Report - www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169

Report Overview

Visited public
2023-11-28 08:01:49
Tags
URL
www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Finishing URL
www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
IP / ASN
104.21.234.90
#13335 CLOUDFLARENET
Title
My Crazy Day With my Wild Roommate / TUSHY - PornGO.com

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
s3t3d2y8.afcdn.net	unknown	2022-06-27	2022-08-09 00:22:56	2023-11-27 18:40:48	2.5 kB	41 kB	185.76.9.16
edge-hls.doppiocdn.com	unknown	2022-02-16	2022-11-01 13:03:56	2023-11-27 21:11:56	928 B	1.1 kB	104.18.63.122
2997.novemberadventures.name	unknown	unknown	No data	No data	2.5 kB	46 kB	88.208.59.102
banquetunarmedgrater.com	unknown	2022-08-04	2022-08-04 17:12:50	2023-11-27 22:51:36	424 B	839 B	104.21.86.121
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-11-27 20:33:00	452 B	68 kB	45.133.44.10
prhzxq.com	unknown	2022-06-29	2022-06-29 13:43:14	2023-11-25 01:39:25	1.1 kB	1.2 kB	185.162.85.2
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-28 07:52:06	881 B	14 kB	142.250.74.170
www.porngo.com	534193	2002-05-03	2013-04-26 03:35:31	2023-11-11 21:22:07	14 kB	752 kB	104.21.234.90
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-11-27 18:55:43	2.0 kB	1.3 kB	18.157.203.0
principlessilas.com	unknown	2022-02-26	2022-02-26 03:54:49	2023-11-23 14:58:05	479 B	1.1 kB	192.243.61.227
video.ktkjmp.com	23778	2020-08-07	2020-10-02 10:52:19	2023-11-28 03:09:07	454 B	1.0 kB	104.18.48.21
creative.bbrdbr.com	unknown	2022-07-05	2023-09-02 02:49:41	2023-11-27 18:58:39	4.8 kB	245 kB	104.18.59.150
purposelyharp.com	unknown	unknown	No data	No data	4.5 kB	6.9 kB	192.243.59.12
nr.static.mmcdn.com	unknown	2014-03-18	2023-10-17 18:20:21	2023-11-27 05:52:37	457 B	90 kB	104.18.202.4
xngqoc.com	unknown	2023-03-03	2023-03-03 16:38:04	2023-11-21 23:16:20	1.6 kB	0 B	0.0.0.0
cdn.tapioni.com	167297	2021-05-27	2021-07-01 12:46:55	2023-11-27 20:32:16	409 B	1.3 kB	172.67.31.117
cdn.pncloudfl.com	13313	2021-04-20	2021-06-07 16:28:03	2023-11-24 23:30:10	450 B	39 kB	104.22.59.221
ta3nfsordd.com	120850	2022-01-27	2022-01-27 17:11:37	2023-11-10 18:26:30	1.9 kB	92 kB	212.117.190.201
cdn.o333o.com	158144	2015-02-16	2015-05-28 19:12:41	2023-11-19 11:05:47	413 B	238 kB	143.204.55.31
game.starswalker.site	unknown	2023-11-06	2023-11-07 07:06:02	2023-11-18 22:40:39	14 kB	312 kB	135.181.208.216
static-assets.highwebmedia.com	16059	2004-12-03	2021-01-19 22:46:26	2023-11-28 05:52:32	2.8 kB	101 kB	104.16.93.42
twinrdsrv.com	22283	2019-11-19	2019-12-10 10:15:26	2023-11-25 18:38:29	5.1 kB	20 kB	172.66.43.59
s.magsrv.com	unknown	2023-08-01	2023-08-04 14:48:00	2023-11-26 05:10:47	2.2 kB	4.4 kB	95.211.229.245
dismantlepenantiterrorist.com	17847	2021-11-01	2021-11-01 22:12:12	2023-11-25 19:37:23	2.2 kB	0 B	0.0.0.0
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-28 07:50:39	2.1 kB	66 kB	142.250.74.67
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-11-28 05:09:10	933 B	3.0 kB	151.101.65.229
ads.traffichunt.com	68632	2003-11-10	2014-02-19 12:17:45	2023-11-27 21:51:12	701 B	455 kB	35.153.234.182
a.bestcontentfood.top	54526	2016-04-25	2019-10-07 08:12:20	2023-11-19 19:23:01	436 B	4.9 kB	104.21.19.32
img.strpst.com	12993	2021-05-31	2021-06-03 10:45:56	2023-11-27 18:56:11	459 B	7.0 kB	104.18.63.124
tsyndicate.com	13042	2017-03-08	2017-03-16 10:04:54	2023-11-27 08:31:43	472 B	6.2 kB	136.243.80.153
img5.porngo.com	unknown	2002-05-03	2019-09-24 08:59:56	2023-10-20 20:33:30	1.9 kB	153 kB	104.21.234.90
awrfds3.pornpapa.com	unknown	2017-07-26	2021-05-19 13:28:34	2023-11-11 17:10:11	416 B	76 kB	135.181.208.216
go.bbrdbr.com	unknown	2022-07-05	2023-09-01 12:29:19	2023-11-27 20:57:13	3.8 kB	18 kB	104.18.59.150
img8.porngo.com	unknown	2002-05-03	2019-09-30 10:32:29	2023-09-08 03:17:40	623 B	28 kB	104.21.234.90
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15 17:46:22	2023-11-27 20:32:59	3.2 kB	194 kB	172.64.109.10
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-11-28 07:59:41	433 B	84 kB	142.250.74.168
xdiwbc.com	unknown	2023-02-07	2023-02-07 16:06:03	2023-11-19 05:37:52	444 B	2.2 kB	188.114.97.1
addresseepaper.com	18169	2021-11-01	2021-11-01 22:11:31	2023-11-19 19:43:43	412 B	0 B	0.0.0.0
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-11-28 05:09:25	939 B	3.9 kB	104.17.24.14
img10.porngo.com	unknown	2002-05-03	2020-01-20 08:42:07	2023-11-05 20:47:57	2.5 kB	130 kB	104.21.234.90
img9.porngo.com	unknown	2002-05-03	2019-11-02 12:08:26	2023-11-05 20:48:11	623 B	47 kB	104.21.234.90
vlcdn.tsyndicate.com	unknown	2017-03-08	2022-11-10 08:57:23	2023-11-27 20:22:18	604 B	538 kB	8.247.219.249
img11.porngo.com	unknown	2002-05-03	2019-12-21 07:27:59	2023-09-03 15:18:11	626 B	36 kB	104.21.234.90
a.medfoodsafety.com	unknown	2021-05-03	2022-09-08 22:27:23	2023-11-24 20:58:58	1.1 kB	56 kB	172.64.104.19
chaturbate.com	6807	2011-02-26	2012-05-23 01:11:36	2023-11-27 19:24:49	3.3 kB	153 kB	104.18.101.40
clenchedyouthmatching.com	unknown	2021-12-21	2021-12-21 20:57:15	2023-11-05 20:48:14	425 B	157 B	64.58.113.244
pxl.tsyndicate.com	14763	2017-03-08	2017-07-05 15:51:06	2023-11-27 21:02:57	1.4 kB	278 B	78.46.97.249
vjs.zencdn.net	4968	2011-12-27	2012-05-21 10:26:59	2023-11-28 05:39:43	850 B	151 kB	151.101.194.217
resalag.com	295853	2019-07-09	2019-07-09 13:18:27	2023-11-05 20:48:11	3.1 kB	43 kB	212.117.190.201
u3y8v8u4.aucdn.net	unknown	2022-06-27	2022-08-08 15:30:47	2023-11-23 22:54:01	549 B	5.7 MB	185.76.9.16
a.orbsrv.com	unknown	2020-05-16	2023-08-10 09:24:24	2023-11-27 05:31:31	843 B	169 kB	185.76.9.24
cdn.barscreative1.com	25648	2021-09-08	2021-09-16 13:14:42	2023-11-27 20:32:59	500 B	2.2 kB	45.133.44.4
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-11-27 11:39:00	824 B	173 kB	104.21.234.33
crisistuesdayartillery.com	unknown	2020-09-22	2020-09-22 04:18:42	2023-11-09 21:18:01	456 B	24 kB	173.233.137.36
randomamongst.com	unknown	unknown	No data	No data	3.5 kB	19 kB	192.243.59.20
b-hls-09.doppiocdn.com	unknown	2022-02-16	2022-03-01 20:16:41	2023-11-24 19:43:46	2.0 kB	224 kB	104.18.63.122
venetrigni.com	13305	2020-08-12	2020-08-12 17:49:42	2022-04-11 01:24:23	870 B	0 B	0.0.0.0
img14.porngo.com	891060	2002-05-03	2020-07-28 11:29:29	2023-11-06 17:07:44	3.1 kB	244 kB	104.21.234.90
i.wmgtr.com	13696	2020-09-11	2020-09-11 13:28:07	2023-11-27 19:24:47	1.3 kB	5.8 MB	45.133.44.32
go.go-srv.com	unknown	2022-09-20	2023-08-02 11:07:23	2023-11-22 19:49:06	493 B	4.6 kB	217.22.19.196
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-11-28 08:04:01	444 B	34 kB	142.250.74.138
s.orbsrv.com	unknown	2020-05-16	2020-09-02 23:53:48	2023-11-28 05:11:38	4.4 kB	16 kB	95.211.229.245
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-11-27 08:01:03	350 B	942 B	54.230.218.11
st.static-srv.com	unknown	2022-09-20	2023-10-10 20:06:33	2023-11-27 22:29:23	517 B	5.3 MB	217.22.19.198
th-cdnv1.akamaized.net	63336	2014-03-18	2018-01-25 11:53:55	2023-11-11 20:14:18	463 B	454 kB	23.36.76.113
img15.porngo.com	875106	2002-05-03	2021-02-04 03:46:56	2023-11-05 20:48:11	4.4 kB	275 kB	104.21.234.90
aibsgc.com	unknown	2023-04-21	2023-04-21 17:37:02	2023-11-18 22:40:39	414 B	205 kB	95.216.206.230
unpkg.com	11693	2016-01-06	2016-01-08 00:26:01	2023-11-28 08:26:21	970 B	23 kB	104.16.124.175
camschat.net	64292	2012-12-21	2014-07-23 01:32:18	2023-11-25 19:48:21	535 B	1.1 kB	66.230.180.98

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-28	medium	principlessilas.com	Sinkholed
2023-11-27	medium	randomamongst.com	Sinkholed
2023-11-27	medium	randomamongst.com	Sinkholed
2023-11-27	medium	randomamongst.com	Sinkholed
2023-11-27	medium	randomamongst.com	Sinkholed
2023-11-27	medium	randomamongst.com	Sinkholed
2023-11-27	medium	randomamongst.com	Sinkholed
2023-11-27	medium	randomamongst.com	Sinkholed
2023-11-28	medium	dismantlepenantiterrorist.com	Sinkholed
2023-11-28	medium	addresseepaper.com	Sinkholed
2023-11-28	medium	dismantlepenantiterrorist.com	Sinkholed
2023-11-28	medium	dismantlepenantiterrorist.com	Sinkholed
2023-11-28	medium	prhzxq.com	Sinkholed
2023-11-28	medium	xngqoc.com	Sinkholed
2023-11-28	medium	xngqoc.com	Sinkholed
2023-11-28	medium	prhzxq.com	Sinkholed
2023-11-28	medium	xngqoc.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (86)

	URL	From	Size	First Seen	Last Seen
	www.porngo.com/js/custom.js	ScriptElement	23 kB	2023-03-08	2025-04-22
Pretty URL www.porngo.com/js/custom.js IP 104.21.234.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:02 Last Seen2025-04-22 16:11 Times Seen88 Hash 2a19012a5c6e2426868f8318ee84a4d1 8e6e3066139aaa6bc8aae2a5eb73986892e4725f dcf0d74fd473f0b6b4024a7444e86cb5a18d664f80ca62f2df02422299bce80a Loading...

	www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169	ScriptElement	507 B	2023-05-15	2025-04-22
Pretty URL www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169 IP 104.21.234.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-15 14:15 Last Seen2025-04-22 16:11 Times Seen88 Hash 31247b4adf02e5c8de9caba7f9908569 81f5de3842e6ffa00c9e1145e4f89efee70f27c6 0d337435d1c0438b9ab6b85e5b2cac4fbdaf946459453a3429b83389fdad5930 Loading...

	resalag.com/lv/esnk/1827308/code.js	ScriptElement	106 kB	2023-11-15	2024-08-20
Pretty URL resalag.com/lv/esnk/1827308/code.js IP 212.117.190.201 ASN #5577 root SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-15 18:53 Last Seen2024-08-20 19:26 Times Seen4 Hash f2bedcdb9ec004aa3c66c3b390665aee f33ae1b4c2833e1e4f7908b2af23053bd3df1fd3 1c23b900e8f43409031ae49d7275d270f43bd713abe56a99a2c7f9ea0c703c57 Loading...

	unknown	ScriptElement	526 B	2023-05-03	2025-05-05
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-03 20:24 Last Seen2025-05-05 18:04 Times Seen1299 Hash 6a19c7838c687e9bd963879172cabab6 3b8c6e4f727edc97352d6a388c0b6dcfc823ff50 ccc0889f234c313d66cef2b7021bfe2f1ac9df94362761a2c10365e54f239189 Loading...

	unknown	ScriptElement	247 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash 0920cce370da93397ec32507c5f6fa65 5632175a9f6abac23c7efdd5526b255f5c855ef1 7b3ca546c1defce4b658cdb9ed0834506345971022ec6874576535b23f6b13f8 Loading...

	game.starswalker.site/api/spots/322253?p=1&s1=%subid1%&kw=	ScriptElement	948 B	2023-11-21	2024-09-20
Pretty URL game.starswalker.site/api/spots/322253?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-21 19:53 Last Seen2024-09-20 20:15 Times Seen660 Hash 536d7858d6351f7e7f9e7a4bddac9933 52bb1b019688cdba9a02ed1985b06232fe3173af 208e75428d7f1a71d778f02c5cd3882aee435b53db4c98f153c5896250c3cc85 Loading...

	www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 07:25 Times Seen341380 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0	ScriptElement	55 kB	2023-11-17	2024-08-20
Pretty URL chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0 IP 104.18.101.40 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-17 06:55 Last Seen2024-08-20 19:09 Times Seen231 Hash 79f02a29ad85e1bc1864d136aad9ce28 c4b2c51a05f5a076df4ae428763290e80961f2e3 bef42e00ab5bed2245eb751d69a93872bd2280296ba27c87b8fe04e56f634545 Loading...

	clenchedyouthmatching.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL clenchedyouthmatching.com/advertisers.js IP 64.58.113.244 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 07:35 Times Seen4634642 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	nr.static.mmcdn.com/nr-spa-1.248.0.min.js	ScriptElement	89 kB	2023-11-17	2023-12-14
Pretty URL nr.static.mmcdn.com/nr-spa-1.248.0.min.js IP 104.18.202.4 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-17 06:55 Last Seen2023-12-14 21:01 Times Seen231 Hash 9aea0ff91a800a354637269e96e31dac ceb0cc8b702e80d4569b15c7c1d65b45a698b38f 8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a Loading...

	unknown	Function	47 B	2023-04-11	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:25 Last Seen2025-05-09 06:30 Times Seen5874 Hash 2512414f817df8312569d55032748f81 13467df6e962aa77bb36867ff1412e1ba9f8feb1 e193735f8d500f10e2cdc6a94f5a43fb0257c1e2f8afc10fa04f0e3761d258de Loading...

	game.starswalker.site/api/users/456453?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25	ScriptElement	571 B	2024-08-20	2024-08-20
Pretty URL game.starswalker.site/api/users/456453?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash eebdc4be1ad89887d30b46cf9a0ab0e7 b206d7c3a68513e6a42ff6596278f8a70ac5b7ee aac7af27fc8d85fa4cf220b3dba6ebe48ac3bc6a46f24070d89ff238f99420f3 Loading...

	game.starswalker.site/api/spots/322253?p=1&s1=%subid1%&kw=	ScriptElement	1.9 kB	2023-11-21	2024-09-20
Pretty URL game.starswalker.site/api/spots/322253?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-21 19:53 Last Seen2024-09-20 20:15 Times Seen660 Hash 749a0cae8a5f856f939657c423281777 bdf4a905a13879479b3203ed48b11f2f3be272fb c9615c0aa20eb704d316590da70a3fd7f4fd5794f29817a0b14d286a992b8aa3 Loading...

	www.porngo.com/js/plugins.js	ScriptElement	133 kB	2023-03-08	2025-04-30
Pretty URL www.porngo.com/js/plugins.js IP 104.21.234.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:02 Last Seen2025-04-30 02:19 Times Seen202 Hash 6c25cc72550d5d1b1317aa8987c33425 a6a1642faa0ad1e922a34db59a55060789d72243 47a1a1042d1c129d2fbfd125a0ec6c1c0553d5dbcf82ccfa0c4294b49711477b Loading...

	game.starswalker.site/api/spots/322253?p=1&s1=%subid1%&kw=	ScriptElement	309 B	2023-11-28	2025-04-22
Pretty URL game.starswalker.site/api/spots/322253?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-28 09:02 Last Seen2025-04-22 16:11 Times Seen21 Hash 08750e0a293109b83b8c8919ec9b4244 e69e06d9e8a14c73da37e14662b0198801917025 219350d347d44089c344ba505aa1a0721111f4648070f75c385303c85884a97c Loading...

	game.starswalker.site/api/spots/334568?p=1&s1=%subid1%&kw=	ScriptElement	227 B	2023-11-22	2024-09-20
Pretty URL game.starswalker.site/api/spots/334568?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-22 04:30 Last Seen2024-09-20 20:15 Times Seen339 Hash 6d2aac154d37a6ac35856d917e8d2a7f 7b4d549762389b697c740921bd89282eb16ebcfc 96e1c283739d2d66cb8ddbd2c0a152c5c8d5fb33dfdf4b05cb8ab5ac16423453 Loading...

	game.starswalker.site/api/spots/334568?p=1&s1=%subid1%&kw=	ScriptElement	1.3 kB	2023-08-12	2025-04-30
Pretty URL game.starswalker.site/api/spots/334568?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-12 20:46 Last Seen2025-04-30 02:19 Times Seen221 Hash 68742096815c87eb20a766d103b8b3c9 09985e5d6271ef13fde6653e350d1ec49ee86157 29844375578bcc20bcc0cd943347395f07653e476af59484a1cc57a94b46d19d Loading...

	www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169	ScriptElement	7.5 kB	2024-08-20	2024-08-20
Pretty URL www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169 IP 104.21.234.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash c835e0ad594309a545b5a5e0022dfaaf 7280a7b74101bb5339e95c014730a100671af5e2 5136c0ffad74ca66fa100709836ce6757fe49d14b77d1cd187aa1544bf26d050 Loading...

	chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0 IP 104.18.101.40 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash 3b8fcab4b2579c5bb40aca27551265ed 409dde50c231c524eb336d2949af2c7f799b8e76 4ea743063da612a7b111173764fab89d0bacb37cbfd357257235d5573979db1a Loading...

	game.starswalker.site/api/spots/322254?p=1&s1=%subid1%&kw=	ScriptElement	3.2 kB	2023-08-29	2024-08-21
Pretty URL game.starswalker.site/api/spots/322254?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-29 11:31 Last Seen2024-08-21 07:51 Times Seen13 Hash 09317d00bc88a225fc509284de47e12b f428cec92d1ac9865c10fe4791cd1a6bf9becd5c e4c4aee6306df8c4b5462c4b4e8f05028272cd483abcab395cdf5ad6b400cf9f Loading...

	game.starswalker.site/PXXlKV5.js	ScriptElement	237 kB	2023-11-27	2023-11-29
Pretty URL game.starswalker.site/PXXlKV5.js IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-27 16:18 Last Seen2023-11-29 23:50 Times Seen15 Hash 519b032751547884fd5d2e6e166ad119 c82d285f32bd3eaa4d84bad8efd79f9377d529dc 48e8b22f691fbdb884c0056ba6629545071794cb51d3e79661d17e4d8c716626 Loading...

	aibsgc.com/av/1150082/inp3.js	ScriptElement	205 kB	2023-11-15	2023-11-28
Pretty URL aibsgc.com/av/1150082/inp3.js IP 95.216.206.230 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-15 18:53 Last Seen2023-11-28 20:49 Times Seen10 Hash a06fbf7e1d4badb2d2fa6f8da02233fe fc983ea25650b6d51cd0b7cea249b56b978a7d37 0428f7d78b976e79a4a360f9df2b8588d85dd74cc5beec81f07a98a6e56466eb Loading...

	a.medfoodsafety.com/loader?a=4789786&v=2&t=7&s=4777579&p=6138&if=true	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL a.medfoodsafety.com/loader?a=4789786&v=2&t=7&s=4777579&p=6138&if=true IP 172.64.104.19 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 07:35 Times Seen4634642 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	creative.bbrdbr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.js	ScriptElement	282 kB	2023-11-23	2023-12-05
Pretty URL creative.bbrdbr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.js IP 104.18.59.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 16:50 Last Seen2023-12-05 12:59 Times Seen245 Hash 149fd3a87101adfb731800f02f11e73b 9a9a0f6f14028d913e63fc012a80378a5c4d5896 420332e58487b55b58db2c2edbe69162c5d23170061d16addce87762ef224f4b Loading...

	game.starswalker.site/api/users/309154?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25	ScriptElement	731 B	2024-08-20	2024-08-20
Pretty URL game.starswalker.site/api/users/309154?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash c24b5d93388a72b988a73293ac976c43 f666ec5a9d27cef7d1956ddb30f8cbe05bcfe65b 6f545b2de71df20887a0ab724d995fa2eadbf2dce4d1164d1088171c15cc9256 Loading...

	unknown	ScriptElement	484 B	2023-11-21	2024-09-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-21 19:53 Last Seen2024-09-20 20:15 Times Seen410 Hash 60447249516ceb5fcf9e48987a811190 07cbe5062baa7351b95e989041410c8915f2dc07 e533626b38b4c0e32e4d78e4108eb511adf1c9fe5dacaf23fcade1d14c856fb7 Loading...

	game.starswalker.site/api/spots/334568?p=1&s1=%subid1%&kw=	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL game.starswalker.site/api/spots/334568?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash 3e626817f0e9a7a8a731b6ab75d43c00 2b3ea9f75b7f3068f38976491f3e278fafda9b03 467c490a6c7adbafd89e240135622c94991e1d3ca1f129333cfd969f8019e293 Loading...

	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-11-23	2024-08-20
Pretty URL friendshipmale.com/sfp.js IP 104.21.234.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 18:35 Last Seen2024-08-20 18:08 Times Seen6307 Hash 924e967bca1d599992556a8d139b1c5a 222b09dbf164ddc03d39100fd0524a22018d28b2 ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95 Loading...

	2997.novemberadventures.name/iiNDBoYwNQfoZtdxoUWUMX8L1ckOuMeHe_tRMsiTXMNBY8OZ5YcFoJWRFIwgZpDOxNU8IfByhOHtQfSxFoK6aR6Xm6zDvNP3JexTvtgBt9G2xXCSMHir?_=1701158486567	ScriptElement	77 kB	2023-11-28	2023-11-28
Pretty URL 2997.novemberadventures.name/iiNDBoYwNQfoZtdxoUWUMX8L1ckOuMeHe_tRMsiTXMNBY8OZ5YcFoJWRFIwgZpDOxNU8IfByhOHtQfSxFoK6aR6Xm6zDvNP3JexTvtgBt9G2xXCSMHir?_=1701158486567 IP 88.208.59.102 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 09:02 Last Seen2023-11-28 09:02 Times Seen1 Hash 803897e5963672d619f773662beba50a f40099eb4dadfcc4c7282c5b8376a6188e42f299 e4d869a8d236ef5c6465b934417a9782c8865f34d068964edc8a82524a432d80 Loading...

	game.starswalker.site/api/users/456014?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25	ScriptElement	592 B	2024-08-20	2024-08-20
Pretty URL game.starswalker.site/api/users/456014?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash 39ecc1ed633dfca087cebde65eb7b394 9b0ff51f728d006ad612896488173cee1bac7e9c d854cc00a2c4a3c56ce34be983e63457277c5431ac8bc8017cc54507f4b22744 Loading...

	unknown	Function	52 B	2023-04-11	2025-04-27
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-04-27 07:23 Times Seen2994 Hash 6d859e188748e3ba44797981c8640bb5 0511b236880e0d87a7d09c6e1a2515e6eec187cc a43cd3864ec7130f8089603df97ad3060f876dc4d31c2a65746043c05733d4c8 Loading...

	cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js	ScriptElement	6.4 kB	2023-03-07	2025-04-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03 Last Seen2025-04-30 02:19 Times Seen559 Hash eb638361f3402431eb2195f569607d91 c00d931f8738add2a738429784343ea1702b19cf 2a9c9c017aa931fb3ea3db71751ab13c8d8f7e5c4e6f785d3922ad07820443b7 Loading...

	a.bestcontentfood.top/warp/4789786?r=29033	ScriptElement	4.2 kB	2023-03-08	2024-09-19
Pretty URL a.bestcontentfood.top/warp/4789786?r=29033 IP 104.21.19.32 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32 Last Seen2024-09-19 20:33 Times Seen48 Hash cdd47cdf8597e4baea0fac1420d7465d 94e7f61cac66735b75afc008e0bddd417ebb14d2 5ed3f3e679f9930a69a5874415a4f9ca703d4020bacc8a002c6767e960379776 Loading...

	cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js	ScriptElement	2.0 kB	2023-03-07	2025-05-05
Pretty URL cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17 Last Seen2025-05-05 14:52 Times Seen1535 Hash 45f12de4d7b95a193ecdc5cfde664bb9 ee9541cf1a95d2a885f8b143a105caaa08ca9c9d 39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b Loading...

	resalag.com/get/1827308?zoneid=1827308&jp=_clu8rlf6awoohrljai07fd&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8555736423976448&eclog=0&sp=1&im=1&freq=0	ScriptElement	5.3 kB	2024-08-20	2024-08-20
Pretty URL resalag.com/get/1827308?zoneid=1827308&jp=_clu8rlf6awoohrljai07fd&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8555736423976448&eclog=0&sp=1&im=1&freq=0 IP 212.117.190.201 ASN #5577 root SA Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash bf615bf7a2ca40c6f28a4ef7644c3332 ff7a85662343b07f2a3324ca392e29c9b077e2d8 b377183f2ea3b41b88558c4708320e4e23e0bf37d8df767ef429b755ed639a9d Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 07:25 Times Seen340580 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.googletagmanager.com/gtag/js?id=G-GX0FLQH21P	ScriptElement	239 kB	2023-11-28	2023-11-28
Pretty URL www.googletagmanager.com/gtag/js?id=G-GX0FLQH21P IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 09:02 Last Seen2023-11-28 10:49 Times Seen2 Hash 5e63e3f4024d25bcb445092772ca2119 673fe615911378cbcd63cdda2d8c1b397860ec78 36007f4e6fbd90ac8d83533f554b9244d9699ac599ff2872531ea690fbece44d Loading...

	vjs.zencdn.net/7.5.5/video.min.js	ScriptElement	502 kB	2023-04-10	2025-04-30
Pretty URL vjs.zencdn.net/7.5.5/video.min.js IP 151.101.194.217 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-10 19:50 Last Seen2025-04-30 02:19 Times Seen553 Hash abf127b5ab0bb498119a93890119a660 86083627a04fe65a9ff242a3edb746b94da084a8 4122c012e6c8aba50f529e47785cd402e2b1f6dc1c643907a9fb65375d5cee11 Loading...

	unpkg.com/silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js	ScriptElement	21 kB	2023-03-07	2025-04-16
Pretty URL unpkg.com/silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js IP 104.16.124.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25 Last Seen2025-04-16 19:47 Times Seen827 Hash 242c96b6f341fad00f677b568a7a6e6b 7ba156f36a99393095461ef4ed1f29e5a26732e6 2b17f02db63529b2ba6fe67c320b69ff803b775b7bd6c70ce4809c5c660ab30b Loading...

	www.porngo.com/vpaid/videojs_5.vast.vpaid.min.js	ScriptElement	106 kB	2023-03-07	2025-04-30
Pretty URL www.porngo.com/vpaid/videojs_5.vast.vpaid.min.js IP 104.21.234.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03 Last Seen2025-04-30 02:19 Times Seen596 Hash 3eb2d1bdcb22ab1037fe9f6b5cf00143 b065d9fabe06ca3488cdd628c6da319c49dd4a78 66348d21d329d78be67f953ac0aad20a504ec3f3f911d3d67f58516475a18036 Loading...

	unknown	ScriptElement	756 B	2023-11-28	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 09:02 Last Seen2024-08-20 17:37 Times Seen5 Hash 36e9103c1525782446ce95947ef49e13 59935dffa10eed137de99da4a5d4aa9e8c815463 51bf85c88776d11a9490ed33b5eb886c607998eab5854faf41b2aa9574b7581a Loading...

	game.starswalker.site/api/spots/322254?p=1&s1=%subid1%&kw=	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL game.starswalker.site/api/spots/322254?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash 3169352c67b8b27099e097ea0f9e3fb9 b563ddfbe60167fc6c5dbc9e35a5f9050a11b4c9 4c69b313f66eeb1081ef4944b2407be4572f9bd01ddc1747748176a0c1d6e2c1 Loading...

	game.starswalker.site/api/spots/322253?p=1&s1=%subid1%&kw=	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL game.starswalker.site/api/spots/322253?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash af4b1aeec795a87cdc8670df98cba3ae ce4aa4b57b06614ddd5548b1bb06dc3aeb5577fa 5d1cb3f4f0a6cc36fc2e7eac16e4c7857569bac7861882a93e59d668eec83b8f Loading...

	a.orbsrv.com/nativeads-v2.js	ScriptElement	45 kB	2023-08-15	2024-08-21
Pretty URL a.orbsrv.com/nativeads-v2.js IP 185.76.9.24 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-15 10:09 Last Seen2024-08-21 08:41 Times Seen198 Hash 1f686e1c6bcebb5e374faa753c815853 e68a7f45c795e88664b19e38bb94617467ffdbe0 dd81e1adbb0a938b11f3e4f00fd09074038533831e65612fe54a2965722af36f Loading...

	ta3nfsordd.com/get/1827971?zoneid=1827971&jp=_clhldu20lb5nyohbmj5jyp&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178036703463424&eclog=0&sp=1&im=1	ScriptElement	37 B	2023-03-07	2025-02-06
Pretty URL ta3nfsordd.com/get/1827971?zoneid=1827971&jp=_clhldu20lb5nyohbmj5jyp&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178036703463424&eclog=0&sp=1&im=1 IP 212.117.190.201 ASN #5577 root SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-02-06 09:31 Times Seen1105 Hash 26c0446473cdbedd7eb18169ae75e0fd c2a8a31848b22f49c044d0e8f2b4a48e856e08b8 c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165 Loading...

	game.starswalker.site/api/spots/322253?p=1&s1=%subid1%&kw=	ScriptElement	925 B	2024-08-20	2024-08-20
Pretty URL game.starswalker.site/api/spots/322253?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash 4f9db26744f3d7b6753e205793cf26a9 71bdab456bdd903a44875d2a85ecaaee4f52cff7 1198642c5d478b7be82e0ee667ff3380b3114b77821b240b9a2b31fe244048eb Loading...

	www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169	ScriptElement	3.0 kB	2024-08-20	2024-08-20
Pretty URL www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169 IP 104.21.234.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash 9d14a4ba05c328902fa6ed6c384d0e63 6ae29f9eb5ed48f876efdc7c39d9d53cc4ced6a6 90edc49eea66b87061fba2ed141f2dcd9c219145de4b1b73cce3c35325646805 Loading...

	game.starswalker.site/api/spots/329581?p=1&s1=%subid1%&kw=	ScriptElement	520 B	2023-03-08	2024-08-21
Pretty URL game.starswalker.site/api/spots/329581?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 14:32 Last Seen2024-08-21 09:33 Times Seen28 Hash c46a95561fd07f7b370975b78e55f43d d6c07d4badc1e18c4a1609ef7f7a1fb2136a9ad1 e9c482b65550c2a684fe06ab99a2febdfab940cdc5135e30bc8bb04674b5b3dc Loading...

	a.orbsrv.com/ad-provider.js	ScriptElement	122 kB	2023-11-18	2023-11-30
Pretty URL a.orbsrv.com/ad-provider.js IP 185.76.9.24 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-18 08:53 Last Seen2023-11-30 14:56 Times Seen45 Hash 37a51e5a3e81c06a86896833341c1ecf 075f126ac630e1b7e6c942013891821fe7d5628b cfc14ad92298562dd4fbd2a033e4eec2d280f988fc4f161cb70deecebe473352 Loading...

	www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169	ScriptElement	6.9 kB	2023-03-08	2024-08-21
Pretty URL www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169 IP 104.21.234.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 14:32 Last Seen2024-08-21 09:44 Times Seen42 Hash 6ad7ed2b8cfc0eb3940e838854e3f811 5c612dfd4b89ea12b77a8b1a32aad06905d56e56 ab194a4a43c3abd896089824a6f1ef639f260725a574c7c058befe54e2266453 Loading...

	chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0	ScriptElement	160 B	2023-06-16	2025-05-04
Pretty URL chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0 IP 104.18.101.40 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-16 03:38 Last Seen2025-05-04 02:47 Times Seen1609 Hash 58df3c432d982ebe879fef87e21db6b2 7264d7aeaffc235db990c726a3ebbe0251f212b4 86e54838ba8d4b2292835bbe107678f7e5dc22f8681f506af841f07df38e5d52 Loading...

	www.porngo.com/js/kvs/main.min.js	ScriptElement	280 kB	2023-03-08	2025-04-22
Pretty URL www.porngo.com/js/kvs/main.min.js IP 104.21.234.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:02 Last Seen2025-04-22 16:11 Times Seen88 Hash 8dbc555c132c993491b3a0f717377955 84d4e2e47c1939a871261174735a023c9fd3a022 3fca6af12b11effad1a77cc11f5fd5493f8a372da486548e5141534ba57101fe Loading...

	crisistuesdayartillery.com/ea/8a/f9/ea8af9849c3d36f72e75ff80972b12c1.js	ScriptElement	60 kB	2023-11-28	2023-11-28
Pretty URL crisistuesdayartillery.com/ea/8a/f9/ea8af9849c3d36f72e75ff80972b12c1.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 09:02 Last Seen2023-11-28 09:02 Times Seen1 Hash d64b70b2d6aa053acdb6278c790d046e 486e6015743fbc52cd6b5d16924cc0ac61fc5403 27cff6042e8b04b183de9b31890a49b82701328d554ef1bb298a6b560633ebe2 Loading...

	unknown	ScriptElement	134 B	2023-03-07	2025-05-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-08 16:18 Times Seen5775 Hash 41eece0da217398b6f4d4ee2f01b6245 72f2098b0520b07dd3c6874646c920a3d367a4e2 62bba8c2295a14bb2d007a3f7f8730fd10cef7348a6474f3f832c99ca6795d35 Loading...

	randomamongst.com/10/1f/34/101f34fe74998c687adf688cf98d4808.js	ScriptElement	43 kB	2023-11-28	2023-11-28
Pretty URL randomamongst.com/10/1f/34/101f34fe74998c687adf688cf98d4808.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 09:02 Last Seen2023-11-28 09:02 Times Seen1 Hash efc726d3609daa30df3622f12d3aa24a 05e2314be8e3bdedb1560eebfeb426bee44464e6 553f9eb332c57bae1f2459fc7bb0d2522f1cca265332b34bafc928fa5756c22a Loading...

	game.starswalker.site/api/users/433863?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25	ScriptElement	544 B	2024-08-20	2024-08-20
Pretty URL game.starswalker.site/api/users/433863?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash f73f50d6fddb4a90642e9e7db5051aa2 d1a4689fcd3be6a27155e3e808dc4144f5ac18d1 1fc6c8cd2f1ff5432a4e9dcad6d37a2e2a81fe7c8d631d6ede7e983fbaebeb6d Loading...

	www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169	ScriptElement	23 B	2023-03-26	2024-08-21
Pretty URL www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169 IP 104.21.234.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 03:06 Last Seen2024-08-21 09:44 Times Seen41 Hash b7b5091066edc2c6a3681af13df7b607 979b48ebc472043967c76e72603c73c27216ee28 0fe65166934eb1e4c3335ec4d58ebc5ea54955be6e9b1a16bc0139787ad04959 Loading...

	www.porngo.com/js/videojs.persistvolume.js	ScriptElement	3.7 kB	2023-03-07	2025-04-30
Pretty URL www.porngo.com/js/videojs.persistvolume.js IP 104.21.234.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03 Last Seen2025-04-30 02:19 Times Seen553 Hash f2bdaf6b076a3f5c4b201043fa99e7e6 f55071bc8b46698523719fa2be0528fdbf2dc53b 7876724352a649e130f98ef346619e17272581ce1db46e7dbafc470a7354d055 Loading...

	game.starswalker.site/api/spots/329581?p=1&s1=%subid1%&kw=	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL game.starswalker.site/api/spots/329581?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash 3585dbfd05f26e54f1ec0d00a5f57c1e 2c06c5493affe69e75c40261f76623612a016964 9236d80f2b87fb0c902d443b376109a17e91518a099a80e49f50cf029bdf9e84 Loading...

	game.starswalker.site/api/spots/329581?p=1&s1=%subid1%&kw=	ScriptElement	926 B	2024-08-20	2024-08-20
Pretty URL game.starswalker.site/api/spots/329581?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash a45119e8905c641fc0559008dc13e1fa 5a45d90e7129a11e71baea29b91b07d90bbaddc5 a3445808fb58ac35a38edebc1f581a36e2680ae6ab628020d08eed79e8958294 Loading...

	game.starswalker.site/aSHptgd.js	ScriptElement	306 kB	2023-11-28	2023-11-29
Pretty URL game.starswalker.site/aSHptgd.js IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 09:02 Last Seen2023-11-29 23:50 Times Seen8 Hash 6b4984dd977acd1a8e3350f22b7297ce 176f1ebd8361a32a00d07143149419f11d76006a 2a5c9bdabbd7c997e5e2f4d24f34160351567a015343cf45033d17ef79cb56c9 Loading...

