hannahowo.net/
104.21.64.10301 Moved Permanently 162 B IP 104.21.64.10:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET / HTTP/1.1
Host: hannahowo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Dec 2022 02:51:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://hannahowo.net/
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgAXajfTWhobVaAS2FQSvocNIQfrwrQBmDlHmz099rdwWEYJi4Z8OVkL33%2Bt5dkc6L8oygA9mcolK3gZ%2Bqr8SZBhFaHKSMRKmvo6%2BLrce0%2FDABAM9D%2BdCXsMo7pYYvj9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7759f5df88f00b41-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4707
Expires: Wed, 07 Dec 2022 04:10:03 GMT
Date: Wed, 07 Dec 2022 02:51:36 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5421
Cache-Control: max-age=119403
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:51:36 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 12:01:39 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11449
Expires: Wed, 07 Dec 2022 06:02:25 GMT
Date: Wed, 07 Dec 2022 02:51:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 02:20:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1870
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DTWdaVzqc+usAqwn86RrqXgNlG5laYqj7YWOYp6VDOce5qWIZV/QSSV7ViLPaf+vBe/09DDOrC0=
x-amz-request-id: X282669VG6FQ24RT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 02:49:12 GMT
age: 144
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 08e19ef99e9de7742532a7db96a9c7a7
7f8daf9d7b17a9f80f06e46abf62302e84ad93c4
efc46a8a2e24dc3566843900227fb2c6af26b6503ccd667fbdb8cab91a11bba6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:51:36 GMT
Server: ECS (amb/6BB3)
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 02:51:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 02:08:58 GMT
cache-control: public,max-age=3600
age: 2558
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 08e19ef99e9de7742532a7db96a9c7a7
7f8daf9d7b17a9f80f06e46abf62302e84ad93c4
efc46a8a2e24dc3566843900227fb2c6af26b6503ccd667fbdb8cab91a11bba6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:51:37 GMT
Last-Modified: Wed, 07 Dec 2022 02:51:36 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5370
Cache-Control: max-age=114283
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:51:37 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 10:36:20 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 07fb60dbeff0bcd1e513ec4a278ff7ae
5fe4bef4c17e48bc52da5f99e6a134d70a6f9c11
7a2532af33095ae3f0ffe0e55c243b06ff077ab5f47a9266663e8006637399c1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7A2532AF33095AE3F0FFE0E55C243B06FF077AB5F47A9266663E8006637399C1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4052
Expires: Wed, 07 Dec 2022 03:59:09 GMT
Date: Wed, 07 Dec 2022 02:51:37 GMT
Connection: keep-alive
www.highperformancecpmgate.com/su4rn16zy?key=80c69eb345d6eca1894cee873bd7e686
192.243.59.12200 OK 1.2 kB URL HTTP/1.1 www.highperformancecpmgate.com/su4rn16zy?key=80c69eb345d6eca1894cee873bd7e686
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ffa83bc576a86f0cb23ba5ab7bb1c4c0
8bb07e4bd359e82a62209df0b0d04624a15ee7d7
b91860a18ade8d8c517bbf554b1e3a873c8f931e8cb950b5e6794bdeac2f3bd8
