Overview

URL tporn.xxx/en/video/10535351/dirty-videos/
IP104.21.20.42
ASNCLOUDFLARENET
Location
Report completed2022-09-25 05:39:16 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-25 2 a07d30aaf0.com Sinkholed
2022-09-25 2 a07d30aaf0.com Sinkholed
2022-09-25 2 a07d30aaf0.com Sinkholed
2022-09-25 2 a07d30aaf0.com Sinkholed
2022-09-25 2 a07d30aaf0.com Sinkholed
2022-09-25 2 a07d30aaf0.com Sinkholed
2022-09-25 2 a07d30aaf0.com Sinkholed
2022-09-25 2 a07d30aaf0.com Sinkholed
2022-09-25 2 a07d30aaf0.com Sinkholed
2022-09-25 2 a07d30aaf0.com Sinkholed
2022-09-25 2 a07d30aaf0.com Sinkholed
2022-09-25 2 a07d30aaf0.com Sinkholed
2022-09-25 2 a07d30aaf0.com Sinkholed
2022-09-25 2 a07d30aaf0.com Sinkholed
2022-09-25 2 a07d30aaf0.com Sinkholed
2022-09-25 2 a07d30aaf0.com Sinkholed
2022-09-25 2 a07d30aaf0.com Sinkholed


Files

No files detected



Passive DNS (50)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS cbjpeg.stream.highwebmedia.com (37) 23619 2017-04-27 08:00:06 UTC 2022-09-24 22:38:29 UTC 131.153.88.92
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-24 19:48:02 UTC 143.204.55.36
mnemonic passive DNS js.wpadmngr.com (1) 25762 2021-06-02 14:43:46 UTC 2022-09-24 22:43:29 UTC 45.133.44.25
mnemonic passive DNS s3t3d2y8.afcdn.net (1) 0 2022-08-08 22:22:56 UTC 2022-09-24 05:30:45 UTC 185.76.9.26 Unknown ranking
mnemonic passive DNS 12112336.pix-cdn.org (1) 18294 2018-08-23 11:18:44 UTC 2022-09-24 22:43:30 UTC 45.133.44.24
mnemonic passive DNS go.goaserv.com (3) 153365 2021-11-03 00:47:35 UTC 2022-09-24 17:29:59 UTC 217.22.19.196
mnemonic passive DNS cdn3.medfoodsafety.com (2) 0 2022-04-05 03:19:12 UTC 2022-09-24 22:19:48 UTC 172.64.204.2 Unknown ranking
mnemonic passive DNS preroll.hostave3.net (1) 96311 2018-02-22 21:32:02 UTC 2022-09-23 17:11:14 UTC 104.21.235.3
mnemonic passive DNS img-getpocket.cdn.mozilla.net (3) 1631 2017-09-01 03:40:57 UTC 2022-09-24 04:22:29 UTC 34.120.237.76
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-24 04:22:42 UTC 104.18.20.226
mnemonic passive DNS txxx.com (1) 36561 2020-02-27 06:36:52 UTC 2022-09-24 06:34:03 UTC 172.64.196.4
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-24 04:21:47 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS fp.metricswpsh.com (1) 0 2022-04-22 11:20:32 UTC 2022-09-24 22:43:31 UTC 157.90.84.242 Unknown ranking
mnemonic passive DNS e1.o.lencr.org (2) 6159 2021-08-20 07:36:30 UTC 2022-09-24 06:20:21 UTC 23.36.77.32
mnemonic passive DNS js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-09-25 04:59:22 UTC 151.101.86.137
mnemonic passive DNS r3.o.lencr.org (29) 344 2020-12-02 08:52:13 UTC 2022-09-24 04:21:50 UTC 23.36.77.32
mnemonic passive DNS ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-09-24 04:23:20 UTC 142.250.74.3
mnemonic passive DNS chaturbate.com (1) 6807 2012-05-22 23:11:36 UTC 2022-09-25 03:13:00 UTC 104.18.100.40
mnemonic passive DNS tporn.xxx (2) 409069 2020-01-11 07:13:34 UTC 2022-09-24 14:28:27 UTC 172.67.191.83
mnemonic passive DNS tporn.xxx (2) 409069 2020-01-11 07:13:34 UTC 2022-09-24 14:28:27 UTC 104.21.20.42
mnemonic passive DNS mc.yandex.ru (8) 2672 2017-01-29 05:34:36 UTC 2022-09-24 18:45:26 UTC 77.88.21.119
mnemonic passive DNS s.optnx.com (1) 20469 2020-03-25 00:41:59 UTC 2022-09-25 01:27:38 UTC 95.211.229.246
mnemonic passive DNS cdn.1vag.com (1) 48829 2021-02-10 15:12:50 UTC 2022-09-24 18:27:02 UTC 45.133.44.24
mnemonic passive DNS vast.yomeno.xyz (1) 44241 2019-12-12 11:10:55 UTC 2022-09-24 22:43:31 UTC 109.206.181.2
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-25 04:32:42 UTC 142.250.74.72
mnemonic passive DNS rtbrennab.com (8) 0 2022-04-20 15:49:10 UTC 2022-09-24 22:49:50 UTC 159.69.163.6 Unknown ranking
mnemonic passive DNS static-assets.highwebmedia.com (8) 16059 2021-01-19 21:46:26 UTC 2022-09-25 02:25:25 UTC 104.16.94.42
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-24 04:22:23 UTC 34.117.237.239
mnemonic passive DNS videotxxx.com (1) 165435 2020-01-13 11:23:30 UTC 2022-09-23 05:08:25 UTC 62.122.168.133
mnemonic passive DNS 14f91f4146.a07d30aaf0.com (1) 0 2022-09-23 00:35:14 UTC 2022-09-25 04:35:06 UTC 45.133.44.24 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-24 05:36:42 UTC 34.212.166.60
mnemonic passive DNS 7b22f96b0f.a07d30aaf0.com (1) 0 2022-09-23 00:35:13 UTC 2022-09-25 00:35:07 UTC 94.130.197.134 Unknown ranking
mnemonic passive DNS tn.tporn.xxx (3) 0 2021-02-10 14:21:12 UTC 2022-09-20 19:03:48 UTC 45.133.44.24 Domain (tporn.xxx) ranked at: 409069
mnemonic passive DNS tn.txxx.tube (1) 106247 2021-04-15 09:35:37 UTC 2022-09-23 19:21:56 UTC 45.133.44.24
mnemonic passive DNS bam.nr-data.net (3) 630 2015-02-10 00:06:27 UTC 2022-09-25 04:59:22 UTC 162.247.241.14
mnemonic passive DNS realtime.pa.highwebmedia.com (13) 24791 2021-01-21 22:18:59 UTC 2022-09-25 02:25:27 UTC 54.230.111.84
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-24 04:26:56 UTC 143.204.55.25
mnemonic passive DNS ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2022-09-25 04:17:50 UTC 93.184.220.29
mnemonic passive DNS twinrdack.com (3) 366359 2021-12-16 19:33:05 UTC 2022-09-24 17:37:07 UTC 172.66.40.122
mnemonic passive DNS data.goasrv.com (4) 0 2022-06-22 13:29:20 UTC 2022-09-24 17:29:59 UTC 217.22.19.195 Domain (goasrv.com) ranked at: 117069
mnemonic passive DNS realtime.pa.highwebmedia.com (13) 24791 2021-01-21 22:18:59 UTC 2022-09-25 02:25:27 UTC 54.230.111.129
mnemonic passive DNS chatw-28.stream.highwebmedia.com (1) 312913 2021-02-15 20:45:50 UTC 2022-09-20 21:18:24 UTC 104.19.242.83
mnemonic passive DNS ads.exoclick.com (1) 32908 2012-11-29 00:05:16 UTC 2022-09-24 15:34:27 UTC 205.185.216.10
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-25 00:29:21 UTC 142.250.74.10
mnemonic passive DNS a.realsrv.com (1) 10080 2019-07-03 16:12:14 UTC 2022-09-24 12:40:33 UTC 205.185.216.10
mnemonic passive DNS in16.zog.link (2) 76485 2018-07-31 21:03:54 UTC 2022-09-24 10:11:36 UTC 109.206.163.116
mnemonic passive DNS btds.zog.link (8) 38469 2019-10-07 21:35:03 UTC 2022-09-24 22:45:50 UTC 109.206.175.85
mnemonic passive DNS 661f8a0d88.a07d30aaf0.com (15) 0 2022-09-23 00:35:14 UTC 2022-09-25 04:35:06 UTC 159.69.163.6 Unknown ranking
mnemonic passive DNS ortb.montlusa.top (2) 0 2022-06-30 23:38:06 UTC 2022-09-24 20:08:27 UTC 104.21.30.211 Domain (montlusa.top) ranked at: 521450
mnemonic passive DNS kts.visitstats.com (1) 87150 2019-10-24 11:24:01 UTC 2022-09-24 22:43:34 UTC 62.122.173.18


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.20.42

Date UQ / IDS / BL URL IP
2022-11-24 14:26:11 +0000
0 - 0 - 1 tporn.xxx/fr/video/10039073/abella-danger-feet/ 104.21.20.42
2022-11-23 20:16:43 +0000
0 - 0 - 33 takehost.com.br/wp-includes/ixrr/load.php?0=z (...) 104.21.20.42
2022-11-23 06:45:00 +0000
0 - 0 - 2 www.verify38527indentity.com/ 104.21.20.42
2022-11-02 23:13:52 +0000
0 - 0 - 15 tporn.xxx/it/video/17011197/abie-owen-play-pussy/ 104.21.20.42
2022-11-02 20:41:42 +0000
0 - 0 - 2 tporn.xxx/en/video/12107001/chat-with-abie-ow (...) 104.21.20.42

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-04 08:33:53 +0000
0 - 0 - 3 a.prizestopsurvey.top/ 172.67.166.17
2022-12-04 08:33:20 +0000
0 - 0 - 2 a.lotsofprofitsurvey.top/ 104.21.10.226
2022-12-04 08:31:40 +0000
0 - 0 - 2 auth.challengers-premier.pro/ 104.21.3.33
2022-12-04 08:31:17 +0000
0 - 0 - 3 j.pseessustijy.com/ 104.21.33.3
2022-12-04 08:30:50 +0000
0 - 0 - 2 customizeme.shop/snf/7f29a1786da43a4e59afa5a6 (...) 172.67.138.249

Last 5 reports on domain: tporn.xxx

Date UQ / IDS / BL URL IP
2022-11-24 14:26:11 +0000
0 - 0 - 1 tporn.xxx/fr/video/10039073/abella-danger-feet/ 104.21.20.42
2022-11-20 08:03:21 +0000
0 - 0 - 13 tporn.xxx/nl/video/10156621/krissy-lynn-ivy-l (...) 172.67.191.83
2022-11-12 19:10:35 +0000
0 - 0 - 10 tporn.xxx/en/search/zeira%20kundalini/1/ 172.67.191.83
2022-11-02 23:13:52 +0000
0 - 0 - 15 tporn.xxx/it/video/17011197/abie-owen-play-pussy/ 104.21.20.42
2022-11-02 20:41:42 +0000
0 - 0 - 2 tporn.xxx/en/video/12107001/chat-with-abie-ow (...) 104.21.20.42

No other reports with similar screenshot



JavaScript

Executed Scripts (75)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (193)


Request Response
                                        
                                            GET /en/video/10535351/dirty-videos/ HTTP/1.1 
Host: tporn.xxx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.20.42
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Sun, 25 Sep 2022 05:39:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://tporn.xxx/en/video/10535351/dirty-videos/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eL73pLhpkqUgPlN5EZraFC440tSbd%2BTBA3YqkHZMVTUu8cmwm%2BItZGG24BGliLD%2B01Kgp86bbCKOwXI1sSS26cYHj%2BTC%2BOoepL3kXXXvVCvZHgudYdJ0gYjNO7A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75016ad24b78b4e8-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   169
Md5:    7fbbfac9dc9342664a7ca850832106c9
Sha1:   8a080dfb29d28ad24572b7f7efcabe7ae14778ce
Sha256: 103f5f72e93e6fe9866e86000ee3797a4ef1a654b081e373d26d20dcf6365abc
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 05:14:51 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BgBdX_Hbzaj0_hiHkG11aLGS_KgxnFBDf3zopgRdHShzvruK8U_jWw==
Age: 1453


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2576
Expires: Sun, 25 Sep 2022 06:22:00 GMT
Date: Sun, 25 Sep 2022 05:39:04 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ujbNbjR5Hz2qHecPD5vy2tGBSQw5sgRKYITuCGs8NSK3b2iDDrb3Yg==
age: 3830
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 25 Sep 2022 05:39:05 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 05:39:05 GMT
Content-Length: 939
Connection: keep-alive
Expires: Thu, 29 Sep 2022 03:47:44 GMT
ETag: "b34e145e77def5403e79e9596b69e2edcf42f74e"
Last-Modified: Sun, 25 Sep 2022 03:47:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2378
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75016ad61e7e0b51-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9810DBBF5640C7B24434ABB4A3B6E31BE4B87AF4739F30ADB336591961DFED1A"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17335
Expires: Sun, 25 Sep 2022 10:28:00 GMT
Date: Sun, 25 Sep 2022 05:39:05 GMT
Connection: keep-alive

                                        
                                            GET /embed/16673581/?promo=33991&nplimit=1&skip=10&source=0 HTTP/1.1 
Host: videotxxx.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tporn.xxx/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         62.122.168.133
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: nginx/1.21.2
Date: Sun, 25 Sep 2022 05:39:05 GMT
Content-Length: 145
Connection: keep-alive
Location: https://txxx.com/embed/16673581/?promo=33991&nplimit=1&skip=10&source=0


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   145
Md5:    8f44bacdcf4f730bc8a23bffdb52bf2c
Sha1:   d0ce633b7a9edb873911e993ed2621e40082a6fc
Sha256: 8887002d60cef2c1d9d2d25e50d06f9f2badcaa11b5b50577a1cba5dd4f3d0e8
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 05:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 05:06:19 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dETVeWvLarD8mbZjABPWaMJxuFoHlhCvzXkJJ3qWHmPZoqB2A3dv9Q==
Age: 2088


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A26504A176696A89EBEB266F6DCA46B4ECB154B11D3A2127F3FEA82DEA3CFCCD"
Last-Modified: Sat, 24 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3885
Expires: Sun, 25 Sep 2022 06:43:50 GMT
Date: Sun, 25 Sep 2022 05:39:05 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   5009
Md5:    93eeec44c53e60e1674ca43e63e97ff3
Sha1:   8e0237834cd4af2cfbd9e5e7e05e4a8041e18420
Sha256: 671913856c2f974e309d2a0f8ab1833c4db29296a53a4fccaf4da8c31841c8d2
                                        
                                            GET /metrika/tag.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tporn.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 72341
date: Sun, 25 Sep 2022 05:39:05 GMT
access-control-allow-origin: *
etag: "632d6d03-11a95"
expires: Sun, 25 Sep 2022 06:39:05 GMT
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Size:   72341
Md5:    7a68c8644032413981e4ba5bc0d66c4a
Sha1:   2d46ca8055e8577ae7138140e34a6e633434973c
Sha256: e0573e9a9cbfc3f00a921fa64c50270f5941a1ebb253ab70af2cc0dac45cb0d5
                                        
                                            GET /npc/sdk/wp-banners.js HTTP/1.1 
Host: js.wpadmngr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tporn.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.25
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sun, 25 Sep 2022 05:39:05 GMT
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Sun, 25 Sep 2022 05:44:05 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

                                        
                                            GET /ads.js HTTP/1.1 
Host: ads.exoclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tporn.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.216.10
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 25 Sep 2022 05:39:05 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 974
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"8f3c7314efe500b41baba9f571b"
X-HW: 1664084345.dop215.sk1.t,1664084345.cds229.sk1.shn,1664084345.cds229.sk1.c
Access-Control-Allow-Origin: *, *


--- Additional Info ---
Magic:  ASCII text, with very long lines (2476), with no line terminators
Size:   974
Md5:    92af51b4341a31ff621022c2a648c05e
Sha1:   3761459319128e7349981f338926abcd89ba58e0
Sha256: 6dd1f44f60b3c9584b3d9a54af5348c3fc36c7e13585f593f205ed42a0fa7e9f
                                        
                                            GET /embed/16673581/?promo=33991&nplimit=1&skip=10&source=0 HTTP/1.1 
Host: txxx.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tporn.xxx/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         172.64.196.4
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sun, 25 Sep 2022 05:39:05 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
access-control-allow-origin: *
set-cookie: source=33991; expires=Mon, 25-Sep-2023 11:27:51 GMT; Max-Age=31556926; path=/; domain=txxx.com tccloak=1; expires=Sun, 25-Sep-2022 06:39:05 GMT; Max-Age=3600; path=/; domain=txxx.com kt_lang=en; expires=Wed, 20-Sep-2023 05:39:05 GMT; Max-Age=31104000; path=/; domain=.txxx.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8eTbgxYcffMQRg%2FaiKBY21RyMMfOx2XfdAScwqzs%2FgsqFej4K5VhYV0RMsUkHyMnLdOxfMJf7QgiLdmYMHGTzruAwNtscKf5HH6MsOZmV4kKR1JNopX7ptI50A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75016ad7deb68877-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13693)
Size:   6109
Md5:    2848f4c29357566f062373e90eefde55
Sha1:   8bc4eb0d203fc178e6db3ce99bace1ac7f605a93
Sha256: e781a6463d8c1809d1fd66c7ee3f0c3e058e82007b595bb9db02f33fa72fff3e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1246
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 05:39:05 GMT
Last-Modified: Sun, 25 Sep 2022 05:18:19 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 05:39:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "12FBA2F5DE13400F444CDD3923A44F3F988DF45AE9CFA27CB7C305C0343351A5"
Last-Modified: Sat, 24 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13335
Expires: Sun, 25 Sep 2022 09:21:20 GMT
Date: Sun, 25 Sep 2022 05:39:05 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 05:39:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://txxx.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:26:57 GMT
expires: Thu, 21 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 295928
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Size:   13036
Md5:    0ad032b3d07aaf33b160ac4799dda40f
Sha1:   06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
Sha256: c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
                                        