	www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169	ScriptElement	388 B	2023-03-26	2024-08-21
Pretty URL www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169 IP 104.21.234.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 03:06 Last Seen2024-08-21 09:44 Times Seen46 Hash 885a496cf25d47ba81e4a220f81c8cc2 c8c0e3a66e931bb4fe615edae121ab5193396862 45d167c16e19e138bb6ac2519844bdcc518f97e06fba2adb314066f7927c9d1c Loading...

	ta3nfsordd.com/aas/r45d/vki/1827971/tghr.js	ScriptElement	89 kB	2023-11-15	2023-11-28
Pretty URL ta3nfsordd.com/aas/r45d/vki/1827971/tghr.js IP 212.117.190.201 ASN #5577 root SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-15 18:53 Last Seen2023-11-28 09:02 Times Seen4 Hash 83e1cbc08f0fe1a3faa25783e2ba1afd eae8f178bfa2195e8e3ffc57379c1bf57fe68bf7 9e8d864b527cdac434882cdd978e4627e508691bc89a2da6eeaaef09342cafa6 Loading...

	chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0	ScriptElement	237 B	2023-06-16	2024-08-21
Pretty URL chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0 IP 104.18.101.40 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-16 03:38 Last Seen2024-08-21 09:42 Times Seen622 Hash cde99a92901a9e646d2210008763bba9 69f539d2f0eb60bf631f937222ec7c92f3a49f87 957e8a70beca31e293d653f8b265a7e5bc843e803ca8bd540ae54b6381ce9bd3 Loading...

	chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0	ScriptElement	132 B	2024-08-20	2024-08-20
Pretty URL chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0 IP 104.18.101.40 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash 7ecc40932b822d02ad316e32e0683f3b 31060f8cfae5c462d1aa1090e676df74008ea1ea 250f9be5725b3a51e0435bf7179c2f9429c5ecef7e02685b45c438c2ed8a158c Loading...

	chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0	ScriptElement	2.0 kB	2024-08-20	2024-08-20
Pretty URL chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0 IP 104.18.101.40 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash 18b5ec00a60b435a7d0aa7cfb04184d3 9d6eb4c0ea4d33bb9c7915017ca28322913febe0 244f50c76c0af852b6e5be6a01af5bad1d8238f294f1a0d8b2156b738f89dadd Loading...

	twinrdsrv.com/banner.engine?id=aabdf405-363f-4e9e-b903-da4d77c69444&z=40582&cid=b9c&rand=65527&ver=async&time=0&referrerurl=https%3A%2F%2Fwww.porngo.com%2F&abr=false&curl=https%3A%2F%2Fwww.porngo.com%2F	ScriptElement	2.2 kB	2024-08-20	2024-08-20
Pretty URL twinrdsrv.com/banner.engine?id=aabdf405-363f-4e9e-b903-da4d77c69444&z=40582&cid=b9c&rand=65527&ver=async&time=0&referrerurl=https%3A%2F%2Fwww.porngo.com%2F&abr=false&curl=https%3A%2F%2Fwww.porngo.com%2F IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash efeede8057d7b516d4aeb969c8ae5b4f dbc484a02eb81394cb195b47a838bb30f7d90633 6bb8863510fbb791c292448036a8a5edba2324878d488fef5260a3e0ced6d774 Loading...

	unknown	ScriptElement	3.4 kB	2023-11-28	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 09:02 Last Seen2024-08-20 17:37 Times Seen12 Hash 4ad748a17db5d323052be2f23f90f19c ee891bbf9f6bed31f65a31a3e87f31388f922f5f 9d6b7df7c3700d72299506bcf5a8319457a6a249fdda30dfaacd5e62f1d0b2c5 Loading...

	game.starswalker.site/api/spots/322254?p=1&s1=%subid1%&kw=	ScriptElement	926 B	2024-08-20	2024-08-20
Pretty URL game.starswalker.site/api/spots/322254?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash 8df8873cd97100369bdc970c3e680f9c 147be80a57380587bf648449647a4ced5bd577e2 d20b5211ecbc63847169c8092e5b512ea018c3db3fc256c18a6140643d60924c Loading...

	www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169	ScriptElement	540 B	2023-03-26	2024-08-21
Pretty URL www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169 IP 104.21.234.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 03:06 Last Seen2024-08-21 09:44 Times Seen46 Hash 77ec91b6768a9feadb46d14c9f0ef52c 9ab3cf63f55c2d21a303ff1a5cc2492ddf4e1d5d 0482444d8bdfaf16abea8316c9930f8dad34efee0bba839a3ba1617eda18630e Loading...

	game.starswalker.site/api/spots/334568?p=1&s1=%subid1%&kw=	ScriptElement	926 B	2024-08-20	2024-08-20
Pretty URL game.starswalker.site/api/spots/334568?p=1&s1=%subid1%&kw= IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:37 Last Seen2024-08-20 17:37 Times Seen1 Hash 6f3458c3822963849c60b5959a9e1a3d 198f884c17f320e57df9a1587b8d0d4d89cdd02c 068e0d33dbbc2855d86939abdf40a553058b3b053cc395d5848094570204ce11 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js	ScriptElement	96 kB	2023-03-07	2025-05-09
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 07:18 Times Seen25105 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169	ScriptElement	494 B	2023-03-26	2024-08-21
Pretty URL www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169 IP 104.21.234.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 03:06 Last Seen2024-08-21 09:44 Times Seen46 Hash 6a1931882984f9f4d0fc21a94192af9a eec8f21a13b12152d556b14492be2a9d83fee39a 40050825bc21c161f9fa3d57188a902e3c486268761a572a0b474c0c4326711b Loading...

	creative.bbrdbr.com/widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js	ScriptElement	61 B	2023-03-14	2025-03-26
Pretty URL creative.bbrdbr.com/widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js IP 104.18.59.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 06:30 Last Seen2025-03-26 07:32 Times Seen2403 Hash 22f22b49cc901aa95826401f7ce0930c 6471abdd35ab6d511b67d73ad1375f1ee0f255de 0fae8b03858a764bad3e9af19bfc924ead5b9e25c760432c19e91cba3dff1cf3 Loading...

	www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169	ScriptElement	70 kB	2023-11-15	2024-08-20
Pretty URL www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169 IP 104.21.234.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-15 18:53 Last Seen2024-08-20 19:26 Times Seen5 Hash cfac200ca4aa6e87f53deb7ba2fd29cb 58c71600fd052541d7c17572317c4e489833c608 41c631a4e2c2368e1e702e67a06952014fdfece95ebc290dd050371121862f29 Loading...

	cdn.tapioni.com/adgpt.js	ScriptElement	2.0 kB	2023-11-27	2023-11-29
Pretty URL cdn.tapioni.com/adgpt.js IP 172.67.31.117 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-27 16:18 Last Seen2023-11-29 23:50 Times Seen15 Hash 693221b5c25db72479c9c7d7563e4267 755d9ef9e300269b949b6ce924a04edacc35d957 62951f58fc513237d4ed36e3b4050dabaccd9a7f57b5e9c951d3a7de9ab3a013 Loading...

	creative.bbrdbr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js	ScriptElement	178 kB	2023-09-06	2024-08-21
Pretty URL creative.bbrdbr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js IP 104.18.59.150 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-06 18:01 Last Seen2024-08-21 07:23 Times Seen659 Hash 4a1e862a348e6713dfcce18e9cda2f42 47bed78ef29844bec68da443a6b0add48936b61b b3b83266dde6fa2870ddc1cc812233d8baa03727cd4d65733ed5ee7a4fbb4490 Loading...

	2997.novemberadventures.name/iiNFDoI4OA3oZtdxoUWUMWYX08kOuMeHe_tRMsqTIJgVNJ-Jot9M98LrUt5pe9WRlYhs9wDv4mbIFBpjzI9Y2w93_Q?_=1701158486566	ScriptElement	16 kB	2023-11-28	2023-11-28
Pretty URL 2997.novemberadventures.name/iiNFDoI4OA3oZtdxoUWUMWYX08kOuMeHe_tRMsqTIJgVNJ-Jot9M98LrUt5pe9WRlYhs9wDv4mbIFBpjzI9Y2w93_Q?_=1701158486566 IP 88.208.59.102 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 09:02 Last Seen2023-11-28 09:02 Times Seen1 Hash b822f691a8246b6c16aa009a5c1e439e 51914eeb4aac3f38a99114c7836f6f8b65226297 cd916bf06e6d90a6176039bd3620df026e80d7ab7f5981e431757a3b3eb5780c Loading...

	cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/js/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-05-07
Pretty URL cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/js/jquery.min.js IP 172.64.109.10 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04 Last Seen2025-05-07 13:51 Times Seen2286 Hash 561acb3e541133bbdd2c0c19f8ee35a1 ffd1353cf3f77d25f801c84d8208613eb0d3d548 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc Loading...

	unknown	ScriptElement	1.2 kB	2023-11-28	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 09:02 Last Seen2024-08-20 17:37 Times Seen2 Hash 683cf5a5fd078cbddc5618c20a966007 7fc4be33e3de663e52d6c47e24efa7b35c1c17a6 1cf3a116aeecfae0736fff69e552efe464544c0dac5304f89d95dbe1fa984320 Loading...

	www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169	ScriptElement	1.1 kB	2023-03-26	2024-08-21
Pretty URL www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169 IP 104.21.234.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 03:06 Last Seen2024-08-21 09:44 Times Seen46 Hash 8e34c354e72ebb690ace838c4ed87d84 fca8df79107f41722f9636535bc323b3f4eab83e bb3e42b09c6f04236ea54770eb89fe737c49a14fe1679bacab603d9e703c2bc8 Loading...

	chaturbate.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.4 kB	2023-11-28	2023-11-28
Pretty URL chaturbate.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.18.101.40 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 09:02 Last Seen2023-11-28 09:02 Times Seen1 Hash dfedfc7dedb8f48c80586524572cdd27 ca600e2f63eb187dee84b57ec41e8660b1780dbb 310bd5797faa0f442d9b75a87404453de34459c36fa86022700943a883e2b000 Loading...

		Size	First Seen	Last Seen
	#1 Write - 58107ace272aa1bba3c89dec33d2a2fe	1.2 kB	2023-08-12 20:46	2025-04-30 02:19
Pretty Observations First Seen2023-08-12 20:46 Last Seen2025-04-30 02:19 Times Seen220 Hash 58107ace272aa1bba3c89dec33d2a2fe 4354d38a81f8398fe8027b2aeb1a463036e72cc8 d05cc3b7ebf4666a4dd990940ae9f45916c24718340dc6f57d397c65e3f22f54 Loading...

	#2 Write - 700f24742a88ec4ce3da7ba66ef694ca	449 B	2023-03-08 14:32	2024-08-21 09:33
Pretty Observations First Seen2023-03-08 14:32 Last Seen2024-08-21 09:33 Times Seen27 Hash 700f24742a88ec4ce3da7ba66ef694ca a006e155cb87b75805a00607bb86801b0aa7646f 62883460bf2755a7886b23755da01fa54c3214e80fd0d02e682d559f8d72c3b7 Loading...

	#3 Write - d42be129a81d77acba6667879f1268b5	3.1 kB	2023-08-29 11:31	2024-08-21 07:51
Pretty Observations First Seen2023-08-29 11:31 Last Seen2024-08-21 07:51 Times Seen13 Hash d42be129a81d77acba6667879f1268b5 f201db3aec53c5e81897fb61922f8f5a24197460 c76ab2365e7464dd9493982777e4009094a51c75e145558d63e41f1c5dc94ccb Loading...

	#4 Write - ce80c951306a9528ac603aea3917e7fa	244 B	2023-11-28 09:02	2025-04-22 16:11
Pretty Observations First Seen2023-11-28 09:02 Last Seen2025-04-22 16:11 Times Seen23 Hash ce80c951306a9528ac603aea3917e7fa adc62ae4c803e9f08570f8393d7b91f2d3406131 d74fff260f3cccea93aec8c9a67618e16466791e27a056982e6ba26f23daa3fe Loading...

HTTP Transactions (201)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.css

104.17.24.14

200 OK

256 B

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
256 B (256 bytes)
Hash
39aa2ea27eb7b72cf73d0d5b4f892daf
9fa0eb7f5d30e7c54f505ffe9fa5a1fe4725279f
e425124d9e8e5674cdad309801b12fdc3804465bc30322d4515b09347a52be05

HTTP Headers

GET /ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: text/css; charset=utf-8
content-length: 256
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04020-36a"
last-modified: Mon, 04 May 2020 16:17:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 532611
expires: Sun, 17 Nov 2024 08:01:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clh8HknrAKnLByeLbl98P1MpWEm3dmbL%2Bl9zdqfQUmYbJyBNAHF3h%2F7IpJuOBN8QtNxb5hDhmi%2BZlW5TUb5A00P8Pnq9oEs53g3EKH3DBmLYgFq4UuSnPMRZPj603dOmKNRr%2BvJn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82d1151e49385694-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js

104.17.24.14

200 OK

1.7 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
1.7 kB (1675 bytes)
Hash
eb638361f3402431eb2195f569607d91
c00d931f8738add2a738429784343ea1702b19cf
2a9c9c017aa931fb3ea3db71751ab13c8d8f7e5c4e6f785d3922ad07820443b7

HTTP Headers

GET /ajax/libs/videojs-thumbnails/0.1.1/videojs.thumbnails.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 1675
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04020-18dd"
last-modified: Mon, 04 May 2020 16:17:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 258301
expires: Sun, 17 Nov 2024 08:01:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6Mye7aYkCAhuNRZJN5AeRSy53xOquMBQZ%2BV%2Fr7xqvF1jkYpHVLooLOGnehCUFbDbCIP1fv3KXttSEshgodWyDSUFgztg5YVy1qfSZDHiOl7uh3wiwuIfmovJ43qK9bPOP5DDkzp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82d1151e593e5694-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img10.porngo.com/184000/184934/medium@2x/1.jpg

104.21.234.90

200 OK

40 kB

URL GET HTTP/2
img10.porngo.com/184000/184934/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
40 kB (39467 bytes)
Hash
ce5a1f18e2ac5e840971e71c438e4821
3e42756ebb5c4c6d804d660b1103925e09155d07
5a08148bb8ac05e2bc6e89e7737ea1d8c63438ca0ec3d1f55bcbf56e8f15723a

HTTP Headers

GET /184000/184934/medium@2x/1.jpg HTTP/1.1
Host: img10.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 39467
last-modified: Sun, 26 May 2019 03:50:00 GMT
etag: "5cea0ce8-9a2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 107836
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7GH0cOy2jUQfdtzD%2BOpRHR7QJCBirlZPnuLjqGjPZcsDsCFapKv8YTodo4%2FYKHgPJqLYDWHhQNpJHVBZAookmJN%2BAqZaTgJP5FGrF3lKCPhwyx%2BHXmm%2BCYD3MS5AenyvmDN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151e4897d91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img5.porngo.com/48000/48533/medium@2x/1.jpg

104.21.234.90

200 OK

49 kB

URL GET HTTP/2
img5.porngo.com/48000/48533/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
49 kB (49094 bytes)
Hash
a3c233cf0d3b8b2bccec752a3284b96a
e9aae41947355e0e5aa3c171ef7c54f901fbf912
fb935200bf2988f4ce9c44ae22ca1bd23932eb8df346ea9a189303eb4ce95d7b

HTTP Headers

GET /48000/48533/medium@2x/1.jpg HTTP/1.1
Host: img5.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 49094
last-modified: Wed, 29 May 2019 21:15:11 GMT
etag: "5ceef65f-bfc6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 38257
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFtYrJ%2BMOXxRe0CBFz9lvCE5AxFsOTQM9QIpFHQjLYBXhtJ0C0LPDK5yCHgM3tP87iHuU%2FkJP%2FL5oG6wxLK1yJqbZASgA4%2Flq9yG1cMZyHPbgMzXyC%2BK5NINIXJJOpyNqGA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151e58dcd91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img14.porngo.com/635000/635450/medium@2x/1.jpg

104.21.234.90

200 OK

42 kB

URL GET HTTP/2
img14.porngo.com/635000/635450/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Size
42 kB (41820 bytes)
Hash
b7b40b817e0975db402e673baf241b31
93ac5adbbfc3f5e0fbf2424e224f7bd3c008464b
bd7620edc1679dfb6eca3f25073145eefbd6c6e0d6d381e8f8b7c1b670010e82

HTTP Headers

GET /635000/635450/medium@2x/1.jpg HTTP/1.1
Host: img14.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 41820
last-modified: Tue, 15 Sep 2020 06:56:08 GMT
etag: "5f606588-a35c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 288
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2nLG8nU2gOXQDunKo5rTKXUYIxSFzdaUeyXZRv17pS1O7PYRPF2j49Eg2pAqHt7W0fJbgK0%2FFJuq9DmZvledgzCPAG9lF%2BfTUXt3Lyu0R9dsymTTKsGzU5%2FZVA2HGyRY6yT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151e48a9d91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

vjs.zencdn.net/7.5.5/video-js.css

151.101.194.217

200 OK

10 kB

URL GET HTTP/2
vjs.zencdn.net/7.5.5/video-js.css
IP
151.101.194.217:443
ASN
#54113 FASTLY

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGlobalSign nv-sa
Subjectvjs.zencdn.net
FingerprintF0:70:0B:AF:84:8A:AB:25:98:72:B0:E7:EE:F8:2C:2C:6B:58:8E:4E
ValiditySat, 03 Jun 2023 21:48:23 GMT - Thu, 04 Jul 2024 21:48:22 GMT

File type
ASCII text, with very long lines (5636)
Size
10 kB (10533 bytes)
Hash
29daa9b197765c0111b16939ce1264a9
d8ee7d372482beea64fc1ce2c520702f72632bf1
f53fc4c5e613265564b6bbd94ae0af0ba9cb6c31ba804193b0fa548b96f6ee08

HTTP Headers

GET /7.5.5/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 13 Jun 2019 18:18:21 GMT
etag: "29daa9b197765c0111b16939ce1264a9"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Tue, 28 Nov 2023 08:01:21 GMT
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 1510
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10533
X-Firefox-Spdy: h2

img14.porngo.com/637000/637659/medium@2x/1.jpg

104.21.234.90

200 OK

42 kB

URL GET HTTP/2
img14.porngo.com/637000/637659/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Size
42 kB (42379 bytes)
Hash
bc043c7bbe91c9f72a26c13e68d80b61
1546366df85d2f723e39105d20b694ea42217434
05334d0f3866b69bbfb2eb32546abfc4c1448bab36edb9a4293a332b72635e45

HTTP Headers

GET /637000/637659/medium@2x/1.jpg HTTP/1.1
Host: img14.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 42379
last-modified: Wed, 30 Sep 2020 08:38:39 GMT
etag: "5f74440f-a58b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 6464
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJDs%2Bg0ACf5qiYSBu%2B3TOA6EDJrvrNXy452Q%2FQAh4M%2FitAhwZQu63ejYli3EVVOzisjYveBsnFSmMQKp4%2FDsm%2BgHDQ%2Fs5hgk%2BzrE8BWKoPRYgD%2BSKY1%2FBox38hWph0pjX1%2BA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151e48a1d91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img5.porngo.com/44000/44043/medium@2x/1.jpg

104.21.234.90

200 OK

52 kB

URL GET HTTP/2
img5.porngo.com/44000/44043/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
52 kB (52186 bytes)
Hash
94f54a224df472003855671dd588639a
62c5dcf136c127735f4a149e4df85184d6e522c1
03fbecd6a6e93d7b6a616ddb16e49f1895cd833169359ba81ef06d464023f4bc

HTTP Headers

GET /44000/44043/medium@2x/1.jpg HTTP/1.1
Host: img5.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 52186
last-modified: Fri, 07 Jun 2019 19:08:37 GMT
etag: "5cfab635-cbda"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 254738
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnDdPZjmDh2lBqTjjK%2BeBVmtiR6jUpzF%2FZS0UwpVMLJSJMsbRssIH1DRJClE1cNqZqUOWgf0jVWsqH40HKRJTPXSoo0VOG%2FU5jQvssaMzOT%2F5UzCtJdVjDrQ3nroTQHYMgs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151e58d9d91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img14.porngo.com/638000/638133/medium@2x/1.jpg

104.21.234.90

200 OK

47 kB

URL GET HTTP/2
img14.porngo.com/638000/638133/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Size
47 kB (47272 bytes)
Hash
34a373f852877576141f2e6db0a10c0d
c68f41c1b4279822f8c84c6200893cb2b00f9312
2b02968fcacad55b506b2353fbde48efd6f9fcbf1ec79d91134d0a666160c232

HTTP Headers

GET /638000/638133/medium@2x/1.jpg HTTP/1.1
Host: img14.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 47272
last-modified: Wed, 30 Sep 2020 09:18:18 GMT
etag: "5f744d5a-b8a8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 538271
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3qPjB2M32w9xiqa1nqt9tizj0GwHifH%2FaoVkepSqed2cIxpyO11M6zxkgjeD893wR6hA6w9G0NyGORpACjxDwFkFTpmyzjdr4t%2BeQHVHAlIeZd7cw9Hm3gjs7rltemmPGIf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151e58ced91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

vjs.zencdn.net/7.5.5/video.min.js

151.101.194.217

200 OK

139 kB

URL GET HTTP/2
vjs.zencdn.net/7.5.5/video.min.js
IP
151.101.194.217:443
ASN
#54113 FASTLY

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGlobalSign nv-sa
Subjectvjs.zencdn.net
FingerprintF0:70:0B:AF:84:8A:AB:25:98:72:B0:E7:EE:F8:2C:2C:6B:58:8E:4E
ValiditySat, 03 Jun 2023 21:48:23 GMT - Thu, 04 Jul 2024 21:48:22 GMT

File type
Unicode text, UTF-8 text, with very long lines (65133)
Size
139 kB (139372 bytes)
Hash
abf127b5ab0bb498119a93890119a660
86083627a04fe65a9ff242a3edb746b94da084a8
4122c012e6c8aba50f529e47785cd402e2b1f6dc1c643907a9fb65375d5cee11

HTTP Headers

GET /7.5.5/video.min.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 13 Jun 2019 18:18:22 GMT
etag: "abf127b5ab0bb498119a93890119a660"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Tue, 28 Nov 2023 08:01:21 GMT
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 139372
X-Firefox-Spdy: h2

img14.porngo.com/643000/643576/medium@2x/1.jpg

104.21.234.90

200 OK

41 kB

URL GET HTTP/2
img14.porngo.com/643000/643576/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Size
41 kB (41058 bytes)
Hash
907d0f45425fe9f728b8bf4bd8390511
53e1e2e9d921725c2c52d4e319ace1205e17f0e3
16ac1eeb489ca478d6d045f4f0bab08d49eab9dd3b68f3bc9adafbaff85373e6

HTTP Headers

GET /643000/643576/medium@2x/1.jpg HTTP/1.1
Host: img14.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 41058
last-modified: Fri, 09 Oct 2020 09:20:56 GMT
etag: "5f802b78-a062"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 189397
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zjj%2F%2FjL6ZN3Fq2GC0GqexTjRMiiOlAWD9qJ99b%2FU9oOVw%2B1VcrvgMKgUK9EolxeEiSdBA2Rtp9GdUufI4GpNgHvLmqjEMl1%2BidFxb1o84%2BETarJuzRAgrJ%2BjGjcVRv%2FK52ID"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151e58d0d91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img10.porngo.com/185000/185235/medium@2x/1.jpg

104.21.234.90

200 OK

43 kB

URL GET HTTP/2
img10.porngo.com/185000/185235/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
43 kB (43408 bytes)
Hash
8e0c1958c8e079f2ba3f5492d26a98bf
ccc0ce8d7457d94a6d677b06c3861a48be6f220b
621e073452f11ce1c7314af052f9a7cb335bc916729760893e7b5a3261009627

HTTP Headers

GET /185000/185235/medium@2x/1.jpg HTTP/1.1
Host: img10.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 43408
last-modified: Wed, 05 Jun 2019 10:54:51 GMT
etag: "5cf79f7b-a990"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 29607
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FymxX7seFpCMSzQRuLB0EDm1OEgo%2BTMCRMp1XUdT0nL3XrZrb5yDTA%2B0Z6RchRjK1fJLOHmCVQJEGMcMA8HoIK%2BLnX7L5FeZBQ3xV4GPVX%2FNEIEA32wE0aV3JMuZrRg9W13p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151e387ed91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/silvermine-videojs-quality-selector@1.1.2/dist/css/quality-selector.min.css

151.101.65.229

200 OK

375 B

URL GET HTTP/2
cdn.jsdelivr.net/npm/silvermine-videojs-quality-selector@1.1.2/dist/css/quality-selector.min.css
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (449)
Size
375 B (375 bytes)
Hash
ab70ea10db46a2b5fe2f7890b1f3a752
acb58a65732d4d7daf6c663aae785750461a2b1f
bbd9db8e1c208458a477d2d4bf7187b0fdf46ed806104228f278aeda0cf91cf4

HTTP Headers

GET /npm/silvermine-videojs-quality-selector@1.1.2/dist/css/quality-selector.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.1.2
x-jsd-version-type: version
etag: W/"299-rLWKZXMtTX2vbGY6rnhXUEYaKx8"
content-encoding: br
accept-ranges: bytes
date: Tue, 28 Nov 2023 08:01:21 GMT
age: 22273296
x-served-by: cache-fra-eddf8230075-FRA, cache-bma1639-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 375
X-Firefox-Spdy: h2

img14.porngo.com/633000/633133/medium@2x/1.jpg

104.21.234.90

200 OK

67 kB

URL GET HTTP/2
img14.porngo.com/633000/633133/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Size
67 kB (67438 bytes)
Hash
d85c92c527271d8821d0cd0ee4836ff9
3331804fe5b02fa10ec90eefbfc83e9c292f8be8
f05a063e82122caf609df0691eb1a6a469f1cbd7abfd4854805e09fe4a293fe7

HTTP Headers

GET /633000/633133/medium@2x/1.jpg HTTP/1.1
Host: img14.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 67438
last-modified: Mon, 14 Sep 2020 10:45:50 GMT
etag: "5f5f49de-1076e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 20581
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2B1uq4Osjyw1HETeLmLJ5g18A%2FSYSFBIEw0%2FF6adSUjgclYv8ttZkl%2BoOppzhvzR0XQbp70uT10btpBF258CT24%2FlWSZJc5ac%2BYF14UhK19ZgqMfyBCTmiED1hV7M41FpYho"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151e489ed91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img10.porngo.com/399000/399114/medium@2x/1.jpg

104.21.234.90

200 OK

33 kB

URL GET HTTP/2
img10.porngo.com/399000/399114/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
33 kB (33107 bytes)
Hash
2d019cf5a7d9b51edb888a4d389bc71f
f84198c586c0b3b2edc4dae615cc0202de164344
5cd4da85877d1746af1092543b629d00b7601f8585e3ca886a4e116792c51ed2

HTTP Headers

GET /399000/399114/medium@2x/1.jpg HTTP/1.1
Host: img10.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 33107
last-modified: Wed, 19 Jun 2019 16:11:20 GMT
etag: "5d0a5ea8-8153"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zd7vr8Tr%2BefAcn%2Fy5SBnc7KM8R%2ByjyHrlMvoYJbnU%2BdSnj0bnDJ9OJrq4cK6lxWQnTuLzUBwi1Ip8tAJWo0p9EsJaRtFaLCtSjpJnWDWCPh%2BcpNkypBZi%2Fwm8GFUUQVBywpL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151e3879d91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img11.porngo.com/170000/170896/medium@2x/1.jpg

104.21.234.90

200 OK

36 kB

URL GET HTTP/2
img11.porngo.com/170000/170896/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
36 kB (35769 bytes)
Hash
a0b8e225c4573d580d89bbb1cb180b86
bbc1527ded1a489ee5da8573b1aa39183ff6b626
a86ee899a0143f161853381e546bfadb13fe1d72f884376da50b9a6d1f5fc418

HTTP Headers

GET /170000/170896/medium@2x/1.jpg HTTP/1.1
Host: img11.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 35769
last-modified: Tue, 07 Jan 2020 15:57:24 GMT
etag: "5e14aa64-8bb9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RAN1UzcVRVYTzwrPbTcBEnHT7OqZBQGVcBXKTHIu40QbH93sMvRmPvtGErfBeDVPo1ROwSZ5DXcqAJzTPrRORi2qmyDpalL580x4%2FJMfcH0WO7qgseoeWb738OEoMNui1QQl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151e8925d91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img5.porngo.com/43000/43856/medium@2x/1.jpg

104.21.234.90

200 OK

50 kB

URL GET HTTP/2
img5.porngo.com/43000/43856/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
50 kB (49837 bytes)
Hash
d19c59ce6d192cf5324c39aa6b64c1da
8b8c08d9a8f4e4b4a4f798e4ed115c2b5ef9a6cd
01621d87464bff0fc342940eabe94136ce536434dc7fc7bb002944372ddf0f97

HTTP Headers

GET /43000/43856/medium@2x/1.jpg HTTP/1.1
Host: img5.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 49837
last-modified: Thu, 06 Jun 2019 21:13:45 GMT
etag: "5cf98209-c2ad"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BB4riN9Q7WpH7TKz3nK9QtYImLKEt2GcigHmWrQAJXwWS%2FdPUMuzwo4%2Fiq%2Fbgju91HjVG%2By%2Ftgx%2B%2FEkEf36shuaQnAJvFbnGDCRaVDFPiB00HfmGpNxTj18bv13pp1Gvv0I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151e58d2d91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img15.porngo.com/854000/854972/medium@2x/1.jpg

104.21.234.90

200 OK

51 kB

URL GET HTTP/2
img15.porngo.com/854000/854972/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Size
51 kB (51330 bytes)
Hash
8b202b47f5b22bb76a0731693e92714e
55bec6c9e4b2f000f0bf8cfb73838d034f67e440
6636214e7f36661eaa4e63dd299bfb625a4cd6de5fdcec76140aec518c1ca1ad

HTTP Headers

GET /854000/854972/medium@2x/1.jpg HTTP/1.1
Host: img15.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 51330
last-modified: Tue, 30 Aug 2022 12:23:30 GMT
etag: "630e0142-c882"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 447750
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7qH7DiBF0plZiekBScJWOse5g5j%2F89elQAK601ZH5PhNy7sAzZVCwvWpQm3PQWBYvwgfDKeDOqXh4u74J51bpWD8a8KeaTcflnCvPUNaxm%2Bjc9DRyFZACF1lQ8rqdEKnu8k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151f7b86d91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js

151.101.65.229

200 OK

1.1 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (1619)
Size
1.1 kB (1078 bytes)
Hash
45f12de4d7b95a193ecdc5cfde664bb9
ee9541cf1a95d2a885f8b143a105caaa08ca9c9d
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b

HTTP Headers

GET /npm/js-cookie@2/src/js.cookie.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.2.1
x-jsd-version-type: version
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
content-encoding: br
accept-ranges: bytes
date: Tue, 28 Nov 2023 08:01:21 GMT
age: 185
x-served-by: cache-fra-eddf8230099-FRA, cache-bma1639-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1078
X-Firefox-Spdy: h2

img15.porngo.com/854000/854914/medium@2x/1.jpg

104.21.234.90

200 OK

29 kB

URL GET HTTP/2
img15.porngo.com/854000/854914/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Size
29 kB (28658 bytes)
Hash
bd8962c376b100a8e6fe78b07d55a7b4
16c98d5de628927737391673cd0a19caf97efb30
3c94016e819857b2346743fcc49ca17b6454b7db62322c91b8aec98581598f06

HTTP Headers

GET /854000/854914/medium@2x/1.jpg HTTP/1.1
Host: img15.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 28658
last-modified: Tue, 30 Aug 2022 12:22:58 GMT
etag: "630e0122-6ff2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 441369
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJDm9DOqea0jLjG2vdKkt5kqZMqcKfMgiodvajNW208pQjua%2FKO8a45tCKDjV2rfRveVKuL9zYqry%2B0kCGoE%2FC1HOBOviislR4DYiqFFAAYPaL%2F3YxT8FHZOaTCIoC57JAtC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151f7b88d91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img15.porngo.com/854000/854480/medium@2x/1.jpg

104.21.234.90

200 OK

33 kB

URL GET HTTP/2
img15.porngo.com/854000/854480/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Size
33 kB (33127 bytes)
Hash
2556c5b21b36e22a15423bb3f5b9b613
71ce23292865c2ab499a04097ceafbc38c5cab97
163c88303cd192a18e18fbcb1996239ab00c3dde6778a8f80a7cf8a9fec72198

HTTP Headers

GET /854000/854480/medium@2x/1.jpg HTTP/1.1
Host: img15.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 33127
last-modified: Tue, 30 Aug 2022 12:23:27 GMT
etag: "630e013f-8167"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 358638
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cuHLn9XYOUxc8wzc2O3fAusCzs3IWTkR%2FpkrdnXq19CioiAvPIaww3DzFnoJqXY0UAOt%2BeYw2d3ScZS3VTbaPGWeKENgoWidJmAaYm5%2BlSLRmycJx99u2rohpyD9wCR%2FrVV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151f7b91d91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img15.porngo.com/855000/855460/medium@2x/1.jpg

104.21.234.90

200 OK

35 kB

URL GET HTTP/2
img15.porngo.com/855000/855460/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Size
35 kB (34603 bytes)
Hash
d4c5ae43ba45349645a6c7c44efc6dd1
d32c02338da22ff70c9cac4875196035e8648b30
400eb30b7b0c80bb39413e7b570dd402dad848eb31071e61a3d2817dd107e182

HTTP Headers

GET /855000/855460/medium@2x/1.jpg HTTP/1.1
Host: img15.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 34603
last-modified: Tue, 30 Aug 2022 12:23:21 GMT
etag: "630e0139-872b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 368660
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRD%2BK0eXPCsgSf9c8sJutNyCHEV%2Fr1kTXo%2FcX3NNjnmF96EN9g8q5u5Id2ykTK8psK3d68vmQGNWPAWMo08r7Ns2zJoDryBFXvKZGdxN1r96x3cnyT3JX3NFlRRmHgvcQ3xx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151f7b89d91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img15.porngo.com/843000/843029/medium@2x/1.jpg

104.21.234.90

200 OK

50 kB

URL GET HTTP/2
img15.porngo.com/843000/843029/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Size
50 kB (49780 bytes)
Hash
3f427e3ef3bbcedd815cb058d5cc8236
beab5fc137797e9f76d8174ab8fba5c1de9c195c
3c2a6364d21c76cd8e8d6e55e061712e46e1adb9d33b8f48a760cb4bb43276b0

HTTP Headers

GET /843000/843029/medium@2x/1.jpg HTTP/1.1
Host: img15.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 49780
last-modified: Thu, 25 Nov 2021 16:26:11 GMT
etag: "619fb923-c274"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 205988
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXLz1DKwL5qhy9EHI5zW5BUEOcVOKunSVrZhzu9lwjaHFcFlsBsGXkcxLfXdrMw2l%2BTkXR5xZG0nZM%2BMAWyoBd95%2FsdEz4ddnBOCrcD%2B0fVptXR9kUXx9DnPJGrYct%2FfNrH8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151f7b83d91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img15.porngo.com/842000/842885/medium@2x/1.jpg

104.21.234.90

200 OK

36 kB

URL GET HTTP/2
img15.porngo.com/842000/842885/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Size
36 kB (35719 bytes)
Hash
a8aa77762dcf19dbbdd7409800120cf9
4d73e06845f7132e71a153430f747fc79bf3bbb9
8dd5b5310a37d624d0069891ea10301672521ec64537beeef7ea0791d24276c1

HTTP Headers

GET /842000/842885/medium@2x/1.jpg HTTP/1.1
Host: img15.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 35719
last-modified: Thu, 25 Nov 2021 16:27:06 GMT
etag: "619fb95a-8b87"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 458811
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJNirnpu1BI9qpejzxUZue67fRLnkU1rlnxVZHxg%2F5Aba1U%2FViPjKjxJ7n3TvGxlwC2YGNqAwiL5LgIiS9m0WjurEKQDKl89Cazlyz9WDvCZkK9pOHQ6uTKjQRPQtleJ3imD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151f8bbfd91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img8.porngo.com/85000/85712/medium@2x/1.jpg

104.21.234.90

200 OK

27 kB

URL GET HTTP/2
img8.porngo.com/85000/85712/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.64.101", baseline, precision 8, 744x420, components 3\012- data
Size
27 kB (27375 bytes)
Hash
99fe1a93c207fc7a66828901411de5c8
41bb2983acc5864ae664840c1cf43707190e7846
6b2e1a8afa21e7c4565e99fca73b137e82c1ece2843250578cbe2571d3788fa4

HTTP Headers

GET /85000/85712/medium@2x/1.jpg HTTP/1.1
Host: img8.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 27375
last-modified: Tue, 08 Oct 2019 21:15:37 GMT
etag: "5d9cfc79-6aef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 524317
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s91GLjf6xps%2Fdd5GsFWeCbwdXAsOEx3m7ZrD5I5MX5Zwf1PJTRbIyhgkK68JAYsvJEMMgRDYFnvay64r%2FiQXDNlDo%2F%2FOL2PGQGdhXm%2FnHPA7NvQbBhZk9oWQRT3pG7THhGs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151f8bcad91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img9.porngo.com/88000/88721/medium@2x/1.jpg

104.21.234.90

200 OK

46 kB

URL GET HTTP/2
img9.porngo.com/88000/88721/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 744x420, components 3\012- data
Size
46 kB (46312 bytes)
Hash
d2df1904f21bbc331dd1ec53f8573d79
962767a230da127f59ffb827e491d17887b47f8e
53499e2317dde5e076d24811d965ab232d9682d0188b2440d9fea10515023714

HTTP Headers

GET /88000/88721/medium@2x/1.jpg HTTP/1.1
Host: img9.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 46312
last-modified: Fri, 18 Oct 2019 14:23:59 GMT
etag: "5da9caff-b4e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 99730
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHC15r1WCtC4jCYRPJioMhgVISlCBfXcvpY%2BVftnCS%2FZ1dltO%2Fq0dODSGsXVz7gR3Eif1OjpZMfIq73ZYftrMjM5od%2BbGnu1D2vpmDuWIFAcMSyB7rOVsg0srakijN3ahkk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151f9c00d91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img15.porngo.com/684000/684804/medium@2x/1.jpg