Analyzer Verdict Alert quad9 Sinkholed
GET /su4rn16zy?key=80c69eb345d6eca1894cee873bd7e686 HTTP/1.1
Host: www.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 02:51:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16259365; expires=Thu, 08 Dec 2022 02:51:37 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI1OTM2NSwiayI6IjgwYzY5ZWIzNDVkNmVjYTE4OTRjZWU4NzNiZDdlNjg2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ5MzQzLCJwaWQiOjk4NzI3LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJzdTRybjE2enkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiJ9fQ.PhtAYFnvNndvXVBdB5z_dlAMF0JMz6Y44qcVnlF834Q; expires=Wed, 07 Dec 2022 02:52:37 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7ddea833981d9f06693f982be9bd6691
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
push.services.mozilla.com/
54.71.202.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.71.202.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9QV4sbXIuQyA0Yg2kyoOQw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UaWO1UhmrHgKPxzw49s09Vue3jk=
www.highperformancecpmgate.com/su4rn16zy?shu=51d2e0fa72a402fa4e89897d35bc24cf35d821fe060a8cadfc755c664e8b3d0f8ec921d44b1209cc388e1858c10b9955e87c1aaf245a3461ce8c517393b5f0af849c24e17108c2a6120d70e12a8f35145a5dd214eb994b9eb52998e0295b68&pst=1670381557&rmtc=t&uuid=&pii=&in=false&key=80c69eb345d6eca1894cee873bd7e686
192.243.59.12302 Found 0 B URL HTTP/1.1 www.highperformancecpmgate.com/su4rn16zy?shu=51d2e0fa72a402fa4e89897d35bc24cf35d821fe060a8cadfc755c664e8b3d0f8ec921d44b1209cc388e1858c10b9955e87c1aaf245a3461ce8c517393b5f0af849c24e17108c2a6120d70e12a8f35145a5dd214eb994b9eb52998e0295b68&pst=1670381557&rmtc=t&uuid=&pii=&in=false&key=80c69eb345d6eca1894cee873bd7e686
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /su4rn16zy?shu=51d2e0fa72a402fa4e89897d35bc24cf35d821fe060a8cadfc755c664e8b3d0f8ec921d44b1209cc388e1858c10b9955e87c1aaf245a3461ce8c517393b5f0af849c24e17108c2a6120d70e12a8f35145a5dd214eb994b9eb52998e0295b68&pst=1670381557&rmtc=t&uuid=&pii=&in=false&key=80c69eb345d6eca1894cee873bd7e686 HTTP/1.1
Host: www.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.highperformancecpmgate.com/su4rn16zy?key=9ca601a9f47c735df76d5ca46fa26a66&submetric=16259365
Cookie: u_pl=16259365; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI1OTM2NSwiayI6IjgwYzY5ZWIzNDVkNmVjYTE4OTRjZWU4NzNiZDdlNjg2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ5MzQzLCJwaWQiOjk4NzI3LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJzdTRybjE2enkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiJ9fQ.PhtAYFnvNndvXVBdB5z_dlAMF0JMz6Y44qcVnlF834Q; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 02:51:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://bestpornxxx.net/click.php?key=tvsasnu7fkk90k43fjl6&SUB_ID_SHORT=19795966db4426c688f832cd85ca2261&COST_CPM=6.550000&CAMPAIGN_ID=574319&BANNER_ID=1730023&PLACEMENT_ID=16259365&COUNTRY_CODE=NO&USER_CITY=Oslo&USER_OS=Windows&BROWSER_NAME=Firefox&DEVICE_BRAND=Unknown&USER_CARRIER=Blix%20Solutions&REMOTE_LANGUAGE=11
Set-Cookie: iprc83f3e3fedfe63d116caabc8a56b93084=3352692; expires=Thu, 08 Dec 2022 02:51:37 GMT
