMTI7aToxNjU2OTQ5MDY1O30%3D; expires=Mon, 04-Jul-2022 15:37:45 GMT; Max-Age=259200; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 04-Jul-2022 15:37:45 GMT; Max-Age=259200; domain=jads.co
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394), with CRLF, LF line terminators
Size:   1639
Md5:    c184f7f699744995e4d726168e6494cd
Sha1:   3121a4d956cf2a8bf0fb0935672f3cfe0ca93995
Sha256: 56f5660f0b89a3d20044445bb7b6dde3e91703b8888a1bc6c78ae39ff7316356
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1B578B83FBBDFDA6A52CF53E737AA5CA0FCF08D5A8C09E707DEA073990F58ABB"
Last-Modified: Wed, 29 Jun 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9432
Expires: Fri, 01 Jul 2022 18:14:57 GMT
Date: Fri, 01 Jul 2022 15:37:45 GMT
Connection: keep-alive

                                        
                                            GET /adshow.php?adzone=821079 HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/
Upgrade-Insecure-Requests: 1

                                         
                                         185.94.236.247
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 01 Jul 2022 15:37:45 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=6a0afe412387f8bf9b852da989b33807; expires=Sat, 01-Jul-2023 15:37:45 GMT; Max-Age=31536000; path=/; domain=.jads.co juicy_data_1=YTowOnt9; expires=Mon, 04-Jul-2022 15:37:45 GMT; Max-Age=259200; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 04-Jul-2022 15:37:45 GMT; Max-Age=259200; domain=jads.co
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (301), with CRLF, LF line terminators
Size:   1536
Md5:    dc2581586846dd99d9c22db6a18bf2f0
Sha1:   6f0c4fbf3f55dd1807d375020861438c7a69a2ab
Sha256: 05da3f8628d67444210cbdceca8e5535c323c03ecfbda9473f79c09b4c60bb3d
                                        
                                            POST / HTTP/1.1 
Host: w5tzd4neilxa.l4.adsco.re
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://javtk.com
Connection: keep-alive
Referer: http://javtk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.200.118.90
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Fri, 01 Jul 2022 15:37:45 GMT
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes

                                        
                                            GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 
Host: javtk.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://javtk.com/css/main1.css

                                         
                                         104.21.31.61
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Fri, 01 Jul 2022 15:37:45 GMT
Content-Length: 77160
Connection: keep-alive
Last-Modified: Mon, 25 Jun 2018 16:53:10 GMT
ETag: "12d68-56f7a376ae980"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WM9IcHf8UpHCTDIHNGEG4sCKxEEoFfL9hnIfzZv4%2FJX5iGWaAxRrtCOssylm3LSOJYiu%2FIpL0oq%2BwvU8Xuxo9f2QTEFLCnot6w3PlDLimbGVuSG2AJO7uya9ImU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7240398a6c56b4e8-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
                                        
                                            GET /adshow.php?adzone=821080 HTTP/1.1 
Host: poweredby.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/
Upgrade-Insecure-Requests: 1

                                         
                                         185.94.236.247
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 01 Jul 2022 15:37:45 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=6a0afe412387f8bf9b852da989b33807; expires=Sat, 01-Jul-2023 15:37:45 GMT; Max-Age=31536000; path=/; domain=.jads.co juicy_data_1=YTowOnt9; expires=Mon, 04-Jul-2022 15:37:45 GMT; Max-Age=259200; domain=jads.co juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 04-Jul-2022 15:37:45 GMT; Max-Age=259200; domain=jads.co
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1604), with CRLF, LF line terminators
Size:   1714
Md5:    eb62a0d3f5a31aba89d34339e4017a55
Sha1:   cf20f72e6f18927e09b7c7fa1ede08cc166737ca
Sha256: 39c90cd340e404221163d3357d2bc4c01d68fbba3ece6ebb8eb27fc02db8936e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BB7987C320E465E98FDCE95C8730F615878E802D859968B997EE803A3FB4268E"
Last-Modified: Wed, 29 Jun 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9723
Expires: Fri, 01 Jul 2022 18:19:49 GMT
Date: Fri, 01 Jul 2022 15:37:46 GMT
Connection: keep-alive

                                        
                                            GET /show.js HTTP/1.1 
Host: cdn.popcash.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         151.139.128.11
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 01 Jul 2022 15:37:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Apr 2022 19:24:27 GMT
Accept-Ranges: bytes
ETag: W/"625874eb-1b189"
Cache-Control: max-age=2592000, public
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvR4%2BwGLHccyPtWsFFnDvfAgpPDxvQSW7nNF4RT2kIXjsnZyhKN6KKLLRIY%2B7vSJ3O6sETXWnZGk7B5Tirarp9FBYGK5Jg%2FIxJvA559mwlaojbBg1PisyUuZuuz9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6fbeef13bd930b69-OSL
Vary: Accept-Encoding
X-HW: 1656689866.cds228.sk1.h2,1656689866.cds024.sk1.c
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 35574


--- Additional Info ---
Magic:  ASCII text, with very long lines (65387)
Size:   35574
Md5:    7b2b067b5fc3400a59c7cb6db214b1f1
Sha1:   ea3773766eb740dfa0214d0794982ed5d7781c35
Sha256: 6f11855d690e159cc8b68eff6a579eb47a3568cc4df0e5460100ae2eea25238a
                                        
                                            GET /sfp.js HTTP/1.1 
Host: creepingbrings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         104.21.234.232
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 01 Jul 2022 15:37:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 97eac138592a63c473573183443fa64f
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Fri, 01 Jul 2022 15:37:46 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFxf%2FCauCeVNha41drUSISALZGVehurR5mA%2BjXZHdEwbFBPRyFNNHiao6fwFQJGVsPaD8ytmyc93y9oOp1toIG6d7ukH0wj5g5Ikh03Xe%2BYAcIr63Gjetw3OWnONoSPXmm5inJ8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7240398eedff8e0c-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (49470), with no line terminators
Size:   14176
Md5:    2de9fb00f6f19c29e081dda2693bc32f
Sha1:   1f51956e718cb3b82816095a55204b8e56067841
Sha256: 98764e1a7e176610dcff6af21d572a28ae765096fa0f194e41c46fb5c2ddc19b
                                        
                                            GET /jsencrypt.min.js HTTP/1.1 
Host: www.cdn4ads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://javtk.com
Connection: keep-alive
Referer: http://javtk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         185.76.9.25
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 15:37:45 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
expires: Mon, 04 Jul 2022 16:59:56 GMT
access-control-allow-origin: *
link: <https://cdn4ads.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1656953996
server: CDN77-Turbo
x-77-nzt: AblMCRSFK6j/vTIFAA
x-77-nzt-ray: do+INMDZUTc
x-cache: HIT
x-age: 340669
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Size:   9266
Md5:    2d3033cb02ab259df1fc36e16114879b
Sha1:   9775ba89607184e5094fcc44fa8c1fea78e57115
Sha256: a86d89bc810165d21135814b6aadee8bc35ca382468b4df82a6e57e215bbda42
                                        
                                            POST / HTTP/1.1 
Host: w5tzd4neilxa.n4.adsco.re
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://javtk.com
Connection: keep-alive
Referer: http://javtk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         38.132.109.186
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Fri, 01 Jul 2022 15:37:46 GMT
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes

                                        
                                            GET /network/user81419/50289-1654836989-0879826001654836989.gif HTTP/1.1 
Host: i.jads.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://poweredby.jads.co/