104.21.234.90

200 OK

36 kB

URL GET HTTP/2
img15.porngo.com/684000/684804/medium@2x/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 744x420, components 3\012- data
Size
36 kB (36149 bytes)
Hash
b2d7374ed8900a388b5247b7d3224cd9
834cd0aa7b69c18d74e77f03e905203ecaafa5e3
d78e5d90a8f8f63aa09f15eed1e53ed9c0b367ba623e912ed7e700cee1de314f

HTTP Headers

GET /684000/684804/medium@2x/1.jpg HTTP/1.1
Host: img15.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: image/jpeg
content-length: 36149
last-modified: Sat, 15 May 2021 16:49:33 GMT
etag: "609ffb9d-8d35"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZZRYJaXZFypL%2BChWwHL8Hx1Z8BpgkdEb%2BBMoXx6GGVtrx1x217pEKjFSvoqmv8tlsQAVmlQi9DKaD1FWwUITsyzwDCNTWESQs9j81Zv%2Bjvvy1Onrt5a6%2FjesVZRjFw7xt%2Bm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1151f7b8bd91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

awrfds3.pornpapa.com/WMLj7S7.js

135.181.208.216

200 OK

76 kB

URL GET HTTP/2
awrfds3.pornpapa.com/WMLj7S7.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subject0i.sh-cdn.com
Fingerprint9C:0A:E3:14:BD:5B:E9:35:E7:06:CC:82:53:EA:FC:46:92:CB:9E:49
ValiditySat, 11 Nov 2023 13:27:07 GMT - Fri, 09 Feb 2024 13:27:06 GMT

File type
Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
76 kB (76041 bytes)
Hash
519b032751547884fd5d2e6e166ad119
c82d285f32bd3eaa4d84bad8efd79f9377d529dc
48e8b22f691fbdb884c0056ba6629545071794cb51d3e79661d17e4d8c716626

HTTP Headers

GET /WMLj7S7.js HTTP/1.1
Host: awrfds3.pornpapa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: application/javascript
content-length: 76041
last-modified: Mon, 27 Nov 2023 07:10:46 GMT
vary: Accept-Encoding
etag: "656440f6-12909"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 30
cf-ray: 82c89a8c5ba8d912-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

game.starswalker.site/Qa9gbH3.js

135.181.208.216

200 OK

76 kB

URL GET HTTP/2
game.starswalker.site/Qa9gbH3.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type
Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
76 kB (76041 bytes)
Hash
519b032751547884fd5d2e6e166ad119
c82d285f32bd3eaa4d84bad8efd79f9377d529dc
48e8b22f691fbdb884c0056ba6629545071794cb51d3e79661d17e4d8c716626

HTTP Headers

GET /Qa9gbH3.js HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: application/javascript
content-length: 76041
last-modified: Mon, 27 Nov 2023 07:10:46 GMT
vary: Accept-Encoding
etag: "656440f6-12909"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 30
cf-ray: 82c89a8c5ba8d912-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

game.starswalker.site/PXXlKV5.js

135.181.208.216

200 OK

76 kB

URL GET HTTP/2
game.starswalker.site/PXXlKV5.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type
Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
76 kB (76041 bytes)
Hash
519b032751547884fd5d2e6e166ad119
c82d285f32bd3eaa4d84bad8efd79f9377d529dc
48e8b22f691fbdb884c0056ba6629545071794cb51d3e79661d17e4d8c716626

HTTP Headers

GET /PXXlKV5.js HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: application/javascript
content-length: 76041
last-modified: Mon, 27 Nov 2023 07:10:46 GMT
vary: Accept-Encoding
etag: "656440f6-12909"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 30
cf-ray: 82c89a8c5ba8d912-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

game.starswalker.site/aSHptgd.js

135.181.208.216

200 OK

87 kB

URL GET HTTP/2
game.starswalker.site/aSHptgd.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type
Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
87 kB (86788 bytes)
Hash
6b4984dd977acd1a8e3350f22b7297ce
176f1ebd8361a32a00d07143149419f11d76006a
2a5c9bdabbd7c997e5e2f4d24f34160351567a015343cf45033d17ef79cb56c9

HTTP Headers

GET /aSHptgd.js HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: application/javascript
content-length: 86788
last-modified: Mon, 27 Nov 2023 07:10:46 GMT
vary: Accept-Encoding
etag: "656440f6-15304"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 285
cf-ray: 82c8a0a709c1d953-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

aibsgc.com/av/1150082/inp3.js

95.216.206.230

200 OK

205 kB

URL GET HTTP/1.1
aibsgc.com/av/1150082/inp3.js
IP
95.216.206.230:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectaibsgc.com
FingerprintAA:E0:15:CB:09:39:12:50:2B:AF:47:C2:5D:57:26:C6:C9:D9:42:43
ValidityThu, 19 Oct 2023 07:55:06 GMT - Wed, 17 Jan 2024 07:55:05 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
205 kB (204807 bytes)
Hash
a06fbf7e1d4badb2d2fa6f8da02233fe
fc983ea25650b6d51cd0b7cea249b56b978a7d37
0428f7d78b976e79a4a360f9df2b8588d85dd74cc5beec81f07a98a6e56466eb

HTTP Headers

GET /av/1150082/inp3.js HTTP/1.1
Host: aibsgc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 08:01:22 GMT
Content-Type: application/javascript
Content-Length: 204807
Last-Modified: Fri, 24 Nov 2023 14:40:27 GMT
Connection: keep-alive
ETag: "6560b5db-32007"
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Referrer-Policy: strict-origin
Accept-Ranges: bytes

resalag.com/lv/esnk/1827308/code.js

212.117.190.201

200 OK

39 kB

URL GET HTTP/2
resalag.com/lv/esnk/1827308/code.js
IP
212.117.190.201:443
ASN
#5577 root SA

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint87:7A:20:68:64:BE:01:EA:4F:99:32:5B:DC:D6:1B:36:63:BB:89:4E
ValidityMon, 30 Oct 2023 00:21:05 GMT - Fri, 26 Apr 2024 21:59:00 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
39 kB (39414 bytes)
Hash
d0e04fbf0aad02257bec8c1632a89f4c
ea8e3093a827865a60ee40d63f7297cd789bb5e1
4ee0fad2aeba4b45375a0a002e7a96a4f45058cd0387214a6976083f8bd66e2d

HTTP Headers

GET /lv/esnk/1827308/code.js HTTP/1.1
Host: resalag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:22 GMT
content-type: application/javascript
last-modified: Wed, 15 Nov 2023 14:55:11 GMT
vary: Accept-Encoding
etag: W/"6554dbcf-19d6e"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

crisistuesdayartillery.com/ea/8a/f9/ea8af9849c3d36f72e75ff80972b12c1.js

173.233.137.36

200 OK

23 kB

URL GET HTTP/1.1
crisistuesdayartillery.com/ea/8a/f9/ea8af9849c3d36f72e75ff80972b12c1.js
IP
173.233.137.36:443
ASN
#7979 SERVERS-COM

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectcrisistuesdayartillery.com
Fingerprint90:0A:D7:AD:17:A9:CF:6F:48:18:6A:AF:2A:64:F2:30:F2:39:7B:04
ValidityThu, 09 Nov 2023 06:27:05 GMT - Wed, 07 Feb 2024 06:27:04 GMT

File type
ASCII text, with very long lines (59731), with no line terminators
Size
23 kB (23371 bytes)
Hash
d64b70b2d6aa053acdb6278c790d046e
486e6015743fbc52cd6b5d16924cc0ac61fc5403
27cff6042e8b04b183de9b31890a49b82701328d554ef1bb298a6b560633ebe2

HTTP Headers

GET /ea/8a/f9/ea8af9849c3d36f72e75ff80972b12c1.js HTTP/1.1
Host: crisistuesdayartillery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 08:01:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1448a166eb8cb03e907bc1a1337fb120
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.porngo.com/img/logo.png?v=6

104.21.234.90

200 OK

38 kB

URL GET HTTP/2
www.porngo.com/img/logo.png?v=6
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
PNG image data, 500 x 155, 8-bit/color RGBA, non-interlaced\012- data
Size
38 kB (37857 bytes)
Hash
a317d7eca5a714deb2abe4acf0ae1a9f
469efd0ba9c890868b35ae18f65613efc63d182a
fc6042c300faf2c3af62ea1ff4dc529f06241bc96e0a7137c36911547a4da999

HTTP Headers

GET /img/logo.png?v=6 HTTP/1.1
Host: www.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/css/main.css
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:22 GMT
content-type: image/png
content-length: 37857
last-modified: Mon, 15 Jul 2019 11:40:18 GMT
etag: "5d2c6622-93e1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 357679
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IAspTc7Z7LJyRJsh7RSiGJtMag8%2BuH%2Fnu9P6oqNb0D8Fh%2BP8C3jdfXXElwZF%2FDT4JCSp3DO0EYqGclckHe5EeAXRUqDk2216tJK1A1Sgh6hYT5CxH2DkpEt%2BLsRWsWYjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d115265d10d91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.porngo.com/vpaid/videojs.vast.vpaid.min.css

104.21.234.90

200 OK

1.1 kB

URL GET HTTP/2
www.porngo.com/vpaid/videojs.vast.vpaid.min.css
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
ASCII text, with very long lines (1935)
Size
1.1 kB (1147 bytes)
Hash
eb9b9b38d2eb8e7ddc60d875bb518030
6b336bc36cc5ec384bc06f6aeb5e2481093a166c
265cfd4e7cf6e19df72e987d49834238c8a08cf0b1a29943428f2a8c038d81fb

HTTP Headers

GET /vpaid/videojs.vast.vpaid.min.css HTTP/1.1
Host: www.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: text/css
last-modified: Wed, 11 Sep 2019 13:41:10 GMT
vary: Accept-Encoding
etag: W/"5d78f976-7c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 540624
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JasYA6Op9iqhsAjDmk751kle6W9bZ8yLfqfHpN9MXZeOLT9KbbCmYhLLAhNeFTYKnNuFPEmguQBVj6Hw%2BtWXkUW26yhk5WuiwTjDfEpVaLGVxaV2rq3uZPoCzCrIA93H8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1151e0fdbd91a-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

unpkg.com/silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js

104.16.124.175

302 Found

587 B

URL GET HTTP/2
unpkg.com/silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js
IP
104.16.124.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
data
Size
587 B (587 bytes)
Hash
6f57cd9be0ce80fb646117a2d70266de
fb14083f7c0f7bda5057d8d254e3fd26d559727b
43ff8a4e58402075e087ea6791f373035f8c95544512e84a267b00f38474fee8

HTTP Headers

GET /silvermine-videojs-quality-selector/dist/js/silvermine-videojs-quality-selector.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01HGAF31CEQSEJNWAD3F01G4QY-arn
cf-cache-status: HIT
age: 60
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d1151e1b0bb524-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 04:57:34 GMT
expires: Fri, 22 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 443029
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 04:53:27 GMT
expires: Fri, 22 Nov 2024 04:53:27 GMT
cache-control: public, max-age=31536000
age: 443276
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

game.starswalker.site/api/spots/322253?p=1&s1=%subid1%&kw=

135.181.208.216

200 OK

20 kB

URL GET HTTP/2
game.starswalker.site/api/spots/322253?p=1&s1=%subid1%&kw=
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type
gzip compressed data, from Unix\012- data
Size
20 kB (19844 bytes)
Hash
5b372cafb5d2d87a725323bb3696ca80
affc715016f66736f27e388d6c365218183425ca
11ec08142589121d8ca2c463a69c7c70a0781c0b58c179753c2ce0564aaab419

HTTP Headers

GET /api/spots/322253?p=1&s1=%subid1%&kw= HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: nauid=7CR5xOUKf55IPIwoG5fQ; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js

142.250.74.138

200 OK

33 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://game.starswalker.site/api/spots/322254?p=1&s1=%subid1%&kw=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (32086)
Size
33 kB (33434 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

HTTP Headers

GET /ajax/libs/jquery/1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 15:37:33 GMT
expires: Fri, 22 Nov 2024 15:37:33 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 404630
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img10.porngo.com/399000/399114/player/1.jpg

104.21.234.90

200 OK

11 kB

URL GET HTTP/2
img10.porngo.com/399000/399114/player/1.jpg
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 592x585, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 390x222, components 3\012- data
Size
11 kB (11319 bytes)
Hash
76a70e30443c92a6e42927915f388a18
820c15f576a39aa94b2d5dac99f1cbb1a4c1c16f
fe8c38dcc2c21c2bb1e5649d70d5ff451f2c5b806a7f59cd1291865ef14d8d06

HTTP Headers

GET /399000/399114/player/1.jpg HTTP/1.1
Host: img10.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: image/jpeg
content-length: 11319
last-modified: Fri, 15 Mar 2019 19:11:07 GMT
etag: "5c8bf8cb-2c37"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6LiveTj%2Fq6wY4LU7aRZh9Xb84plUMaHYKY6v8cTvs37yaG391ef8o8H5p6YFEBwg%2B5KlJs6kl6IcQZNCtzyNYe3csjrrDgBxxjL34ra4CQBhPxQ4OXhF6RamtHmfBKBir4L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d115283942d91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

game.starswalker.site/api/click/7682301807269559095?c=90

135.181.208.216

200 OK

0 B

URL GET HTTP/2
game.starswalker.site/api/click/7682301807269559095?c=90
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://game.starswalker.site/api/spots/322253?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/click/7682301807269559095?c=90 HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/api/spots/322253?p=1&s1=%subid1%&kw=
Cookie: nauid=oKHZPVhpUvcthZshRKA0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:23 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2

game.starswalker.site/api/click/12475726257835820095?c=90

135.181.208.216

200 OK

0 B

URL GET HTTP/2
game.starswalker.site/api/click/12475726257835820095?c=90
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://game.starswalker.site/api/spots/322254?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/click/12475726257835820095?c=90 HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/api/spots/322254?p=1&s1=%subid1%&kw=
Cookie: nauid=oKHZPVhpUvcthZshRKA0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:23 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2

cdn.tapioni.com/adgpt.js

172.67.31.117

200 OK

821 B

URL GET HTTP/2
cdn.tapioni.com/adgpt.js
IP
172.67.31.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint67:5F:F1:E0:0C:5E:00:4E:6A:BF:B1:5F:40:29:66:0E:3F:9C:24:5F
ValidityWed, 30 Aug 2023 00:00:00 GMT - Thu, 29 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2037), with no line terminators
Size
821 B (821 bytes)
Hash
693221b5c25db72479c9c7d7563e4267
755d9ef9e300269b949b6ce924a04edacc35d957
62951f58fc513237d4ed36e3b4050dabaccd9a7f57b5e9c951d3a7de9ab3a013

HTTP Headers

GET /adgpt.js HTTP/1.1
Host: cdn.tapioni.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: application/javascript
content-length: 821
last-modified: Mon, 27 Nov 2023 07:10:46 GMT
vary: Accept-Encoding
etag: "656440f6-335"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 88953
accept-ranges: bytes
server: cloudflare
cf-ray: 82d115292b8b7131-OSL
X-Firefox-Spdy: h2

s.orbsrv.com/v1/api.php

95.211.229.245

200 OK

3.0 kB

URL POST HTTP/1.1
s.orbsrv.com/v1/api.php
IP
95.211.229.245:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://game.starswalker.site/api/spots/322253?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectorbsrv.com
FingerprintC1:06:45:A2:28:F1:95:0E:76:B9:25:AE:56:75:E5:60:63:2E:D3:34
ValidityThu, 05 Oct 2023 15:32:45 GMT - Wed, 03 Jan 2024 15:32:44 GMT

File type
JSON data\012- , ASCII text, with very long lines (6274), with no line terminators
Size
3.0 kB (2979 bytes)
Hash
d1a64bd1df9dfa33ed59b7a19b803b9c
713b0b9137c2f4b578a4bd138f55c6685cb312f1
98ec407b65335cf8886125084b6462dfa8cd1050133792f70fb274f1198f29e7

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: s.orbsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 330
Origin: https://game.starswalker.site
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 08:01:23 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://game.starswalker.site
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265659e537b22d5.530766813282311798%22%3B%7D; expires=Thu, 27-Nov-2025 08:01:23 GMT; Max-Age=63072000; path=/; domain=orbsrv.com; secure; SameSite=None
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s.orbsrv.com/splash.php?native-settings=1&idzone=4348472&cookieconsent=true&&p=https%3A%2F%2Fwww.porngo.com%2F&max=1&loaded=0

95.211.229.245

200 OK

2.0 kB

URL GET HTTP/1.1
s.orbsrv.com/splash.php?native-settings=1&idzone=4348472&cookieconsent=true&&p=https%3A%2F%2Fwww.porngo.com%2F&max=1&loaded=0
IP
95.211.229.245:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://game.starswalker.site/api/spots/334568?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectorbsrv.com
FingerprintC1:06:45:A2:28:F1:95:0E:76:B9:25:AE:56:75:E5:60:63:2E:D3:34
ValidityThu, 05 Oct 2023 15:32:45 GMT - Wed, 03 Jan 2024 15:32:44 GMT

File type
JSON data\012- , ASCII text, with very long lines (3727), with no line terminators
Size
2.0 kB (2048 bytes)
Hash
faa0ca208eb821c66dd749d674017685
0098db2706d32160b4eb00704bd14f338abcf661
2fdef66e0499882811a136b409887f173a44f10176d2769646a1433d8e96cbd0

HTTP Headers

GET /splash.php?native-settings=1&idzone=4348472&cookieconsent=true&&p=https%3A%2F%2Fwww.porngo.com%2F&max=1&loaded=0 HTTP/1.1
Host: s.orbsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://game.starswalker.site
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 08:01:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://game.starswalker.site
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265659e537dfcf9.258692672715618168%22%3B%7D; expires=Thu, 27 Nov 2025 08:01:23 GMT; path=; domain=.orbsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v4%7C%7CNOR%7C4348472%7C23975207%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Ccc52ad67864a6f2bfb4732e23331c864%7C0%7Cporngo.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1701158483%7C76c05d83d9e971a22fe50eaff9472eb6%7Cok%22%7D; expires=Wed, 29 Nov 2023 08:01:23 GMT; path=/; domain=.orbsrv.com; Secure; SameSite=none
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s.orbsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz2OXWrDMBCEr9ILWOyfJW2e29cWUnIA2ZZDaZOUONAW5vCVHVotiGF2Z78VEu2YO8kPpDvinSicg1MwCdwbnl/2MMbn5Xo+XsJ4OUHZoxBEOSVBJs85wcRjdENPedN9JlhrkIvBCApqJb2arSoQMVKPp8Meh9fHZjgnB6Mtbv8KRVtuTdP3mqxec8qpzFR8ILdBSkxDKXEaI+WWaoM4llMNy61cl6/y8V6vYXm71Q28IdXSSvgzWnVrStlU2lntETa7LD/nEfgfu9+MfsuKQPyuwGYrGRqn2WstnnzwKamNQ5xSFtfKdRznX6L1TpJmAQAA

95.211.229.245

200 OK

20 B

URL GET HTTP/1.1
s.orbsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz2OXWrDMBCEr9ILWOyfJW2e29cWUnIA2ZZDaZOUONAW5vCVHVotiGF2Z78VEu2YO8kPpDvinSicg1MwCdwbnl/2MMbn5Xo+XsJ4OUHZoxBEOSVBJs85wcRjdENPedN9JlhrkIvBCApqJb2arSoQMVKPp8Meh9fHZjgnB6Mtbv8KRVtuTdP3mqxec8qpzFR8ILdBSkxDKXEaI+WWaoM4llMNy61cl6/y8V6vYXm71Q28IdXSSvgzWnVrStlU2lntETa7LD/nEfgfu9+MfsuKQPyuwGYrGRqn2WstnnzwKamNQ5xSFtfKdRznX6L1TpJmAQAA
IP
95.211.229.245:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://game.starswalker.site/api/spots/322253?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectorbsrv.com
FingerprintC1:06:45:A2:28:F1:95:0E:76:B9:25:AE:56:75:E5:60:63:2E:D3:34
ValidityThu, 05 Oct 2023 15:32:45 GMT - Wed, 03 Jan 2024 15:32:44 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /cimp.php?t=api&data=H4sIAAAAAAAAAz2OXWrDMBCEr9ILWOyfJW2e29cWUnIA2ZZDaZOUONAW5vCVHVotiGF2Z78VEu2YO8kPpDvinSicg1MwCdwbnl/2MMbn5Xo+XsJ4OUHZoxBEOSVBJs85wcRjdENPedN9JlhrkIvBCApqJb2arSoQMVKPp8Meh9fHZjgnB6Mtbv8KRVtuTdP3mqxec8qpzFR8ILdBSkxDKXEaI+WWaoM4llMNy61cl6/y8V6vYXm71Q28IdXSSvgzWnVrStlU2lntETa7LD/nEfgfu9+MfsuKQPyuwGYrGRqn2WstnnzwKamNQ5xSFtfKdRznX6L1TpJmAQAA HTTP/1.1
Host: s.orbsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://game.starswalker.site
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265659e537dfcf9.258692672715618168%22%3B%7D; c-tag=%7B%22tag-banner%22%3A%22v4%7C%7CNOR%7C4348472%7C23975207%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Ccc52ad67864a6f2bfb4732e23331c864%7C0%7Cporngo.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1701158483%7C76c05d83d9e971a22fe50eaff9472eb6%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 08:01:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://game.starswalker.site
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Thu, 27 Nov 2025 08:01:23 GMT; path=/; domain=.orbsrv.com; Secure; SameSite=none
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s3t3d2y8.afcdn.net/library/319620/60d474e1dc6e8fabe193a4bd84fbb74e53023f98.webp

185.76.9.16

200 OK

11 kB

URL GET HTTP/2
s3t3d2y8.afcdn.net/library/319620/60d474e1dc6e8fabe193a4bd84fbb74e53023f98.webp
IP
185.76.9.16:443
ASN
#60068 Datacamp Limited

Requested by
https://game.starswalker.site/api/spots/322253?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
11 kB (10878 bytes)
Hash
1f71c07cf737e9027cde5dee229a9b0a
60d474e1dc6e8fabe193a4bd84fbb74e53023f98
9cf04beccfad94fe5b38de5e76c962cf57935abf856f9fc719ae25e7e58ea428

HTTP Headers

GET /library/319620/60d474e1dc6e8fabe193a4bd84fbb74e53023f98.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: image/webp
content-length: 10878
last-modified: Wed, 03 Nov 2021 16:29:44 GMT
etag: "6182b8f8-2a7e"
expires: Fri, 30 Jun 2023 18:47:51 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: EQwBuUwJDQH3lM3FAA
x-77-nzt-ray: c0a4cc283864c63f539e6565c6300128
x-accel-expires: @1719731263
x-accel-date: 1688195263
x-cache-lb: HIT
x-age-lb: 12963220
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 12963220
accept-ranges: bytes
X-Firefox-Spdy: h2

s.orbsrv.com/splash.php?native-settings=1&idzone=4348472&cookieconsent=true&&p=https%3A%2F%2Fwww.porngo.com%2F&max=3&loaded=1

95.211.229.245

200 OK

3.7 kB

URL GET HTTP/1.1
s.orbsrv.com/splash.php?native-settings=1&idzone=4348472&cookieconsent=true&&p=https%3A%2F%2Fwww.porngo.com%2F&max=3&loaded=1
IP
95.211.229.245:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://game.starswalker.site/api/spots/334568?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectorbsrv.com
FingerprintC1:06:45:A2:28:F1:95:0E:76:B9:25:AE:56:75:E5:60:63:2E:D3:34
ValidityThu, 05 Oct 2023 15:32:45 GMT - Wed, 03 Jan 2024 15:32:44 GMT

File type
JSON data\012- , ASCII text, with very long lines (7023), with no line terminators
Size
3.7 kB (3712 bytes)
Hash
6768d22a2ca51385d77466b8f8259618
ad188dfc0e0ab9d98e6bb8f337e3f173ef05d5a8
a1b88b68181d5a349d234cd9225e7292609d293a742f9e6179452061a15e89d9

HTTP Headers

GET /splash.php?native-settings=1&idzone=4348472&cookieconsent=true&&p=https%3A%2F%2Fwww.porngo.com%2F&max=3&loaded=1 HTTP/1.1
Host: s.orbsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://game.starswalker.site
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265659e537dfcf9.258692672715618168%22%3B%7D; c-tag=%7B%22tag-banner%22%3A%22v4%7C%7CNOR%7C4348472%7C23975207%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Ccc52ad67864a6f2bfb4732e23331c864%7C0%7Cporngo.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1701158483%7C76c05d83d9e971a22fe50eaff9472eb6%7Cok%22%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 08:01:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://game.starswalker.site
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265659e537dfcf9.258692672715618168%22%3B%7D; expires=Thu, 27 Nov 2025 08:01:23 GMT; path=; domain=.orbsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v4%7C%7CNOR%7C4348472%7C23975207%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C65659e537dfcf9.258692672715618168%7Ccc52ad67864a6f2bfb4732e23331c864%7C0%7Cporngo.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1701158483%7C8b46e7078ff2083c6f440d5703d77bea%7Cok%22%7D; expires=Wed, 29 Nov 2023 08:01:23 GMT; path=/; domain=.orbsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v4%7C%7CNOR%7C4348472%7C75891090%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C65659e537dfcf9.258692672715618168%7Ccc52ad67864a6f2bfb4732e23331c864%7C0%7Cporngo.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1701158483%7C09b8617555591bb57e8688287e382453%7Cok%22%7D; expires=Wed, 29 Nov 2023 08:01:23 GMT; path=/; domain=.orbsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v4%7C%7CNOR%7C4348472%7C75891210%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C65659e537dfcf9.258692672715618168%7Ccc52ad67864a6f2bfb4732e23331c864%7C0%7Cporngo.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1701158483%7C8389b46bf884ffc90a7aaf1ffe7b79ef%7Cok%22%7D; expires=Wed, 29 Nov 2023 08:01:23 GMT; path=/; domain=.orbsrv.com; Secure; SameSite=none
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s.orbsrv.com/splash.php?native-settings=1&idzone=4348472&cookieconsent=true&&p=https%3A%2F%2Fwww.porngo.com%2F&max=1&loaded=4

95.211.229.245

200 OK

2.1 kB

URL GET HTTP/1.1
s.orbsrv.com/splash.php?native-settings=1&idzone=4348472&cookieconsent=true&&p=https%3A%2F%2Fwww.porngo.com%2F&max=1&loaded=4
IP
95.211.229.245:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://game.starswalker.site/api/spots/334568?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectorbsrv.com
FingerprintC1:06:45:A2:28:F1:95:0E:76:B9:25:AE:56:75:E5:60:63:2E:D3:34
ValidityThu, 05 Oct 2023 15:32:45 GMT - Wed, 03 Jan 2024 15:32:44 GMT

File type
JSON data\012- , ASCII text, with very long lines (3721), with no line terminators
Size
2.1 kB (2069 bytes)
Hash
aeceefe0239100bed38ea39d8fafa93f
aa56f20d33729aa29dfa72e41def1c4ab94abf43
d05d9ff5f41b96a33022451b1578b2fc0b298975b7f0af6fbd2ae1aad5989776

HTTP Headers

GET /splash.php?native-settings=1&idzone=4348472&cookieconsent=true&&p=https%3A%2F%2Fwww.porngo.com%2F&max=1&loaded=4 HTTP/1.1
Host: s.orbsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://game.starswalker.site
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265659e537dfcf9.258692672715618168%22%3B%7D; c-tag=%7B%22tag-banner%22%3A%22v4%7C%7CNOR%7C4348472%7C75891210%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C65659e537dfcf9.258692672715618168%7Ccc52ad67864a6f2bfb4732e23331c864%7C0%7Cporngo.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1701158483%7C8389b46bf884ffc90a7aaf1ffe7b79ef%7Cok%22%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 08:01:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://game.starswalker.site
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265659e537dfcf9.258692672715618168%22%3B%7D; expires=Thu, 27 Nov 2025 08:01:23 GMT; path=; domain=.orbsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v4%7C%7CNOR%7C4348472%7C75891158%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C65659e537dfcf9.258692672715618168%7Ccc52ad67864a6f2bfb4732e23331c864%7C0%7Cporngo.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1701158483%7C710a483b487ca6e364570ead4a013ca7%7Cok%22%7D; expires=Wed, 29 Nov 2023 08:01:23 GMT; path=/; domain=.orbsrv.com; Secure; SameSite=none
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ab08b21b37480bf609deaf73dcbf1e34
4121333c3a37ff481b30918ce3a1aa643cf813c2
d8c99d9c9d12731615d29afd9aba86e213ce6c7dfb8938334de50d3edfd78fcd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 28 Nov 2023 08:01:23 GMT
Last-Modified: Tue, 28 Nov 2023 06:16:18 GMT
Server: ECAcc (ska/F7B0)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _jE_SjszJBTVktBSYCakSVN22Vhb_k5pe-wNUP7LUq7_kNNqK-BIPg==
Age: 6305

proftrafficcounter.com/stats

18.157.203.0

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.157.203.0:443
ASN
#16509 AMAZON-02

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
81ff6df01f45a2f5df44c747936d9ff9
147b7fbe4bc03294fa7507bd29e09d3ec3d55f27
0cb4b52daadc299c49518e3591efc33d9edd2a073c247cb12fecf2a453cb73da

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.porngo.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ef50e7a2-358e-47c3-bd56-67647502ad04:1:1; expires=Fri, 25 Nov 2033 08:01:23 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

resalag.com/get/1827308?zoneid=1827308&jp=_clu8rlf6awoohrljai07fd&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8555736423976448&eclog=0&sp=1&im=1&freq=0

212.117.190.201

200 OK

1.5 kB

URL GET HTTP/2
resalag.com/get/1827308?zoneid=1827308&jp=_clu8rlf6awoohrljai07fd&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8555736423976448&eclog=0&sp=1&im=1&freq=0
IP
212.117.190.201:443
ASN
#5577 root SA

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint87:7A:20:68:64:BE:01:EA:4F:99:32:5B:DC:D6:1B:36:63:BB:89:4E
ValidityMon, 30 Oct 2023 00:21:05 GMT - Fri, 26 Apr 2024 21:59:00 GMT

File type
gzip compressed data, from Unix\012- data
Size
1.5 kB (1515 bytes)
Hash
7dafaef9cdaffcc39dad0ee720e0a0ae
e55ee4d8bf65d62c9c3f28fdc54ce255814cda7c
ddf24948ecd177201c785a452b4f52583a9149b3926c8bd065353cc659874a99

HTTP Headers

GET /get/1827308?zoneid=1827308&jp=_clu8rlf6awoohrljai07fd&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8555736423976448&eclog=0&sp=1&im=1&freq=0 HTTP/1.1
Host: resalag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=231128030111b0c8aed30b4609935a40c7a0; Path=/; Expires=Tue, 31 Dec 2024 08:01:23 GMT; Secure; SameSite=None
CHCK=1; Path=/; Expires=Tue, 31 Dec 2024 08:01:23 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

a.medfoodsafety.com/i?tid=856ae973-0747-489f-9cbd-459a57a6cd88&cf=ag0aaehdhc

172.64.104.19

200 OK

60 B

URL GET HTTP/3
a.medfoodsafety.com/i?tid=856ae973-0747-489f-9cbd-459a57a6cd88&cf=ag0aaehdhc
IP
172.64.104.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://a.medfoodsafety.com/loader?a=4789786&v=2&t=7&s=4777579&p=6138&if=true
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint90:FD:DB:96:7B:D5:FA:AA:DA:06:53:8B:D3:A1:8D:E4:05:52:DE:5A
ValidityMon, 13 Feb 2023 00:00:00 GMT - Mon, 12 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
60 B (60 bytes)
Hash
cea81d6017b53c6c7bd076407db21a0a
063acf4f87ec5b0c7f9631779c264ee045945c52
1665c0045c0d9a05857431f46362283793d0b844d9e157692079bcbc69ff6154

HTTP Headers

GET /i?tid=856ae973-0747-489f-9cbd-459a57a6cd88&cf=ag0aaehdhc HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.medfoodsafety.com/loader?a=4789786&v=2&t=7&s=4777579&p=6138&if=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: image/gif
content-length: 60
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAH3smfUpqDvGS8O7AntDUOLdtCFys%2FsOLwDC77080M%2Fg3SlAmwiw0CUXiW0Ki1MEqpMxYaruute959h1CwhUsSt2hZf7705v36eo2KIrTxoZptBxvK1FOndjq2L22Pqwb48wzSL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1152afa7c6413-LHR
alt-svc: h3=":443"; ma=86400

s3t3d2y8.afcdn.net/library/140058/a0df5c23efcee52a99fe073a05b56d57e3f8a452.webp

185.76.9.16

200 OK

11 kB

URL GET HTTP/2
s3t3d2y8.afcdn.net/library/140058/a0df5c23efcee52a99fe073a05b56d57e3f8a452.webp
IP
185.76.9.16:443
ASN
#60068 Datacamp Limited

Requested by
https://game.starswalker.site/api/spots/334568?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
11 kB (10738 bytes)
Hash
532d1e5a87c63c6b3b95dcfeaed2e9fa
a0df5c23efcee52a99fe073a05b56d57e3f8a452
44bd8c81a5015fb8eef901a20569b69dc421fcffc831263ff88ec087dd47b091

HTTP Headers

GET /library/140058/a0df5c23efcee52a99fe073a05b56d57e3f8a452.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: image/webp
content-length: 10738
last-modified: Wed, 03 Nov 2021 11:53:34 GMT
etag: "6182783e-29f2"
expires: Tue, 24 Oct 2023 15:18:30 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH3LPNHAQ
x-77-nzt-ray: c0a4cc283864c63f539e656516459f33
x-accel-expires: @1711201959
x-accel-date: 1679665959
x-cache-lb: HIT
x-age-lb: 21492524
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 21492524
accept-ranges: bytes
X-Firefox-Spdy: h2

s3t3d2y8.afcdn.net/library/802424/447b51d5f457de99fa73f67c2c6fa5972a2f6500.webp

185.76.9.16

200 OK

6.7 kB

URL GET HTTP/2
s3t3d2y8.afcdn.net/library/802424/447b51d5f457de99fa73f67c2c6fa5972a2f6500.webp
IP
185.76.9.16:443
ASN
#60068 Datacamp Limited

Requested by
https://game.starswalker.site/api/spots/334568?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.7 kB (6658 bytes)
Hash
f455b1a3c302f58bd4038016b164f133
447b51d5f457de99fa73f67c2c6fa5972a2f6500
12abce016739da92b819bf81e3d5a1433bc28440c7af1919d47175376eee4cca

HTTP Headers

GET /library/802424/447b51d5f457de99fa73f67c2c6fa5972a2f6500.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: image/webp
content-length: 6658
last-modified: Mon, 19 Sep 2022 10:30:02 GMT
etag: "632844aa-1a02"
expires: Tue, 19 Sep 2023 10:32:38 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH3oB5cAA
x-77-nzt-ray: c0a4cc283864c63f539e6565aebaba33
x-accel-expires: @1726657331
x-accel-date: 1695121331
x-cache-lb: HIT
x-age-lb: 6037152
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 6037152
accept-ranges: bytes
X-Firefox-Spdy: h2

s3t3d2y8.afcdn.net/library/802424/e767d8f630d3e31c569c7e2111f9a6c816bff6dd.webp

185.76.9.16

200 OK

5.2 kB

URL GET HTTP/2
s3t3d2y8.afcdn.net/library/802424/e767d8f630d3e31c569c7e2111f9a6c816bff6dd.webp
IP
185.76.9.16:443
ASN
#60068 Datacamp Limited

Requested by
https://game.starswalker.site/api/spots/334568?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.2 kB (5172 bytes)
Hash
befaeb747cf664f8ba60650faf70d64e
e767d8f630d3e31c569c7e2111f9a6c816bff6dd
7889676654d8669c2a0ddab1635667eb29797da54f67064afc05a2396f9c72b9

HTTP Headers

GET /library/802424/e767d8f630d3e31c569c7e2111f9a6c816bff6dd.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: image/webp
content-length: 5172
last-modified: Mon, 19 Sep 2022 10:30:02 GMT
etag: "632844aa-1434"
expires: Tue, 19 Sep 2023 10:32:38 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH3UB9cAA
x-77-nzt-ray: c0a4cc283864c63f539e6565bc16cc33
x-accel-expires: @1726657155
x-accel-date: 1695121155
x-cache-lb: HIT
x-age-lb: 6037328
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 6037328
accept-ranges: bytes
X-Firefox-Spdy: h2

s3t3d2y8.afcdn.net/library/802424/6f51268b321cf79d9f6b96c9493eb6cadd45173e.webp

185.76.9.16

200 OK

4.8 kB

URL GET HTTP/2
s3t3d2y8.afcdn.net/library/802424/6f51268b321cf79d9f6b96c9493eb6cadd45173e.webp
IP
185.76.9.16:443
ASN
#60068 Datacamp Limited

Requested by
https://game.starswalker.site/api/spots/334568?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.8 kB (4756 bytes)
Hash
7a44e7b5bcaaaa1064c79cabcb4175cf
6f51268b321cf79d9f6b96c9493eb6cadd45173e
c35646cb2d80b4566132f8d43e3522394f1ab4e1408f5f2756356720b14a64e8

HTTP Headers

GET /library/802424/6f51268b321cf79d9f6b96c9493eb6cadd45173e.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: image/webp
content-length: 4756
last-modified: Mon, 19 Sep 2022 10:30:02 GMT
etag: "632844aa-1294"
expires: Tue, 19 Sep 2023 10:32:38 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH3pB5cAA
x-77-nzt-ray: c0a4cc283864c63f539e65657eab0634
x-accel-expires: @1726657327
x-accel-date: 1695121327
x-cache-lb: HIT
x-age-lb: 6037156
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 6037156
accept-ranges: bytes
X-Firefox-Spdy: h2

principlessilas.com/85/db/78/85db787a4a3e73b8bf155706edc5904b.json

192.243.61.227

200 OK

410 B

URL GET HTTP/1.1
principlessilas.com/85/db/78/85db787a4a3e73b8bf155706edc5904b.json
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectprinciplessilas.com
Fingerprint75:65:AC:CE:46:CD:8F:E6:60:37:DE:51:BF:86:9D:F7:37:9B:F9:D5
ValiditySat, 21 Oct 2023 07:19:39 GMT - Fri, 19 Jan 2024 07:19:38 GMT