pdhtkv=true; expires=Thu, 08 Dec 2022 02:51:37 GMT
uncs=1; expires=Thu, 08 Dec 2022 02:51:37 GMT
pdhtkv28=true; expires=Thu, 08 Dec 2022 02:51:37 GMT
uncs28=1; expires=Thu, 08 Dec 2022 02:51:37 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8ef19e6d71754bbaf6cc9926884f87dd
Strict-Transport-Security: max-age=0; includeSubdomains
bestpornxxx.net/landers/bf86bb50f1/style.css
138.201.82.216200 OK 11 kB URL HTTP/2 bestpornxxx.net/landers/bf86bb50f1/style.css
IP 138.201.82.216:0
ASN #24940 Hetzner Online GmbH
Hash de269c9ed0a0a627c6cf500a6aaf8eba
745510c21c699306fc3105a83890d2a36af478a9
8717578bde4399d6b087237fc7b7c0fc96d51048f3ac444f945b1acbb45d29d9
GET /landers/bf86bb50f1/style.css HTTP/1.1
Host: bestpornxxx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestpornxxx.net/click.php?key=tvsasnu7fkk90k43fjl6&SUB_ID_SHORT=19795966db4426c688f832cd85ca2261&COST_CPM=6.550000&CAMPAIGN_ID=574319&BANNER_ID=1730023&PLACEMENT_ID=16259365&COUNTRY_CODE=NO&USER_CITY=Oslo&USER_OS=Windows&BROWSER_NAME=Firefox&DEVICE_BRAND=Unknown&USER_CARRIER=Blix%20Solutions&REMOTE_LANGUAGE=11
Cookie: uclick=hosyfnib; uclickhash=hosyfnib-hosyfnib-h9rn-0-qee8-ojdu0-ojslvr-c2422b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 02:51:38 GMT
content-type: text/css
content-length: 10783
last-modified: Fri, 22 Jul 2022 09:35:29 GMT
etag: "62da6f61-2a1f"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9200971578cc51d585ff63cab1eb6387
33a4f58fcce22e2d2ab6a4e3ba80d17a9556d4b1
318f26845b26a7919d2d13d3730949d64335402a8c8cbce75aaa8593c2d14a74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "318F26845B26A7919D2D13D3730949D64335402A8C8CBCE75AAA8593C2D14A74"
Last-Modified: Mon, 05 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10758
Expires: Wed, 07 Dec 2022 05:50:56 GMT
Date: Wed, 07 Dec 2022 02:51:38 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bestpornxxx.net/landers/bf86bb50f1/jquery.js
138.201.82.216200 OK 97 kB URL HTTP/2 bestpornxxx.net/landers/bf86bb50f1/jquery.js
IP 138.201.82.216:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (518), with CRLF line terminators
Hash 82e7ba8a275df92447237ca5b4ce0e2d
a114012e88c0769ebbc0ed7384645c14f6cb86f2
1ae0ea0ed41e7f0cdc9bc8fa4ac97d4b759342dfdefa1b1ce3d298ef73914a16
GET /landers/bf86bb50f1/jquery.js HTTP/1.1
Host: bestpornxxx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestpornxxx.net/click.php?key=tvsasnu7fkk90k43fjl6&SUB_ID_SHORT=19795966db4426c688f832cd85ca2261&COST_CPM=6.550000&CAMPAIGN_ID=574319&BANNER_ID=1730023&PLACEMENT_ID=16259365&COUNTRY_CODE=NO&USER_CITY=Oslo&USER_OS=Windows&BROWSER_NAME=Firefox&DEVICE_BRAND=Unknown&USER_CARRIER=Blix%20Solutions&REMOTE_LANGUAGE=11
Cookie: uclick=hosyfnib; uclickhash=hosyfnib-hosyfnib-h9rn-0-qee8-ojdu0-ojslvr-c2422b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 02:51:38 GMT
content-type: application/javascript
content-length: 96611
last-modified: Sun, 19 Sep 2021 10:37:20 GMT
etag: "614712e0-17963"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
bestpornxxx.net/landers/bf86bb50f1/showHide.js
138.201.82.216200 OK 2.2 kB URL HTTP/2 bestpornxxx.net/landers/bf86bb50f1/showHide.js
IP 138.201.82.216:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash fe3bd08281bd4ea754ac60f158c009fb
