firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 21:15:22 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gOEwHlEZjwI_LmsWj7BNP1AtpZilMGwSLQEgcAo6EiNCi7zCfFWSOw==
Age: 1368
datawav.club/luis-fonsi-bulge-pics
173.208.199.194301 Moved Permanently 178 B URL HTTP/1.1 datawav.club/luis-fonsi-bulge-pics
IP 173.208.199.194:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Malware
GET /luis-fonsi-bulge-pics HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 26 Sep 2022 21:38:10 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://datawav.club/luis-fonsi-bulge-pics
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3635
Expires: Mon, 26 Sep 2022 22:38:45 GMT
Date: Mon, 26 Sep 2022 21:38:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mGim6MgJBbM94Z-5GTF9PhbZgXdlAZZZ4Ew5MKMlLRIzVIq8mIKCKQ==
age: 61375
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:38:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 21:10:46 GMT
Expires: Mon, 26 Sep 2022 21:35:35 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7c2hkzsfchJf3J7VUr1mSJ73TSYCUjgD7_75Z44eQVS1bH2wRuS-CA==
Age: 1644
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 60451ec6ef5adb3f721cee812af68f89
d62b08d82faf154fa59db2d2c7af3e977f61e258
5f0ab36e603299a238d85086ae1b6c25e1dfc199503bee8d69208347c4d6c710
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F0AB36E603299A238D85086AE1B6C25E1DFC199503BEE8D69208347C4D6C710"
Last-Modified: Mon, 26 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21042
Expires: Tue, 27 Sep 2022 03:28:53 GMT
Date: Mon, 26 Sep 2022 21:38:11 GMT
Connection: keep-alive
datawav.club/luis-fonsi-bulge-pics
173.208.199.194301 Moved Permanently 0 B URL HTTP/1.1 datawav.club/luis-fonsi-bulge-pics
IP 173.208.199.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /luis-fonsi-bulge-pics HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 26 Sep 2022 21:38:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=9vc6gctu447l7clvb2mg1h3i9r; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Redirect-By: WordPress
Location: https://datawav.club/luis-fonsi-bulge-pics/
FrontCache: MISS
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4400
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:38:11 GMT
Last-Modified: Mon, 26 Sep 2022 20:24:51 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
datawav.club/luis-fonsi-bulge-pics/
173.208.199.194200 OK 14 kB URL HTTP/1.1 datawav.club/luis-fonsi-bulge-pics/
IP 173.208.199.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047), with CRLF, LF line terminators
Hash 733d112f92888c766bf8cc6c9ae3ba7c
e7636a742017417efcb90d784bb97a2e145af7f4
4c57bc013f8ecc6f08626e121bcdf55e7a734cd13afe90e4e573774e72118ab9
Analyzer Verdict Alert fortinet Malware
GET /luis-fonsi-bulge-pics/ HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=9vc6gctu447l7clvb2mg1h3i9r
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:38:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Link: <https://datawav.club/wp-json/>; rel="https://api.w.org/", <https://datawav.club/wp-json/wp/v2/posts/291651>; rel="alternate"; type="application/json", <https://datawav.club/?p=291651>; rel=shortlink
X-ElasticPress-Query: true
Content-Encoding: gzip
FrontCache: MISS
push.services.mozilla.com/
54.149.83.187101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.83.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jZU0PZ1ko65obBnNcw7euw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RFu6/zMU16LXr90KkpIExxSyrmI=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:38:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
datawav.club/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
173.208.199.194200 OK 12 kB URL HTTP/1.1 datawav.club/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 173.208.199.194:0
File type ASCII text, with very long lines (43771)
Hash 88f413500303dc21250157a6aa913a32
ca138ec102d96e6d7b30bf83b7dab60a16f0b5d6
65e072ca8d53bf38d5dde355a039a61f6c7204206a9a58ded75d2d2730cc0999
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/luis-fonsi-bulge-pics/
Cookie: PHPSESSID=9vc6gctu447l7clvb2mg1h3i9r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:38:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 06:31:23 GMT
Vary: Accept-Encoding
ETag: W/"630b0bbb-15b64"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:38:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
datawav.club/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
173.208.199.194200 OK 4.2 kB URL HTTP/1.1 datawav.club/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 173.208.199.194:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/luis-fonsi-bulge-pics/
Cookie: PHPSESSID=9vc6gctu447l7clvb2mg1h3i9r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:38:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 06:31:23 GMT
Vary: Accept-Encoding
ETag: W/"630b0bbb-2bd8"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT
datawav.club/wp-content/themes/wellington/style.css?ver=1.0.6
173.208.199.194200 OK 9.1 kB URL HTTP/1.1 datawav.club/wp-content/themes/wellington/style.css?ver=1.0.6
IP 173.208.199.194:0
File type ASCII text, with very long lines (355), with CRLF line terminators
Hash dea6095724497c9701e5e96321ea6bd0
a4bd04afdf2ede1b155b87872a34d1c97e443fe2
7ba56aa8ba7a9708aa49cc91cdd1db8a177af6505a735e68fa2f85a7e51b3d4c
GET /wp-content/themes/wellington/style.css?ver=1.0.6 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/luis-fonsi-bulge-pics/
Cookie: PHPSESSID=9vc6gctu447l7clvb2mg1h3i9r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:38:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2017 08:17:29 GMT
Vary: Accept-Encoding
ETag: W/"58f47a19-c499"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT
datawav.club/wp-content/themes/wellington/css/themezee-related-posts.css?ver=20160421
173.208.199.194200 OK 931 B URL HTTP/1.1 datawav.club/wp-content/themes/wellington/css/themezee-related-posts.css?ver=20160421
IP 173.208.199.194:0
File type ASCII text, with CRLF line terminators
Hash 99fddbd49303e57f150b016c8714159d
ed798b602726b08ea1e331d61469aab3138a558c
c2345b323c0571f8d9c95256a1d44ceefd33a0791e786afe4a4a534060e3275f
GET /wp-content/themes/wellington/css/themezee-related-posts.css?ver=20160421 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/luis-fonsi-bulge-pics/
Cookie: PHPSESSID=9vc6gctu447l7clvb2mg1h3i9r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:38:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2017 08:17:29 GMT
Vary: Accept-Encoding
ETag: W/"58f47a19-1514"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT
datawav.club/uomdacwoqbvxwxj.php
173.208.199.194200 OK 11 kB URL HTTP/1.1 datawav.club/uomdacwoqbvxwxj.php
IP 173.208.199.194:0
File type ASCII text, with very long lines (10335)
Hash da473dea1bb1773efda6ce116f492149
0c3bd92efdc486ae6261332d3819646da3a65081
db98782f93780ea01b6c5aca405b54f087fb47be410530c79c564c49b82b8b06
GET /uomdacwoqbvxwxj.php HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/luis-fonsi-bulge-pics/
Cookie: PHPSESSID=9vc6gctu447l7clvb2mg1h3i9r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:38:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
FrontCache: HIT
datawav.club/wp-content/themes/wellington/js/navigation.js?ver=20160719
173.208.199.194200 OK 1.6 kB URL HTTP/1.1 datawav.club/wp-content/themes/wellington/js/navigation.js?ver=20160719
IP 173.208.199.194:0
File type ASCII text, with CRLF line terminators
Hash a73417e3fe8baa2f33f152e3bbc14097
622a93a734e15fc786f8f6887554c2c253028aad
8cb4ff8750d3f21e630c95a3c3ed5fc046e232b8c66c94c4580119bf4ae30c94
GET /wp-content/themes/wellington/js/navigation.js?ver=20160719 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/luis-fonsi-bulge-pics/
Cookie: PHPSESSID=9vc6gctu447l7clvb2mg1h3i9r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:38:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2017 08:17:29 GMT
Vary: Accept-Encoding
ETag: W/"58f47a19-1538"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT
datawav.club/wp-content/themes/wellington/css/genericons/genericons.css?ver=3.4.1
173.208.199.194200 OK 16 kB URL HTTP/1.1 datawav.club/wp-content/themes/wellington/css/genericons/genericons.css?ver=3.4.1
IP 173.208.199.194:0
File type ASCII text, with very long lines (18732), with CRLF line terminators
Hash f9330a5b1ff4bb3d35693982b212e4bd
c2c837ab1e60cfec1d60eaf6a1e2ecfcf8c7b884
3019eb8fd0dc294ad6c3cce11f5b7ae2f1bf72fe259dc2b54b625e74af4e33ee
GET /wp-content/themes/wellington/css/genericons/genericons.css?ver=3.4.1 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/luis-fonsi-bulge-pics/
Cookie: PHPSESSID=9vc6gctu447l7clvb2mg1h3i9r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:38:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2017 08:17:29 GMT
Vary: Accept-Encoding
ETag: W/"58f47a19-6f71"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT
datawav.club/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
173.208.199.194200 OK 31 kB URL HTTP/1.1 datawav.club/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 173.208.199.194:0
File type ASCII text, with very long lines (65447)
Hash 7a6e4a1e4a67fac0cd39ca1dd1982f47
a8bf880e5db17a703293d5a3c92623a97d5a1df1
daf4bcb15594deb268cc05f030ccaf8dfe4acab417758dd16a6f3b2d86d2908f
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/luis-fonsi-bulge-pics/
Cookie: PHPSESSID=9vc6gctu447l7clvb2mg1h3i9r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:38:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 06:31:23 GMT
Vary: Accept-Encoding
ETag: W/"630b0bbb-15db1"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT
datawav.club/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
173.208.199.194200 OK 5.0 kB URL HTTP/1.1 datawav.club/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 173.208.199.194:0
File type ASCII text, with very long lines (15660)
Hash 1b982d290af16dac5885f21a198aaa66
f847ca85d23c2f240938bbde0135f3de97925759
0b6e238cc0728a0bace390dfff472ff8bb5a5fd4714bcfcdac7c28621d67b8dc
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/luis-fonsi-bulge-pics/
Cookie: PHPSESSID=9vc6gctu447l7clvb2mg1h3i9r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:38:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 06:31:23 GMT
Vary: Accept-Encoding
ETag: W/"630b0bbb-48b9"
Expires: Wed, 13 Sep 2023 00:21:10 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT
i1.wp.com/i.redd.it/zryznd9gc3r51.jpg
192.0.77.2200 OK 222 kB URL HTTP/2 i1.wp.com/i.redd.it/zryznd9gc3r51.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 3024x3172, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 222 kB (221850 bytes)
Hash 2b4ba1b7ac92527df582ed0e634d43e2