                                         
                                         69.16.175.10
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 01 Jul 2022 15:37:46 GMT
Connection: Keep-Alive
ETag: "1654836989"
Cache-Control: max-age=29743859
Content-Length: 303073
Last-Modified: Fri, 10 Jun 2022 04:56:29 GMT
Accept-Ranges: bytes
X-HW: 1656689866.dop024.sk1.t,1656689866.cds215.sk1.c


--- Additional Info ---
Magic:  GIF image data, version 89a, 728 x 90\012- data
Size:   303073
Md5:    1e7333c98ac1853ae7edffe5cef86b0b
Sha1:   60db674f2790855e5656fc2ac1b1c6a563bbe25c
Sha256: bcac9add80305eab437d0d85d9d16a3a4bdf5f13c2de6357f5ffb459891be681
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 01 Jul 2022 15:37:46 GMT
Content-Length: 939
Connection: keep-alive
Expires: Tue, 05 Jul 2022 12:25:00 GMT
ETag: "fd1bf6ebf61926d2e96dfca9793e43654adf9070"
Last-Modified: Fri, 01 Jul 2022 12:25:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7240399068cbb4f9-OSL

                                        
                                            POST /p HTTP/1.1 
Host: adsco.re
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 1805
Origin: http://javtk.com
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         162.252.214.5
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 01 Jul 2022 15:37:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
AS-P-4: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: http://javtk.com
Access-Control-Allow-Credentials: true
AS-P-5: OK
AS-P-6: OK
AS-P-7: OK
AS-P-8: OK
AS-P-9: OK
AS-P-A: OK
AS-P-B: OK
AS-P-C: OK
AS-P-D: OK
AS-P-E: OK
AS-P-F: OK
AS-P-G: OK
AS-P-H: OK
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   171
Md5:    4b37703efbcd2ce0e233d4ec45da66cc
Sha1:   8e78e1fa81dbb9d5ff49dbbbc75e4c2b75adfdfc
Sha256: 1ad3808536e62ab859c59b769303412612e0d18b9ed714350fcf4addfc9daafc
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 01 Jul 2022 15:37:46 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 05 Jul 2022 12:23:53 GMT
ETag: "a2fad7caf5a8d0320159f89565e5cfcb7123958f"
Last-Modified: Fri, 01 Jul 2022 12:23:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1836
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 72403990cf4b0b49-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    5256590febf2dbe55264642bfac1f3f8
Sha1:   a2fad7caf5a8d0320159f89565e5cfcb7123958f
Sha256: 1f234a3beedee81de614ca74312bd2563d58a16e081314f00fad24d4a2547dc1
                                        
                                            GET /advertisers.js HTTP/1.1 
Host: poshhateful.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Fri, 01 Jul 2022 15:37:46 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 929ee72c53e93d59e053a05f28b0334e
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /metrika/tag.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycloudzz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         87.250.250.119
HTTP/2 200 OK
                                        
content-length: 71574
date: Fri, 01 Jul 2022 15:37:46 GMT
access-control-allow-origin: *
etag: "62b5603e-11796"
expires: Fri, 01 Jul 2022 16:37:46 GMT
last-modified: Fri, 24 Jun 2022 09:57:02 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (724)
Size:   71574
Md5:    84db7368f8dfdd00c69c1c3311646dd6
Sha1:   04c38e40d23b78538024f11898ab73df3f873ea8
Sha256: 3be14de7ae02579d93ea94473d02c74ebe2c0e01abbae2f1f69a81755a9558ca
                                        
                                            GET /znWaa3gu HTTP/1.1 
Host: dcba.popcash.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://javtk.com
Connection: keep-alive
Referer: http://javtk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         184.73.177.33
HTTP/2 204 No Content
                                        
date: Fri, 01 Jul 2022 15:37:46 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B"
Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5345
Expires: Fri, 01 Jul 2022 17:06:51 GMT
Date: Fri, 01 Jul 2022 15:37:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B"
Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5345
Expires: Fri, 01 Jul 2022 17:06:51 GMT
Date: Fri, 01 Jul 2022 15:37:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B"
Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5345
Expires: Fri, 01 Jul 2022 17:06:51 GMT
Date: Fri, 01 Jul 2022 15:37:46 GMT
Connection: keep-alive