d9dfe536854b893e6c913e6178f63a2072137a9f
24a705fe01ceb074542600a995fe1c2caf827d31c082602fe2011d63d56f4f4d
GET /landers/bf86bb50f1/showHide.js HTTP/1.1
Host: bestpornxxx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestpornxxx.net/click.php?key=tvsasnu7fkk90k43fjl6&SUB_ID_SHORT=19795966db4426c688f832cd85ca2261&COST_CPM=6.550000&CAMPAIGN_ID=574319&BANNER_ID=1730023&PLACEMENT_ID=16259365&COUNTRY_CODE=NO&USER_CITY=Oslo&USER_OS=Windows&BROWSER_NAME=Firefox&DEVICE_BRAND=Unknown&USER_CARRIER=Blix%20Solutions&REMOTE_LANGUAGE=11
Cookie: uclick=hosyfnib; uclickhash=hosyfnib-hosyfnib-h9rn-0-qee8-ojdu0-ojslvr-c2422b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 02:51:38 GMT
content-type: application/javascript
content-length: 2215
last-modified: Sun, 19 Sep 2021 10:37:20 GMT
etag: "614712e0-8a7"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
bestpornxxx.net/click.php?key=tvsasnu7fkk90k43fjl6&SUB_ID_SHORT=19795966db4426c688f832cd85ca2261&COST_CPM=6.550000&CAMPAIGN_ID=574319&BANNER_ID=1730023&PLACEMENT_ID=16259365&COUNTRY_CODE=NO&USER_CITY=Oslo&USER_OS=Windows&BROWSER_NAME=Firefox&DEVICE_BRAND=Unknown&USER_CARRIER=Blix%20Solutions&REMOTE_LANGUAGE=11
138.201.82.216200 OK 1.5 kB URL HTTP/2 bestpornxxx.net/click.php?key=tvsasnu7fkk90k43fjl6&SUB_ID_SHORT=19795966db4426c688f832cd85ca2261&COST_CPM=6.550000&CAMPAIGN_ID=574319&BANNER_ID=1730023&PLACEMENT_ID=16259365&COUNTRY_CODE=NO&USER_CITY=Oslo&USER_OS=Windows&BROWSER_NAME=Firefox&DEVICE_BRAND=Unknown&USER_CARRIER=Blix%20Solutions&REMOTE_LANGUAGE=11
IP 138.201.82.216:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash e496676f3316b26fe9e97b1ad14d23cb
05246984b4a47940764b77ee15bb60d9084fa583
9a15550a40a57171eac79dbd8f26a399f21b9b35a5e39ba945d5a22161c5d4c4
GET /click.php?key=tvsasnu7fkk90k43fjl6&SUB_ID_SHORT=19795966db4426c688f832cd85ca2261&COST_CPM=6.550000&CAMPAIGN_ID=574319&BANNER_ID=1730023&PLACEMENT_ID=16259365&COUNTRY_CODE=NO&USER_CITY=Oslo&USER_OS=Windows&BROWSER_NAME=Firefox&DEVICE_BRAND=Unknown&USER_CARRIER=Blix%20Solutions&REMOTE_LANGUAGE=11 HTTP/1.1
Host: bestpornxxx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highperformancecpmgate.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 02:51:38 GMT
content-type: text/html; charset=utf-8
set-cookie: uclick=hosyfnib; expires=Thu, 08-Dec-2022 02:51:38 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=hosyfnib-hosyfnib-h9rn-0-qee8-ojdu0-ojslvr-c2422b; expires=Thu, 08-Dec-2022 02:51:38 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
bestpornxxx.net/landers/bf86bb50f1/multilang.js
138.201.82.216200 OK 18 kB URL HTTP/2 bestpornxxx.net/landers/bf86bb50f1/multilang.js
IP 138.201.82.216:0
ASN #24940 Hetzner Online GmbH
Hash 90b2126822e1f6ab5e4ec1569b545596
a7e767d83f82c3de040e9f31fec60255d937fd53
e5349f85a6e16999378e7a89cdcf2a0b1c18428013da7e69b2e70f4ef8b72889
GET /landers/bf86bb50f1/multilang.js HTTP/1.1
Host: bestpornxxx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestpornxxx.net/click.php?key=tvsasnu7fkk90k43fjl6&SUB_ID_SHORT=19795966db4426c688f832cd85ca2261&COST_CPM=6.550000&CAMPAIGN_ID=574319&BANNER_ID=1730023&PLACEMENT_ID=16259365&COUNTRY_CODE=NO&USER_CITY=Oslo&USER_OS=Windows&BROWSER_NAME=Firefox&DEVICE_BRAND=Unknown&USER_CARRIER=Blix%20Solutions&REMOTE_LANGUAGE=11