da5486333f0e24a99dd56a75862a9b164579d914
898263efa27964c1361ef0ff4f95a53c57207ca3449e8b39dc818108428ca759
GET /i.redd.it/zryznd9gc3r51.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: image/webp
content-length: 221850
last-modified: Tue, 20 Sep 2022 07:23:46 GMT
expires: Thu, 19 Sep 2024 19:23:46 GMT
cache-control: public, max-age=63115200
link: <http://i.redd.it/zryznd9gc3r51.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "4a24e4141092d12a"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/4.bp.blogspot.com/-srp0XHgEiLM/WGIlFKIFwrI/AAAAAAAAiSI/5Qdg6cpIzecXBD4aIo-LuOmnUkbpUKTBwCLcB/s1600/tumblr_of46td6xTe1vrska0o1_500.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i1.wp.com/4.bp.blogspot.com/-srp0XHgEiLM/WGIlFKIFwrI/AAAAAAAAiSI/5Qdg6cpIzecXBD4aIo-LuOmnUkbpUKTBwCLcB/s1600/tumblr_of46td6xTe1vrska0o1_500.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /4.bp.blogspot.com/-srp0XHgEiLM/WGIlFKIFwrI/AAAAAAAAiSI/5Qdg6cpIzecXBD4aIo-LuOmnUkbpUKTBwCLcB/s1600/tumblr_of46td6xTe1vrska0o1_500.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: text/html
content-length: 138
location: https://4.bp.blogspot.com/-srp0XHgEiLM/WGIlFKIFwrI/AAAAAAAAiSI/5Qdg6cpIzecXBD4aIo-LuOmnUkbpUKTBwCLcB/s1600/tumblr_of46td6xTe1vrska0o1_500.jpg
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/2.bp.blogspot.com/_OdEbKPxY-O4/TPk6c_NwmUI/AAAAAAAAIjo/rHgN6-nqKT0/s1600/MarinoAnaliebevlcsnap20101108005.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i1.wp.com/2.bp.blogspot.com/_OdEbKPxY-O4/TPk6c_NwmUI/AAAAAAAAIjo/rHgN6-nqKT0/s1600/MarinoAnaliebevlcsnap20101108005.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /2.bp.blogspot.com/_OdEbKPxY-O4/TPk6c_NwmUI/AAAAAAAAIjo/rHgN6-nqKT0/s1600/MarinoAnaliebevlcsnap20101108005.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: text/html
content-length: 138
location: https://2.bp.blogspot.com/_OdEbKPxY-O4/TPk6c_NwmUI/AAAAAAAAIjo/rHgN6-nqKT0/s1600/MarinoAnaliebevlcsnap20101108005.jpg
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/c2.staticflickr.com/6/5301/5550365449_3d8699018a_z.jpg
192.0.77.2200 OK 42 kB URL HTTP/2 i2.wp.com/c2.staticflickr.com/6/5301/5550365449_3d8699018a_z.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 565x604, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d4d838ada162d0145c8b5558a410cc1f
f3a2ee9401559a22dc6066039cec8e39317b3858
c9effba55ea8bc66ba8ada446d0719cc101466b1c6c1ee0693d1154d7bbe49da
GET /c2.staticflickr.com/6/5301/5550365449_3d8699018a_z.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: image/webp
content-length: 41486
last-modified: Thu, 22 Sep 2022 14:58:33 GMT
expires: Sun, 22 Sep 2024 02:58:33 GMT
cache-control: public, max-age=63115200
link: <http://c2.staticflickr.com/6/5301/5550365449_3d8699018a_z.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "a5cd13ccb46f102a"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/3.bp.blogspot.com/-1MbdI_9IbVI/WAH1Q2FmHTI/AAAAAAAAxsQ/HMiDogHdhFQYXZKr9frunJGqAvXLtktAwCLcB/s1600/BillyJoelMatthewLewis.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i0.wp.com/3.bp.blogspot.com/-1MbdI_9IbVI/WAH1Q2FmHTI/AAAAAAAAxsQ/HMiDogHdhFQYXZKr9frunJGqAvXLtktAwCLcB/s1600/BillyJoelMatthewLewis.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /3.bp.blogspot.com/-1MbdI_9IbVI/WAH1Q2FmHTI/AAAAAAAAxsQ/HMiDogHdhFQYXZKr9frunJGqAvXLtktAwCLcB/s1600/BillyJoelMatthewLewis.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: text/html
content-length: 138
location: https://3.bp.blogspot.com/-1MbdI_9IbVI/WAH1Q2FmHTI/AAAAAAAAxsQ/HMiDogHdhFQYXZKr9frunJGqAvXLtktAwCLcB/s1600/BillyJoelMatthewLewis.jpg
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/4.bp.blogspot.com/_Y2cGpvKjjYg/TDfxJgXEttI/AAAAAAAAobY/CR9FTgKBbdM/s1600/luis+javier+cuencas9.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i0.wp.com/4.bp.blogspot.com/_Y2cGpvKjjYg/TDfxJgXEttI/AAAAAAAAobY/CR9FTgKBbdM/s1600/luis+javier+cuencas9.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /4.bp.blogspot.com/_Y2cGpvKjjYg/TDfxJgXEttI/AAAAAAAAobY/CR9FTgKBbdM/s1600/luis+javier+cuencas9.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: text/html
content-length: 138
location: https://4.bp.blogspot.com/_Y2cGpvKjjYg/TDfxJgXEttI/AAAAAAAAobY/CR9FTgKBbdM/s1600/luis+javier+cuencas9.jpg
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/www.lpsg.com/proxy.php?image=https:%2F%2Fi.pinimg.com%2F736x%2F3f%2F78%2F92%2F3f7892cdb2174266d06d0a81ae0304a1.jpg&hash=8f4b0e5a1ae95f8b8b07ea1f02616faa
192.0.77.2400 Bad Request 130 B URL HTTP/2 i0.wp.com/www.lpsg.com/proxy.php?image=https:%2F%2Fi.pinimg.com%2F736x%2F3f%2F78%2F92%2F3f7892cdb2174266d06d0a81ae0304a1.jpg&hash=8f4b0e5a1ae95f8b8b07ea1f02616faa
IP 192.0.77.2:0
Hash 4469ed2d8b1121720efd51586b578b87
dcb60b5120be3513dbd3bb72d0670004da8b208a
bd327c628444a1fb5adaa80db399db11dd73e335f25bd2473d2f69facc9e6ad0
GET /www.lpsg.com/proxy.php?image=https:%2F%2Fi.pinimg.com%2F736x%2F3f%2F78%2F92%2F3f7892cdb2174266d06d0a81ae0304a1.jpg&hash=8f4b0e5a1ae95f8b8b07ea1f02616faa HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
server: nginx
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: text/html; charset=utf-8
x-nc: UPDATING arn 4
X-Firefox-Spdy: h2
i1.wp.com/upload.wikimedia.org/wikipedia/commons/e/e1/Leonardo_Rocco_and_Luis_Fonsi.JPG
192.0.77.2200 OK 601 kB URL HTTP/2 i1.wp.com/upload.wikimedia.org/wikipedia/commons/e/e1/Leonardo_Rocco_and_Luis_Fonsi.JPG
IP 192.0.77.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=17, description= , manufacturer=SONY, model=DSC-T1, xresolution=264, yresolution=272, resolutionunit=2, datetime=2005:09:21 15:06:51], progressive, precision 8, 1439x1920, components 3\012- data
Size 601 kB (601097 bytes)
Hash bc3c72d498f1c15aafd8a2313a89f9ee
b0afeae13bbf32f873c273957d25befc57e1fbac
55b6b066bcd9445ddcce2017fd273064a2af8c5ac1d2884371bd7ef27b6d635a
GET /upload.wikimedia.org/wikipedia/commons/e/e1/Leonardo_Rocco_and_Luis_Fonsi.JPG HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: image/jpeg
content-length: 601097
last-modified: Wed, 21 Sep 2022 08:20:56 GMT
expires: Fri, 20 Sep 2024 20:20:56 GMT
cache-control: public, max-age=63115200
link: <http://upload.wikimedia.org/wikipedia/commons/e/e1/Leonardo_Rocco_and_Luis_Fonsi.JPG>; rel="canonical"
x-content-type-options: nosniff
etag: "55c8e589a4845c28"
x-bytes-saved: 31136
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/cdn-media.extratv.com/2016/03/06/spl1241427-001-510x600.jpg
192.0.77.2200 OK 375 kB URL HTTP/2 i0.wp.com/cdn-media.extratv.com/2016/03/06/spl1241427-001-510x600.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 375 kB (375394 bytes)
Hash 78c882abd7981e16d635d17f5497df66
e0f47a6e9ba0056b8e0eb9b50f21d90d74a1a635
511f6f88ceaf45df1271512e8cdfe3fdadbfc160f8d12ebedbc6eb34fc3680fb
GET /cdn-media.extratv.com/2016/03/06/spl1241427-001-510x600.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: image/webp
content-length: 375394
last-modified: Mon, 26 Sep 2022 15:28:33 GMT
expires: Thu, 26 Sep 2024 03:28:33 GMT
cache-control: public, max-age=63115200
link: <http://cdn-media.extratv.com/2016/03/06/spl1241427-001-510x600.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3203eb810efb3f60"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:38:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7908, version 1.0\012- data
Hash 15d9bbcfbc1d668a43c85d156d23262b
c436963710c58453c4ae27e66c051e85c084cd49
6db83475c4b6e3bcd2df60ca7afcedabc5140c3b55c9a6bb0ca636c5b6438e5f
GET /s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datawav.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 00:15:00 GMT
expires: Sat, 23 Sep 2023 00:15:00 GMT
cache-control: public, max-age=31536000
age: 336192
last-modified: Thu, 21 Apr 2022 16:47:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:38:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:38:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c7ea09de6e63af53ed131169fd56eb1d
439eefa30aa1e3a5ee21b1981deb39328289c98d
938e772fbea16de4c0976358ff8b7b607dcdb21a3af63220beaa66cc77d89c71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:38:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pfewuzbtkr.com/t/9/fret/meow4/1830123/brt.js
62.122.171.6200 OK 36 kB URL HTTP/2 pfewuzbtkr.com/t/9/fret/meow4/1830123/brt.js
IP 62.122.171.6:0
Hash 2011eab65c736996fa2d23f29624432b
1d52ecac2ba0aa737d164f9cd6320893839202dd
2d183e08071e06a4af5bdb83595cce781e1fe6167f39c54e5091f5d0ff96253d
Analyzer Verdict Alert quad9 Sinkholed
GET /t/9/fret/meow4/1830123/brt.js HTTP/1.1
Host: pfewuzbtkr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:38:11 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1091a"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c7ea09de6e63af53ed131169fd56eb1d
439eefa30aa1e3a5ee21b1981deb39328289c98d
938e772fbea16de4c0976358ff8b7b607dcdb21a3af63220beaa66cc77d89c71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:38:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7920, version 1.0\012- data
Hash 797ad5f8d84a297ab16f9a9c983adfc2
af074543e3bbd78e086cefa983867e0936515c41
e0037277509761be84d1c44b520649c2363df89e00568561ebf015cb3cedc91a
GET /s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datawav.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 20:54:14 GMT
expires: Fri, 22 Sep 2023 20:54:14 GMT
cache-control: public, max-age=31536000
age: 348238
last-modified: Thu, 21 Apr 2022 16:51:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c7ea09de6e63af53ed131169fd56eb1d
439eefa30aa1e3a5ee21b1981deb39328289c98d
938e772fbea16de4c0976358ff8b7b607dcdb21a3af63220beaa66cc77d89c71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:38:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c7ea09de6e63af53ed131169fd56eb1d
439eefa30aa1e3a5ee21b1981deb39328289c98d
938e772fbea16de4c0976358ff8b7b607dcdb21a3af63220beaa66cc77d89c71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:38:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:38:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-srp0XHgEiLM/WGIlFKIFwrI/AAAAAAAAiSI/5Qdg6cpIzecXBD4aIo-LuOmnUkbpUKTBwCLcB/s1600/tumblr_of46td6xTe1vrska0o1_500.jpg
142.250.74.161200 OK 53 kB URL HTTP/2 4.bp.blogspot.com/-srp0XHgEiLM/WGIlFKIFwrI/AAAAAAAAiSI/5Qdg6cpIzecXBD4aIo-LuOmnUkbpUKTBwCLcB/s1600/tumblr_of46td6xTe1vrska0o1_500.jpg
IP 142.250.74.161:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 478x640, components 3\012- data
Hash c620926a57a239125e8ac15995c41e27
0744d7fd3bac201ed9cc1096c1bb4f1e2b21ad04
a21c16bb1b89661d03d808ce9445196c86ab1011d528e5707c2d6aa25c4fce96