                                        
                                            GET /tours/3/?tour=x1Rd&campaign=NcAyU&c=4&p=0&gender=f&disable_sound=0 HTTP/1.1 
Host: chaturbate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://poweredby.jads.co/
Connection: keep-alive
Cookie: __cf_bm=E25zrLx0.SAQOMdCjyissB59_AugiLsOiR7ipWYL0ww-1656689866-0-AXMocNkdf1YqnzuwumOv5E0VDm3T03CBOt5tmtsbSZ7oHW0EnNPSVtaGXrhKmnHoeabslBY+i0I2r09c0sFg3Qo=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.100.40
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 15:37:46 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Language, Cookie
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
cache-control: no-cache
set-cookie: stcki="pOtSwZ=1\054FqPd9a=0\0546pduSG=0\054aDBbcK=0"; expires=Sun, 31-Jul-2022 15:37:46 GMT; Max-Age=2592000; Path=/ affkey="eJyrVipSslJQyigpKbDS1y/IL08tSk1JqtTLSkwp1kvO11eqBQDCHQt1"; Domain=.chaturbate.com; expires=Sun, 31-Jul-2022 15:37:46 GMT; Max-Age=2592000; Path=/ sbr=sec:sbr5dab2049-d5c2-4272-90ab-6f29ad253936:1o7IiI:leR4ePUcfx7zd9tQeL6mz8ou0t4; Domain=.chaturbate.com; expires=Wed, 26-Mar-2025 15:37:46 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 72403990ddf01c02-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31162)
Size:   15160
Md5:    c187d498803e3df78438686604aec037
Sha1:   78c495299a6ab2b45d9329c81a6c1a40b34f007b
Sha256: dabea348d2708299877a11901dd21b0146832958afbd10e0b5f9480506754d5f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc64139e3-1714-4207-9f83-6963efdebdb1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11303
x-amzn-requestid: bb4e28bd-b8fe-46aa-b7e1-9df6f52c9d34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UeQW-EnzIAMFSfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bbfa92-4788a606125c42431ba5c73a;Sampled=0
x-amzn-remapped-date: Wed, 29 Jun 2022 07:09:06 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FECr8vnUNXIJXah4ilgSdBbkbjEIYjsLUdys3R4NE65S9iuOzjcSwQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 01 Jul 2022 07:42:41 GMT
age: 28505
etag: "91d2dc48008a198adb2b740bec1843a146f826c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11303
Md5:    b38a21dc4af2a753ec1149a58eca2ee2
Sha1:   91d2dc48008a198adb2b740bec1843a146f826c1
Sha256: 2e56992e4642c248dd330fc1343977dedd2ec4e944564214be432f3f390488e7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf1e617a-6fd1-48e4-960a-73bddd0fb482.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9555
x-amzn-requestid: ddc50c80-7b41-4709-952d-096c3fcfc5a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UUXJ-HsgIAMFwag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b80572-1ecc47e74333e7c2352e2e0e;Sampled=0
x-amzn-remapped-date: Sun, 26 Jun 2022 07:06:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fx_8uoi08YuMMK-Gg4rNkPq53DuRCUSW_zVMfl3JfmlrKn5VjQl4SQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Jun 2022 19:57:44 GMT
age: 70802
etag: "e52d1a0382cee461a2ba0df6d554cdb82087ff49"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9555
Md5:    8f957d00754df49ffe6ebbcf869b528a
Sha1:   e52d1a0382cee461a2ba0df6d554cdb82087ff49
Sha256: 87a80c1e2f261504f8e821829babcce76b00de442bd7c6f9880b2932b2864839
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd936a38-7fb2-43eb-b94b-bd2c81ade0b1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6777
x-amzn-requestid: c005a5ae-e474-43cb-9973-43dd74949627
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ujh1tGKcIAMF3Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62be168a-25378680023affeb0bffc59f;Sampled=0
x-amzn-remapped-date: Thu, 30 Jun 2022 21:32:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 000k2cEQiMmUv5ID8GTy9B1KwjTaNmfTKRd0P7ysMmgXmPx1emJJRA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Jun 2022 21:53:10 GMT
age: 63876
etag: "3ef7bccae71f2082f56d185cb2e009f35eee08df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6777
Md5:    da6177e6bf4587c118780e44a2277b81
Sha1:   3ef7bccae71f2082f56d185cb2e009f35eee08df
Sha256: e49dafb03a8e282c3137b9efa813a9b0da81da02d1f128e40b9609d31d62d9bd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6db634e-e239-4b93-881b-a8655a27d650.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8188
x-amzn-requestid: 27339e76-dbd1-45f6-b0d3-d60795d3402c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Uji5yEvRIAMFoEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62be183e-71771e9a59cd04481fa7155b;Sampled=0
x-amzn-remapped-date: Thu, 30 Jun 2022 21:40:14 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iyLcPUUXob_B75mtzJaEBU0CV9Qs99qBmJMQB_X1Py5d-CEkrHYiGg==
via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Jun 2022 21:57:04 GMT
age: 63642
etag: "bce84b1e6ac56efc7ad37190eeefd129183d2a2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8188
Md5:    a00287c642d20230cf09897d4c7cf848
Sha1:   bce84b1e6ac56efc7ad37190eeefd129183d2a2b
Sha256: 6e2b5ba420cba4324d3f1232a680ebff32babd2bc7fbc125d16f32b7bdc19b34
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fb8f8ac-1447-4cbf-a03d-3b6276064e5d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5228
x-amzn-requestid: aa2ae070-d7af-4ab5-a62b-cd3133c0717d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UXjQMF1fIAMFm-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b94c01-39c87d2c65b06bc212bee113;Sampled=0
x-amzn-remapped-date: Mon, 27 Jun 2022 06:19:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -hFyOxRNAoBAZwq1tZEZx-WmK1wrvy7_GMngpvsKzKrngHEWN8dWTg==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Jun 2022 22:03:52 GMT
age: 63234
etag: "ce25cc6aba5d9ebdd79eb30b51847cf96807f608"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5228
Md5:    2403216bc2dcf981397210dd8c97d21b
Sha1:   ce25cc6aba5d9ebdd79eb30b51847cf96807f608
Sha256: ca2d93917806e02e9015493ba5fee438c720d23509a2628bc1bf13e4bb76128d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1934ff6c-738b-4ee1-a3a7-f172a73da4bd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10798
x-amzn-requestid: ec008800-0485-48fc-ad7d-1f28baff782f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UjickERbIAMF1NA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62be1783-328a674d1742f9c236542ec2;Sampled=0
x-amzn-remapped-date: Thu, 30 Jun 2022 21:37:07 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: o3AnxqrsGxaBlFc3pR1fNbgG8owT3PJgY29iVJBLj3DXcaZYfGX0EQ==
via: 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Jun 2022 22:03:52 GMT
age: 63234
etag: "7db6b42dda26780d3a6cf5c9e3761db08722c630"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10798
Md5:    23c2976b6fa0265e05566907f71bd9e3
Sha1:   7db6b42dda26780d3a6cf5c9e3761db08722c630
Sha256: a706e15acd54d9ffa304b4f931c811c57ba91e4d58c3970794a77eb873be3287
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4DB478A49D7FB75BBA053384DA8C2EE4548222328B321A8FD1CEA798FE6237B7"
Last-Modified: Wed, 29 Jun 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12226
Expires: Fri, 01 Jul 2022 19:01:32 GMT
Date: Fri, 01 Jul 2022 15:37:46 GMT
Connection: keep-alive

                                        
                                            GET /P.html?_=BAYAYr8UygFivxTKgAGBAsAAIAN-GNwUqa8F3eluC3idPUUvok481412CkSvfFuth7HBwQBHMEUCIDhiXacPueQ9okthtZeZ1ssP4S47lbRylzcW44xJbiWZAiEAyC8Lbl41BJWeF67hUJtej98ug6B_rZ85jvf_C0k0sao&v=4&gHpSPowU=3862038&minBid=&TksazSXH=1,1,0&rRbpPXTY=&mbofwxHD=&s=1280,1024,1,1280,1024,0 HTTP/1.1 
Host: cdn4ads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         216.59.63.128
HTTP/1.1 200 OK
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
content-type: application/javascript; charset=utf-8
set-cookie: PP_CV=yes; expires=Fri, 01-Jul-2022 16:37:46 GMT; Max-Age=3600 fraudcheck=29b1abdec8beef23b8dbfa2b212b58e6; expires=Sun, 31-Jul-2022 15:37:46 GMT; Max-Age=2592000; path=/; domain=.popads.net PopAds_CF_Pass=1; expires=Fri, 01-Jul-2022 21:37:46 GMT; Max-Age=21600
link: <https://streetmonumentemulate.com>;rel=preconnect
content-length: 836
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 01 Jul 2022 15:37:46 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (1088), with no line terminators
Size:   836
Md5:    89b3404a9040f8b6913ee960550459d1
Sha1:   eea2cf46a10139305e8deae942368a64b11ca658
Sha256: 1b71bed1fc516c9526bebc6c862a11f3f4db9c0f0cdd687ec30f41163718f0d3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B1D2722EADC8093D960F702C048C8958C5742F8D01E28D42DCD702CB348EB015"
Last-Modified: Wed, 29 Jun 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3526
Expires: Fri, 01 Jul 2022 16:36:32 GMT
Date: Fri, 01 Jul 2022 15:37:46 GMT
Connection: keep-alive

                                        
                                            GET /riw/lilamytee1.jpg?1656689850 HTTP/1.1 
Host: roomimg.stream.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.241.83
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 15:37:46 GMT
content-type: image/jpeg
content-length: 14071
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=14099
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27
last-modified: Fri, 01 Jul 2022 15:37:19 GMT
expires: Fri, 01 Jul 2022 15:38:16 GMT
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nliZ7pPLWHYbo9P5PkAIM8cs%2BPO%2FitlYQjuhxg1xzptY0MNWhTEEsLblrq8NATpi1tTsZHedWiawAlooGhlXZTGUzf5gIC%2Fvq3a%2BKDcrwSMESumVdWnHXkOUseZ%2FfceZFWYgPgYFLc5VmQtqvif0DUQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=u6wePla4Uaxf9JHsH9SKSF1KYOOEKvhFRUCz6gnUBfo-1656689866926-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 724039943d9cb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 959x960, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Size:   14071
Md5:    5f2bdee1df7d46b0252cb84ee2b5fb8d
Sha1:   a0c0e00f82570ddb486aebbbe6b30ef0cb774848
Sha256: d7381ecc2b7778a346e433d14bde3ef78b4552d42cdcb36764f670eb193702f6
                                        