File type
JSON data\012- , ASCII text, with very long lines (410), with no line terminators
Size
410 B (410 bytes)
Hash
d5744e0e9777aa92e80f153e5c58d7a6
bc5dadd9e812ee23959f3ef8a80b4ed034bc450d
cd1df58308660e44527eaf6f47ec6b7df55ecd7477a072e5589ce12a094684a8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /85/db/78/85db787a4a3e73b8bf155706edc5904b.json HTTP/1.1
Host: principlessilas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 08:01:23 GMT
Content-Type: application/json
Content-Length: 410
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ccb3d509e8a145607afffd2e6a5f099d
Strict-Transport-Security: max-age=0; includeSubdomains

www.porngo.com/vpaid/videojs_5.vast.vpaid.min.js

104.21.234.90

200 OK

30 kB

URL GET HTTP/2
www.porngo.com/vpaid/videojs_5.vast.vpaid.min.js
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
ASCII text, with very long lines (32057)
Size
30 kB (30320 bytes)
Hash
3eb2d1bdcb22ab1037fe9f6b5cf00143
b065d9fabe06ca3488cdd628c6da319c49dd4a78
66348d21d329d78be67f953ac0aad20a504ec3f3f911d3d67f58516475a18036

HTTP Headers

GET /vpaid/videojs_5.vast.vpaid.min.js HTTP/1.1
Host: www.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: application/javascript
last-modified: Wed, 20 Nov 2019 11:58:21 GMT
vary: Accept-Encoding
etag: W/"5dd52a5d-19ebe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 362754
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfYanj4ijPdOw8SXUqnZCvysAwUrmw%2FL9LqJ3yKdHdQCxW35x3HdfryyphFryj9czeSa8NL0pgmW3EAa0njU8igM5RVhdA66H80VGlqezyhmwlhCtSLTp8kkt319igjvtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1151dffbfd91a-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

randomamongst.com/pixel/purst?dl=0&th=0&sc=0&rs=1593&rd=1593&fd=1169&bv=23.11.v.9&tmpl=70

192.243.59.20

200 OK

0 B

URL GET HTTP/1.1
randomamongst.com/pixel/purst?dl=0&th=0&sc=0&rs=1593&rd=1593&fd=1169&bv=23.11.v.9&tmpl=70
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectrandomamongst.com
FingerprintEE:89:70:C8:C6:EA:A8:33:6A:7B:CE:4E:3E:88:44:47:00:23:1F:46
ValidityTue, 21 Nov 2023 13:41:16 GMT - Mon, 19 Feb 2024 13:41:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1593&rd=1593&fd=1169&bv=23.11.v.9&tmpl=70 HTTP/1.1
Host: randomamongst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 08:01:23 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.pncloudfl.com/pn/454/390/9e8/4543909e8c06a6448fabf4c2f2f0fe401f47eeaf.webp

104.22.59.221

200 OK

38 kB

URL GET HTTP/2
cdn.pncloudfl.com/pn/454/390/9e8/4543909e8c06a6448fabf4c2f2f0fe401f47eeaf.webp
IP
104.22.59.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC6:42:10:11:EB:FA:38:01:62:34:DA:19:86:B6:89:D4:EF:B3:37:A8
ValidityFri, 31 Mar 2023 00:00:00 GMT - Sat, 30 Mar 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
38 kB (38328 bytes)
Hash
a37053ccf03f31c8ff4411fcbee6f2c2
4543909e8c06a6448fabf4c2f2f0fe401f47eeaf
93e2a33ba923ac0cf3f63319adf85ee684036b1ce5b5ae768bdeafa9dd6b2536

HTTP Headers

GET /pn/454/390/9e8/4543909e8c06a6448fabf4c2f2f0fe401f47eeaf.webp HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: application/octet-stream
content-length: 38328
etag: a37053ccf03f31c8ff4411fcbee6f2c2
last-modified: Fri, 28 Apr 2023 13:32:57 GMT
x-timestamp: 1682688776.79005
x-trans-id: tx1b550b7b438c4dc58b8d6-00645b68a0
x-openstack-request-id: tx1b550b7b438c4dc58b8d6-00645b68a0
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
expires: Thu, 30 Nov 2023 06:29:19 GMT
x-proxy-cache: HIT
cf-cache-status: HIT
age: 5525
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 82d1152d8d2d56a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

randomamongst.com/10/1f/34/101f34fe74998c687adf688cf98d4808.js

192.243.59.20

200 OK

15 kB

URL GET HTTP/1.1
randomamongst.com/10/1f/34/101f34fe74998c687adf688cf98d4808.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectrandomamongst.com
FingerprintEE:89:70:C8:C6:EA:A8:33:6A:7B:CE:4E:3E:88:44:47:00:23:1F:46
ValidityTue, 21 Nov 2023 13:41:16 GMT - Mon, 19 Feb 2024 13:41:15 GMT

File type
ASCII text, with very long lines (42773), with no line terminators
Size
15 kB (15420 bytes)
Hash
efc726d3609daa30df3622f12d3aa24a
05e2314be8e3bdedb1560eebfeb426bee44464e6
553f9eb332c57bae1f2459fc7bb0d2522f1cca265332b34bafc928fa5756c22a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /10/1f/34/101f34fe74998c687adf688cf98d4808.js HTTP/1.1
Host: randomamongst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 08:01:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8c88c4d692fdf963491bc1e42d00c074
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

resalag.com/chicken.gif?z=1827308&pb=a6123b45ccb5721767a981a9518603561701165683&psp=QZnU-wKoWf3BPPdF8pVv_lnMi3oQOcXp_JoJ3uaDbZBMB0SCZBjvrKUDLyFaKRU_a4cUywct75bsaJ8Hg2sqKWzCJ0dbinEWmo2IixddItH0A4HC1dw2oJkgWTGhqPNqgb0cPhvidCdBjyQLtEVq-2rBKnwcbVKq5qxVQHPdzGRaNgzlur5f0a9K-BuYAUbQG1EGeMj8VKYYpYg4sNh-hgWrq59rfHabsnYSG-hL6NdqnbrKylc8dw-E8Tq-bxP-YkPePgP5qa8-xMF-9p_iWvH-gMSXB7KJtjTMkVJcvRtD94K2mwzani2OfzZbstoJpleaWMwfKGi60ypibb234b-ya086mD2p20qerBXR-cxJgl0sAooGpuuXpNlwSLX-rn9nqvisRThG3yOzu_X_buNLH-8r7lTJhJ3vEzyeo5lOvPG7lsSP0HrAQE7nQPW-YENQw34sypf6_IsRaHvjG8aVimBV27f5KlPmgtuYNcuVcl3YfrE4rmDCXi4Cu72aJ53msyr36gtCMRZSDbITZ3seAPlbD6WM5Vd2s_aX41atJYOkxl-jPxDb9btpmMgaq6NuCvBk8GR5GMgk2bZAE5RS1WUIxCdu-yyz40bbiCDlSUBQu9nBLTsD8bcUrmhBJQaTaG9vPBICqRETjpK51SKZi05zPS_4d7h23nBQ-fFf1Iosrv8lQe6MMnLcMVNFfqHsKNBfWiEWLYhk8anFxLIWTe848Re96yS05otjghmPnef7QI4z6wNZCdRkl-hsKdyJl4f5AjmMFvlnBwnMC8RFxCTUl6ePyRj-FFsh070r_yDTIfjvzmQgXTiy7jQb6I8LdNHaCeqAb0IV9n0Fxd6CaYw62LKTaRYZIPrSlVwmixKhQufaL063xUkeP218EpXDzZFPKgZhlmGwoGD6WTsftq62OABjycvuu1HMRJgxDRS0d5Hhz9ec9keMvBJSGQC8lRTuy8rzRxMNDEA0h0cqjhdWLd7KOQyDIr8Pfk86tXgiIesnopgzAboTjzs=&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8555736423976448&eclog=0&sp=1&im=1&pload=364

212.117.190.201

200 OK

43 B

URL GET HTTP/2
resalag.com/chicken.gif?z=1827308&pb=a6123b45ccb5721767a981a9518603561701165683&psp=QZnU-wKoWf3BPPdF8pVv_lnMi3oQOcXp_JoJ3uaDbZBMB0SCZBjvrKUDLyFaKRU_a4cUywct75bsaJ8Hg2sqKWzCJ0dbinEWmo2IixddItH0A4HC1dw2oJkgWTGhqPNqgb0cPhvidCdBjyQLtEVq-2rBKnwcbVKq5qxVQHPdzGRaNgzlur5f0a9K-BuYAUbQG1EGeMj8VKYYpYg4sNh-hgWrq59rfHabsnYSG-hL6NdqnbrKylc8dw-E8Tq-bxP-YkPePgP5qa8-xMF-9p_iWvH-gMSXB7KJtjTMkVJcvRtD94K2mwzani2OfzZbstoJpleaWMwfKGi60ypibb234b-ya086mD2p20qerBXR-cxJgl0sAooGpuuXpNlwSLX-rn9nqvisRThG3yOzu_X_buNLH-8r7lTJhJ3vEzyeo5lOvPG7lsSP0HrAQE7nQPW-YENQw34sypf6_IsRaHvjG8aVimBV27f5KlPmgtuYNcuVcl3YfrE4rmDCXi4Cu72aJ53msyr36gtCMRZSDbITZ3seAPlbD6WM5Vd2s_aX41atJYOkxl-jPxDb9btpmMgaq6NuCvBk8GR5GMgk2bZAE5RS1WUIxCdu-yyz40bbiCDlSUBQu9nBLTsD8bcUrmhBJQaTaG9vPBICqRETjpK51SKZi05zPS_4d7h23nBQ-fFf1Iosrv8lQe6MMnLcMVNFfqHsKNBfWiEWLYhk8anFxLIWTe848Re96yS05otjghmPnef7QI4z6wNZCdRkl-hsKdyJl4f5AjmMFvlnBwnMC8RFxCTUl6ePyRj-FFsh070r_yDTIfjvzmQgXTiy7jQb6I8LdNHaCeqAb0IV9n0Fxd6CaYw62LKTaRYZIPrSlVwmixKhQufaL063xUkeP218EpXDzZFPKgZhlmGwoGD6WTsftq62OABjycvuu1HMRJgxDRS0d5Hhz9ec9keMvBJSGQC8lRTuy8rzRxMNDEA0h0cqjhdWLd7KOQyDIr8Pfk86tXgiIesnopgzAboTjzs=&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8555736423976448&eclog=0&sp=1&im=1&pload=364
IP
212.117.190.201:443
ASN
#5577 root SA

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint87:7A:20:68:64:BE:01:EA:4F:99:32:5B:DC:D6:1B:36:63:BB:89:4E
ValidityMon, 30 Oct 2023 00:21:05 GMT - Fri, 26 Apr 2024 21:59:00 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

GET /chicken.gif?z=1827308&pb=a6123b45ccb5721767a981a9518603561701165683&psp=QZnU-wKoWf3BPPdF8pVv_lnMi3oQOcXp_JoJ3uaDbZBMB0SCZBjvrKUDLyFaKRU_a4cUywct75bsaJ8Hg2sqKWzCJ0dbinEWmo2IixddItH0A4HC1dw2oJkgWTGhqPNqgb0cPhvidCdBjyQLtEVq-2rBKnwcbVKq5qxVQHPdzGRaNgzlur5f0a9K-BuYAUbQG1EGeMj8VKYYpYg4sNh-hgWrq59rfHabsnYSG-hL6NdqnbrKylc8dw-E8Tq-bxP-YkPePgP5qa8-xMF-9p_iWvH-gMSXB7KJtjTMkVJcvRtD94K2mwzani2OfzZbstoJpleaWMwfKGi60ypibb234b-ya086mD2p20qerBXR-cxJgl0sAooGpuuXpNlwSLX-rn9nqvisRThG3yOzu_X_buNLH-8r7lTJhJ3vEzyeo5lOvPG7lsSP0HrAQE7nQPW-YENQw34sypf6_IsRaHvjG8aVimBV27f5KlPmgtuYNcuVcl3YfrE4rmDCXi4Cu72aJ53msyr36gtCMRZSDbITZ3seAPlbD6WM5Vd2s_aX41atJYOkxl-jPxDb9btpmMgaq6NuCvBk8GR5GMgk2bZAE5RS1WUIxCdu-yyz40bbiCDlSUBQu9nBLTsD8bcUrmhBJQaTaG9vPBICqRETjpK51SKZi05zPS_4d7h23nBQ-fFf1Iosrv8lQe6MMnLcMVNFfqHsKNBfWiEWLYhk8anFxLIWTe848Re96yS05otjghmPnef7QI4z6wNZCdRkl-hsKdyJl4f5AjmMFvlnBwnMC8RFxCTUl6ePyRj-FFsh070r_yDTIfjvzmQgXTiy7jQb6I8LdNHaCeqAb0IV9n0Fxd6CaYw62LKTaRYZIPrSlVwmixKhQufaL063xUkeP218EpXDzZFPKgZhlmGwoGD6WTsftq62OABjycvuu1HMRJgxDRS0d5Hhz9ec9keMvBJSGQC8lRTuy8rzRxMNDEA0h0cqjhdWLd7KOQyDIr8Pfk86tXgiIesnopgzAboTjzs=&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=8555736423976448&eclog=0&sp=1&im=1&pload=364 HTTP/1.1
Host: resalag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: UID=231128030111b0c8aed30b4609935a40c7a0; CHCK=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.157.203.0

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.157.203.0:443
ASN
#16509 AMAZON-02

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
81ff6df01f45a2f5df44c747936d9ff9
147b7fbe4bc03294fa7507bd29e09d3ec3d55f27
0cb4b52daadc299c49518e3591efc33d9edd2a073c247cb12fecf2a453cb73da

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: uid_id2=ef50e7a2-358e-47c3-bd56-67647502ad04:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.porngo.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

www.porngo.com/js/plugins.js

104.21.234.90

200 OK

39 kB

URL GET HTTP/2
www.porngo.com/js/plugins.js
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
Unicode text, UTF-8 text, with very long lines (33406)
Size
39 kB (39045 bytes)
Hash
6c25cc72550d5d1b1317aa8987c33425
a6a1642faa0ad1e922a34db59a55060789d72243
47a1a1042d1c129d2fbfd125a0ec6c1c0553d5dbcf82ccfa0c4294b49711477b

HTTP Headers

GET /js/plugins.js HTTP/1.1
Host: www.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: application/javascript
last-modified: Mon, 20 Jan 2020 14:01:51 GMT
vary: Accept-Encoding
etag: W/"5e25b2cf-20860"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 364757
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eviMu62ahLOoJ9Z%2FYhcUrSaXQVfyE8qZXC4JuqFtMptp0iFlcRa8XbIuLo7Lq7mK2tXCcMe44q8Ovy%2BAmcjNEWC84AVdCwnm14wNikI7Di3pRQ4CaJWBRQbFzoqVi2UtyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1151def8cd91a-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ta3nfsordd.com/solid.gif?z=1827971&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178036703463424&eclog=0&sp=1&im=1

212.117.190.201

200 OK

43 B

URL POST HTTP/2
ta3nfsordd.com/solid.gif?z=1827971&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178036703463424&eclog=0&sp=1&im=1
IP
212.117.190.201:443
ASN
#5577 root SA

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint11:6D:17:3D:36:7C:F9:78:B7:9A:AD:C5:4E:09:F5:F9:A0:ED:6B:3A
ValidityMon, 30 Oct 2023 01:21:55 GMT - Fri, 26 Apr 2024 21:59:00 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

POST /solid.gif?z=1827971&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178036703463424&eclog=0&sp=1&im=1 HTTP/1.1
Host: ta3nfsordd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Tue, 31 Dec 2024 08:01:24 GMT; Secure; SameSite=None
UID=2311280301944618ebcc6d441d9eb850bca6; Path=/; Expires=Tue, 31 Dec 2024 08:01:24 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

video.ktkjmp.com/adsbygoogle.js

104.18.48.21

200 OK

16 B

URL GET HTTP/2
video.ktkjmp.com/adsbygoogle.js
IP
104.18.48.21:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Certificate
IssuerCloudflare, Inc.
Subjectvideo.ktkjmp.com
Fingerprint02:C1:75:9D:DD:6A:66:20:9E:A3:46:1B:5E:A4:87:83:5A:09:92:93
ValiditySun, 02 Jul 2023 00:00:00 GMT - Mon, 01 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
16 B (16 bytes)
Hash
3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f

HTTP Headers

GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: Uy+BI0f9xi3njNOl7P4PsULkPp0g6ssxBGHnYb4mQe+eet3x2+C470ZEAYzLvRraWhXf8LMEGWU=
x-amz-request-id: WWWZDEMQD0DJ51HX
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.bbrdbr.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 7054
expires: Tue, 28 Nov 2023 12:01:24 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d115317cdf0b69-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

banquetunarmedgrater.com/advertisers.js

104.21.86.121

200 OK

0 B

URL GET HTTP/2
banquetunarmedgrater.com/advertisers.js
IP
104.21.86.121:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint92:8E:AD:72:AC:AD:3B:21:99:CD:21:A0:9F:BD:F2:AF:0D:98:D8:57
ValidityThu, 09 Nov 2023 11:40:15 GMT - Wed, 07 Feb 2024 11:40:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: eb76a3839bb9f5c26a92af4560db7de8
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 28 Nov 2023 08:01:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhRUIMPjMHhuWeusEfLfW3yHz6Ocynv%2FTFp0pYJhGw0B3F2LaPrd9RffC5lBHL%2B4jDKPKhMhQyfgQ27GWssVBisC0GaLZ5WMeRP%2B2RyiSdjiDS74BSTm6sg1ngFcBJOX03rEAqhrWabUJ78%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d115306e6556a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

go.bbrdbr.com/abc.gif?campaignId=adnium-mobileiframe300x100-2023&liveBadgeColor=%23bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&quality=optimal&kbLimit=2500&modelsLimit=1&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&language=en&thumbFit=cover&stripcashR=0&thumbType=default&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fcamschat.net%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A409%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A280%2C%22duration%22%3A51%2C%22transferSize%22%3A80725%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A280%2C%22duration%22%3A40%2C%22transferSize%22%3A4625%7D%5D&mh=1839421451

104.18.59.150

200 OK

103 B

URL GET HTTP/3
go.bbrdbr.com/abc.gif?campaignId=adnium-mobileiframe300x100-2023&liveBadgeColor=%23bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&quality=optimal&kbLimit=2500&modelsLimit=1&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&language=en&thumbFit=cover&stripcashR=0&thumbType=default&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fcamschat.net%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A409%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A280%2C%22duration%22%3A51%2C%22transferSize%22%3A80725%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A280%2C%22duration%22%3A40%2C%22transferSize%22%3A4625%7D%5D&mh=1839421451
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
data
Size
103 B (103 bytes)
Hash
8c99886486b9a004383cb4df29011c43
d79ca4754481fc59598bc08fcdf354900918bffe
bda00b0f6892b1c6991e793b42654ad1807694e2ffabcbc4eb1399379737ef6c

HTTP Headers

GET /abc.gif?campaignId=adnium-mobileiframe300x100-2023&liveBadgeColor=%23bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&quality=optimal&kbLimit=2500&modelsLimit=1&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&language=en&thumbFit=cover&stripcashR=0&thumbType=default&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fcamschat.net%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A409%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A280%2C%22duration%22%3A51%2C%22transferSize%22%3A80725%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A280%2C%22duration%22%3A40%2C%22transferSize%22%3A4625%7D%5D&mh=1839421451 HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Cookie: __cflb=02DiuDFRFiBZBvMSLtsgHAphT8dt9Y3eZyBWRN9zPwuDE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: image/gif
content-length: 103
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82d11532d80a56c7-OSL
alt-svc: h3=":443"; ma=86400

randomamongst.com/pixel/pure

192.243.59.20

204 No Content

0 B

URL OPTIONS HTTP/1.1
randomamongst.com/pixel/pure
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectrandomamongst.com
FingerprintEE:89:70:C8:C6:EA:A8:33:6A:7B:CE:4E:3E:88:44:47:00:23:1F:46
ValidityTue, 21 Nov 2023 13:41:16 GMT - Mon, 19 Feb 2024 13:41:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /pixel/pure HTTP/1.1
Host: randomamongst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.porngo.com/
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 08:01:24 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

randomamongst.com/pixel/pure

192.243.59.20

204 No Content

0 B

URL OPTIONS HTTP/1.1
randomamongst.com/pixel/pure
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectrandomamongst.com
FingerprintEE:89:70:C8:C6:EA:A8:33:6A:7B:CE:4E:3E:88:44:47:00:23:1F:46
ValidityTue, 21 Nov 2023 13:41:16 GMT - Mon, 19 Feb 2024 13:41:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /pixel/pure HTTP/1.1
Host: randomamongst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.porngo.com/
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 08:01:24 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

go.bbrdbr.com/app/domain-checker/get-check

104.18.59.150

200 OK

6.6 kB

URL GET HTTP/3
go.bbrdbr.com/app/domain-checker/get-check
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text
Size
6.6 kB (6649 bytes)
Hash
4486336406a8c9f5be88a5e10df81140
edddfa02e46ec25c0c53f6c834c35901e30f8830
6c4aaccd10a42d64e8db1c20f971646376ce70a25e82a5e12843b618a15b09ce

HTTP Headers

GET /app/domain-checker/get-check HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: application/json
access-control-allow-origin: https://creative.bbrdbr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtqGxuZp8RQcjVh53T7Exnyhg7oHE; SameSite=None; Secure; path=/; expires=Wed, 29-Nov-23 08:01:24 GMT; HttpOnly
server: cloudflare
cf-ray: 82d115328fb056c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-GX0FLQH21P

142.250.74.168

200 OK

83 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-GX0FLQH21P
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (7711)
Size
83 kB (83220 bytes)
Hash
5e63e3f4024d25bcb445092772ca2119
673fe615911378cbcd63cdda2d8c1b397860ec78
36007f4e6fbd90ac8d83533f554b9244d9699ac599ff2872531ea690fbece44d

HTTP Headers

GET /gtag/js?id=G-GX0FLQH21P HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 08:01:25 GMT
expires: Tue, 28 Nov 2023 08:01:25 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83220
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

edge-hls.doppiocdn.com/checkUrl

104.18.63.122

200 OK

14 B

URL GET HTTP/2
edge-hls.doppiocdn.com/checkUrl
IP
104.18.63.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
14 B (14 bytes)
Hash
5adb849d1e5031fa27c14f861f6700da
a5b1658db04aa9183a780d00838f638c7936446a
c45272c1b33373d94fb6786698d5145ba0cb558fc7494d91cbbb380b4fc561a8

HTTP Headers

GET /checkUrl HTTP/1.1
Host: edge-hls.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: application/json
content-length: 14
cache-control: public, max-age=30, s-maxage=30
access-control-allow-origin: *
last-modified: Tue, 28 Nov 2023 08:00:25 GMT
cf-cache-status: HIT
age: 17
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d115338a170b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

creative.bbrdbr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.js

104.18.59.150

200 OK

80 kB

URL GET HTTP/3
creative.bbrdbr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.js
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (32011), with LF, NEL line terminators
Size
80 kB (80311 bytes)
Hash
149fd3a87101adfb731800f02f11e73b
9a9a0f6f14028d913e63fc012a80378a5c4d5896
420332e58487b55b58db2c2edbe69162c5d23170061d16addce87762ef224f4b

HTTP Headers

GET /widgets/v4/Universal/main.672e6e87c69b0c60653e.js HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 23 Nov 2023 14:38:50 GMT
etag: W/"655f63fa-44bd4"
expires: Tue, 28 Nov 2023 08:01:24 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 9
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d115308e3356c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

randomamongst.com/pixel/pure

192.243.59.20

204 No Content

0 B

URL OPTIONS HTTP/1.1
randomamongst.com/pixel/pure
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectrandomamongst.com
FingerprintEE:89:70:C8:C6:EA:A8:33:6A:7B:CE:4E:3E:88:44:47:00:23:1F:46
ValidityTue, 21 Nov 2023 13:41:16 GMT - Mon, 19 Feb 2024 13:41:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /pixel/pure HTTP/1.1
Host: randomamongst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 08:01:25 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

static-assets.highwebmedia.com/fonts/ubuntur-webfont.woff?896a82003cd1

104.16.93.42

200 OK

33 kB

URL GET HTTP/3
static-assets.highwebmedia.com/fonts/ubuntur-webfont.woff?896a82003cd1
IP
104.16.93.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
Certificate
IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 32960, version 1.0\012- data
Size
33 kB (32960 bytes)
Hash
30556905d926944a6ada140546bcf5ce
b9346ce355c8259d71707ab65c13e0629d01a48e
896a82003cd1a9134b0404c129bb7b8292e1d8a91298e275141b21086baa8a9d

HTTP Headers

GET /fonts/ubuntur-webfont.woff?896a82003cd1 HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chaturbate.com
DNT: 1
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: application/font-woff
content-length: 32960
x-amz-id-2: N2Tc9KlR4exGQ/wbfS3DdRMdxKvz2DmjiYERmVN/2wWJed7bqXclBM+LjExk3CzXoOd3QwCV8pM=
x-amz-request-id: A7XFZJYC9BFHRCSF
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 19 Jan 2021 22:07:55 GMT
etag: "30556905d926944a6ada140546bcf5ce"
x-amz-meta-s3cmd-attrs: md5:30556905d926944a6ada140546bcf5ce
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 539225
expires: Thu, 28 Dec 2023 08:01:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCJj%2F2U91OVNxRzAW5Z2Vxkj6Y4U2SAOhGS93WSa421pqdZBsP2ZMkXyPFlthiZ0HGyZcQHXhV0KgaFZru9LSEbGK%2B9AJOGRsJs5xv5wKBF%2BuP%2BStsxkBN%2FYjk6%2BruMXw3oKu47%2Fo32KeBHVQbNywQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=CbW_By9_USC7nECL4KJmUH_qM1YDWgtys7z9il8.Oes-1701158485142-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 82d115341eb27127-OSL
alt-svc: h3=":443"; ma=86400

a.medfoodsafety.com/loader?a=4789786&v=2&t=7&s=4777579&p=6138&if=true

172.64.104.19

200 OK

54 kB

URL GET HTTP/2
a.medfoodsafety.com/loader?a=4789786&v=2&t=7&s=4777579&p=6138&if=true
IP
172.64.104.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://game.starswalker.site/api/spots/329581?p=1&s1=%subid1%&kw=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint90:FD:DB:96:7B:D5:FA:AA:DA:06:53:8B:D3:A1:8D:E4:05:52:DE:5A
ValidityMon, 13 Feb 2023 00:00:00 GMT - Mon, 12 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
54 kB (54039 bytes)
Hash
c7274e423a0ae07838ac9fdb8045d4f9
27e8ac4b99827e139aafb0d47a574d3dc4a8cd36
96b5cca66ad6e229e24e44609279a42c3becf8b013268a515b734ad10302f139

HTTP Headers

GET /loader?a=4789786&v=2&t=7&s=4777579&p=6138&if=true HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: text/html
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNs7u96OGNxAw4JNbASeEyipA%2Be1Cqt6zriTpmUiTgayyMs1OxOAFdPF0ghjv2CgMB4nKazWisMkJ%2BwmiLh9p6OClJBfNS6O2REzS1xaq5BBEi%2FQy4hNnd%2B3rFwKk%2BWp4tNr%2B10O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1152989306361-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static-assets.highwebmedia.com/images/ico-cams.png?829027f88094

104.16.93.42

200 OK

549 B

URL GET HTTP/3
static-assets.highwebmedia.com/images/ico-cams.png?829027f88094
IP
104.16.93.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
Certificate
IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
PNG image data, 13 x 15, 8-bit colormap, non-interlaced\012- data
Size
549 B (549 bytes)
Hash
4437b02e2efeaa0eb69858a7eb957af6
2dfa9c3fa2fc56c7504c043876eaad9526abed62
52dc5730b7afd3f35531dcca2bd7b9984f0271d15c8b449c4b1d425dddf12a33

HTTP Headers

GET /images/ico-cams.png?829027f88094 HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/CACHE/css/output.fe3e9fec3a8e.css
Cookie: _cfuvid=i3203DOo7ok3TXkQ99bUt956hbHkMbEnJsVIFQ2YCYo-1701158485010-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: image/png
content-length: 549
cache-control: public, max-age=2592000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=1457
etag: "58ecd9d7af4908cce84eccd4cbd6f0d0"
last-modified: Tue, 19 Jan 2021 22:03:22 GMT
x-amz-id-2: bgL3I5ejMm22r1llQ3wWdypbmecAbN18XgHvdfjI8T7lHemswPLMmWxEYvhYmSnm16+T6li07os=
x-amz-meta-s3cmd-attrs: md5:58ecd9d7af4908cce84eccd4cbd6f0d0
x-amz-request-id: C3Q9N570YMG5X0HX
cf-cache-status: HIT
age: 1797348
expires: Thu, 28 Dec 2023 08:01:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDtC7%2F9cj2mxpVMj4TtSMfYxkh%2BOcIu1yN6h%2BHEFA7p8I1XpZm6HAfn9xz69CiG7gjJk8ivCAY5y0slwgjvT6jFxTc4P%2BJ4Lk2EAiPW6RERPF35Is7UKYT542dwGTd2mr7h7TAMM%2BMt16vNoZd5AFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d115341eb17127-OSL
alt-svc: h3=":443"; ma=86400

go.bbrdbr.com/app/domain-checker/check-result

104.18.59.150

204 No Content

0 B

URL POST HTTP/3
go.bbrdbr.com/app/domain-checker/check-result
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /app/domain-checker/check-result HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 172
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Tue, 28 Nov 2023 08:01:25 GMT
access-control-allow-origin: https://creative.bbrdbr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28upDCGznfDm9XVE9SipefN9YVHPpWL2EaWGeffrt; SameSite=None; Secure; path=/; expires=Wed, 29-Nov-23 08:01:25 GMT; HttpOnly
server: cloudflare
cf-ray: 82d11534193a56c7-OSL
alt-svc: h3=":443"; ma=86400

clenchedyouthmatching.com/advertisers.js

64.58.113.244

200 OK

0 B

URL GET HTTP/1.1
clenchedyouthmatching.com/advertisers.js
IP
64.58.113.244:443
ASN
#7979 SERVERS-COM

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subject*.clenchedyouthmatching.com
FingerprintD6:8C:EA:24:15:DA:81:AD:E2:BB:AC:72:6D:ED:60:BB:5D:C1:A2:30
ValidityWed, 22 Nov 2023 06:20:58 GMT - Tue, 20 Feb 2024 06:20:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: clenchedyouthmatching.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 08:01:25 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive

randomamongst.com/pixel/pure

192.243.59.20

204 No Content

0 B

URL OPTIONS HTTP/1.1
randomamongst.com/pixel/pure
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectrandomamongst.com
FingerprintEE:89:70:C8:C6:EA:A8:33:6A:7B:CE:4E:3E:88:44:47:00:23:1F:46
ValidityTue, 21 Nov 2023 13:41:16 GMT - Mon, 19 Feb 2024 13:41:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /pixel/pure HTTP/1.1
Host: randomamongst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 08:01:25 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

chaturbate.com/cdn-cgi/challenge-platform/h/g/jsd/r/82d11530ee855687

104.18.101.40

200 OK

1.2 kB

URL POST HTTP/3
chaturbate.com/cdn-cgi/challenge-platform/h/g/jsd/r/82d11530ee855687
IP
104.18.101.40:443
ASN
#13335 CLOUDFLARENET

Requested by
https://chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
Certificate
IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
Matlab v4 mat-file (little endian) 5iso6mp41, text, rows 2037671452, columns 1869834608, imaginary\012- data
Size
1.2 kB (1219 bytes)
Hash
f8d2393ccd638dcf90bd4d72912201a0
35b7114cb6849b0499000ad7e01afb4dc94f980d
b8e896d92c82193181cf9d611f10098b01f6129c1a89542bc009b447e9d3dccb

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/82d11530ee855687 HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12219
Origin: https://chaturbate.com
DNT: 1
Connection: keep-alive
Referer: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
Cookie: __cf_bm=Algo1j6evJ1nTmlju0MCHLkIgwgAx8zePFcB4026xK8-1701158484-0-AcyQLOdFeI5FN/HvyOWdE5nNshKFAp1msWVR24iIxTDnOZdZymHF10JMdHkHdMxV5EALPHxGNs6qXYURSkZtl8E=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=bYlPBCFVGvwE81euOVhFN8lnH.th9xrtbLuBkTNyp6M-1701158485-0-1-730ca2d2.73a07051.5b213570-0.2.1701158485; path=/; expires=Wed, 27-Nov-24 08:01:25 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yP%2BkA6e2kHMdxUDYzL8eqEzTVlCYpyeIP9ts82bBOoUVzdFB5chK6voWl93PhL2YCX9sDVLiQsJ5hz3Gt1Wcj%2Bk2AAlDFuOeHWWX8%2B%2BQcN9xqGLEjNzG92zgSBjRrkEB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82d11535ac29b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

b-hls-09.doppiocdn.com/hls/85253216/85253216_160p_398_fFMqMKEbUd5jBw34_1701158477.mp4

104.18.63.122

200 OK

95 kB

URL GET HTTP/3
b-hls-09.doppiocdn.com/hls/85253216/85253216_160p_398_fFMqMKEbUd5jBw34_1701158477.mp4
IP
104.18.63.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
95 kB (95090 bytes)
Hash
14cc9a91f906ba0333edc7fb3586ec7f
c586e083476c1c39dc0ae62f12a3c33a2ed3dc81
b5b2b63bde2eed9f7464937ec3cf8531bab2fe3cd2a5dd8ed9b1e230f6a94dbd

HTTP Headers

GET /hls/85253216/85253216_160p_398_fFMqMKEbUd5jBw34_1701158477.mp4 HTTP/1.1
Host: b-hls-09.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: video/mp4
content-length: 95090
last-modified: Tue, 28 Nov 2023 08:01:20 GMT
etag: "65659e50-17372"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d115368bf35685-OSL
alt-svc: h3=":443"; ma=86400

purposelyharp.com/sbar.json?key=101f34fe74998c687adf688cf98d4808

192.243.59.12

200 OK

4.0 kB

URL GET HTTP/1.1
purposelyharp.com/sbar.json?key=101f34fe74998c687adf688cf98d4808
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectpurposelyharp.com
Fingerprint71:59:C5:F0:5D:FA:92:1A:50:01:2F:30:F5:CB:D2:9E:19:8A:E8:87
ValiditySat, 25 Nov 2023 08:10:37 GMT - Fri, 23 Feb 2024 08:10:36 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (5750), with no line terminators
Size
4.0 kB (3979 bytes)
Hash
73ef18cbb56c8ea1b540f59020697285
671a2eb0beed2db53ba84a84340ee9a5d0b34f30
23f00d68da36bfac90ceac8e942d867890458f04aafb97beff316314b81a0ed4

HTTP Headers

GET /sbar.json?key=101f34fe74998c687adf688cf98d4808 HTTP/1.1
Host: purposelyharp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 08:01:25 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.porngo.com
Access-Control-Allow-Origin: https://www.porngo.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17378085; expires=Wed, 29 Nov 2023 08:01:25 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 29 Nov 2023 08:01:25 GMT; secure; SameSite=None
uncs=1; expires=Wed, 29 Nov 2023 08:01:25 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 29 Nov 2023 08:01:25 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 29 Nov 2023 08:01:25 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 291f81b672dddd4a8de048e8489057c2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

randomamongst.com/pixel/pure

192.243.59.20

204 No Content

0 B

URL OPTIONS HTTP/1.1
randomamongst.com/pixel/pure
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectrandomamongst.com
FingerprintEE:89:70:C8:C6:EA:A8:33:6A:7B:CE:4E:3E:88:44:47:00:23:1F:46
ValidityTue, 21 Nov 2023 13:41:16 GMT - Mon, 19 Feb 2024 13:41:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /pixel/pure HTTP/1.1
Host: randomamongst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 08:01:25 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

creative.bbrdbr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js

104.18.59.150

200 OK

148 kB

URL GET HTTP/3
creative.bbrdbr.com/widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (45140)
Size
148 kB (147548 bytes)
Hash
4a1e862a348e6713dfcce18e9cda2f42
47bed78ef29844bec68da443a6b0add48936b61b
b3b83266dde6fa2870ddc1cc812233d8baa03727cd4d65733ed5ee7a4fbb4490

HTTP Headers

GET /widgets/v4/Universal/vendors~hls.13f01a3a9d7e36c14415.js HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 23 Nov 2023 14:38:50 GMT
etag: W/"655f63fa-2b6c9"
expires: Tue, 28 Nov 2023 08:01:27 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 3
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d11534a9a656c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.porngo.com/apple-touch-icon.png

104.21.234.90

200 OK

14 kB

URL GET HTTP/2
www.porngo.com/apple-touch-icon.png
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (13713 bytes)
Hash
302003967bcce57931c372aa26310c88
526045f535e90a6d7b19240532f9100c9535beee
117477b129e4ca959b0afd092f7edca8f460ff25120b8dbe2011a88d9f48bef8