Cookie: uclick=hosyfnib; uclickhash=hosyfnib-hosyfnib-h9rn-0-qee8-ojdu0-ojslvr-c2422b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 02:51:38 GMT
content-type: application/javascript
content-length: 18263
last-modified: Sun, 19 Sep 2021 10:37:20 GMT
etag: "614712e0-4757"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
bestpornxxx.net/landers/bf86bb50f1/js
138.201.82.216200 OK 136 kB URL HTTP/2 bestpornxxx.net/landers/bf86bb50f1/js
IP 138.201.82.216:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2644)
Size 136 kB (136318 bytes)
Hash de5575bb1f706df4b8f880621c6185ef
ca04c76c786c394d0610bd362a21ac4997fcfd2c
c006b58fe438bed370e99e7b2afeef704172f9c78587024fcf26bc8fea5ef4af
GET /landers/bf86bb50f1/js HTTP/1.1
Host: bestpornxxx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestpornxxx.net/click.php?key=tvsasnu7fkk90k43fjl6&SUB_ID_SHORT=19795966db4426c688f832cd85ca2261&COST_CPM=6.550000&CAMPAIGN_ID=574319&BANNER_ID=1730023&PLACEMENT_ID=16259365&COUNTRY_CODE=NO&USER_CITY=Oslo&USER_OS=Windows&BROWSER_NAME=Firefox&DEVICE_BRAND=Unknown&USER_CARRIER=Blix%20Solutions&REMOTE_LANGUAGE=11
Cookie: uclick=hosyfnib; uclickhash=hosyfnib-hosyfnib-h9rn-0-qee8-ojdu0-ojslvr-c2422b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 02:51:38 GMT
content-type: application/octet-stream
content-length: 136318
last-modified: Sun, 19 Sep 2021 10:37:20 GMT
etag: "614712e0-2147e"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8632
Expires: Wed, 07 Dec 2022 05:15:30 GMT
Date: Wed, 07 Dec 2022 02:51:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8632
Expires: Wed, 07 Dec 2022 05:15:30 GMT
Date: Wed, 07 Dec 2022 02:51:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8632
Expires: Wed, 07 Dec 2022 05:15:30 GMT
Date: Wed, 07 Dec 2022 02:51:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8632
Expires: Wed, 07 Dec 2022 05:15:30 GMT
Date: Wed, 07 Dec 2022 02:51:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8632
Expires: Wed, 07 Dec 2022 05:15:30 GMT
Date: Wed, 07 Dec 2022 02:51:38 GMT
Connection: keep-alive
bestpornxxx.net/landers/bf86bb50f1/video.mp4
138.201.82.216206 Partial Content 78 kB URL HTTP/2 bestpornxxx.net/landers/bf86bb50f1/video.mp4
IP 138.201.82.216:0
ASN #24940 Hetzner Online GmbH
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 4e52a2e6298501b9f1dd69e34cc7aab7
d11bf895d5aa0cf0804470a224c319164cb47166
97e2f81b4b5e52f435777f34a0125d2c2c43be683f0efc8341b9d2ab76410c49
GET /landers/bf86bb50f1/video.mp4 HTTP/1.1
Host: bestpornxxx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://bestpornxxx.net/click.php?key=tvsasnu7fkk90k43fjl6&SUB_ID_SHORT=19795966db4426c688f832cd85ca2261&COST_CPM=6.550000&CAMPAIGN_ID=574319&BANNER_ID=1730023&PLACEMENT_ID=16259365&COUNTRY_CODE=NO&USER_CITY=Oslo&USER_OS=Windows&BROWSER_NAME=Firefox&DEVICE_BRAND=Unknown&USER_CARRIER=Blix%20Solutions&REMOTE_LANGUAGE=11
Cookie: uclick=hosyfnib; uclickhash=hosyfnib-hosyfnib-h9rn-0-qee8-ojdu0-ojslvr-c2422b
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
server: nginx/1.20.2