                                            GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI3OTI0MTk2MzEyODY0OTYwMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuOC4xIiwidGFnX2lkIjo0MzQsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4zOSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiRGlydHklMkNWaWRlb3MlMkN0UG9ybi54eHglMkNEaXJ0eSUyQ1ZpZGVvcyUyQ0JpZyUyQ1RpdHMlMkNCcnVuZXR0ZSUyQ0N1bXNob3QlMkNDdW5uaWxpbmd1cyUyQ0hEJTJDTGF0aW5hJTJDTUlMRiUyQ1BPViUyQ1RhdHRvbyUyQ0pvaG5ueSUyQ1RoZSUyQ0tpZCUyQ01pc3MlMkNSYXF1ZWwlMkN0UG9ybiUyQ1Bvcm4lMkNWaWRlb3MlMkNYWFglMkNNb3ZpZXMlMkNTZXglMkNWaWRlb3MlMkNQb3JuJTJDVHViZSUyQ1dhdGNoJTJDRGlydHklMkNWaWRlb3MlMkNhbmQlMkNkb3dubG9hZCUyQ2ZvciUyQ2ZyZWUlMkNFdmVyeSUyQ2RheSUyQ3dlJTJDdXBsb2FkJTJDbmV3JTJDcG9ybiUyQ3ZpZGVvcyUyQ3RvJTJDdFBvcm4ueHh4JTJDUG9ybiUyQ0NhdGVnb3JpZXMlMkNFbmpveSUyQ2ZyZWUlMkNzZXglMkN2aWRlb3MlMkNvbiUyQ3RQb3JuLnh4eCUyMCJ9 HTTP/1.1 
Host: 14f91f4146.a07d30aaf0.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tporn.xxx
Connection: keep-alive
Referer: https://tporn.xxx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.24
HTTP/2 200 OK
                                        
date: Sun, 25 Sep 2022 05:39:05 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /fp?tag_id=434 HTTP/1.1 
Host: fp.metricswpsh.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://tporn.xxx/
Origin: https://tporn.xxx
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         157.90.84.242
HTTP/1.1 204 No Content
                                        
Server: nginx/1.20.1
Date: Sun, 25 Sep 2022 05:39:05 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://tporn.xxx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers


--- Additional Info ---
Magic:  data
Size:   11556
Md5:    22f82dc29a7f23663f9d72d68e678cbe
Sha1:   eb7015cc03e2e40fdccb872f431395f602d98791
Sha256: 7c29edf850783219ed9e7eeb76817f3697321bd4841ab0610a6b33631ad58047
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 05:39:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EngStzDeP5bNfocph7Uc3A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.212.166.60
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: F63RKTtZTgNjSy7vowbM4EcdsN4=

                                        
                                            GET /css?family=Source+Sans+Pro:400,600,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://txxx.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 25 Sep 2022 05:39:05 GMT
date: Sun, 25 Sep 2022 05:39:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5F9CA75D0A6BFD7413FA713549EFD44ACA3E24573FC5D3FE93B1147729217F86"
Last-Modified: Sat, 24 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7503
Expires: Sun, 25 Sep 2022 07:44:09 GMT
Date: Sun, 25 Sep 2022 05:39:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   81512
Md5:    60f2beba20e6c642e95ffa702c332e7a
Sha1:   b0565ccf951ae8eca49a202bcdbbb3399b556794
Sha256: 098856027249fc89c651b6ec4dc7283aaf4b82cfe26c56d47c90ae1b8b7f3948
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5F9CA75D0A6BFD7413FA713549EFD44ACA3E24573FC5D3FE93B1147729217F86"
Last-Modified: Sat, 24 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7503
Expires: Sun, 25 Sep 2022 07:44:09 GMT
Date: Sun, 25 Sep 2022 05:39:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5F9CA75D0A6BFD7413FA713549EFD44ACA3E24573FC5D3FE93B1147729217F86"
Last-Modified: Sat, 24 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7503
Expires: Sun, 25 Sep 2022 07:44:09 GMT
Date: Sun, 25 Sep 2022 05:39:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5F9CA75D0A6BFD7413FA713549EFD44ACA3E24573FC5D3FE93B1147729217F86"
Last-Modified: Sat, 24 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7503
Expires: Sun, 25 Sep 2022 07:44:09 GMT
Date: Sun, 25 Sep 2022 05:39:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5F9CA75D0A6BFD7413FA713549EFD44ACA3E24573FC5D3FE93B1147729217F86"
Last-Modified: Sat, 24 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7503
Expires: Sun, 25 Sep 2022 07:44:09 GMT
Date: Sun, 25 Sep 2022 05:39:06 GMT
Connection: keep-alive

                                        
                                            GET /ads.js HTTP/1.1 
Host: a.realsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://txxx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.216.10
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 25 Sep 2022 05:39:06 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 974
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"f4fddb85b686269b678e3caf766"
X-HW: 1664084346.dop205.sk1.t,1664084346.cds221.sk1.shn,1664084346.cds221.sk1.c
Access-Control-Allow-Origin: *, *


--- Additional Info ---
Magic:  ASCII text, with very long lines (2475), with no line terminators
Size:   974
Md5:    f2e9f79e4bd643ca1264fca98531c71e
Sha1:   7acaa14a18676a38bdc3043d0e016e8cfacb275a
Sha256: db8cf84b422102aa8bc89c36a569921dc69ed556703a96ca44434d2fe98af57b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 05:39:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /get/ HTTP/1.1 
Host: 7b22f96b0f.a07d30aaf0.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tporn.xxx/
Content-Type: text/plain;charset=UTF-8
Origin: https://tporn.xxx
Content-Length: 905
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         94.130.197.134
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.16.0
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 2126
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2126), with no line terminators
Size:   2126
Md5:    3bb4420bb83b741942490093691f81c8
Sha1:   f03b170bb038a13fb53f91bb0618692470bf3383
Sha256: d87ca2fc9b3ed8d13b5f1e90f715d91b347cbf31814297abdbba63996feaff73

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /health/ HTTP/1.1 
Host: 661f8a0d88.a07d30aaf0.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tporn.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         159.69.163.6
HTTP/2 200 OK
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /gtm.js?id=GTM-MVMB4DG HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://txxx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 25 Sep 2022 05:39:06 GMT
expires: Sun, 25 Sep 2022 05:39:06 GMT
cache-control: private, max-age=900
last-modified: Sun, 25 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38165
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2198)
Size:   38165
Md5:    4b2f1ab91d9babf99cc2e6dd4f15aada
Sha1:   a1fc98ccedaab1045e524eeed4f08e0357be35a4
Sha256: a517328ce1b075f995feb48db34f686f9a4aa053b057948765b84d85f394292a
                                        
                                            GET /health/ HTTP/1.1 
Host: 661f8a0d88.a07d30aaf0.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tporn.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 200 OK
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /health/ HTTP/1.1 
Host: 661f8a0d88.a07d30aaf0.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tporn.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 200 OK
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /health/ HTTP/1.1 
Host: 661f8a0d88.a07d30aaf0.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tporn.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 200 OK
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /health/ HTTP/1.1 
Host: 661f8a0d88.a07d30aaf0.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tporn.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 200 OK
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /health/ HTTP/1.1 
Host: 661f8a0d88.a07d30aaf0.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tporn.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 200 OK
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /health/ HTTP/1.1 
Host: 661f8a0d88.a07d30aaf0.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tporn.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 200 OK
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 05:39:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://txxx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Sun, 25 Sep 2022 05:39:06 GMT
access-control-allow-origin: *
etag: "632d6d03-2b"
expires: Sun, 25 Sep 2022 06:39:06 GMT
accept-ranges: bytes
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "DFDC538A29FC232EE31AD407558FD233D2C3F075796B5845B8D36DE8057E4EF8"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17609
Expires: Sun, 25 Sep 2022 10:32:35 GMT
Date: Sun, 25 Sep 2022 05:39:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "610EAA48A866ABB2124E81F7545AF1E58BFA1300E703ADAEC6A9FDC524BE4779"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3913
Expires: Sun, 25 Sep 2022 06:44:19 GMT
Date: Sun, 25 Sep 2022 05:39:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A9C82F97B2E51EC494A64D088EC3657B097B3012480A8B68C88AE458571CE268"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3919
Expires: Sun, 25 Sep 2022 06:44:25 GMT
Date: Sun, 25 Sep 2022 05:39:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   35403
Md5:    6440a0d5b5f4b79c02afadcf851de52b
Sha1:   1036e17614ae21565bda54945e010b1ebebc0e51
Sha256: 4526b9bf6e4982d12077b8e9cbeed0ad76ca00f4b7a6ba9b381793a4d11f34f9
                                        
                                            GET /watch/49315045/1?wmode=7&page-url=https%3A%2F%2Ftxxx.com%2Fembed%2F16673581%2F%3Fpromo%3D33991%26nplimit%3D1%26skip%3D10%26source%3D0&page-ref=https%3A%2F%2Ftporn.xxx%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A8957765968%3Ahid%3A651791803%3Az%3A0%3Ai%3A20220925053904%3Aet%3A1664084345%3Arn%3A774915086%3Arqn%3A1%3Au%3A1664084345616530451%3Aw%3A928x522%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C203%2C0%2C%2C403%2C0%2C889%2C889%2C0%2C725%3Ans%3A1664084343943%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664084345%3At%3ATXXX.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://txxx.com
Referer: https://txxx.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
content-length: 419
date: Sun, 25 Sep 2022 05:39:06 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://txxx.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 05:39:06 GMT
last-modified: Sun, 25-Sep-2022 05:39:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Size:   419
Md5:    a1858b8c603433c843354cd6003977c9
Sha1:   85854ba5850d9cde8efcb10ebe63db3446b324c4
Sha256: 18bb2d7a56424315e28aca49f818218811b1f8dbccae133018bc2b35ec1bedaa
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "610EAA48A866ABB2124E81F7545AF1E58BFA1300E703ADAEC6A9FDC524BE4779"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3913
Expires: Sun, 25 Sep 2022 06:44:19 GMT
Date: Sun, 25 Sep 2022 05:39:06 GMT
Connection: keep-alive

                                        
                                            GET /9b/27/37628/00000353035.jpg HTTP/1.1 
Host: cdn3.medfoodsafety.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://661f8a0d88.a07d30aaf0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.204.2
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 23425
last-modified: Mon, 15 Jun 2020 15:36:36 GMT
etag: "aad23bdbdb1836541446ace8072e4b41"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
via: 1.1 01f803d1e7c713d110bffe7b82d3cb2c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: fGzsEbORvMt3ETBGB6sY435CAIoXhGbeSBBTqQAcdlT8JjD62LPNKw==
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDp7AEw0prXoRmnE3aAZ9e7T0l56A9IwIwCYJIKLmkYJfQYsy6AjXregtT7pHWmJuV%2F5DUb4fRyKxdNj5r0hvy27kL%2FRLvrRrVwdzylwP%2B1Ycnk2jj2sv4KePrSDpR4qJmwn6v0iwoON"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75016add8dff7198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Size:   23425
Md5:    aad23bdbdb1836541446ace8072e4b41
Sha1:   dd5d93d25e84539e987e3d6d07f7eb6a19be662f
Sha256: e347dffeed920c043cd716e1c99a8c52da4bf6f7f0efec31cd9e90b1b2fc09ce
                                        
                                            GET /banner/in/show/?mid=198520474&pid=0&site=34928&sc=NO&usage_type=DCH&subid=0&sid=0&cid=11309&price=0&is_cpm=1&cpm=0.001&ecpm=0.001&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=tporn.xxx&hostname=auc-banner-hz-2&site_id=0&spot_id=34928&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=a2&iabcat=IAB25&min_cpm=0.0005036&placement_type_id=2&skin_test=&verify_hash=&score=98&ml=&ttl=&space_id=34928&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fpreroll.hostave3.net%2Fnotifications%2Fzeropixel.png&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&stratagem=&ssp=3758 HTTP/1.1 
Host: rtbrennab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://661f8a0d88.a07d30aaf0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 302 Found
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://preroll.hostave3.net/notifications/zeropixel.png
X-Firefox-Spdy: h2

                                        
                                            GET /banner/in/show/?mid=72715757&pid=0&site=34929&sc=NO&usage_type=DCH&subid=0&sid=0&cid=11310&price=0&is_cpm=1&cpm=0.027&ecpm=0.027&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=tporn.xxx&hostname=auc-banner-hz-10&site_id=0&spot_id=34929&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=a2&iabcat=IAB25&min_cpm=0.001661&placement_type_id=5&skin_test=&verify_hash=&score=98&ml=&ttl=&space_id=34929&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fpreroll.hostave3.net%2Fnotifications%2Fzeropixel.png&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&stratagem=&ssp=3758 HTTP/1.1 
Host: rtbrennab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://661f8a0d88.a07d30aaf0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 302 Found
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://preroll.hostave3.net/notifications/zeropixel.png
X-Firefox-Spdy: h2

                                        
                                            GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjozNDkyMywidHlwZSI6InBvcCIsImlkem9uZSI6NDE4Njg1MCwiYWRfdGFncyI6IkRpcnR5JTJDVmlkZW9zJTJDdFBvcm4ueHh4JTJDRGlydHklMkNWaWRlb3MlMkNCaWclMkNUaXRzJTJDQnJ1bmV0dGUlMkNDdW1zaG90JTJDQ3VubmlsaW5ndXMlMkNIRCUyQ0xhdGluYSUyQ01JTEYlMkNQT1YlMkNUYXR0b28lMkNKb2hubnklMkNUaGUlMkNLaWQlMkNNaXNzJTJDUmFxdWVsJTJDdFBvcm4lMkNQb3JuJTJDVmlkZW9zJTJDWFhYJTJDTW92aWVzJTJDU2V4JTJDVmlkZW9zJTJDUG9ybiUyQ1R1YmUlMkNXYXRjaCUyQ0RpcnR5JTJDVmlkZW9zJTJDYW5kJTJDZG93bmxvYWQlMkNmb3IlMkNmcmVlJTJDRXZlcnklMkNkYXklMkN3ZSUyQ3VwbG9hZCUyQ25ldyUyQ3Bvcm4lMkN2aWRlb3MlMkN0byUyQ3RQb3JuLnh4eCUyQ1Bvcm4lMkNDYXRlZ29yaWVzJTJDRW5qb3klMkNmcmVlJTJDc2V4JTJDdmlkZW9zJTJDb24lMkN0UG9ybi54eHglMjAiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MzQ5MjMsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjgsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMzQ5MjMiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdHBvcm4ueHh4L2VuL3ZpZGVvLzEwNTM1MzUxL2RpcnR5LXZpZGVvcy8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjY0MDg0MzQ0Nzc1fX0= HTTP/1.1 
Host: 661f8a0d88.a07d30aaf0.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tporn.xxx/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:06 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3575)
Size:   2790
Md5:    f729c0a8b09fec4ac3963268e44ad520
Sha1:   27d4c35013df5b723877aa3b1fd9c59acf61e292
Sha256: fce501bc5b3de129b8171fbbebb9aafdcd5bc98ef92464b3a3772d70a9b87287

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /banner/in/show/?mid=198520474&pid=0&site=34928&sc=NO&usage_type=DCH&subid=0&sid=0&cid=10872&price=0&is_cpm=1&cpm=0.0009483521579999999&ecpm=0.00088196750694&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=tporn.xxx&hostname=auc-banner-hz-2&site_id=0&spot_id=34928&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=imageAd&iabcat=IAB25&min_cpm=0.0006106786077286186&placement_type_id=2&skin_test=&verify_hash=&score=98&ml=&ttl=&space_id=34928&banner_width=300&banner_height=100&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fs.optnx.com%2Fcimp.php%3Fdata%3DTVRZMk5EQTRORE0wTm53Mk5HSmhOR05oWldZeE1tTTFPVEk1TURSaU1tRmpOMll4Tnpoa1ptVXdNUS0tfC9saWJyYXJ5LzQyODUxNS82YTM4YzE1MTUwOTc4ZTZlZDRjMDc1ZWQ2OWI2NDdiZDhkMDg5Nzk4LmdpZnxodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfHRwb3JuLnh4eHw0Mjg1MTV8NjY2MTczfDkxMTM4OHw0MjUzNTAyfDUwOHw0ODY1NDkwfDcwMDk2NTA0fDE1fDN8MHwwfDI1MzQ0fDB8MC4xM3w3NXxFVVJ8VVNEfDAuOTk3MnwxfDIxfDMwMHgxMDB8MXxOT1J8fDQwfDR8MXx8OWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzh8YmM5NmQ3ZDc5YmQ5NDA4NWZmZjA5MjZhZTc5ODUzZjh8MXwwfHRwb3JuLnh4eHwwfDB8MHwwfDF8MHxleGNoYW5nZV9iYW5uZXJ8MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8NHw2MHx8MHwwfDB8MHwwfDB8MXwwfHw4fDF8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjB8T0t8NGM4ZDg1ZTMzZWU2NTk0Yjk1ZDA4MjdiNTdiMDA0Mjg-&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&stratagem=&ssp=3758 HTTP/1.1 
Host: rtbrennab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://661f8a0d88.a07d30aaf0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 302 Found
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://s.optnx.com/cimp.php?data=TVRZMk5EQTRORE0wTm53Mk5HSmhOR05oWldZeE1tTTFPVEk1TURSaU1tRmpOMll4Tnpoa1ptVXdNUS0tfC9saWJyYXJ5LzQyODUxNS82YTM4YzE1MTUwOTc4ZTZlZDRjMDc1ZWQ2OWI2NDdiZDhkMDg5Nzk4LmdpZnxodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfHRwb3JuLnh4eHw0Mjg1MTV8NjY2MTczfDkxMTM4OHw0MjUzNTAyfDUwOHw0ODY1NDkwfDcwMDk2NTA0fDE1fDN8MHwwfDI1MzQ0fDB8MC4xM3w3NXxFVVJ8VVNEfDAuOTk3MnwxfDIxfDMwMHgxMDB8MXxOT1J8fDQwfDR8MXx8OWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzh8YmM5NmQ3ZDc5YmQ5NDA4NWZmZjA5MjZhZTc5ODUzZjh8MXwwfHRwb3JuLnh4eHwwfDB8MHwwfDF8MHxleGNoYW5nZV9iYW5uZXJ8MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8NHw2MHx8MHwwfDB8MHwwfDB8MXwwfHw4fDF8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjB8T0t8NGM4ZDg1ZTMzZWU2NTk0Yjk1ZDA4MjdiNTdiMDA0Mjg-
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   29621
Md5:    02691ce8511a5cca515cd12385eb3b22
Sha1:   ddbc8584b5cf47481042e8d0ce0065bb4caf18b2
Sha256: 4a9260a4b3b742b2ffd3bd3d21c8cc7a06f0b9b10a4f94eac7ad350168088e54
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "DFDC538A29FC232EE31AD407558FD233D2C3F075796B5845B8D36DE8057E4EF8"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17609
Expires: Sun, 25 Sep 2022 10:32:35 GMT
Date: Sun, 25 Sep 2022 05:39:06 GMT
Connection: keep-alive