HTTP Headers

GET /apple-touch-icon.png HTTP/1.1
Host: www.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154; show_pops2=true2; pp_show_on_ea8af9849c3d36f72e75ff80972b12c1=1; kt_tcookie=1; kt_is_visited=1; bnState_1827308={"impressions":1,"delayStarted":0}; pp_main_ea8af9849c3d36f72e75ff80972b12c1=1; pp_exp_ea8af9849c3d36f72e75ff80972b12c1=1701162088349; pp_idelay_ea8af9849c3d36f72e75ff80972b12c1=1; sb_page_101f34fe74998c687adf688cf98d4808=1; sb_onpage_101f34fe74998c687adf688cf98d4808=1; sb_main_101f34fe74998c687adf688cf98d4808=1; sb_count_101f34fe74998c687adf688cf98d4808=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: image/png
content-length: 13713
last-modified: Tue, 16 Jul 2019 10:24:46 GMT
etag: "5d2da5ee-3591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 361723
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsHYbdw%2BnRCoR7iW%2BBksvgK08%2Fow2KeM59Mk4C%2Bd22vzhHehce2R3kUn8NkxyGrAy2z3ekOqW9AVF0wpnrN90X%2FKzTyBokR5yWtfjjmomRWHLNQGnxeLpVStx66mj3mteg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d115379f15d91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

b-hls-09.doppiocdn.com/hls/85253216/85253216_160p.m3u8

104.18.63.122

200 OK

32 kB

URL GET HTTP/3
b-hls-09.doppiocdn.com/hls/85253216/85253216_160p.m3u8
IP
104.18.63.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
32 kB (31852 bytes)
Hash
9b4159199b2ee266ec63f34cc2c599b9
a0fafc1e7ef67563c5b252298df7dc54baba5de7
50e4675e51c104c7f6f171ac1ca0a195bc1469438c4be265a7fc80b2031a239f

HTTP Headers

GET /hls/85253216/85253216_160p.m3u8 HTTP/1.1
Host: b-hls-09.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Tue, 28 Nov 2023 08:01:24 GMT
x-proxy-cache: HIT
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 82d115357b015685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

s.magsrv.com/splash.php?idzone=4646890

95.211.229.245

200 OK

2.7 kB

URL GET HTTP/1.1
s.magsrv.com/splash.php?idzone=4646890
IP
95.211.229.245:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT

File type
XML 1.0 document text\012- XML document, ASCII text, with very long lines (1595)
Size
2.7 kB (2684 bytes)
Hash
c7da8c01d836be179552fce8f58ff622
f0c02390e02bbe54b057015a4fddc65f7abe5204
a4c8f6da1e8b83848c3530742715f2968198290c2e57ce8e72c3204d773dbcdf

HTTP Headers

GET /splash.php?idzone=4646890 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.porngo.com/
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 08:01:25 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265659e55cae948.269740013029341069%22%3B%7D; expires=Thu, 27 Nov 2025 08:01:25 GMT; path=; domain=.magsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v4%7C%7CNOR%7C4646890%7C82332890%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Cporngo.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1701158485%7Ccc9a65531b59fa74889a735df675e874%7Cok%22%7D; expires=Wed, 29 Nov 2023 08:01:25 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://www.porngo.com
Access-Control-Allow-Credentials: true
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

xdiwbc.com/template/social.html

188.114.97.1

200 OK

1.5 kB

URL GET HTTP/2
xdiwbc.com/template/social.html
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectxdiwbc.com
Fingerprint5D:41:10:46:C6:59:EE:4D:26:CD:FC:4F:4C:13:35:6F:6E:2E:05:91
ValidityMon, 02 Oct 2023 04:50:38 GMT - Sun, 31 Dec 2023 04:50:37 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4579), with no line terminators
Size
1.5 kB (1528 bytes)
Hash
56d978d63c451d50308e9730f97673e4
72bf07d65dc53fa6d4e27aced10ce40e9549a456
e4aaa8b864033f10089ecbbc1023817b1968fe72fb17398564429c7f07796c80

HTTP Headers

GET /template/social.html HTTP/1.1
Host: xdiwbc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.porngo.com/
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://www.porngo.com
cache-control: max-age=14400
cf-cache-status: HIT
age: 84
last-modified: Tue, 28 Nov 2023 08:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6pE5WLJW1CLu%2BmtMh8gjK2EeqmKBMTymj4p3wbpnLk4LIBGIyEvzZ2nrB7Phmcij8B5ExyKhyIl8geWiy2doz%2B9kcexw8MFtIBI2qHkI%2Bfpm7Q4zCjnPfCauw14"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d11535dd260b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

purposelyharp.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3o2gKOIuXjwIcxFWlEn3%2FGRm3MPiuhsJxiTuD%2FEm1VXVkzLVVU1V9%2FQkIERXlj3JqBdP0vkm2ai7rO5VEGTiRQJi2oPkYO6ehT3LTAZGH1S9r%2Bp7Bd%2F3Xt3dzU6Jj4yerL1rtqVSdL5Z9SuX1qXmJneVlVuVwK%2F6lyvrUi80Llf648323gj8ZtV%2FtfK2YJtmvuYHvh%2F4QWVRWhGZ%2FvyEhUwedoJqx682atWg2UDf%2Fv%2FsMg%2BOeuC9U3IRkpdPbfz6GJKNoOMfrgm3mZrk9etxpmhqLHr84Lbe1CbXiGcwsh4ifTCthnElIV%2Bdg9EHUwcwvb2xA4SyJN6fAUJ9MJWJsLd%2FpjRUEBohfxZ5bwShRpB0BGbuQPJjAjCOlVXo%2BP6KsTndOmPpmC3J3JN%2FIPOSzP31InT86KqS%2FcpNo7JUGu3QjwrI%2FgiyO0KSHSLd9iDzQ7D0E0j%2BG5l%2Fsgwd7606ZSB5MXEv5QgyGkGJAajzkI2X9JBFHrLEQ8xPKrTZiXy%2FFYVRvd5uMMbqdcaa7QXe5PVGO%2FKRsbG8AdJkAKYGYHYHid3BpvziuHnxeOVj2OxnuI0CjntwaUm893bQ4wVyQZA7gpwS5JIgTwnyXrHPlau54j5XLguDaa5Nc70YmrS7S%2FdN2hWa7Can5MK4O94zr72CTXFSCfwgqjci0Wp0Om220G5RHi202yzqtHmj7bfhZAHpzk0Mb8uSnHt0gEQeX3iAkB7CqUMw%2BQJo9jJoPmzVfNCNYaPtY1t%2F3xNdWk2M1V1TZSYGNwWSdA7plrerTslLkzEtzTUh2NGVP%2BqTALMFElvgQ%2FkLQVfdG94wOdm7YXJHHq8mqYzlNh2P8GZKU3H%2Bu3fEVm4sX7rmBt%2B%2BycbEGD68JVy6TDWXuuvIg6uSc2EXjWWC%2FLTk1kW4lrmNq5nVWbK89tbiUpxY4Zw0egQqS0I%2B%2BxtMluT5pz%2BYfM9Ld9%2BHtCPYrECcHZFpQJoRWLIDl8z0O0Ng1awmTDzkWTG0tXB2qWRJGp%2F%2BDiWOrnz5zUfPXa%2F9CBoWcOI%2FD2d4191D13qg6R3ouEDPFuipAlQN4LLzwzSxMwGh8oahst5eqKz6%2FKzBTp5URDPyI%2BHXRBh1wqhFfd6JGp2QdgLRCps0QOpKIb6%2B%2FS8AAAD%2F%2FwEAAP%2F%2FHh9mDnoEAAA%3D

192.243.59.12

200 OK

7 B

URL GET HTTP/1.1
purposelyharp.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3o2gKOIuXjwIcxFWlEn3%2FGRm3MPiuhsJxiTuD%2FEm1VXVkzLVVU1V9%2FQkIERXlj3JqBdP0vkm2ai7rO5VEGTiRQJi2oPkYO6ehT3LTAZGH1S9r%2Bp7Bd%2F3Xt3dzU6Jj4yerL1rtqVSdL5Z9SuX1qXmJneVlVuVwK%2F6lyvrUi80Llf648323gj8ZtV%2FtfK2YJtmvuYHvh%2F4QWVRWhGZ%2FvyEhUwedoJqx682atWg2UDf%2Fv%2FsMg%2BOeuC9U3IRkpdPbfz6GJKNoOMfrgm3mZrk9etxpmhqLHr84Lbe1CbXiGcwsh4ifTCthnElIV%2Bdg9EHUwcwvb2xA4SyJN6fAUJ9MJWJsLd%2FpjRUEBohfxZ5bwShRpB0BGbuQPJjAjCOlVXo%2BP6KsTndOmPpmC3J3JN%2FIPOSzP31InT86KqS%2FcpNo7JUGu3QjwrI%2FgiyO0KSHSLd9iDzQ7D0E0j%2BG5l%2Fsgwd7606ZSB5MXEv5QgyGkGJAajzkI2X9JBFHrLEQ8xPKrTZiXy%2FFYVRvd5uMMbqdcaa7QXe5PVGO%2FKRsbG8AdJkAKYGYHYHid3BpvziuHnxeOVj2OxnuI0CjntwaUm893bQ4wVyQZA7gpwS5JIgTwnyXrHPlau54j5XLguDaa5Nc70YmrS7S%2FdN2hWa7Can5MK4O94zr72CTXFSCfwgqjci0Wp0Om220G5RHi202yzqtHmj7bfhZAHpzk0Mb8uSnHt0gEQeX3iAkB7CqUMw%2BQJo9jJoPmzVfNCNYaPtY1t%2F3xNdWk2M1V1TZSYGNwWSdA7plrerTslLkzEtzTUh2NGVP%2BqTALMFElvgQ%2FkLQVfdG94wOdm7YXJHHq8mqYzlNh2P8GZKU3H%2Bu3fEVm4sX7rmBt%2B%2BycbEGD68JVy6TDWXuuvIg6uSc2EXjWWC%2FLTk1kW4lrmNq5nVWbK89tbiUpxY4Zw0egQqS0I%2B%2BxtMluT5pz%2BYfM9Ld9%2BHtCPYrECcHZFpQJoRWLIDl8z0O0Ng1awmTDzkWTG0tXB2qWRJGp%2F%2BDiWOrnz5zUfPXa%2F9CBoWcOI%2FD2d4191D13qg6R3ouEDPFuipAlQN4LLzwzSxMwGh8oahst5eqKz6%2FKzBTp5URDPyI%2BHXRBh1wqhFfd6JGp2QdgLRCps0QOpKIb6%2B%2FS8AAAD%2F%2FwEAAP%2F%2FHh9mDnoEAAA%3D
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectpurposelyharp.com
Fingerprint71:59:C5:F0:5D:FA:92:1A:50:01:2F:30:F5:CB:D2:9E:19:8A:E8:87
ValiditySat, 25 Nov 2023 08:10:37 GMT - Fri, 23 Feb 2024 08:10:36 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3o2gKOIuXjwIcxFWlEn3%2FGRm3MPiuhsJxiTuD%2FEm1VXVkzLVVU1V9%2FQkIERXlj3JqBdP0vkm2ai7rO5VEGTiRQJi2oPkYO6ehT3LTAZGH1S9r%2Bp7Bd%2F3Xt3dzU6Jj4yerL1rtqVSdL5Z9SuX1qXmJneVlVuVwK%2F6lyvrUi80Llf648323gj8ZtV%2FtfK2YJtmvuYHvh%2F4QWVRWhGZ%2FvyEhUwedoJqx682atWg2UDf%2Fv%2FsMg%2BOeuC9U3IRkpdPbfz6GJKNoOMfrgm3mZrk9etxpmhqLHr84Lbe1CbXiGcwsh4ifTCthnElIV%2Bdg9EHUwcwvb2xA4SyJN6fAUJ9MJWJsLd%2FpjRUEBohfxZ5bwShRpB0BGbuQPJjAjCOlVXo%2BP6KsTndOmPpmC3J3JN%2FIPOSzP31InT86KqS%2FcpNo7JUGu3QjwrI%2FgiyO0KSHSLd9iDzQ7D0E0j%2BG5l%2Fsgwd7606ZSB5MXEv5QgyGkGJAajzkI2X9JBFHrLEQ8xPKrTZiXy%2FFYVRvd5uMMbqdcaa7QXe5PVGO%2FKRsbG8AdJkAKYGYHYHid3BpvziuHnxeOVj2OxnuI0CjntwaUm893bQ4wVyQZA7gpwS5JIgTwnyXrHPlau54j5XLguDaa5Nc70YmrS7S%2FdN2hWa7Can5MK4O94zr72CTXFSCfwgqjci0Wp0Om220G5RHi202yzqtHmj7bfhZAHpzk0Mb8uSnHt0gEQeX3iAkB7CqUMw%2BQJo9jJoPmzVfNCNYaPtY1t%2F3xNdWk2M1V1TZSYGNwWSdA7plrerTslLkzEtzTUh2NGVP%2BqTALMFElvgQ%2FkLQVfdG94wOdm7YXJHHq8mqYzlNh2P8GZKU3H%2Bu3fEVm4sX7rmBt%2B%2BycbEGD68JVy6TDWXuuvIg6uSc2EXjWWC%2FLTk1kW4lrmNq5nVWbK89tbiUpxY4Zw0egQqS0I%2B%2BxtMluT5pz%2BYfM9Ld9%2BHtCPYrECcHZFpQJoRWLIDl8z0O0Ng1awmTDzkWTG0tXB2qWRJGp%2F%2BDiWOrnz5zUfPXa%2F9CBoWcOI%2FD2d4191D13qg6R3ouEDPFuipAlQN4LLzwzSxMwGh8oahst5eqKz6%2FKzBTp5URDPyI%2BHXRBh1wqhFfd6JGp2QdgLRCps0QOpKIb6%2B%2FS8AAAD%2F%2FwEAAP%2F%2FHh9mDnoEAAA%3D HTTP/1.1
Host: purposelyharp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: u_pl=17378085; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 08:01:26 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8e8c6541cf81889333d0ded78a6c4eca
Strict-Transport-Security: max-age=0; includeSubdomains

twinrdsrv.com/preroll.engine?id=e5382ec5-ace5-45cc-ac92-b1581a4bc92e&zid=52149&cvs={ClientVideoSupport}&time={TimeOffset}&stdtime={StdTimeOffset}&abr={IsAdblockRequest}&pageurl={PageUrl}&tid={TrackingId}&res={Resolution}&bw={BrowserWidth}&bh={BrowserHeight}&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla+Kush%2CArya+Fae%2CJean+Val+Jean&referrerUrl={ReferrerUrl}&pw={PlayerWidth}&ph={PlayerHeight}

172.66.43.59

200 OK

7.5 kB

URL GET HTTP/2
twinrdsrv.com/preroll.engine?id=e5382ec5-ace5-45cc-ac92-b1581a4bc92e&zid=52149&cvs={ClientVideoSupport}&time={TimeOffset}&stdtime={StdTimeOffset}&abr={IsAdblockRequest}&pageurl={PageUrl}&tid={TrackingId}&res={Resolution}&bw={BrowserWidth}&bh={BrowserHeight}&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla+Kush%2CArya+Fae%2CJean+Val+Jean&referrerUrl={ReferrerUrl}&pw={PlayerWidth}&ph={PlayerHeight}
IP
172.66.43.59:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint44:DC:AB:AD:02:68:C6:90:3B:A8:AF:E2:FD:7E:D7:F2:0E:5D:AC:2E
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (23168), with no line terminators
Size
7.5 kB (7462 bytes)
Hash
e95133cbaf59db51770d9926eab08897
6f962800337c9e6345f7eb6c226e275e8367fa8c
580d300db338b4b198c91edcb094c651a84a035d9061266c50364a25ff3bd49c

HTTP Headers

GET /preroll.engine?id=e5382ec5-ace5-45cc-ac92-b1581a4bc92e&zid=52149&cvs={ClientVideoSupport}&time={TimeOffset}&stdtime={StdTimeOffset}&abr={IsAdblockRequest}&pageurl={PageUrl}&tid={TrackingId}&res={Resolution}&bw={BrowserWidth}&bh={BrowserHeight}&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla+Kush%2CArya+Fae%2CJean+Val+Jean&referrerUrl={ReferrerUrl}&pw={PlayerWidth}&ph={PlayerHeight} HTTP/1.1
Host: twinrdsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.porngo.com/
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-transform
access-control-allow-credentials: true
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: https://www.porngo.com
set-cookie: IKSR={}; path=/; SameSite=None; secure
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Wxods7D0pxG2TKZq9qr4sV%2ByBEESjzfrjA5VZ5%2FMCYqV3ygJ6PrR2ECzhQAyK%2B2KxPJLrj9YZe5i4aaJqcMk8Ncv1WnEJYzJFYw4zbULr6gtdAwGcC1KrpFcdFUBgk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d11537ead556c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

game.starswalker.site/api/click/1315159145958024095?c=60&data[error]=3

135.181.208.216

200 OK

0 B

URL GET HTTP/2
game.starswalker.site/api/click/1315159145958024095?c=60&data[error]=3
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/click/1315159145958024095?c=60&data[error]=3 HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: nauid=oKHZPVhpUvcthZshRKA0; asgfp=e19e1989b72653a7152c87a7240d524a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:26 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2

game.starswalker.site/api/click/1315159145958024095?c=60&data[error]=400

135.181.208.216

200 OK

0 B

URL GET HTTP/2
game.starswalker.site/api/click/1315159145958024095?c=60&data[error]=400
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/click/1315159145958024095?c=60&data[error]=400 HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: nauid=oKHZPVhpUvcthZshRKA0; asgfp=e19e1989b72653a7152c87a7240d524a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:26 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2

i.wmgtr.com/cic/jM3-cBg6FdfQzbNCLprsoWE9X3xuNSno.png

45.133.44.32

5.8 MB

URL GET
i.wmgtr.com/cic/jM3-cBg6FdfQzbNCLprsoWE9X3xuNSno.png
IP
45.133.44.32:0
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecti.wmgtr.com
FingerprintEC:B5:1E:3E:A4:6B:92:23:E2:9E:1E:FC:99:58:59:8E:23:DD:C1:25
ValidityMon, 23 Oct 2023 00:02:20 GMT - Sun, 21 Jan 2024 00:02:19 GMT

File type
gzip compressed data, from Unix\012- data
Size
5.8 MB (5762319 bytes)
Hash
cdd63ad3430462e70a3c4de84921ea98
03d3b2f33ab2696669dae568ea214f3746264444
50162a1b7fd6818a8c1e7adb99063a4aea5f6456d4946ded1c92376a48e6931c

HTTP Headers

GET /cic/jM3-cBg6FdfQzbNCLprsoWE9X3xuNSno.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: image/png
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
content-encoding: gzip
cache-control: max-age=82800
expires: Wed, 29 Nov 2023 07:01:26 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

s.magsrv.com/vregister.php?a=vview&errorcode=3&idzone=4646890&dg=5786572-NOR-82332890-3-0-1-0-InLine

95.211.229.245

200 OK

20 B

URL GET HTTP/1.1
s.magsrv.com/vregister.php?a=vview&errorcode=3&idzone=4646890&dg=5786572-NOR-82332890-3-0-1-0-InLine
IP
95.211.229.245:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /vregister.php?a=vview&errorcode=3&idzone=4646890&dg=5786572-NOR-82332890-3-0-1-0-InLine HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265659e55cae948.269740013029341069%22%3B%7D; c-tag=%7B%22tag-video%22%3A%22v4%7C%7CNOR%7C4646890%7C82332890%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Cporngo.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1701158485%7Ccc9a65531b59fa74889a735df675e874%7Cok%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 08:01:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: 
Access-Control-Allow-Credentials: true
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

go.go-srv.com/vast.go?spaceid=1237628&subid=a2278970-f8ed-4951-9702-404317e09728

217.22.19.196

200 OK

4.1 kB

URL GET HTTP/2
go.go-srv.com/vast.go?spaceid=1237628&subid=a2278970-f8ed-4951-9702-404317e09728
IP
217.22.19.196:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectgo.go-srv.com
Fingerprint88:C2:E0:62:0C:FA:60:1C:CF:C7:B5:43:15:C2:83:3F:00:11:E3:1E
ValidityMon, 02 Oct 2023 21:00:10 GMT - Sun, 31 Dec 2023 21:00:09 GMT

File type
XML 1.0 document text\012- XML document, Unicode text, UTF-8 text, with very long lines (4074), with no line terminators
Size
4.1 kB (4077 bytes)
Hash
91befc6a0ae562faa1a5e2882311e431
148fbc33e37ddf8add5347255e21de38925550e0
0663c8fa3bafb51b7435009276646d421d94a54e6637631402c754c0fb0afb19

HTTP Headers

GET /vast.go?spaceid=1237628&subid=a2278970-f8ed-4951-9702-404317e09728 HTTP/1.1
Host: go.go-srv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.porngo.com/
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: application/xml; charset=utf-8
content-length: 4077
access-control-allow-origin: https://www.porngo.com
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-credentials: true
expires: Mon, 03 Jul 2001 06:00:00 GMT
last-modified: Janon, 28 11 2023 08:01:26 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
pragma: no-cache
x-backend-server: nl2-go-web-244
X-Firefox-Spdy: h2

s.magsrv.com/vregister.php?a=vview&errorcode=400&idzone=4646890&dg=5786572-NOR-82332890-3-0-1-0-InLine

95.211.229.245

200 OK

20 B

URL GET HTTP/1.1
s.magsrv.com/vregister.php?a=vview&errorcode=400&idzone=4646890&dg=5786572-NOR-82332890-3-0-1-0-InLine
IP
95.211.229.245:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /vregister.php?a=vview&errorcode=400&idzone=4646890&dg=5786572-NOR-82332890-3-0-1-0-InLine HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265659e55cae948.269740013029341069%22%3B%7D; c-tag=%7B%22tag-video%22%3A%22v4%7C%7CNOR%7C4646890%7C82332890%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Cporngo.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1701158485%7Ccc9a65531b59fa74889a735df675e874%7Cok%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Nov 2023 08:01:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: 
Access-Control-Allow-Credentials: true
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/img/close.png

172.64.109.10

200 OK

6.0 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/img/close.png
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Size
6.0 kB (5982 bytes)
Hash
c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd

HTTP Headers

GET /sb/ssp/notifications/text_bubble/2/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: image/png
content-length: 5982
last-modified: Tue, 12 Jul 2022 10:56:24 GMT
etag: "62cd5358-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 19147
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9THNt%2Fy29u6R91NfsoTGAdeQ%2BbqJoDJjHwNGJ05PwWioCuGkAUOjN7KwrLsD5zcnh3fAdjo2FWRJdsSmJrNWfdW%2FnN8vpTJWWXxWs9%2B5HO1rpc7i3ABXfqP1fO489tsgD1EH39%2BMDVXv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1153e0e1b6385-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/fa/41/e4/fa41e4558b816ed7e0ab0552953b2d07/1690854338.png

45.133.44.10

200 OK

67 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/fa/41/e4/fa41e4558b816ed7e0ab0552953b2d07/1690854338.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
67 kB (67165 bytes)
Hash
674efc7161b89ce659afd5b0643930e1
ace5e7c836afc552f82908e8c646c74c66351a6a
7f44e25525d576448d70619c900546bf13f2439c2006808a058bc68c71c35406

HTTP Headers

GET /si/fa/41/e4/fa41e4558b816ed7e0ab0552953b2d07/1690854338.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: image/png
content-length: 67165
server: nginx/1.21.6
last-modified: Tue, 01 Aug 2023 01:45:47 GMT
etag: "64c863cb-1065d"
expires: Thu, 30 Nov 2023 08:01:26 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/img/arrow.png

172.64.109.10

200 OK

2.3 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/img/arrow.png
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2332 bytes)
Hash
41109abf05740798aa2e66a3e938c8de
706e93332bf4819e9f4059765340cf97981bd1fe
2fbf669490df5b04badb9886ca664dbd9a0d66e0ecdc951b822feb6089fac0ea

HTTP Headers

GET /sb/ssp/notifications/text_bubble/2/img/arrow.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: image/png
content-length: 2332
last-modified: Tue, 12 Jul 2022 10:56:23 GMT
etag: "62cd5357-91c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1650597
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BmBXag3PNCvE%2BojVbFwxIIfcmK7xbIKd0dW1Yaiq61DSB3MPkpiEnofiBs888WdWhxopApLLscmnsAlw3CoYU6BWZazU93FDVB5f4AALx5O9ujXaLsabO%2FUJxoZ4CtnKykOpLUNnhKq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1153e1e2c6385-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/img/number.png

172.64.109.10

200 OK

1.1 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/img/number.png
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1138 bytes)
Hash
9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762

HTTP Headers

GET /sb/ssp/notifications/text_bubble/2/img/number.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: image/png
content-length: 1138
last-modified: Tue, 12 Jul 2022 10:56:23 GMT
etag: "62cd5357-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2269721
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMgREjQ8nvfz1M4WoL1cnbKHHUzGz4hkF%2FtFRv2xyVk%2B7AofRdaJH8r166NrUkJVkPWRD4aBXQLNhrgBlgdsS9gzIO1BTNNA%2Bd%2F7JYLBzhEZQyUPyrlelS3FD0IZIEcnzesF5n1UQanZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1153e1e226385-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2997.novemberadventures.name/iiNDBoYwNQfoZtdxoUWUMX8L1ckOuMeHe_tRMsiTXMNBY8OZ5YcFoJWRFIwgZpDOxNU8IfByhOHtQfSxFoK6aR6Xm6zDvNP3JexTvtgBt9G2xXCSMHir?_=1701158486567

88.208.59.102

200 OK

26 kB

URL GET HTTP/2
2997.novemberadventures.name/iiNDBoYwNQfoZtdxoUWUMX8L1ckOuMeHe_tRMsiTXMNBY8OZ5YcFoJWRFIwgZpDOxNU8IfByhOHtQfSxFoK6aR6Xm6zDvNP3JexTvtgBt9G2xXCSMHir?_=1701158486567
IP
88.208.59.102:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subject*.novemberadventures.name
Fingerprint07:CC:67:0A:E6:12:32:59:BD:8E:D3:88:2D:52:C5:2C:59:DE:AC:1B
ValidityTue, 07 Nov 2023 11:00:51 GMT - Mon, 05 Feb 2024 11:00:50 GMT

File type
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
26 kB (25787 bytes)
Hash
803897e5963672d619f773662beba50a
f40099eb4dadfcc4c7282c5b8376a6188e42f299
e4d869a8d236ef5c6465b934417a9782c8865f34d068964edc8a82524a432d80

HTTP Headers

GET /iiNDBoYwNQfoZtdxoUWUMX8L1ckOuMeHe_tRMsiTXMNBY8OZ5YcFoJWRFIwgZpDOxNU8IfByhOHtQfSxFoK6aR6Xm6zDvNP3JexTvtgBt9G2xXCSMHir?_=1701158486567 HTTP/1.1
Host: 2997.novemberadventures.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
content-encoding: gzip
X-Firefox-Spdy: h2

game.starswalker.site/api/click/9165914061934375095?c=60&data[error]=400

135.181.208.216

200 OK

0 B

URL GET HTTP/2
game.starswalker.site/api/click/9165914061934375095?c=60&data[error]=400
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/click/9165914061934375095?c=60&data[error]=400 HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: nauid=oKHZPVhpUvcthZshRKA0; asgfp=e19e1989b72653a7152c87a7240d524a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:27 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2

st.static-srv.com/data/creatives/1164/163652.mp4

217.22.19.198

206 Partial Content

5.3 MB

URL GET HTTP/2
st.static-srv.com/data/creatives/1164/163652.mp4
IP
217.22.19.198:443
ASN
#42567 Mojohost B.v.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectst.static-srv.com
Fingerprint64:D0:84:92:63:F1:56:6D:97:2C:10:A2:3E:35:A2:CC:42:5E:C7:22
ValidityTue, 10 Oct 2023 17:05:10 GMT - Mon, 08 Jan 2024 17:05:09 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
5.3 MB (5313894 bytes)
Hash
02bfa302a35a12958c98fdd51f49c916
34eed250d5aa0883203c31698024c9b55d1eaabd
60bca4475c99b2ad7fa54a11d1b7e5a3f35265a242a992d0a872a9569f2eb4f2

HTTP Headers

GET /data/creatives/1164/163652.mp4 HTTP/1.1
Host: st.static-srv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: video/mp4
content-length: 5313894
last-modified: Thu, 16 Nov 2023 12:31:46 GMT
etag: "65560bb2-511566"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-backend-server: nl2-static-222
content-range: bytes 0-5313893/5313894
X-Firefox-Spdy: h2

vlcdn.tsyndicate.com/videos/7/5/b53871a2a42bb5c206ad1804ffe9ee247304b4/330x250.mp4

8.247.219.249

206 Partial Content

537 kB

URL GET HTTP/2
vlcdn.tsyndicate.com/videos/7/5/b53871a2a42bb5c206ad1804ffe9ee247304b4/330x250.mp4
IP
8.247.219.249:443
ASN
#3356 LEVEL3

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerSectigo Limited
Subjectvlcdn.tsyndicate.com
Fingerprint1F:5F:CD:0C:ED:2D:5C:55:51:6E:02:EF:68:C7:7C:B3:8D:DB:D3:76
ValidityMon, 21 Aug 2023 00:00:00 GMT - Fri, 20 Sep 2024 23:59:59 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
537 kB (537367 bytes)
Hash
d8324a923237d6415000546719245c30
f32ecb74c04f7cee529acc7bb869662255311c6d
5fa6e8e1584ada2bd4ed5201da3b848b1473dad0d414971eda3f0296058534b3

HTTP Headers

GET /videos/7/5/b53871a2a42bb5c206ad1804ffe9ee247304b4/330x250.mp4 HTTP/1.1
Host: vlcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: ts_uid=ae53c70a-f90b-4dcf-b5bf-3701afb63be4
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Tue, 28 Nov 2023 08:01:27 GMT
content-type: video/mp4
content-length: 537367
server: nginx
last-modified: Thu, 25 Mar 2021 18:27:08 GMT
etag: "605cd5fc-83317"
access-control-allow-origin: *
age: 9469938
content-range: bytes 0-537366/537367
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-expose-headers: Server,Range,Content-Length,Content-Range
access-control-allow-headers: *
access-control-max-age: 31536000
access-control-allow-credentials: true
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 04:57:34 GMT
expires: Fri, 22 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 443033
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

purposelyharp.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3o2gKOIuXjwIcxFWlEn3TE%2Bmxz0srruRYEzi%2FhBvUl1VPSlT3dVUdU9PAkJ0ZdmTjHrxJJ1vko26y%2BpeBUEmXiQgpj1IDubuWdizzGRg9EHV%2B6q%2BV%2FB979Xd3fyUuMjpydq7elsqRedbdbd2aV0mXBe2tnKr5rl193JtXSYL%2FuVaf7yZ3hue26q7r9beFmxTzzdcz3U916stSiMi3Z%2BfsJDpw45X77h1v1H3Wj765v9nmzuw1AHvnZKLkLx6auPXx5BshCT%2B4Zqwm5lOX78e54pm2qDHD24nm4kuEsQzGBkHUXIwrYa2FSFfnYNODqYOoHt7YwcIZUWcPz2EycFUJsLe%2FpnSUEEkCPmzKHojCDWCpCMwfQeSHxOAcaysIonvr2hT0K0zlo7Zisw9%2BQeyqMjcXy8iiR9dVbJfu6lVnkmdWPSjErI%2FguyOkOaHyLYdyOIQLPsEkv9G5p8sI4n3Vq3SkLycuJdyBBmNoMQA1DrIx0s6yCMHeeog5ic12upErtuOwqjZDHzGWLPJWCtY4C3e9IPIRc7G8gbI0gGYGoCZHaRmB5vyi%2BPWxeOVj2Hyn2E3SljuwGYVcd7bQY%2BXKARBYQkKSlBIgiIjKHrlPle2Ycv7XNk89Ka5Mc3Ncqiz7i7d11lXJGQ3PSUXxt1xnnntFWyKk5rnelHTj0Tb73QCthC0KY8WgoBFnYD7gRvAyhLSnpsY3pYVOffoAKk8vvAAIT2EVYdg8gXQ%2FGXQYthuuKAbQz9wsZ183xNdWk%2B1Sbq6znQMrkuk2RyyLWdXnZKXJmNammtBsKMrfzQnAWZKpKbEh%2FIXgq66N7yhC7J3QxeWPF5NMxnLbToe4c2MZuL8d%2B%2BIrUIbvnTNDr59k42JMXx4S9hsmSZcJl1LHlyVnAuzqA0T5Kcluy7CtdxuXM1NkqfLa28tLsWpEdZKnYxAZUXIZ3%2BDyYo8%2F%2FQHk%2B956e77kGYEk5eI8yMyDUg9Akt3YNOZfqsJjJrVhKmDIi%2BHphHOLpWsiP%2Fp71Di6MqX33z03PXGj6BhCSv%2B83CGd%2B09dI0Dmt1BEpfomRI9VYKqAWx%2BfpilZiYgVM4wVMbZC5VRn5812MqTWsvzRRAGbcZ5KBj32o1m0HTdBud%2BuyO8DjJbCfH17X8BAAD%2F%2FwEAAP%2F%2FChfo6HoEAAA%3D

192.243.59.12

200 OK

7 B

URL GET HTTP/1.1
purposelyharp.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3o2gKOIuXjwIcxFWlEn3TE%2Bmxz0srruRYEzi%2FhBvUl1VPSlT3dVUdU9PAkJ0ZdmTjHrxJJ1vko26y%2BpeBUEmXiQgpj1IDubuWdizzGRg9EHV%2B6q%2BV%2FB979Xd3fyUuMjpydq7elsqRedbdbd2aV0mXBe2tnKr5rl193JtXSYL%2FuVaf7yZ3hue26q7r9beFmxTzzdcz3U916stSiMi3Z%2BfsJDpw45X77h1v1H3Wj765v9nmzuw1AHvnZKLkLx6auPXx5BshCT%2B4Zqwm5lOX78e54pm2qDHD24nm4kuEsQzGBkHUXIwrYa2FSFfnYNODqYOoHt7YwcIZUWcPz2EycFUJsLe%2FpnSUEEkCPmzKHojCDWCpCMwfQeSHxOAcaysIonvr2hT0K0zlo7Zisw9%2BQeyqMjcXy8iiR9dVbJfu6lVnkmdWPSjErI%2FguyOkOaHyLYdyOIQLPsEkv9G5p8sI4n3Vq3SkLycuJdyBBmNoMQA1DrIx0s6yCMHeeog5ic12upErtuOwqjZDHzGWLPJWCtY4C3e9IPIRc7G8gbI0gGYGoCZHaRmB5vyi%2BPWxeOVj2Hyn2E3SljuwGYVcd7bQY%2BXKARBYQkKSlBIgiIjKHrlPle2Ycv7XNk89Ka5Mc3Ncqiz7i7d11lXJGQ3PSUXxt1xnnntFWyKk5rnelHTj0Tb73QCthC0KY8WgoBFnYD7gRvAyhLSnpsY3pYVOffoAKk8vvAAIT2EVYdg8gXQ%2FGXQYthuuKAbQz9wsZ183xNdWk%2B1Sbq6znQMrkuk2RyyLWdXnZKXJmNammtBsKMrfzQnAWZKpKbEh%2FIXgq66N7yhC7J3QxeWPF5NMxnLbToe4c2MZuL8d%2B%2BIrUIbvnTNDr59k42JMXx4S9hsmSZcJl1LHlyVnAuzqA0T5Kcluy7CtdxuXM1NkqfLa28tLsWpEdZKnYxAZUXIZ3%2BDyYo8%2F%2FQHk%2B956e77kGYEk5eI8yMyDUg9Akt3YNOZfqsJjJrVhKmDIi%2BHphHOLpWsiP%2Fp71Di6MqX33z03PXGj6BhCSv%2B83CGd%2B09dI0Dmt1BEpfomRI9VYKqAWx%2BfpilZiYgVM4wVMbZC5VRn5812MqTWsvzRRAGbcZ5KBj32o1m0HTdBud%2BuyO8DjJbCfH17X8BAAD%2F%2FwEAAP%2F%2FChfo6HoEAAA%3D
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectpurposelyharp.com
Fingerprint71:59:C5:F0:5D:FA:92:1A:50:01:2F:30:F5:CB:D2:9E:19:8A:E8:87
ValiditySat, 25 Nov 2023 08:10:37 GMT - Fri, 23 Feb 2024 08:10:36 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3o2gKOIuXjwIcxFWlEn3TE%2Bmxz0srruRYEzi%2FhBvUl1VPSlT3dVUdU9PAkJ0ZdmTjHrxJJ1vko26y%2BpeBUEmXiQgpj1IDubuWdizzGRg9EHV%2B6q%2BV%2FB979Xd3fyUuMjpydq7elsqRedbdbd2aV0mXBe2tnKr5rl193JtXSYL%2FuVaf7yZ3hue26q7r9beFmxTzzdcz3U916stSiMi3Z%2BfsJDpw45X77h1v1H3Wj765v9nmzuw1AHvnZKLkLx6auPXx5BshCT%2B4Zqwm5lOX78e54pm2qDHD24nm4kuEsQzGBkHUXIwrYa2FSFfnYNODqYOoHt7YwcIZUWcPz2EycFUJsLe%2FpnSUEEkCPmzKHojCDWCpCMwfQeSHxOAcaysIonvr2hT0K0zlo7Zisw9%2BQeyqMjcXy8iiR9dVbJfu6lVnkmdWPSjErI%2FguyOkOaHyLYdyOIQLPsEkv9G5p8sI4n3Vq3SkLycuJdyBBmNoMQA1DrIx0s6yCMHeeog5ic12upErtuOwqjZDHzGWLPJWCtY4C3e9IPIRc7G8gbI0gGYGoCZHaRmB5vyi%2BPWxeOVj2Hyn2E3SljuwGYVcd7bQY%2BXKARBYQkKSlBIgiIjKHrlPle2Ycv7XNk89Ka5Mc3Ncqiz7i7d11lXJGQ3PSUXxt1xnnntFWyKk5rnelHTj0Tb73QCthC0KY8WgoBFnYD7gRvAyhLSnpsY3pYVOffoAKk8vvAAIT2EVYdg8gXQ%2FGXQYthuuKAbQz9wsZ183xNdWk%2B1Sbq6znQMrkuk2RyyLWdXnZKXJmNammtBsKMrfzQnAWZKpKbEh%2FIXgq66N7yhC7J3QxeWPF5NMxnLbToe4c2MZuL8d%2B%2BIrUIbvnTNDr59k42JMXx4S9hsmSZcJl1LHlyVnAuzqA0T5Kcluy7CtdxuXM1NkqfLa28tLsWpEdZKnYxAZUXIZ3%2BDyYo8%2F%2FQHk%2B956e77kGYEk5eI8yMyDUg9Akt3YNOZfqsJjJrVhKmDIi%2BHphHOLpWsiP%2Fp71Di6MqX33z03PXGj6BhCSv%2B83CGd%2B09dI0Dmt1BEpfomRI9VYKqAWx%2BfpilZiYgVM4wVMbZC5VRn5812MqTWsvzRRAGbcZ5KBj32o1m0HTdBud%2BuyO8DjJbCfH17X8BAAD%2F%2FwEAAP%2F%2FChfo6HoEAAA%3D HTTP/1.1
Host: purposelyharp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: u_pl=17378085; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 28 Nov 2023 08:01:27 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cdd52d563716be9362285340d1c0e79f
Strict-Transport-Security: max-age=0; includeSubdomains

game.starswalker.site/api/click/6532029607957850095?c=60&data[error]=3

135.181.208.216

200 OK

0 B

URL GET HTTP/2
game.starswalker.site/api/click/6532029607957850095?c=60&data[error]=3
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/click/6532029607957850095?c=60&data[error]=3 HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: nauid=oKHZPVhpUvcthZshRKA0; asgfp=e19e1989b72653a7152c87a7240d524a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:27 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2

game.starswalker.site/api/click/6532029607957850095?c=60&data[error]=400

135.181.208.216

200 OK

0 B

URL GET HTTP/2
game.starswalker.site/api/click/6532029607957850095?c=60&data[error]=400
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/click/6532029607957850095?c=60&data[error]=400 HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: nauid=oKHZPVhpUvcthZshRKA0; asgfp=e19e1989b72653a7152c87a7240d524a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:27 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2

pxl.tsyndicate.com/api/v1/error?errorcode=3&p=APeICDOGjggdMFgMhAPnoIwYMXDUUDimTUMdMWRInIFDoRg3bg7iiEjDxkQRdNocjHEDBsQaOGjgsKEwpYyVLV_GnAmjRg6FcNiMOZhQxJgzRPsoCAg%3D&s=ca444565770fc57b7d636d5d93927e3ff633c358b6cb22b54145e102f34eef6a1701158486