GET /-srp0XHgEiLM/WGIlFKIFwrI/AAAAAAAAiSI/5Qdg6cpIzecXBD4aIo-LuOmnUkbpUKTBwCLcB/s1600/tumblr_of46td6xTe1vrska0o1_500.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datawav.club/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v8924"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="tumblr_of46td6xTe1vrska0o1_500.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 21:38:12 GMT
server: fife
content-length: 52917
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.bp.blogspot.com/_Y2cGpvKjjYg/TDfxJgXEttI/AAAAAAAAobY/CR9FTgKBbdM/s1600/luis+javier+cuencas9.jpg
142.250.74.161200 OK 34 kB URL HTTP/2 4.bp.blogspot.com/_Y2cGpvKjjYg/TDfxJgXEttI/AAAAAAAAobY/CR9FTgKBbdM/s1600/luis+javier+cuencas9.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 596x800, components 3\012- data
Hash 5a32a35affbeccbbd63d293a097c031f
021769a1f399b1cbd6c63500daca53ab4f0c6251
0d0001a22df211825f9584a8a36cf5f93c0a29f4aa4d22c8e54e73a3a81b9477
GET /_Y2cGpvKjjYg/TDfxJgXEttI/AAAAAAAAobY/CR9FTgKBbdM/s1600/luis+javier+cuencas9.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datawav.club/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "va1b6"
expires: Tue, 27 Sep 2022 21:38:12 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="luis javier cuencas9.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 21:38:12 GMT
server: fife
content-length: 33664
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/_OdEbKPxY-O4/TPk6c_NwmUI/AAAAAAAAIjo/rHgN6-nqKT0/s1600/MarinoAnaliebevlcsnap20101108005.jpg
142.250.74.161200 OK 25 kB URL HTTP/2 2.bp.blogspot.com/_OdEbKPxY-O4/TPk6c_NwmUI/AAAAAAAAIjo/rHgN6-nqKT0/s1600/MarinoAnaliebevlcsnap20101108005.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, software=Google], baseline, precision 8, 360x576, components 3\012- data
Hash 42050d8b6ef36e208faf258e07ba0744
af853e5cd5b2de8d145d3896d03dc25f7180560d
c89b2b6ee900f783b527b2765cd817476b29adf53b9f649c10d6089de2fa7d18
GET /_OdEbKPxY-O4/TPk6c_NwmUI/AAAAAAAAIjo/rHgN6-nqKT0/s1600/MarinoAnaliebevlcsnap20101108005.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datawav.club/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v223a"
expires: Tue, 27 Sep 2022 21:38:12 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="MarinoAnaliebevlcsnap20101108005.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 21:38:12 GMT
server: fife
content-length: 24639
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/-1MbdI_9IbVI/WAH1Q2FmHTI/AAAAAAAAxsQ/HMiDogHdhFQYXZKr9frunJGqAvXLtktAwCLcB/s1600/BillyJoelMatthewLewis.jpg
142.250.74.161200 OK 50 kB URL HTTP/2 3.bp.blogspot.com/-1MbdI_9IbVI/WAH1Q2FmHTI/AAAAAAAAxsQ/HMiDogHdhFQYXZKr9frunJGqAvXLtktAwCLcB/s1600/BillyJoelMatthewLewis.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 267x493, components 3\012- data
Hash a8eca81c9e998c43cc4c3b0a5424a1fe
134e68bfd1b19fa02b47277d1f2967ba8201b228
b8175a336ca79639cab494215adfda665b17a92c6a7513b61f4a22fc91437a88
GET /-1MbdI_9IbVI/WAH1Q2FmHTI/AAAAAAAAxsQ/HMiDogHdhFQYXZKr9frunJGqAvXLtktAwCLcB/s1600/BillyJoelMatthewLewis.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datawav.club/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vc6c6"
expires: Tue, 27 Sep 2022 21:38:12 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BillyJoelMatthewLewis.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 21:38:12 GMT
server: fife
content-length: 50492
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c7ea09de6e63af53ed131169fd56eb1d
439eefa30aa1e3a5ee21b1981deb39328289c98d
938e772fbea16de4c0976358ff8b7b607dcdb21a3af63220beaa66cc77d89c71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:38:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash cb34c89a33b9faea81ba78914b519add
5e3e75b719ce668944dec0b3123f93c6d109bee8
7d1ab277076a440ce374b3f04616860bcf735271ee67556a3f348d31fbb1ee8c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:38:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 12:04:30 GMT
Expires: Sun, 02 Oct 2022 12:04:29 GMT
Etag: "5e3e75b719ce668944dec0b3123f93c6d109bee8"
Cache-Control: max-age=483376,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750f252bef3d0b31-OSL
limurol.com/ssp/req/1830123/?pb=3d11f049904fcaf35d4e610e990512fa1664235492&psp=E4zOw0PZVJ8KDuVESBXEueL4FzTNvn8PdeZqEDV75LgVC4XznLJ6P5_EkFRajChtMRJzdc4w4ukXeBMob7I09xUnYQG3qVvumNlwoqeLfFIgYtOEanIMch3xd6E8mb0AZ5bclpQHUc5h_SJmpCG367_9JTH7TOeRcsTvaoLUDZH2B_zvHdU3j8YSw7uMMcP42jbDTUu7hov18Cw9XjlYUSRaWC6crWN_SFDcylKUXspLXI9-8Ndq-6mAVvitIF3I91RUpt8lLqonFzuGk3C5KD2XdhdiFV77JMwhlcHmoB1foVUcyXDa23NWiwHZSTgX0JxC574fBY-gMbkb71WinJ3N9s4jiQ-jIYY2CMV8EdOOD10GKxGc9rkm4ZGUZ_TIfbZCeqH1QLPplV45VOWLr0RZVJNj258tOmYScPXbLJwOUZPsuaUtu9G3Kd5nPOoFt8Q8Zv7jHfyFfyHVWgVRG-mH-cyYVnSSsMZkwb6Ml-hJMlsJss4RBgQe5nex&cb=_cl6ihqq5s94pmlwrfyua18&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1830123/?pb=3d11f049904fcaf35d4e610e990512fa1664235492&psp=E4zOw0PZVJ8KDuVESBXEueL4FzTNvn8PdeZqEDV75LgVC4XznLJ6P5_EkFRajChtMRJzdc4w4ukXeBMob7I09xUnYQG3qVvumNlwoqeLfFIgYtOEanIMch3xd6E8mb0AZ5bclpQHUc5h_SJmpCG367_9JTH7TOeRcsTvaoLUDZH2B_zvHdU3j8YSw7uMMcP42jbDTUu7hov18Cw9XjlYUSRaWC6crWN_SFDcylKUXspLXI9-8Ndq-6mAVvitIF3I91RUpt8lLqonFzuGk3C5KD2XdhdiFV77JMwhlcHmoB1foVUcyXDa23NWiwHZSTgX0JxC574fBY-gMbkb71WinJ3N9s4jiQ-jIYY2CMV8EdOOD10GKxGc9rkm4ZGUZ_TIfbZCeqH1QLPplV45VOWLr0RZVJNj258tOmYScPXbLJwOUZPsuaUtu9G3Kd5nPOoFt8Q8Zv7jHfyFfyHVWgVRG-mH-cyYVnSSsMZkwb6Ml-hJMlsJss4RBgQe5nex&cb=_cl6ihqq5s94pmlwrfyua18&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1830123/?pb=3d11f049904fcaf35d4e610e990512fa1664235492&psp=E4zOw0PZVJ8KDuVESBXEueL4FzTNvn8PdeZqEDV75LgVC4XznLJ6P5_EkFRajChtMRJzdc4w4ukXeBMob7I09xUnYQG3qVvumNlwoqeLfFIgYtOEanIMch3xd6E8mb0AZ5bclpQHUc5h_SJmpCG367_9JTH7TOeRcsTvaoLUDZH2B_zvHdU3j8YSw7uMMcP42jbDTUu7hov18Cw9XjlYUSRaWC6crWN_SFDcylKUXspLXI9-8Ndq-6mAVvitIF3I91RUpt8lLqonFzuGk3C5KD2XdhdiFV77JMwhlcHmoB1foVUcyXDa23NWiwHZSTgX0JxC574fBY-gMbkb71WinJ3N9s4jiQ-jIYY2CMV8EdOOD10GKxGc9rkm4ZGUZ_TIfbZCeqH1QLPplV45VOWLr0RZVJNj258tOmYScPXbLJwOUZPsuaUtu9G3Kd5nPOoFt8Q8Zv7jHfyFfyHVWgVRG-mH-cyYVnSSsMZkwb6Ml-hJMlsJss4RBgQe5nex&cb=_cl6ihqq5s94pmlwrfyua18&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2209261638fd5b7c2735844f21b761e5e2e0; Path=/; Expires=Tue, 26 Sep 2023 21:38:12 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
c.adsco.re/
104.17.167.186200 OK 24 kB IP 104.17.167.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash fb7ac8c6bbd90e6aa9fbcdc2a9a15d16
d0e5f4e32ee7dac8ed14d2e3ae03d625b4d5726e
aecc79f81891f8537c85e02c5fab6973f5cc3d2ae0b137ac9eb695e5aac0b5ad
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Thu, 27 Oct 2022 21:38:12 GMT
etag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
cf-cache-status: HIT
age: 948804
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f252d4cceb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6790
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 21:38:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6790
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 21:38:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6790
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 21:38:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6790
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 21:38:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f10a12719b387d176497669ba75f0acc
16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: igIWZ2IhMA_GIovp4HgIHtGeDt5xoX0iThoQFKjnNJUYP_uMdO7FHw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 00:33:08 GMT
age: 75904
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZRG0Axnhc5RY5rDbnnbauco9dpPeFdkP01UxkpNYI5pgSbfGKWcikw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:16:26 GMT
age: 84106
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a75be68e82e6a0ba74932fbe74c7b30
36310320605833289e78cd248c45915363a0a0c3
56d709b77802037254b7922e3f85d1b1652b70dfc4b6c65b03e4149d3b1f22ca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6443
x-amzn-requestid: b6f3be01-6086-4fc1-8bec-c4caa1fe806c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSKMG04IAMFRxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca41-5452d1805d3f4d71303142c9;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tx-lL61dT3iakJd8VZw31hzMklubUDBQxE6LBhxsJUqyMM0bqCk73g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:07:18 GMT
age: 84654
etag: "36310320605833289e78cd248c45915363a0a0c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mToVKJcSAtJB1AOuQ-Y9o_EZzyhUuZJivVa3DLql5FwzK4NC82kh5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:06:17 GMT
age: 84715
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef17205adb2b478d3bff54b048208d22
12aac1bd22e675f09a220de08b4656e801c2e647
620fe39cf421ed3a21e968570f7e863d69224113be867ec2457ed3850ea113f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5980
x-amzn-requestid: fbf0c390-da24-49e2-8492-43e29e5d4bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHCGJVoAMFgxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc6-1f9b1b7d63467c58702e6d7e;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:38 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pt7rJi8EIQFBk0gHQZ1WnjvThPba86XZCGFs83l1ZW2dj-_6bZprAA==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:49:56 GMT
age: 85696
etag: "12aac1bd22e675f09a220de08b4656e801c2e647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 84476
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://datawav.club
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f252e59b2fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 97ffb92628eec1fd912e2a1a7a49dadb
9224081c2660b3d467c8ecc60a1a674c813c451c
88e956e1405478b590d58e73e534c07785a1274b25db9a3a3f1f58755dc993de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88E956E1405478B590D58E73E534C07785A1274B25DB9A3A3F1F58755DC993DE"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17554
Expires: Tue, 27 Sep 2022 02:30:46 GMT
Date: Mon, 26 Sep 2022 21:38:12 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash cb34c89a33b9faea81ba78914b519add
5e3e75b719ce668944dec0b3123f93c6d109bee8
7d1ab277076a440ce374b3f04616860bcf735271ee67556a3f348d31fbb1ee8c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:38:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 12:04:30 GMT
Expires: Sun, 02 Oct 2022 12:04:29 GMT
Etag: "5e3e75b719ce668944dec0b3123f93c6d109bee8"
Cache-Control: max-age=483376,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750f252e8b81b524-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash cb34c89a33b9faea81ba78914b519add
5e3e75b719ce668944dec0b3123f93c6d109bee8
7d1ab277076a440ce374b3f04616860bcf735271ee67556a3f348d31fbb1ee8c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:38:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 12:04:30 GMT
Expires: Sun, 02 Oct 2022 12:04:29 GMT
Etag: "5e3e75b719ce668944dec0b3123f93c6d109bee8"