                                        
                                            GET /e7/ef/77736/1609604.png HTTP/1.1 
Host: cdn3.medfoodsafety.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://661f8a0d88.a07d30aaf0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.204.2
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 564763
last-modified: Thu, 27 Jan 2022 18:40:17 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-hash: 7ca0a0bc98c6e0cc
etag: "ed26303d6b95ad17b8782a9c3eff743a"
x-cache: Hit from cloudfront
via: 1.1 b6143952706f018e1ba3e69247a6e10c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: UG4uJwLfKnCJraUDLrV7rJIQiHXuz8cwxYtMk3X3F3kvmxtKaK9QLQ==
age: 2105
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BO7SHUSMJ1fGOSqhltsMFvd5LEFXGqvSj2mqEtoT5sB6XccHHvjaAWd1F8ARr16Ml%2FcnE%2BTnVDD6akXtIxu9B5TVwX1dNyiJtIEBoFloPQbQHGAh2DOXoZ234hDL7FAVyQnTtgsoaiKB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75016add6de87198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size:   564763
Md5:    ed26303d6b95ad17b8782a9c3eff743a
Sha1:   c3604b6e001537ac56f9ff70f6f8c3d8603320a2
Sha256: 8b336cdbacc201513be8313459cd93a18b19138330e87acc27456fcc01a656b2
                                        
                                            GET /banner/in/show/?mid=1537588345&pid=0&site=34924&sc=NO&usage_type=DCH&subid=0&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=tporn.xxx&hostname=auc-banner-hz-1&site_id=0&spot_id=34924&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.001192&placement_type_id=&skin_test=&verify_hash=&score=100&ml=&ttl=&space_id=34924&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D34924%26source%3D0%26idzone%3D4186852%26w%3D300%26h%3D250%26mo%3D%26ve%3D%26site_id%3D34924%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DDirty%252CVideos%252CtPorn.xxx%252CDirty%252CVideos%252CBig%252CTits%252CBrunette%252CCumshot%252CCunnilingus%252CHD%252CLatina%252CMILF%252CPOV%252CTattoo%252CJohnny%252CThe%252CKid%252CMiss%252CRaquel%252CtPorn%252CPorn%252CVideos%252CXXX%252CMovies%252CSex%252CVideos%252CPorn%252CTube%252CWatch%252CDirty%252CVideos%252Cand%252Cdownload%252Cfor%252Cfree%252CEvery%252Cday%252Cwe%252Cupload%252Cnew%252Cporn%252Cvideos%252Cto%252CtPorn.xxx%252CPorn%252CCategories%252CEnjoy%252Cfree%252Csex%252Cvideos%252Con%252CtPorn.xxx%2520%26spot_id%3D34924%26p%3Dhttps%253A%252F%252Ftporn.xxx%252Fen%252Fvideo%252F10535351%252Fdirty-videos%252F%26katds_labels%3D%26btype%3D0%26score%3D100&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&stratagem=&ssp=3758 HTTP/1.1 
Host: rtbrennab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://661f8a0d88.a07d30aaf0.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 302 Found
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://btds.zog.link/in/912/?sid=34924&source=0&idzone=4186852&w=300&h=250&mo=&ve=&site_id=34924&utm1=&utm2=&utm3=&utm4=&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&spot_id=34924&p=https%3A%2F%2Ftporn.xxx%2Fen%2Fvideo%2F10535351%2Fdirty-videos%2F&katds_labels=&btype=0&score=100
X-Firefox-Spdy: h2

                                        
                                            GET /banner/in/show/?mid=223261330&pid=0&site=34925&sc=NO&usage_type=DCH&subid=0&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=tporn.xxx&hostname=auc-banner-hz-7&site_id=0&spot_id=34925&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.001433&placement_type_id=&skin_test=&verify_hash=&score=100&ml=&ttl=&space_id=34925&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D34925%26source%3D0%26idzone%3D4186856%26w%3D300%26h%3D250%26mo%3D%26ve%3D%26site_id%3D34925%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DDirty%252CVideos%252CtPorn.xxx%252CDirty%252CVideos%252CBig%252CTits%252CBrunette%252CCumshot%252CCunnilingus%252CHD%252CLatina%252CMILF%252CPOV%252CTattoo%252CJohnny%252CThe%252CKid%252CMiss%252CRaquel%252CtPorn%252CPorn%252CVideos%252CXXX%252CMovies%252CSex%252CVideos%252CPorn%252CTube%252CWatch%252CDirty%252CVideos%252Cand%252Cdownload%252Cfor%252Cfree%252CEvery%252Cday%252Cwe%252Cupload%252Cnew%252Cporn%252Cvideos%252Cto%252CtPorn.xxx%252CPorn%252CCategories%252CEnjoy%252Cfree%252Csex%252Cvideos%252Con%252CtPorn.xxx%2520%26spot_id%3D34925%26p%3Dhttps%253A%252F%252Ftporn.xxx%252Fen%252Fvideo%252F10535351%252Fdirty-videos%252F%26katds_labels%3D%26btype%3D0%26score%3D100&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&stratagem=&ssp=3758 HTTP/1.1 
Host: rtbrennab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://661f8a0d88.a07d30aaf0.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 302 Found
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://btds.zog.link/in/912/?sid=34925&source=0&idzone=4186856&w=300&h=250&mo=&ve=&site_id=34925&utm1=&utm2=&utm3=&utm4=&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&spot_id=34925&p=https%3A%2F%2Ftporn.xxx%2Fen%2Fvideo%2F10535351%2Fdirty-videos%2F&katds_labels=&btype=0&score=100
X-Firefox-Spdy: h2

                                        
                                            GET /banner/in/show/?mid=1190802103&pid=0&site=34927&sc=NO&usage_type=DCH&subid=0&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=tporn.xxx&hostname=auc-banner-hz-8&site_id=0&spot_id=34927&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.001406&placement_type_id=&skin_test=&verify_hash=&score=98&ml=&ttl=&space_id=34927&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D34927%26source%3D0%26idzone%3D4186824%26w%3D300%26h%3D250%26mo%3D%26ve%3D%26site_id%3D34927%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DDirty%252CVideos%252CtPorn.xxx%252CDirty%252CVideos%252CBig%252CTits%252CBrunette%252CCumshot%252CCunnilingus%252CHD%252CLatina%252CMILF%252CPOV%252CTattoo%252CJohnny%252CThe%252CKid%252CMiss%252CRaquel%252CtPorn%252CPorn%252CVideos%252CXXX%252CMovies%252CSex%252CVideos%252CPorn%252CTube%252CWatch%252CDirty%252CVideos%252Cand%252Cdownload%252Cfor%252Cfree%252CEvery%252Cday%252Cwe%252Cupload%252Cnew%252Cporn%252Cvideos%252Cto%252CtPorn.xxx%252CPorn%252CCategories%252CEnjoy%252Cfree%252Csex%252Cvideos%252Con%252CtPorn.xxx%2520%26spot_id%3D34927%26p%3Dhttps%253A%252F%252Ftporn.xxx%252Fen%252Fvideo%252F10535351%252Fdirty-videos%252F%26katds_labels%3D%26btype%3D0%26score%3D98&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&stratagem=&ssp=3758 HTTP/1.1 
Host: rtbrennab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://661f8a0d88.a07d30aaf0.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 302 Found
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://btds.zog.link/in/912/?sid=34927&source=0&idzone=4186824&w=300&h=250&mo=&ve=&site_id=34927&utm1=&utm2=&utm3=&utm4=&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&spot_id=34927&p=https%3A%2F%2Ftporn.xxx%2Fen%2Fvideo%2F10535351%2Fdirty-videos%2F&katds_labels=&btype=0&score=98
X-Firefox-Spdy: h2

                                        
                                            GET /banner/in/show/?mid=794022392&pid=0&site=34926&sc=NO&usage_type=DCH&subid=0&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=tporn.xxx&hostname=auc-banner-hz-3&site_id=0&spot_id=34926&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.001184&placement_type_id=&skin_test=&verify_hash=&score=100&ml=&ttl=&space_id=34926&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D34926%26source%3D0%26idzone%3D4186858%26w%3D300%26h%3D250%26mo%3D%26ve%3D%26site_id%3D34926%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DDirty%252CVideos%252CtPorn.xxx%252CDirty%252CVideos%252CBig%252CTits%252CBrunette%252CCumshot%252CCunnilingus%252CHD%252CLatina%252CMILF%252CPOV%252CTattoo%252CJohnny%252CThe%252CKid%252CMiss%252CRaquel%252CtPorn%252CPorn%252CVideos%252CXXX%252CMovies%252CSex%252CVideos%252CPorn%252CTube%252CWatch%252CDirty%252CVideos%252Cand%252Cdownload%252Cfor%252Cfree%252CEvery%252Cday%252Cwe%252Cupload%252Cnew%252Cporn%252Cvideos%252Cto%252CtPorn.xxx%252CPorn%252CCategories%252CEnjoy%252Cfree%252Csex%252Cvideos%252Con%252CtPorn.xxx%2520%26spot_id%3D34926%26p%3Dhttps%253A%252F%252Ftporn.xxx%252Fen%252Fvideo%252F10535351%252Fdirty-videos%252F%26katds_labels%3D%26btype%3D0%26score%3D100&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&stratagem=&ssp=3758 HTTP/1.1 
Host: rtbrennab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://661f8a0d88.a07d30aaf0.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 302 Found
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://btds.zog.link/in/912/?sid=34926&source=0&idzone=4186858&w=300&h=250&mo=&ve=&site_id=34926&utm1=&utm2=&utm3=&utm4=&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&spot_id=34926&p=https%3A%2F%2Ftporn.xxx%2Fen%2Fvideo%2F10535351%2Fdirty-videos%2F&katds_labels=&btype=0&score=100
X-Firefox-Spdy: h2

                                        
                                            GET /watch/60724642/1?wmode=7&page-url=https%3A%2F%2Ftporn.xxx%2Fen%2Fvideo%2F10535351%2Fdirty-videos%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A671%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A379717040679%3Ahid%3A455710185%3Az%3A0%3Ai%3A20220925053905%3Aet%3A1664084345%3Ac%3A1%3Arn%3A1064374660%3Arqn%3A1%3Au%3A1664084345803768953%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C24%2C75%2C0%2C313%2C0%2C%2C261%2C4%2C%2C%2C%2C709%3Ans%3A1664084343264%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664084345%3At%3ADirty%20Videos%20-%20tPorn.xxx&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tporn.xxx
Referer: https://tporn.xxx/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
content-length: 419
date: Sun, 25 Sep 2022 05:39:06 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://tporn.xxx
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 05:39:06 GMT
last-modified: Sun, 25-Sep-2022 05:39:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Size:   419
Md5:    87579f839ae70314981f8b4a23a4cd1e
Sha1:   03fb9931acd00004871fe1ca2e588a792d314902
Sha256: b64816ccdf7023da82c753d4e2d3a89471825dbc00bd4d7bbdd7ab575abbe9c9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4412
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 05:39:06 GMT
Last-Modified: Sun, 25 Sep 2022 04:25:35 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjozNDkyNCwidHlwZSI6InBvcCIsImlkem9uZSI6NDE4Njg1MiwiYWRfdGFncyI6IkRpcnR5JTJDVmlkZW9zJTJDdFBvcm4ueHh4JTJDRGlydHklMkNWaWRlb3MlMkNCaWclMkNUaXRzJTJDQnJ1bmV0dGUlMkNDdW1zaG90JTJDQ3VubmlsaW5ndXMlMkNIRCUyQ0xhdGluYSUyQ01JTEYlMkNQT1YlMkNUYXR0b28lMkNKb2hubnklMkNUaGUlMkNLaWQlMkNNaXNzJTJDUmFxdWVsJTJDdFBvcm4lMkNQb3JuJTJDVmlkZW9zJTJDWFhYJTJDTW92aWVzJTJDU2V4JTJDVmlkZW9zJTJDUG9ybiUyQ1R1YmUlMkNXYXRjaCUyQ0RpcnR5JTJDVmlkZW9zJTJDYW5kJTJDZG93bmxvYWQlMkNmb3IlMkNmcmVlJTJDRXZlcnklMkNkYXklMkN3ZSUyQ3VwbG9hZCUyQ25ldyUyQ3Bvcm4lMkN2aWRlb3MlMkN0byUyQ3RQb3JuLnh4eCUyQ1Bvcm4lMkNDYXRlZ29yaWVzJTJDRW5qb3klMkNmcmVlJTJDc2V4JTJDdmlkZW9zJTJDb24lMkN0UG9ybi54eHglMjAiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MzQ5MjQsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjgsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4fSwiYmFubmVyIjp7InciOjMwMCwiaCI6MjUwfX1dLCJzaXRlIjp7ImlkIjoiMzQ5MjQiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vdHBvcm4ueHh4L2VuL3ZpZGVvLzEwNTM1MzUxL2RpcnR5LXZpZGVvcy8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiOWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzgifSwiZXh0Ijp7ImR0IjoxNjY0MDg0MzQ0ODIxfX0= HTTP/1.1 
Host: 661f8a0d88.a07d30aaf0.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tporn.xxx/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:06 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1790
Md5:    b3ba8ee87a9be5d322a5b4f756a515c8
Sha1:   b04fd0774a775612fafd7f56124a88b46770d5f9
Sha256: 994fe05dd1e98e40ef735074257a08dd04e1b3768069ce45d23e82c1fb72c201

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /i?tid=9adbc927-f369-4180-a56e-85e98b7d705f&cf=affd0hdcdf HTTP/1.1 
Host: ortb.montlusa.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://661f8a0d88.a07d30aaf0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.30.211
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 60
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bqx93x7Ma6Jig11cAoP01nYIb3a%2FoWlz81%2B2dFVac4TvdQpHtfAAHfAoeSBk136mNUcTIUhog%2FEDj2dS56c%2Bwy9AyivAKK20CfM5XzqN9NCrnF4chyDKCj6u8q%2BYpH7%2BGiDKAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75016adda849b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   60
Md5:    cea81d6017b53c6c7bd076407db21a0a
Sha1:   063acf4f87ec5b0c7f9631779c264ee045945c52
Sha256: 1665c0045c0d9a05857431f46362283793d0b844d9e157692079bcbc69ff6154
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4412
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 05:39:06 GMT
Last-Modified: Sun, 25 Sep 2022 04:25:35 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /i?tid=110f6262-9768-4297-9be0-b5e49767ac0f&cf=affd0hdcdf HTTP/1.1 
Host: ortb.montlusa.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://661f8a0d88.a07d30aaf0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.30.211
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 60
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePla6oEvecCsk07NlUyhvhyaYNgeIVzoDI%2FjiW%2FsIeU%2FMqVxZgb6iobd17IXiOM4dFsRWS2v3eGXAjmpeSMzBo%2FYDBGhcIvzCzlaWz3Lq%2BpN0kEPmiq7ZDVOVUPcTdqwOTl9aw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75016adda84fb4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   60
Md5:    cea81d6017b53c6c7bd076407db21a0a
Sha1:   063acf4f87ec5b0c7f9631779c264ee045945c52
Sha256: 1665c0045c0d9a05857431f46362283793d0b844d9e157692079bcbc69ff6154
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "68E033B65A3A4C7BCB8D44DB4EBE0B8697DCA39659EF97ACE54D8B8C9BB6A006"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13717
Expires: Sun, 25 Sep 2022 09:27:43 GMT
Date: Sun, 25 Sep 2022 05:39:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "68E033B65A3A4C7BCB8D44DB4EBE0B8697DCA39659EF97ACE54D8B8C9BB6A006"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13717
Expires: Sun, 25 Sep 2022 09:27:43 GMT
Date: Sun, 25 Sep 2022 05:39:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "68E033B65A3A4C7BCB8D44DB4EBE0B8697DCA39659EF97ACE54D8B8C9BB6A006"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13717
Expires: Sun, 25 Sep 2022 09:27:43 GMT
Date: Sun, 25 Sep 2022 05:39:06 GMT
Connection: keep-alive