                                            GET /riw/sexy_b0rsch.jpg?1656689850 HTTP/1.1 
Host: roomimg.stream.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.241.83
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 15:37:46 GMT
content-type: image/jpeg
content-length: 9109
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=9134
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 4
last-modified: Fri, 01 Jul 2022 15:37:42 GMT
expires: Fri, 01 Jul 2022 15:38:16 GMT
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUdon3MWScNgiKlBeHxMFVDAjwdnxLHHCa6lk7GNLYzL1lbj4UFZ77DBl7QKyaDpLVJiviKudTcobl9JvfAO77PZ4yZm9laNQ6YnqoAeqIjSRBfXG5xb%2FcE6MPP%2BAOeG6eh8UtYv1wUAWL7ofXmsUFg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=UWotKVU3q8D1pVL7tOmR5mDturO8NiE0O_NxXB.wgeU-1656689866927-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 724039943d9fb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Size:   9109
Md5:    71a7bbf1a88bfc86046c662cf36a9df1
Sha1:   a3c483fbf47c08ffc5b136838e6d0d37979845e3
Sha256: a6f16b017c64e928842c9be8c58d1889c505ab28354fe9d7e7c72ec637a2f932
                                        
                                            GET /riw/burmilla1.jpg?1656689850 HTTP/1.1 
Host: roomimg.stream.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.241.83
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 15:37:46 GMT
content-type: image/jpeg
content-length: 11659
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=11784
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 17
last-modified: Fri, 01 Jul 2022 15:37:29 GMT
expires: Fri, 01 Jul 2022 15:38:16 GMT
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpaepLN1LKgN26W%2B2XsVg%2F4z%2BJl%2Bq%2F9Nzi7XgE9JA%2BBPpyDkM6PcxH7%2FSEvQvhLBwyIckJFRzHph5ateGLDVy1aWx1Dt3CuZ7Bkn%2BWwcAOMZMFqWaZe4E6TC8D1IRoSiNRvL6GEz6N%2Bg78M05sTk%2B54%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=UWotKVU3q8D1pVL7tOmR5mDturO8NiE0O_NxXB.wgeU-1656689866927-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 724039943d9db505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 959x960, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Size:   11659
Md5:    fa7887c94178c8cac2ccea6887de2196
Sha1:   88cd754218fef3fe39da8c941ea508ac03d4f5ba
Sha256: 0405c0eb537280d849ad6f93f0b8e9b9d8f32455f6d1934e3ead4554699ecd97
                                        
                                            GET /riw/krissone.jpg?1656689850 HTTP/1.1 
Host: roomimg.stream.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.241.83
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 15:37:46 GMT
content-type: image/jpeg
content-length: 13556
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 12
last-modified: Fri, 01 Jul 2022 15:37:34 GMT
expires: Fri, 01 Jul 2022 15:38:16 GMT
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBEtW%2FYK9IozczDMshMtqieQmn4nxalK0cYjz8d6P3My4HJu%2BLjMOYqqGk1U1OhwososcuICKS45leb%2BQnItn%2B0QRZjIbzGofWotXWn%2FY48wc%2Fw6NtN24GXqM%2BaUsv%2BdnO1t81qFkk8nivqzE6awAO0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=eYrJhA2xbdWfXx7Plv4eisiuthNz998zwo.0UQeQA2s-1656689866928-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 724039943d9ab505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 480x270, components 3\012- data
Size:   13556
Md5:    d2d2caf654aa3906efb8babb853c9957
Sha1:   9434cee8d8cac266545230475acd788857238ce4
Sha256: 99405ea00d5ef16210344b3d859a886ab2ffde43498e8d1166c7978534107ddc
                                        
                                            GET /images/ico-cams.png?829027f88094 HTTP/1.1 
Host: static-assets.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/CACHE/css/output.801640f58f0b.css
Cookie: _cfuvid=u6wePla4Uaxf9JHsH9SKSF1KYOOEKvhFRUCz6gnUBfo-1656689866926-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.94.42
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 15:37:46 GMT
content-type: image/png
content-length: 549
cache-control: public, max-age=2592000
cf-bgj: imgq:100,h2pri,csam-hash
cf-polished: origSize=1457
etag: "58ecd9d7af4908cce84eccd4cbd6f0d0"
last-modified: Tue, 19 Jan 2021 22:03:22 GMT
x-amz-id-2: uk+Y+mMt51OLA32rfvOrwKQRVhebnzwVD7WNGN89HYS/N/FIKgMltVMzadOcg1MyUuhiPycAlHk=
x-amz-meta-s3cmd-attrs: md5:58ecd9d7af4908cce84eccd4cbd6f0d0
x-amz-request-id: 2BDHEK7PHQPF17BP
cf-cache-status: HIT
age: 1248650
expires: Sun, 31 Jul 2022 15:37:46 GMT
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Wkyztp4cNRqkAMLvmVRNxJjsVi7HRhCpcM8Ag%2FTta%2BGsDZEyxnRqlo6op3IXxQLujxKZxNVJ1FtSFuvg%2BrfDGWcUhWGtqVJkNLoBGjHmt1%2Bf9W3QnhlDfChkD4EGT84g4EFji3TityKwji6avavNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 724039946b370b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 13 x 15, 8-bit colormap, non-interlaced\012- data
Size:   549
Md5:    4437b02e2efeaa0eb69858a7eb957af6
Sha1:   2dfa9c3fa2fc56c7504c043876eaad9526abed62
Sha256: 52dc5730b7afd3f35531dcca2bd7b9984f0271d15c8b449c4b1d425dddf12a33
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://javtk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Fri, 01 Jul 2022 14:41:12 GMT
expires: Fri, 01 Jul 2022 16:41:12 GMT
cache-control: public, max-age=7200
age: 3394
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycloudzz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.250.119
HTTP/2 200 OK
                                        
content-length: 43
date: Fri, 01 Jul 2022 15:37:46 GMT
access-control-allow-origin: *
etag: "62b5603e-2b"
expires: Fri, 01 Jul 2022 16:37:46 GMT
accept-ranges: bytes
last-modified: Fri, 24 Jun 2022 09:57:02 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /watch/88698312/1 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycloudzz.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.250.119
HTTP/2 200 OK
                                        
content-length: 43
date: Fri, 01 Jul 2022 15:37:46 GMT
pragma: no-cache
expires: Fri, 01-Jul-2022 15:37:46 GMT
x-xss-protection: 1; mode=block
last-modified: Fri, 01-Jul-2022 15:37:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /images/ico-female.svg?818c9c4c368f HTTP/1.1 
Host: static-assets.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/CACHE/css/output.801640f58f0b.css
Cookie: _cfuvid=u6wePla4Uaxf9JHsH9SKSF1KYOOEKvhFRUCz6gnUBfo-1656689866926-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.94.42
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 15:37:46 GMT
content-type: image/svg+xml
x-amz-id-2: SJJrNwVRov8N2XC88Y79re1WW5F9HPkqgb23MKyJYfSKA/6A8G8zqZPx3mPabUpoYiIi2DaJyOo=
x-amz-request-id: B65B7C33MY399T80
last-modified: Tue, 09 Mar 2021 22:37:01 GMT
etag: W/"304b64c8f4b6c7e0c36c86b419151c45"
x-amz-meta-s3cmd-attrs: md5:304b64c8f4b6c7e0c36c86b419151c45
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 48187
expires: Sun, 31 Jul 2022 15:37:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OS6B9DTbKSJG2osHeVZQVWpNlNAxK9pV1oqrYDuK%2FXdNO3OIWx%2FWWJB6nJtAlpC%2B0poaouIZGG2fBQX83eaonDAoTSpeeyZYBKZg%2BhOjebN%2BhWAM3VCkHlDJPJd2i%2BYaC3nXQhZo9Bfqq4QowZKoLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 724039946b360b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (547)
Size:   2621
Md5:    7ba3feff7f400650f01b9acbbca0df87
Sha1:   b712ae586f39f561406a65e83f548e819f2ed90f
Sha256: b8a5da4bab59b21a2718e9c516adcf432a1334647f4b6e92d6e43e445a646885
                                        