date: Wed, 07 Dec 2022 02:51:38 GMT
content-type: video/mp4
content-length: 2329115
last-modified: Sun, 19 Sep 2021 10:37:20 GMT
etag: "614712e0-238a1b"
strict-transport-security: max-age=31536000
content-range: bytes 0-2329114/2329115
X-Firefox-Spdy: h2
bestpornxxx.net/landers/images/bg1.jpg
138.201.82.216200 OK 9.9 kB URL HTTP/2 bestpornxxx.net/landers/images/bg1.jpg
IP 138.201.82.216:0
ASN #24940 Hetzner Online GmbH
Hash 45941bee5e697e442254119b60d8bfb1
21dc56d6da5cfe2c03c0b1b81449ce848eb29ec5
68881c2e57875446f82b972f675521b7274ad4b536e673dc56bee45fc1cc9afd
GET /landers/images/bg1.jpg HTTP/1.1
Host: bestpornxxx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestpornxxx.net/landers/bf86bb50f1/style.css
Cookie: uclick=hosyfnib; uclickhash=hosyfnib-hosyfnib-h9rn-0-qee8-ojdu0-ojslvr-c2422b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 02:51:38 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
bestpornxxx.net/landers/bf86bb50f1/poster7.png
138.201.82.216200 OK 7.6 kB URL HTTP/2 bestpornxxx.net/landers/bf86bb50f1/poster7.png
IP 138.201.82.216:0
ASN #24940 Hetzner Online GmbH
Hash d5e7b5cc481c887db050e4a363f0f3d3
bc2764f21faa5c51ea7dc2f517563e1064de6512
0d2e52925e3a8c725d7ddbf266d9d8fc51d7a309a046597e4c2b582c1c4883bd
GET /landers/bf86bb50f1/poster7.png HTTP/1.1
Host: bestpornxxx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestpornxxx.net/click.php?key=tvsasnu7fkk90k43fjl6&SUB_ID_SHORT=19795966db4426c688f832cd85ca2261&COST_CPM=6.550000&CAMPAIGN_ID=574319&BANNER_ID=1730023&PLACEMENT_ID=16259365&COUNTRY_CODE=NO&USER_CITY=Oslo&USER_OS=Windows&BROWSER_NAME=Firefox&DEVICE_BRAND=Unknown&USER_CARRIER=Blix%20Solutions&REMOTE_LANGUAGE=11
Cookie: uclick=hosyfnib; uclickhash=hosyfnib-hosyfnib-h9rn-0-qee8-ojdu0-ojslvr-c2422b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 02:51:38 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b92721cbe24623f1713a5248d6a7c1b2
3628390c62642dcc375b28f58c9b48180c4abd73
37d0451c03bc7cf0253aba6d3204cbf38502692a0fbc751a3ead01b07e9a65d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9613
x-amzn-requestid: 31270e51-34df-4980-9221-e21a5521b3de
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clZQYHzvoAMFvdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ba268-509300b867fcbfb71a7cf6ad;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 19:24:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xk1sLSRBl1t872eGrnw1dVjQO7XvAM4NDFd5Y0wKjdvkKtaqDneEKg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:54 GMT
age: 17384
etag: "3628390c62642dcc375b28f58c9b48180c4abd73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bestpornxxx.net/landers/bf86bb50f1/poster7.png
138.201.82.216200 OK 8.9 kB URL HTTP/2 bestpornxxx.net/landers/bf86bb50f1/poster7.png
IP 138.201.82.216:0
ASN #24940 Hetzner Online GmbH
Hash f5ebfb70ef106d938b467bca487783c2
4da1ee6ad729fe4dfdc77eee75c413d93009c191
80fb26f405109bae80f10710163e9968ceaeeaa4094b94b4a316509abc77ef4b
GET /landers/bf86bb50f1/poster7.png HTTP/1.1
Host: bestpornxxx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestpornxxx.net/click.php?key=tvsasnu7fkk90k43fjl6&SUB_ID_SHORT=19795966db4426c688f832cd85ca2261&COST_CPM=6.550000&CAMPAIGN_ID=574319&BANNER_ID=1730023&PLACEMENT_ID=16259365&COUNTRY_CODE=NO&USER_CITY=Oslo&USER_OS=Windows&BROWSER_NAME=Firefox&DEVICE_BRAND=Unknown&USER_CARRIER=Blix%20Solutions&REMOTE_LANGUAGE=11
Cookie: uclick=hosyfnib; uclickhash=hosyfnib-hosyfnib-h9rn-0-qee8-ojdu0-ojslvr-c2422b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 02:51:38 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9367069b-64ab-4e4d-b8c9-fa115e0681a9.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9367069b-64ab-4e4d-b8c9-fa115e0681a9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bdf4703f3372054a7aadce1cb0e11bd0
84d060f66accd412503d52c385ee47cb35795c07
c5853b653ee328e567e2456be12450e04c1704ed64fb6234f008532e4b6c8363
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9367069b-64ab-4e4d-b8c9-fa115e0681a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3744
x-amzn-requestid: 73eab74b-e50c-46d1-adde-3ef85fb772f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlj7FDiIAMFmsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb618-70ffb1925e3a9ef6081d1cd1;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: F-LcglSz1NX1Q2t84r1dv0vQzONyYMhlGB6TdS6CeKf9I8Krk1mDUg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
etag: "84d060f66accd412503d52c385ee47cb35795c07"
content-type: image/jpeg
age: 17659
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bestpornxxx.net/landers/bf86bb50f1/video.mp4
138.201.82.216206 Partial Content 281 kB URL HTTP/2 bestpornxxx.net/landers/bf86bb50f1/video.mp4
IP 138.201.82.216:0
ASN #24940 Hetzner Online GmbH
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 281 kB (281061 bytes)
Hash c314514f00a1404f13fdfdf4699f4077
d1a97be55b31bc02a0074ababa588dcccca643ea
d36ae28f14005bd89341d7f84c91e4cccf7b81cb905fdb5ec39e6e556f564931
GET /landers/bf86bb50f1/video.mp4 HTTP/1.1
Host: bestpornxxx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://bestpornxxx.net/click.php?key=tvsasnu7fkk90k43fjl6&SUB_ID_SHORT=19795966db4426c688f832cd85ca2261&COST_CPM=6.550000&CAMPAIGN_ID=574319&BANNER_ID=1730023&PLACEMENT_ID=16259365&COUNTRY_CODE=NO&USER_CITY=Oslo&USER_OS=Windows&BROWSER_NAME=Firefox&DEVICE_BRAND=Unknown&USER_CARRIER=Blix%20Solutions&REMOTE_LANGUAGE=11
Cookie: uclick=hosyfnib; uclickhash=hosyfnib-hosyfnib-h9rn-0-qee8-ojdu0-ojslvr-c2422b
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
server: nginx/1.20.2
date: Wed, 07 Dec 2022 02:51:38 GMT
content-type: video/mp4
content-length: 2329115
last-modified: Sun, 19 Sep 2021 10:37:20 GMT
etag: "614712e0-238a1b"
strict-transport-security: max-age=31536000
content-range: bytes 0-2329114/2329115
X-Firefox-Spdy: h2
bestpornxxx.net/landers/bf86bb50f1/favicon.ico
138.201.82.216200 OK 1.2 kB URL HTTP/2 bestpornxxx.net/landers/bf86bb50f1/favicon.ico
IP 138.201.82.216:0
ASN #24940 Hetzner Online GmbH
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 38722a803b73dd1871a3d8a19db44d2f
3379960a2c6611bfefcb39e662198d6df322e12d
314dc8584b1a7c7d66a5882b6d153c53ceae37d7137df7b67ddd9735187f2c97
GET /landers/bf86bb50f1/favicon.ico HTTP/1.1
Host: bestpornxxx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestpornxxx.net/click.php?key=tvsasnu7fkk90k43fjl6&SUB_ID_SHORT=19795966db4426c688f832cd85ca2261&COST_CPM=6.550000&CAMPAIGN_ID=574319&BANNER_ID=1730023&PLACEMENT_ID=16259365&COUNTRY_CODE=NO&USER_CITY=Oslo&USER_OS=Windows&BROWSER_NAME=Firefox&DEVICE_BRAND=Unknown&USER_CARRIER=Blix%20Solutions&REMOTE_LANGUAGE=11
Cookie: uclick=hosyfnib; uclickhash=hosyfnib-hosyfnib-h9rn-0-qee8-ojdu0-ojslvr-c2422b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 02:51:38 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Sun, 19 Sep 2021 10:37:20 GMT
etag: "614712e0-47e"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-C3EPRPS8FB&l=dataLayer&cx=c
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-C3EPRPS8FB&l=dataLayer&cx=c
IP 142.250.74.168:0
File type ASCII text, with very long lines (20080)
Hash b7c21b60589f84b81bec62443f04f503
3630c41418f787854b166ebb9ceb9929db6456a5
c9be22ed6bef83f58d9133a3eac002f71c2ce4fcc292b0e3974c573f40a5d953
GET /gtag/js?id=G-C3EPRPS8FB&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestpornxxx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 02:51:38 GMT
expires: Wed, 07 Dec 2022 02:51:38 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76347
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 02:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hannahowo.net/
104.21.64.10301 Moved Permanently 0 B IP 104.21.64.10:0
GET / HTTP/1.1
Host: hannahowo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Wed, 07 Dec 2022 02:51:37 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.highperformancecpmgate.com/su4rn16zy?key=80c69eb345d6eca1894cee873bd7e686
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5FcirKGz7ZmFILa59Qaurbt2GLopfYelq7g2OZoXQCYObnP5lFn2tbJ5V1uS1Qisiccd7%2F3yC9FDCb3NaLymdtRi0QdMkeaBh%2B2J8TJ3BlFRRVzmazgP28jsbiMrK4V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7759f5e1c91ab4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.google.com/specimen/Montserrat
142.250.74.174200 OK 0 B URL HTTP/2 fonts.google.com/specimen/Montserrat
IP 142.250.74.174:0
GET /specimen/Montserrat HTTP/1.1
Host: fonts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestpornxxx.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Dec 2022 02:51:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-1aSLVwl9AP_Ev1qE1WemCw' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=e-BOcFC_BQimyMtAyi1RhLeEbBUf1pdLEA0frilOii2HR1frF8HQ5hg-H2IVMWUpD6XkIl057JDFh1nSaQWcNSD8e_9OKFi1zW9_s7j0BUJ2W0C2GXZ3-4LH2P6-OfN2QiOPg2ONUOJtFwpXdOj_exKGBDCROW6I8k4miJlj3-4; expires=Thu, 08-Jun-2023 02:51:38 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pushadvert.bid/code/ge3dkobzmq5ha3ddf4zdgna
185.177.94.180200 OK 0 B URL HTTP/2 pushadvert.bid/code/ge3dkobzmq5ha3ddf4zdgna
IP 185.177.94.180:0
ASN #39572 DataWeb Global Group B.V.
GET /code/ge3dkobzmq5ha3ddf4zdgna HTTP/1.1
Host: pushadvert.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestpornxxx.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 02:51:38 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=5006bb5c-0f68-4b2c-a488-bf6d0b47b09c; expires=Fri, 06-Jan-2023 02:51:38 GMT; Max-Age=2592000; path=/; SameSite=None; domain=pushadvert.bid; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2