                                        
                                            GET /cimp.php?data=TVRZMk5EQTRORE0wTm53Mk5HSmhOR05oWldZeE1tTTFPVEk1TURSaU1tRmpOMll4Tnpoa1ptVXdNUS0tfC9saWJyYXJ5LzQyODUxNS82YTM4YzE1MTUwOTc4ZTZlZDRjMDc1ZWQ2OWI2NDdiZDhkMDg5Nzk4LmdpZnxodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfHRwb3JuLnh4eHw0Mjg1MTV8NjY2MTczfDkxMTM4OHw0MjUzNTAyfDUwOHw0ODY1NDkwfDcwMDk2NTA0fDE1fDN8MHwwfDI1MzQ0fDB8MC4xM3w3NXxFVVJ8VVNEfDAuOTk3MnwxfDIxfDMwMHgxMDB8MXxOT1J8fDQwfDR8MXx8OWU0OTQ3ZjM1NzUxNDY1NDExZmQxYTRmNWMzNThjNzh8YmM5NmQ3ZDc5YmQ5NDA4NWZmZjA5MjZhZTc5ODUzZjh8MXwwfHRwb3JuLnh4eHwwfDB8MHwwfDF8MHxleGNoYW5nZV9iYW5uZXJ8MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8NHw2MHx8MHwwfDB8MHwwfDB8MXwwfHw4fDF8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjB8T0t8NGM4ZDg1ZTMzZWU2NTk0Yjk1ZDA4MjdiNTdiMDA0Mjg- HTTP/1.1 
Host: s.optnx.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://661f8a0d88.a07d30aaf0.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.246
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 25 Sep 2022 05:39:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22632fe97a9d06f2.129582152552725582%22%3B%7D; expires=Tue, 24 Sep 2024 05:39:06 GMT; path=; domain=.optnx.com; Secure; SameSite=none
Location: https://s3t3d2y8.afcdn.net/library/428515/6a38c15150978e6ed4c075ed69b647bd8d089798.gif
X-Robots-Tag: noindex, follow

                                        
                                            GET /notifications/zeropixel.png HTTP/1.1 
Host: preroll.hostave3.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://661f8a0d88.a07d30aaf0.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.3
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 42
last-modified: Tue, 11 Sep 2018 08:40:52 GMT
etag: "5b977f94-2a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 6163450
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3oI1Ib2G8PyZ6e%2F3W3BjxN%2BdYwsEjBDd9pm0gnUvsiBnTsA%2FA8Y3HhOQ9G4OVlaIDJi4aEm4z9X9IjAWTBzV7v3yrKY6atGEP21EjcsXQR2vgi0ryZ405nUwAbOQF1sQB5dFkRihA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 75016ade88f8068e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /in/tishow/?katds_ep=w4F1wTY2xZtMwdcqYB9tmFmxIHtmX2Bzu3_LoN7nXhN6qnef2CEcRqW6Pj6u-4is-dWq3E_L98gaeUgcFrz91lleqNiUwhnQ11b8UEN3FtmhY0U4z02XiX5GLrPYTTDvURR0GbdPS71KBUmyFb0mZuvcPLh_zmhHNocNB31uw4wbVpKTJe6OjWiWq3KlWKUUiexmrLdVOd7SMR86XzC7SLhXa8Kp16JvMRZhwHLWVo7BVmaL4Vx9dWMslAfFOcNpiXPfKYzxvNTufEczalhiKc8ehuNEX_l6yD4uOrvdjWIuOdH-RywK2o5WEMal_UHW3jeiZi6EokztB7wWUVAmHP1_lyE8nnEx-lbsQvQSCsKVrgtWHfuOz14S4lCBH01jLZyOrnasyIno0O3xPa0Yc708xWsffvdI6lTsJ2P3dcdN72SDVWM3XdftKxOW3I9mvEA1a2QNCoA_pDeGlYNHLhT1zTLTwToSUw0aOnnT-Pb9z-5HyxKnRHqHl1xXFFZxppDQch2jt7bosNVrLF2AofjB2PoZn3S3rATQlyg4fBMIY9RI5OTq2w918mYfrADnLoK7xQkrfksvH6p9iprLyNVlB3PAK5mwlbo9NWD6Zmoho7EFo6ZqI2C3W06gOmZoWkusubU3j1mRHBi4E1qvCuhkZx9SAG5KI9LdMiTWhgZVMgrlF2pj-a30djf_3hHYIxFA6qNWoq-Z3hWUBOQb-gCl0uAvV02EX34vGvpe0zCRAn8ktqY7o0e643QVdoO7pgwNupFJp1FD_twZpewYBTgbFwbSvZReAe6_ZTsnsoa9HGi2Te63dXmBgzxAHUYWpZzWsklGGCHMOizDK2RXNIfgm21Mv_PqpT9sMRw32ULvRV6pgM9V_HmR4Ed3YMrLgMjRyxAQi0fPKhEfytidKC_1aZgL-sLNmSI-8OU7i0yO6X4ZYB5_yJlQN4ZENsxK9qQHavMuB5kpAb7P2nvtR59xKFO42iSab3Ks6fI48d5x8aQriLLuafEBeZNfmKZNhGWJz_SyOcn9rHFDTCHa5P_mrj1K0v_vXTABTmcf2uxLx9qd8VilkmaNoLWPz6ZKjVqK_AQbkjz1lngjrVCdgrYZFr4YBhSQPXCUCyJFz6PGohRI6Z3TcenvITc2i7zD1PTpqhd-pYXDhbTG6PvLqr_u6cgw3OxCjzvaUvQ06HGhkkG0y-W675gD7Mu6Uun6Ry2TRC_au2NoNYiAw3BFQojyNtK6kYNa53IrA9_TF3d4qTJ1pWquNgKOFo1lpg8Q9d0_Lt4FyTlWAGUOcgpRqer0hM-QPHfES0vA1qQivglBFlSi0RXXF1CAXI5V-U60fKFwJh2qfXI0U9qYVBo3CyPtUHMEQlZFGliL_zMgZHF44iAZth4fRkCrGwR9q8qnso1Hxanuqge1lUjOWdroFHmx-Lug-9Mf4uJ8v7RI-rlthCoEUvnyGxi6hPHXX5ddvc2EKe1G48TIr-BaN-7lWwHbXtYQD8iLGxWRqF-cfvJ4GaNqecM_XrOd5qNCcDpfXY8OFdqB-8badr-ylf6FR0YsDKgQqebUcvbHovdPJKS-osgmHjD96i_i1uFNkkNlrHdekZH7QsGQz6YjRoVqscQj-KFdc5X6kZ3kYLRTnaiw5M8_7Tw9ReNS-lSb0JH1S5xh6w4ylvVce2vDR3sAJ0eRQHDRgLEVAtV58-JocTZ1MbRtfEPovjeOX7mplVgWzWMv80o1W6wM7POwpGIbafoeQvJKCEBKGxkAoUSeOW-V_15K0tNAITE69ntz3W0_sbPVU05_ZCapv9MaoRyDGQdOEOSV5wfGL0ARn0RKuHJ_rGClVODSamXumENDZa6X_4_PAIXksxhaoJoJ2xhSZlW2Mw1PUHscxzxN1piXn-UN1VxzAsnxU2Sszh0zxjum6lFJpxSzineI8OsNOQtC3Z4ZuFvFIjhmANVRgNI3313O0xChFOlaRFYCugS6AQf9vG2QsNP_UZm1YTrn15Q1D51ns165_6-evCmQrWL5QlsVxkOB2huUYiVLMg0EKz48jIey3l7BCA&sp=${SECOND_PRICE} HTTP/1.1 
Host: in16.zog.link
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://661f8a0d88.a07d30aaf0.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         109.206.163.116
HTTP/2 302 Found
                                        
server: nginx/1.20.1
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
location: https://12112336.pix-cdn.org/m/p/0/11/11508/yPndOg0m.html?__OS_FAMILY__={{ __OS_FAMILY__ }}&__OS_TYPE__={{ __OS_TYPE__ }}&__GEOIP_COUNTRY_SHORT__={{ __GEOIP_COUNTRY_SHORT__ }}&__IP2L_MOBILE__={{ __IP2L_MOBILE__ }}&__BROWSER_FAMILY__={{ __BROWSER_FAMILY__ }}&OS_FAMILY=[OS_FAMILY]&OS_TYPE=[OS_TYPE]&COUNTRY_ISO_CODE=[COUNTRY_ISO_CODE]&MOBILE_BRAND=[MOBILE_BRAND]&BROWSER_FAMILY=[BROWSER_FAMILY]&DOMAIN=tporn.xxx&PRICE=0.0050&PRICING_MODEL=[PRICING_MODEL]&CAMPAIGN_ID=6435&CLICK_ID=0eccc38f-5d00-4329-a63f-0d058ae6cb79&id_zone=[idzone]&site={{ site }}&out_name=37319%7C4317%7Ccpm%7C0.0048%7C%24%200.0050&campaign_id=37319&price=0.0050&bidding_price=0.0048&pricebox_price=0.0200&pricing_model=cpm&click_id=0eccc38f-5d00-4329-a63f-0d058ae6cb79&priority=[PRIORITY]&ad_sub=173501021&utm1=tcb&utm2=878669509-100&utm3=249-6435-14933&utm4=0-10346131-0
vary: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
set-cookie: 2325.0=1; expires=Mon, 26 Sep 2022 05:39:06 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /in/912/?sid=34926&source=0&idzone=4186858&w=300&h=250&mo=&ve=&site_id=34926&utm1=&utm2=&utm3=&utm4=&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&spot_id=34926&p=https%3A%2F%2Ftporn.xxx%2Fen%2Fvideo%2F10535351%2Fdirty-videos%2F&katds_labels=&btype=0&score=100 HTTP/1.1 
Host: btds.zog.link
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://661f8a0d88.a07d30aaf0.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         109.206.175.85
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.20.1
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
location: https://twinrdack.com/link.engine?z=57005&guid=7d2cfa7e-825a-45f7-9010-969c9e062f3d&tid=0&kw=Dirty,Videos,tPorn.xxx,Dirty,Videos,Big,Tits,Brunette,Cumshot,Cunnilingus,HD,Latina,MILF,POV,Tattoo,Johnny,The,Kid,Miss,Raquel,tPorn,Porn,Videos,XXX,Movies,Sex,Videos,Porn,Tube,Watch,Dirty,Videos,and,download,for,free,Every,day,we,upload,new,porn,videos,to,tPorn.xxx,Porn,Categories,Enjoy,free,sex,videos,on,tPorn.xxx
vary: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
set-cookie: 912.0=1; expires=Mon, 26 Sep 2022 05:39:06 GMT; path=/; secure; SameSite=None 1624.0=1; expires=Mon, 26 Sep 2022 05:39:06 GMT; path=/; secure; SameSite=None 1625.0=1; expires=Mon, 26 Sep 2022 05:39:06 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4412
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 05:39:06 GMT
Last-Modified: Sun, 25 Sep 2022 04:25:35 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /in/912/?sid=34927&source=0&idzone=4186824&w=300&h=250&mo=&ve=&site_id=34927&utm1=&utm2=&utm3=&utm4=&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&spot_id=34927&p=https%3A%2F%2Ftporn.xxx%2Fen%2Fvideo%2F10535351%2Fdirty-videos%2F&katds_labels=&btype=0&score=98 HTTP/1.1 
Host: btds.zog.link
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://661f8a0d88.a07d30aaf0.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         109.206.175.85
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.20.1
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
location: https://twinrdack.com/link.engine?z=57006&guid=7d2cfa7e-825a-45f7-9010-969c9e062f3d&tid=0&kw=Dirty,Videos,tPorn.xxx,Dirty,Videos,Big,Tits,Brunette,Cumshot,Cunnilingus,HD,Latina,MILF,POV,Tattoo,Johnny,The,Kid,Miss,Raquel,tPorn,Porn,Videos,XXX,Movies,Sex,Videos,Porn,Tube,Watch,Dirty,Videos,and,download,for,free,Every,day,we,upload,new,porn,videos,to,tPorn.xxx,Porn,Categories,Enjoy,free,sex,videos,on,tPorn.xxx
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 912.0=1; expires=Mon, 26 Sep 2022 05:39:06 GMT; path=/; secure; SameSite=None 1624.0=1; expires=Mon, 26 Sep 2022 05:39:06 GMT; path=/; secure; SameSite=None 1625.0=1; expires=Mon, 26 Sep 2022 05:39:06 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /in/912/?sid=34925&source=0&idzone=4186856&w=300&h=250&mo=&ve=&site_id=34925&utm1=&utm2=&utm3=&utm4=&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&spot_id=34925&p=https%3A%2F%2Ftporn.xxx%2Fen%2Fvideo%2F10535351%2Fdirty-videos%2F&katds_labels=&btype=0&score=100 HTTP/1.1 
Host: btds.zog.link
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://661f8a0d88.a07d30aaf0.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         109.206.175.85
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.20.1
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
location: https://twinrdack.com/link.engine?z=57004&guid=7d2cfa7e-825a-45f7-9010-969c9e062f3d&tid=0&kw=Dirty,Videos,tPorn.xxx,Dirty,Videos,Big,Tits,Brunette,Cumshot,Cunnilingus,HD,Latina,MILF,POV,Tattoo,Johnny,The,Kid,Miss,Raquel,tPorn,Porn,Videos,XXX,Movies,Sex,Videos,Porn,Tube,Watch,Dirty,Videos,and,download,for,free,Every,day,we,upload,new,porn,videos,to,tPorn.xxx,Porn,Categories,Enjoy,free,sex,videos,on,tPorn.xxx
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 912.0=1; expires=Mon, 26 Sep 2022 05:39:06 GMT; path=/; secure; SameSite=None 1624.0=1; expires=Mon, 26 Sep 2022 05:39:06 GMT; path=/; secure; SameSite=None 1625.0=1; expires=Mon, 26 Sep 2022 05:39:06 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /in/912/?sid=34924&source=0&idzone=4186852&w=300&h=250&mo=&ve=&site_id=34924&utm1=&utm2=&utm3=&utm4=&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&spot_id=34924&p=https%3A%2F%2Ftporn.xxx%2Fen%2Fvideo%2F10535351%2Fdirty-videos%2F&katds_labels=&btype=0&score=100 HTTP/1.1 
Host: btds.zog.link
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://661f8a0d88.a07d30aaf0.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         109.206.175.85
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.20.1
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 0
location: https://twinrdack.com/link.engine?z=57003&guid=7d2cfa7e-825a-45f7-9010-969c9e062f3d&tid=0&kw=Dirty,Videos,tPorn.xxx,Dirty,Videos,Big,Tits,Brunette,Cumshot,Cunnilingus,HD,Latina,MILF,POV,Tattoo,Johnny,The,Kid,Miss,Raquel,tPorn,Porn,Videos,XXX,Movies,Sex,Videos,Porn,Tube,Watch,Dirty,Videos,and,download,for,free,Every,day,we,upload,new,porn,videos,to,tPorn.xxx,Porn,Categories,Enjoy,free,sex,videos,on,tPorn.xxx
vary: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
set-cookie: 912.0=1; expires=Mon, 26 Sep 2022 05:39:06 GMT; path=/; secure; SameSite=None 1624.0=1; expires=Mon, 26 Sep 2022 05:39:06 GMT; path=/; secure; SameSite=None 1625.0=1; expires=Mon, 26 Sep 2022 05:39:06 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /library/428515/6a38c15150978e6ed4c075ed69b647bd8d089798.gif HTTP/1.1 
Host: s3t3d2y8.afcdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://661f8a0d88.a07d30aaf0.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.76.9.26
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 108641
last-modified: Fri, 31 Dec 2021 10:22:20 GMT
etag: "61ced9dc-1a861"
expires: Fri, 30 Jun 2023 11:25:08 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195422
server: CDN77-Turbo
x-77-nzt: AblMCRRqJ6f/nEtxAA
x-77-nzt-ray: j3XxnglCW+o
x-cache: HIT
x-age: 7424924
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 100\012- data
Size:   108641
Md5:    18a2246958cd01fe82fe19135614b287
Sha1:   6a38c15150978e6ed4c075ed69b647bd8d089798
Sha256: 16de39246b3ffe931c68899d1aebc1cc3483a3a93b42a76fbff2764465400e19
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "718E67251A57091660E3ED40F913DBE6261A1739A9D9C0D02720B3BFC129D4A2"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3721
Expires: Sun, 25 Sep 2022 06:41:07 GMT
Date: Sun, 25 Sep 2022 05:39:06 GMT
Connection: keep-alive

                                        
                                            GET /in/va?spot_id=34929&view=1 HTTP/1.1 
Host: btds.zog.link
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tporn.xxx
Connection: keep-alive
Referer: https://tporn.xxx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         109.206.175.85
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.20.1
date: Sun, 25 Sep 2022 05:39:07 GMT
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 1840.0=1; expires=Mon, 26 Sep 2022 05:39:06 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /in/va?spot_id=34927&view=1 HTTP/1.1 
Host: btds.zog.link
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tporn.xxx
Connection: keep-alive
Referer: https://tporn.xxx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         109.206.175.85
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.20.1
date: Sun, 25 Sep 2022 05:39:07 GMT
content-length: 2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: 1840.0=1; expires=Mon, 26 Sep 2022 05:39:06 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   46808
Md5:    00d0a875834185320a87f1c175c5c132
Sha1:   cc1651b872d7287e2b2779a86e71659e8cde9eb9
Sha256: 2a5949951b65186472383a9c510983e9ad633e07bb0c1fa54f44ee68bc28e264
                                        