                                            GET /sbar.json?key=c53b937a4f8b2f30be51036e594c33eb&uuid=68ce39d9-c4ad-4d8e-bd21-c15d411802e9%3A1%3A1 HTTP/1.1 
Host: crumbtypewriterhome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://javtk.com
Connection: keep-alive
Referer: http://javtk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.12
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.17.6
Date: Fri, 01 Jul 2022 15:37:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://javtk.com
Access-Control-Allow-Origin: http://javtk.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15867835; expires=Sat, 02 Jul 2022 15:37:46 GMT; secure; SameSite=None uid_id2=68ce39d9-c4ad-4d8e-bd21-c15d411802e9:1:1; expires=Fri, 08 Jul 2022 15:37:46 GMT; secure; SameSite=None pdhtkv=true; expires=Sat, 02 Jul 2022 15:37:47 GMT; secure; SameSite=None uncs=1; expires=Sat, 02 Jul 2022 15:37:47 GMT; secure; SameSite=None pdhtkv29=true; expires=Sat, 02 Jul 2022 15:37:47 GMT; secure; SameSite=None uncs29=1; expires=Sat, 02 Jul 2022 15:37:47 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c07574bec4146c2e6365e78d57c5972e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (6973), with no line terminators
Size:   5014
Md5:    249f0b1da8a67162b209000c5c38c8a7
Sha1:   51862ed93a89351068c911df6bd66d2c4eefb89a
Sha256: 282a9937605103fc0189e820dfb20cc72df8e1ef545ec30d4df7fbde35e927a3

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /asset/userdata/198861/player/16021_poster.png?v=1639535693 HTTP/1.1 
Host: thumb.fvs.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycloudzz.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.23.136.25
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 15:37:47 GMT
content-type: image/png
content-length: 1842
last-modified: Wed, 15 Dec 2021 02:34:53 GMT
etag: "61b9544d-732"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 724039947bd3b529-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 640 x 360, 4-bit colormap, non-interlaced\012- data
Size:   1842
Md5:    22723e13a4ca9f675466a449798b9b98
Sha1:   94ee5efb603aa8ff47b993e5934ae55f980c19fd
Sha256: f80b97f6da7a1ebe32a8bc4fcf2dc84ea60360ca236c706256193ebaae97f035
                                        
                                            GET /nr-spa-1216.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.137
HTTP/2 200 OK
                                        
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 01 Jul 2022 15:37:47 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 3928
x-timer: S1656689867.273501,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32010)
Size:   18216
Md5:    6561a2403142205f966207d61576f1a6
Sha1:   1310e72f494e12ab63a4280fc1600a2c89dc9bb8
Sha256: 0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F99CDAD90F92AFC78F2F2E23F852665EC3F7C3EDDEE26C700E8E4C1A1D9D5327"
Last-Modified: Fri, 01 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3569
Expires: Fri, 01 Jul 2022 16:37:16 GMT
Date: Fri, 01 Jul 2022 15:37:47 GMT
Connection: keep-alive

                                        
                                            GET /ren.gif?sid=H4sIAAAAAAAC%2F5xUW4scRRSujksQBFHZF8VLw2hMwJ3ty0zPTEJY987gZnfZWWPIS6iuqp6tTPWFqu7pyYIQjEjAC2P%2BQHrP5GI0JEZQomKU2UDAecr4NA%2Bu%2BA9CAj7LTBbjBRQsaM45%2FR36%2B77Th3pvK9lBBiR4MHck3ORC4Mli3tD3HzPNQ%2FoSD5KW3io7J5zCIV02D1acvHFAX2SkEU5ahmkYpmHqC1wyL2xNDkHg0dWKma8Y%2BYKVN4sFaMm%2F1irRQGENaHMHPQOc9sdua%2BPASRcC%2F%2FM5phpxGL027ycCx6GEJr38ZtAIwjQA%2F1HqSQ284PJuN4Tq7sItCIOLI7kQNv9odHkfaXdugRtc3hUJbvPCSKcrgAXg0icgbXaBiS5w3AUSngFO7yIAQmF5BQL%2F0nIoU3zqIYqHaB%2BN%2FfYAeNpHYz%2BPQ%2BBfmxG8pddCkcQ8DBS0vAx4qwu83oUo2YZ4cw%2FwdBtI%2FA5wiiDwM%2BB08LJTJsyu0MoEKWA6UaBlNuFSy5wgZpEWTLNsWKwyGgznXeBeFwRrA1YaJMOHa5B4GiSRBj4d6MQ0zZJBCTbKFUJsWmKuQw0TlzwTm4ZThoQMtbchjtpARBuIPA2RPA0N3gaZ%2FABqIwNFNVAxgibNIGUIUoUgxQhSjiCNEaTN7CIVylLZJSpU4pq70dqNdtYJ4%2FoWvhjGdRagrWgHPT0a2P2XvoUGG%2BikaLsVu4QLXtm1PNtwWdE0bIcVKwVi28wFxTPgas%2FI5ibvo703BES8j%2FbUvgQXb4MS20D4U4CTFwCnnZJlAN7oFMoGbAZXTuJm3MiT0AcaZhDFYxCf0rbEDnp2JMJ68CMw0pv6euWXQ%2FT480BkBpHM4CS%2FjaAuznbWwhRdWAtThW6sRDH3%2BSYe%2FtFajGOGPn2DnUpDSatzqn1lmgyBYXp1nal4CQeUB3WFPpvhlDK5EErC0HdV9RZzVxO1MZPIIImWVmcXqn4kmVI8DLqA%2Bd3jTwLhffT4VzdHq%2Frc7H3gchtkMrA24jhSBycnW77IS4ZFzH024XI69DdJBCeNKX44ORadjJanvbXV%2BgkD%2FKQ39cX45q%2BL18aBh10g0btXcrn16vrSfC43eOXe%2BXMf1FjLCyVT0fZNqZjQPYn1alBnUt9v5J2Gf%2BB6Ljc3X5tdq66uV1eWc7nBvqNc6DTRG0EiBNN9Vte5TnF9Sq81JG8OX9w7f%2B7967nc0vTa4vyJ6pHpxSGd868G4o3EdwPMxd9NfJLLVWdHxK%2F%2Fvw%2Fs4349PsxJGICKemj3gAoRSNGb%2BujtlUGtPQNupEH6X2OOeIv9g6AjLbc3dfTe3g9vfnMHBO%2Bjov0qCPaIC7sZqD%2FV7qN8S52FunwRcHxmdA80ZQZNkQEWbVDJY504kr2pn%2BzRAVdoHVdI7YIrpPj44QIrPtBLtm1gp1I0SyXMSm7BKnuOSTG2Co7lONiGWPXd78d7vwMAAP%2F%2FAQAA%2F%2F9V6V0P2wUAAA%3D%3D HTTP/1.1 
Host: crumbtypewriterhome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://javtk.com/
Cookie: u_pl=15867835; uid_id2=68ce39d9-c4ad-4d8e-bd21-c15d411802e9:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.12
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.6
Date: Fri, 01 Jul 2022 15:37:47 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fe3ae46547e02153fec4c25118d099bc
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /favicon.png HTTP/1.1 
Host: javtk.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/142823/t-28622-studio-tma-teacher-i-want-a-baby-rara-kudo-with-a-student-who-seduces-me
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=68ce39d9-c4ad-4d8e-bd21-c15d411802e9%3A1%3A1; a=TmTFD131CKvLP8ObTs4oXPLRqwUuLo2y; ppu_main_0376c5049b3cdb93416e29fae5a4fc40=1; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BAYAYr8UygFivxTKgAGBAsAAIAN-GNwUqa8F3eluC3idPUUvok481412CkSvfFuth7HBwQBHMEUCIDhiXacPueQ9okthtZeZ1ssP4S47lbRylzcW44xJbiWZAiEAyC8Lbl41BJWeF67hUJtej98ug6B_rZ85jvf_C0k0sao; sb_main_c53b937a4f8b2f30be51036e594c33eb=1; sb_count_c53b937a4f8b2f30be51036e594c33eb=1