78.46.97.249

200 OK

0 B

URL GET HTTP/2
pxl.tsyndicate.com/api/v1/error?errorcode=3&p=APeICDOGjggdMFgMhAPnoIwYMXDUUDimTUMdMWRInIFDoRg3bg7iiEjDxkQRdNocjHEDBsQaOGjgsKEwpYyVLV_GnAmjRg6FcNiMOZhQxJgzRPsoCAg%3D&s=ca444565770fc57b7d636d5d93927e3ff633c358b6cb22b54145e102f34eef6a1701158486
IP
78.46.97.249:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
FingerprintF2:3C:80:FB:F4:C8:BF:02:DD:BF:23:DD:27:74:AB:0B:89:F6:13:5E
ValiditySun, 12 Nov 2023 09:06:58 GMT - Sat, 10 Feb 2024 09:06:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/v1/error?errorcode=3&p=APeICDOGjggdMFgMhAPnoIwYMXDUUDimTUMdMWRInIFDoRg3bg7iiEjDxkQRdNocjHEDBsQaOGjgsKEwpYyVLV_GnAmjRg6FcNiMOZhQxJgzRPsoCAg%3D&s=ca444565770fc57b7d636d5d93927e3ff633c358b6cb22b54145e102f34eef6a1701158486 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: ts_uid=ae53c70a-f90b-4dcf-b5bf-3701afb63be4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:27 GMT
content-length: 0
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2

pxl.tsyndicate.com/api/v1/error?errorcode=400&p=APeICDOGjggdMFgMhAPnoIwYMXDUUDimTUMdMWRInIFDoRg3bg7iiEjDxkQRdNocjHEDBsQaOGjgsKEwpYyVLV_GnAmjRg6FcNiMOZhQxJgzRPsoCAg%3D&s=ca444565770fc57b7d636d5d93927e3ff633c358b6cb22b54145e102f34eef6a1701158486

78.46.97.249

200 OK

0 B

URL GET HTTP/2
pxl.tsyndicate.com/api/v1/error?errorcode=400&p=APeICDOGjggdMFgMhAPnoIwYMXDUUDimTUMdMWRInIFDoRg3bg7iiEjDxkQRdNocjHEDBsQaOGjgsKEwpYyVLV_GnAmjRg6FcNiMOZhQxJgzRPsoCAg%3D&s=ca444565770fc57b7d636d5d93927e3ff633c358b6cb22b54145e102f34eef6a1701158486
IP
78.46.97.249:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
FingerprintF2:3C:80:FB:F4:C8:BF:02:DD:BF:23:DD:27:74:AB:0B:89:F6:13:5E
ValiditySun, 12 Nov 2023 09:06:58 GMT - Sat, 10 Feb 2024 09:06:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/v1/error?errorcode=400&p=APeICDOGjggdMFgMhAPnoIwYMXDUUDimTUMdMWRInIFDoRg3bg7iiEjDxkQRdNocjHEDBsQaOGjgsKEwpYyVLV_GnAmjRg6FcNiMOZhQxJgzRPsoCAg%3D&s=ca444565770fc57b7d636d5d93927e3ff633c358b6cb22b54145e102f34eef6a1701158486 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: ts_uid=ae53c70a-f90b-4dcf-b5bf-3701afb63be4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:27 GMT
content-length: 0
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2

purposelyharp.com/pixel/sbs?c=1

173.233.139.164

200 OK

0 B

URL GET HTTP/1.1
purposelyharp.com/pixel/sbs?c=1
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectpurposelyharp.com
Fingerprint71:59:C5:F0:5D:FA:92:1A:50:01:2F:30:F5:CB:D2:9E:19:8A:E8:87
ValiditySat, 25 Nov 2023 08:10:37 GMT - Fri, 23 Feb 2024 08:10:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: purposelyharp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: u_pl=17378085; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 28 Nov 2023 08:01:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

twinrdsrv.com/Redirect.eng?MediaSegmentId=32780&dcid=3_ctx_bdae56cf-a17b-45b4-bdfc-0e0b3a08137a&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=PB84Z5nOlUxbQb25ievREVgnDVOkv3mOZLsYJXTEkMyD57uDPsSuEJReYBDgoGUK4Yhr3Wt4VwRIDT2Jxb9xNw46FZJl6FrSaqeUPzUH9us63LBW619xwhdJ1_btYrjbPQunMf3NF0uYUGuBel8KGPuj0UP2TEA87yGJ4vfv91ptSf-HhaNdm_MXb9TjS0WbJdWJ8stWXE1mU9fUhpYsu5BPMdGFxX5OIONvRsYrhU3uRz0wLhITxe47tmIg5GLwQ3TZm5yaYBAwh98TAguFR4wlaBPeUxfJQaa3BKtFq9ZdRvMXwnIf9RCLQplAgZeLzSb65rtqcbMl1YBcyCqRgxeUGZC9rEDKC0K2GVezhuyC_WbwEUE49Z1PbWqQ9UTWUbeUeI0io-tcEHgOLIjTtlnjLRCJVw4HW7PZDBW8zRG0KuIoktk5SO6tuVPpCo6Nu2cImVh9F0fAhfEXdwdWLBWbFlZcVMbiwNIjw6LxgmSkej-YMGOyCrAbSIRpINU_MZmMkJbwZw-LsSiVlruqBPsXH_Q8wrBEQenDHuozEdl57zR9pXwZdEAT6KTzZx86ri7ZYpJN3MwDmwWpcbGFV37J1k5r47MElpXQrhBG-RVggOpFbL8HZ6A6Qm4RZGeXycWiw0s6X8gc8Tv9qs6TQxUl5kozsA5ouvrrHQ_AbROqcSVW1w0rpuUm74PAqdWQkEov7Flpm-4Y8WU6i8UlX1x7jQKpEdLSRE6KHQWUnfEseE5Pav-382hAvER3pN319XMPXu4MJFvc2vtj4KbcWJhFvLqSb0yQEr65BV-CtxnYC-YaovebEHSM5IAoa_uPVjKdy4iQMBs_QCl---qIu1oSKzYSw_bGrgxIGi3Extzm6wfM-mf-quIXyoULTYKgj_Bbd7tOsyX1eUDWXUD7_np8mMYx52f_na4YJ8ECS7xvgNh_LNxUVWtoysSw7ZRzfTxvrXknvJk7EA4ZGuY64800q_vEOQvW0no0BuWSkU41&kw=&mw=300&mh=250&cu=

172.66.43.59

302 Found

418 B

URL GET HTTP/3
twinrdsrv.com/Redirect.eng?MediaSegmentId=32780&dcid=3_ctx_bdae56cf-a17b-45b4-bdfc-0e0b3a08137a&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=PB84Z5nOlUxbQb25ievREVgnDVOkv3mOZLsYJXTEkMyD57uDPsSuEJReYBDgoGUK4Yhr3Wt4VwRIDT2Jxb9xNw46FZJl6FrSaqeUPzUH9us63LBW619xwhdJ1_btYrjbPQunMf3NF0uYUGuBel8KGPuj0UP2TEA87yGJ4vfv91ptSf-HhaNdm_MXb9TjS0WbJdWJ8stWXE1mU9fUhpYsu5BPMdGFxX5OIONvRsYrhU3uRz0wLhITxe47tmIg5GLwQ3TZm5yaYBAwh98TAguFR4wlaBPeUxfJQaa3BKtFq9ZdRvMXwnIf9RCLQplAgZeLzSb65rtqcbMl1YBcyCqRgxeUGZC9rEDKC0K2GVezhuyC_WbwEUE49Z1PbWqQ9UTWUbeUeI0io-tcEHgOLIjTtlnjLRCJVw4HW7PZDBW8zRG0KuIoktk5SO6tuVPpCo6Nu2cImVh9F0fAhfEXdwdWLBWbFlZcVMbiwNIjw6LxgmSkej-YMGOyCrAbSIRpINU_MZmMkJbwZw-LsSiVlruqBPsXH_Q8wrBEQenDHuozEdl57zR9pXwZdEAT6KTzZx86ri7ZYpJN3MwDmwWpcbGFV37J1k5r47MElpXQrhBG-RVggOpFbL8HZ6A6Qm4RZGeXycWiw0s6X8gc8Tv9qs6TQxUl5kozsA5ouvrrHQ_AbROqcSVW1w0rpuUm74PAqdWQkEov7Flpm-4Y8WU6i8UlX1x7jQKpEdLSRE6KHQWUnfEseE5Pav-382hAvER3pN319XMPXu4MJFvc2vtj4KbcWJhFvLqSb0yQEr65BV-CtxnYC-YaovebEHSM5IAoa_uPVjKdy4iQMBs_QCl---qIu1oSKzYSw_bGrgxIGi3Extzm6wfM-mf-quIXyoULTYKgj_Bbd7tOsyX1eUDWXUD7_np8mMYx52f_na4YJ8ECS7xvgNh_LNxUVWtoysSw7ZRzfTxvrXknvJk7EA4ZGuY64800q_vEOQvW0no0BuWSkU41&kw=&mw=300&mh=250&cu=
IP
172.66.43.59:443
ASN
#13335 CLOUDFLARENET

Requested by
https://game.starswalker.site/api/spots/322254?p=1&s1=%subid1%&kw=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint44:DC:AB:AD:02:68:C6:90:3B:A8:AF:E2:FD:7E:D7:F2:0E:5D:AC:2E
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (346), with CRLF line terminators
Size
418 B (418 bytes)
Hash
306463cb2462308ade8313fda5cf2aef
b21d6530ffb7410c0d47f19e63ccaa05a8033fc9
346cb7cd51cfcee45fcc5d6ea1241d63aa05c31ba98168994dc06fe6f00f2988

HTTP Headers

GET /Redirect.eng?MediaSegmentId=32780&dcid=3_ctx_bdae56cf-a17b-45b4-bdfc-0e0b3a08137a&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=PB84Z5nOlUxbQb25ievREVgnDVOkv3mOZLsYJXTEkMyD57uDPsSuEJReYBDgoGUK4Yhr3Wt4VwRIDT2Jxb9xNw46FZJl6FrSaqeUPzUH9us63LBW619xwhdJ1_btYrjbPQunMf3NF0uYUGuBel8KGPuj0UP2TEA87yGJ4vfv91ptSf-HhaNdm_MXb9TjS0WbJdWJ8stWXE1mU9fUhpYsu5BPMdGFxX5OIONvRsYrhU3uRz0wLhITxe47tmIg5GLwQ3TZm5yaYBAwh98TAguFR4wlaBPeUxfJQaa3BKtFq9ZdRvMXwnIf9RCLQplAgZeLzSb65rtqcbMl1YBcyCqRgxeUGZC9rEDKC0K2GVezhuyC_WbwEUE49Z1PbWqQ9UTWUbeUeI0io-tcEHgOLIjTtlnjLRCJVw4HW7PZDBW8zRG0KuIoktk5SO6tuVPpCo6Nu2cImVh9F0fAhfEXdwdWLBWbFlZcVMbiwNIjw6LxgmSkej-YMGOyCrAbSIRpINU_MZmMkJbwZw-LsSiVlruqBPsXH_Q8wrBEQenDHuozEdl57zR9pXwZdEAT6KTzZx86ri7ZYpJN3MwDmwWpcbGFV37J1k5r47MElpXQrhBG-RVggOpFbL8HZ6A6Qm4RZGeXycWiw0s6X8gc8Tv9qs6TQxUl5kozsA5ouvrrHQ_AbROqcSVW1w0rpuUm74PAqdWQkEov7Flpm-4Y8WU6i8UlX1x7jQKpEdLSRE6KHQWUnfEseE5Pav-382hAvER3pN319XMPXu4MJFvc2vtj4KbcWJhFvLqSb0yQEr65BV-CtxnYC-YaovebEHSM5IAoa_uPVjKdy4iQMBs_QCl---qIu1oSKzYSw_bGrgxIGi3Extzm6wfM-mf-quIXyoULTYKgj_Bbd7tOsyX1eUDWXUD7_np8mMYx52f_na4YJ8ECS7xvgNh_LNxUVWtoysSw7ZRzfTxvrXknvJk7EA4ZGuY64800q_vEOQvW0no0BuWSkU41&kw=&mw=300&mh=250&cu= HTTP/1.1
Host: twinrdsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/
Cookie: IKSR={}; INF_DFL8=false; IUID=d4059777-3985-4625-b6d1-1ecd855eee66; ISSH=6F9961; VMI=; IPLH=#{}; IPLH_Q=#[]; CHN=#[]; MSSH=#{}; MSRH=#{}; ILP=null; ILPLU=#1/1/0001 12:00:00 AM; ILEALC=#1/1/0001 12:00:00 AM; ILMPF=#False; IPMPLU=#; IPMUID=#; BSWUID=#; IBL=#[]; IPLSH=#{}; IPLSH_Q=#[]; IZH=#{}; IZH_Q=#[]; IMCH=#{}; IMCH_Q=#[]; IMH=#{}; IMH_Q=#[]; ISH=#{}; ISH_Q=#[]; ISPH=#{}; ISPH_Q=#[]; ICH=#{}; ICH_Q=#[]
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Tue, 28 Nov 2023 08:01:28 GMT
content-type: text/html; charset=utf-8
content-length: 418
location: https://twinrdsrv.com/mediahosting.engine?MediaId=55972&AId=9653&CId=23628&PId=40972&SiteId=7001&ZoneId=40582&VolumeMetricId=0297449f-fd3a-44d2-9134-b98d903238ba&PassBackUrl=&res=&dcid=3_ctx_bdae56cf-a17b-45b4-bdfc-0e0b3a08137a&cu=&kw=&mw=300&mh=250
cache-control: private, no-transform
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
INF_DFL8=false; path=/; SameSite=None; secure
IUID=d4059777-3985-4625-b6d1-1ecd855eee66; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure
ISSH=6F9961; path=/; SameSite=None; secure
VMI=0297449f-fd3a-44d2-9134-b98d903238ba; path=/; SameSite=None; secure
IPLH=#{"40972":[{"SId":"6F9961","D":"23/11/28T0:1:27"}]}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IPLH_Q=#[40972]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
CHN=#[]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Tue, 28-Nov-2023 12:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH=#{}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH_Q=#[]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IZH=#{"40582":[{"SId":"6F9961","D":"23/11/28T0:1:27"}]}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IZH_Q=#[40582]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH=#{}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH_Q=#[]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IMH=#{"55972":[{"SId":"6F9961","D":"23/11/28T0:1:27"}]}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IMH_Q=#[55972]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH=#{"7001":[{"SId":"6F9961","D":"23/11/28T0:1:27"}]}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH_Q=#[7001]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
ICH=#{"23628":[{"SId":"6F9961","D":"23/11/28T0:1:27"}]}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
ICH_Q=#[23628]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
p3p: CP="CAO PSA OUR IND"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MI3QfZqlLBIeuXWzW6LIx30YGRdDj8RpxqZ%2BhuebP8ome7ca1VodBjUxYStAtaCEOymdx%2FLkSTVWzNpqXJDGuqS1TRd9m8AHWWgus7lKuWjG%2B%2F2FVS%2BjAyJZeAufy6s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d11545892956c0-OSL
alt-svc: h3=":443"; ma=86400

twinrdsrv.com/mediahosting.engine?MediaId=55972&AId=9653&CId=23628&PId=40972&SiteId=7001&ZoneId=40582&VolumeMetricId=0297449f-fd3a-44d2-9134-b98d903238ba&PassBackUrl=&res=&dcid=3_ctx_bdae56cf-a17b-45b4-bdfc-0e0b3a08137a&cu=&kw=&mw=300&mh=250

172.66.43.59

200 OK

529 B

URL GET HTTP/3
twinrdsrv.com/mediahosting.engine?MediaId=55972&AId=9653&CId=23628&PId=40972&SiteId=7001&ZoneId=40582&VolumeMetricId=0297449f-fd3a-44d2-9134-b98d903238ba&PassBackUrl=&res=&dcid=3_ctx_bdae56cf-a17b-45b4-bdfc-0e0b3a08137a&cu=&kw=&mw=300&mh=250
IP
172.66.43.59:443
ASN
#13335 CLOUDFLARENET

Requested by
https://game.starswalker.site/api/spots/322254?p=1&s1=%subid1%&kw=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint44:DC:AB:AD:02:68:C6:90:3B:A8:AF:E2:FD:7E:D7:F2:0E:5D:AC:2E
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
529 B (529 bytes)
Hash
6c9c02f2833f4e6ba4f2d0e620aa733e
afda6a1ea9ed2d4796800e7c7362d32eccdfdc7d
725d5a9f2bf8607f2784ee3012965420fac8db5a79c258bd29fdbf5e3155a2cc

HTTP Headers

GET /mediahosting.engine?MediaId=55972&AId=9653&CId=23628&PId=40972&SiteId=7001&ZoneId=40582&VolumeMetricId=0297449f-fd3a-44d2-9134-b98d903238ba&PassBackUrl=&res=&dcid=3_ctx_bdae56cf-a17b-45b4-bdfc-0e0b3a08137a&cu=&kw=&mw=300&mh=250 HTTP/1.1
Host: twinrdsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://game.starswalker.site/
DNT: 1
Connection: keep-alive
Cookie: IKSR={}; INF_DFL8=false; IUID=d4059777-3985-4625-b6d1-1ecd855eee66; ISSH=6F9961; VMI=0297449f-fd3a-44d2-9134-b98d903238ba; IPLH=#{"40972":[{"SId":"6F9961","D":"23/11/28T0:1:27"}]}; IPLH_Q=#[40972]; CHN=#[]; MSSH=#{}; MSRH=#{}; ILP=null; ILPLU=#1/1/0001 12:00:00 AM; ILEALC=#1/1/0001 12:00:00 AM; ILMPF=#False; IPMPLU=#; IPMUID=#; BSWUID=#; IBL=#[]; IPLSH=#{}; IPLSH_Q=#[]; IZH=#{"40582":[{"SId":"6F9961","D":"23/11/28T0:1:27"}]}; IZH_Q=#[40582]; IMCH=#{}; IMCH_Q=#[]; IMH=#{"55972":[{"SId":"6F9961","D":"23/11/28T0:1:27"}]}; IMH_Q=#[55972]; ISH=#{}; ISH_Q=#[]; ISPH=#{"7001":[{"SId":"6F9961","D":"23/11/28T0:1:27"}]}; ISPH_Q=#[7001]; ICH=#{"23628":[{"SId":"6F9961","D":"23/11/28T0:1:27"}]}; ICH_Q=#[23628]
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:28 GMT
content-type: text/html; charset=utf-8
content-length: 529
cache-control: private, no-transform
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
INF_DFL8=false; path=/; SameSite=None; secure
IUID=d4059777-3985-4625-b6d1-1ecd855eee66; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure
ISSH=6F9961; path=/; SameSite=None; secure
VMI=0297449f-fd3a-44d2-9134-b98d903238ba; path=/; SameSite=None; secure
IPLH=#{"40972":[{"SId":"6F9961","D":"23/11/28T0:1:27"}]}; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
IPLH_Q=#[40972]; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
CHN=#[]; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Tue, 28-Nov-2023 12:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH=#{}; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH_Q=#[]; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
IZH=#{"40582":[{"SId":"6F9961","D":"23/11/28T0:1:27"}]}; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
IZH_Q=#[40582]; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH=#{}; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH_Q=#[]; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
IMH=#{"55972":[{"SId":"6F9961","D":"23/11/28T0:1:27"}]}; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
IMH_Q=#[55972]; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{}; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[]; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH=#{"7001":[{"SId":"6F9961","D":"23/11/28T0:1:27"}]}; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH_Q=#[7001]; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
ICH=#{"23628":[{"SId":"6F9961","D":"23/11/28T0:1:27"}]}; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
ICH_Q=#[23628]; expires=Mon, 28-Nov-2033 08:01:28 GMT; path=/; SameSite=None; secure; HttpOnly
p3p: CP="CAO PSA OUR IND"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H78gCpdad5v8CXwEj8QYmbaIPfqAGEuN0E0teYiP7fSuA4BVbymZMQnbweq5hX1MAJq3olhXakQkQkd0e9nKytApx837sUXSYjRRYyr0neRkcfrjzUz7ZMPqIXuwlPY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d11546a9f656c0-OSL
alt-svc: h3=":443"; ma=86400

game.starswalker.site/api/spots/334568?p=1&s1=%subid1%&kw=

135.181.208.216

200 OK

4.8 kB

URL GET HTTP/2
game.starswalker.site/api/spots/334568?p=1&s1=%subid1%&kw=
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type
gzip compressed data, from Unix\012- data
Size
4.8 kB (4773 bytes)
Hash
14a2ecc9208c9f739b505e652c27bfa8
a498e1313ea243dfdb411fbf6e5da7f64b8416e8
c97c51d3aa99927322491258191d4a1893d55062f69c5ca11f7b3f5f7ffa0d68

HTTP Headers

GET /api/spots/334568?p=1&s1=%subid1%&kw= HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: nauid=oKHZPVhpUvcthZshRKA0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

ads.traffichunt.com/adx-dir-d/servlet/WebF_AdManager.AdDecision?aid=7149110&reqin=iframe&w=300&h=250&adpos=atf&nid=3&cb=&ref=&click_ext=03b871b6-4715-4ab4-97ba-9206c479267d&zone_ext=40582&placements=40972

35.153.234.182

200 OK

455 kB

URL GET HTTP/2
ads.traffichunt.com/adx-dir-d/servlet/WebF_AdManager.AdDecision?aid=7149110&reqin=iframe&w=300&h=250&adpos=atf&nid=3&cb=&ref=&click_ext=03b871b6-4715-4ab4-97ba-9206c479267d&zone_ext=40582&placements=40972
IP
35.153.234.182:443
ASN
#14618 AMAZON-AES

Requested by
https://twinrdsrv.com/mediahosting.engine?MediaId=55972&AId=9653&CId=23628&PId=40972&SiteId=7001&ZoneId=40582&VolumeMetricId=0297449f-fd3a-44d2-9134-b98d903238ba&PassBackUrl=&res=&dcid=3_ctx_bdae56cf-a17b-45b4-bdfc-0e0b3a08137a&cu=&kw=&mw=300&mh=250
Certificate
IssuerAmazon
Subjecttraffichunt.com
FingerprintD8:B4:A1:3D:85:21:45:F2:97:72:97:8D:E4:59:97:85:1C:48:8F:A0
ValidityWed, 28 Jun 2023 00:00:00 GMT - Sat, 27 Jul 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
455 kB (454556 bytes)
Hash
a1a8c45aab89971871dc1eb43f26ea88
ef01aefcb61397d76b6a3a3e66ebdbe377ef468a
facb63a57fa44230c13a89287b168582e716b78879a97b5f034c86dec8de2fe2

HTTP Headers

GET /adx-dir-d/servlet/WebF_AdManager.AdDecision?aid=7149110&reqin=iframe&w=300&h=250&adpos=atf&nid=3&cb=&ref=&click_ext=03b871b6-4715-4ab4-97ba-9206c479267d&zone_ext=40582&placements=40972 HTTP/1.1
Host: ads.traffichunt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://twinrdsrv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:28 GMT
content-type: text/html;charset=ISO-8859-1
server: nginx
vary: Accept-Encoding
expires: Sat, 1 May 2020 12:00:00 GMT
cache-control: no-cache, must-revalidate
set-cookie: new_adx_profile_guid=dfd02c8e-f794-4d96-a334-26bf1bab1540;Max-Age=7776000;path=/;SameSite=None; Secure
new_tr_done=1;Max-Age=7776000;path=/;SameSite=None; Secure
adx_profile_guid=dfd02c8e-f794-4d96-a334-26bf1bab1540; path=/; Max-Age=7776000; Expires=Mon, 26-Feb-2024 08:01:28 GMT
tr_done=1; path=/; Max-Age=7776000; Expires=Mon, 26-Feb-2024 08:01:28 GMT
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.157.203.0

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.157.203.0:443
ASN
#16509 AMAZON-02

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
81ff6df01f45a2f5df44c747936d9ff9
147b7fbe4bc03294fa7507bd29e09d3ec3d55f27
0cb4b52daadc299c49518e3591efc33d9edd2a073c247cb12fecf2a453cb73da

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: uid_id2=ef50e7a2-358e-47c3-bd56-67647502ad04:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:29 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.porngo.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.157.203.0

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.157.203.0:443
ASN
#16509 AMAZON-02

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
81ff6df01f45a2f5df44c747936d9ff9
147b7fbe4bc03294fa7507bd29e09d3ec3d55f27
0cb4b52daadc299c49518e3591efc33d9edd2a073c247cb12fecf2a453cb73da

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: uid_id2=ef50e7a2-358e-47c3-bd56-67647502ad04:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:29 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.porngo.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

a.orbsrv.com/nativeads-v2.js

185.76.9.24

200 OK

45 kB

URL GET HTTP/2
a.orbsrv.com/nativeads-v2.js
IP
185.76.9.24:443
ASN
#60068 Datacamp Limited

Requested by
https://game.starswalker.site/api/spots/334568?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectorbsrv.com
FingerprintC1:06:45:A2:28:F1:95:0E:76:B9:25:AE:56:75:E5:60:63:2E:D3:34
ValidityThu, 05 Oct 2023 15:32:45 GMT - Wed, 03 Jan 2024 15:32:44 GMT

File type
C source, ASCII text, with very long lines (45102), with no line terminators
Size
45 kB (45102 bytes)
Hash
1f686e1c6bcebb5e374faa753c815853
e68a7f45c795e88664b19e38bb94617467ffdbe0
dd81e1adbb0a938b11f3e4f00fd09074038533831e65612fe54a2965722af36f

HTTP Headers

GET /nativeads-v2.js HTTP/1.1
Host: a.orbsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"e68a7f45c795e88664b19e38bb9"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 27 Nov 2023 13:29:51 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3lAUAAAwBuUwKAQH3BwAAAAwBJRPCKAH3swEAAA
x-77-nzt-ray: af58563070c1717e539e656523a35a15
x-accel-expires: @1701167854
x-accel-date: 1701157055
x-77-cache: HIT
x-77-age: 1870
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 7, 1428
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

dismantlepenantiterrorist.com/pxf.gif?uuid=&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=ea8af9849c3d36f72e75ff80972b12c1&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8

0.0.0.0

0 B

URL GET
dismantlepenantiterrorist.com/pxf.gif?uuid=&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=ea8af9849c3d36f72e75ff80972b12c1&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=ea8af9849c3d36f72e75ff80972b12c1&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: dismantlepenantiterrorist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

addresseepaper.com/sfp.js

0.0.0.0

0 B

URL GET
addresseepaper.com/sfp.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

dismantlepenantiterrorist.com/pxf.gif?uuid=&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=85db787a4a3e73b8bf155706edc5904b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8

0.0.0.0

0 B

URL GET
dismantlepenantiterrorist.com/pxf.gif?uuid=&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=85db787a4a3e73b8bf155706edc5904b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=85db787a4a3e73b8bf155706edc5904b&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: dismantlepenantiterrorist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/css/style.css

172.64.109.10

200 OK

9.2 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/css/style.css
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text, with very long lines (9771), with no line terminators
Size
9.2 kB (9193 bytes)
Hash
3bf44c419c27c2507bc1b009469c4482
b645016017cbba34b71497b76eb2a89ea7d54839
dca224015fb9353a013d68f8d9c8d5e028940fd9f0750e17b4dc66fb620dd64a

HTTP Headers

GET /sb/ssp/notifications/text_bubble/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 11:09:04 GMT
etag: W/"62cd5650-23e9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2244853
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AsihTw8GOqN7vWsqNeiKMMjdcEyGwBcNy3DLcbPWhrdQJLBPq%2Bh2vAdqi7z7NmNjzzcuAqQwwOCvJsSF5SZcha9V5LewTZnMNWWgywyM5U4a7E9kR4MI%2BhuaoAYEFNdvNLK5lsSEPp%2BI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1153dfd45888f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

game.starswalker.site/api/users/18306545902354519095/1636025?fill=0&kw=Anal,Threesome,Squirt,squirting,ffm,TUSHY,tushy.com,Karla%20Kush,Arya%20Fae,Jean%20Val%20Jean

135.181.208.216

200 OK

2.0 kB

URL GET HTTP/2
game.starswalker.site/api/users/18306545902354519095/1636025?fill=0&kw=Anal,Threesome,Squirt,squirting,ffm,TUSHY,tushy.com,Karla%20Kush,Arya%20Fae,Jean%20Val%20Jean
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type
XML document, ASCII text, with very long lines (2024), with no line terminators
Size
2.0 kB (1976 bytes)
Hash
980b0d8b00aef89a48b2f63c47d64407
639402485a40a8aad1c32537762384062c72de10
8151f04e5c39786d802a2b4cbd0ed4cd05f75a15206541ce54ff75263a14dbf6

HTTP Headers

GET /api/users/18306545902354519095/1636025?fill=0&kw=Anal,Threesome,Squirt,squirting,ffm,TUSHY,tushy.com,Karla%20Kush,Arya%20Fae,Jean%20Val%20Jean HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.porngo.com/
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Cookie: nauid=oKHZPVhpUvcthZshRKA0; asgfp=e19e1989b72653a7152c87a7240d524a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://www.porngo.com
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

game.starswalker.site/api/settings/377389

135.181.208.216

200 OK

33 B

URL GET HTTP/2
game.starswalker.site/api/settings/377389
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
33 B (33 bytes)
Hash
511ff610a0435434dd22a4836719fbb3
0cf692a9ecb6dd3d715e3315e0eeccc1c384f0c3
d090111da31c837d965f1dcf49b00a53cf41686d0913627f78c5ff36d693c6d0

HTTP Headers

GET /api/settings/377389 HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.porngo.com/
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

i.wmgtr.com/cim/fQGdkCqPGvKCgjtfINqwhFuDvEfMKFtB.png

0.0.0.0

0 B

URL GET
i.wmgtr.com/cim/fQGdkCqPGvKCgjtfINqwhFuDvEfMKFtB.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecti.wmgtr.com
FingerprintEC:B5:1E:3E:A4:6B:92:23:E2:9E:1E:FC:99:58:59:8E:23:DD:C1:25
ValidityMon, 23 Oct 2023 00:02:20 GMT - Sun, 21 Jan 2024 00:02:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cim/fQGdkCqPGvKCgjtfINqwhFuDvEfMKFtB.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: image/png
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
content-encoding: gzip
cache-control: max-age=82800
expires: Wed, 29 Nov 2023 07:01:26 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

game.starswalker.site/api/users/456453?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25

135.181.208.216

200 OK

571 B

URL GET HTTP/2
game.starswalker.site/api/users/456453?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type
ASCII text, with very long lines (645), with no line terminators
Size
571 B (571 bytes)
Hash
f478457477a597819ad354ba7c5aaec6
c979bab6cf44b47cdbbdfe5b288c11195e2a0181
217ca3c8ca695d3353b3fccc3675e65ed73144e0da40239fba591caf9683c593

HTTP Headers

GET /api/users/456453?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25 HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: nauid=oKHZPVhpUvcthZshRKA0; asgfp=e19e1989b72653a7152c87a7240d524a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: asgfp=e19e1989b72653a7152c87a7240d524a; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

u3y8v8u4.aucdn.net/library/141372/6cd24d808261c873b3b7f7b37084a81c19d22c62.mp4

185.76.9.16

206 Partial Content

5.7 MB

URL GET HTTP/2
u3y8v8u4.aucdn.net/library/141372/6cd24d808261c873b3b7f7b37084a81c19d22c62.mp4
IP
185.76.9.16:443
ASN
#60068 Datacamp Limited

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT

File type

Size
5.7 MB (5746421 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /library/141372/6cd24d808261c873b3b7f7b37084a81c19d22c62.mp4 HTTP/1.1
Host: u3y8v8u4.aucdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: video/mp4
content-length: 5746421
last-modified: Thu, 04 May 2023 14:21:01 GMT
etag: "6453bf4d-57aef5"
expires: Thu, 16 May 2024 10:01:03 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH3g/YAAQ
x-77-nzt-ray: c0a4cc283864c63f569e6565ccb2190c
x-accel-expires: @1715854163
x-accel-date: 1684318163
x-cache-lb: HIT
x-age-lb: 16840323
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 16840323
content-range: bytes 0-5746420/5746421
X-Firefox-Spdy: h2

b-hls-09.doppiocdn.com/hls/85253216/85253216_160p_399_gtZXJ5ITsdIBHWwF_1701158480.mp4

104.18.63.122

200 OK

94 kB

URL GET HTTP/3
b-hls-09.doppiocdn.com/hls/85253216/85253216_160p_399_gtZXJ5ITsdIBHWwF_1701158480.mp4
IP
104.18.63.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
data
Size
94 kB (93824 bytes)
Hash
c6641b87079f31d00a19fb53e7ebbd24
664adc6dc5ad9c713de2b2e7f55a2a57e874cc27
2562a4de226e929165c047ae8af597b49da262c3bfcaf841b13e7224016e53be

HTTP Headers

GET /hls/85253216/85253216_160p_399_gtZXJ5ITsdIBHWwF_1701158480.mp4 HTTP/1.1
Host: b-hls-09.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: video/mp4
content-length: 93824
last-modified: Tue, 28 Nov 2023 08:01:21 GMT
etag: "65659e51-16e80"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d115375ca55685-OSL
alt-svc: h3=":443"; ma=86400

game.starswalker.site/api/users/309154?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25

135.181.208.216

200 OK

731 B

URL GET HTTP/2
game.starswalker.site/api/users/309154?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type
ASCII text, with very long lines (783), with no line terminators
Size
731 B (731 bytes)
Hash
da0a501642806b2710b8c5e36a5b1930
a1dd8faddffc0d63fcbd3f0067a17d16a095d92a
f579b816bcb87d2551a2504cb2b12d5fbd82339bf1fac5fcc8bda20d051a0bc0

HTTP Headers

GET /api/users/309154?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25 HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: nauid=oKHZPVhpUvcthZshRKA0; asgfp=e19e1989b72653a7152c87a7240d524a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: asgfp=e19e1989b72653a7152c87a7240d524a; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

game.starswalker.site/api/spots/322254?p=1&s1=%subid1%&kw=

135.181.208.216

200 OK

16 kB

URL GET HTTP/2
game.starswalker.site/api/spots/322254?p=1&s1=%subid1%&kw=
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (3199)
Size
16 kB (16234 bytes)
Hash
30e53bdbc9d2b5b7ce0fb0f66f0f390a
bcb22f2657b4fce3cc2055bc4530701a35adacd7
6c59f8f3e555193c63df57e41ac87cd4f6cb7ea0033ccd2e7aa023f3a9050b2e

HTTP Headers

GET /api/spots/322254?p=1&s1=%subid1%&kw= HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: nauid=oKHZPVhpUvcthZshRKA0; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

twinrdsrv.com/banner.engine?id=aabdf405-363f-4e9e-b903-da4d77c69444&z=40582&cid=b9c&rand=65527&ver=async&time=0&referrerurl=https%3A%2F%2Fwww.porngo.com%2F&abr=false&curl=https%3A%2F%2Fwww.porngo.com%2F

0.0.0.0

0 B

URL GET
twinrdsrv.com/banner.engine?id=aabdf405-363f-4e9e-b903-da4d77c69444&z=40582&cid=b9c&rand=65527&ver=async&time=0&referrerurl=https%3A%2F%2Fwww.porngo.com%2F&abr=false&curl=https%3A%2F%2Fwww.porngo.com%2F
IP
0.0.0.0:0
ASN
#0