                                            GET /in/va?spot_id=34928&view=1 HTTP/1.1 
Host: btds.zog.link
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tporn.xxx
Connection: keep-alive
Referer: https://tporn.xxx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         109.206.175.85
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.20.1
date: Sun, 25 Sep 2022 05:39:07 GMT
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 1840.0=1; expires=Mon, 26 Sep 2022 05:39:07 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /in/show/?__OS_FAMILY__=%7B%7B%20__OS_FAMILY__%20%7D%7D&__OS_TYPE__=%7B%7B%20__OS_TYPE__%20%7D%7D&__GEOIP_COUNTRY_SHORT__=%7B%7B%20__GEOIP_COUNTRY_SHORT__%20%7D%7D&__IP2L_MOBILE__=%7B%7B%20__IP2L_MOBILE__%20%7D%7D&__BROWSER_FAMILY__=%7B%7B%20__BROWSER_FAMILY__%20%7D%7D&OS_FAMILY=%5BOS_FAMILY%5D&OS_TYPE=%5BOS_TYPE%5D&COUNTRY_ISO_CODE=%5BCOUNTRY_ISO_CODE%5D&MOBILE_BRAND=%5BMOBILE_BRAND%5D&BROWSER_FAMILY=%5BBROWSER_FAMILY%5D&DOMAIN=tporn.xxx&PRICE=0.0050&PRICING_MODEL=%5BPRICING_MODEL%5D&CAMPAIGN_ID=6435&CLICK_ID=0eccc38f-5d00-4329-a63f-0d058ae6cb79&id_zone=%5Bidzone%5D&site=%7B%7B%20site%20%7D%7D&out_name=37319%7C4317%7Ccpm%7C0.0048%7C%24%200.0050&campaign_id=37319&price=0.0050&bidding_price=0.0048&pricebox_price=0.0200&pricing_model=cpm&click_id=0eccc38f-5d00-4329-a63f-0d058ae6cb79&priority=%5BPRIORITY%5D&ad_sub=173501021&utm1=tcb&utm2=878669509-100&utm3=249-6435-14933&utm4=0-10346131-0&banner_id=4190&banner_creative_id=8920 HTTP/1.1 
Host: in16.zog.link
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://12112336.pix-cdn.org
Connection: keep-alive
Referer: https://12112336.pix-cdn.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         109.206.163.116
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.20.1
date: Sun, 25 Sep 2022 05:39:06 GMT
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://12112336.pix-cdn.org
cache-control: no-cache, no-store, must-revalidate
set-cookie: 770.0=1; expires=Mon, 26 Sep 2022 05:39:06 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2813
Expires: Sun, 25 Sep 2022 06:26:00 GMT
Date: Sun, 25 Sep 2022 05:39:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2813
Expires: Sun, 25 Sep 2022 06:26:00 GMT
Date: Sun, 25 Sep 2022 05:39:07 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   63926
Md5:    1cd2e5adddb9cddf365cffe4fcc4b644
Sha1:   28996fcb359e8ba8f6360f7fc5fa1e3e00f53c62
Sha256: 80e4dd868e60cd25dcfb6556d7bfb3c5a2fde2a35b9fb40b1560d9c1f8de7a63
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2813
Expires: Sun, 25 Sep 2022 06:26:00 GMT
Date: Sun, 25 Sep 2022 05:39:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2813
Expires: Sun, 25 Sep 2022 06:26:00 GMT
Date: Sun, 25 Sep 2022 05:39:07 GMT
Connection: keep-alive

                                        
                                            GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNDk2LCJzcGFjZWlkIjozNDkyOCwidHlwZSI6InBvcCIsImlkem9uZSI6NDE4NjgyNiwiYWRfdGFncyI6IkRpcnR5JTJDVmlkZW9zJTJDdFBvcm4ueHh4JTJDRGlydHklMkNWaWRlb3MlMkNCaWclMkNUaXRzJTJDQnJ1bmV0dGUlMkNDdW1zaG90JTJDQ3VubmlsaW5ndXMlMkNIRCUyQ0xhdGluYSUyQ01JTEYlMkNQT1YlMkNUYXR0b28lMkNKb2hubnklMkNUaGUlMkNLaWQlMkNNaXNzJTJDUmFxdWVsJTJDdFBvcm4lMkNQb3JuJTJDVmlkZW9zJTJDWFhYJTJDTW92aWVzJTJDU2V4JTJDVmlkZW9zJTJDUG9ybiUyQ1R1YmUlMkNXYXRjaCUyQ0RpcnR5JTJDVmlkZW9zJTJDYW5kJTJDZG93bmxvYWQlMkNmb3IlMkNmcmVlJTJDRXZlcnklMkNkYXklMkN3ZSUyQ3VwbG9hZCUyQ25ldyUyQ3Bvcm4lMkN2aWRlb3MlMkN0byUyQ3RQb3JuLnh4eCUyQ1Bvcm4lMkNDYXRlZ29yaWVzJTJDRW5qb3klMkNmcmVlJTJDc2V4JTJDdmlkZW9zJTJDb24lMkN0UG9ybi54eHglMjAiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MzQ5MjgsIm11bHRpcGxlIjp0cnVlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6Miwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTh9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9fV0sInNpdGUiOnsiaWQiOiIzNDkyOCIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly90cG9ybi54eHgvZW4vdmlkZW8vMTA1MzUzNTEvZGlydHktdmlkZW9zLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NjQwODQzNDQ4MjZ9fQ== HTTP/1.1 
Host: 661f8a0d88.a07d30aaf0.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tporn.xxx/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:06 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5673
Md5:    dc86ecc71e4ba1ae17b70c910d382583
Sha1:   a98d5f5d526c4866ef78dccacee15949e473b289
Sha256: 4cf338ef908f12f0ee4c7c5cb3f47ca55bd8899e965b9e018945c48a0a4594fb

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /link.engine?z=57006&guid=7d2cfa7e-825a-45f7-9010-969c9e062f3d&tid=0&kw=Dirty,Videos,tPorn.xxx,Dirty,Videos,Big,Tits,Brunette,Cumshot,Cunnilingus,HD,Latina,MILF,POV,Tattoo,Johnny,The,Kid,Miss,Raquel,tPorn,Porn,Videos,XXX,Movies,Sex,Videos,Porn,Tube,Watch,Dirty,Videos,and,download,for,free,Every,day,we,upload,new,porn,videos,to,tPorn.xxx,Porn,Categories,Enjoy,free,sex,videos,on,tPorn.xxx HTTP/1.1 
Host: twinrdack.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://661f8a0d88.a07d30aaf0.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         172.66.40.122
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Sun, 25 Sep 2022 05:39:07 GMT
location: https://twinrdack.com/Redirect.eng?MediaSegmentId=40566&dcid=3_ctx_ecc92c42-8bd0-4838-a636-1b337fe8a531&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=115u9DYuCIkEepm8RhGWmuWWlL1QuuoUP7ts5p4OJAxli6n3pZm-LeR-S0wwfvqUruQMmp6JhqJBZK6b0fUdMQSOirLDJX1av1p478b6Qg83hgzKUKUPVDXzgpFNWjnbjI3r6GWmL5OQyi1FUqHMAnazZQrOJ8VKXQbBoCeQRcBmXjkBsIA4A7YzwfQ2rVwXEHwA0_cKCopNPk6eKPSHQWAGBB4hufzwRWULUGQI2gl6MoGz3QGR-yRSflAJjgm8deGSo-CZcwuz5gpzx-r0U9g0VgQkJDZp3Pb4ZWNWgClYnWdnvloq8_7JyGzGnpLMuw1hxK9yd8VIShYqD85z4Za5ZiF_kIrN3CVRsqFO1QRl8zI7Q7_JIrOIu-Dy3RaHAaLcTXBixWV6t-SOjj3LiMm9Y6eGShtvQR3iiVUMlGA_BOpGHamMiWpq6HCcmUfNi3KQuMX7nkyLyrstmxQHqLecAL7PpYekMop_eSoiE4Hde9lqyTTNDhvLRemcfr6tsVF2wSbPZ17Hw-l3TTrcECHH2XkKmU0CXa6RXcZeSpvHN_VKa73IhvB0d6-9FsT3d7uxhMlBOPuEu9tGyuV8WkUszlSv26tkI3k7iRWukKgor0_omXX4kSCNtG222eN7NuuyeC-RQfEeLk5uaTDSJOe-eOpiMBKuzdOqDOBhwcy1cwrge-0DZy5advTWC2ev1-hdcL85I1bpfge43pj_ffjvlLSH23HwC3YHUskk5G-woRxDS9orKBAiUoNev84xzarFN8xn-JU93Q3xT5B-y3iUOSwIKJUVLkBczHLF_8I6QmC1oSLgMuIbyuz_Tt22MIq5RIX0tCrQiiF0jSr39qqgO_rnmlQp-M0HA_EF8oJwyWEspwF_0DQNXuVRwfgf90ZRH5tTHjHTGR_-93EOynywb1Wdkyd3TFbZUDIef2GD9dsUbNaNUlgGwTjWQsOf2w6IjpWwKXnaykV-fZJQpw2&kw=Dirty%2cVideos%2ctPorn.xxx%2cDirty%2cVideos%2cBig%2cTits%2cBrunette%2cCumshot%2cCunnilingus%2cHD%2cLatina%2cMILF%2cPOV%2cTattoo%2cJohnny%2cThe%2cKid%2cMiss%2cRaquel%2ctPorn%2cPorn%2cVideos%2cXXX%2cMovies%2cSex%2cVideos%2cPorn%2cTube%2cWatch%2cDirty%2cVideos%2cand%2cdownload%2cfor%2cfree%2cEvery%2cday%2cwe%2cupload%2cnew%2cporn%2cvideos%2cto%2ctPorn.xxx%2cPorn%2cCategories%2cEnjoy%2cfree%2csex%2cvideos%2con%2ctPorn.xxx&mw=300&mh=250
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
x-powered-by: ASP.NET
set-cookie: IKSR={}; path=/; SameSite=None; secure INF_DFL8=false; path=/; SameSite=None; secure IUID=c9f562ed-8be3-4438-bef7-ce774631bcf4; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure ISSH=662BEF; path=/; SameSite=None; secure VMI=; path=/; SameSite=None; secure IPLH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IPLH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly CHN=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly MSSH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly MSRH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ILP=null; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure ILPLU=#1/1/0001 12:00:00 AM; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ILEALC=#1/1/0001 12:00:00 AM; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ILMPF=#False; expires=Sun, 25-Sep-2022 09:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IPMPLU=#; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IPMUID=#; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly BSWUID=#; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IKSR={}; path=/; SameSite=None; secure IBL=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly PZK={"P":"Zn51fk7ZO/rHawS4LzfS7pjo0aTXk6xDY3brzSUbwLOuUw3ddAvDtGLI98qfR+K6","B":[],"UD":1664084346}; expires=Tue, 25-Oct-2022 05:39:06 GMT; path=/; SameSite=None; secure IPLSH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IPLSH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IZH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IZH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IMCH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IMCH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IMH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IMH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ISH=#{"14241":[{"SId":"662BEF","D":"22/9/24T22:39:6"}]}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ISH_Q=#[14241]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ISPH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ISPH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ICH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ICH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87pYgTONDxgpKosXRHZeg7ej%2Fe3POPdtPh%2FWxHR7oaJknTtGeMwh7nHS4FwbV9YD23Gu6MPmynO3wevYLL9ZTYq8TGb3b0QOYbBtQqKscqLNemgfRtAEdUo55zCMdU0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75016adf2b9eb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   14086
Md5:    962c139ddd2f49c129f5c249a5fcd4e4
Sha1:   bc64708cd288deed7eef2f42881d8f7847310e36
Sha256: 55e03b3fd173e0da066a3f99518ff74d99292de10f91298f1b6da2aea0c3b5f1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6307cf78-7c68-41f1-9dfd-ba063eeb3f4b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5172
x-amzn-requestid: d366d3e0-71d7-404c-a93b-3267852824ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_T5F5PoAMFqWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f78e5-52362b5f0dc1ee8951eebc07;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ean91lOEJLzLQFKy3gBuqD_G-BVw3SMuED20W6ixdkKYvVcMatdGJA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:23 GMT
age: 28784
etag: "a881666627e1077859ed1941cee576caf600d798"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5172
Md5:    d7bd3afd3069904500c28e9bb16587e8
Sha1:   a881666627e1077859ed1941cee576caf600d798
Sha256: 78a7b0a2127c583aba569abace503cff376cde67d5faa9a346c1494d91e8f3cf
                                        
                                            GET /m/p/0/11/11508/yPndOg0m.html?__OS_FAMILY__={{%20__OS_FAMILY__%20}}&__OS_TYPE__={{%20__OS_TYPE__%20}}&__GEOIP_COUNTRY_SHORT__={{%20__GEOIP_COUNTRY_SHORT__%20}}&__IP2L_MOBILE__={{%20__IP2L_MOBILE__%20}}&__BROWSER_FAMILY__={{%20__BROWSER_FAMILY__%20}}&OS_FAMILY=[OS_FAMILY]&OS_TYPE=[OS_TYPE]&COUNTRY_ISO_CODE=[COUNTRY_ISO_CODE]&MOBILE_BRAND=[MOBILE_BRAND]&BROWSER_FAMILY=[BROWSER_FAMILY]&DOMAIN=tporn.xxx&PRICE=0.0050&PRICING_MODEL=[PRICING_MODEL]&CAMPAIGN_ID=6435&CLICK_ID=0eccc38f-5d00-4329-a63f-0d058ae6cb79&id_zone=[idzone]&site={{%20site%20}}&out_name=37319%7C4317%7Ccpm%7C0.0048%7C%24%200.0050&campaign_id=37319&price=0.0050&bidding_price=0.0048&pricebox_price=0.0200&pricing_model=cpm&click_id=0eccc38f-5d00-4329-a63f-0d058ae6cb79&priority=[PRIORITY]&ad_sub=173501021&utm1=tcb&utm2=878669509-100&utm3=249-6435-14933&utm4=0-10346131-0 HTTP/1.1 
Host: 12112336.pix-cdn.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://661f8a0d88.a07d30aaf0.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.24
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Sun, 25 Sep 2022 05:39:06 GMT
server: nginx/1.12.2
last-modified: Wed, 02 Sep 2020 10:48:37 GMT
etag: W/"5f4f7885-7e9"
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-proxy-cache: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   12298
Md5:    c371a730225e1a106fe337ddfe460f92
Sha1:   c41e3341960ab122e427b060d7b8c5c9cc644db5
Sha256: 80e8c21fcd530852d16a0d2975105116b7301ebdb75664d86e5ab7ae22efafe1
                                        
                                            GET /link.engine?z=57005&guid=7d2cfa7e-825a-45f7-9010-969c9e062f3d&tid=0&kw=Dirty,Videos,tPorn.xxx,Dirty,Videos,Big,Tits,Brunette,Cumshot,Cunnilingus,HD,Latina,MILF,POV,Tattoo,Johnny,The,Kid,Miss,Raquel,tPorn,Porn,Videos,XXX,Movies,Sex,Videos,Porn,Tube,Watch,Dirty,Videos,and,download,for,free,Every,day,we,upload,new,porn,videos,to,tPorn.xxx,Porn,Categories,Enjoy,free,sex,videos,on,tPorn.xxx HTTP/1.1 
Host: twinrdack.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://661f8a0d88.a07d30aaf0.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         172.66.40.122
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Sun, 25 Sep 2022 05:39:07 GMT
location: https://twinrdack.com/Redirect.eng?MediaSegmentId=40566&dcid=3_ctx_d0340ed2-36b5-48de-be6f-134535480c5a&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=95Leb_WcpDdjjpRkuHFnrpq6petztFf85jTrzC0zujVjgr-Fks4tylTTv1bxxHkGxL7-37Z1xryvV_h253pNP4v5jVunKKZiUKGQ1pqCMHtvFc1Lyh3O1csx82WJtres18eHkYRdADeGl42Y73H8tah63Djejpbcg_0_M8aC_ylijeArWFpqVep46gb3IjwLePeEYuN8fhNFM4XYUjudmBoYwqyMbmIo3mgxYlnHg_4mX2VmpcbX6d3zgeSfivS1M4hgsEMaovIccrmmBrFZuTL6BXKLfBDZez_p69MgNQhgA4baCK8IGxtayiam8yzhCYZg-s6Pn6w-g-lBwj8haMAFug8txsGWMpZ-wJUcD5Nzrw5x8YyAzjczZ5Z9S-TpNkoFuiDFNMZpIQfRvPzQlGXOP1dTBmD7LiYGLGdknUhJapZG9Cpi0l-ycDNdgOP0vu_mojR-z4dOvs15djEu24au51hmG3tU1D1J0GzTgDg1U7Zm1iECx9fqNQflbq_SRZed8LtHJKnyUlRbpDePF0XaaMtN8A7sTmp_nYn379rxSSMWV5etkd1gO2wSKE92OIt-VwyccMKGQ-OOzOFAuV1BnxwfWXykOFn5LSu5P5_GYb04t5nGgnEQMDfLxpvVCsiRTDurvXDUJmOAwuK4bpBYTGk1L7o5uS9nZWezb6-jdJu99lQN59H01M0jqg5AA4OvLGOjyvoFa-B3d7AfLDx4XVsPMkjLeDE5PKL77l4RQVjlO7XPMTVEcsTNI2IS91yeHJ_-theVzj6C6FfsFRPCofBWhWBgFKG03oFQw4kqS9vh00D6pZ9ULfJgGKCXdh7C-RggYoMcKVcpeYl0NoW-4vPTVpqLVHZKRDO6n4-adVQuktqP9PvSsHnByXAtNmK5pDeXm5CLaNoSePY4bjgNXecGgspmnS-MQsOFN5evI-fenXqhpIem8um6p4JEHcgssPhEavjwhNqyR-PZkg2&kw=Dirty%2cVideos%2ctPorn.xxx%2cDirty%2cVideos%2cBig%2cTits%2cBrunette%2cCumshot%2cCunnilingus%2cHD%2cLatina%2cMILF%2cPOV%2cTattoo%2cJohnny%2cThe%2cKid%2cMiss%2cRaquel%2ctPorn%2cPorn%2cVideos%2cXXX%2cMovies%2cSex%2cVideos%2cPorn%2cTube%2cWatch%2cDirty%2cVideos%2cand%2cdownload%2cfor%2cfree%2cEvery%2cday%2cwe%2cupload%2cnew%2cporn%2cvideos%2cto%2ctPorn.xxx%2cPorn%2cCategories%2cEnjoy%2cfree%2csex%2cvideos%2con%2ctPorn.xxx&mw=300&mh=250
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
x-powered-by: ASP.NET
set-cookie: IKSR={}; path=/; SameSite=None; secure INF_DFL8=false; path=/; SameSite=None; secure IUID=79e05872-f906-4ec5-b7a2-649b2df5718c; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure ISSH=662BEF; path=/; SameSite=None; secure VMI=; path=/; SameSite=None; secure IPLH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IPLH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly CHN=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly MSSH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly MSRH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ILP=null; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure ILPLU=#1/1/0001 12:00:00 AM; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ILEALC=#1/1/0001 12:00:00 AM; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ILMPF=#False; expires=Sun, 25-Sep-2022 09:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IPMPLU=#; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IPMUID=#; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly BSWUID=#; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IKSR={}; path=/; SameSite=None; secure IBL=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly PZK={"P":"wCV8oT8IZt6thrhU8mC8hGtxfjsnMTN6oyfzw7g6P3hiTxT9R5diClXQRrineP5l","B":[],"UD":1664084346}; expires=Tue, 25-Oct-2022 05:39:06 GMT; path=/; SameSite=None; secure IPLSH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IPLSH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IZH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IZH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IMCH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IMCH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IMH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IMH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ISH=#{"14241":[{"SId":"662BEF","D":"22/9/24T22:39:6"}]}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ISH_Q=#[14241]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ISPH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ISPH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ICH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ICH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SoC5n14xR5oLZ7Wol6aznDGyVO%2BAK32uutEvf0BUVZIvcIjxKl1UgiDx6r%2BPf4Dp9PgjqPxbIJXjIzcWdnAHWVaErb4yLl0M2S9%2BkifiE9ryDgMzQUKkrsDBFA2cJSA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75016adf2b9cb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   12099
Md5:    59a642648f2d173a9b61d6c2ca538ba7
Sha1:   9da7cb1080f50262ee397742fe0a9dd2444a0fbe
Sha256: c91f33e6bc97821b14d487336f5b58764b16d33c39bb1c8d0710b386a48378cb
                                        