                                         
                                         104.21.31.61
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 01 Jul 2022 15:37:47 GMT
Content-Length: 1473
Connection: keep-alive
Last-Modified: Sat, 09 Nov 2019 18:46:30 GMT
ETag: "5c1-596ee5110ed80"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzIGFb43NO%2BJWaE7DF%2BGgLIHNzUHoO%2FJbGqIAs1OmeRa2BIXES1EVGoyEDd%2FOp%2FWQbIFiSISxS2rvQ0gQgWhzYuv3zkcKM1pO%2FepfYmr8AYI814M6P8X4fg6Hpw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 724039943f17b4ee-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1473
Md5:    883896b692161f8a017c9bbd84748fe3
Sha1:   49b054ee565148de1cf5f1621fba073e1bb85138
Sha256: 382dfc051db7e02761621a419cbfdeb337ef6b6adabe459d39731b5a4bec70ac
                                        
                                            GET /1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1234&ck=1&ref=https://chaturbate.com/tours/3/&ap=38&be=777&fe=1107&dc=881&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1656689866110,%22n%22:0,%22r%22:0,%22re%22:476,%22f%22:476,%22dn%22:476,%22dne%22:476,%22c%22:476,%22s%22:476,%22ce%22:476,%22rq%22:491,%22rp%22:711,%22rpe%22:716,%22dl%22:765,%22di%22:877,%22ds%22:880,%22de%22:881,%22dc%22:1106,%22l%22:1106,%22le%22:1107%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=1066&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFQNBQoIWAMJWVEFVQBXDxh2Yi0TFUMhJTshCU0XAwlXHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEwBSVwJRVlENGA8CUQAUVVNVBU4HDQ0LHFgECwcBWwJaXgEGCBNNE0sEBAYWBhQbDxtZFUVJW01MFAwRXEdcVQNIFwsDBxdNBVYaGx1DQ1wQFwYXFzlUUE1ZDlUbW0AkITdEFRdJSBVZVg89FQERFVBaVxNbEwpPVEFIQRNYal1UF1haBD0FBQ4PVUwbC0N%2BTQkHEUZPRExUZlUER1ACBzwQGhZcFwMTBVRKChYMFEFKG0BYbg5CZgcDDg0PHxsPG30IX0wZQE9GFgdmWkpuF1RLEgsMCkFcGxcVExRQZgMQDBMQA0tqX1AMWFUYQFlGJQ9LUF9eGRMVQxcCOwEUVkJKVBNuTwQQEA0MCBsPGwhXHwlDTkERAjlKQUtYD1YbW0AuCxkPVVlYHlQfCUFKO1VSXRl5UF8USRkZWlU7VVICFUtHWwgPT1JKRCQDWl5WHlMBCFFSUlRSRn9cS1QHXkFOW1VKU0QVF15YFW5aDg8ODRdEAxdaCQQDAVJXUAEHUV8XFRMRUEsADxBGWURCaRtFDkRLPUBZRD9EQQRrVT0TFUE%2BQQcCC0lUUFYPbRtbQj9GLQV4TGxtQx0ZPUAAOEFcGWkbBT0TFUE%2BQRQ/RAMVZRNRbRtNQj9GBANXUVxDPRMDQT5BAj9EFRVlEwVYSgAADwE8FVZAV1U9EwNBPkFUP0REFxUTBF1QBgsBCAY5SkVVWBVuTQQRFxdBXBsVfUICR0sjU0MgEAVPR3sDQXVKAhQRJlBGfUZaRxNzDUFAT0YGClBSUFMNVGYSEg8NFzlNUEpFEm5XEkBZRkMCUEZaXhdUSxg9EwUEAxkXFRMAUk0IFAY7EBZVXE1uFVRKFRFBXkFGfUZaRxNzCEFAHhk%3D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Fri, 01 Jul 2022 15:37:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 72403996e933b4f9-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=6a89b361b183d031; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   72
Md5:    107d93e382e2c9b00fbf9fb0edc65d86
Sha1:   77e750e3ebf9706f4f6dd253785602d70be17c6c
Sha256: a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
                                        
                                            GET /v/rxgeluenpyz6gj5 HTTP/1.1 
Host: mycloudzz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://javtk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.21.3.245
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 15:37:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: EXPIRED
last-modified: Thu, 30 Jun 2022 14:03:25 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4nuXMN8AykHd1bidsSURezK5WY12UUsLPf1J65JhwCTj1%2FrgNqEjvPO2h20djzEAYYXQ1RKKjwZNAMXTgzMUebrWIJp4U6U4H8%2FhT6QEpKE2tmQD6gnyTCeQsvOtHGb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7240398abcdfb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1861
Md5:    5b0d30aebc8c57c0b570430e7af956f6
Sha1:   c5d3a48cf35adda5e17d66e85c6b46b4da73457f
Sha256: 1580c3a317f0dc82b08400ba85ff46ee44d08a66a5ce5b45428c9fdafb04788a
                                        