Requested by
https://game.starswalker.site/api/spots/322254?p=1&s1=%subid1%&kw=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint44:DC:AB:AD:02:68:C6:90:3B:A8:AF:E2:FD:7E:D7:F2:0E:5D:AC:2E
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /banner.engine?id=aabdf405-363f-4e9e-b903-da4d77c69444&z=40582&cid=b9c&rand=65527&ver=async&time=0&referrerurl=https%3A%2F%2Fwww.porngo.com%2F&abr=false&curl=https%3A%2F%2Fwww.porngo.com%2F HTTP/1.1
Host: twinrdsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:27 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
INF_DFL8=false; path=/; SameSite=None; secure
IUID=d4059777-3985-4625-b6d1-1ecd855eee66; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure
ISSH=6F9961; path=/; SameSite=None; secure
VMI=; path=/; SameSite=None; secure
IPLH=#{}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IPLH_Q=#[]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
CHN=#[]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Tue, 28-Nov-2023 12:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH=#{}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH_Q=#[]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IZH=#{}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IZH_Q=#[]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH=#{}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH_Q=#[]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IMH=#{}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
IMH_Q=#[]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH=#{}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH_Q=#[]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
ICH=#{}; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
ICH_Q=#[]; expires=Mon, 28-Nov-2033 08:01:27 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Q9xZUcE%2BSxtAQDMkec3Ii1ty4%2FwrilP3LqZM0DPKe1W8vCjQjSLlMBbaWRFBapDISCJ2Ihvb5wF6tVed6spxGEJglCrURD3w%2BTeOkRpBcXHJGwM74RKQ89tda3ADqU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d11529483156c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

game.starswalker.site/api/spots/329581?p=1&s1=%subid1%&kw=

135.181.208.216

200 OK

14 kB

URL GET HTTP/2
game.starswalker.site/api/spots/329581?p=1&s1=%subid1%&kw=
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (710)
Size
14 kB (13564 bytes)
Hash
b40fa4479a75d0fcb274b809f2602afd
600f1f86cf67d028965c7a43eef1a8d4c1bb223c
47db614aa132056fc2c98ed7db312384c16afa5466791c12dbb1186d1ef0d3a0

HTTP Headers

GET /api/spots/329581?p=1&s1=%subid1%&kw= HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: nauid=sSCpBI5OSwVgKeqRjDoM; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

static-assets.highwebmedia.com/images/ico-female.svg?818c9c4c368f

104.16.93.42

200 OK

7.4 kB

URL GET HTTP/3
static-assets.highwebmedia.com/images/ico-female.svg?818c9c4c368f
IP
104.16.93.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
Certificate
IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7906), with no line terminators
Size
7.4 kB (7425 bytes)
Hash
438fae82cab2508845253c1fa4013bb3
db555dee3168fa00db1ab11a644d01e526e869eb
8d240bf814c7966017151fe029955d1394a4b57f6a67b21319b36816a42d1fa4

HTTP Headers

GET /images/ico-female.svg?818c9c4c368f HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/CACHE/css/output.fe3e9fec3a8e.css
Cookie: _cfuvid=i3203DOo7ok3TXkQ99bUt956hbHkMbEnJsVIFQ2YCYo-1701158485010-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: image/svg+xml
x-amz-id-2: dmFowCHE53I0r5gdVNgZ4u8zarsxJCe00VU727swliUbpE02w96UPHVcbYHYw+YR6lNPBj+VrNdJWGPMzGa4Fg==
x-amz-request-id: 5G8RSRJTDTDKY2PA
last-modified: Tue, 09 Mar 2021 22:37:01 GMT
etag: W/"304b64c8f4b6c7e0c36c86b419151c45"
x-amz-meta-s3cmd-attrs: md5:304b64c8f4b6c7e0c36c86b419151c45
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 533445
expires: Thu, 28 Dec 2023 08:01:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTomzsiY6d9jDEarejF%2F0DyXSO8OOMwMfKen9UCBOdlpR1tsILNgqGR3Pro5uXi6jR2DAomZhfVAoi1U9woSuFvArRQHgtWQwF%2FwJi0etKaeVzF2UGd%2BdYd8MFvwIwOwnE4nX%2BHd%2BNWtdXd6iciq9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d115341eaf7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

game.starswalker.site/api/users/18306545902354519095/1636037?fill=0&kw=Anal,Threesome,Squirt,squirting,ffm,TUSHY,tushy.com,Karla%20Kush,Arya%20Fae,Jean%20Val%20Jean

135.181.208.216

200 OK

1.6 kB

URL GET HTTP/2
game.starswalker.site/api/users/18306545902354519095/1636037?fill=0&kw=Anal,Threesome,Squirt,squirting,ffm,TUSHY,tushy.com,Karla%20Kush,Arya%20Fae,Jean%20Val%20Jean
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type
XML document, ASCII text, with very long lines (1656), with no line terminators
Size
1.6 kB (1608 bytes)
Hash
38a74f2193f3da704486bd7899c3c4f7
aef9338c8366582cc5ed09fb643fa43fcccb8004
49eebe9bad260e5d9e5990348624a5b35335b00aef26dcb7cf1e9cb1e2049ff1

HTTP Headers

GET /api/users/18306545902354519095/1636037?fill=0&kw=Anal,Threesome,Squirt,squirting,ffm,TUSHY,tushy.com,Karla%20Kush,Arya%20Fae,Jean%20Val%20Jean HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.porngo.com/
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Cookie: nauid=oKHZPVhpUvcthZshRKA0; asgfp=e19e1989b72653a7152c87a7240d524a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://www.porngo.com
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

nr.static.mmcdn.com/nr-spa-1.248.0.min.js

104.18.202.4

200 OK

89 kB

URL GET HTTP/2
nr.static.mmcdn.com/nr-spa-1.248.0.min.js
IP
104.18.202.4:443
ASN
#13335 CLOUDFLARENET

Requested by
https://chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
Certificate
IssuerDigiCert Inc
Subject*.mmcdn.com
Fingerprint56:66:86:E9:41:03:24:7E:1E:95:3F:2C:72:1D:B4:AF:6C:E1:4E:DC
ValidityThu, 09 Nov 2023 00:00:00 GMT - Wed, 04 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65460)
Size
89 kB (89180 bytes)
Hash
9aea0ff91a800a354637269e96e31dac
ceb0cc8b702e80d4569b15c7c1d65b45a698b38f
8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a

HTTP Headers

GET /nr-spa-1.248.0.min.js HTTP/1.1
Host: nr.static.mmcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Origin: https://chaturbate.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: application/javascript
cf-ray: 82d115366b0a56a9-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 182382
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
etag: W/"9aea0ff91a800a354637269e96e31dac"
last-modified: Thu, 16 Nov 2023 17:54:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 varnish
cross-origin-resource-policy: cross-origin
x-amz-id-2: VB2MtRC/mw1/DdKZFe2SaAEbdF0y9hHbj3EECqH/m/Z0BSDX6WijbZYdUoYy4fea13jDClTG1nI=
x-amz-request-id: GKSEA1BWXW3X5PCH
x-amz-server-side-encryption: AES256
x-amz-version-id: WdicPIzDGJD8og5dR8sXZo1iUf3RkEzi
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-bma1671-BMA
x-timer: S1700159363.671653,VS0,VE473
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/js/jquery.min.js

172.64.109.10

200 OK

90 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/js/jquery.min.js
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text, with very long lines (65451)
Size
90 kB (89492 bytes)
Hash
561acb3e541133bbdd2c0c19f8ee35a1
ffd1353cf3f77d25f801c84d8208613eb0d3d548
9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc

HTTP Headers

GET /sb/ssp/notifications/text_bubble/2/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: application/javascript
last-modified: Tue, 12 Jul 2022 10:56:19 GMT
etag: W/"62cd5353-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 916179
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3zH77b7PW%2FHB9fqqHQPJmjQBtXi0S11yoM4n%2FABdNPGnR4VXhD0saQkF1569Msj0p8kICwQuinkoxBpkHw9RV4Gmii%2F7%2Bq%2BXfiEOFgUmriOymAgi4iVHbmvhN1XxPdQjKH%2B6Z567wr%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1153e0e196385-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dismantlepenantiterrorist.com/pxf.gif?uuid=&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=101f34fe74998c687adf688cf98d4808&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8

0.0.0.0

0 B

URL GET
dismantlepenantiterrorist.com/pxf.gif?uuid=&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=101f34fe74998c687adf688cf98d4808&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=&eb=18b30c6599f2cc55a4e95ff938f1022d&te=baea64896a02d34b4567f77c6840ba09&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=101f34fe74998c687adf688cf98d4808&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: dismantlepenantiterrorist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0

104.18.101.40

200 OK

61 kB

URL GET HTTP/2
chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
IP
104.18.101.40:443
ASN
#13335 CLOUDFLARENET

Requested by
https://camschat.net/300100/adnium.htm
Certificate
IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type

Size
61 kB (61284 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0 HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://camschat.net/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Algo1j6evJ1nTmlju0MCHLkIgwgAx8zePFcB4026xK8-1701158484-0-AcyQLOdFeI5FN/HvyOWdE5nNshKFAp1msWVR24iIxTDnOZdZymHF10JMdHkHdMxV5EALPHxGNs6qXYURSkZtl8E=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Language, Cookie
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-language: en
content-security-policy: default-src 'self';  script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.static.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://*.googletagmanager.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js https://static.hotjar.com https://script.hotjar.com ;  style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://static.hotjar.com https://script.hotjar.com;  img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://*.googletagmanager.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ;  font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ;  connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://analytics.google.com https://*.analytics.google.com https://*.googletagmanager.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com ;  media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://storage.googleapis.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com;  object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ;  frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com https://directory-live.cb.dev https://*.web.cb.dev ;  child-src 'self' blob: blob ;  worker-src 'self' blob: blob ;  form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://saas-onboarding.incodesmile.com https://smartpay.coinsmart.com https://crypto-payments.net https://secure.paygarden.com ;  manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ;  report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
cache-control: no-cache
set-cookie: affkey="eJyrVipSslJQyigpKSi20tdPTswtTs5ILNHLSy3RV6oFAJUzCgA="; Domain=.chaturbate.com; expires=Thu, 28 Dec 2023 08:01:24 GMT; Max-Age=2592000; Path=/
sbr=sec:sbr07063960-8169-4288-81b5-461529d3f13f:1r7t24:_qfq1bfsL6o85sctJtYez8BjmgU; Domain=.chaturbate.com; expires=Sun, 23 Aug 2026 08:01:24 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82d11530ee855687-OSL
content-encoding: br
X-Firefox-Spdy: h2

creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500

104.18.59.150

200 OK

811 B

URL GET HTTP/2
creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://camschat.net/300100/adnium.htm
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (872), with no line terminators
Size
811 B (811 bytes)
Hash
c72e056cd01671e0e53e1be37e5b29ec
44d2211f84a922401458d095aa595a3320040c96
5609d268dd4d7959a25a6a7f3c8ec2c1c4f93f54819a1623dfc4bc46bb0084e0

HTTP Headers

GET /widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500 HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: text/html
last-modified: Thu, 23 Nov 2023 14:37:17 GMT
expires: Tue, 28 Nov 2023 08:01:18 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age":  1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: HIT
age: 10
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1152f5f7e5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

creative.bbrdbr.com/widgets/v4/Universal/lang/en.json

104.18.59.150

200 OK

172 B

URL GET HTTP/3
creative.bbrdbr.com/widgets/v4/Universal/lang/en.json
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
172 B (172 bytes)
Hash
402f4a06b5dcf96d25dd4ff1f840784b
edebb253af01ef1882f424ee6278368485898d62
bd570b38d9d687c593545a7b250570605c601381f3d3d5263346b295e12a55ba

HTTP Headers

GET /widgets/v4/Universal/lang/en.json HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: application/json
last-modified: Thu, 23 Nov 2023 14:37:17 GMT
etag: W/"655f639d-ac"
expires: Tue, 28 Nov 2023 08:01:09 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 10
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d115312ea756c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

prhzxq.com/wnrw?aid=12394019774751589105&a=1

185.162.85.2

200 OK

0 B

URL GET HTTP/2
prhzxq.com/wnrw?aid=12394019774751589105&a=1
IP
185.162.85.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectprhzxq.com
FingerprintAF:E4:1D:E8:DA:E7:CB:59:A8:A1:F6:FC:7B:22:BD:88:80:FA:14:B0
ValidityFri, 15 Sep 2023 17:07:53 GMT - Thu, 14 Dec 2023 17:07:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wnrw?aid=12394019774751589105&a=1 HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.porngo.com/
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 28 Nov 2023 08:01:25 GMT
content-length: 0
access-control-allow-origin: https://www.porngo.com
X-Firefox-Spdy: h2

www.porngo.com/js/kvs/main.min.js

104.21.234.90

200 OK

280 kB

URL GET HTTP/2
www.porngo.com/js/kvs/main.min.js
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type

Size
280 kB (279808 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/kvs/main.min.js HTTP/1.1
Host: www.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: application/javascript
last-modified: Mon, 20 Jan 2020 14:04:39 GMT
vary: Accept-Encoding
etag: W/"5e25b377-44500"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 111334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezvfLSvJTDrxxijiS9pOItJ5XFdmPPxlfGRDKZ%2Fah0IAMdyVtP8eK2ghmciXVRG9c%2B3BCryusdn9SOmoIN%2BrdF5HJW71RZzB7%2BH3r67VM9CaAMF%2FnMnpG9%2Fu1wE5njT2cw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1151def88d91a-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xngqoc.com/admc?a=2&pid=1150082&sid=1195199&wid=439938&fp=4cb725660c43031e3b06c75892d96c5a&f=8&tz=0

0.0.0.0

0 B

URL GET
xngqoc.com/admc?a=2&pid=1150082&sid=1195199&wid=439938&fp=4cb725660c43031e3b06c75892d96c5a&f=8&tz=0
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /admc?a=2&pid=1150082&sid=1195199&wid=439938&fp=4cb725660c43031e3b06c75892d96c5a&f=8&tz=0 HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.porngo.com/
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

img.strpst.com/thumbs/1701158430/85253216_webp

104.18.63.124

200 OK

6.5 kB

URL GET HTTP/2
img.strpst.com/thumbs/1701158430/85253216_webp
IP
104.18.63.124:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Certificate
IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 270x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.5 kB (6536 bytes)
Hash
8e4ccd605433dcc37d110e6bc6bfc721
6ef79f13e254d945c4549c6c8633beca3f7faad0
41896aebb2e4cecbb1723a6b3c6236f5d5f306daf1dbed8aa579f2b024b0b209

HTTP Headers

GET /thumbs/1701158430/85253216_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: image/webp
content-length: 6536
etag: "8e4ccd605433dcc37d110e6bc6bfc721"
last-modified: Tue, 28 Nov 2023 07:59:58 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 59
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d115335d44b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.porngo.com/extension/aine/in_pr_2611.php?s=1701158489386.0.7991314251575288

104.21.234.90

200 OK

176 B

URL GET HTTP/2
www.porngo.com/extension/aine/in_pr_2611.php?s=1701158489386.0.7991314251575288
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
HTML document text\012- troff or preprocessor input, ASCII text, with no line terminators
Size
176 B (176 bytes)
Hash
1c065253b7540b1e4570d3c1e6031a4c
27060f272172460768a18ab7391c52cef0e6b1f8
364ccd0dd725df993f6dd8e0b527d8e056caab59a687491c166d11d656934303

HTTP Headers

GET /extension/aine/in_pr_2611.php?s=1701158489386.0.7991314251575288 HTTP/1.1
Host: www.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154; show_pops2=true2; pp_show_on_ea8af9849c3d36f72e75ff80972b12c1=1; kt_tcookie=1; kt_is_visited=1; bnState_1827308={"impressions":1,"delayStarted":0}; pp_main_ea8af9849c3d36f72e75ff80972b12c1=1; pp_exp_ea8af9849c3d36f72e75ff80972b12c1=1701162088349; pp_idelay_ea8af9849c3d36f72e75ff80972b12c1=1; sb_page_101f34fe74998c687adf688cf98d4808=1; sb_onpage_101f34fe74998c687adf688cf98d4808=1; sb_main_101f34fe74998c687adf688cf98d4808=1; sb_count_101f34fe74998c687adf688cf98d4808=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: application/json
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnHYv85seHOJUeoltCzxLRXISV5y5Lw%2F878ffHbMtifacWkBW7RlC25BabfP9LJZs08ymAL98M8LCU6IZvEhHiQvxFHoTZuw0cyxyQCCxLxAsiTA%2FI7PHDVE1q22dk95Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d115369cd4d91a-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

unpkg.com/silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js

104.16.124.175

200 OK

21 kB

URL GET HTTP/2
unpkg.com/silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js
IP
104.16.124.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (21159)
Size
21 kB (21289 bytes)
Hash
242c96b6f341fad00f677b568a7a6e6b
7ba156f36a99393095461ef4ed1f29e5a26732e6
2b17f02db63529b2ba6fe67c320b69ff803b775b7bd6c70ce4809c5c660ab30b

HTTP Headers

GET /silvermine-videojs-quality-selector@1.1.2/dist/js/silvermine-videojs-quality-selector.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.porngo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:22 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Wed, 10 Jan 2018 00:56:00 GMT
etag: W/"5329-e6FW82qZOTCVRh707R8p5aJnMuY"
via: 1.1 fly.io
fly-request-id: 01HFZMJFGH0APDVR9FC6H5D1F1-arn
cf-cache-status: HIT
age: 363410
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d115237fefb524-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.porngo.com/js/videojs.persistvolume.js

104.21.234.90

200 OK

3.7 kB

URL GET HTTP/2
www.porngo.com/js/videojs.persistvolume.js
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3877), with no line terminators
Size
3.7 kB (3679 bytes)
Hash
edd6ad1ef2da6f411723484aa50efac3
70c85dbcf01f72c46aa4610e5a570103944405f1
a9d35e0c9bf38710dc0f1185b6773ce208312fcb575f068b3f866aac8c801826

HTTP Headers

GET /js/videojs.persistvolume.js HTTP/1.1
Host: www.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: application/javascript
last-modified: Fri, 20 Sep 2019 09:34:47 GMT
vary: Accept-Encoding
etag: W/"5d849d37-e5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 540062
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrhSQpVyqQydbdntsN7sifV5lVRxlD0TpZKhpVcThzPzn8uf%2BNLwxNFWDLiW4SN1ZSJ2tpmndgl8RJ3nj6jYUTax%2BvlNhB24Wsch555pCdw5Y1%2FJ6p%2BUrfN68NSshO4Alg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1151dffc1d91a-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.barscreative1.com/sb/au/29/79/b6/2979b6cd81afad6251e222515b2d8311/1663145782.html

45.133.44.4

200 OK

1.8 kB

URL GET HTTP/2
cdn.barscreative1.com/sb/au/29/79/b6/2979b6cd81afad6251e222515b2d8311/1663145782.html
IP
45.133.44.4:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectcdn.barscreative1.com
Fingerprint55:06:B7:F1:EF:E9:55:FB:7C:8C:4F:5D:DB:05:C9:15:19:90:9B:2F
ValiditySat, 11 Nov 2023 03:00:51 GMT - Fri, 09 Feb 2024 03:00:50 GMT

File type
HTML document, ASCII text, with very long lines (1887), with no line terminators
Size
1.8 kB (1775 bytes)
Hash
ad060cdf961dc780713500620212dfd2
00dff11f954cb93349d081333ba22779b5380de1
5975e0efdf299d5ab9695c6be88a67b29bd4e044aadc6af993f5102a3eb894f4

HTTP Headers

GET /sb/au/29/79/b6/2979b6cd81afad6251e222515b2d8311/1663145782.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Wed, 14 Sep 2022 08:56:26 GMT
etag: W/"6321973a-6ef"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 28 Nov 2023 09:01:26 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

www.porngo.com/extension/aine/pr_1409.php?s=1701158489384.0.7583195914054488

104.21.234.90

200 OK

194 B

URL GET HTTP/2
www.porngo.com/extension/aine/pr_1409.php?s=1701158489384.0.7583195914054488
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
HTML document text\012- troff or preprocessor input, ASCII text, with no line terminators
Size
194 B (194 bytes)
Hash
4c25a9e2bbc2bcc1b96ae93c05a56375
246426eb86415cb67e6ed7de2824db5aa0d33ccf
2dcf21f4a4e483ec34c9c6387be3fcc3e2a9ba7864115fd8a561c179d9831426

HTTP Headers

GET /extension/aine/pr_1409.php?s=1701158489384.0.7583195914054488 HTTP/1.1
Host: www.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154; show_pops2=true2; pp_show_on_ea8af9849c3d36f72e75ff80972b12c1=1; kt_tcookie=1; kt_is_visited=1; bnState_1827308={"impressions":1,"delayStarted":0}; pp_main_ea8af9849c3d36f72e75ff80972b12c1=1; pp_exp_ea8af9849c3d36f72e75ff80972b12c1=1701162088349; pp_idelay_ea8af9849c3d36f72e75ff80972b12c1=1; sb_page_101f34fe74998c687adf688cf98d4808=1; sb_onpage_101f34fe74998c687adf688cf98d4808=1; sb_main_101f34fe74998c687adf688cf98d4808=1; sb_count_101f34fe74998c687adf688cf98d4808=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: application/json
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jp7wc2DDee6LBvqUwTIPjkvjiE5PbaY2Ee3EkbX2kH8jdl7myooIkPEsLj%2FiQt43srTFOWS6KW1%2F0j59Upf1YR3e32pmzNGgTirs0oH2RCQtK78L8NBVTLNeZAHWAnnttQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d115369cd0d91a-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tsyndicate.com/do2/7784b79bb68d4b0cb46171b130e4aeb8/vast?

136.243.80.153

200 OK

5.3 kB

URL GET HTTP/2
tsyndicate.com/do2/7784b79bb68d4b0cb46171b130e4aeb8/vast?
IP
136.243.80.153:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
FingerprintF2:3C:80:FB:F4:C8:BF:02:DD:BF:23:DD:27:74:AB:0B:89:F6:13:5E
ValiditySun, 12 Nov 2023 09:06:58 GMT - Sat, 10 Feb 2024 09:06:57 GMT

File type
XML document, ASCII text, with very long lines (5342), with no line terminators
Size
5.3 kB (5285 bytes)
Hash
db6963dcdfdf913f46cefd9a6d6c005c
577ce9babc727b3c141c82a182cf29eefb4e371d
a0037d38de2d4f5425dd7b7508360a9c5041b1987c0efe8517b71f73feab6555

HTTP Headers

GET /do2/7784b79bb68d4b0cb46171b130e4aeb8/vast? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.porngo.com/
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://www.porngo.com
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
x-vast: 3.0
x-request-id: 0715330b89fbf565
set-cookie: ts_uid=ae53c70a-f90b-4dcf-b5bf-3701afb63be4; expires=Tue, 28 May 2024 08:01:26 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.170

200 OK

6.8 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (7013), with no line terminators
Size
6.8 kB (6824 bytes)
Hash
49475c425d6c00477bb339179326c49b
bd97deeb753f44f43a21feafa92d98239fa511bd
598841a98ad357d2896d2f093ea3e4e1d44e24b3351268ffd45e61ff8c1d0e09

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Nov 2023 08:01:26 GMT
date: Tue, 28 Nov 2023 08:01:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

venetrigni.com/stats

0.0.0.0

0 B

URL GET
venetrigni.com/stats
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stats HTTP/1.1
Host: venetrigni.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169&video_id=399114&mode=async&action=js_stats&rand=1701158487622

104.21.234.90

200 OK

43 B

URL GET HTTP/2
www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169&video_id=399114&mode=async&action=js_stats&rand=1701158487622
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

HTTP Headers

GET /videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169&video_id=399114&mode=async&action=js_stats&rand=1701158487622 HTTP/1.1
Host: www.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154; show_pops2=true2; pp_show_on_ea8af9849c3d36f72e75ff80972b12c1=1; kt_tcookie=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: image/gif
content-length: 43
set-cookie: kt_is_visited=1; expires=Wed, 29-Nov-2023 08:01:23 GMT; Max-Age=86400; path=/; domain=.porngo.com; SameSite=Lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqaFzELmmiK6Jnn0xhaWCXtu045%2F2JNXWq6j0S5DVM23Gt%2Bu4vvlcug5KBLtpMoblOCEmZYQ4PdJIdEwVNX49CqmtR%2BF9nsM9Bf%2FfXB06GpNubStIwhM9%2B%2BLB7nCsCHIZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1152b798ed91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

a.bestcontentfood.top/warp/4789786?r=29033

104.21.19.32

200 OK

4.2 kB

URL GET HTTP/2
a.bestcontentfood.top/warp/4789786?r=29033
IP
104.21.19.32:443
ASN
#13335 CLOUDFLARENET

Requested by
https://game.starswalker.site/api/spots/329581?p=1&s1=%subid1%&kw=
Certificate
IssuerGoogle Trust Services LLC
Subjectbestcontentfood.top
Fingerprint38:B2:37:FD:8A:33:7F:A8:A2:A4:3A:45:96:3D:C4:33:59:3D:86:F0
ValiditySat, 21 Oct 2023 02:38:16 GMT - Fri, 19 Jan 2024 02:38:15 GMT

File type
ASCII text, with very long lines (4349), with no line terminators
Size
4.2 kB (4178 bytes)
Hash
106d0fe586c475ad0654f492ceac893a
5db2c95007baee133aa41e31a1262d16c352e1ef
ec79dcf4f8e8578a99169d939b9461200e9a54cf992604d2567ade68b6404e36

HTTP Headers

GET /warp/4789786?r=29033 HTTP/1.1
Host: a.bestcontentfood.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: application/javascript; charset=UTF-8
referer: a.medfoodsafety.com
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJe4O3ENQPUlnzrVJI0nODbSI82n7MmwME%2BhkovbZ5jrFOwl51o46PK2L8kFIUTdxMV3a4COcAk4yePxKS5oZRP6CGbiMhlsuex7qNhAkJq7bXO6QFFANdxQTppogB%2BPHtsb0W9ST7o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d115274e175685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.porngo.com/get_country.php?v=0.2493503829158168.1701158487637

104.21.234.90

200 OK

17 B

URL GET HTTP/2
www.porngo.com/get_country.php?v=0.2493503829158168.1701158487637
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
17 B (17 bytes)
Hash
7dd4c2a3548010488ab35f2ddb0cba32
d0bb08901bcfdc3a7453540ced4bf7ca4eec982b
d7cc8006235795b5d60ba89c9f752ec0f700a0ddc3e2a5b5e70e375624831223

HTTP Headers

GET /get_country.php?v=0.2493503829158168.1701158487637 HTTP/1.1
Host: www.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154; show_pops2=true2; pp_show_on_ea8af9849c3d36f72e75ff80972b12c1=1; kt_tcookie=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaXb%2BP6GnIvUEMSY%2BZG0SEx4W9Tg3KdngJmoqYgEmqah%2F3w4iJR%2Bj%2F1sHXh5ZNbHqfSekORxq%2BalYjEMkR3EX77r%2Fv3ncrnNoq7Rg1Ychfd4ltfiSUG2TdXnUPwHoW1B8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1152b99f7d91a-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

creative.bbrdbr.com/widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js

104.18.59.150

200 OK

61 B

URL GET HTTP/3
creative.bbrdbr.com/widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
61 B (61 bytes)
Hash
22f22b49cc901aa95826401f7ce0930c
6471abdd35ab6d511b67d73ad1375f1ee0f255de
0fae8b03858a764bad3e9af19bfc924ead5b9e25c760432c19e91cba3dff1cf3

HTTP Headers

GET /widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 23 Nov 2023 14:38:50 GMT
etag: W/"655f63fa-3d"
expires: Tue, 28 Nov 2023 08:01:32 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 3
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d11534a9af56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

game.starswalker.site/api/users/377389?v2=1&fill=0&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25&s2=%25subid2%25&i=1&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169

135.181.208.216

200 OK

3.1 kB

URL GET HTTP/2
game.starswalker.site/api/users/377389?v2=1&fill=0&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25&s2=%25subid2%25&i=1&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type
XML document, ASCII text, with very long lines (3192), with no line terminators
Size
3.1 kB (3106 bytes)
Hash
5b74ccf97f85d3d4c22917bf2f911ab0
92bfa6fb78390c49da80a1d1332ea8a3b62ac2d2
69d1468f352c84c91f0dee6157fb7811ee3757dba77e0a3cea77e56fd90ac23a

HTTP Headers

GET /api/users/377389?v2=1&fill=0&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25&s2=%25subid2%25&i=1&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169 HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.porngo.com/
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Cookie: nauid=oKHZPVhpUvcthZshRKA0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://www.porngo.com
access-control-expose-headers: X-Asg-Config, X-t
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

www.porngo.com/js/custom.js

104.21.234.90

200 OK

23 kB

URL GET HTTP/2
www.porngo.com/js/custom.js
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
ASCII text
Size
23 kB (22834 bytes)
Hash
2a19012a5c6e2426868f8318ee84a4d1
8e6e3066139aaa6bc8aae2a5eb73986892e4725f
dcf0d74fd473f0b6b4024a7444e86cb5a18d664f80ca62f2df02422299bce80a

HTTP Headers

GET /js/custom.js HTTP/1.1
Host: www.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 08:56:17 GMT
vary: Accept-Encoding
etag: W/"5f968f31-5932"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 462060
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ai2qKf3MVxqRRJ5UkO7DadNyxyCTC5yPlQoOBq9adwVsYATxgre3ECkcdKZzps%2BME3r1NQcd%2BxODrBvoreoQhWy1CL2gk6w%2Bh9LcEt36W%2FRuarMgnqvbubwHDgFmrl8TmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1151def91d91a-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ta3nfsordd.com/get/1827971?zoneid=1827971&jp=_clhldu20lb5nyohbmj5jyp&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178036703463424&eclog=0&sp=1&im=1

212.117.190.201

200 OK

37 B

URL GET HTTP/2
ta3nfsordd.com/get/1827971?zoneid=1827971&jp=_clhldu20lb5nyohbmj5jyp&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178036703463424&eclog=0&sp=1&im=1
IP
212.117.190.201:443
ASN
#5577 root SA

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint11:6D:17:3D:36:7C:F9:78:B7:9A:AD:C5:4E:09:F5:F9:A0:ED:6B:3A
ValidityMon, 30 Oct 2023 01:21:55 GMT - Fri, 26 Apr 2024 21:59:00 GMT

File type
ASCII text, with no line terminators
Size
37 B (37 bytes)
Hash
26c0446473cdbedd7eb18169ae75e0fd
c2a8a31848b22f49c044d0e8f2b4a48e856e08b8
c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165

HTTP Headers

GET /get/1827971?zoneid=1827971&jp=_clhldu20lb5nyohbmj5jyp&nojs=0&abvar=0&febuild=1.0.178&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=5178036703463424&eclog=0&sp=1&im=1 HTTP/1.1
Host: ta3nfsordd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2311280301831c7b53ed394423b103c9427f; Path=/; Expires=Tue, 31 Dec 2024 08:01:24 GMT; Secure; SameSite=None
CHCK=1; Path=/; Expires=Tue, 31 Dec 2024 08:01:24 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

game.starswalker.site/api/users/456014?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25

135.181.208.216

200 OK

592 B

URL GET HTTP/2
game.starswalker.site/api/users/456014?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type
ASCII text, with very long lines (662), with no line terminators
Size
592 B (592 bytes)
Hash
e621d13679a6c384d3bc3e92a02990c6
443cc5cbee9372a93bc0bb11cd4c4dedee756ffa
938525b628b914b34328f697475d87e5a0017b1f6dd496ade793f43872deb26e

HTTP Headers

GET /api/users/456014?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25 HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: nauid=oKHZPVhpUvcthZshRKA0; asgfp=e19e1989b72653a7152c87a7240d524a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: asgfp=e19e1989b72653a7152c87a7240d524a; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

104.21.234.33

200 OK

86 kB

URL GET HTTP/3
friendshipmale.com/sfp.js
IP
104.21.234.33:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 9c664732874cf9d379a55f4c77a4f760
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 28 Nov 2023 08:01:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BB%2BPrURK2GK7%2BiKnkvzPOa8eSy9lGzulO%2FoZeYgrHz0pcaZ1D5n7YuHjOli2akoDUWRDr%2Bi3j%2Fk54XoiktxdnAFuQO8Ac5QB9wPgaSNbjUmpyIygi3dDV4euK1lhwB%2FUH0lw3T8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1152eebc04c8c-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.porngo.com/favicon-16x16.png

104.21.234.90

200 OK

1.5 kB

URL GET HTTP/2
www.porngo.com/favicon-16x16.png
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
1.5 kB (1489 bytes)
Hash
552872354755cb050014a9501cfec4fa
fd05b4d7002b52e705344db04db723495910e4c7
88ef331642f08aaee6990894bd8015032891181d446faa6c4bbec095a56aba8d

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: www.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154; show_pops2=true2; pp_show_on_ea8af9849c3d36f72e75ff80972b12c1=1; kt_tcookie=1; kt_is_visited=1; bnState_1827308={"impressions":1,"delayStarted":0}; pp_main_ea8af9849c3d36f72e75ff80972b12c1=1; pp_exp_ea8af9849c3d36f72e75ff80972b12c1=1701162088349; pp_idelay_ea8af9849c3d36f72e75ff80972b12c1=1; sb_page_101f34fe74998c687adf688cf98d4808=1; sb_onpage_101f34fe74998c687adf688cf98d4808=1; sb_main_101f34fe74998c687adf688cf98d4808=1; sb_count_101f34fe74998c687adf688cf98d4808=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: image/png
content-length: 1489
last-modified: Tue, 16 Jul 2019 10:24:46 GMT
etag: "5d2da5ee-5d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 526206
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOuEGZKgy4QJDB%2Bt0SfON8ziQ4lw%2F5ACJMxQe3ebudwgDzJqBjvK%2Bi2iYzUR2cJV8enPz7xLftcOuepUYXkyHX8UyoXB7OJ2E83Xl6Q2S1IEDi2%2FgiZIrYblKZ%2FMSuuQTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d115379f25d91a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

chaturbate.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.18.101.40

302 Found

7.4 kB

URL GET HTTP/3
chaturbate.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.18.101.40:443
ASN
#13335 CLOUDFLARENET

Requested by
https://chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
Certificate
IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type

Size
7.4 kB (7389 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Algo1j6evJ1nTmlju0MCHLkIgwgAx8zePFcB4026xK8-1701158484-0-AcyQLOdFeI5FN/HvyOWdE5nNshKFAp1msWVR24iIxTDnOZdZymHF10JMdHkHdMxV5EALPHxGNs6qXYURSkZtl8E=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Tue, 28 Nov 2023 08:01:25 GMT
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6Ym9%2Bca6Oc%2B5I5gkIYWodzGomJLYhvHxZE3tl9G6MyqDForMwzh7GBJedTbGl2ZrNPyBwVFgRoL50%2B%2BgHKp3zXTtoPpz6dwWPc3KIp%2BfPYgnsv7oP4upCNctnpnHyvE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82d115341b2db4eb-OSL
alt-svc: h3=":443"; ma=86400

game.starswalker.site/api/users/433863?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25

135.181.208.216

200 OK

544 B

URL GET HTTP/2
game.starswalker.site/api/users/433863?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type
ASCII text, with very long lines (616), with no line terminators
Size
544 B (544 bytes)
Hash
fad8e152713a74406ff0cb2bceb82c09
f129a8277e5427053085592eb219ff359ab33602
f04e85636abebd5755131ffa993caf45a74430cbc64cc93fcbe6f828bc6ea2f6

HTTP Headers

GET /api/users/433863?host=www.porngo.com&ev=211&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&i=1&kw=Anal%2CThreesome%2CSquirt%2Csquirting%2Cffm%2CTUSHY%2Ctushy.com%2CKarla%20Kush%2CArya%20Fae%2CJean%20Val%20Jean&s1=%25subid1%25 HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: nauid=oKHZPVhpUvcthZshRKA0; asgfp=e19e1989b72653a7152c87a7240d524a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: asgfp=e19e1989b72653a7152c87a7240d524a; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0NDU2NDMsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cHM6Ly93d3cucG9ybmdvLmNvbS92aWRlb3MvMzk5MTE0LzAwNjFjNDkwYzlhZGY2MDU0ZjcwYjBkMDU0NjcyMTZhLw==

0.0.0.0

0 B

URL GET
xngqoc.com/cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0NDU2NDMsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cHM6Ly93d3cucG9ybmdvLmNvbS92aWRlb3MvMzk5MTE0LzAwNjFjNDkwYzlhZGY2MDU0ZjcwYjBkMDU0NjcyMTZhLw==
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cuload?a=1&e=aeyJwaWQiOjExNDQ2NDYsInNpZCI6MTE5MDM3NSwid2lkIjo0NDU2NDMsImQiOiIiLCJsaSI6MX0=&tz=0&if=0&u=aHR0cHM6Ly93d3cucG9ybmdvLmNvbS92aWRlb3MvMzk5MTE0LzAwNjFjNDkwYzlhZGY2MDU0ZjcwYjBkMDU0NjcyMTZhLw== HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.porngo.com/
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

2997.novemberadventures.name/jidCDIUxPAblZtdxoEWUMWYX08lW-9qDcvlYfo_FTpdGNc6c9opRoJuNW95heNLKkdgHcvR2jvrqFui6Hea9aS6VmqTCpLiBbQMdLr0sJHpkv8xMrlzF3jVzai_HKZ6Og5CHAII?kws=crazy%2Cday%2Cwith%2Cwild%2Croommate%2Ctushy%2Cporngo%2Ccom&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Tue%20Nov%2028%202023%2008%3A01%3A30%20GMT%2B0000%20(Coordinated%20Universal%20Time)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1

88.208.59.102

200 OK

2.1 kB

URL GET HTTP/2
2997.novemberadventures.name/jidCDIUxPAblZtdxoEWUMWYX08lW-9qDcvlYfo_FTpdGNc6c9opRoJuNW95heNLKkdgHcvR2jvrqFui6Hea9aS6VmqTCpLiBbQMdLr0sJHpkv8xMrlzF3jVzai_HKZ6Og5CHAII?kws=crazy%2Cday%2Cwith%2Cwild%2Croommate%2Ctushy%2Cporngo%2Ccom&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Tue%20Nov%2028%202023%2008%3A01%3A30%20GMT%2B0000%20(Coordinated%20Universal%20Time)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1
IP
88.208.59.102:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subject*.novemberadventures.name
Fingerprint07:CC:67:0A:E6:12:32:59:BD:8E:D3:88:2D:52:C5:2C:59:DE:AC:1B
ValidityTue, 07 Nov 2023 11:00:51 GMT - Mon, 05 Feb 2024 11:00:50 GMT

File type
ASCII text, with very long lines (2075), with no line terminators
Size
2.1 kB (2075 bytes)
Hash
0ca1aca161215c925d93b231293032cc
417ae95fcba9c3c36172ce9651190e2e18ab33fa
94c7822595f0fe06af8a0e79406f7a3381be076bf61cd0fe7acffec18312fad7