                                            GET /link.engine?z=57003&guid=7d2cfa7e-825a-45f7-9010-969c9e062f3d&tid=0&kw=Dirty,Videos,tPorn.xxx,Dirty,Videos,Big,Tits,Brunette,Cumshot,Cunnilingus,HD,Latina,MILF,POV,Tattoo,Johnny,The,Kid,Miss,Raquel,tPorn,Porn,Videos,XXX,Movies,Sex,Videos,Porn,Tube,Watch,Dirty,Videos,and,download,for,free,Every,day,we,upload,new,porn,videos,to,tPorn.xxx,Porn,Categories,Enjoy,free,sex,videos,on,tPorn.xxx HTTP/1.1 
Host: twinrdack.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://661f8a0d88.a07d30aaf0.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         172.66.40.122
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Sun, 25 Sep 2022 05:39:07 GMT
location: https://twinrdack.com/Redirect.eng?MediaSegmentId=40566&dcid=3_ctx_284cdf34-c60e-4cc8-9f58-a0028aab9447&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=lv7_jGCw2NAl6p32aItx4nIPisAuzDRShsM6NzFFb1NgpHRrh-W7qtFAK-VPtoFauKvtpdPrudZosBJaDb8dz4q7mqXUkw0YDY7q10AtajOzl0cNIsedhtrGRig5NsOkLw4H0tgv3DmRRMR-KogN6Mkffq11tghsXSb-DmNTBe8E0V8k46sda2q4w-YJYAMkO4yo_MkAjW0ypOzkGTZEZbeqaznPHAC0Qm0rNfR3NwZYbRzAQZCRr_tlkRDzRhT9e47xK7WcmLAem8Ddqto2Py59Q3mC8BytyBeVz7tdtuAGmyJ_VfdPutzOj98ZqNn_cukLFl2L4ky6ElrkmwDP6Nh0mAipP1OZVv-EFxXCP6u7pdM9RrjA3ea1ibCDaK2Ad8Yl1TqWeOClf9i_5VV-ii8j67GR5DfpDodZsqApwEMaDn4GAqSyYPcBHVuJZPfy0lZ5K540Ik5_MJ0pdR7UtEH9uKO6ZtYOyGzKXOph9KcxZds3_PgPKhsKfODKL_bNdyIPCYNbQSK0HnBbk6gzTW2OlgLs2GfZNpqCxG7LrJo7Zi0jffMkAAjiHXZ4ERD06UMTr5VObG45ZYpiGtDOWVyfT6xqjvFW2wffly68GCB3eEkR7atmYP5TXxPj26gvRS3t7r54GcNdWMoRBu__dem2TU91V08vTIWAxt-OTHP5MkGLfLZzaDh-FGQ-ubwOhCKHsrxFMReXE0gr4D4q9__uopGZA8UD5mKkMQyeUk4xaWpVVqPWumYDl-anz8xyuSSIXF4lrC9q9xHXcwW7IGrb2y1y8gcGeZFykF6S1i5U7vjqn7VF_zefpiOTugBNDFpoyvuvzwEwuQpSRhgbyZOYnUtWgqILhZAhToSq1BBzkWza8m9vklseAObTJ35o8KEcqf8UF1_tUggYR4xSuDSr67njIrlSlzUstxr8cHCZPskhEx9DuTElk-ptt2OfslgCB-Tx66GEzCJZ7U291w2&kw=Dirty%2cVideos%2ctPorn.xxx%2cDirty%2cVideos%2cBig%2cTits%2cBrunette%2cCumshot%2cCunnilingus%2cHD%2cLatina%2cMILF%2cPOV%2cTattoo%2cJohnny%2cThe%2cKid%2cMiss%2cRaquel%2ctPorn%2cPorn%2cVideos%2cXXX%2cMovies%2cSex%2cVideos%2cPorn%2cTube%2cWatch%2cDirty%2cVideos%2cand%2cdownload%2cfor%2cfree%2cEvery%2cday%2cwe%2cupload%2cnew%2cporn%2cvideos%2cto%2ctPorn.xxx%2cPorn%2cCategories%2cEnjoy%2cfree%2csex%2cvideos%2con%2ctPorn.xxx&mw=300&mh=250
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
x-powered-by: ASP.NET
set-cookie: IKSR={}; path=/; SameSite=None; secure INF_DFL8=false; path=/; SameSite=None; secure IUID=e84cadb8-8a6f-4d3c-8b0e-62a755615537; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure ISSH=662BEF; path=/; SameSite=None; secure VMI=; path=/; SameSite=None; secure IPLH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IPLH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly CHN=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly MSSH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly MSRH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ILP=null; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure ILPLU=#1/1/0001 12:00:00 AM; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ILEALC=#1/1/0001 12:00:00 AM; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ILMPF=#False; expires=Sun, 25-Sep-2022 09:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IPMPLU=#; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IPMUID=#; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly BSWUID=#; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IKSR={}; path=/; SameSite=None; secure IBL=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly PZK={"P":"bi6D3EoqL9H7rgsUUcTxxc8neoIY8JfgxcwXPgiIfVh0i4NiM3WX+S+iXFgvmN2j","B":[],"UD":1664084346}; expires=Tue, 25-Oct-2022 05:39:06 GMT; path=/; SameSite=None; secure IPLSH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IPLSH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IZH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IZH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IMCH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IMCH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IMH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly IMH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ISH=#{"14241":[{"SId":"662BEF","D":"22/9/24T22:39:6"}]}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ISH_Q=#[14241]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ISPH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ISPH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ICH=#{}; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly ICH_Q=#[]; expires=Sat, 25-Sep-2032 05:39:06 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vImQU67%2BTZbzRrxr0owTL758OQBXvGGvVS9saO0iOb4lDJ5aPmAabwe3ifcYI%2FdxWp8xEp94tDBhvM%2BXGUXOswhBU%2FzEniJ6h7G%2F%2Bs%2Fm%2FkOmd3KlST10Mrbr0wfVStk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75016adf2ba0b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2096
Md5:    3b860c5c83be5c3969e53d2f866ee222
Sha1:   ca21ad7f3ba31fd4fb9c14ff7a2e021f7302a3f5
Sha256: 54972cf0fb29fa8ff306802a8c0e091dfee7602361491f49b29255f976f0b822
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7690
x-amzn-requestid: e50abd36-e3d6-4177-ad5a-57ef7f743e1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv2HqHJqIAMFe9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296a30-7de1ba3633620fed1eb26a04;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:22:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: x6m2265h0hSgCTluIqgbC-hSZiiyeqMR0qEwnYgXfjfxNa99trVEgA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 18:05:57 GMT
age: 41590
etag: "9e7b0fd5b7c45213e1808361867a254c8e313a30"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7690
Md5:    75eb09cb0472d311d2deaf4475a2fb29
Sha1:   9e7b0fd5b7c45213e1808361867a254c8e313a30
Sha256: c18626d0131533976be196823911d5146042e6bd8028389cb4f17a64ee0ec1e4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7642
x-amzn-requestid: b0fc9bea-7735-43c0-a176-eae4d5000a6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2ZPtHajIAMF8zQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c08ca-391092bd30ae5bf9692e93ba;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:03:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gc7lA-XfgIAhotpUdrOaihuA2nbdMY2zNiJSHZpSN3yKPaT-k93auQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 07:07:29 GMT
age: 81098
etag: "1534aa8a5158dfa9592d65e6fb761b41c0852c58"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7642
Md5:    00c09f267aacde9465a329542463b9e5
Sha1:   1534aa8a5158dfa9592d65e6fb761b41c0852c58
Sha256: 276ff24598159f62fd7333992575834f901eea7c75a228b9c12d1c049f1df558
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "630FC45C86D8E667AC77A78226EFA8FCE1B2F0432FB03F0126D5BA4C139559CF"
Last-Modified: Sat, 24 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19237
Expires: Sun, 25 Sep 2022 10:59:44 GMT
Date: Sun, 25 Sep 2022 05:39:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "630FC45C86D8E667AC77A78226EFA8FCE1B2F0432FB03F0126D5BA4C139559CF"
Last-Modified: Sat, 24 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19237
Expires: Sun, 25 Sep 2022 10:59:44 GMT
Date: Sun, 25 Sep 2022 05:39:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "81B54427C26EE158EC5FD89F2BAC795477F74F6995C4EA4C51BA9744FB392B3B"
Last-Modified: Sat, 24 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5599
Expires: Sun, 25 Sep 2022 07:12:26 GMT
Date: Sun, 25 Sep 2022 05:39:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "81B54427C26EE158EC5FD89F2BAC795477F74F6995C4EA4C51BA9744FB392B3B"
Last-Modified: Sat, 24 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5599
Expires: Sun, 25 Sep 2022 07:12:26 GMT
Date: Sun, 25 Sep 2022 05:39:07 GMT
Connection: keep-alive

                                        
                                            GET /cachebust/chatembed-prod-51fb843809ea.js HTTP/1.1 
Host: static-assets.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.94.42
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 25 Sep 2022 05:39:07 GMT
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=912466
etag: W/"f398903b3e4d8cc95a5a63f84c84917d"
last-modified: Sat, 24 Sep 2022 19:29:56 GMT
x-amz-id-2: +vbvRRn2R+rQlmAujR4zraVEkceh763pNgOvmg7hotqNVr7MNwEYs6kt5uhti8iJnAboIaWpllc=
x-amz-meta-s3cmd-attrs: md5:f398903b3e4d8cc95a5a63f84c84917d
x-amz-request-id: KD3P9KDD040WT0WA
cf-cache-status: HIT
age: 36353
expires: Tue, 25 Oct 2022 05:39:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otBITOp162sv462DzwcsAUMoyTyXQg3zy5aG8Esa7IwqeO9oFcvWb3xjqg2flSMG86DEdb1SKGsDDAPr2OjhFn27EeiVHnL5GmjKbPhNVH6oRspQXvs13QKwiPK0SAL0aix4IG1598WaWgfCLKoZVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=kqqo0tniyipmicBHEDzwa1j3pN2mkVR.8vECcMscVWM-1664084347521-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75016ae3fe68b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16999)
Size:   296596
Md5:    54c668025c005d80032b5ad5f72e7894
Sha1:   48b4c99035ddecb63f89ede3820f4fe1f3084579
Sha256: 596f78d080df80c3e2242e2a36fc9b14f631fbd654e86f785120441122e0cfa2
                                        
                                            GET /data/creatives/1164/35605.mp4 HTTP/1.1 
Host: data.goasrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://go.goaserv.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.22.19.195
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
server: nginx
date: Sun, 25 Sep 2022 05:39:07 GMT
content-length: 709515
last-modified: Tue, 06 Sep 2022 09:33:06 GMT
etag: "631713d2-ad38b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-backend-server: nl2-static-221
content-range: bytes 0-709514/709515
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   145539
Md5:    807fa1a7c2c2ecd5fa2b9429fa646fae
Sha1:   f5efa5d8516209ed9f31b934f0eeb799f172fe6b
Sha256: 0c8fd0d1590c0894dbf9fd9ead6b08e15980abc5512b8851b57d025bd11839fe
                                        
                                            GET /banner.go?spaceid=1195888&sid2=b8c6b8a5-df78-4f9c-9c72-17db0231ca11&keywords= HTTP/1.1 
Host: go.goaserv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://twinrdack.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         217.22.19.196
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Sun, 25 Sep 2022 05:39:07 GMT
expires: Mon, 03 Jul 2001 06:00:00 GMT
last-modified: Sun, 25 09 2022 05:39:07 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
pragma: no-cache
x-backend-server: nl2-go-web-240
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   18128
Md5:    37a8c324e3aec6a724db64d06915c8f1
Sha1:   00389173d8669d5ba5bcc76398d18e8d2fe7988e
Sha256: 3d56ff773a35b0ac5b102aa62b61e50b95472e17745f053275e62a88d1403989
                                        
                                            GET /data/creatives/1164/35605.mp4 HTTP/1.1 
Host: data.goasrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://go.goaserv.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.22.19.195
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
server: nginx
date: Sun, 25 Sep 2022 05:39:07 GMT
content-length: 709515
last-modified: Tue, 06 Sep 2022 09:33:06 GMT
etag: "631713d2-ad38b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-backend-server: nl2-static-221
content-range: bytes 0-709514/709515
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   107207
Md5:    f4ab11dab602381d4e265cadfa7f28c7
Sha1:   af48932473bb7a1125ae8ab0062e5ceddbca1a9b
Sha256: ba039bc88ee148e639cd483a8049222ec0de102c2b0b6a91a589acac3362ea43
                                        
                                            GET /data/creatives/1164/36023.mp4 HTTP/1.1 
Host: data.goasrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://go.goaserv.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         217.22.19.195
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
server: nginx
date: Sun, 25 Sep 2022 05:39:07 GMT
content-length: 655766
last-modified: Mon, 19 Sep 2022 09:01:01 GMT
etag: "63282fcd-a0196"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-backend-server: nl2-static-221
content-range: bytes 0-655765/655766
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   655766
Md5:    571dd7fa16846f7f91f36116580d5fac
Sha1:   d134b7d6268a2e9d597f68e32edfaa9edd96bc55
Sha256: a52b5aee07775e5eba43f4e7b4f74542939ddaf7413e5d68a0b69519e09e38ad
                                        
                                            GET /stream?room=ehotlovea&f=0.8438892458940519 HTTP/1.1 
Host: cbjpeg.stream.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=kqqo0tniyipmicBHEDzwa1j3pN2mkVR.8vECcMscVWM-1664084347521-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         131.153.88.92
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 25 Sep 2022 05:39:08 GMT
content-length: 22341
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   22737
Md5:    ac6e4ce776b94462bcb435ec38bed3b8
Sha1:   5a5ab595dff2140c1acbf3cf2003a7c551840001
Sha256: ffaed69c1d149a4a1462ceb0025eb6c178d4f3b135f7248a3709e2287fed8540
                                        
                                            GET /stream?room=ehotlovea&f=0.3590786394567893 HTTP/1.1 
Host: cbjpeg.stream.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=kqqo0tniyipmicBHEDzwa1j3pN2mkVR.8vECcMscVWM-1664084347521-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         131.153.88.92
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 25 Sep 2022 05:39:08 GMT
content-length: 22612
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   22646
Md5:    83f5cfe32681f761b9b7018d9209b6ef
Sha1:   6338bd465e1c771917ab99c862a7c06f3012a660
Sha256: 48809007a5d1afb3eaf564e8301da2f465d3a7bab748f68a72e72b56be5105ed
                                        