                                            GET /1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1264&ck=1&ref=https://chaturbate.com/tours/3/&ap=22&be=751&fe=1137&dc=900&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1656689866089,%22n%22:0,%22r%22:0,%22re%22:323,%22f%22:323,%22dn%22:323,%22dne%22:323,%22c%22:323,%22s%22:323,%22ce%22:323,%22rq%22:326,%22rp%22:506,%22rpe%22:520,%22dl%22:719,%22di%22:895,%22ds%22:899,%22de%22:900,%22dc%22:1136,%22l%22:1136,%22le%22:1138%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=1088&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFQNBQoIWAFdBQRTVQBWCxh2Yi0TFUMhJTshCU0XAwlRHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEwwFAwFWU1IAGF0EAgMUVVBUVk5fCVRbHFdXC1gDB1ZWVQAGDxNNE0sEBAYWBhQbDxtZFUVJW01MFAwRXEdcVQNIFwsDBxdNBVYaGx1DQ1wQFwYXFzlUUE1ZDlUbW0AkITdEFRdJSBVZVg89FQERFVBaVxNbEwpPVEFIQRNYal1UF1haBD0FBQ4PVUwbC0N%2BTQkHEUZPRExUZlUER1ACBzwQGhZcFwMTBVRKChYMFEFKG0BYbg5CZgcDDg0PHxsPG30IX0wZQE9GFgdmWkpuF1RLEgsMCkFcGxcVExRQZgMQDBMQA0tqX1AMWFUYQFlGJQ9LUF9eGRMVQxcCOwEUVkJKVBNuTwQQEA0MCBsPGwhXHwlDTkERAjlKQUtYD1YbW0AuCxkPVVlYHlQfCUFKO1VSXRl5UF8USRkZWlU7VVICFUtHWwgPT1JKRCQDWl5WHlMBCFFSUlRSRn9cS1QHXkFOW1VKU0QVF15YFW5aDg8ODRdEAxdaCQQDAVJXUAEHUV8XFRMRUEsADxBGWURCaRtFDkRLPUBZRD9EQQRrVT0TFUE%2BQQcCC0lUUFYPbRtbQj9GLQV4TGxtQx0ZPUAAOEFcGWkbBT0TFUE%2BQRQ/RAMVZRNRbRtNQj9GBANXUVxDPRMDQT5BAj9EFRVlEwVYSgAADwE8FVZAV1U9EwNBPkFUP0REFxUTBF1QBgsBCAY5SkVVWBVuTQQRFxdBXBsVfUICR0sjU0MgEAVPR3sDQXVKAhQRJlBGfUZaRxNzDUFAT0YGClBSUFMNVGYSEg8NFzlNUEpFEm5XEkBZRkMCUEZaXhdUSxg9EwUEAxkXFRMAUk0IFAY7EBZVXE1uFVRKFRFBXkFGfUZaRxNzCEFAHhk%3D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Fri, 01 Jul 2022 15:37:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 72403996ee9efac8-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=ab4306de25798a08; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   72
Md5:    107d93e382e2c9b00fbf9fb0edc65d86
Sha1:   77e750e3ebf9706f4f6dd253785602d70be17c6c
Sha256: a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "3B67A75DBFACE14E1940383AC5186AE05DEB1EEE1A5A8D4987F6B7C27F8C771A"
Last-Modified: Thu, 30 Jun 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20511
Expires: Fri, 01 Jul 2022 21:19:38 GMT
Date: Fri, 01 Jul 2022 15:37:47 GMT
Connection: keep-alive

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: streetmonumentemulate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx/1.22.0
Date: Fri, 01 Jul 2022 15:37:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d9ec91e894b4b494b8dd3d4c5b18b460
Strict-Transport-Security: max-age=0; includeSubdomains

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "3B67A75DBFACE14E1940383AC5186AE05DEB1EEE1A5A8D4987F6B7C27F8C771A"
Last-Modified: Thu, 30 Jun 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20511
Expires: Fri, 01 Jul 2022 21:19:38 GMT
Date: Fri, 01 Jul 2022 15:37:47 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: 6.adsco.re
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://c.adsco.re/

                                         
                                         104.17.167.186
HTTP/1.1 200 OK
Content-Type: text/plain;charset=UTF-8
                                        
Date: Fri, 01 Jul 2022 15:37:47 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 724039983ad2b506-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "3B67A75DBFACE14E1940383AC5186AE05DEB1EEE1A5A8D4987F6B7C27F8C771A"
Last-Modified: Thu, 30 Jun 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20511
Expires: Fri, 01 Jul 2022 21:19:38 GMT
Date: Fri, 01 Jul 2022 15:37:47 GMT
Connection: keep-alive

                                        
                                            GET /watch/88698312 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycloudzz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.250.119
HTTP/2 302 Found
                                        
location: /watch/88698312/1
date: Fri, 01 Jul 2022 15:37:46 GMT
set-cookie: yandexuid=2664504241656689866; Expires=Sat, 01-Jul-2023 15:37:46 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=2664504241656689866; Expires=Sat, 01-Jul-2023 15:37:46 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yabs-sid=229534231656689866; Path=/; SameSite=None; Secure i=ezZuWmQmpNKl4Ezj+5zmGdgkyl/385LRAGfIZQG64bXu8+6XZ33nsJt4UYkgPeuTKpD3jALtfxEKzST/pIOzMdfQRKI=; Expires=Mon, 28-Jun-2032 15:37:34 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None ymex=1688225866.yrts.1656689866#1688225866.yrtsi.1656689866; Expires=Sat, 01-Jul-2023 15:37:46 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 01-Jul-2022 15:37:46 GMT
last-modified: Fri, 01-Jul-2022 15:37:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Size:   5982
Md5:    c489ce2c491a22ee37a55e26a92dfd73
Sha1:   2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
Sha256: 1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
                                        
                                            GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

                                         
                                         216.58.211.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 01 Jul 2022 15:37:47 GMT
Date: Fri, 01 Jul 2022 15:37:47 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   660
Md5:    55130bf120bd75a4bba7d678be617cdf
Sha1:   77b172c0cc1d15e60ab95edccf3ac1e640d16812
Sha256: 262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d
                                        
                                            GET / HTTP/1.1 
Host: 4.adsco.re
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://c.adsco.re/

                                         
                                         162.252.214.5
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 01 Jul 2022 15:37:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   62
Md5:    adde5febc7b5b6c2c759ec735cce83a0
Sha1:   77ec17be8a9970ff04663294d41c590d0d24fde4
Sha256: ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
                                        
                                            GET /CACHE/js/output.6f6724a00cb8.js HTTP/1.1 
Host: static-assets.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.94.42
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 15:37:46 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"a708027bfbbde438a72a93082d4bc4b5"
last-modified: Thu, 24 Jun 2021 21:24:05 GMT
x-amz-id-2: JSy2VAlm3gAahvlCm5/iqNOQuasckcIrq13CGup8iDmNjJ/I2mSXsAw6q4OzSeK3RH88h3oFZ3U=
x-amz-meta-s3cmd-attrs: md5:a708027bfbbde438a72a93082d4bc4b5
x-amz-request-id: 2D5V5B3Y2TWH6PZC
cf-cache-status: HIT
age: 1015828
expires: Sun, 31 Jul 2022 15:37:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJZ6htI6%2BmsCQVMZ%2FU0uHZ2ALoAkFPRjTm%2FBoPiMDs7DInTT51rAy9k%2FApwpyiMM0Lx2i3J6269yoR0z6tr0CkratzQB16APOLx7oxsj8jll0OY8yD7T1LDypzvq0yo9X3SAAeDlY5Q7lbEhU%2F0eng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=A3YUqUsNoHYTwCcKx.wKpTxF3gW0fI2ZT0C4LPsfmGw-1656689866924-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 724039943b120b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (316), with no line terminators
Size:   219
Md5:    24046196c939cba420a122038ae0b0b9
Sha1:   0db1ee1b83f8bf864dc157917271c46961c0f188
Sha256: e2671f3ac4334088fa27d34d8f54406de0936fe6f4ec45af375d3bb2c5c9fc9b
                                        