Cache-Control: max-age=483376,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750f252d990f0b31-OSL
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:38:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://datawav.club
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
i2.wp.com/ugc-01.cafemomstatic.com/gen/full/2015/08/18/15/4f/qc/poleiyrls0.jpg
192.0.77.2400 Bad Request 56 B URL HTTP/2 i2.wp.com/ugc-01.cafemomstatic.com/gen/full/2015/08/18/15/4f/qc/poleiyrls0.jpg
IP 192.0.77.2:0
File type ASCII text, with no line terminators
Hash 0a3fc5f300ec86b00baac7914b26a1bf
a4bd8067330622d6d78ed2aae1270e10bd380ea3
8ae3ceecc29a844d80f7313994650002e529877e2b74c4953067f2d2f5cc28ff
GET /ugc-01.cafemomstatic.com/gen/full/2015/08/18/15/4f/qc/poleiyrls0.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
server: nginx
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 2
X-Firefox-Spdy: h2
vrieszfzkqih.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 vrieszfzkqih.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: vrieszfzkqih.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:38:12 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56077faa415259af9f2dddafe535ebdf
6877f10077f724f29c35fd4e5ef74fee9524d5be
3b21b85f70e346b703546486cfdeaaf08940ba9e57e5b7095cacc496e50cc46e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B21B85F70E346B703546486CFDEAAF08940BA9E57E5B7095CACC496E50CC46E"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17286
Expires: Tue, 27 Sep 2022 02:26:19 GMT
Date: Mon, 26 Sep 2022 21:38:13 GMT
Connection: keep-alive
limurol.com/ssp/req/1830123/?pb=3d11f049904fcaf35d4e610e990512fa1664235492&psp=E4zOw0PZVJ8KDuVESBXEueL4FzTNvn8PdeZqEDV75LgVC4XznLJ6P5_EkFRajChtMRJzdc4w4ukXeBMob7I09xUnYQG3qVvumNlwoqeLfFIgYtOEanIMch3xd6E8mb0AZ5bclpQHUc5h_SJmpCG367_9JTH7TOeRcsTvaoLUDZH2B_zvHdU3j8YSw7uMMcP42jbDTUu7hov18Cw9XjlYUSRaWC6crWN_SFDcylKUXspLXI9-8Ndq-6mAVvitIF3I91RUpt8lLqonFzuGk3C5KD2XdhdiFV77JMwhlcHmoB1foVUcyXDa23NWiwHZSTgX0JxC574fBY-gMbkb71WinJ3N9s4jiQ-jIYY2CMV8EdOOD10GKxGc9rkm4ZGUZ_TIfbZCeqH1QLPplV45VOWLr0RZVJNj258tOmYScPXbLJwOUZPsuaUtu9G3Kd5nPOoFt8Q8Zv7jHfyFfyHVWgVRG-mH-cyYVnSSsMZkwb6Ml-hJMlsJss4RBgQe5nex&cb=_cl6ihqq5s94pmlwrfyua18&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1830123/?pb=3d11f049904fcaf35d4e610e990512fa1664235492&psp=E4zOw0PZVJ8KDuVESBXEueL4FzTNvn8PdeZqEDV75LgVC4XznLJ6P5_EkFRajChtMRJzdc4w4ukXeBMob7I09xUnYQG3qVvumNlwoqeLfFIgYtOEanIMch3xd6E8mb0AZ5bclpQHUc5h_SJmpCG367_9JTH7TOeRcsTvaoLUDZH2B_zvHdU3j8YSw7uMMcP42jbDTUu7hov18Cw9XjlYUSRaWC6crWN_SFDcylKUXspLXI9-8Ndq-6mAVvitIF3I91RUpt8lLqonFzuGk3C5KD2XdhdiFV77JMwhlcHmoB1foVUcyXDa23NWiwHZSTgX0JxC574fBY-gMbkb71WinJ3N9s4jiQ-jIYY2CMV8EdOOD10GKxGc9rkm4ZGUZ_TIfbZCeqH1QLPplV45VOWLr0RZVJNj258tOmYScPXbLJwOUZPsuaUtu9G3Kd5nPOoFt8Q8Zv7jHfyFfyHVWgVRG-mH-cyYVnSSsMZkwb6Ml-hJMlsJss4RBgQe5nex&cb=_cl6ihqq5s94pmlwrfyua18&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1830123/?pb=3d11f049904fcaf35d4e610e990512fa1664235492&psp=E4zOw0PZVJ8KDuVESBXEueL4FzTNvn8PdeZqEDV75LgVC4XznLJ6P5_EkFRajChtMRJzdc4w4ukXeBMob7I09xUnYQG3qVvumNlwoqeLfFIgYtOEanIMch3xd6E8mb0AZ5bclpQHUc5h_SJmpCG367_9JTH7TOeRcsTvaoLUDZH2B_zvHdU3j8YSw7uMMcP42jbDTUu7hov18Cw9XjlYUSRaWC6crWN_SFDcylKUXspLXI9-8Ndq-6mAVvitIF3I91RUpt8lLqonFzuGk3C5KD2XdhdiFV77JMwhlcHmoB1foVUcyXDa23NWiwHZSTgX0JxC574fBY-gMbkb71WinJ3N9s4jiQ-jIYY2CMV8EdOOD10GKxGc9rkm4ZGUZ_TIfbZCeqH1QLPplV45VOWLr0RZVJNj258tOmYScPXbLJwOUZPsuaUtu9G3Kd5nPOoFt8Q8Zv7jHfyFfyHVWgVRG-mH-cyYVnSSsMZkwb6Ml-hJMlsJss4RBgQe5nex&cb=_cl6ihqq5s94pmlwrfyua18&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:38:13 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2209261638225df0bd484b4040ad93eef15c; Path=/; Expires=Tue, 26 Sep 2023 21:38:13 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dd60ae98590d342994f36f5d83f967d5
e9a9ec9b556b3718860c24d760d9b80cc10fd913
fc0060313486667f5e8720632f35a17319d9832408139d9b234d2c56af89f793
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC0060313486667F5E8720632F35A17319D9832408139D9B234D2C56AF89F793"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16657
Expires: Tue, 27 Sep 2022 02:15:50 GMT
Date: Mon, 26 Sep 2022 21:38:13 GMT
Connection: keep-alive
vrieszfzkqih.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 vrieszfzkqih.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: vrieszfzkqih.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:38:13 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
adserver.juicyads.com/js/jads.js
185.94.236.247200 OK 1.7 kB URL HTTP/1.1 adserver.juicyads.com/js/jads.js
IP 185.94.236.247:0
File type ASCII text, with very long lines (3769), with no line terminators
Hash 65b1efdf55163b144c5018b8772765ad
509de5f40450f3cf05e0d8d1b939fed2bbb11cbe
cf23ab637d84de0eb1c1e67764e05ca0aa140e6ee932a60700fc35661644ee48
GET /js/jads.js HTTP/1.1
Host: adserver.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:38:13 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eb9"
Content-Encoding: gzip
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:29:32 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 826443180
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
datawav.club/favicon.ico
173.208.199.194404 Not Found 184 B IP 173.208.199.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 8ea8556770bd53150ab76b23f87936a6
6c615fdc6839c5ed11a30ebc227646ac6aef493b
c4f8c99f5287623d6325502365d07eb6dc33d0c58c1c2def811f9b06ff7d68f0
GET /favicon.ico HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/luis-fonsi-bulge-pics/
Cookie: PHPSESSID=9vc6gctu447l7clvb2mg1h3i9r; a=NtpQgvgExeqz1AiBXif7bEExU032Rz1T
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 26 Sep 2022 21:38:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5f77c832-f7"
Content-Encoding: gzip
adsco.re/p
162.252.214.5200 OK 169 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash 09c82af95db3524418a88726859a0b8a
c82b0eb8d7deef5e56e567bb5236f47351dd678d
86e0c1384e6b156d8a20a3875e80b66cdc954cae1b1417eee75e7c8c25029c22
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1889
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:38:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://datawav.club
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5db893a70674527dbf213685f9a88f70
6aa34ab9b618c3bc02fcc1e9e1aad421607ee66f
de1ab26ab1d9dc17304a5e60b3836031bd35a92d16f9a2770ff5a3442b2264b5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE1AB26AB1D9DC17304A5E60B3836031BD35A92D16F9A2770FF5A3442B2264B5"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10758
Expires: Tue, 27 Sep 2022 00:37:31 GMT
Date: Mon, 26 Sep 2022 21:38:13 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 5da3959b026bf5be18695162cb216306
7b4195903a0e2c596dfdbfa54288b12ebf1942a3
299a4c9af2c147fa29fade82f146a2275070d7381cfe5677b61a5bcb28dd4b4d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:38:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 13:12:44 GMT
Expires: Sat, 01 Oct 2022 13:12:43 GMT
Etag: "7b4195903a0e2c596dfdbfa54288b12ebf1942a3"
Cache-Control: max-age=401069,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750f25334900b524-OSL
s4.histats.com/stats/0.php?3916601&@f16&@g1&@h1&@i1&@j1664228291399&@k0&@l1&@mLuis%20Fonsi%20Bulge%20Pics&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:71622140&@b3:1664228291&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdatawav.club%2Fluis-fonsi-bulge-pics%2F&@w
198.27.80.143200 OK 52 B URL HTTP/1.1 s4.histats.com/stats/0.php?3916601&@f16&@g1&@h1&@i1&@j1664228291399&@k0&@l1&@mLuis%20Fonsi%20Bulge%20Pics&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:71622140&@b3:1664228291&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdatawav.club%2Fluis-fonsi-bulge-pics%2F&@w
IP 198.27.80.143:0
File type ASCII text, with no line terminators
Hash 4072294f4d2db34749b5d03b2ae369b7
1d04a091808ecb351e648b9e13c713b50a9e1340
ef09655c04f3389b7022ec315adce3de704be85422e91f36d0e0b1d96e102e49
GET /stats/0.php?3916601&@f16&@g1&@h1&@i1&@j1664228291399&@k0&@l1&@mLuis%20Fonsi%20Bulge%20Pics&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:71622140&@b3:1664228291&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdatawav.club%2Fluis-fonsi-bulge-pics%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:38:13 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close
blockadsnot.com/paFV.htm?_=BAYAYzIbxQFjMhvFgAGBAsAAIFQmJybHRL5ihTU4WZxRnngE5Gz7wtfvR_IlRbI4ifX0wQBHMEUCIAXLWL7LIDSyFmu3JfqhSk9HPv_8bCNRd9X6xxdCFBMhAiEAiXc1Tfi1eUffTSaFzImeJNh616liHXkjWpMFuISQsFw&v=4&HCzUOAKu=1955226&EDxBFPrc=&zJYVdOtW=0,0&zHqsMycB=&jlvbwKOu=&s=1280,1024,1,1280,1024,0
208.95.112.254200 OK 808 B URL HTTP/2 blockadsnot.com/paFV.htm?_=BAYAYzIbxQFjMhvFgAGBAsAAIFQmJybHRL5ihTU4WZxRnngE5Gz7wtfvR_IlRbI4ifX0wQBHMEUCIAXLWL7LIDSyFmu3JfqhSk9HPv_8bCNRd9X6xxdCFBMhAiEAiXc1Tfi1eUffTSaFzImeJNh616liHXkjWpMFuISQsFw&v=4&HCzUOAKu=1955226&EDxBFPrc=&zJYVdOtW=0,0&zHqsMycB=&jlvbwKOu=&s=1280,1024,1,1280,1024,0
IP 208.95.112.254:0
File type ASCII text, with very long lines (1130), with no line terminators
Hash 0be477a847462ff257fda2f39a5185e1
098b0ceabf475661b2ba57390dba4bb5b4acf3b9
f0d22217ad5b5f4dd5ac6cc5b1544fc96df03333211116a6c4a1b5a584bb2c60
GET /paFV.htm?_=BAYAYzIbxQFjMhvFgAGBAsAAIFQmJybHRL5ihTU4WZxRnngE5Gz7wtfvR_IlRbI4ifX0wQBHMEUCIAXLWL7LIDSyFmu3JfqhSk9HPv_8bCNRd9X6xxdCFBMhAiEAiXc1Tfi1eUffTSaFzImeJNh616liHXkjWpMFuISQsFw&v=4&HCzUOAKu=1955226&EDxBFPrc=&zJYVdOtW=0,0&zHqsMycB=&jlvbwKOu=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: blockadsnot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
content-type: application/javascript; charset=utf-8
set-cookie: PP_CV=yes; expires=Mon, 26-Sep-2022 22:38:13 GMT; Max-Age=3600
fraudcheck=ce434c6a3e1854e5cea8616fe2136adf; expires=Wed, 26-Oct-2022 21:38:13 GMT; Max-Age=2592000; path=/; domain=.popads.net
PopAds_CF_Pass=1; expires=Tue, 27-Sep-2022 03:38:13 GMT; Max-Age=21600
link: <https://free-cosmetics-online.com>;rel=preconnect
content-length: 808
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 21:38:13 GMT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 323ed648053eb72f1f5040729ce291c6
e0c538f05f1f389b4b0d559ede7a9665c4a422ae
86e03ab84f82b4da1d7db4449fcdd59740c10d573c4ed3ea8f5a539b951a3fac
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "86E03AB84F82B4DA1D7DB4449FCDD59740C10D573C4ED3EA8F5A539B951A3FAC"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3751
Expires: Mon, 26 Sep 2022 22:40:45 GMT
Date: Mon, 26 Sep 2022 21:38:14 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 323ed648053eb72f1f5040729ce291c6
e0c538f05f1f389b4b0d559ede7a9665c4a422ae
86e03ab84f82b4da1d7db4449fcdd59740c10d573c4ed3ea8f5a539b951a3fac
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "86E03AB84F82B4DA1D7DB4449FCDD59740C10D573C4ED3EA8F5A539B951A3FAC"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3751