                                            GET /topembed/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank HTTP/1.1 
Host: chaturbate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://12112336.pix-cdn.org/
Connection: keep-alive
Cookie: __cf_bm=sNOEI6q6C6MSdSuED6AvYitL.bg3po4QRKOuPeQwj9U-1664084347-0-AfN//VL5XP/CjuaTnC5nnqdDDxbawww/vpMuD4y9wPeN0ZPaFPfqXVmgHa3hgDLMbPnD/RBW5eFo4ZQGq6o/Nv4=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.100.40
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Sun, 25 Sep 2022 05:39:07 GMT
location: /embed/ehotlovea/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
set-cookie: stcki="pOtSwZ=1\054FqPd9a=0\0546pduSG=0\054aDBbcK=0"; expires=Tue, 25-Oct-2022 05:39:07 GMT; Max-Age=2592000; Path=/ affkey="eJyrVipSslJQyigpKSi20tc3NDI0NDI2NtMryKzQTU7J08svStdXqgUA0s8LMQ=="; Domain=.chaturbate.com; expires=Tue, 25-Oct-2022 05:39:07 GMT; Max-Age=2592000; Path=/ sbr=sec:sbracd569b3-899e-4ae5-a878-81b8e37b5c39:1ocKM7:SB7Q7mvBjGDMqrO8SexUbV5FvOw; Domain=.chaturbate.com; expires=Fri, 20-Jun-2025 05:39:07 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75016ae10c21b517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1185
Md5:    d6e5c26ed137efc38e219f917f5bd4ea
Sha1:   e59337fd625f60c430622b4a4d2077f0efab43cb
Sha256: 07b16522ec89c0b06cbe22f34e29febc25a90bd280bdcc8caad2cd67be93071e
                                        
                                            GET /CACHE/js/output.9b823bb2f723.js HTTP/1.1 
Host: static-assets.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.94.42
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 25 Sep 2022 05:39:07 GMT
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"1360376b8f5657814f662391b765d655"
last-modified: Tue, 24 May 2022 17:14:17 GMT
x-amz-id-2: KTWJY/HCZAzfCN7zvoTtoCRDkjCDtsx43npe+RSp0Ebo2HF6WHgess4Ct9QL7Zi8XExzaRuhmCw=
x-amz-meta-s3cmd-attrs: md5:1360376b8f5657814f662391b765d655
x-amz-request-id: M1HHWCFNA8C6CV81
cf-cache-status: HIT
age: 1749922
expires: Tue, 25 Oct 2022 05:39:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGTfv7DoK%2F6tndW1PoERCTdXjJwrWiKibhOISAGmH5TJaaG%2BGEEnpxm%2FN%2F804pcLFdZ72FkOdK0rHz1Kclz4TzsJWvcUekYB74hXGIAWdgjdXLM674OVtu2euxCMKQG79MZ272Nli1dy1zKpyqdP%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=bYYyEPdiiUwnXTyfD7cl94PKtNRhZ2r0eipL_dL8hq8-1664084347513-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75016ae3ee5fb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7845)
Size:   5268
Md5:    6b9442838661cfa01209c1b69045b681
Sha1:   f01fc05f4f0780da546bd11da8ef96c82ddc8853
Sha256: 90867dbae857363c6825fb6fd529f87421b9966b5be80d936d8a9e2a7368376e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "32FAB24D4347E049E8AD6B07C9C14C3B921562E2F6452E21073B3EB1A019BCA6"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5001
Expires: Sun, 25 Sep 2022 07:02:29 GMT
Date: Sun, 25 Sep 2022 05:39:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3FF1D0BE501D171DC48F6F2430CEB1FE86E048283A91E6F660FA9E9F2E56875E"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3211
Expires: Sun, 25 Sep 2022 06:32:39 GMT
Date: Sun, 25 Sep 2022 05:39:08 GMT
Connection: keep-alive

                                        
                                            GET /media/tn/28102333_1.jpg HTTP/1.1 
Host: tn.tporn.xxx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tporn.xxx/
Cookie: tccloak=0; kt_lang=en; _ym_uid=1664084345803768953; _ym_d=1664084345; _ym_isad=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         45.133.44.24
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 25 Sep 2022 05:39:08 GMT
content-length: 19877
server: nginx/1.21.2
last-modified: Fri, 10 Dec 2021 15:20:31 GMT
etag: "61b3703f-4da5"
cache-control: max-age=1209600
expires: Sun, 09 Oct 2022 05:39:08 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 270x180, components 3\012- data
Size:   19877
Md5:    02b4a9d50b753f323edadafad6204cd6
Sha1:   a3338dbc78952d185974dd525a00e8c1acd17514
Sha256: f150f5dc5d059ce4be6c7f004f96b55a4a7ddea6a775d4e8a2bb139d9ed28da5
                                        
                                            GET /CACHE/js/output.09a0bf741d47.js HTTP/1.1 
Host: static-assets.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.94.42
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 25 Sep 2022 05:39:07 GMT
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"bb81bca2482741d6c4dcf148cb33a79d"
last-modified: Wed, 17 Aug 2022 00:26:59 GMT
x-amz-id-2: 3dz298/kgeP1Pq/aBz8wop8Gas15qR9oG1wjU5FgYthy7g6Z9MZpPydhaAydlHaKkHGU8KIJbDw=
x-amz-meta-s3cmd-attrs: md5:bb81bca2482741d6c4dcf148cb33a79d
x-amz-request-id: RGGA1ZRYYYSSRXHH
cf-cache-status: HIT
age: 796133
expires: Tue, 25 Oct 2022 05:39:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1eWi8OmerlSqkLef9RQfyJGLtuPYkTxen3yVBFgK%2BT9FctJHAJdi5M8QlcMuu5X735xDtvQMHFkR%2BmTFhEEdpFEsUD1XYPIAbFfIybxIKHq%2FYfGpZZ2oytT2KehTm9824Wt5zRP%2FGYVxP5vt22taA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=bYYyEPdiiUwnXTyfD7cl94PKtNRhZ2r0eipL_dL8hq8-1664084347513-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75016ae3ee62b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size:   61831
Md5:    92b1aee8e0e3159bb3fb795dae2fad38
Sha1:   249c106d7f230d17b325deb529153cbd497f5d8d
Sha256: 9a401db5db39a56624ac4ef4c145716b1f46251b89d1694a0c8df647061d2985
                                        
                                            GET /media/tn/29743851_1.jpg HTTP/1.1 
Host: tn.tporn.xxx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tporn.xxx/
Cookie: tccloak=0; kt_lang=en; _ym_uid=1664084345803768953; _ym_d=1664084345; _ym_isad=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         45.133.44.24
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 25 Sep 2022 05:39:08 GMT
content-length: 11038
server: nginx/1.21.2
last-modified: Fri, 24 Jun 2022 14:03:49 GMT
etag: "62b5c445-2b1e"
cache-control: max-age=1209600
expires: Sun, 09 Oct 2022 05:39:08 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 270x180, components 3\012- data
Size:   11038
Md5:    4b2df214006d46ec0af392a5b1e26bc8
Sha1:   4a6a80897e6436aee617053b61aa4fc03c939b87
Sha256: dd374c8f4aaec15ecb60620a6f5cd12d1e631bd8eb7063ad4e719618408a4e58
                                        
                                            GET /media/tn/28941273_1.jpg HTTP/1.1 
Host: tn.tporn.xxx
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tporn.xxx/
Cookie: tccloak=0; kt_lang=en; _ym_uid=1664084345803768953; _ym_d=1664084345; _ym_isad=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         45.133.44.24
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 25 Sep 2022 05:39:08 GMT
content-length: 12242
server: nginx/1.21.2
last-modified: Fri, 25 Mar 2022 09:52:15 GMT
etag: "623d90cf-2fd2"
cache-control: max-age=1209600
expires: Sun, 09 Oct 2022 05:39:08 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 270x180, components 3\012- data
Size:   12242
Md5:    fd83ea38be9b194a80a3f2984fe13093
Sha1:   94c7d6d31f76510782d74d133f8a5cbfe0dd6154
Sha256: a91894d2917835cb1a843ca554172654e7033ddd973be33c8a576be13710fc0d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D675EFBD5B0600FEB9E3940F9A0CA674FDA8E03358A0CA830F2811000E9AB794"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2751
Expires: Sun, 25 Sep 2022 06:24:59 GMT
Date: Sun, 25 Sep 2022 05:39:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "62677F487B1B725C256DB63B709C4563715C69EAEC9E44386239C0358BC95CC3"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13686
Expires: Sun, 25 Sep 2022 09:27:14 GMT
Date: Sun, 25 Sep 2022 05:39:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "62677F487B1B725C256DB63B709C4563715C69EAEC9E44386239C0358BC95CC3"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13686
Expires: Sun, 25 Sep 2022 09:27:14 GMT
Date: Sun, 25 Sep 2022 05:39:08 GMT
Connection: keep-alive

                                        
                                            GET /contents/videos_sources/16673000/16673581/screenshots/1.jpg HTTP/1.1 
Host: tn.txxx.tube
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://txxx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.24
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 25 Sep 2022 05:39:08 GMT
content-length: 112920
server: nginx/1.18.0
last-modified: Sat, 19 Sep 2020 03:58:09 GMT
etag: "5f6581d1-1b918"
cache-control: max-age=7776000
expires: Sat, 24 Dec 2022 05:39:08 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   113242
Md5:    3ca19df3858c52f165a0ff706d22fda3
Sha1:   b74aa50d46430706112390f8aebccfbe5e5b87d8
Sha256: 880b764660f0fa97a69797c3b2589d75b85944ea60ec1fc11a315c86c535a0bb
                                        
                                            GET /cachebust/theatermode-react-51fb843809ea.js HTTP/1.1 
Host: static-assets.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.94.42
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 25 Sep 2022 05:39:07 GMT
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=193979
etag: W/"2692ea71853d1555249fb0e44e892425"
last-modified: Sat, 24 Sep 2022 19:29:54 GMT
x-amz-id-2: gwvxnxSPbgrfSOXxQrFeaOW7OgHgMxlzr18VsCOeE4A42Zl6eZhir0z75Iafi/JDzXic4LVT4Kk=
x-amz-meta-s3cmd-attrs: md5:2692ea71853d1555249fb0e44e892425
x-amz-request-id: KD3TB3WZ6SQEBVXR
cf-cache-status: HIT
age: 36353
expires: Tue, 25 Oct 2022 05:39:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOk7t5SodSZyfGcOGekYFFitiZCNDDHD%2FLMe7Y304FGUlx8UTHV9Evi34C%2BmmDelvUpV6X05kd9I%2BeDFnro%2FqwWCoNrETSNCybNB%2BHp%2F%2B907d5e4%2Bs5%2FKe20967CgHZCUV2HBos69BiZSN4LBSd9wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=_1ZXtzOBuYO72XzuYozei86mS7BbK98IyinPl6fjs2c-1664084347522-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75016ae3fe65b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   60079
Md5:    0bc95b6a237c4363827bbd450395dd04
Sha1:   56222ed3e2cf475863e2fd562f19eca6aeac35da
Sha256: 8a170d0434d345164bc5653bb5833bb1884914935d8f7ad7e2da7f650afb333a
                                        
                                            GET /nr-spa-1216.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Sep 2022 05:39:08 GMT
via: 1.1 varnish
x-served-by: cache-bma1656-BMA
x-cache: HIT
x-cache-hits: 1577
x-timer: S1664084349.559840,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32010)
Size:   18216
Md5:    6561a2403142205f966207d61576f1a6
Sha1:   1310e72f494e12ab63a4280fc1600a2c89dc9bb8
Sha256: 0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
                                        
                                            GET /stream?room=ehotlovea&f=0.7002816537782187 HTTP/1.1 
Host: cbjpeg.stream.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=kqqo0tniyipmicBHEDzwa1j3pN2mkVR.8vECcMscVWM-1664084347521-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         131.153.88.92
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 25 Sep 2022 05:39:08 GMT
content-length: 22547
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Size:   22547
Md5:    0fe3c17af9a3911a70f7c5c1b26d5c03
Sha1:   42a306a2836351c53ad7705d0d4d669639fbc7f6
Sha256: 53a6c681b0f668a8c2117beefc0c5cecd2ff34ea72e55194c15e4f54eb0607c9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2955
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 05:39:08 GMT
Last-Modified: Sun, 25 Sep 2022 04:49:53 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /stream?room=ehotlovea&f=0.618823208383858 HTTP/1.1 
Host: cbjpeg.stream.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=kqqo0tniyipmicBHEDzwa1j3pN2mkVR.8vECcMscVWM-1664084347521-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         131.153.88.92
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 25 Sep 2022 05:39:08 GMT
content-length: 23127
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Size:   23127
Md5:    a5a69902a624c28fec7c3e0200915a90
Sha1:   6341d116c8738890140ae3a695fe6e0b4ad7435a
Sha256: 94b1a48b15dbf72301ca61fdc4e68ad48463e65fcd23fefc5c7c238f90717d70
                                        
                                            POST /watch/49315045/1?page-url=goal%3A%2F%2Ftxxx.com%2Fplayer_setup_error&page-ref=https%3A%2F%2Ftxxx.com%2Fembed%2F16673581%2F%3Fpromo%3D33991%26nplimit%3D1%26skip%3D10%26source%3D0&charset=utf-8&hittoken=1664084346_e84549c440ad6a4cc76c895dba03317c7f013d32f45613551a4c6a618647bc58&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A3111%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A8957765968%3Ahid%3A651791803%3Az%3A0%3Ai%3A20220925053907%3Aet%3A1664084347%3Arn%3A288249403%3Arqn%3A2%3Au%3A1664084345616530451%3Aw%3A928x522%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1664084343943%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664084347%3At%3ADirty%20Videos&t=gdpr(14)clc(0-0-0)aw(1)rqnt(2)ecs(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 36
Origin: https://txxx.com
Connection: keep-alive
Referer: https://txxx.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Sun, 25 Sep 2022 05:39:08 GMT
access-control-allow-origin: https://txxx.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 05:39:08 GMT
last-modified: Sun, 25-Sep-2022 05:39:08 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/49315045/1?page-url=goal%3A%2F%2Ftxxx.com%2Fplayer_error&page-ref=https%3A%2F%2Ftxxx.com%2Fembed%2F16673581%2F%3Fpromo%3D33991%26nplimit%3D1%26skip%3D10%26source%3D0&charset=utf-8&hittoken=1664084346_e84549c440ad6a4cc76c895dba03317c7f013d32f45613551a4c6a618647bc58&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A8957765968%3Ahid%3A651791803%3Az%3A0%3Ai%3A20220925053907%3Aet%3A1664084347%3Arn%3A401517818%3Arqn%3A3%3Au%3A1664084345616530451%3Aw%3A928x522%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Aeu%3A1%3Ans%3A1664084343943%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664084347%3At%3ADirty%20Videos&t=gdpr(14)mc(g-1)clc(0-0-0)aw(1)rqnt(3)ecs(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 85
Origin: https://txxx.com
Connection: keep-alive
Referer: https://txxx.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Sun, 25 Sep 2022 05:39:08 GMT
access-control-allow-origin: https://txxx.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 25-Sep-2022 05:39:08 GMT
last-modified: Sun, 25-Sep-2022 05:39:08 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=1761&ck=1&ref=https://chaturbate.com/embed/ehotlovea/&ap=74&be=620&fe=1338&dc=1042&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664084345507,%22n%22:0,%22r%22:1,%22re%22:371,%22f%22:371,%22dn%22:371,%22dne%22:371,%22c%22:371,%22s%22:371,%22ce%22:371,%22rq%22:372,%22rp%22:603,%22rpe%22:605,%22dl%22:607,%22di%22:1023,%22ds%22:1042,%22de%22:1050,%22dc%22:1336,%22l%22:1336,%22le%22:1339%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fcp=1345&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFMJBA9QBAMLWFcGBlcADhh2Yi0TFUMhJTshCU0XAwlUHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwwBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFlQJXk0NDRUBAkkbGRtGDW5RDhEXRllEWl1YRRRDWwAWBkoACVQXFRMSWE0EPQoAQVwIGRtCCEVcPgYMCQIPVxcDEwJZWBUXEQYCElwbWl4MExVDEAYVFgNKQWZZDkJNQ1hBBwsHTUBLUwBFXE8BDAlBShtXS14WQlwTPQoAQVwbUQ4HUlVfWFNOAFFXWxgNUgBVFFlWVQdOAABRDVRUAFxZAVRQQUobR1xXBENcE0BZRgsSTUVKC04eCFNTUlZQVQ8bSVgZHFoFDE0LEQEWFxUTE1RIFAcQEDwLXEFRXgUTA0MlJjBBShtFQEUJXlc%2BFAYWEA9WWxsLQwIXVkBPRhYHZlFcRwhSXD4EAgkKCkAXAxMuRVEEEEFIQRNYal1UF1haBD0XHRMDGw8bVQRCUhUNE0ZPRExUZl4Sbl8ADwoIGkQDF3VYD0RBQ05BEQI5VkZmRwRDSggNDUZZRBsZG0QAblsTDRQXBhRmU1hcCF1AQ1hBIgoUXFNWSUMdGxQDPAYRCU5GXEM%2BR1wTEQoLDUQDFwAHTwEbTUAWBTwVTUdQXwYTA0MvDB4KClVUFgRPARlJOlJVWEZ1XFdEGRFBWVQ8UlddGUdPC1gHF1FLQyMGBVJaFgNRAAlRU1NVQyBQR1xXDkkWWFRNVEFKG1JQRT5SVgwPChBBXBsACFcDCQ1SWlNdBgcbGRtBAENYDBFBXkEdZRdTXghfZg4UBhYPB0BpGwtBbRtQPkFIQzobQVZEE20bW0I/RgcyVAVlE00RZUMBAgkTB1BSV21DCxk9QBcFLBV7aRsdQW0bBQsQBQEKXGpKXhRfXT1AWUQ/RAhpGx1BbRsMDQENDwNrUF1YE1RaFT5BXkM6G1RMRQ5tG01CP0YGC1tQXW4XWF0EDTwLDQpAaRsLQW0bUD5BSEM6G0FYQwZUTT1AWUQ/RGZXVVAPWmVDH0FIQQNVXF5YA11cPhETCAoSZkFcQhVCG1tAQyAQBU9HewBBdUoCFBEmUUZ9RlpHE3MKQSYQBxUUewEZfBN9UjUKMBYXUhl4S30KZVEyEBdRQytLeVJlCWJLFVRDRk9EXFlQVghTVQQ9EBQPD01qTVQSRUo%2BDBBGWUQZUVBCAl5PBBAaOxMHXlAZXA5DXD4OCg8GOUpaS0UEVRlDTkEFABJQQ1xuEkFVCBY8EAYVTUYbC0MRfRIBFRYhUhkXFRMAUk0IFAY7EBZVXE1uFVRKFRE8ChBEAxcZVQhCWg4UBhYaOUlUXlRBExVDAQIJPBJYUhsLQ0FMAw4KB0FKG1ZWXQ5DZgwNBwFBXBtZUFYJRVQOBgZGT0RLWlZcPkJNABYWF0FcG1lQRwQTRBw%3D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Sun, 25 Sep 2022 05:39:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75016aeb0c3db515-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=3af39b2cabe5f58a; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   77
Md5:    f1442f5831dbbe0210da2d7a4180d6b8
Sha1:   2ade23c6c7a001c66f0c0a9a101ec152747b434e
Sha256: c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
                                        