                                            POST /events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1484&ck=1&ref=https://chaturbate.com/tours/3/ HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 1984
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 01 Jul 2022 15:37:47 GMT
Content-Length: 24
Connection: keep-alive
CF-Ray: 724039982800fac8-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   24
Md5:    bc32ed98d624acb4008f986349a20d26
Sha1:   2d3df8c11d2168ce2c27e0937421d11d85016361
Sha256: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
                                        
                                            GET /pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Findex.html&l=1255&fd=171 HTTP/1.1 
Host: crumbtypewriterhome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         192.243.59.12
HTTP/1.1 200 OK
                                        
Server: nginx/1.17.6
Date: Fri, 01 Jul 2022 15:37:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /mono/movie/adult/55t28622/55t28622pl.jpg HTTP/1.1 
Host: pics.dmm.co.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         202.6.246.10
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: openresty
Date: Fri, 01 Jul 2022 15:37:46 GMT
Content-Length: 169385
Connection: keep-alive
Last-Modified: Fri, 13 May 2022 08:48:06 GMT
ETag: "627e1b46-295a9"
X-Pics-Origin: digital-master
X-Cache-Status: HIT
Set-Cookie: app_uid=ygb2CmK/FMoO5IY9BvKFAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size:   169385
Md5:    faa2bee4c36f2110700a933d5439c144
Sha1:   f3c54694a09cb9ead7069febeb849b967404ffa1
Sha256: 5a54acd4a799eddc6ee41ea3cbfcc0b7118ab6d3e7b3c5a47b0114f3a2aaa060
                                        
                                            GET /sb/notifications/rtb/mac/2/index.html HTTP/1.1 
Host: cdn.barscreative1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://javtk.com
Connection: keep-alive
Referer: http://javtk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.37.70
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 15:37:47 GMT
content-type: text/html
last-modified: Sat, 07 May 2022 03:21:27 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7Ssc2qfidtHYWbvD8FlfiuWJdIfPLgRJuMVMY6w0WWSvpd1Y9riqeleNPZQQwHdGrwGf1vxioyp9J01k11A4zbNmnIYBX1wo1z8AErXm2UE0QlF9b32IMPkcaF7YUu6QKG%2FVIFTTYA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 724039969e54b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text
Size:   3284
Md5:    8a147c686d02c9d622ae0b60854d0eaf
Sha1:   47417735519a767c4439de59578154d00fe40a56
Sha256: a27ff8e7f7c5507be58ebd2b01972bcc588380e5ec3f9a5616fe65b7a68cd60f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Fcss%2Fmagic.css&l=45250&fd=83 HTTP/1.1 
Host: crumbtypewriterhome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         192.243.59.12
HTTP/1.1 200 OK
                                        
Server: nginx/1.17.6
Date: Fri, 01 Jul 2022 15:37:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Frtb%2Fmac%2F2%2Fcss%2Fstyle.css&l=4309&fd=88 HTTP/1.1 
Host: crumbtypewriterhome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         192.243.59.12
HTTP/1.1 200 OK
                                        
Server: nginx/1.17.6
Date: Fri, 01 Jul 2022 15:37:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 01 Jul 2022 15:37:47 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 05 Jul 2022 13:30:41 GMT
ETag: "b8e7dcd73a573fd285438db3707cc8855e557775"
Last-Modified: Fri, 01 Jul 2022 13:30:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1248
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7240399a39ab0b49-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    8e18024ab006739f46fcc2a60946d93c
Sha1:   b8e7dcd73a573fd285438db3707cc8855e557775
Sha256: d223a889e063e62196436d050ad71427828fb84b5d90139c8d2f4d479cbc6095
                                        
                                            GET /thumbnail?i=uXpjpNAfRPg_0&imgt=icon HTTP/1.1 
Host: xml.realtime-bid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         198.134.116.29
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Fri, 01 Jul 2022 15:37:47 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://static.realtime-bid.com/n337/ad/300x300_mlrC2tLgOw3p3m5g8vS1.jpeg
Pragma: no-cache

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://javtk.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 29 Jun 2022 20:13:49 GMT
Expires: Thu, 29 Jun 2023 20:13:49 GMT
Cache-Control: public, max-age=31536000
Age: 156239
Last-Modified: Wed, 11 May 2022 19:24:48 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://javtk.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 29 Jun 2022 20:14:24 GMT
Expires: Thu, 29 Jun 2023 20:14:24 GMT
Cache-Control: public, max-age=31536000
Age: 156204
Last-Modified: Wed, 11 May 2022 19:24:42 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /sb/notifications/rtb/mac/2/css/style.css HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://javtk.com
Connection: keep-alive
Referer: http://javtk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.183.56
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 15:37:47 GMT
content-type: text/css
last-modified: Mon, 17 May 2021 12:30:23 GMT
etag: W/"60a261df-10d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 105797
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JisXEKOetVPwuczLjrRthZQu5wRgxINhpB1vrHeYEbWh%2FQWQ%2FRZC%2BN2rkdrDUpnPyxGt09lnd6qdoLPOAfqAAX8ZFrkptSFFw39C0TcGjhJgVosAeZ9S5o9yCptvaN%2FK62g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 724039982e920b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1171
Md5:    efe9edd0c003f7b3f4fe7d008327287a
Sha1:   c55795d372df478ab73e4e3ba4f1db30538e8205
Sha256: ccfebde01df65c9e727959d6d84d70c1ab2220073961a22c04135a95b01bba22
                                        
                                            GET /n337/ad/300x300_mlrC2tLgOw3p3m5g8vS1.jpeg HTTP/1.1 
Host: static.realtime-bid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.139.128.11
HTTP/2 200 OK
                                        
date: Fri, 01 Jul 2022 15:37:48 GMT
content-length: 11483
content-type: image/jpeg
last-modified: Fri, 27 Aug 2021 12:28:46 GMT
accept-ranges: bytes
server: nginx
etag: "6128da7e-2cdb"
cache-control: max-age=86400
x-hw: 1656689868.cds218.sk1.hn,1656689868.cds018.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size:   11483
Md5:    ea4d0542fa4cd96f6863e7a8b5c9a460
Sha1:   b8a72ede5a93fd3d79496f37a36fa8caac27117a
Sha256: f7ff188bf898910340242c7395163b4152d8350e9626b7e9b8a635fd67f03840
                                        
                                            GET /pxf.gif?uuid=68ce39d9-c4ad-4d8e-bd21-c15d411802e9&eb=f2971074fea048c017123c068028f7b0&te=eddb2b1ddd8a23149230781ff8343f36&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.29&b_frame=0&pk=c53b937a4f8b2f30be51036e594c33eb&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Fri, 01 Jul 2022 15:37:48 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cfde66d80cea9e3022b450c790635654
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pixel/sbs?c=1 HTTP/1.1 
Host: crumbtypewriterhome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://javtk.com/
Cookie: u_pl=15867835; uid_id2=68ce39d9-c4ad-4d8e-bd21-c15d411802e9:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.12
HTTP/1.1 200 OK
                                        
Server: nginx/1.17.6
Date: Fri, 01 Jul 2022 15:37:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pxf.gif?uuid=68ce39d9-c4ad-4d8e-bd21-c15d411802e9&eb=f2971074fea048c017123c068028f7b0&te=eddb2b1ddd8a23149230781ff8343f36&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.29&b_frame=0&pk=0376c5049b3cdb93416e29fae5a4fc40&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://javtk.com/

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Fri, 01 Jul 2022 15:37:48 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c44041d50e0743175929fb7d05a54342
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed