| daftsex.com/watch/-125812644_456239791 | 172.67.163.49 | 301 Moved Permanently | 0 B |
URL HTTP/1.1daftsex.com/watch/-125812644_456239791 IP172.67.163.49:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch/-125812644_456239791 HTTP/1.1
Host: daftsex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 12 Sep 2022 22:32:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 12 Sep 2022 23:32:39 GMT
Location: https://daftsex.com/watch/-125812644_456239791
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shQFhNwy2kDYW12LMqi4kWutPIWAsZTLIHw%2FkZT7hMGM3J6yuQuVQfhDXyH7wAgAuwUhFYxSqW5bgceAZS886stYVRg2FMxojE7txUeyTSILJlETq3tvV0vOnAKE9g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c19ada9070b06-OSL
alt-svc: h2=":443"; ma=60
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.35 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashb593eb39329cfe060d55be5e4a5405e2 78e46c1028e9f94f8569303ad2d90d7df13a059a 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 22:08:31 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bkOLUyPAavdiZZMfTe1FQwb7hgYuvph7kdIOEMUR619vZpW3CL0fiA==
Age: 1448
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash76d5eb597558e3dee0d99719d17e71e0 f3a0f3932fa8059f27dc9422d523b938fa9a7d09 d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8107
Expires: Tue, 13 Sep 2022 00:47:46 GMT
Date: Mon, 12 Sep 2022 22:32:39 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.49 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.49:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kKlRtltaouNbm34-8Z_Bp23j_CTMwMFJUT5XiE8Nzbh2h4BnTuY7NA==
age: 54927
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 346 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash978bf7e2ac86a90a829d1c6ed9ed4888 db2f84bf33a48f1441e4b1bcf5c41da7be7c501f 0f5ef3f720bf3e29bd1de69480c86762114c958bdc3f3eb9a1d41e20ea907d15
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0F5EF3F720BF3E29BD1DE69480C86762114C958BDC3F3EB9A1D41E20EA907D15"
Last-Modified: Mon, 12 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9767
Expires: Tue, 13 Sep 2022 01:15:26 GMT
Date: Mon, 12 Sep 2022 22:32:39 GMT
Connection: keep-alive
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:32:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 346 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash978bf7e2ac86a90a829d1c6ed9ed4888 db2f84bf33a48f1441e4b1bcf5c41da7be7c501f 0f5ef3f720bf3e29bd1de69480c86762114c958bdc3f3eb9a1d41e20ea907d15
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0F5EF3F720BF3E29BD1DE69480C86762114C958BDC3F3EB9A1D41E20EA907D15"
Last-Modified: Mon, 12 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9767
Expires: Tue, 13 Sep 2022 01:15:26 GMT
Date: Mon, 12 Sep 2022 22:32:39 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashdd0fd1101c745417faf6a04a3ff59804 d3da7442a57d6c86402c6893927d0d3ce04870c8 0d20d345b18a32faeee1b0e6f8dfd6609b0e632d85e259015baa45dd4e99bff6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D20D345B18A32FAEEE1B0E6F8DFD6609B0E632D85E259015BAA45DD4E99BFF6"
Last-Modified: Sun, 11 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14883
Expires: Tue, 13 Sep 2022 02:40:43 GMT
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 312 B |
IP93.184.220.29:0
Hashfbac9c4ebd60c798ae6f1319489c601f e6e7d47337a8137b8186b5228fe4e987f1789a82 94b9a03ed1db9c1493a9938961551ad33c2a190d040f1ed321cca676e6211055
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4822
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 22:32:40 GMT
Last-Modified: Mon, 12 Sep 2022 21:12:18 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 312
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 312 B |
IP93.184.220.29:0
Hashfbac9c4ebd60c798ae6f1319489c601f e6e7d47337a8137b8186b5228fe4e987f1789a82 94b9a03ed1db9c1493a9938961551ad33c2a190d040f1ed321cca676e6211055
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3162
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 22:32:40 GMT
Last-Modified: Mon, 12 Sep 2022 21:39:58 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 312
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 1.5 kB |
IP93.184.220.29:0
Hash9de95e792c37bc0ceefee2aaced54f83 67b9207e732e73f968d7fd5f31a6edb08c9c289d 3ab142a431c8e47b823d15d7b03a8bfeaa11ffe66b3fd29c3b5f7440c9996764
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4605
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 22:32:40 GMT
Last-Modified: Mon, 12 Sep 2022 21:15:55 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 312
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.35 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 21:56:07 GMT
Expires: Mon, 12 Sep 2022 22:37:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qBPnaNJFg5Eti4v6WYEqSXMDfqQZNP8eP-BwiK2nspsWt4s_D5GnRg==
Age: 2193
|
|
| hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js | 209.197.3.25 | 200 OK | 17 kB |
URL HTTP/1.1hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js IP209.197.3.25:0
File typeASCII text, with very long lines (16885), with no line terminators Hash48c80c7c28b5b00a8b4ff94a22b72fe3 d57303c2ad2fd5cedc5cb20f264a6965a7819cee 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10721591
X-HW: 1663021960.dop207.sk1.t,1663021960.cds236.sk1.shn,1663021960.dop207.sk1.t,1663021960.cds228.sk1.c
Access-Control-Allow-Origin: *
|
|
| hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js | 205.185.208.20 | 200 OK | 5.0 kB |
URL HTTP/1.1hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js IP205.185.208.20:0
File typeASCII text, with very long lines (5027), with no line terminators Hash5e5817bcf4c82c7c85d1d88636d221ce b5c32cc6c931c33c1297884016e13d3b9a5bf261 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Content-Type: application/javascript
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10450174
X-HW: 1663021960.dop227.sk1.t,1663021960.cds220.sk1.shn,1663021960.cds220.sk1.c
Access-Control-Allow-Origin: *
|
|
| hw-cdn2.ang-content.com/a7/creatives/1/49/814959/1040545/1040545_logo.png | 205.185.208.20 | 200 OK | 3.0 kB |
URL HTTP/1.1hw-cdn2.ang-content.com/a7/creatives/1/49/814959/1040545/1040545_logo.png IP205.185.208.20:0
File typePNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data Hash0b1a4f8844a7468537ef9c5efdfd86c0 8680824dc752f61b01b0e4a2c719e0f69aa6efca 3f7b23bc0415c71c830991cdcbbd3d80720609842586592f3f27bf73d6b55d74
GET /a7/creatives/1/49/814959/1040545/1040545_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: Keep-Alive
ETag: "1661290692"
Content-Length: 3031
Content-Type: image/png
Last-Modified: Tue, 23 Aug 2022 21:38:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10762121
X-HW: 1663021960.dop012.sk1.t,1663021960.cds236.sk1.shn,1663021960.dop012.sk1.t,1663021960.cds215.sk1.c
Access-Control-Allow-Origin: *
|
|
| a.adtng.com/get/10002729?time=1555363895445 | 66.254.114.171 | 200 OK | 12 kB |
URL HTTP/2a.adtng.com/get/10002729?time=1555363895445 IP66.254.114.171:0
Hash7a2dccbe186c0f3fbe32eca8ef951476 b510d9eccc5cc1fa0fc137e997333d5a087dc94d ea619c8d595a4ce90bb3096609eee32247a03546fcdb5e5ddfb2e2c86428d399
GET /get/10002729?time=1555363895445 HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KImMfs4gkjlDucDtrAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7079; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 631FB388-42FE72AB01BB7A93-24DAD507
X-Firefox-Spdy: h2
|
|
| hw-cdn2.ang-content.com/a7/creatives/1/49/814986/1040948/1040948_logo.png | 205.185.208.20 | 200 OK | 3.3 kB |
URL HTTP/1.1hw-cdn2.ang-content.com/a7/creatives/1/49/814986/1040948/1040948_logo.png IP205.185.208.20:0
File typePNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data Hash4c992f93419cff2c1c149dfc70e710c6 ea1808199ce5bb59a63edea6fd39bbbf5e7511d7 ba89161f62c517bdd776996943f3e26ed2b92d749178f1c24da07c8db904e27c
GET /a7/creatives/1/49/814986/1040948/1040948_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: Keep-Alive
ETag: "1661776299"
Content-Length: 3346
Content-Type: image/png
Last-Modified: Mon, 29 Aug 2022 12:31:39 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10673825
X-HW: 1663021960.dop215.sk1.t,1663021960.cds240.sk1.shn,1663021960.dop215.sk1.t,1663021960.cds017.sk1.c
Access-Control-Allow-Origin: *
|
|
| thesaurussurf.com/a5/96/32/a59632dda777535e591fa2e7dde66a93.js | 192.243.61.227 | 200 OK | 20 kB |
URL HTTP/1.1thesaurussurf.com/a5/96/32/a59632dda777535e591fa2e7dde66a93.js IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with very long lines (59437), with no line terminators Hash7e06feed0cd5c470f83f7c1d54749263 14dffe3b3c82d90d996a4d8f7a9e1faad0386b1c 0adaf559cda94598d5f7bc08305d5e26946637f78d33a63f6c3c6d8d774bd303
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /a5/96/32/a59632dda777535e591fa2e7dde66a93.js HTTP/1.1
Host: thesaurussurf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 12 Sep 2022 22:32:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ef2a869e1beb2871b1d0062d2f322735
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| a.adtng.com/get/10002729?time=1555363895445 | 66.254.114.171 | 200 OK | 9.7 kB |
URL HTTP/2a.adtng.com/get/10002729?time=1555363895445 IP66.254.114.171:0
Hashc9bd8d8b6049aa80a6c8883dc2260f16 6bc4780d3f7e6207d632a2203a266800fae0eecb cd116a9e4afd9251f15ed68e305325ee1a7d6d7f8133be6fa1a2bfe1b61f23e6
GET /get/10002729?time=1555363895445 HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KEmMfs4hCKFN0RJa1Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7041; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 631FB388-42FE72AB01BB7A93-24DAD4EB
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 346 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashb32a5e9b733c4d6d00fa0ae101956367 a584d7ac68cf4e1e8d897ef1b0ba8d4d3037e997 6d41a9ea960766d6c7a93e01b3da41b93b651a3e38b00ec9873794c4bbdbee5b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6D41A9EA960766D6C7A93E01B3DA41B93B651A3E38B00EC9873794C4BBDBEE5B"
Last-Modified: Sat, 10 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10237
Expires: Tue, 13 Sep 2022 01:23:17 GMT
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hasha08de1f4da52733048f50303ff241be1 7e61302bcde4397d4dd24348aaf5581860cea0c6 7349cd1b89a4781daae80312ecab20747edfe839047edc787bbeda4cb2d3d31b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7349CD1B89A4781DAAE80312ECAB20747EDFE839047EDC787BBEDA4CB2D3D31B"
Last-Modified: Sun, 11 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6989
Expires: Tue, 13 Sep 2022 00:29:09 GMT
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: keep-alive
|
|
| celeritascdn.com/script/compatibility.js | 104.16.91.6 | 200 OK | 5.0 kB |
URL HTTP/2celeritascdn.com/script/compatibility.js IP104.16.91.6:0
Hash37c89a4fd4edd8adc0b9523f839699de a4ef0d4f860387de2079b6f6aa4e4c9d0ec5e4ba 3a37dbd0ec961c1122a9323297e5bcae4a93b87d68bb644d4658d0f403647170
GET /script/compatibility.js HTTP/1.1
Host: celeritascdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daxab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdvlhDYanHECByaSza43raCvmpFPU8fiCV7OLEX_q4EIweZAHwBoezGh7KYmWphViGMHxR6yJfcHC_HKodp5ba6Xmg
x-goog-generation: 1655802523449377
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 14461
x-goog-hash: crc32c=COVK0Q==, md5=lGu5GSoU5trQNansgXjwcw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Tue, 13 Sep 2022 02:32:40 GMT
cache-control: public, max-age=14400
last-modified: Tue, 21 Jun 2022 09:08:43 GMT
etag: W/"946bb9192a14e6dad035a9ec8178f073"
cf-cache-status: HIT
age: 1212
vary: Accept-Encoding
server: cloudflare
cf-ray: 749c19b4ed45b51b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.118 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.118:0
Hash349efb77dc286c5653310b0358a6221c b943ed167db03fc167d8811af5b227b2a9fb9191 4f24854f12c2afa74b77b523fa34a78cc756ead857140680c1e76eb7668305a7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 22:32:40 GMT
Last-Modified: Mon, 12 Sep 2022 20:47:30 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OC516t1K-h0Lmn6Ahs7xWtYaNIxduV_4ODMGYmCWaQOYs_ugqAPKZg==
Age: 6310
|
|
| simplewebanalysis.com/stats | 52.59.153.168 | 200 OK | 30 kB |
URL HTTP/2simplewebanalysis.com/stats IP52.59.153.168:0
Hash19b50c01c8d5ccf4d2b28eb414986870 141ba1ee4946b216ce5bf0770569f4e15a08770e 3c5f1154dd09b8b16c012f7b46a4b75b9a288c5a53ec459543cc62c593cc4b74
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://daftsex.com
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://daftsex.com
access-control-allow-credentials: true
set-cookie: uid_id2=5792855a-3f3f-4988-a851-1be2873187ae:2:1; expires=Thu, 09 Sep 2032 22:32:40 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 52.43.253.52 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.43.253.52:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jqzlvYYOE/AqoM8zCtsf8w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VkvHdhNhJXt9WWMz4AieNQ+xxlQ=
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hashd2459905efc0d0d5c1d595afd6e1275d 6a3f9a8b2ef044467291e4e5bbd3fd6e505b5b19 f01ea0d062d0bc57b5101ef667c14993d40d9c7f24a6f5859b3f66bc7147c37e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:32:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 19:53:32 GMT
Expires: Fri, 16 Sep 2022 19:53:31 GMT
Etag: "6a3f9a8b2ef044467291e4e5bbd3fd6e505b5b19"
Cache-Control: max-age=335450,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749c19b6b8960b45-OSL
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 346 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashb32a5e9b733c4d6d00fa0ae101956367 a584d7ac68cf4e1e8d897ef1b0ba8d4d3037e997 6d41a9ea960766d6c7a93e01b3da41b93b651a3e38b00ec9873794c4bbdbee5b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6D41A9EA960766D6C7A93E01B3DA41B93B651A3E38B00EC9873794C4BBDBEE5B"
Last-Modified: Sat, 10 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10237
Expires: Tue, 13 Sep 2022 01:23:17 GMT
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash279e23966ec0a262edc36219bb30ee6c 147d0e5f83e627e5a8e09247bef080fadedeadd0 295d242f1b8c87609e303484b44114b2d21fdf4f8de8539f0876081eddd29231
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "295D242F1B8C87609E303484B44114B2D21FDF4F8DE8539F0876081EDDD29231"
Last-Modified: Sun, 11 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7766
Expires: Tue, 13 Sep 2022 00:42:06 GMT
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash279e23966ec0a262edc36219bb30ee6c 147d0e5f83e627e5a8e09247bef080fadedeadd0 295d242f1b8c87609e303484b44114b2d21fdf4f8de8539f0876081eddd29231
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "295D242F1B8C87609E303484B44114B2D21FDF4F8DE8539F0876081EDDD29231"
Last-Modified: Sun, 11 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7766
Expires: Tue, 13 Sep 2022 00:42:06 GMT
Date: Mon, 12 Sep 2022 22:32:40 GMT
Connection: keep-alive
|
|
| graduatewonderentreaty.com/c7/28/b2/c728b26853ace83e7b56264fcb197a60.js | 173.233.137.44 | 200 OK | 13 kB |
URL HTTP/1.1graduatewonderentreaty.com/c7/28/b2/c728b26853ace83e7b56264fcb197a60.js IP173.233.137.44:0
File typeASCII text, with very long lines (37114), with no line terminators Hash161ed5ded805064b029139ffddefb9f1 df7b510b3378d12d87f3ece23ab6c5d136c9934e 4d9dde6e758d412bd2339475954452363c28cbcda00098937cc00147985fa76f
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /c7/28/b2/c728b26853ace83e7b56264fcb197a60.js HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 12 Sep 2022 22:32:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 905b3f8fc50c4d0b2c1c9cba3d3ecd5c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| graduatewonderentreaty.com/pixel/purst?dl=0&th=0&sc=0&rs=1246&rd=1246&fd=644&bv=22.8.v.1&tmpl=70 | 173.233.137.44 | 200 OK | 0 B |
URL HTTP/1.1graduatewonderentreaty.com/pixel/purst?dl=0&th=0&sc=0&rs=1246&rd=1246&fd=644&bv=22.8.v.1&tmpl=70 IP173.233.137.44:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1246&rd=1246&fd=644&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 12 Sep 2022 22:32:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash503237177a3d86d83f4c970effc37833 e2c733d5fe37ec941521578d5bdcf0bcad00d7e5 16380371ae5fc51ca985271a1fccdcd8e203b4af6134e8ffbe4e957a04180764
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16380371AE5FC51CA985271A1FCCDCD8E203B4AF6134E8FFBE4E957A04180764"
Last-Modified: Sun, 11 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11246
Expires: Tue, 13 Sep 2022 01:40:07 GMT
Date: Mon, 12 Sep 2022 22:32:41 GMT
Connection: keep-alive
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hashd2459905efc0d0d5c1d595afd6e1275d 6a3f9a8b2ef044467291e4e5bbd3fd6e505b5b19 f01ea0d062d0bc57b5101ef667c14993d40d9c7f24a6f5859b3f66bc7147c37e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:32:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 19:53:32 GMT
Expires: Fri, 16 Sep 2022 19:53:31 GMT
Etag: "6a3f9a8b2ef044467291e4e5bbd3fd6e505b5b19"
Cache-Control: max-age=335449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749c19b8a9a00b45-OSL
|
|
| banquetunarmedgrater.com/advertisers.js | 192.243.59.13 | 200 OK | 0 B |
URL HTTP/1.1banquetunarmedgrater.com/advertisers.js IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 12 Sep 2022 22:32:41 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7499c9d1b3a6786ba2dee82d45e4fd9e
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| ocsp2.globalsign.com/gsorganizationvalsha2g2 | 104.18.20.226 | 200 OK | 1.5 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsorganizationvalsha2g2 IP104.18.20.226:0
Hash7851482e721e0b7f3e894f07bfd7ae62 3e73f18956998a4949f2803c60ee71e903f2a678 f68397ba4108087074389d7603bc6391810f73eb4b39c58ac0391270cb0528bc
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 22:32:41 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 16 Sep 2022 20:13:59 GMT
ETag: "3e73f18956998a4949f2803c60ee71e903f2a678"
Last-Modified: Mon, 12 Sep 2022 20:14:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2470
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749c19bb2978b505-OSL
|
|
| onclickgenius.com/script/suurl.php?r=1865791&cbrandom=0.06776752297670374&cbiframe=1&cbWidth=702&cbHeight=395&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com | 35.190.71.96 | 200 OK | 3.0 kB |
URL HTTP/2onclickgenius.com/script/suurl.php?r=1865791&cbrandom=0.06776752297670374&cbiframe=1&cbWidth=702&cbHeight=395&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com IP35.190.71.96:0
Hashfb56aaca8353a0f0cfc7eba5450c5e68 0fdcc169d5c4a67a9f6b7d5ea8dae8816ba5e8ca d0c0aa69e87872d157a14472803e51d97acc73a926d8b752f9b8890d83c46b84
GET /script/suurl.php?r=1865791&cbrandom=0.06776752297670374&cbiframe=1&cbWidth=702&cbHeight=395&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com HTTP/1.1
Host: onclickgenius.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daxab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| counter.yadro.ru/hit?t45.6;r;s1280*1024*24;uhttps%3A//daftsex.com/watch/-125812644_456239791;hpussylingus%20%281%29%20%u2014%20DaftSex;0.34690905843485886 | 88.212.201.198 | 200 OK | 104 B |
URL HTTP/1.1counter.yadro.ru/hit?t45.6;r;s1280*1024*24;uhttps%3A//daftsex.com/watch/-125812644_456239791;hpussylingus%20%281%29%20%u2014%20DaftSex;0.34690905843485886 IP88.212.201.198:0 ASN#39134 United Network LLC
File typeGIF image data, version 87a, 31 x 31\012- data Hash77be1b29d5a9ddd0b4cf1878f1de4b25 29ee14ca48b313868412505ba4fb102dccf7dc6b aba98d0405c2aad0b6513f606b491a6f03c19811d9dfb2640d5ec9899652a970
GET /hit?t45.6;r;s1280*1024*24;uhttps%3A//daftsex.com/watch/-125812644_456239791;hpussylingus%20%281%29%20%u2014%20DaftSex;0.34690905843485886 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 12 Sep 2022 22:32:41 GMT
Content-Type: image/gif
Content-Length: 104
Connection: keep-alive
Expires: Sun, 12 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
|
|
| sun9-66.userapi.com/c855320/v855320487/22cd71/Aot4Q5xpJzo.jpg | 87.240.185.165 | 200 OK | 11 kB |
URL HTTP/2sun9-66.userapi.com/c855320/v855320487/22cd71/Aot4Q5xpJzo.jpg IP87.240.185.165:0
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 320x240, components 3\012- data Hashca6cc77e4ef66b543f83b890dd301511 0d4ba670279db991882e72b1b5e38e62e068638a ed05429be8b42dd106974d3ef5ab448d65071cc96d29f00878687d3b47f2d6b6
GET /c855320/v855320487/22cd71/Aot4Q5xpJzo.jpg HTTP/1.1
Host: sun9-66.userapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Mon, 12 Sep 2022 22:32:41 GMT
content-type: image/jpeg
content-length: 10916
last-modified: Fri, 24 Apr 2020 22:52:53 GMT
expires: Wed, 12 Oct 2022 22:32:41 GMT
cache-control: max-age=2592000
x-frontend: front226105
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| sun9-68.userapi.com/c636222/v636222747/3e19f/aZOYCaUG8OY.jpg | 87.240.185.167 | 200 OK | 52 kB |
URL HTTP/2sun9-68.userapi.com/c636222/v636222747/3e19f/aZOYCaUG8OY.jpg IP87.240.185.167:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 320x240, components 3\012- data Hash8bbb8ca536d30a479b009900b5389bf3 24a90ba6e7c60e5d3ccfcf034d2a992126e3f8b1 6c70674ff9cef071060caa0fdfec4706d7d44c936fd6f121ec125fd3abd8f4f3
GET /c636222/v636222747/3e19f/aZOYCaUG8OY.jpg HTTP/1.1
Host: sun9-68.userapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Mon, 12 Sep 2022 22:32:41 GMT
content-type: image/jpeg
content-length: 52382
last-modified: Thu, 08 Dec 2016 15:08:57 GMT
expires: Wed, 12 Oct 2022 22:32:41 GMT
cache-control: max-age=2592000
x-frontend: front226107
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: X-Quic
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash477fd76de0b69553430d504fe527cc06 88fe80a099e610212f27427ae6fd5b4e03b3df16 f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:32:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash477fd76de0b69553430d504fe527cc06 88fe80a099e610212f27427ae6fd5b4e03b3df16 f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:32:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash477fd76de0b69553430d504fe527cc06 88fe80a099e610212f27427ae6fd5b4e03b3df16 f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:32:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash477fd76de0b69553430d504fe527cc06 88fe80a099e610212f27427ae6fd5b4e03b3df16 f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:32:41 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash477fd76de0b69553430d504fe527cc06 88fe80a099e610212f27427ae6fd5b4e03b3df16 f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 22:32:41 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg | 34.120.237.76 | 200 OK | 9.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6174529fff57758e958da5432344962f 05ec2076b32398d60ee77fab8c14345bc7dfe647 65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: u_jETr8miiFyuhq7R09yb0lAP-hUv_6eTRV81Xzd9gSqU31VXwC9CQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:15:48 GMT
age: 69413
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc14088c4ca0d576e087feed41b7f1565 172b23f2ef39b6c3fdebb5441b10a95712206d0a 2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bTzXQvDkX23_t4vLJNWv7bg-DoRsdqiBhwNJH5B-RcXxj9RC-87LvA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:41:52 GMT
age: 3049
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg | 34.120.237.76 | 200 OK | 8.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe407da4d97d497925b1ab523fd416787 166741631fb93d109b18dde6d316b3fa3276aa8f 707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2jR7F56GE_qqbRBWjNDiDBgWbCYv-Ac6kvC1LI0HciQkKGTeNDYlyw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:57:43 GMT
age: 2098
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash239262b6ab17cb19414c35cd4f761092 48eddcf9838e980e67cc8f9cbb05b475df2f0331 cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:41 GMT
age: 2220
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp | 34.120.237.76 | 200 OK | 7.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb7ccc33ae0c85a906f2c17db281ec790 1904722d70348235d5472c54f888d2b4b991e2aa f48edc03624f582b05b596694b76bd784f85eb9f2ca5dd025bbea9cc2ff1f096
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6999
x-amzn-requestid: 61e3e817-fb62-47c7-b938-2dfc6a134622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1mlG3XIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3629-37c2c8982c4ccf891875c59a;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S2TR552YpZeEbhTSAn4vdXexYpvR4Lrr-LaJmfNd7LnO0L4QM8w-Dg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:38:55 GMT
age: 68026
etag: "1904722d70348235d5472c54f888d2b4b991e2aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash090a097732f15b625208ab10faeea110 33b4fbb528d5b24e6edeebec3887e9b92bed4272 dd912cb8f4b18a02f086446af981c96af8de389bb8872f8bb6dd76cb5b018194
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD912CB8F4B18A02F086446AF981C96AF8DE389BB8872F8BB6DD76CB5B018194"
Last-Modified: Sat, 10 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11007
Expires: Tue, 13 Sep 2022 01:36:08 GMT
Date: Mon, 12 Sep 2022 22:32:41 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg | 34.120.237.76 | 200 OK | 4.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb674daf3dc6e85ed054ab34d69979b86 47aaf5a3af2c25820d01d613c82b7f1279a298fc 7b9993ef69d4b77c1533ada040c85563b9cf7b1f5d007177c005f6cd7fdba1d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4162
x-amzn-requestid: 9dc27e34-69e1-439d-8974-1297584ef4d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIhuHlWIAMFhOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87a4-410e9ede524aa657609a057a;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:00:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jGj2al3pBpze7UQnHild4DxKndrprY4pTG_EZScw2RukQlgFEvNMkw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:18:04 GMT
age: 54877
etag: "47aaf5a3af2c25820d01d613c82b7f1279a298fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=5792855a-3f3f-4988-a851-1be2873187ae&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a59632dda777535e591fa2e7dde66a93&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 | 192.243.59.13 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=5792855a-3f3f-4988-a851-1be2873187ae&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a59632dda777535e591fa2e7dde66a93&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pxf.gif?uuid=5792855a-3f3f-4988-a851-1be2873187ae&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a59632dda777535e591fa2e7dde66a93&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 12 Sep 2022 22:32:42 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6d2875ba64024e9cca445d74d67597c8
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=5792855a-3f3f-4988-a851-1be2873187ae&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=c728b26853ace83e7b56264fcb197a60&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 | 192.243.59.13 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=5792855a-3f3f-4988-a851-1be2873187ae&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=c728b26853ace83e7b56264fcb197a60&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pxf.gif?uuid=5792855a-3f3f-4988-a851-1be2873187ae&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=c728b26853ace83e7b56264fcb197a60&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 12 Sep 2022 22:32:42 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4f10e93eae270f74b37f67e4671e2731
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| creepingbrings.com/sfp.js | 104.21.234.233 | 200 OK | 0 B |
URL HTTP/2creepingbrings.com/sfp.js IP104.21.234.233:0
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:41 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 5f506e5837b91b8fb4090dcff3908bb6
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 12 Sep 2022 22:32:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBDkpjDCjbqNk7RyJy7Mc7a5hRo9Wl%2BYLbbeWE798LqE6MXhi6y6fP%2BjNQBya7c4e2VqZjU3cjqE2YE36OYIP6gUrUTUk78X1tym8RAsTjHhaaZjR2aIcVxZdmRsFuWOuIPrd5I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749c19b92baa0712-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| a.adtng.com/get/10009021?time=1575323689465 | 66.254.114.171 | 200 OK | 0 B |
URL HTTP/2a.adtng.com/get/10009021?time=1575323689465 IP66.254.114.171:0
GET /get/10009021?time=1575323689465 HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KFmMfs4hee2OTM1JTAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7040; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 631FB388-42FE72AB01BB7A93-24DAD4F1
X-Firefox-Spdy: h2
|
|
| daxab.com/player/js/player.e1fc5faa5683f0e8.js | 104.21.234.225 | 200 OK | 0 B |
URL HTTP/2daxab.com/player/js/player.e1fc5faa5683f0e8.js IP104.21.234.225:0
GET /player/js/player.e1fc5faa5683f0e8.js HTTP/1.1
Host: daxab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daxab.com/player/mf_t52bn0YksIux3qO-BRODy-xBHHhD_284r_7YRQdsq_vQ49Bc-6o6KBb4X91Jdc9AHRRsk6n3BEyiYg0vtB-DzfdOLtpdQg3ZlNyOYN18?color=f12b24
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 05 Aug 2022 07:16:30 GMT
etag: W/"62ecc3ce-26673"
cache-control: max-age=14400
cf-cache-status: HIT
age: 476
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORW4rytdNTRAm6jf%2BnAWZo23kM9OoAVDi%2BOLWr%2BdWCkY1xLkna3nvIxcPxDYf2Bfsz%2FwbNAmyegmhDEfBSZBHLlVnddYo1gHUoiFIpbEB4vY1ysDGSBP2Fo2O%2Bw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749c19b389c8dd7e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| addresseepaper.com/sfp.js | 104.21.234.254 | 200 OK | 0 B |
URL HTTP/2addresseepaper.com/sfp.js IP104.21.234.254:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: a4a480fd7b86e4caff98c359fbb32b29
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 12 Sep 2022 22:32:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCWMmI0bfrksVBgMo%2FCG3ABYc2ahroQsXiJ7pIfAb94ikV%2BSq520LY5yXwS08r9NpsPOoo5nbL2umS3ks6Nco3tMWKmZL%2BDO06r6PnFJjs8OTUHfvVxHnbPENfhWHouRCOXId4U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749c19b5dd7cdd7a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| daftsex.com/watch/-125812644_456239791 | 172.67.163.49 | 200 OK | 0 B |
URL HTTP/2daftsex.com/watch/-125812644_456239791 IP172.67.163.49:0
GET /watch/-125812644_456239791 HTTP/1.1
Host: daftsex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:39 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
set-cookie: ext_on=1; expires=Mon, 12-Sep-2022 22:33:39 GMT; Max-Age=60
vary: Accept-Encoding
proxy-firewall: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tY8AzT2s6JQoZKfREn0hWjiOMJima1sqUYvvwfG8zna2Fb8PCdatlFC5d5TN9pJmjFLwPr4HOVsUVGGZr1KGRcleescb5%2FG%2FLqzsN6Ybyx6Xfj6xfXwy3jBqhSSJnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749c19af6de8b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| daxab.com/player/mf_t52bn0YksIux3qO-BRODy-xBHHhD_284r_7YRQdsq_vQ49Bc-6o6KBb4X91Jdc9AHRRsk6n3BEyiYg0vtB-DzfdOLtpdQg3ZlNyOYN18?color=f12b24 | 104.21.234.225 | 200 OK | 0 B |
URL HTTP/2daxab.com/player/mf_t52bn0YksIux3qO-BRODy-xBHHhD_284r_7YRQdsq_vQ49Bc-6o6KBb4X91Jdc9AHRRsk6n3BEyiYg0vtB-DzfdOLtpdQg3ZlNyOYN18?color=f12b24 IP104.21.234.225:0
GET /player/mf_t52bn0YksIux3qO-BRODy-xBHHhD_284r_7YRQdsq_vQ49Bc-6o6KBb4X91Jdc9AHRRsk6n3BEyiYg0vtB-DzfdOLtpdQg3ZlNyOYN18?color=f12b24 HTTP/1.1
Host: daxab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daftsex.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLJP2Tzrcf5qPTSAHvaWJZXkkfkmK0%2BC0QUbjJFfGrbNZXFIDW%2FBG5FlxeO9smXghW1Mlc7ZCqFSOGtHnkZU0wq6qBpftD4EzM2%2BFqx65BtUXSY4JHb2L%2Foti4w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749c19b2b871dd7e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| daxab.com/player/css/videoplayer.37b7600b79af5957.css | 104.21.234.225 | 200 OK | 0 B |
URL HTTP/2daxab.com/player/css/videoplayer.37b7600b79af5957.css IP104.21.234.225:0
GET /player/css/videoplayer.37b7600b79af5957.css HTTP/1.1
Host: daxab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daxab.com/player/mf_t52bn0YksIux3qO-BRODy-xBHHhD_284r_7YRQdsq_vQ49Bc-6o6KBb4X91Jdc9AHRRsk6n3BEyiYg0vtB-DzfdOLtpdQg3ZlNyOYN18?color=f12b24
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: text/css
cf-bgj: minify
cf-polished: status=cannot_optimize
etag: W/"607061fd-7b11"
last-modified: Fri, 09 Apr 2021 14:17:33 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1770
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bS4r37QF1Ml%2F%2BAuK8Ox%2F7EfSegbMQxXE%2BMmSK%2FUPdSdBJMGhQoRlNKp98TzaNDM02HU8GUJ76KlY%2FTjV%2Fck3pGCMmHo9q9FRqwJn5omp2Iyodwdd1MbGiGiXBA8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749c19b389c5dd7e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| daxab.com/player/js/utils.302f113eba88d6ca.js | 104.21.234.225 | 200 OK | 0 B |
URL HTTP/2daxab.com/player/js/utils.302f113eba88d6ca.js IP104.21.234.225:0
GET /player/js/utils.302f113eba88d6ca.js HTTP/1.1
Host: daxab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daxab.com/player/mf_t52bn0YksIux3qO-BRODy-xBHHhD_284r_7YRQdsq_vQ49Bc-6o6KBb4X91Jdc9AHRRsk6n3BEyiYg0vtB-DzfdOLtpdQg3ZlNyOYN18?color=f12b24
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 21 Apr 2022 05:17:34 GMT
etag: W/"6260e8ee-4dace"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1631
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MauQRZv43dqdmJ%2FDvE01bS1dCgW84CTtDaqGgX%2FTxD%2BzuZQBs7lB8hJB9bm2D97M4qiFW8r8VmytGM4ml8jbDOgp1b93zenkEQGPk0ceIkBQhn5FdZEdZxMh1NM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749c19b389c6dd7e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| celeritascdn.com/script/firefox.js | 104.16.91.6 | 200 OK | 0 B |
URL HTTP/2celeritascdn.com/script/firefox.js IP104.16.91.6:0
GET /script/firefox.js HTTP/1.1
Host: celeritascdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daxab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 22:32:40 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdvH-yqjXKyaHKUPK-aQKwedkGEubqC3QMOqF_XwP5SDPhN4By_4HctypCwXqOBx7LQKpL2ZiP3qSkpfNExP2kFHWw
x-goog-generation: 1655802539797909
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11758
x-goog-hash: crc32c=BzbV2Q==, md5=FGGUDP1gk2QLY7kxaCzOTQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Tue, 13 Sep 2022 02:32:40 GMT
cache-control: public, max-age=14400
last-modified: Tue, 21 Jun 2022 09:08:59 GMT
etag: W/"1461940cfd6093640b63b931682cce4d"
cf-cache-status: HIT
age: 2062
vary: Accept-Encoding
server: cloudflare
cf-ray: 749c19b68eaeb51b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|