                                            GET /data/creatives/1164/35618.mp4 HTTP/1.1 
Host: data.goasrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://go.goaserv.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         217.22.19.195
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
server: nginx
date: Sun, 25 Sep 2022 05:39:07 GMT
content-length: 635049
last-modified: Tue, 06 Sep 2022 09:54:04 GMT
etag: "631718bc-9b0a9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-backend-server: nl2-static-221
content-range: bytes 0-635048/635049
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   622556
Md5:    73422d749ce9aaf6a0861d81decccfbc
Sha1:   88ec94ace79a8297ce400d769fe7f3b1ec829d44
Sha256: afd8d5b6368330f67649d8c85bec3a8c8978bfe3cbbf9cee861092f75d9107e7
                                        
                                            GET /stream?room=ehotlovea&f=0.6246618763715797 HTTP/1.1 
Host: cbjpeg.stream.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=kqqo0tniyipmicBHEDzwa1j3pN2mkVR.8vECcMscVWM-1664084347521-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         131.153.88.92
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 25 Sep 2022 05:39:08 GMT
content-length: 22478
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Size:   22478
Md5:    7e5f0b86ec592fea857d3e90b93938f0
Sha1:   c6456dfd3ed5030612eb180097064935781a741b
Sha256: f67c21a4883908f6e11e3dd2f8ee78da60d848ea527ac315fe500e30354f468f
                                        
                                            GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoyNDM5OCwidHlwZSI6InBvcCIsImlkem9uZSI6MSwiYWRfdGFncyI6IkRpcnR5JTJDVmlkZW9zJTJDdFBvcm4ueHh4JTJDRGlydHklMkNWaWRlb3MlMkNCaWclMkNUaXRzJTJDQnJ1bmV0dGUlMkNDdW1zaG90JTJDQ3VubmlsaW5ndXMlMkNIRCUyQ0xhdGluYSUyQ01JTEYlMkNQT1YlMkNUYXR0b28lMkNKb2hubnklMkNUaGUlMkNLaWQlMkNNaXNzJTJDUmFxdWVsJTJDdFBvcm4lMkNQb3JuJTJDVmlkZW9zJTJDWFhYJTJDTW92aWVzJTJDU2V4JTJDVmlkZW9zJTJDUG9ybiUyQ1R1YmUlMkNXYXRjaCUyQ0RpcnR5JTJDVmlkZW9zJTJDYW5kJTJDZG93bmxvYWQlMkNmb3IlMkNmcmVlJTJDRXZlcnklMkNkYXklMkN3ZSUyQ3VwbG9hZCUyQ25ldyUyQ3Bvcm4lMkN2aWRlb3MlMkN0byUyQ3RQb3JuLnh4eCUyQ1Bvcm4lMkNDYXRlZ29yaWVzJTJDRW5qb3klMkNmcmVlJTJDc2V4JTJDdmlkZW9zJTJDb24lMkN0UG9ybi54eHglMjAiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MjQzOTgsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4fSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIyNDM5OCIsImNhdCI6WyJJQUIyNSJdLCJwYWdlIjoiaHR0cHM6Ly90cG9ybi54eHgvZW4vdmlkZW8vMTA1MzUzNTEvZGlydHktdmlkZW9zLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCJ9LCJleHQiOnsiZHQiOjE2NjQwODQzNDc0OTJ9fQ== HTTP/1.1 
Host: 661f8a0d88.a07d30aaf0.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tporn.xxx/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 302 Found
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:08 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://rtbrennab.com/banner/in/show/?mid=1764118266&pid=0&site=24398&sc=NO&usage_type=DCH&subid=0&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=tporn.xxx&hostname=auc-banner-hz-0&site_id=0&spot_id=24398&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=99&ml=&ttl=&space_id=24398&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D24398%26source%3D0%26idzone%3D1%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D24398%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DDirty%252CVideos%252CtPorn.xxx%252CDirty%252CVideos%252CBig%252CTits%252CBrunette%252CCumshot%252CCunnilingus%252CHD%252CLatina%252CMILF%252CPOV%252CTattoo%252CJohnny%252CThe%252CKid%252CMiss%252CRaquel%252CtPorn%252CPorn%252CVideos%252CXXX%252CMovies%252CSex%252CVideos%252CPorn%252CTube%252CWatch%252CDirty%252CVideos%252Cand%252Cdownload%252Cfor%252Cfree%252CEvery%252Cday%252Cwe%252Cupload%252Cnew%252Cporn%252Cvideos%252Cto%252CtPorn.xxx%252CPorn%252CCategories%252CEnjoy%252Cfree%252Csex%252Cvideos%252Con%252CtPorn.xxx%2520%26spot_id%3D24398%26p%3Dhttps%253A%252F%252Ftporn.xxx%252Fen%252Fvideo%252F10535351%252Fdirty-videos%252F%26katds_labels%3D%26btype%3D0%26score%3D99&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&stratagem=&ssp=3758
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /banner/in/show/?mid=1764118266&pid=0&site=24398&sc=NO&usage_type=DCH&subid=0&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=tporn.xxx&hostname=auc-banner-hz-0&site_id=0&spot_id=24398&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=99&ml=&ttl=&space_id=24398&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D24398%26source%3D0%26idzone%3D1%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D24398%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DDirty%252CVideos%252CtPorn.xxx%252CDirty%252CVideos%252CBig%252CTits%252CBrunette%252CCumshot%252CCunnilingus%252CHD%252CLatina%252CMILF%252CPOV%252CTattoo%252CJohnny%252CThe%252CKid%252CMiss%252CRaquel%252CtPorn%252CPorn%252CVideos%252CXXX%252CMovies%252CSex%252CVideos%252CPorn%252CTube%252CWatch%252CDirty%252CVideos%252Cand%252Cdownload%252Cfor%252Cfree%252CEvery%252Cday%252Cwe%252Cupload%252Cnew%252Cporn%252Cvideos%252Cto%252CtPorn.xxx%252CPorn%252CCategories%252CEnjoy%252Cfree%252Csex%252Cvideos%252Con%252CtPorn.xxx%2520%26spot_id%3D24398%26p%3Dhttps%253A%252F%252Ftporn.xxx%252Fen%252Fvideo%252F10535351%252Fdirty-videos%252F%26katds_labels%3D%26btype%3D0%26score%3D99&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&stratagem=&ssp=3758 HTTP/1.1 
Host: rtbrennab.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tporn.xxx/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         159.69.163.6
HTTP/2 302 Found
                                        
server: nginx/1.18.0
date: Sun, 25 Sep 2022 05:39:08 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://btds.zog.link/in/912/?sid=24398&source=0&idzone=1&w=1&h=1&mo=&ve=&site_id=24398&utm1=&utm2=&utm3=&utm4=&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&spot_id=24398&p=https%3A%2F%2Ftporn.xxx%2Fen%2Fvideo%2F10535351%2Fdirty-videos%2F&katds_labels=&btype=0&score=99
X-Firefox-Spdy: h2

                                        
                                            POST /ins/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOAQsFF0hPXFxGEgtrDg0OMgoDThteVBU%3D&rst=1963&ck=1&ref=https://chaturbate.com/embed/ehotlovea/&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFMJBA9QBAMLWFcGBlcADhh2Yi0TFUMhJTshCU0XAwlUHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwwBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATAEOBFxRFlQJXk0NDRUBAkkbGRtGDW5RDhEXRllEWl1YRRRDWwAWBkoACVQXFRMSWE0EPQoAQVwIGRtCCEVcPgYMCQIPVxcDEwJZWBUXEQYCElwbWl4MExVDEAYVFgNKQWZZDkJNQ1hBBwsHTUBLUwBFXE8BDAlBShtXS14WQlwTPQoAQVwbUQ4HUlVfWFNOAFFXWxgNUgBVFFlWVQdOAABRDVRUAFxZAVRQQUobR1xXBENcE0BZRgsSTUVKC04eCFNTUlZQVQ8bSVgZHFoFDE0LEQEWFxUTE1RIFAcQEDwLXEFRXgUTA0MlJjBBShtFQEUJXlc%2BFAYWEA9WWxsLQwIXVkBPRhYHZlFcRwhSXD4EAgkKCkAXAxMuRVEEEEFIQRNYal1UF1haBD0XHRMDGw8bVQRCUhUNE0ZPRExUZl4Sbl8ADwoIGkQDF3VYD0RBQ05BEQI5VkZmRwRDSggNDUZZRBsZG0QAblsTDRQXBhRmU1hcCF1AQ1hBIgoUXFNWSUMdGxQDPAYRCU5GXEM%2BR1wTEQoLDUQDFwAHTwEbTUAWBTwVTUdQXwYTA0MvDB4KClVUFgRPARlJOlJVWEZ1XFdEGRFBWVQ8UlddGUdPC1gHF1FLQyMGBVJaFgNRAAlRU1NVQyBQR1xXDkkWWFRNVEFKG1JQRT5SVgwPChBBXBsACFcDCQ1SWlNdBgcbGRtBAENYDBFBXkEdZRdTXghfZg4UBhYPB0BpGwtBbRtQPkFIQzobQVZEE20bW0I/RgcyVAVlE00RZUMBAgkTB1BSV21DCxk9QBcFLBV7aRsdQW0bBQsQBQEKXGpKXhRfXT1AWUQ/RAhpGx1BbRsMDQENDwNrUF1YE1RaFT5BXkM6G1RMRQ5tG01CP0YGC1tQXW4XWF0EDTwLDQpAaRsLQW0bUD5BSEM6G0FYQwZUTT1AWUQ/RGZXVVAPWmVDH0FIQQNVXF5YA11cPhETCAoSZkFcQhVCG1tAQyAQBU9HewBBdUoCFBEmUUZ9RlpHE3MKQSYQBxUUewEZfBN9UjUKMBYXUhl4S30KZVEyEBdRQytLeVJlCWJLFVRDRk9EXFlQVghTVQQ9EBQPD01qTVQSRUo%2BDBBGWUQZUVBCAl5PBBAaOxMHXlAZXA5DXD4OCg8GOUpaS0UEVRlDTkEFABJQQ1xuEkFVCBY8EAYVTUYbC0MRfRIBFRYhUhkXFRMAUk0IFAY7EBZVXE1uFVRKFRE8ChBEAxcZVQhCWg4UBhYaOUlUXlRBExVDAQIJPBJYUhsLQ0FMAw4KB0FKG1ZWXQ5DZgwNBwFBXBtZUFYJRVQOBgZGT0RLWlZcPkJNABYWF0FcG1lQRwQTRBw%3D HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 1871
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 204 No Content
                                        
Date: Sun, 25 Sep 2022 05:39:08 GMT
Connection: keep-alive
CF-Ray: 75016aec1ce4b515-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare

                                        
                                            GET /in/912/?sid=24398&source=0&idzone=1&w=1&h=1&mo=&ve=&site_id=24398&utm1=&utm2=&utm3=&utm4=&ad_tags=Dirty%2CVideos%2CtPorn.xxx%2CDirty%2CVideos%2CBig%2CTits%2CBrunette%2CCumshot%2CCunnilingus%2CHD%2CLatina%2CMILF%2CPOV%2CTattoo%2CJohnny%2CThe%2CKid%2CMiss%2CRaquel%2CtPorn%2CPorn%2CVideos%2CXXX%2CMovies%2CSex%2CVideos%2CPorn%2CTube%2CWatch%2CDirty%2CVideos%2Cand%2Cdownload%2Cfor%2Cfree%2CEvery%2Cday%2Cwe%2Cupload%2Cnew%2Cporn%2Cvideos%2Cto%2CtPorn.xxx%2CPorn%2CCategories%2CEnjoy%2Cfree%2Csex%2Cvideos%2Con%2CtPorn.xxx%20&spot_id=24398&p=https%3A%2F%2Ftporn.xxx%2Fen%2Fvideo%2F10535351%2Fdirty-videos%2F&katds_labels=&btype=0&score=99 HTTP/1.1 
Host: btds.zog.link
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tporn.xxx/
Connection: keep-alive
Cookie: 912.0=1; 1624.0=1; 1625.0=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         109.206.175.85
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.20.1
date: Sun, 25 Sep 2022 05:39:09 GMT
content-length: 0
location: https://cdn.1vag.com/1x1.png
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 912.0=1; expires=Mon, 26 Sep 2022 05:39:08 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /stream?room=ehotlovea&f=0.6822045355965861 HTTP/1.1 
Host: cbjpeg.stream.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=kqqo0tniyipmicBHEDzwa1j3pN2mkVR.8vECcMscVWM-1664084347521-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         131.153.88.92
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 25 Sep 2022 05:39:09 GMT
content-length: 23196
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Size:   23196
Md5:    1886fc45b9d7b104e858146531f46768
Sha1:   b3a0cf1836c75cd21077919a56c0a7b8e884e280
Sha256: 1f608fb4a4e062b5064fdd359955be68d5ffcacd590108ce8fd76da28e11077a
                                        
                                            GET /1x1.png HTTP/1.1 
Host: cdn.1vag.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tporn.xxx/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         45.133.44.24
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 25 Sep 2022 05:39:09 GMT
content-length: 68
server: nginx/1.20.1
last-modified: Wed, 15 Apr 2020 13:30:15 GMT
etag: "5e970c67-44"
cache-control: max-age=3600
x-request-id: 28eea0836f6cd5562d41ccabe8fa4a5b
expires: Sun, 25 Sep 2022 06:39:09 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size:   68
Md5:    91e42db1c66c0b276abf6234dc50b2eb
Sha1:   c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
Sha256: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
                                        
                                            OPTIONS /keys/KSKw2g.L36ISg/requestToken?rnd=974106115615787 HTTP/1.1 
Host: realtime.pa.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: ably-agent,content-type,x-ably-version
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.84
HTTP/2 204 No Content
                                        
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Content-Length,Accept,Authorization,X-Ably-Version,X-Ably-Lib,X-Ably-ClientId,Ably-Agent
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: https://chaturbate.com
access-control-max-age: 3600
date: Sun, 25 Sep 2022 05:39:09 GMT
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wshCsO67TA4D8m9NfeNAtVTxuX1Dg_gZmM8GREX_8U6Pijd9PNJF-g==
X-Firefox-Spdy: h2

                                        
                                            GET /stream?room=ehotlovea&f=0.337569149328962 HTTP/1.1 
Host: cbjpeg.stream.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=kqqo0tniyipmicBHEDzwa1j3pN2mkVR.8vECcMscVWM-1664084347521-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         131.153.88.92
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 25 Sep 2022 05:39:09 GMT
content-length: 23260
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
cache-tag: cbjpeg
x-frame-options: DENY
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 854x480, components 3\012- data
Size:   23260
Md5:    4a50e8bca819c5945c30965ef5aa1c9b
Sha1:   c8c2d5bd8587ebb7a3ecb75d6a4fb8ecc405d1d0
Sha256: 3513a3bd1c00572b8072108accf7f6f44e91da501f7473839297d5de6329b77b
                                        
                                            POST /keys/KSKw2g.L36ISg/requestToken?rnd=974106115615787 HTTP/1.1 
Host: realtime.pa.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: application/json
X-Ably-Version: 1.2
Ably-Agent: ably-js/1.2.13 browser
Content-Length: 1043
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 201 Created
content-type: application/json
                                        
content-length: 1040
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
date: Sun, 25 Sep 2022 05:39:09 GMT
vary: Origin
x-ably-serverid: frontend.d47f.6.eu-central-1-A.i-09a4e9fda52c6c547.e91lWU7TgBGBss
x-robots-tag: noindex
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LvZti8U3PBJ9xKqFtC2BI80kiTUvLxFK63SRNU1pOpmLJZDLtitsDw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (808)
Size:   1040
Md5:    f898dcbbeab1232b057e2447ae54ca49
Sha1:   4bc4b4fe62ef4f26e3d9c6055261a0743f630100
Sha256: b69b07049d3c21a8e92976d68623fc405de5a2b2a3c67390096d18b599008bc0
                                        
                                            GET /comet/connect?access_token=KSKw2g.AL36ISgG29g0OzhYox_uGXyna-fkgtREqbMcAc9v8NbDRBnhxI&stream=false&heartbeats=true&v=1.2&agent=ably-js%2F1.2.13%20browser&remainPresentFor=0&rnd=5143379510445538 HTTP/1.1 
Host: realtime.pa.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.84
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 572
access-control-allow-credentials: true
access-control-allow-origin: https://chaturbate.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ab