Expires: Mon, 26 Sep 2022 22:40:45 GMT
Date: Mon, 26 Sep 2022 21:38:14 GMT
Connection: keep-alive
vrieszfzkqih.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 vrieszfzkqih.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: vrieszfzkqih.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:38:13 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
adserver.juicyads.com/adshow.php?adzone=593090
185.94.236.247200 OK 1.7 kB URL HTTP/1.1 adserver.juicyads.com/adshow.php?adzone=593090
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1386), with CRLF, LF line terminators
Hash 527f4c1ce17b389cc11ee2eede7cc9fa
6575b472cdd70f87a18804bc30fbc36f17e79c5c
9a8790380547e52d8b9f2d848b1cd6c1c558ff04257e5c281f170e3b303b255f
GET /adshow.php?adzone=593090 HTTP/1.1
Host: adserver.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:38:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=8b7b9f9c4dbe3a6e9961692fd1e1188e; expires=Tue, 26-Sep-2023 21:38:13 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.juicyads.com
imps1=1; expires=Tue, 27-Sep-2022 21:38:13 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.juicyads.com
juicy_data_1=YToxOntpOjExODk0OTA7aToxNjY0NDg3NDkzO30%3D; expires=Thu, 29-Sep-2022 21:38:13 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Thu, 29-Sep-2022 21:38:13 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com
Content-Encoding: gzip
ads.juicyads.me/network/user1037/1-1621024505-0585833001621024505.gif
69.16.175.42200 OK 46 kB URL HTTP/2 ads.juicyads.me/network/user1037/1-1621024505-0585833001621024505.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 728 x 90\012- data
Hash ba39a420bc2acc3030dd430ad2378302
aae76dad5e29ad9a0e13dac045d9940597263d2a
cbc06a464f3e403b76206ca23a8d364626d854d9b9d59eb20d1968eaa972886d
GET /network/user1037/1-1621024505-0585833001621024505.gif HTTP/1.1
Host: ads.juicyads.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:14 GMT
etag: "1621024505"
cache-control: max-age=19916511
content-length: 45931
content-type: image/gif
last-modified: Fri, 14 May 2021 20:35:05 GMT
accept-ranges: bytes
x-hw: 1664228294.dop218.sk1.t,1664228294.cds217.sk1.hn,1664228294.cds210.sk1.c
X-Firefox-Spdy: h2
ads.juicyads.me/1x1.gif
69.16.175.42200 OK 43 B IP 69.16.175.42:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /1x1.gif HTTP/1.1
Host: ads.juicyads.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:14 GMT
etag: "1457030838"
cache-control: max-age=22996972
content-length: 43
content-type: image/gif
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
accept-ranges: bytes
x-hw: 1664228294.dop218.sk1.t,1664228294.cds217.sk1.hn,1664228294.cds217.sk1.c
X-Firefox-Spdy: h2
adserver.juicyads.com/adshow.php?adzone=770180
185.94.236.247200 OK 1.5 kB URL HTTP/1.1 adserver.juicyads.com/adshow.php?adzone=770180
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (436), with CRLF, LF line terminators
Hash e2430e656c12f27153fef05542150a7c
227504927f6fc4a4aaf9853ea5ae6e315cc3758d
d069c33a6ee7b1e97ebdb63fc8de707b89256351b5333cad2df262b42a3dcc7a
GET /adshow.php?adzone=770180 HTTP/1.1
Host: adserver.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:38:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=8b7b9f9c4dbe3a6e9961692fd1e1188e; expires=Tue, 26-Sep-2023 21:38:13 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.juicyads.com
imps12957=1; expires=Tue, 27-Sep-2022 21:38:14 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.juicyads.com
juicy_data_1=YToxOntpOjc4MzgxNztpOjE2NjQ0ODc0OTM7fQ%3D%3D; expires=Thu, 29-Sep-2022 21:38:13 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=juicyads.com
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Thu, 29-Sep-2022 21:38:13 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=juicyads.com
Content-Encoding: gzip
ads.juicyads.me/network/user47819/12957-1563401673-0462913001563401673.gif
69.16.175.42200 OK 933 kB URL HTTP/2 ads.juicyads.me/network/user47819/12957-1563401673-0462913001563401673.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 933 kB (932825 bytes)
Hash 4933e96b19ea330617f44c9db05d1ca9
a00ea056048aa30306a78cc34de43b34ca191ec9
9164d53080a57ec615b41617867c2448dbd0bce7d4fb6c5b1a336fcbcfa17ece
GET /network/user47819/12957-1563401673-0462913001563401673.gif HTTP/1.1
Host: ads.juicyads.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:14 GMT
etag: "1563401673"
cache-control: max-age=29220224
content-length: 932825
content-type: image/gif
last-modified: Wed, 17 Jul 2019 22:14:33 GMT
accept-ranges: bytes
x-hw: 1664228294.dop218.sk1.t,1664228294.cds217.sk1.hn,1664228294.cds255.sk1.c
X-Firefox-Spdy: h2
adserver.juicyads.com/adshow.php?adzone=593091
185.94.236.247200 OK 1.7 kB URL HTTP/1.1 adserver.juicyads.com/adshow.php?adzone=593091
IP 185.94.236.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1386), with CRLF, LF line terminators
Hash ebe000516461cbf0bbdd9e0ec5e2ec0b
efc598d2a73246f43e77559509c1f5cb86f5914c
0ee58b19b23f197a430ae1ba35b56bdcc6533ad02b34e4d647bebc5b416275f9
GET /adshow.php?adzone=593091 HTTP/1.1
Host: adserver.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:38:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=8b7b9f9c4dbe3a6e9961692fd1e1188e; expires=Tue, 26-Sep-2023 21:38:13 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.juicyads.com
juicy_data_1=YTowOnt9; expires=Thu, 29-Sep-2022 21:38:13 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=juicyads.com
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Thu, 29-Sep-2022 21:38:13 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=juicyads.com
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 597aac5e9ca34933bd376921779a6d68
69f4f3098f1a7bba685b2ffc968c306f6785f633
ce246fe6743415f8a09ed0e443fdfc6e826b7b64ba2d90c9c8d000d01f75c075
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE246FE6743415F8A09ED0E443FDFC6E826B7B64BA2D90C9C8D000D01F75C075"
Last-Modified: Sat, 24 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9020
Expires: Tue, 27 Sep 2022 00:08:34 GMT
Date: Mon, 26 Sep 2022 21:38:14 GMT
Connection: keep-alive
r.trwl1.com/s1/5309a775-e969-417d-a06a-3c85cf15d552?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=21942&cv4=195993&cv5=593091&cv6=
185.98.53.17200 OK 748 B URL HTTP/1.1 r.trwl1.com/s1/5309a775-e969-417d-a06a-3c85cf15d552?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=21942&cv4=195993&cv5=593091&cv6=
IP 185.98.53.17:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (552)
Hash 95399933967767c0265c1b86ff6ee581
af193f141983ed85844044fb4aa1e1f87ac1bd4a
63488ac8e6a2f41041a067c116f8858209db95fc2f99d77402c5753128816963
GET /s1/5309a775-e969-417d-a06a-3c85cf15d552?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=21942&cv4=195993&cv5=593091&cv6= HTTP/1.1
Host: r.trwl1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Mon, 26 Sep 2022 21:38:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 748
Connection: close
Set-Cookie: uid=bDnpqotap; Path=/; Domain=trwl1.com; Expires=Tue, 27 Sep 2022 21:38:14 GMT; HttpOnly
X-Request-Id: 0f9b4ca7-9270-4b5f-9ada-7a6b5088e4ba
static.javhd.com/h5/files/16441/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzgxNTYsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI3ODQ4fQ
185.76.9.24200 OK 2.5 kB URL HTTP/2 static.javhd.com/h5/files/16441/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzgxNTYsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI3ODQ4fQ
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash cc319b15e57b191bc24de7f9a8866682
aa0e77134012f6d02e1da787404199d83a36ca1b
53e96b5817f9d2f3fecf4008a318df4260f78a00b04afa57a4a47f1760209dda
GET /h5/files/16441/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzgxNTYsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI3ODQ4fQ HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trwl1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:14 GMT
content-type: text/html
last-modified: Tue, 26 Jul 2022 12:47:16 GMT
etag: W/"62dfe254-c86"
expires: Mon, 24 Oct 2022 20:33:52 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1666643632
server: CDN77-Turbo
x-77-nzt: AblMCRQlFpvvFrICAA
x-77-nzt-ray: k4/KStf6H3M
x-cache: HIT
x-age: 176662
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
static.javhd.com/h5/files/overlay/1602-overlay.png
185.76.9.24200 OK 1.8 kB URL HTTP/2 static.javhd.com/h5/files/overlay/1602-overlay.png
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash f4403fc07b7c414db6ec613317885035
457d3e8f9e9fb0456292efdbd5f18b318e804ea7
00ffbfa9483f4a6e8b85b6ab368a9547cf29e54c1aeb2bfcf81f34ec2bf50ee7
GET /h5/files/overlay/1602-overlay.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/16441/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzgxNTYsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI3ODQ4fQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:14 GMT
content-type: image/png
content-length: 1839
last-modified: Wed, 20 Apr 2022 13:56:47 GMT
etag: "6260111f-72f"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRRpucD/dbGmAA
x-77-nzt-ray: EPS44PO2hkg
x-cache: HIT
x-age: 10924405
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhd.com/h5/files/button/29-button.png
185.76.9.24200 OK 733 B URL HTTP/2 static.javhd.com/h5/files/button/29-button.png
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 82a66a2d222379716ca9a03ff50d8f42
ae43d917ff791f9172edc527baa6266416182aaa
cc5da7b40e498d30bf5eaae43e59cae32202737076422676489dd8d3030803de
GET /h5/files/button/29-button.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/16441/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzgxNTYsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI3ODQ4fQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:14 GMT
content-type: image/png
content-length: 733
last-modified: Tue, 22 Dec 2015 18:41:22 GMT
etag: "56799952-2dd"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRSCa/H/dbGmAA
x-77-nzt-ray: vML/kLYcRlY
x-cache: HIT
x-age: 10924405
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a080f1142424a665932c1af5785def4f
4b07f4a0a9486404adde4adaa624340368204b3b
f5974961d5c440ffff934aea37d84922e45377ef782e3d025b4f6e704550c086
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F5974961D5C440FFFF934AEA37D84922E45377EF782E3D025B4F6E704550C086"
Last-Modified: Sun, 25 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5805
Expires: Mon, 26 Sep 2022 23:15:00 GMT
Date: Mon, 26 Sep 2022 21:38:15 GMT
Connection: keep-alive
d.pssy.xyz/d/?resource=bundler&nada=1&widgets=1499332:4,1499333:2,1243820:1,1499368:1&isct=1663374975&rfrr=datawav.club&iscs=NGZiZDgwZTc1ZWRiYTczOWM2NmRjODU2MWUyN2M5NjgyNDE0YWM2MGJkOGI2MTM3ODE5YmMwZTZkOWU5YmZhNHwwfDV8MTkyLjE4Ny4xMjcuNjZ8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg0LjAuNDE0Ny4xMDUgU2FmYXJpLzUzNy4zNnwyODgxODV8MTY2MzM3NDk3NXxpYlpHRjBZWGRoZGk1amJIVmk=&width=784&reqc=1&ver=b38246effccfb5a0.1663374975956&page=aHR0cHM6Ly9kYXRhd2F2LmNsdWIvbHVpcy1mb25zaS1idWxnZS1waWNzLw==
131.153.42.225200 OK 6.9 kB URL HTTP/1.1 d.pssy.xyz/d/?resource=bundler&nada=1&widgets=1499332:4,1499333:2,1243820:1,1499368:1&isct=1663374975&rfrr=datawav.club&iscs=NGZiZDgwZTc1ZWRiYTczOWM2NmRjODU2MWUyN2M5NjgyNDE0YWM2MGJkOGI2MTM3ODE5YmMwZTZkOWU5YmZhNHwwfDV8MTkyLjE4Ny4xMjcuNjZ8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg0LjAuNDE0Ny4xMDUgU2FmYXJpLzUzNy4zNnwyODgxODV8MTY2MzM3NDk3NXxpYlpHRjBZWGRoZGk1amJIVmk=&width=784&reqc=1&ver=b38246effccfb5a0.1663374975956&page=aHR0cHM6Ly9kYXRhd2F2LmNsdWIvbHVpcy1mb25zaS1idWxnZS1waWNzLw==
IP 131.153.42.225:0
File type JSON data\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (30808), with no line terminators
Hash 77d3a265555418c037be499bd4631441
45354a860b0f4e28ec25ddc8da2844598ec12954
57e2a509e4d2196636fbbfec0700b9bb552a998f5da3afbf7c059e06c5533092
Analyzer Verdict Alert quad9 Sinkholed
GET /d/?resource=bundler&nada=1&widgets=1499332:4,1499333:2,1243820:1,1499368:1&isct=1663374975&rfrr=datawav.club&iscs=NGZiZDgwZTc1ZWRiYTczOWM2NmRjODU2MWUyN2M5NjgyNDE0YWM2MGJkOGI2MTM3ODE5YmMwZTZkOWU5YmZhNHwwfDV8MTkyLjE4Ny4xMjcuNjZ8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg0LjAuNDE0Ny4xMDUgU2FmYXJpLzUzNy4zNnwyODgxODV8MTY2MzM3NDk3NXxpYlpHRjBZWGRoZGk1amJIVmk=&width=784&reqc=1&ver=b38246effccfb5a0.1663374975956&page=aHR0cHM6Ly9kYXRhd2F2LmNsdWIvbHVpcy1mb25zaS1idWxnZS1waWNzLw== HTTP/1.1
Host: d.pssy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:38:15 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
ETag: W/"785b-UBRPks0dRAnyU7ednj8GImpssVk"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://datawav.club
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35bc5b5819052a9737122012c40d3210
07c8bef61f56439c8e34c191e750c8803a550782
849f3c8c8e9f3462ed0e164d03603247763152bcd92d5d5f36492134966fb65f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "849F3C8C8E9F3462ED0E164D03603247763152BCD92D5D5F36492134966FB65F"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3455
Expires: Mon, 26 Sep 2022 22:35:50 GMT
Date: Mon, 26 Sep 2022 21:38:15 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35bc5b5819052a9737122012c40d3210
07c8bef61f56439c8e34c191e750c8803a550782
849f3c8c8e9f3462ed0e164d03603247763152bcd92d5d5f36492134966fb65f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "849F3C8C8E9F3462ED0E164D03603247763152BCD92D5D5F36492134966FB65F"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3455
Expires: Mon, 26 Sep 2022 22:35:50 GMT
Date: Mon, 26 Sep 2022 21:38:15 GMT
Connection: keep-alive
i2.wp.com/ugc-01.cafemomstatic.com/gen/full/2015/08/18/15/4f/qc/poleiyrls0.jpg
192.0.77.2400 Bad Request 14 kB URL HTTP/2 i2.wp.com/ugc-01.cafemomstatic.com/gen/full/2015/08/18/15/4f/qc/poleiyrls0.jpg
IP 192.0.77.2:0
Hash b25a77f7fc217ffbe8b8ded8c08b8de8
10095ee002fab10790cdf41519e7d1b99d7b6229
f1c0c9feffed79878ffd24e13bf44ba62470c54092943214357776cbaba78ecd
GET /ugc-01.cafemomstatic.com/gen/full/2015/08/18/15/4f/qc/poleiyrls0.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
server: nginx
date: Mon, 26 Sep 2022 21:38:15 GMT
content-type: text/html; charset=utf-8
x-nc: HIT arn 2
X-Firefox-Spdy: h2
s.pssy.xyz/prplugs/0/1071736/240x180.jpg
104.21.69.85200 OK 17 kB URL HTTP/2 s.pssy.xyz/prplugs/0/1071736/240x180.jpg
IP 104.21.69.85:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 240x180, components 3\012- data
Hash 70c21320bb12fd1ff57f6d65f16dd8e2
2e224afa4c5e13e7ba76292a357184a3fe07c84c
0999407e5dc0abb708375a3b94f45373e938ccd563f7573ea0aae1d5488ad6ff
Analyzer Verdict Alert quad9 Sinkholed
GET /prplugs/0/1071736/240x180.jpg HTTP/1.1
Host: s.pssy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:15 GMT
content-type: image/jpeg
content-length: 16809
last-modified: Wed, 20 Dec 2017 14:57:51 GMT
etag: "5a3a7a6f-41a9"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 116
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lw4SfcTz3AHv5%2B053E1yKMFm1RV3EC4kPDIlBlOnDvARH8oVqK9xa4P79RdFv5WeZRViUapZjs9frWoUDB6lrrh3eljt873DYe3M6d08lsoNMQ2xi2ngvVRwlJCj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f2540ef84b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.pssy.xyz/prplugs/0/1207188/240x180.jpg
104.21.69.85200 OK 17 kB URL HTTP/2 s.pssy.xyz/prplugs/0/1207188/240x180.jpg
IP 104.21.69.85:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 240x180, components 3\012- data
Hash a1aa410843a28e7914a130617de3426e
5c4af4c8fc666a29e5b824b9946c3e1ac8fa0df8
75009adc08f8e54aa012cf62ae380a0bcec4af0631c7744bab8566a4d6eea7f1
Analyzer Verdict Alert quad9 Sinkholed
GET /prplugs/0/1207188/240x180.jpg HTTP/1.1
Host: s.pssy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:15 GMT
content-type: image/jpeg
content-length: 16677
last-modified: Sat, 16 Apr 2022 08:50:24 GMT
etag: "625a8350-4125"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5333
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fxp6Oh4nAjXcZ7OUPkhTcWdl49nHYLddS%2BuTKKJ5vgliiyvBK8Y3VFtJd2ewCzrcOTD1R%2BZHnQSqV3Zr4x1bkB%2F032qM81RkyVuEq2ySDxssWnty7apgxLUkGjIx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f2540ef86b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.pssy.xyz/prplugs/0/1144949/240x180.jpg
104.21.69.85200 OK 15 kB URL HTTP/2 s.pssy.xyz/prplugs/0/1144949/240x180.jpg
IP 104.21.69.85:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 240x180, components 3\012- data
Hash 56352ccc1f6381c53eeb5a44760ed954
8d11fc5da45cfa5e7f8d5d15221e9d793802776b
ba17434826d2d26e3c95e08b2bb07ec6718b0cfc7db85b8097fbd774fc1bc7ae
Analyzer Verdict Alert quad9 Sinkholed
GET /prplugs/0/1144949/240x180.jpg HTTP/1.1
Host: s.pssy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:15 GMT
content-type: image/jpeg
content-length: 15022
last-modified: Mon, 02 Nov 2020 12:14:55 GMT
etag: "5f9ff83f-3aae"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 1621
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cyO2YgeCFoMJVHV7v2mwdIYhwijEQ2noUtu4lJ68o5m0U2Y238NGx1GgmxprlL0gwJyN0pSxotLAU57awjDGjoNX7Fi2Grv82oqkERqdx1bkk3a0OuShkJui4FQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f2540ef87b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f514.svg
192.0.77.48200 OK 314 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f514.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (314), with no line terminators
Hash 6201ff6add4821014e02cfc1bc82fc95
afd344621ef88b39f6e7013b7ce4765d67892315
5f70fb8150f0a1f184b40f86d012db040d229056b9b0d8c681f08987cb124e5f
GET /images/core/emoji/14.0.0/svg/1f514.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:38:15 GMT
content-type: image/svg+xml
content-length: 314
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35bc5b5819052a9737122012c40d3210
07c8bef61f56439c8e34c191e750c8803a550782
849f3c8c8e9f3462ed0e164d03603247763152bcd92d5d5f36492134966fb65f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "849F3C8C8E9F3462ED0E164D03603247763152BCD92D5D5F36492134966FB65F"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3455
Expires: Mon, 26 Sep 2022 22:35:50 GMT
Date: Mon, 26 Sep 2022 21:38:15 GMT
Connection: keep-alive
i1.wp.com/peopledotcom.files.wordpress.com/2017/01/576a_y02_rgb.jpg?w=3300
192.0.77.2404 Not Found 1.7 kB URL HTTP/2 i1.wp.com/peopledotcom.files.wordpress.com/2017/01/576a_y02_rgb.jpg?w=3300
IP 192.0.77.2:0
Hash 7441f74eb2544ce3e8723645335636ba
cd52ca8556e26a8e952a56d6956622b0c4e985e9
0a85fb8d0dba3fb7985a079e1449370b55db7ce664b1e57138e094b026e3533b
GET /peopledotcom.files.wordpress.com/2017/01/576a_y02_rgb.jpg?w=3300 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 26 Sep 2022 21:38:15 GMT
content-type: text/html; charset=utf-8
x-nc: HIT arn 6
X-Firefox-Spdy: h2
datawav.club/uomdacwoqbvxwxj.php?sw
173.208.199.194200 OK 11 kB URL HTTP/1.1 datawav.club/uomdacwoqbvxwxj.php?sw
IP 173.208.199.194:0
File type ASCII text, with very long lines (10335)
Hash b8a2640800440013e2492a42cc98b6de
f909ac2b2f373b64f1d2cae78d4c281beb7122d0
2af67e0dd94997a82ba15645f61599c56882e17bc5d93ab00a76079a22712b99
GET /uomdacwoqbvxwxj.php?sw HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/luis-fonsi-bulge-pics/
Cookie: PHPSESSID=9vc6gctu447l7clvb2mg1h3i9r; a=NtpQgvgExeqz1AiBXif7bEExU032Rz1T; HstCfa3916601=1664228291399; HstCla3916601=1664228291399; HstCmu3916601=1664228291399; HstPn3916601=1; HstPt3916601=1; HstCnv3916601=1; HstCns3916601=1; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BAYAYzIbxQFjMhvFgAGBAsAAIFQmJybHRL5ihTU4WZxRnngE5Gz7wtfvR_IlRbI4ifX0wQBHMEUCIAXLWL7LIDSyFmu3JfqhSk9HPv_8bCNRd9X6xxdCFBMhAiEAiXc1Tfi1eUffTSaFzImeJNh616liHXkjWpMFuISQsFw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:38:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
FrontCache: HIT
d.pssy.xyz/t.php
131.153.42.225200 OK 20 B IP 131.153.42.225:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer Verdict Alert quad9 Sinkholed
GET /t.php HTTP/1.1
Host: d.pssy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 21:38:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: guid=19a31f8e-6ea1-483f-9b7f-7157eceb6035; expires=Tue, 26-Sep-2023 21:38:16 GMT; Max-Age=31536000; path=/; domain=pssy.xyz; secure; SameSite=None
Access-Control-Allow-Origin: *
Content-Encoding: gzip
i2.wp.com/www.directlyrics.com/img/upload/joe-jonas-bulge.jpg
192.0.77.2404 Not Found 1.4 kB URL HTTP/2 i2.wp.com/www.directlyrics.com/img/upload/joe-jonas-bulge.jpg
IP 192.0.77.2:0
Hash 9ea456343f544c574dc62f9cb800679d
f70b9b809459721e9783f870fdd16e5e1d2c4286
414b4f143874d1e00280442b36b4b8ea2544d5e1a340c84ed498dd91e338f546
GET /www.directlyrics.com/img/upload/joe-jonas-bulge.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 26 Sep 2022 21:38:15 GMT
content-type: text/html; charset=utf-8
x-nc: HIT arn 3
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/riw/amandamedrano.jpg?1664228280
104.19.242.83200 OK 12 kB URL HTTP/2 roomimg.stream.highwebmedia.com/riw/amandamedrano.jpg?1664228280
IP 104.19.242.83:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 480x270, components 3\012- data
Hash 652eeaf54c12e408b66bdda787be48e8
a46dbc4c1dad6dc83077159c00132b76244e693c
0b8c9a8ff14c93620c14a897e2093add29ce2d7b154206da3e1f03e6c6c82540
GET /riw/amandamedrano.jpg?1664228280 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:17 GMT
content-type: image/jpeg
content-length: 12331
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 18
last-modified: Mon, 26 Sep 2022 21:37:59 GMT
expires: Mon, 26 Sep 2022 21:38:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyOB1T06d2Ik%2FLV3BklRnAQ%2BPXqOLNY%2FTg%2Fm4rauiwdCF%2F89r7D97DzNqQXEMnnprG3cLjxy05FvrSztIe7Z9R7uIQl05JWSzuzcr3kSL7qzw9MgTrtJUX%2F14vGCzteJWGlSkUV%2FJpGAdwx4%2FtDmiGg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=0F3vMm5gAgGtM5YEP3q2EqynH71mu0Q3qLLftXGnbC8-1664228297307-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 750f254a1ea4b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/riw/chloewildd.jpg?1664228280
104.19.242.83200 OK 10 kB URL HTTP/2 roomimg.stream.highwebmedia.com/riw/chloewildd.jpg?1664228280
IP 104.19.242.83:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 959x960, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Hash 4999639f176f79339c264d499d54a824
e5f2b0551b04ebea1c1e354f216126ba779b895e
5f9ecad6a4e99c6c54f51e6f6804f06d77348e5eba7c7939e7caf8924bddfa55
GET /riw/chloewildd.jpg?1664228280 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:17 GMT
content-type: image/jpeg
content-length: 10319
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=10336
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 13
last-modified: Mon, 26 Sep 2022 21:38:04 GMT
expires: Mon, 26 Sep 2022 21:38:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ux5yHksdGGPvqgnf%2BXULAY1HA1pEclk%2BGUlLTUDzZWIu%2BpUfhLrZvSzBT4ou9eFMDUchAyXt3VlAVef9%2FWoXeqDPj3em2MVWoy7mOA7imS6t%2BJceoLNXgWBKJ4ap2X8R%2BCcXbo3OOhSKc7Dq%2BWssiFc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=h8ed0dyi50Izv2DleSA28E4R3namFjETRh6DmF0hyYA-1664228297308-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 750f254a1ea7b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/riw/ehotlovea.jpg?1664228280
104.19.242.83200 OK 11 kB URL HTTP/2 roomimg.stream.highwebmedia.com/riw/ehotlovea.jpg?1664228280
IP 104.19.242.83:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Hash 18396eeb6ae9ff9059b2c2f412c7d8b1
8811bf7e74c23000537bbaa8f08c3ff9e9f7b674
0e11f292e0a12bb54729350c114b9810e384219592f24b6fe57566b09a5a567a
GET /riw/ehotlovea.jpg?1664228280 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:17 GMT
content-type: image/jpeg
content-length: 11064
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=11123
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 10
last-modified: Mon, 26 Sep 2022 21:38:07 GMT
expires: Mon, 26 Sep 2022 21:38:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bl6XHVXoWIvBvVJ2G%2BNx3%2FbMGFutC9KaV%2BRtAJqv2klET7rm86GFQwiQEofjhCThDPcBZ1CVXCh3bazmh90aSEql8p3xrqa3BviBLxFC0MYBZhgaXJCvkm6LbAjSi6xSgi%2FuIAuTBr31WmkKs1wFm80%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=h8ed0dyi50Izv2DleSA28E4R3namFjETRh6DmF0hyYA-1664228297308-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 750f254a1ea3b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/riw/jeangreybianca.jpg?1664228280
104.19.242.83200 OK 10 kB URL HTTP/2 roomimg.stream.highwebmedia.com/riw/jeangreybianca.jpg?1664228280
IP 104.19.242.83:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 480x270, components 3\012- data
Hash f232e8d8c2219ef561bbf7c2c0b0862d
733d1a5d6387dfdae1f39559c5a0566ac1851d27
eff3f982bd6bc54af1aa86c11188c699307e89a61740f39f35ee4dd6829374e6
GET /riw/jeangreybianca.jpg?1664228280 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:17 GMT
content-type: image/jpeg
content-length: 10033
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 11
last-modified: Mon, 26 Sep 2022 21:38:06 GMT
expires: Mon, 26 Sep 2022 21:38:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvzkInmXQjznf806wZlSuEgwn%2FF3hMLx%2FeAuJu6DFKQpyJUVt77q4WKpMoWCLK5%2Fhl5h9S2cLl9%2FKntzet0YogYJpevD7MJjqLO%2BixNB%2Fcop7fcBT2G7XMstGJ%2B8jx1ZnALl1fuBfTw%2Fr%2BBsLjVRgqY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=h8ed0dyi50Izv2DleSA28E4R3namFjETRh6DmF0hyYA-1664228297308-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 750f254a1ea8b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:38:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Mon, 26 Sep 2022 20:41:09 GMT
expires: Mon, 26 Sep 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 3428
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:38:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 21:38:17 GMT
via: 1.1 varnish
x-served-by: cache-bma1623-BMA
x-cache: HIT
x-cache-hits: 2486
x-timer: S1664228298.534659,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8cdaef8da493054ab3fa357f852661e3
48b40047919c85c7baa65b896158125c758d9f1a
f85aaa88b1325317a2cd62bc8d144518dca545d941a0589f8ec22eca07264a2d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4704
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:38:17 GMT
Last-Modified: Mon, 26 Sep 2022 20:19:53 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=783&ck=1&ref=https://chaturbate.com/tours/3/&ap=59&be=444&fe=681&dc=570&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664228294862,%22n%22:0,%22r%22:1,%22re%22:208,%22f%22:208,%22dn%22:208,%22dne%22:208,%22c%22:208,%22s%22:208,%22ce%22:208,%22rq%22:210,%22rp%22:428,%22rpe%22:430,%22dl%22:433,%22di%22:568,%22ds%22:570,%22de%22:575,%22dc%22:680,%22l%22:680,%22le%22:681%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFMJUwsEVQkKA1VbVAIAWBh2Yi0TFUMhJTshCU0XAwZUHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwwBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEw0EAFJcB1JfGAsFWAIUVVoHU05eC1AMHAMCX1VQAFQCXg4FChNNE0sEBAYWBhQbDxtZFUVJElhMSwICSlBLRwRDFwsXCgcaB11GF1IOXBZDTkEWBhdMUEpFPlxcFQoMAEFcG3J8ZUMdGxEbFwwMCGZDXEMSWFYPQFlGUEgOFxUTFFBmBQcVDQADZlNYXAhdQENYQSsXDlxHGx1DRFg%2BBgYSCgVcak1IEVQbW0AHARANTVpJE00TTAA9DBc8AFhYUF0YEwNDLgoKFh4bGRtEAG5WEj0VAREVUFpXE1sTG01AFgU8BEtaTkIEQ2YHAw4NDx8bDxt3CENcBw0bRk9ETFRmUxNeThIHETsVA0tGUF4PEwNDW1VKU0QVF0xQPkJNEwsNA0FcG3hWSwhdVQBNVkpTRhFtCABaEXUIDBYcQx4BA2YHVQoZExRZXVVICRwZdgRSUg5NUVRSVgkECQBBd1ATBwULG0kAAxcBQx0bBgsXOwAJVFhQRUMLG1gEBVNbX11RXVMEABtNQBMFEQdURhsLQ0plQxYMERE6Gw8ZbUNJCDMGP0ZPRmUXWlAMQVgIBQ04QVwZaRt/AnBAND5BSEM6G1ZlE1sRZUNWP0ZPRmUXSW1DCxk9QFM4QUoZaRtWBF9dBBA/RllGZRdfbUMdGT1ABw0QB1tZXG4SXkwPBj9GWUZlFwltQ0wbTUAGCAoBUFdVVD5CSQ0LFzsXA0pBShNbExklEQASESQIFX1CAkdLI1BDIBAFT0d7AkF1SgIUESZXRhsZG1QNWF4IAA8BPBVJWVBFPkVcEhYQOw0VGw8bEQVYSgINFQERH2ZFWFYEERtNQAIHFw9PUGZCEV1QFT0XARASShcDE0F1SgIUESZRRhsZG1ACRVAXBzwXEwpQQWZFBEJNEj0NF0FcGxVdWBJSVhcHER08FlhSXBFDTEQ%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=783&ck=1&ref=https://chaturbate.com/tours/3/&ap=59&be=444&fe=681&dc=570&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664228294862,%22n%22:0,%22r%22:1,%22re%22:208,%22f%22:208,%22dn%22:208,%22dne%22:208,%22c%22:208,%22s%22:208,%22ce%22:208,%22rq%22:210,%22rp%22:428,%22rpe%22:430,%22dl%22:433,%22di%22:568,%22ds%22:570,%22de%22:575,%22dc%22:680,%22l%22:680,%22le%22:681%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFMJUwsEVQkKA1VbVAIAWBh2Yi0TFUMhJTshCU0XAwZUHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwwBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEw0EAFJcB1JfGAsFWAIUVVoHU05eC1AMHAMCX1VQAFQCXg4FChNNE0sEBAYWBhQbDxtZFUVJElhMSwICSlBLRwRDFwsXCgcaB11GF1IOXBZDTkEWBhdMUEpFPlxcFQoMAEFcG3J8ZUMdGxEbFwwMCGZDXEMSWFYPQFlGUEgOFxUTFFBmBQcVDQADZlNYXAhdQENYQSsXDlxHGx1DRFg%2BBgYSCgVcak1IEVQbW0AHARANTVpJE00TTAA9DBc8AFhYUF0YEwNDLgoKFh4bGRtEAG5WEj0VAREVUFpXE1sTG01AFgU8BEtaTkIEQ2YHAw4NDx8bDxt3CENcBw0bRk9ETFRmUxNeThIHETsVA0tGUF4PEwNDW1VKU0QVF0xQPkJNEwsNA0FcG3hWSwhdVQBNVkpTRhFtCABaEXUIDBYcQx4BA2YHVQoZExRZXVVICRwZdgRSUg5NUVRSVgkECQBBd1ATBwULG0kAAxcBQx0bBgsXOwAJVFhQRUMLG1gEBVNbX11RXVMEABtNQBMFEQdURhsLQ0plQxYMERE6Gw8ZbUNJCDMGP0ZPRmUXWlAMQVgIBQ04QVwZaRt/AnBAND5BSEM6G1ZlE1sRZUNWP0ZPRmUXSW1DCxk9QFM4QUoZaRtWBF9dBBA/RllGZRdfbUMdGT1ABw0QB1tZXG4SXkwPBj9GWUZlFwltQ0wbTUAGCAoBUFdVVD5CSQ0LFzsXA0pBShNbExklEQASESQIFX1CAkdLI1BDIBAFT0d7AkF1SgIUESZXRhsZG1QNWF4IAA8BPBVJWVBFPkVcEhYQOw0VGw8bEQVYSgINFQERH2ZFWFYEERtNQAIHFw9PUGZCEV1QFT0XARASShcDE0F1SgIUESZRRhsZG1ACRVAXBzwXEwpQQWZFBEJNEj0NF0FcGxVdWBJSVhcHER08FlhSXBFDTEQ%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=783&ck=1&ref=https://chaturbate.com/tours/3/&ap=59&be=444&fe=681&dc=570&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664228294862,%22n%22:0,%22r%22:1,%22re%22:208,%22f%22:208,%22dn%22:208,%22dne%22:208,%22c%22:208,%22s%22:208,%22ce%22:208,%22rq%22:210,%22rp%22:428,%22rpe%22:430,%22dl%22:433,%22di%22:568,%22ds%22:570,%22de%22:575,%22dc%22:680,%22l%22:680,%22le%22:681%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFMJUwsEVQkKA1VbVAIAWBh2Yi0TFUMhJTshCU0XAwZUHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwwBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEw0EAFJcB1JfGAsFWAIUVVoHU05eC1AMHAMCX1VQAFQCXg4FChNNE0sEBAYWBhQbDxtZFUVJElhMSwICSlBLRwRDFwsXCgcaB11GF1IOXBZDTkEWBhdMUEpFPlxcFQoMAEFcG3J8ZUMdGxEbFwwMCGZDXEMSWFYPQFlGUEgOFxUTFFBmBQcVDQADZlNYXAhdQENYQSsXDlxHGx1DRFg%2BBgYSCgVcak1IEVQbW0AHARANTVpJE00TTAA9DBc8AFhYUF0YEwNDLgoKFh4bGRtEAG5WEj0VAREVUFpXE1sTG01AFgU8BEtaTkIEQ2YHAw4NDx8bDxt3CENcBw0bRk9ETFRmUxNeThIHETsVA0tGUF4PEwNDW1VKU0QVF0xQPkJNEwsNA0FcG3hWSwhdVQBNVkpTRhFtCABaEXUIDBYcQx4BA2YHVQoZExRZXVVICRwZdgRSUg5NUVRSVgkECQBBd1ATBwULG0kAAxcBQx0bBgsXOwAJVFhQRUMLG1gEBVNbX11RXVMEABtNQBMFEQdURhsLQ0plQxYMERE6Gw8ZbUNJCDMGP0ZPRmUXWlAMQVgIBQ04QVwZaRt/AnBAND5BSEM6G1ZlE1sRZUNWP0ZPRmUXSW1DCxk9QFM4QUoZaRtWBF9dBBA/RllGZRdfbUMdGT1ABw0QB1tZXG4SXkwPBj9GWUZlFwltQ0wbTUAGCAoBUFdVVD5CSQ0LFzsXA0pBShNbExklEQASESQIFX1CAkdLI1BDIBAFT0d7AkF1SgIUESZXRhsZG1QNWF4IAA8BPBVJWVBFPkVcEhYQOw0VGw8bEQVYSgINFQERH2ZFWFYEERtNQAIHFw9PUGZCEV1QFT0XARASShcDE0F1SgIUESZRRhsZG1ACRVAXBzwXEwpQQWZFBEJNEj0NF0FcGxVdWBJSVhcHER08FlhSXBFDTEQ%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:38:17 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 750f254c09da0afe-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=4187d3e4d4866cfd; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=990&ck=1&ref=https://chaturbate.com/tours/3/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=990&ck=1&ref=https://chaturbate.com/tours/3/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=990&ck=1&ref=https://chaturbate.com/tours/3/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 1913
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:38:17 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 750f254d5b010afe-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
free-cosmetics-online.com/favicon.ico
172.67.209.47404 Not Found 0 B URL HTTP/2 free-cosmetics-online.com/favicon.ico
IP 172.67.209.47:0
GET /favicon.ico HTTP/1.1
Host: free-cosmetics-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 26 Sep 2022 21:38:14 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 97
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0%2BtXv64kpsAadaOdbi7RcvBMAaybqPdOinQTQREcX9VwZuaJV67fBfGaJneHKPqej3ZBMG%2B4BLxM9gzAP4453H3a7JdLWiipNtBnIrMAEcYn37y1mMdx5qfLrrkghIOXH4MJfoW7vr33Pc1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f2535bca1fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blockadsnot.com/native.history.min.js
185.76.9.16200 OK 0 B URL HTTP/2 www.blockadsnot.com/native.history.min.js
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
GET /native.history.min.js HTTP/1.1
Host: www.blockadsnot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.13:443"; ma=2592000; v="44,43,39"
expires: Fri, 30 Sep 2022 20:36:56 GMT
access-control-allow-origin: *
link: <https://blockadsnot.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1664570216
server: CDN77-Turbo
x-77-nzt: AblMCQ37bk//3AIEAA
x-77-nzt-ray: PChgGhXRsfo
x-cache: HIT
x-age: 262876
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
i1.wp.com/peopledotcom.files.wordpress.com/2017/01/576a_y02_rgb.jpg?w=3300
192.0.77.2404 Not Found 0 B URL HTTP/2 i1.wp.com/peopledotcom.files.wordpress.com/2017/01/576a_y02_rgb.jpg?w=3300
IP 192.0.77.2:0
GET /peopledotcom.files.wordpress.com/2017/01/576a_y02_rgb.jpg?w=3300 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 6
X-Firefox-Spdy: h2
chaturbate.com/in/?track=juicy300100-195993&tour=x1Rd&campaign=NcAyU&c=4&p=0&gender=f
104.18.101.40302 Found 0 B URL HTTP/2 chaturbate.com/in/?track=juicy300100-195993&tour=x1Rd&campaign=NcAyU&c=4&p=0&gender=f
IP 104.18.101.40:0
GET /in/?track=juicy300100-195993&tour=x1Rd&campaign=NcAyU&c=4&p=0&gender=f HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 26 Sep 2022 21:38:16 GMT
content-type: text/html; charset=utf-8
location: /tours/3/?tour=x1Rd&campaign=NcAyU&c=4&p=0&gender=f&disable_sound=0
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
set-cookie: u_x1Rd=1; expires=Sat, 01-Oct-2022 21:38:16 GMT; Max-Age=432000; Path=/
us_x1Rd=1; Path=/
affkey="eJyrVipRslJQqjAMSlHSUVBKzi0Acf2SHStDQfySomwQP6s0M7nS2MDA0MBA19DS1NLSGCRZBJLKKCkpKLbS109MKU4tKkst0gOrBfL0kvNz9UHKEtPSQApzEysqKnJTUzITjQwMLUASYKuMDJVqAZy3JV4="; Domain=.chaturbate.com; expires=Wed, 26-Oct-2022 21:38:16 GMT; Max-Age=2592000; Path=/
fromaffiliate=1; Domain=.chaturbate.com; Path=/
noads=1; expires=Tue, 27-Sep-2022 03:38:16 GMT; Max-Age=21600; Path=/
stcki="pOtSwZ=0\054FqPd9a=0\0546pduSG=0\054aDBbcK=1"; expires=Wed, 26-Oct-2022 21:38:16 GMT; Max-Age=2592000; Path=/
sbr=sec:sbra7ca3417-c7e7-4fff-a9f4-51938cba0b53:1ocvns:hZ3Gc-IDl7j8LkKIqPC9wC7zS3k; Domain=.chaturbate.com; expires=Sat, 21-Jun-2025 21:38:16 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
__cf_bm=BXGRgVsS2kphBb3UMKRLV5M8xN7pI4_4DfhIn2BbPH4-1664228296-0-AcaOzchmqiM9nweKvCKok3g+8iffXoAqVImIxq9aqh/QKQ8X7ve8JMwhJjbszko2HTmdc6VCd7I51NHVkyUba0U=; path=/; expires=Mon, 26-Sep-22 22:08:16 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 750f25470abc0afa-OSL
X-Firefox-Spdy: h2
pfewuzbtkr.com/get/1830123?zoneid=1830123&jp=_clbmyen6zuhtnx2to7ujci&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=672016818650211
62.122.171.6200 OK 0 B URL HTTP/2 pfewuzbtkr.com/get/1830123?zoneid=1830123&jp=_clbmyen6zuhtnx2to7ujci&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=672016818650211
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1830123?zoneid=1830123&jp=_clbmyen6zuhtnx2to7ujci&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=672016818650211 HTTP/1.1
Host: pfewuzbtkr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=22092616384c42868bd32d47ebb229176472; Path=/; Expires=Tue, 26 Sep 2023 21:38:12 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
i0.wp.com/www.lpsg.com/proxy.php?image=http:%2F%2F67.media.tumblr.com%2Fba1ba20e1f3d2480e38f114235366cd0%2Ftumblr_o3xm9b3btc1v7f88bo1_1280.jpg&hash=48c64c05f7730a1f073752bf2082a60f
192.0.77.2400 Bad Request 0 B URL HTTP/2 i0.wp.com/www.lpsg.com/proxy.php?image=http:%2F%2F67.media.tumblr.com%2Fba1ba20e1f3d2480e38f114235366cd0%2Ftumblr_o3xm9b3btc1v7f88bo1_1280.jpg&hash=48c64c05f7730a1f073752bf2082a60f
IP 192.0.77.2:0
GET /www.lpsg.com/proxy.php?image=http:%2F%2F67.media.tumblr.com%2Fba1ba20e1f3d2480e38f114235366cd0%2Ftumblr_o3xm9b3btc1v7f88bo1_1280.jpg&hash=48c64c05f7730a1f073752bf2082a60f HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
server: nginx
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: text/html; charset=utf-8
x-nc: EXPIRED arn 4
X-Firefox-Spdy: h2
wankgod.com/links-en.php?&jl=11
104.21.72.209200 OK 0 B URL HTTP/2 wankgod.com/links-en.php?&jl=11
IP 104.21.72.209:0
GET /links-en.php?&jl=11 HTTP/1.1
Host: wankgod.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: application/javascript
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2XN%2FXrGIMGNGgpvMPlOZBlcoPAF2mzcGYLqIUXMmufzduPPa24CuDU2w%2FJKJWqq6L%2BKsVabyLS%2FRcZXDyInjOYkAiun5WKvp3afqOIxXlgIsll5jbRrSY8t30%2F0jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f252aba51fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i0.wp.com/us.hola.com/en/imagenes/celebrities/201704288055/luis-fonsi-despacito-billboard-latin-music-awards-2017/0-6-442/luishp-t.jpg
192.0.77.2400 Bad Request 0 B URL HTTP/2 i0.wp.com/us.hola.com/en/imagenes/celebrities/201704288055/luis-fonsi-despacito-billboard-latin-music-awards-2017/0-6-442/luishp-t.jpg
IP 192.0.77.2:0
GET /us.hola.com/en/imagenes/celebrities/201704288055/luis-fonsi-despacito-billboard-latin-music-awards-2017/0-6-442/luishp-t.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
server: nginx
date: Mon, 26 Sep 2022 21:38:13 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 8
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
104.16.94.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
IP 104.16.94.42:0
GET /CACHE/js/output.6f6724a00cb8.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:17 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"a708027bfbbde438a72a93082d4bc4b5"
last-modified: Thu, 24 Jun 2021 21:24:05 GMT
x-amz-id-2: JSy2VAlm3gAahvlCm5/iqNOQuasckcIrq13CGup8iDmNjJ/I2mSXsAw6q4OzSeK3RH88h3oFZ3U=
x-amz-meta-s3cmd-attrs: md5:a708027bfbbde438a72a93082d4bc4b5
x-amz-request-id: 2D5V5B3Y2TWH6PZC
cf-cache-status: HIT
age: 778256
expires: Wed, 26 Oct 2022 21:38:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9zJJPEgQ1b%2Fr%2FehjckTldHwb%2B%2BuQ%2F%2Bqm7XOJXJrtU2elW3sW1ZHWKF2YW6xMnnXzq7OBeTpsTMOjKRey33e1NYNzbIWhqNjtOca2sYmk89lEaLsfht5cQnMVpu2EMECi%2FyCOVbdwRmX5yeeNwQBTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=0F3vMm5gAgGtM5YEP3q2EqynH71mu0Q3qLLftXGnbC8-1664228297307-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 750f254a1dc7b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Gudea%3A400%2C400italic%2C700%2C700italic%7CMagra%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Gudea%3A400%2C400italic%2C700%2C700italic%7CMagra%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext
IP 142.250.74.10:0
GET /css?family=Gudea%3A400%2C400italic%2C700%2C700italic%7CMagra%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 21:38:11 GMT
date: Mon, 26 Sep 2022 21:38:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.javhd.com/h5/files/video/6461-19699-300x250.medium.mp4
185.76.9.24206 Partial Content 0 B URL HTTP/2 static.javhd.com/h5/files/video/6461-19699-300x250.medium.mp4
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /h5/files/video/6461-19699-300x250.medium.mp4 HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/16441/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzgxNTYsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI3ODQ4fQ
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Mon, 26 Sep 2022 21:38:14 GMT
content-type: video/mp4
content-length: 524664
last-modified: Tue, 26 Jul 2022 12:47:15 GMT
etag: "62dfe253-80178"
expires: Sun, 31 Jul 2022 00:27:34 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-accel-expires: @1664293847
server: CDN77-Turbo
x-77-nzt: AblMCRRGK0X/b1EAAA
x-77-nzt-ray: o4MEK26G9xY
x-cache: HIT
x-age: 20847
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-524663/524664
X-Firefox-Spdy: h2
static.javhd.com/h5/files/css/style.css
185.76.9.24200 OK 0 B URL HTTP/2 static.javhd.com/h5/files/css/style.css
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /h5/files/css/style.css HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/16441/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzgxNTYsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjI3ODQ4fQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:38:14 GMT
content-type: text/css
last-modified: Wed, 25 May 2016 08:29:12 GMT
etag: W/"57456258-7bd"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRSYWMv/dbGmAA
x-77-nzt-ray: 1YYcgG17HnQ
x-cache: HIT
x-age: 10924405
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
i0.wp.com/peopledotcom.files.wordpress.com/2017/01/576a_y17_rgb.jpg?w=3300
192.0.77.2404 Not Found 0 B URL HTTP/2 i0.wp.com/peopledotcom.files.wordpress.com/2017/01/576a_y17_rgb.jpg?w=3300
IP 192.0.77.2:0
GET /peopledotcom.files.wordpress.com/2017/01/576a_y17_rgb.jpg?w=3300 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 26 Sep 2022 21:38:15 GMT
content-type: text/html; charset=utf-8
x-nc: HIT arn 1
X-Firefox-Spdy: h2
js.juicyads.com/jp.php?c=446433y2r256r2x2t2f46384&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23datawav
143.204.55.57200 OK 0 B URL HTTP/2 js.juicyads.com/jp.php?c=446433y2r256r2x2t2f46384&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23datawav
IP 143.204.55.57:0
GET /jp.php?c=446433y2r256r2x2t2f46384&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23datawav HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
date: Mon, 26 Sep 2022 21:25:42 GMT
expires: Mon, 26 Sep 2022 21:40:42 GMT
pragma: cache
server: nginx
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uWIs1QdnCETfLmlAwHWAuNswOv5T67misoh0Tx9_m419CeMh1R4xZA==
age: 749
X-Firefox-Spdy: h2
i2.wp.com/daily.squirt.org/wp-content/uploads/2017/06/89371_02-e1498246178851.jpg
192.0.77.2403 Forbidden 0 B URL HTTP/2 i2.wp.com/daily.squirt.org/wp-content/uploads/2017/06/89371_02-e1498246178851.jpg
IP 192.0.77.2:0
GET /daily.squirt.org/wp-content/uploads/2017/06/89371_02-e1498246178851.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 4
X-Firefox-Spdy: h2
i2.wp.com/www.directlyrics.com/img/upload/joe-jonas-bulge.jpg
192.0.77.2404 Not Found 0 B URL HTTP/2 i2.wp.com/www.directlyrics.com/img/upload/joe-jonas-bulge.jpg
IP 192.0.77.2:0
GET /www.directlyrics.com/img/upload/joe-jonas-bulge.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 3
X-Firefox-Spdy: h2
i0.wp.com/peopledotcom.files.wordpress.com/2017/01/576a_y17_rgb.jpg?w=3300
192.0.77.2404 Not Found 0 B URL HTTP/2 i0.wp.com/peopledotcom.files.wordpress.com/2017/01/576a_y17_rgb.jpg?w=3300
IP 192.0.77.2:0
GET /peopledotcom.files.wordpress.com/2017/01/576a_y17_rgb.jpg?w=3300 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Mon, 26 Sep 2022 21:38:12 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 1
X-Firefox-Spdy: h2