HTTP Headers

GET /jidCDIUxPAblZtdxoEWUMWYX08lW-9qDcvlYfo_FTpdGNc6c9opRoJuNW95heNLKkdgHcvR2jvrqFui6Hea9aS6VmqTCpLiBbQMdLr0sJHpkv8xMrlzF3jVzai_HKZ6Og5CHAII?kws=crazy%2Cday%2Cwith%2Cwild%2Croommate%2Ctushy%2Cporngo%2Ccom&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.porngo.com%2Fvideos%2F399114%2F0061c490c9adf6054f70b0d05467216a%2F%3Fts%3D12169&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Tue%20Nov%2028%202023%2008%3A01%3A30%20GMT%2B0000%20(Coordinated%20Universal%20Time)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22false%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 HTTP/1.1
Host: 2997.novemberadventures.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:29 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://www.porngo.com
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Tue, 28 Nov 2023 08:01:29 UTC
expires: Tue, 28 Nov 2023 08:01:29 UTC
content-encoding: gzip
X-Firefox-Spdy: h2

prhzxq.com/wnload?a=1&e=aeyJwaWQiOjExNTAwODIsInNpZCI6MTE5NTE5OSwid2lkIjo0Mzk5MzgsImQiOiIiLCJsaSI6Mn0=&tz=0&if=0&u=aHR0cHM6Ly93d3cucG9ybmdvLmNvbS92aWRlb3MvMzk5MTE0LzAwNjFjNDkwYzlhZGY2MDU0ZjcwYjBkMDU0NjcyMTZhLw==&inc=1

185.162.85.2

200 OK

728 B

URL GET HTTP/2
prhzxq.com/wnload?a=1&e=aeyJwaWQiOjExNTAwODIsInNpZCI6MTE5NTE5OSwid2lkIjo0Mzk5MzgsImQiOiIiLCJsaSI6Mn0=&tz=0&if=0&u=aHR0cHM6Ly93d3cucG9ybmdvLmNvbS92aWRlb3MvMzk5MTE0LzAwNjFjNDkwYzlhZGY2MDU0ZjcwYjBkMDU0NjcyMTZhLw==&inc=1
IP
185.162.85.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjectprhzxq.com
FingerprintAF:E4:1D:E8:DA:E7:CB:59:A8:A1:F6:FC:7B:22:BD:88:80:FA:14:B0
ValidityFri, 15 Sep 2023 17:07:53 GMT - Thu, 14 Dec 2023 17:07:52 GMT

File type
Unicode text, UTF-8 text, with very long lines (799), with no line terminators
Size
728 B (728 bytes)
Hash
25a2b0bee5bb37b94959d0a7c864aa43
f908bd0714abe70eccb3689387e28ca3222c254c
c475fe81787f12d03961d50bef93e5d2cdfa432d5ef4028cfc2afab743d68524

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wnload?a=1&e=aeyJwaWQiOjExNTAwODIsInNpZCI6MTE5NTE5OSwid2lkIjo0Mzk5MzgsImQiOiIiLCJsaSI6Mn0=&tz=0&if=0&u=aHR0cHM6Ly93d3cucG9ybmdvLmNvbS92aWRlb3MvMzk5MTE0LzAwNjFjNDkwYzlhZGY2MDU0ZjcwYjBkMDU0NjcyMTZhLw==&inc=1 HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.porngo.com/
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2

www.porngo.com/extension/aine/pop_1409.php?s=1701158489382.0.38547713440161047

104.21.234.90

200 OK

168 B

URL GET HTTP/2
www.porngo.com/extension/aine/pop_1409.php?s=1701158489382.0.38547713440161047
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
HTML document text\012- troff or preprocessor input, ASCII text, with no line terminators
Size
168 B (168 bytes)
Hash
7dfe653fd07f82e146c0255e94a3303e
d43d79c94e964d46a5e0b0d2f9c1eb137bc3cdfc
0785aa88eccffc69f6370d3097182ff57e58c591f2642854a9fbe82bbbbd24ba

HTTP Headers

GET /extension/aine/pop_1409.php?s=1701158489382.0.38547713440161047 HTTP/1.1
Host: www.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154; show_pops2=true2; pp_show_on_ea8af9849c3d36f72e75ff80972b12c1=1; kt_tcookie=1; kt_is_visited=1; bnState_1827308={"impressions":1,"delayStarted":0}; pp_main_ea8af9849c3d36f72e75ff80972b12c1=1; pp_exp_ea8af9849c3d36f72e75ff80972b12c1=1701162088349; pp_idelay_ea8af9849c3d36f72e75ff80972b12c1=1; sb_page_101f34fe74998c687adf688cf98d4808=1; sb_onpage_101f34fe74998c687adf688cf98d4808=1; sb_main_101f34fe74998c687adf688cf98d4808=1; sb_count_101f34fe74998c687adf688cf98d4808=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: application/json
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FITslJW6aBvsG1%2BzmQwa5aOEDm2gDaV%2B7%2Fv0GXcHrhO63Ky2VakpWoWDqkoeIakdbnwDNq2PJVWPYDYCU7EU7WM7YMaf6lm%2BE4YrYKqR%2FCI%2BlK35M0D3YwUsOZzAuTcLeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d115368cbbd91a-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

go.bbrdbr.com/config?url=https%3A%2F%2Fcreative.bbrdbr.com%2Fwidgets%2Fv4%2FUniversal%3FcampaignId%3Dadnium-mobileiframe300x100-2023%26broadcastMobile%3D1%26hideModelName%3D1%26thumbsMargin%3D0%26gridRows%3D1%26gridColumns%3D1%26responsive%3D0%26hideButton%3D1%26liveBadgeColor%3Dbd0800%26userId%3D17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd%26autoplay%3DfirstThumb%26autoplayForce%3D1%26quality%3Doptimal%26kbLimit%3D2500

104.18.51.106

200 OK

6.8 kB

URL GET HTTP/2
go.bbrdbr.com/config?url=https%3A%2F%2Fcreative.bbrdbr.com%2Fwidgets%2Fv4%2FUniversal%3FcampaignId%3Dadnium-mobileiframe300x100-2023%26broadcastMobile%3D1%26hideModelName%3D1%26thumbsMargin%3D0%26gridRows%3D1%26gridColumns%3D1%26responsive%3D0%26hideButton%3D1%26liveBadgeColor%3Dbd0800%26userId%3D17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd%26autoplay%3DfirstThumb%26autoplayForce%3D1%26quality%3Doptimal%26kbLimit%3D2500
IP
104.18.51.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (8856), with no line terminators
Size
6.8 kB (6761 bytes)
Hash
19cb8b469c18edfa2835b038facfe26a
c989ba62771c77959b8913d2499a50452bd42881
a95e8a678e1d243c7f0b1d7baa73c0377aca8eae50283877425fba45ee65be05

HTTP Headers

GET /config?url=https%3A%2F%2Fcreative.bbrdbr.com%2Fwidgets%2Fv4%2FUniversal%3FcampaignId%3Dadnium-mobileiframe300x100-2023%26broadcastMobile%3D1%26hideModelName%3D1%26thumbsMargin%3D0%26gridRows%3D1%26gridColumns%3D1%26responsive%3D0%26hideButton%3D1%26liveBadgeColor%3Dbd0800%26userId%3D17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd%26autoplay%3DfirstThumb%26autoplayForce%3D1%26quality%3Doptimal%26kbLimit%3D2500 HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: application/json
access-control-allow-origin: https://creative.bbrdbr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Tue, 28 Nov 2023 07:41:40 GMT
cf-cache-status: HIT
age: 177
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d115318c7e1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

venetrigni.com/stats

0.0.0.0

0 B

URL GET
venetrigni.com/stats
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stats HTTP/1.1
Host: venetrigni.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

static-assets.highwebmedia.com/CACHE/css/output.fe3e9fec3a8e.css

104.16.93.42

200 OK

22 kB

URL GET HTTP/2
static-assets.highwebmedia.com/CACHE/css/output.fe3e9fec3a8e.css
IP
104.16.93.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
Certificate
IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (22272), with no line terminators
Size
22 kB (22272 bytes)
Hash
777d0d0ed7ac6e68203aafae7ada65d6
baca6a795da7921d8b3e309a98d2513379bcc4cd
d4dac3accf8ef08f2b8de9cb80a86dfc4fcbc718545dcb8bd3d0e4e8362c3079

HTTP Headers

GET /CACHE/css/output.fe3e9fec3a8e.css HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=26903
etag: W/"45ecf3091aa86ce3d3732164aafcc3d8"
last-modified: Mon, 16 Oct 2023 16:59:17 GMT
x-amz-id-2: BHqWEoDWO/RlNChk9Py6YRTm6qCeF/y49mY09iY6YbHwspxHd1XKAbwwmqRk6jN8nsHlJR4CYvw=
x-amz-meta-s3cmd-attrs: md5:45ecf3091aa86ce3d3732164aafcc3d8
x-amz-request-id: 1MBX1WWVJVKWCPRY
x-amz-server-side-encryption: AES256
cf-cache-status: HIT
age: 524942
expires: Thu, 28 Dec 2023 08:01:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6CHSPJbNr0zOmmjSkbmjsbY2KurxHMthm1e555xEW%2BoDU3W%2F%2FFUyFI7nwrQrGLGUYZDkqW9trvaKwOMj8%2B2mO9XgFDkTqmRZPNPzCr7uog5J0cZCvPi%2F7uRaZXVi5VPxMezYWYerWi7K29Se6oHdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=i3203DOo7ok3TXkQ99bUt956hbHkMbEnJsVIFQ2YCYo-1701158485010-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 82d115334e0e0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/js/script.js

172.64.109.10

200 OK

892 B

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/js/script.js
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text, with very long lines (959), with no line terminators
Size
892 B (892 bytes)
Hash
9d441b1ef0d4f07226844f2a75309fe0
588ed7e74f0c215a09e72131be39b930479dccf9
5df48723b4f69d2ecdd0de387d4233bf720e3c0cac669645d8a5ca6cb31e9bf8

HTTP Headers

GET /sb/ssp/notifications/text_bubble/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: application/javascript
last-modified: Tue, 12 Jul 2022 10:56:18 GMT
etag: W/"62cd5352-37c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2428139
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=378qJxlg%2BZwCTV0NcWOBUm4hAMHH8pLx65%2FqX2yoFhNd5Wl%2FEHOvKdBih690XVr6MFu4WQrLFM2ytMOvQrv8QECu2%2BpzQtLHP5MQtjgLNxckcONvblx5S5v3vJkKsgYjJXX6pxsw772E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1153f1ec0888f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

th-cdnv1.akamaized.net/AdxAdmin/Ads/3_317506_0.gif

23.36.76.113

200 OK

454 kB

URL GET HTTP/1.1
th-cdnv1.akamaized.net/AdxAdmin/Ads/3_317506_0.gif
IP
23.36.76.113:443
ASN
#20940 Akamai International B.V.

Requested by
https://ads.traffichunt.com/adx-dir-d/servlet/WebF_AdManager.AdDecision?aid=7149110&reqin=iframe&w=300&h=250&adpos=atf&nid=3&cb=&ref=&click_ext=03b871b6-4715-4ab4-97ba-9206c479267d&zone_ext=40582&placements=40972
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 300 x 250\012- data
Size
454 kB (454031 bytes)
Hash
1e7eb414be44b8fb28f485837657730c
c3c57c6f475722b50a524c5764cf5889496c10bd
94cc6716f2dabd3ad7af0ccce9fab38615261b911ccd3c1c29ed94dc44a70ab4

HTTP Headers

GET /AdxAdmin/Ads/3_317506_0.gif HTTP/1.1
Host: th-cdnv1.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ads.traffichunt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: image/gif
Content-Length: 454031
Last-Modified: Wed, 29 Apr 2020 11:03:45 GMT
ETag: "5ea95f11-6ed8f"
Accept-Ranges: bytes
X-Akamai-EW-Subworker: 8096267
Date: Tue, 28 Nov 2023 08:01:28 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

game.starswalker.site/api/click/9165914061934375095?c=60&data[error]=3

135.181.208.216

200 OK

0 B

URL GET HTTP/2
game.starswalker.site/api/click/9165914061934375095?c=60&data[error]=3
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/click/9165914061934375095?c=60&data[error]=3 HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Cookie: nauid=oKHZPVhpUvcthZshRKA0; asgfp=e19e1989b72653a7152c87a7240d524a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:27 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
X-Firefox-Spdy: h2

www.porngo.com/css/plugins.css

104.21.234.90

200 OK

50 kB

URL GET HTTP/2
www.porngo.com/css/plugins.css
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
ASCII text, with very long lines (29529)
Size
50 kB (50245 bytes)
Hash
4092218dab88f50c2ae78b636da0f06e
6534c8b0dfeaa401038c595a238f3fed21b69da6
2e3480402dc98bc43baa6327e8765e2e07dfc5781359086cb11993e817776cb6

HTTP Headers

GET /css/plugins.css HTTP/1.1
Host: www.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: text/css
last-modified: Fri, 28 Jun 2019 17:41:14 GMT
vary: Accept-Encoding
etag: W/"5d16513a-c445"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 529449
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHwOmjrT%2ByTsJ94SC4ZISAzp7%2BOp4VM0D3o2UJggB7X10rLIvG%2BqVgrBIwyQ1WLEXPgtH9sNF8XfW5ta2MixMWlmTaZgYakhAyhs2bQDNG1RBXVAj4IEkHv1EmGV5E97ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1151def75d91a-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

game.starswalker.site/api/users/18306545902354519095/1635932?fill=0&kw=Anal,Threesome,Squirt,squirting,ffm,TUSHY,tushy.com,Karla%20Kush,Arya%20Fae,Jean%20Val%20Jean

135.181.208.216

200 OK

1.6 kB

URL GET HTTP/2
game.starswalker.site/api/users/18306545902354519095/1635932?fill=0&kw=Anal,Threesome,Squirt,squirting,ffm,TUSHY,tushy.com,Karla%20Kush,Arya%20Fae,Jean%20Val%20Jean
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecta.kainpopoy.com
FingerprintC3:A0:4A:E1:FD:8F:13:AA:57:82:A1:48:49:49:CA:4B:E3:5C:64:33
ValidityMon, 06 Nov 2023 16:27:10 GMT - Sun, 04 Feb 2024 16:27:09 GMT

File type
XML document, ASCII text, with very long lines (1637), with no line terminators
Size
1.6 kB (1589 bytes)
Hash
90827d542d080d818978ff2389501fa4
fcbd1f35148ba03a603b26d859a35dcb446e6f54
6e4efa0339419e89f65de657a508548dc8398dd6825263f09a1851b05cbd673c

HTTP Headers

GET /api/users/18306545902354519095/1635932?fill=0&kw=Anal,Threesome,Squirt,squirting,ffm,TUSHY,tushy.com,Karla%20Kush,Arya%20Fae,Jean%20Val%20Jean HTTP/1.1
Host: game.starswalker.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.porngo.com/
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Cookie: nauid=oKHZPVhpUvcthZshRKA0; asgfp=e19e1989b72653a7152c87a7240d524a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://www.porngo.com
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

camschat.net/300100/adnium.htm

66.230.180.98

200 OK

893 B

URL GET HTTP/2
camschat.net/300100/adnium.htm
IP
66.230.180.98:443
ASN
#30602 ISPRIME

Requested by
https://a.medfoodsafety.com/loader?a=4789786&v=2&t=7&s=4777579&p=6138&if=true
Certificate
IssuerLet's Encrypt
Subjectcamschat.net
Fingerprint41:70:63:15:D3:75:E0:EE:D3:3D:99:DF:F7:51:E1:6B:F2:E5:C8:8E
ValidityWed, 25 Oct 2023 18:05:41 GMT - Tue, 23 Jan 2024 18:05:40 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (952), with no line terminators
Size
893 B (893 bytes)
Hash
baff79e8d871276b67b96e41e4011129
e219323121c3a1be244519394363ea424b58cc8c
b13592d1254327e43f62d7075042252ab93ba25dd5caf903130975ab68c94e41

HTTP Headers

GET /300100/adnium.htm HTTP/1.1
Host: camschat.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.medfoodsafety.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: text/html
content-length: 893
last-modified: Sat, 23 Sep 2023 14:16:48 GMT
etag: "650ef350-37d"
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/css/animate.css

172.64.109.10

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/notifications/text_bubble/2/css/animate.css
IP
172.64.109.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text
Size
79 kB (79249 bytes)
Hash
e1d8acd5ee9d1a90ea09313cbd8f2b02
8a8327b115d1356715e63270d1ce6d46124c7b1a
3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a

HTTP Headers

GET /sb/ssp/notifications/text_bubble/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 10:56:21 GMT
etag: W/"62cd5355-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1315931
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUFnBdSKK8D1oG1%2F8UOoNpQqUEqZK2uYmoA6wR%2F%2BNYB2PRcFZexNjoC0J1W2zsprIiVcbJoMoydRXBMa%2F3D6hqh1nNnc5%2Bx2uV8G5KyBDQgRn0yaKHWXHCnBwOefsdC2OsHtdXFD6Bay"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1153e0d66888f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ta3nfsordd.com/aas/r45d/vki/1827971/tghr.js

212.117.190.201

200 OK

89 kB

URL GET HTTP/2
ta3nfsordd.com/aas/r45d/vki/1827971/tghr.js
IP
212.117.190.201:443
ASN
#5577 root SA

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint11:6D:17:3D:36:7C:F9:78:B7:9A:AD:C5:4E:09:F5:F9:A0:ED:6B:3A
ValidityMon, 30 Oct 2023 01:21:55 GMT - Fri, 26 Apr 2024 21:59:00 GMT

File type
ASCII text, with very long lines (65106)
Size
89 kB (89045 bytes)
Hash
83e1cbc08f0fe1a3faa25783e2ba1afd
eae8f178bfa2195e8e3ffc57379c1bf57fe68bf7
9e8d864b527cdac434882cdd978e4627e508691bc89a2da6eeaaef09342cafa6

HTTP Headers

GET /aas/r45d/vki/1827971/tghr.js HTTP/1.1
Host: ta3nfsordd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: application/javascript
last-modified: Wed, 15 Nov 2023 14:55:11 GMT
vary: Accept-Encoding
etag: W/"6554dbcf-15c1f"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

xngqoc.com/er?a=1

0.0.0.0

0 B

URL GET
xngqoc.com/er?a=1
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /er?a=1 HTTP/1.1
Host: xngqoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.porngo.com/
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

www.porngo.com/css/main.css

104.21.234.90

200 OK

98 kB

URL GET HTTP/2
www.porngo.com/css/main.css
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type
assembler source, ASCII text, with very long lines (492)
Size
98 kB (98549 bytes)
Hash
9b0e09fa7772d9bb417055ca574a0126
0379c173f354e29303a5900b1a2afe2655886400
53b8120788bf3a689f79f5e89717c8d5a8d59358ae3d36f94f34d108ce6c8d32

HTTP Headers

GET /css/main.css HTTP/1.1
Host: www.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; kt_rt_ts=12169; kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; kt_ips=91.90.42.154
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: text/css
last-modified: Mon, 23 May 2022 12:46:28 GMT
vary: Accept-Encoding
etag: W/"628b8224-180f5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 462331
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikxn68%2BH8oipiDCmXcP%2F%2BeBK9U%2FHDc4xRelnnx2BEWnPigPzlH2%2FLEGWUe8dl7qhkZYojEdbqAZM3PWhVftsGEjMAyfKBZur31VtGBThRTyJWnEmuyeMqGY2DvOaNbcEwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1151ddf4dd91a-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

edge-hls.doppiocdn.com/hls/85253216/master/85253216_160p.m3u8

104.18.63.122

200 OK

224 B

URL GET HTTP/2
edge-hls.doppiocdn.com/hls/85253216/master/85253216_160p.m3u8
IP
104.18.63.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
M3U playlist, ASCII text, with no line terminators
Size
224 B (224 bytes)
Hash
031b040af4e07444fa2fa4a79dd94183
5fd22680d5e23e829e96d838c130d8ca5aef32db
9ecf31131aa188f25fa29d947b9b58e8d51d174f1d9cc27e4a9228f8763a41c0

HTTP Headers

GET /hls/85253216/master/85253216_160p.m3u8 HTTP/1.1
Host: edge-hls.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Tue, 28 Nov 2023 08:01:24 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=3, s-maxage=3
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 82d115351b090b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

b-hls-09.doppiocdn.com/hls/85253216/85253216_160p_init_RB5bSZXPYsqxJZtP.mp4

104.18.63.122

200 OK

1.2 kB

URL GET HTTP/3
b-hls-09.doppiocdn.com/hls/85253216/85253216_160p_init_RB5bSZXPYsqxJZtP.mp4
IP
104.18.63.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
ISO Media, MP4 Base Media v5 \012- data
Size
1.2 kB (1218 bytes)
Hash
3c5262846ef8e87f693cd93d4414f6d2
bd7391b102e2b2fd1f83dddd52089e591680f2c7
25a6f7d4cdfa9842a6cad4fb0e05120533b97ce3cb958889794e9453c2ea00fe

HTTP Headers

GET /hls/85253216/85253216_160p_init_RB5bSZXPYsqxJZtP.mp4 HTTP/1.1
Host: b-hls-09.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: video/mp4
content-length: 1218
last-modified: Tue, 28 Nov 2023 07:47:59 GMT
etag: "65659b2f-4c2"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 57
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d115365bbb5685-OSL
alt-svc: h3=":443"; ma=86400

www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169

104.21.234.90

200 OK

160 kB

URL User Request GET HTTP/2
www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
IP
104.21.234.90:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectporngo.com
FingerprintBE:C2:FE:F3:C0:D1:93:78:61:A9:18:71:A3:C1:AE:0A:CE:99:52:DB
ValidityThu, 05 Oct 2023 06:24:06 GMT - Wed, 03 Jan 2024 06:24:05 GMT

File type

Size
160 kB (160018 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169 HTTP/1.1
Host: www.porngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:21 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=nmbjs92fvvpjokoatavh954gcc; path=/; domain=.porngo.com; SameSite=Lax
kt_rt_ts=12169; expires=Fri, 22-Nov-2024 08:01:21 GMT; Max-Age=31104000; path=/; domain=.porngo.com; SameSite=Lax
kt_qparams=id%3D399114%26dir%3D0061c490c9adf6054f70b0d05467216a%26ts%3D12169; expires=Wed, 29-Nov-2023 08:01:21 GMT; Max-Age=86400; path=/; domain=.porngo.com; SameSite=Lax
kt_ips=91.90.42.154; expires=Wed, 29-Nov-2023 08:01:21 GMT; Max-Age=86400; path=/; domain=.porngo.com; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrUneMgliJV%2Be0VrujmenFx80zIpcOTQsOmqF6nehQ5XBpFF2RHWhf%2B83bZMdOTlki58mqaY1ugkswdmas8Vi1Lc6MNkYZEoupUhHmNlcmE2Vx4WzWHvt2RQMAPUXvRZoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d1151b99e9d91a-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

chaturbate.com/in/?track=adnium-mobileiframe300x100-2023&tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f

104.18.101.40

302 Found

61 kB

URL GET HTTP/2
chaturbate.com/in/?track=adnium-mobileiframe300x100-2023&tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f
IP
104.18.101.40:443
ASN
#13335 CLOUDFLARENET

Requested by
https://camschat.net/300100/adnium.htm
Certificate
IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type

Size
61 kB (61284 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/?track=adnium-mobileiframe300x100-2023&tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: text/html; charset=utf-8
location: /tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self';  script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.static.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://*.googletagmanager.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js https://static.hotjar.com https://script.hotjar.com ;  style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://static.hotjar.com https://script.hotjar.com;  img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://*.googletagmanager.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ;  font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ;  connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://analytics.google.com https://*.analytics.google.com https://*.googletagmanager.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com ;  media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://storage.googleapis.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com;  object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ;  frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com https://directory-live.cb.dev https://*.web.cb.dev ;  child-src 'self' blob: blob ;  worker-src 'self' blob: blob ;  form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://saas-onboarding.incodesmile.com https://smartpay.coinsmart.com https://crypto-payments.net https://secure.paygarden.com ;  manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ;  report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
set-cookie: u_x1Rd=1; expires=Sun, 03 Dec 2023 08:01:24 GMT; Max-Age=432000; Path=/
us_x1Rd=1; Path=/
affkey="eJwdjUEKwzAMBL8SdG5i2bnl2A8U+gPFlolJlQZbgZTSvxfltrOzsF9QmDo4/TPBrYMou6HSo92Nta7GlLZySC/vuby45ErCI+LpEfuAYbRltd2iurfJuUjS4kI6bKzOLOVsPn5mrlJWtu56Ct5iK8kAfn+QGyhz"; Domain=.chaturbate.com; expires=Thu, 28 Dec 2023 08:01:24 GMT; Max-Age=2592000; Path=/
fromaffiliate=1; Domain=.chaturbate.com; Path=/
noads=1; expires=Tue, 28 Nov 2023 14:01:24 GMT; Max-Age=21600; Path=/
sbr=sec:sbrcdfe53b6-61fa-44ae-801f-30b6766262ee:1r7t24:OzCBXrp8YeHMWWX6gK-Y9CllgbQ; Domain=.chaturbate.com; expires=Sun, 23 Aug 2026 08:01:24 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
__cf_bm=Algo1j6evJ1nTmlju0MCHLkIgwgAx8zePFcB4026xK8-1701158484-0-AcyQLOdFeI5FN/HvyOWdE5nNshKFAp1msWVR24iIxTDnOZdZymHF10JMdHkHdMxV5EALPHxGNs6qXYURSkZtl8E=; path=/; expires=Tue, 28-Nov-23 08:31:24 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82d1152fbd775687-OSL
X-Firefox-Spdy: h2

static-assets.highwebmedia.com/fonts/ubuntum-webfont.woff?a7fc63c36394

104.16.93.42

200 OK

32 kB

URL GET HTTP/3
static-assets.highwebmedia.com/fonts/ubuntum-webfont.woff?a7fc63c36394
IP
104.16.93.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
Certificate
IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 31680, version 1.0\012- data
Size
32 kB (31680 bytes)
Hash
9968f3d2a16c9ae20a54d0e44ee83d3a
dfd651a49017147b8e8078d530f0930020bfb846
a7fc63c363948d7add8e1dade66045376e2bad22da6697f84d175e5f9a76166e

HTTP Headers

GET /fonts/ubuntum-webfont.woff?a7fc63c36394 HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chaturbate.com
DNT: 1
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: application/font-woff
content-length: 31680
x-amz-id-2: owrbYwL2kgzn2iePZrAZaEdU0BW0cGkujRphvBWn/VM4e0xZSOIf/oPxecZVMDd0EX9C43iY3dMGGvScMSsKw+AIgn5N80/c
x-amz-request-id: B8DRP1NFKYEBMBX4
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 19 Jan 2021 22:07:54 GMT
etag: "9968f3d2a16c9ae20a54d0e44ee83d3a"
x-amz-meta-s3cmd-attrs: md5:9968f3d2a16c9ae20a54d0e44ee83d3a
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 85500
expires: Thu, 28 Dec 2023 08:01:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AC41Zd3D8ImYNOlnyvygTygJpokIHkNBBBFyjRtQ7Mk2023oshUg%2Bxugk6v8qvJSKCvJkiznFes2lHZRXEm%2B5VBnQKYD29Y7noBP8%2FE4pEnhDHm3qLtZFOHir6U1PhmpHa4%2BK3E%2Bb2RdETssEBCNRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=CbW_By9_USC7nECL4KJmUH_qM1YDWgtys7z9il8.Oes-1701158485142-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 82d115341eb37127-OSL
alt-svc: h3=":443"; ma=86400

go.bbrdbr.com/api/models?broadcastMobile=1&quality=optimal&forceClient=1&stripcashR=0&limit=1&usePreroll&webp=1

104.18.59.150

200 OK

1.6 kB

URL GET HTTP/3
go.bbrdbr.com/api/models?broadcastMobile=1&quality=optimal&forceClient=1&stripcashR=0&limit=1&usePreroll&webp=1
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1781), with no line terminators
Size
1.6 kB (1645 bytes)
Hash
978b4359899c3c53d9a376866dee236c
971c43ff74aaa7008600e07d5dcb23e655dc42b5
be6f29a5e7ca8e804103088cd325834dfb2e1c27c93ae3e0ef1bd3971bf7710b

HTTP Headers

GET /api/models?broadcastMobile=1&quality=optimal&forceClient=1&stripcashR=0&limit=1&usePreroll&webp=1 HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: application/json
access-control-allow-origin: https://creative.bbrdbr.com
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Tue, 28 Nov 2023 07:41:41 GMT
cf-cache-status: EXPIRED
set-cookie: __cflb=02DiuDFRFiBZBvMSLtsgHAphT8dt9Y3eZyBWRN9zPwuDE; SameSite=None; Secure; path=/; expires=Wed, 29-Nov-23 08:01:24 GMT; HttpOnly
server: cloudflare
cf-ray: 82d115326f9356c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

chaturbate.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

104.18.101.40

200 OK

7.4 kB

URL GET HTTP/3
chaturbate.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
IP
104.18.101.40:443
ASN
#13335 CLOUDFLARENET

Requested by
https://chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
Certificate
IssuerDigiCert Inc
Subject*.highwebmedia.com
FingerprintE8:AA:DE:C2:5D:9E:54:E7:4E:14:3F:F4:80:9B:A4:9F:97:F3:8C:69
ValiditySat, 30 Sep 2023 00:00:00 GMT - Wed, 09 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7389), with no line terminators
Size
7.4 kB (7389 bytes)
Hash
dfedfc7dedb8f48c80586524572cdd27
ca600e2f63eb187dee84b57ec41e8660b1780dbb
310bd5797faa0f442d9b75a87404453de34459c36fa86022700943a883e2b000

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Algo1j6evJ1nTmlju0MCHLkIgwgAx8zePFcB4026xK8-1701158484-0-AcyQLOdFeI5FN/HvyOWdE5nNshKFAp1msWVR24iIxTDnOZdZymHF10JMdHkHdMxV5EALPHxGNs6qXYURSkZtl8E=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:25 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csf41VQt3Y2sJya97IYna4lQjUhduARxGX6J1d%2BYogIoVygMEjl%2BJ0hws4uxPf%2FkgbKNor2Yfo2lcWQlgIehQvn%2FFiyvABxczsIHEuQYqGkIUoJ9AVD9UEh6xQjvM%2FCe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82d115348b78b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

creative.bbrdbr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.css

104.18.59.150

200 OK

13 kB

URL GET HTTP/3
creative.bbrdbr.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.css
IP
104.18.59.150:443
ASN
#13335 CLOUDFLARENET

Requested by
https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2A:9F:63:77:CB:A5:1C:FD:6E:10:F5:29:D2:FB:51:F4:7C:EC:36:A2
ValiditySun, 26 Feb 2023 00:00:00 GMT - Sun, 25 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (13396), with no line terminators
Size
13 kB (13396 bytes)
Hash
d55b785d72863fbb8425a36b7d675ec2
546cda15b6fb2a67ce1f102dc82eefb6f749f9c3
a4d09f6a50b6d96e7f22ab12f406dcf44be0d815105018cc5c7f1105fbf597f7

HTTP Headers

GET /widgets/v4/Universal/main.672e6e87c69b0c60653e.css HTTP/1.1
Host: creative.bbrdbr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/widgets/v4/Universal?campaignId=adnium-mobileiframe300x100-2023&broadcastMobile=1&hideModelName=1&thumbsMargin=0&gridRows=1&gridColumns=1&responsive=0&hideButton=1&liveBadgeColor=bd0800&userId=17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd&autoplay=firstThumb&autoplayForce=1&quality=optimal&kbLimit=2500
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 08:01:24 GMT
content-type: text/css
last-modified: Thu, 23 Nov 2023 14:38:50 GMT
etag: W/"655f63fa-3454"
expires: Tue, 28 Nov 2023 08:01:24 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 9
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d115308e3256c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.o333o.com/asg_embed.js

143.204.55.31

200 OK

237 kB

URL GET HTTP/2
cdn.o333o.com/asg_embed.js
IP
143.204.55.31:443
ASN
#16509 AMAZON-02

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerSectigo Limited
Subjectcdn.o333o.com
Fingerprint61:0E:6A:7F:7E:40:48:40:58:0F:EF:89:DB:CF:AD:C2:FB:52:F1:AC
ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT

File type

Size
237 kB (237089 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /asg_embed.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Mon, 27 Nov 2023 07:18:54 GMT
last-modified: Mon, 27 Nov 2023 07:10:46 GMT
etag: W/"656440f6-39e21"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Kff3TS3kMR36JqaDrliW-rsLhfGWRK34QLy-aQMMI6oo6WA_E-w3Ug==
age: 88948
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.67

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.porngo.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:36:53 GMT
expires: Thu, 21 Nov 2024 21:36:53 GMT
cache-control: public, max-age=31536000
age: 469470
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

104.21.234.33

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
104.21.234.33:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f392682a974c46cb8c6ed3cb716018c5
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 28 Nov 2023 08:01:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMl3BrPp2zYI1El7bKNxhamLTOwD3GNIDzE%2Bd6pamj20kBPtr4ki0McvKenlG8TNuLeLAZboMlnf2iiqXOid6rOZirt5uJvsD3s5T%2FrEU8jdVIGDGarjSF%2FqmWlMmyeteaVPDbI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d1152adc4a4c87-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2997.novemberadventures.name/iiNFDoI4OA3oZtdxoUWUMWYX08kOuMeHe_tRMsqTIJgVNJ-Jot9M98LrUt5pe9WRlYhs9wDv4mbIFBpjzI9Y2w93_Q?_=1701158486566

88.208.59.102

200 OK

16 kB

URL GET HTTP/2
2997.novemberadventures.name/iiNFDoI4OA3oZtdxoUWUMWYX08kOuMeHe_tRMsqTIJgVNJ-Jot9M98LrUt5pe9WRlYhs9wDv4mbIFBpjzI9Y2w93_Q?_=1701158486566
IP
88.208.59.102:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subject*.novemberadventures.name
Fingerprint07:CC:67:0A:E6:12:32:59:BD:8E:D3:88:2D:52:C5:2C:59:DE:AC:1B
ValidityTue, 07 Nov 2023 11:00:51 GMT - Mon, 05 Feb 2024 11:00:50 GMT

File type
ASCII text, with very long lines (15927), with no line terminators
Size
16 kB (15927 bytes)
Hash
b822f691a8246b6c16aa009a5c1e439e
51914eeb4aac3f38a99114c7836f6f8b65226297
cd916bf06e6d90a6176039bd3620df026e80d7ab7f5981e431757a3b3eb5780c

HTTP Headers

GET /iiNFDoI4OA3oZtdxoUWUMWYX08kOuMeHe_tRMsqTIJgVNJ-Jot9M98LrUt5pe9WRlYhs9wDv4mbIFBpjzI9Y2w93_Q?_=1701158486566 HTTP/1.1
Host: 2997.novemberadventures.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: application/javascript; charset=UTF-8
content-length: 6137
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2

i.wmgtr.com/cim/PPOXSF7ffFmGEcfnq4cPmeppA_BFjf4V.png

45.133.44.32

200 OK

45 kB

URL GET HTTP/2
i.wmgtr.com/cim/PPOXSF7ffFmGEcfnq4cPmeppA_BFjf4V.png
IP
45.133.44.32:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerLet's Encrypt
Subjecti.wmgtr.com
FingerprintEC:B5:1E:3E:A4:6B:92:23:E2:9E:1E:FC:99:58:59:8E:23:DD:C1:25
ValidityMon, 23 Oct 2023 00:02:20 GMT - Sun, 21 Jan 2024 00:02:19 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 492x328, components 3\012- data
Size
45 kB (44916 bytes)
Hash
c3dd6f00c2dea19f56abd0f61009dff2
ac635289dd9a88ab2cf6a2c00857fa05c705ce68
53c2a69633d5ce500ea9eb3706fe5874244c2b7595dab2eb52938555bafe1d43

HTTP Headers

GET /cim/PPOXSF7ffFmGEcfnq4cPmeppA_BFjf4V.png HTTP/1.1
Host: i.wmgtr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:26 GMT
content-type: image/jpeg
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-option: nosniff
cache-control: max-age=82800
expires: Wed, 29 Nov 2023 07:01:26 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700

142.250.74.170

200 OK

6.4 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.porngo.com/videos/399114/0061c490c9adf6054f70b0d05467216a/?ts=12169
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (6530), with no line terminators
Size
6.4 kB (6362 bytes)
Hash
9b55b51caebe742936e81a05c87129d6
9c09adf793b625f14d06e44c538cc800912fc6c1
195246f7de49c3922daaf4ff0d5959e0e9e575ed28772bb497327465830f2ad0

HTTP Headers

GET /css?family=Roboto:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.porngo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Nov 2023 08:01:22 GMT
date: Tue, 28 Nov 2023 08:01:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

a.orbsrv.com/ad-provider.js

185.76.9.24

200 OK

122 kB

URL GET HTTP/2
a.orbsrv.com/ad-provider.js
IP
185.76.9.24:443
ASN
#60068 Datacamp Limited

Requested by
https://game.starswalker.site/api/spots/322253?p=1&s1=%subid1%&kw=
Certificate
IssuerLet's Encrypt
Subjectorbsrv.com
FingerprintC1:06:45:A2:28:F1:95:0E:76:B9:25:AE:56:75:E5:60:63:2E:D3:34
ValidityThu, 05 Oct 2023 15:32:45 GMT - Wed, 03 Jan 2024 15:32:44 GMT

File type
ASCII text, with very long lines (32959)
Size
122 kB (122106 bytes)
Hash
37a51e5a3e81c06a86896833341c1ecf
075f126ac630e1b7e6c942013891821fe7d5628b
cfc14ad92298562dd4fbd2a033e4eec2d280f988fc4f161cb70deecebe473352

HTTP Headers

GET /ad-provider.js HTTP/1.1
Host: a.orbsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://game.starswalker.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 08:01:23 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"075f126ac630e1b7e6c94201389"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 27 Nov 2023 13:29:27 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJFAH3mgUAAAwBuUwKAQH3BAAAAAwB1GY4nAH3yQEAAA
x-77-nzt-ray: af58563070c1717e539e6565d6c07a12
x-accel-expires: @1701167849
x-accel-date: 1701157049
x-77-cache: HIT
x-77-age: 1895
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 4, 1434
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (86)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations