www2.javhdporn.net/video/dass-100-decensored/
104.21.233.142301 Moved Permanently 0 B URL HTTP/1.1 www2.javhdporn.net/video/dass-100-decensored/
IP 104.21.233.142:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /video/dass-100-decensored/ HTTP/1.1
Host: www2.javhdporn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 14 Jan 2023 23:22:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 15 Jan 2023 00:22:25 GMT
Location: https://www2.javhdporn.net/video/dass-100-decensored/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYaHhsIQ5uzZizjcFYawaLI0dLu1IDaPaMThQShP05KweGphmSIwfiFiLDIIoSj0nQl0J3RUxbtXNuqMchudF%2FeEy9SoaGeUAuVyYue1WT02Gr3mhUpkIrL8HHmm613PAExGLpk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 789a1d1329658873-LHR
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2196
Expires: Sat, 14 Jan 2023 23:59:01 GMT
Date: Sat, 14 Jan 2023 23:22:25 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12001
Expires: Sun, 15 Jan 2023 02:42:26 GMT
Date: Sat, 14 Jan 2023 23:22:25 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 14 Jan 2023 22:42:04 GMT
content-type: application/json
age: 2421
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 64765d3d978fd74d7bc47d55d4f097cf
92eb3f0d55ba99be28105c0b28ef7dd456817f1f
761aab02513e7a0ec55ea59109e88b39cbd4e17df0cd2035aa37a4693f22d1f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "761AAB02513E7A0EC55EA59109E88B39CBD4E17DF0CD2035AA37A4693F22D1F3"
Last-Modified: Thu, 12 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4147
Expires: Sun, 15 Jan 2023 00:31:32 GMT
Date: Sat, 14 Jan 2023 23:22:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yFoBtoNr8lVvt8OMIp9So9TPNI1yMNWhZrSmGbp+uwNdA2Y6PhAQZ04r0LVmnxmx3ZJwiF+aJmk=
x-amz-request-id: 6RRYXY0XN23JAQ3A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 14 Jan 2023 22:43:54 GMT
age: 2311
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 23:22:25 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.17.24.14200 OK 77 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www2.javhdporn.net
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:25 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 701984
expires: Thu, 04 Jan 2024 23:22:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjC7SqLdUuHd4ZxefrlJozyTa%2BO%2F4oztop5yoJns9sbyihqZq5sMDth5iIcz69Q1lLi2LCyJhbFYbXvJEKJBBBotE%2B3YVHxYv7uss7YCE6i%2B0Whudodxglf6IamMIVX0xWUi2E3Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 789a1d166be5b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.1/js/bootstrap.bundle.min.js
104.17.24.14200 OK 19 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.1/js/bootstrap.bundle.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65299)
Hash 1a13bc8c737c460770523dd3d5de3d6c
9af98c366118aedef97ff8bab501cf3282f9325c
9e1c252fd945713e10d1ba7470ea24950c34cde439ac15fbc55180a2b971cdca
GET /ajax/libs/twitter-bootstrap/4.6.1/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 19418
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "617ac9de-4bda"
last-modified: Thu, 28 Oct 2021 16:03:42 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 799956
expires: Thu, 04 Jan 2024 23:22:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Reku0VnJ5R8w5qQ0oavQZJ4jsDW2qAS8X3OLRCJG63SrdpRrz9Yg1mj9l5NVwYqm5XCf%2Fz7%2FcMgmRy3CZ6tL5U2SkiAdETwZkl3RZ3b6lcIu72l690HKk2gcGv9h1TDLxs26toGt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 789a1d166bfb1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery.touchswipe/1.6.18/jquery.touchSwipe.min.js?ver=1.6.18
104.17.24.14200 OK 4.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.touchswipe/1.6.18/jquery.touchSwipe.min.js?ver=1.6.18
IP 104.17.24.14:0
File type ASCII text, with very long lines (20000)
Hash 78f8315b49be7a02d6a78017242db059
a0c1f6e82322e1b5628fadd08b692ed72b26a400
94f2bcf31a6b927a8ee6ac97b8c395a49a68a37ad0cd5174c68e4776640362c8
GET /ajax/libs/jquery.touchswipe/1.6.18/jquery.touchSwipe.min.js?ver=1.6.18 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 4497
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-4fbc"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 24631101
expires: Thu, 04 Jan 2024 23:22:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYvbSJKXi0u%2BzHbbNdZC0hcGynp95AP30fUHbA3K1S%2F0W4vkZCSfNHy2ZGUF%2BEcgWXNpeLbdPrJq8CjpaNmZc8jNGt%2F9jOs44aR2EJ%2Fvj8xXHUvZ97PzziYyIEFn65xl4fc7%2Br6r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 789a1d166c081bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js?ver=2.0.8
104.17.24.14200 OK 5.1 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js?ver=2.0.8
IP 104.17.24.14:0
File type ASCII text, with very long lines (17660)
Hash abe1df98b6ab4644bd567e6669d0da03
27e3bf22ef08b7ca0090721ed31b4f921d278e7c
cd40ba7dbf63d67511c0fd56b7e5327dbedb43d15c439d79a8aacb6377059540
GET /ajax/libs/postscribe/2.0.8/postscribe.min.js?ver=2.0.8 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 5117
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-45f4"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2607697
expires: Thu, 04 Jan 2024 23:22:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yiu2DTVgohAFtFHjNWfqkCELJSH48BKpt1JJKxvF%2B5uAvgoDSQiRzegNm%2FOGcimMsudYfbadA5jweqoUzSZ7l0MmP1kB3FyuoFF%2FFbNUf%2Fdl%2F7bScY7PsilUm5SzoI5XF1rjZiP%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 789a1d168c0f1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e804586be26c88b95d554afe0ef24d5c
6f99b1fe2330c4661608f17819a4490a92ca296c
38894b7977e8f8e790a71eedf8144799a77ccceb49771e7458392ad7916293db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 2.6 kB IP 142.250.74.131:0
Hash 16153c3ee56505456389c855126e5358
d0deb08db2041bcfea433d14780ea89991a831df
babdd737d53211cc179693cbdf67fd5316cc562ba7665ad1cfa353285c26e43b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-124653024-9
172.217.21.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-124653024-9
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash d86ede6d4b22a845b9ca3612d195fb73
bd9ce40d5dd1bcf68a56f7c01444504ee9334947
5680c38c723472f0415973bbf3080d8f140b8a392008e7f16ecb0f97735e5219
GET /gtag/js?id=UA-124653024-9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Jan 2023 23:22:25 GMT
expires: Sat, 14 Jan 2023 23:22:25 GMT
cache-control: private, max-age=900
last-modified: Sat, 14 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44169
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4
142.250.74.138200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4
IP 142.250.74.138:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 22:50:26 GMT
expires: Sat, 13 Jan 2024 22:50:26 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 88319
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 95b26e215cb04c9c93c96a94f87a75f5
dce249f00e43f67a9084d9bc846d03d4f8779483
c6a286795f0c914b3f531b99726483a2e991030a1feff2fdc224d790aba03d48
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 664
Cache-Control: max-age=157047
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:22:25 GMT
Etag: "63c2f910-116"
Expires: Mon, 16 Jan 2023 18:59:52 GMT
Last-Modified: Sat, 14 Jan 2023 18:48:48 GMT
Server: ECS (amb/6B99)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 30 kB IP 142.250.74.131:0
Hash afbf68e3dde8b15a831a3fb82f86dc90
05c6816c33849a043bdffbd7d9232bdbaa161ac2
6180df3c396d333180cc413e62240e16c0556a3c86de07fadb72ba0b05912ab3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 83579ff88cab4d4d05d4741599104d9c
fe74c219f8655a4ca36fe397884e55ab63d1288a
a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 14 Jan 2023 23:17:25 GMT
age: 300
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c01ec61f7ca77158f474b3ab519c12fa
fc82ae0fcd73a83a980b75709a08e65239894e4a
f533e0fac9b92e79d4fbd6e70b42a83067de95f0a13cc737d7e5fa459baa4c54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2882
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:22:26 GMT
Last-Modified: Sat, 14 Jan 2023 22:34:24 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 14 Jan 2023 22:41:07 GMT
expires: Sun, 15 Jan 2023 00:41:07 GMT
cache-control: public, max-age=7200
age: 2479
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pics.pornfhd.com/s/mono/movie/adult/dass077/dass077pl.jpg
104.21.235.64200 OK 43 kB URL HTTP/2 pics.pornfhd.com/s/mono/movie/adult/dass077/dass077pl.jpg
IP 104.21.235.64:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", progressive, precision 8, 476x320, components 3\012- data
Hash fed6fb8aa31f70f8ef452a7d7b826039
1510435973fa280557e5b02651ed92c88ace1961
ff064fda0366e7aae93b6e7d2dc295e4713a5b99d942f39ec95bf5cb3e114fe6
GET /s/mono/movie/adult/dass077/dass077pl.jpg HTTP/1.1
Host: pics.pornfhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:25 GMT
content-type: image/jpeg
last-modified: Thu, 22 Sep 2022 06:34:39 GMT
vary: Accept-Encoding
etag: W/"632c01ff-a202"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1962438
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tC2oTAFlMnAG9WSVuY2n93I4cybKpAh15EdrEoXyw9lDmTexFTUQc%2BYeffRJtF92te3crJZ%2Bay08F0TMw8Pl0V7AUrG95Qx5CF1ShJnP0PsoSMSLPK1CdUmWSAJwIo0vELwO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 789a1d183ac776ea-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.24.160.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.24.160.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hnhczeJXbm+Ds7helJpiBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Gn/UzNgxMIlf9+gbBpSV3DdV5sg=
asg.phukienthoitranggiare.com/api/settings/259953
135.181.208.216200 OK 524 B URL HTTP/2 asg.phukienthoitranggiare.com/api/settings/259953
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash cf6aebae4309508ee1fd1c8e337f04e4
562cb34acd1b06980c7be7874a59f8703e8088a7
9c291cd604beb084ebe0c8605cf7785f431354512b07b88832fb09bba8dbe82a
GET /api/settings/259953 HTTP/1.1
Host: asg.phukienthoitranggiare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www2.javhdporn.net/
Origin: https://www2.javhdporn.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 23:22:26 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
poweredby.jads.co/js/jads.js
185.94.236.245301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.236.245:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 14 Jan 2023 23:22:26 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
poweredby.jads.co/js/jads2.js
185.94.236.245200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP 185.94.236.245:0
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www2.javhdporn.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Jan 2023 23:22:26 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 21 Nov 2022 05:24:20 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"637b0b84-eae"
Content-Encoding: gzip
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 96c11f8582b06a8d9076654bc884c4c2
bfa721491f40b42f085949e255fdefc8cf437870
164991b91cab1cdfebe39417acb105b464d16acee094a2d1e1b61058824a497b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "164991B91CAB1CDFEBE39417ACB105B464D16ACEE094A2D1E1B61058824A497B"
Last-Modified: Sat, 14 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13740
Expires: Sun, 15 Jan 2023 03:11:27 GMT
Date: Sat, 14 Jan 2023 23:22:27 GMT
Connection: keep-alive
go.xlviiirdr.com/smartpop/b12dbba4a74f1f286b44c367348434fcb52005247fbe29388c0f42e2bb53542e?userId=a857d671ed2ee3f67e327d7a3d55455ceef35f57922f8f8f71c52e413accec69
104.18.51.106302 Found 0 B URL HTTP/2 go.xlviiirdr.com/smartpop/b12dbba4a74f1f286b44c367348434fcb52005247fbe29388c0f42e2bb53542e?userId=a857d671ed2ee3f67e327d7a3d55455ceef35f57922f8f8f71c52e413accec69
IP 104.18.51.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/b12dbba4a74f1f286b44c367348434fcb52005247fbe29388c0f42e2bb53542e?userId=a857d671ed2ee3f67e327d7a3d55455ceef35f57922f8f8f71c52e413accec69 HTTP/1.1
Host: go.xlviiirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 14 Jan 2023 23:22:27 GMT
content-length: 0
location: https://creative.xlirdr.com/widgets/Player?autoplay=all&autoplayForce=all&campaignId=b12dbba4a74f1f286b44c367348434fcb52005247fbe29388c0f42e2bb53542e&campaignType=smartpop&creativeId=9d1e7de94c9852b91e149dd135c0f31676824fa6327f94440e0cb99789281fe1&iterationId=164961&masterSmartpopId=0&quality=240p&ruleId=0&showModal=signup&smartpopId=5094&tag=girls%2Fchinese&userId=a857d671ed2ee3f67e327d7a3d55455ceef35f57922f8f8f71c52e413accec69&variationId=27486
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=63662521.27486; Path=/; HttpOnly; SameSite=Strict
__cflb=0H28uukSkGJRy5UBr1u9iAwwBfboBLDctTyRxqixebv; SameSite=None; Secure; path=/; expires=Sun, 15-Jan-23 22:22:27 GMT; HttpOnly
server: cloudflare
cf-ray: 789a1d1f3ba00b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 96c11f8582b06a8d9076654bc884c4c2
bfa721491f40b42f085949e255fdefc8cf437870
164991b91cab1cdfebe39417acb105b464d16acee094a2d1e1b61058824a497b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "164991B91CAB1CDFEBE39417ACB105B464D16ACEE094A2D1E1B61058824A497B"
Last-Modified: Sat, 14 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13740
Expires: Sun, 15 Jan 2023 03:11:27 GMT
Date: Sat, 14 Jan 2023 23:22:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7faffc5b54921d6f01defb954f1ed686
52a122fb753b93db3bafe36f51db490962fadcea
d452e49c38ee0b60503d6d1af3c219adabc5ce5c6cfe45658dae3a01a7196384
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D452E49C38EE0B60503D6D1AF3C219ADABC5CE5C6CFE45658DAE3A01A7196384"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6929
Expires: Sun, 15 Jan 2023 01:17:56 GMT
Date: Sat, 14 Jan 2023 23:22:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d5ae38de1affae593f080416ead96868
41e22e685ce7d031258d656bbc8e7cd0618d84af
75e5f8ed207620c10664742c10fa054f3dadfb2b3ee34e7c5f3489f7e66ef93f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2228
Cache-Control: max-age=100309
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:22:27 GMT
Etag: "63c21554-117"
Expires: Mon, 16 Jan 2023 03:14:16 GMT
Last-Modified: Sat, 14 Jan 2023 02:37:08 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
video.ktkjmp.com/adsbygoogle.js
104.18.59.150200 OK 16 B URL HTTP/2 video.ktkjmp.com/adsbygoogle.js
IP 104.18.59.150:0
Hash 3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Origin: https://creative.xlirdr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:27 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: lcNIxMaAofF7Fv+CenZmpGJJrSUFrD74EH/RfdAjL9Jhx1+3B0JyXF3qWYdsiZqTewxi/ePstns=
x-amz-request-id: 3YWB4S6N4MZ3W6PX
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.xlirdr.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 6621
expires: Sun, 15 Jan 2023 03:22:27 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 789a1d20df8ab4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d5ae38de1affae593f080416ead96868
41e22e685ce7d031258d656bbc8e7cd0618d84af
75e5f8ed207620c10664742c10fa054f3dadfb2b3ee34e7c5f3489f7e66ef93f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2228
Cache-Control: max-age=100309
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:22:27 GMT
Etag: "63c21554-117"
Expires: Mon, 16 Jan 2023 03:14:16 GMT
Last-Modified: Sat, 14 Jan 2023 02:37:08 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
img.pornfhd.com/logo.png
104.21.235.64200 OK 23 kB IP 104.21.235.64:0
File type PNG image data, 200 x 54, 8-bit/color RGBA, non-interlaced\012- data
Hash 33bf9b6d41234b1e885f8f4d535bb27a
a99f2bf100dfa53b1c4888733abe42ba4318954e
43c81da2a7afa53c4b6a6aed932f1d30eeca03401dbac0929d3ce9884e262712
GET /logo.png HTTP/1.1
Host: img.pornfhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:25 GMT
content-type: image/png
last-modified: Mon, 15 Feb 2021 15:38:47 GMT
vary: Accept-Encoding
etag: W/"602a9587-2457"
expires: Tue, 21 Dec 2021 02:22:17 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 2148939
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2Brr300aVCODpsT5vPnqFpmzC615cp%2BGUcKY3v4r3NT94yIfOSl1vXaUs9xEXm1XyPBsXGNpDceapb5sxZT%2BTnfWG8PRTAleGau0lJ8Elua4oz4vZ%2BJAZykMvkz0vRjlfpI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 789a1d184ae076ea-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 66 kB IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 58ba40cd55dbef58f2ede00454361fa5
d70d979fb47e9b2ff815a67e1fbe4951f4912f85
c94f7ec662c3bd7d33217807048a910539f7e0cf2e57a7d597d9179d27c3ea76
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "0B270314F74BA5DC8288D46482EA4E08B2B701326382AD16E88FBF73762DAC3E"
Last-Modified: Fri, 13 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13088
Expires: Sun, 15 Jan 2023 03:00:35 GMT
Date: Sat, 14 Jan 2023 23:22:27 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 736c958448b6596d24bb99f0cf0b232d
c8137445dd9df3a26faeead5af609bf1a51654cf
f625ce9a12c763fcaa2fff8d6410de8f9f0ea6673531e6fc6d00e0f4ffe7a17d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=138663
Date: Sat, 14 Jan 2023 23:22:27 GMT
Etag: "63c2ae94-1d7"
Expires: Mon, 16 Jan 2023 13:53:30 GMT
Last-Modified: Sat, 14 Jan 2023 13:31:00 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PQFHqeDG5r_cixv9et2POGOmOw90ET-YtdN3Z2QwdRzEuLAmiu0SKA==
Age: 1350
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5265
Expires: Sun, 15 Jan 2023 00:50:12 GMT
Date: Sat, 14 Jan 2023 23:22:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5265
Expires: Sun, 15 Jan 2023 00:50:12 GMT
Date: Sat, 14 Jan 2023 23:22:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: eb427fd6-c342-4a22-af45-ecc528cf4a8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: epfDqEAZIAMFudQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0787d-4f61ecd2422081224869da76;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:15:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RRMRT2BC5p1x0Vh20ut0Kjbz2mnaNToUIbzIg9oczduvzYCckvFORA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 12:46:14 GMT
age: 38173
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c8e4b9f12af5bbc6b743aeae4dfc55a
97f874ba034be152dfecd90e4996c928aa268950
bfc0ef4f4d13b729a3a38efbb04d2c58e6b05bbc2bd3492611c0fc26457d1dec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6658
x-amzn-requestid: 4a356eaa-4717-410c-af86-5d3770f0cf7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eniyVExqoAMFWkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bfb1a8-05a4e869449e4d730a5dd438;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 07:07:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DYhe3FP33g_RE6_A5xfXX-LsGUgGLIYh281b0QUmEDYbQGUA0cJnEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 07:17:10 GMT
age: 57917
etag: "97f874ba034be152dfecd90e4996c928aa268950"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.58.124.101200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.58.124.101:0
File type ASCII text, with no line terminators
Hash 2a1b181983c81551ccc8410c3458415e
5772eb422ebe05341024d1e200558f30979e8666
aff7e2ddb087333a173d92eb2e77a1bedc5a289314f4d3d40165d75ae3305129
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www2.javhdporn.net
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:27 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www2.javhdporn.net
access-control-allow-credentials: true
set-cookie: uid_id2=e5c8821a-e397-4dfd-9b76-231cf8931b11:2:1; expires=Tue, 11 Jan 2033 23:22:27 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6eabf5f-7d91-476e-9896-3162652163aa.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6eabf5f-7d91-476e-9896-3162652163aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9365e4ddb0fa0d3f6dbdec98433e02a9
a9e0dc338dabcdebb33b35a162b0fb6950b31ddb
cbe4cdf59e5a2f7433485637c88c3fba9c022de1c7559e42ceb9a2c8a872fd21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6eabf5f-7d91-476e-9896-3162652163aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5463
x-amzn-requestid: 5e0c891d-c5f0-48a9-8f69-6ca2290039b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ejsaSEHpoAMFW6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63be2774-55e5f2937d688fb00a12d61b;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 03:05:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Feucn9ZUPUt4-pK95m7prVHR5OhBzEuYo4CHMvwqSyHEiRfHpz-25A==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:51:08 GMT
age: 5479
etag: "a9e0dc338dabcdebb33b35a162b0fb6950b31ddb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2973663e-5260-4c6e-8a14-91348fef9f3e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2973663e-5260-4c6e-8a14-91348fef9f3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccd9a6ee59820f0e819323256cdeebcf
4b7dc1d4fa669c62d8506add356364020c203c7b
4d55fcb90dddc5eae466cc9ce0c42b560b964e3c5c02f069f6a09695af996fe3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2973663e-5260-4c6e-8a14-91348fef9f3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10319
x-amzn-requestid: e8b1b643-253f-4dee-ad0c-687d30b1a29f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eaWncHP5oAMFSRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba6afc-412567503a6185391cf200f4;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 07:04:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4Qp2LOvEM-11PLwVbesAUWzO-z9b89zlVqdx_JAdL_imFo7pN9x4-Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 18:28:21 GMT
age: 17646
etag: "4b7dc1d4fa669c62d8506add356364020c203c7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5689dc6-f9f1-44f4-ad5b-5f82342c4d61.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5689dc6-f9f1-44f4-ad5b-5f82342c4d61.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfa0e66c7a8ac9ed5fdf326c75762e17
35294b3a5def1ecd2558ae4a29f7fef66a788045
91497e98350b39da877473470b9ed26305e621ad60db3afd85e45cd7b5de1be3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5689dc6-f9f1-44f4-ad5b-5f82342c4d61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6357
x-amzn-requestid: 416afdbc-f09b-47f3-9711-5ab5c8a5b75f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eniq0FX2IAMFoAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bfb178-0f777a3a7f3dba1c1c0e7317;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 07:06:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XSuVP1q5pSeVC9A45PiYe_w8QQNWFB4MOnvlQzBoNZodFnDssCHPWg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 07:11:15 GMT
age: 58272
etag: "35294b3a5def1ecd2558ae4a29f7fef66a788045"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc3d9c-c641-44bc-8984-14b267d61d21.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc3d9c-c641-44bc-8984-14b267d61d21.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15d27349999654cef859ce88c7667481
9fff393bf1bfa3b7343f38377e8c8ba62f1c0330
86cb634ee11bcffc4f3ee27a2296391ef30db42fad0ff4175e972f326874f0a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc3d9c-c641-44bc-8984-14b267d61d21.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10853
x-amzn-requestid: 4c222ab3-cccb-47d4-807f-414e2260915d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enKKoGmNoAMF6QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf8a43-3b8bfa6343396d0e72695658;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 04:19:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sa7Ga2ul0S-_xwpeI_7RmvQKmNxwiwBRi7FFDwsIE2vYlogEe75zJA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 07:57:22 GMT
age: 55505
etag: "9fff393bf1bfa3b7343f38377e8c8ba62f1c0330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5c59b51c6f0837c051f52610c7275766
870e615a77d26f1a2259939b89c3d2394fe9f8fa
d8bf9c46334887e6e129850a1c7b0a60bea4f1c244d77b18e6835fc6e944aa6f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3221
Cache-Control: max-age=113547
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:22:27 GMT
Etag: "63c24529-116"
Expires: Mon, 16 Jan 2023 06:54:54 GMT
Last-Modified: Sat, 14 Jan 2023 06:01:13 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76237ec279f24af78ed3bdc74ae6b65e
863b83d52ad01b97e03127b8f7303e75d79e2978
0b270314f74ba5dc8288d46482ea4e08b2b701326382ad16e88fbf73762dac3e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "0B270314F74BA5DC8288D46482EA4E08B2B701326382AD16E88FBF73762DAC3E"
Last-Modified: Fri, 13 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13088
Expires: Sun, 15 Jan 2023 03:00:35 GMT
Date: Sat, 14 Jan 2023 23:22:27 GMT
Connection: keep-alive
img.strpst.com/thumbs/1673738461/99990317
104.18.63.124200 OK 52 kB URL HTTP/2 img.strpst.com/thumbs/1673738461/99990317
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash d0e7fe5d6cc8ea3a262aa42d8d67c3bc
2744f25dd193c84b3cbc85099b6e3168a6a6ec35
d3ded318b0d523bdd72480111fc055f1b157e0e9da1c443d840760e54b617aee
GET /thumbs/1673738461/99990317 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlirdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:27 GMT
content-type: image/jpeg
content-length: 52231
cf-bgj: imgq:100,h2pri
cf-polished: origSize=54645, status=webp_bigger
etag: "9571b09f4b71b8369a8f394288462418"
last-modified: Sat, 14 Jan 2023 23:20:34 GMT
cf-cache-status: HIT
age: 36
expires: Sat, 14 Jan 2023 23:52:27 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 789a1d23e912b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5c59b51c6f0837c051f52610c7275766
870e615a77d26f1a2259939b89c3d2394fe9f8fa
d8bf9c46334887e6e129850a1c7b0a60bea4f1c244d77b18e6835fc6e944aa6f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3221
Cache-Control: max-age=113547
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:22:27 GMT
Etag: "63c24529-116"
Expires: Mon, 16 Jan 2023 06:54:54 GMT
Last-Modified: Sat, 14 Jan 2023 06:01:13 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
poweredby.jads.co/adshow.php?adzone=847494
185.94.236.245200 OK 1.5 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=847494
IP 185.94.236.245:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (359), with CRLF, LF line terminators
Hash abc1830fb8a7af0bb24f46f31046a192
5758fbf6455e58932882ab9d5c4c80a1fd1e7b4c
091be7075427a14600513b45239a96dd731e0d1a0ee54deb28876a203dbe2219
GET /adshow.php?adzone=847494 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Jan 2023 23:22:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=b9a9cef30ae9a4a6800e1722147d382a; expires=Sun, 14-Jan-2024 23:22:27 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Tue, 17-Jan-2023 23:22:27 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 17-Jan-2023 23:22:27 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e8b78317d64b4f9f49768df6d5a17465
c391a229c97c3ba93b7aaf62db8443fdca34d7b8
3b780eabad846bc48eac5075b9fc64995df50e8151130c881640294cd2f1e31b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B780EABAD846BC48EAC5075B9FC64995DF50E8151130C881640294CD2F1E31B"
Last-Modified: Thu, 12 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1488
Expires: Sat, 14 Jan 2023 23:47:15 GMT
Date: Sat, 14 Jan 2023 23:22:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 59dc38c00d9b7b04891efe29ca21ce08
b749a2c4b70f40ad3e0f1db8fe02d9f9df6a24e6
4ff3d1629a713114d5e5b44a3f71a995fc3fa77745d700d89895b49a7e006d28
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FF3D1629A713114D5E5B44A3F71A995FC3FA77745D700D89895B49A7E006D28"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10986
Expires: Sun, 15 Jan 2023 02:25:34 GMT
Date: Sat, 14 Jan 2023 23:22:28 GMT
Connection: keep-alive
ads.adxadserv.com/ad?spotid=62e294ed61d6e24c01635c17&type=300x250&output=html&extra1=0&ref=https%3A//www2.javhdporn.net/video/dass-100-decensored/&dt=1673738548056&screen=1280x1024&tags=
185.98.53.2200 OK 1.7 kB URL HTTP/2 ads.adxadserv.com/ad?spotid=62e294ed61d6e24c01635c17&type=300x250&output=html&extra1=0&ref=https%3A//www2.javhdporn.net/video/dass-100-decensored/&dt=1673738548056&screen=1280x1024&tags=
IP 185.98.53.2:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (579)
Hash 8b7e9358700b291f61264960c0e5f84b
fa0de02ffd34286bd42c879c8cd0505b9c79a062
3145372b6e1aa569ce3eab7b50ca74a75f20a26fd1626712bda718c34136b64f
GET /ad?spotid=62e294ed61d6e24c01635c17&type=300x250&output=html&extra1=0&ref=https%3A//www2.javhdporn.net/video/dass-100-decensored/&dt=1673738548056&screen=1280x1024&tags= HTTP/1.1
Host: ads.adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 23:22:28 GMT
content-type: text/html; charset=utf-8
content-length: 1654
cache-control: no-cache
X-Firefox-Spdy: h2
asg.phukienthoitranggiare.com/api/spots/259953?host=www2.javhdporn.net&ev=197&wh=939&ww=1280&uuid=
135.181.208.216200 OK 1.2 kB URL HTTP/2 asg.phukienthoitranggiare.com/api/spots/259953?host=www2.javhdporn.net&ev=197&wh=939&ww=1280&uuid=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash 4a0155b31f7b1686b9ce7feeb8af463a
da4370a68064f2706783e0a3eb2b5f66a788fc36
6f9fa9282c6b976b42259b8ad78a93e52c9481b44cb1ab2d211733539f7410ff
GET /api/spots/259953?host=www2.javhdporn.net&ev=197&wh=939&ww=1280&uuid= HTTP/1.1
Host: asg.phukienthoitranggiare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 23:22:27 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=J93xOzn36anf2F8TV9CE; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=863030
185.94.236.245200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=863030
IP 185.94.236.245:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1332), with CRLF, LF line terminators
Hash 5a6eeac6fa9f1ee9b26a418670b91026
d87a9707cde490a56c5e3e614c92ce9bd07779d7
2e79b5e0ba19dc47fc23abb39b331b1a00956ad8dfad838fccd5113da8d126c3
GET /adshow.php?adzone=863030 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Jan 2023 23:22:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=61290706493af2040e9351d80b513000; expires=Sun, 14-Jan-2024 23:22:26 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Tue, 17-Jan-2023 23:22:26 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 17-Jan-2023 23:22:26 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
r.trackwilltrk.com/s1/6a00fe35-8151-4945-954c-376afd3df93b?externalId=4f871dba-9462-11ed-a601-e2e38133f3a0&cv1=4f871dba-9462-11ed-a601-e2e38133f3a0&cv2=0c1c5c30286e1db21a741e4b62c8b6e4&cv3=desktop&cv4=62e383b461d6e2197e222e81&cv5=62e3800961d6e26273250a26&cv6=en&cv7=NTVB&cv8=Firefox&cv9=62e294ed61d6e24c01635c17&cv10=1
185.98.53.17200 OK 948 B URL HTTP/1.1 r.trackwilltrk.com/s1/6a00fe35-8151-4945-954c-376afd3df93b?externalId=4f871dba-9462-11ed-a601-e2e38133f3a0&cv1=4f871dba-9462-11ed-a601-e2e38133f3a0&cv2=0c1c5c30286e1db21a741e4b62c8b6e4&cv3=desktop&cv4=62e383b461d6e2197e222e81&cv5=62e3800961d6e26273250a26&cv6=en&cv7=NTVB&cv8=Firefox&cv9=62e294ed61d6e24c01635c17&cv10=1
IP 185.98.53.17:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (752)
Hash 3d95e0074fb314edaa53d06de13d970e
46efbd65e6834859b573893983a06b9969127207
ec57afd92ed41bc96712b0af2a5666b29e433e4b3482cc0df9ab962c3d1f2f5b
GET /s1/6a00fe35-8151-4945-954c-376afd3df93b?externalId=4f871dba-9462-11ed-a601-e2e38133f3a0&cv1=4f871dba-9462-11ed-a601-e2e38133f3a0&cv2=0c1c5c30286e1db21a741e4b62c8b6e4&cv3=desktop&cv4=62e383b461d6e2197e222e81&cv5=62e3800961d6e26273250a26&cv6=en&cv7=NTVB&cv8=Firefox&cv9=62e294ed61d6e24c01635c17&cv10=1 HTTP/1.1
Host: r.trackwilltrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 14 Jan 2023 23:22:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 948
Connection: close
Set-Cookie: uid=dLfApQ3tM; Path=/; Domain=trackwilltrk.com; Expires=Sun, 15 Jan 2023 23:22:28 GMT; HttpOnly
X-Request-Id: b009098c-7ebe-4962-9365-c69f0a75fa1e
creative.xlirdr.com/widgets/Player/main.d17c19682c2115b3d0af.css
104.18.59.150200 OK 29 kB URL HTTP/2 creative.xlirdr.com/widgets/Player/main.d17c19682c2115b3d0af.css
IP 104.18.59.150:0
File type ASCII text, with very long lines (4543), with no line terminators
Hash 0310e3bc81bf3b785411715d18c90b87
effeba2d9b3f594229a591f1daf485a5bd75a16d
4fd2b58852f5a8700ee6bcf37c490522e32825fa68059c4a3ffddac141e47444
GET /widgets/Player/main.d17c19682c2115b3d0af.css HTTP/1.1
Host: creative.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlirdr.com/widgets/Player?autoplay=all&autoplayForce=all&campaignId=b12dbba4a74f1f286b44c367348434fcb52005247fbe29388c0f42e2bb53542e&campaignType=smartpop&creativeId=9d1e7de94c9852b91e149dd135c0f31676824fa6327f94440e0cb99789281fe1&iterationId=164961&masterSmartpopId=0&quality=240p&ruleId=0&showModal=signup&smartpopId=5094&tag=girls%2Fchinese&userId=a857d671ed2ee3f67e327d7a3d55455ceef35f57922f8f8f71c52e413accec69&variationId=27486
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:27 GMT
content-type: text/css
last-modified: Fri, 23 Dec 2022 13:22:58 GMT
etag: W/"63a5abb2-11bf"
expires: Sat, 14 Jan 2023 23:22:31 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 5
vary: Accept-Encoding
server: cloudflare
cf-ray: 789a1d1ffc24b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r.trackwilltrk.com/s1/5ca6e0fe-9e1b-4175-867e-16c8d352b275?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=126401&cv4=252407&cv5=863030&cv6=
185.98.53.17200 OK 890 B URL HTTP/1.1 r.trackwilltrk.com/s1/5ca6e0fe-9e1b-4175-867e-16c8d352b275?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=126401&cv4=252407&cv5=863030&cv6=
IP 185.98.53.17:0
ASN #39572 DataWeb Global Group B.V.
Hash 7a1853b19ecdc50617b3a285fcf5a581
f6e274e8d03d58ef875eea1baede9f325660bdc7
aba1642e70a2e2f312f3f3cc9badd893b3e11d8a57efcdd4c45c2c7e67c787ce
GET /s1/5ca6e0fe-9e1b-4175-867e-16c8d352b275?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=126401&cv4=252407&cv5=863030&cv6= HTTP/1.1
Host: r.trackwilltrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 14 Jan 2023 23:22:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 814
Connection: close
Set-Cookie: uid=HpteM1FaMp; Path=/; Domain=trackwilltrk.com; Expires=Sun, 15 Jan 2023 23:22:28 GMT; HttpOnly
X-Request-Id: f2d48fe7-8f20-4afe-b402-022de71ff8b1
adxadserv.com/ascripts/pxl.js
185.98.53.29200 OK 78 kB URL HTTP/1.1 adxadserv.com/ascripts/pxl.js
IP 185.98.53.29:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (36114)
Hash 8348b78d100940ba1808a8e9b93f2e94
c2aa612dc3256c9f235dcfc6e330d0ecaf957768
9c983adf86ebc949957bdf55d524dfa278a79bea8d13f2efa9512c6dd37b86f5
GET /ascripts/pxl.js HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 14 Jan 2023 23:22:28 GMT
Content-Type: application/javascript
Content-Length: 77806
Connection: keep-alive
Last-Modified: Fri, 25 Sep 2020 09:55:41 GMT
ETag: "5f6dbe9d-12fee"
Expires: Sun, 15 Jan 2023 08:33:52 GMT
Cache-Control: max-age=86400, public
X-77-NZT: AblMCgHQ1iD/RNAAAA
X-77-NZT-Ray: 382b0f1910f934653439c363be1f120c
X-Cache: HIT
X-Age: 53316
X-77-POP: amsterdamNL
X-77-Cache: HIT
Accept-Ranges: bytes
adxadserv.com/px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D62e294ed61d6e24c01635c17%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww2.javhdporn.net%252Fvideo%252Fdass-100-decensored%252F%2526dt%253D1673738548056%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww2.javhdporn.net%252F&d_r=1&d_s=1280x1024&d_w=300x250&t_s=1673738548280&t_i=1673738548294&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=7c705d10-623b-4790-b895-123402c2dbdf&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=4f871dba-9462-11ed-a601-e2e38133f3a0&spid=62e294ed61d6e24c01635c17&fpid_sa=1673738548294&fpid=&feid_sa=1673738548294&sid_sa=1673738548294&feid=040edc668d76714f6406ad8c6cbf2001&sid=053ecc072d82d289d4e53401406ef620&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www2.javhdporn.net&s_rst=1&e_d=%7B%22isResetRequired%22%3Atrue%7D&t_op=0.312
185.98.53.29200 OK 9.8 kB URL HTTP/1.1 adxadserv.com/px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D62e294ed61d6e24c01635c17%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww2.javhdporn.net%252Fvideo%252Fdass-100-decensored%252F%2526dt%253D1673738548056%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww2.javhdporn.net%252F&d_r=1&d_s=1280x1024&d_w=300x250&t_s=1673738548280&t_i=1673738548294&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=7c705d10-623b-4790-b895-123402c2dbdf&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=4f871dba-9462-11ed-a601-e2e38133f3a0&spid=62e294ed61d6e24c01635c17&fpid_sa=1673738548294&fpid=&feid_sa=1673738548294&sid_sa=1673738548294&feid=040edc668d76714f6406ad8c6cbf2001&sid=053ecc072d82d289d4e53401406ef620&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www2.javhdporn.net&s_rst=1&e_d=%7B%22isResetRequired%22%3Atrue%7D&t_op=0.312
IP 185.98.53.29:0
ASN #39572 DataWeb Global Group B.V.
Hash 0f8402c9567e6a93b8e3b3aaade22616
4ab4c53d15725f1603152cf10e29a19d2202b62e
57af771ea73d4b6dd372df407deb4a55042a04d4dacad7ad1124a208f6e368be
GET /px/event/v1?e_t=pageview&url=https%253A%252F%252Fads.adxadserv.com%252Fad%253Fspotid%253D62e294ed61d6e24c01635c17%2526type%253D300x250%2526output%253Dhtml%2526extra1%253D0%2526ref%253Dhttps%25253A%252F%252Fwww2.javhdporn.net%252Fvideo%252Fdass-100-decensored%252F%2526dt%253D1673738548056%2526screen%253D1280x1024%2526tags%253D&ref=https%253A%252F%252Fwww2.javhdporn.net%252F&d_r=1&d_s=1280x1024&d_w=300x250&t_s=1673738548280&t_i=1673738548294&u_tz=0&u_l=en-US&u_l2=&u_l3=&pv_uid=7c705d10-623b-4790-b895-123402c2dbdf&nav_rc=0&nav_nt=NAVIGATE&p_nn=adxad-rtb&p_pt=IFRAME&imid=4f871dba-9462-11ed-a601-e2e38133f3a0&spid=62e294ed61d6e24c01635c17&fpid_sa=1673738548294&fpid=&feid_sa=1673738548294&sid_sa=1673738548294&feid=040edc668d76714f6406ad8c6cbf2001&sid=053ecc072d82d289d4e53401406ef620&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www2.javhdporn.net&s_rst=1&e_d=%7B%22isResetRequired%22%3Atrue%7D&t_op=0.312 HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 14 Jan 2023 23:22:28 GMT
Content-Length: 0
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5096e7b4acfb3c25ad6e032c3e07f7db
527d44aec0f0941d879210f0e1f250becef81ca1
b395970116bc7161845b61ed5f225abbfb3eb89d887fd3b32381e4674d7be632
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B395970116BC7161845B61ED5F225ABBFB3EB89D887FD3B32381E4674D7BE632"
Last-Modified: Thu, 12 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4294
Expires: Sun, 15 Jan 2023 00:34:02 GMT
Date: Sat, 14 Jan 2023 23:22:28 GMT
Connection: keep-alive
static.javhd.com/h5/files/overlay/1602-overlay-preview.png
185.76.9.21200 OK 1.5 kB URL HTTP/2 static.javhd.com/h5/files/overlay/1602-overlay-preview.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 7083a71bc40e5d85670940c518cacca2
a2caeb7c6ca3960af2881434fb0df0c2241d7288
7c4049c76ecd35b05855df0c6ce7e1157213d9fb92c3b2b05ebf9b5d9bdff03a
GET /h5/files/overlay/1602-overlay-preview.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhdhello.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:28 GMT
content-type: image/png
content-length: 1546
last-modified: Wed, 20 Apr 2022 13:56:48 GMT
etag: "62601120-60a"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRRYMKf/4843AQ
x-77-nzt-ray: af5856302505c87c3439c363eee7f51b
x-cache: HIT
x-age: 20434659
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhd.com/h5/files/overlay/1602-overlay.png
185.76.9.21200 OK 1.8 kB URL HTTP/2 static.javhd.com/h5/files/overlay/1602-overlay.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash f4403fc07b7c414db6ec613317885035
457d3e8f9e9fb0456292efdbd5f18b318e804ea7
00ffbfa9483f4a6e8b85b6ab368a9547cf29e54c1aeb2bfcf81f34ec2bf50ee7
GET /h5/files/overlay/1602-overlay.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhdhello.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:28 GMT
content-type: image/png
content-length: 1839
last-modified: Wed, 20 Apr 2022 13:56:47 GMT
etag: "6260111f-72f"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRSgbLH/4843AQ
x-77-nzt-ray: af5856302505c87c3439c363c5e1f91b
x-cache: HIT
x-age: 20434659
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhd.com/h5/files/button/29-button.png
185.76.9.21200 OK 733 B URL HTTP/2 static.javhd.com/h5/files/button/29-button.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 82a66a2d222379716ca9a03ff50d8f42
ae43d917ff791f9172edc527baa6266416182aaa
cc5da7b40e498d30bf5eaae43e59cae32202737076422676489dd8d3030803de
GET /h5/files/button/29-button.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhdhello.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:28 GMT
content-type: image/png
content-length: 733
last-modified: Tue, 22 Dec 2015 18:41:22 GMT
etag: "56799952-2dd"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRSEMRj/4843AQ
x-77-nzt-ray: af5856302505c87c3439c363da10fd1b
x-cache: HIT
x-age: 20434659
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhdhello.com/h5/files/15540/728x90.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ffbd42c1a-ff88-41a8-a782-a9e78ce44403%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D126401%26cv4%3D252407%26cv5%3D863030%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NTUsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MSwicCI6MSwicyI6MjIxMTR9
185.76.9.21200 OK 1.7 kB URL HTTP/2 static.javhdhello.com/h5/files/15540/728x90.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ffbd42c1a-ff88-41a8-a782-a9e78ce44403%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D126401%26cv4%3D252407%26cv5%3D863030%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NTUsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MSwicCI6MSwicyI6MjIxMTR9
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
Hash 61193eeb5b7c4ebb741618f2e63fa289
1fffb7323b6c3cf86b77f779770e49547136bd41
4aec871b536eafb4c10e46a157a7e2765b140fc17bee0cb3d3dec3a6f4ca6db7
GET /h5/files/15540/728x90.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ffbd42c1a-ff88-41a8-a782-a9e78ce44403%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D126401%26cv4%3D252407%26cv5%3D863030%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NTUsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MSwicCI6MSwicyI6MjIxMTR9 HTTP/1.1
Host: static.javhdhello.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trackwilltrk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:28 GMT
content-type: text/html
last-modified: Mon, 07 Feb 2022 07:42:09 GMT
etag: W/"6200cd51-c7f"
expires: Sun, 25 Dec 2022 07:51:06 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1674551598
server: CDN77-Turbo
x-77-nzt: AblMCRTrehH/BiUbAA
x-77-nzt-ray: af5856302505c87c3439c36365944a11
x-cache: HIT
x-age: 1778950
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
static.javhd.com/h5/files/overlay/16-overlay.png
185.76.9.21200 OK 4.2 kB URL HTTP/2 static.javhd.com/h5/files/overlay/16-overlay.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash d66274c14945df9c552f3f29b2edb39e
ab31d71d26c8486aa6e5662459341e1db4171ecb
eca2a576dcb0e650c0701e96f1d4e7336cd0adc970cedbc7e8a72638ca2aa43e
GET /h5/files/overlay/16-overlay.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhdhello.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:28 GMT
content-type: image/png
content-length: 4224
last-modified: Tue, 06 Feb 2018 18:15:47 GMT
etag: "5a79f0d3-1080"
expires: Tue, 23 May 2023 11:06:00 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839960
server: CDN77-Turbo
x-77-nzt: AblMCRTusoH/nM43AQ
x-77-nzt-ray: af5856302505c87c3439c363aaca021c
x-cache: HIT
x-age: 20434588
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhd.com/h5/files/button/19-button.png
185.76.9.21200 OK 504 B URL HTTP/2 static.javhd.com/h5/files/button/19-button.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 6b9292b2f016f0dca094f08e98b10e4f
032fb37c0956d518c289b727d4f2b1f7d300f9e1
549b9bd0060e105223af22424e20b6dce5b9276b90bda0af13a1b0fc503bd673
GET /h5/files/button/19-button.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhdhello.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:28 GMT
content-type: image/png
content-length: 504
last-modified: Fri, 11 Dec 2015 19:04:22 GMT
etag: "566b1e36-1f8"
expires: Tue, 23 May 2023 11:05:06 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839906
server: CDN77-Turbo
x-77-nzt: AblMCRQy0zT/0s43AQ
x-77-nzt-ray: af5856302505c87c3439c363e5b3051c
x-cache: HIT
x-age: 20434642
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhd.com/h5/files/video/3849-30453-300x250.medium.mp4
185.76.9.21206 Partial Content 432 kB URL HTTP/2 static.javhd.com/h5/files/video/3849-30453-300x250.medium.mp4
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 432 kB (431883 bytes)
Hash 1c6cc0e006fbcbe3ea94216b9bc0dcef
fe8ee7a562043af39d0b9422eb09ee7bcd26a4a3
2de8221645cf78c35fa8dd9396999c833b46ec732af49b87655349f9c1f4c42e
GET /h5/files/video/3849-30453-300x250.medium.mp4 HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://static.javhdhello.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Sat, 14 Jan 2023 23:22:28 GMT
content-type: video/mp4
content-length: 431883
last-modified: Mon, 07 Feb 2022 07:42:29 GMT
etag: "6200cd65-6970b"
expires: Tue, 24 May 2022 11:04:49 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-accel-expires: @1673784669
server: CDN77-Turbo
x-77-nzt: AblMCRQTuHb/V50AAA
x-77-nzt-ray: af5856302505c87c3439c363d3a8221f
x-cache: HIT
x-age: 40279
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-431882/431883
X-Firefox-Spdy: h2
static.javhd.com/h5/files/video/3189-24876-728x90.medium.mp4
185.76.9.21206 Partial Content 523 kB URL HTTP/2 static.javhd.com/h5/files/video/3189-24876-728x90.medium.mp4
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 523 kB (523070 bytes)
Hash 7afb753a3f506f7a42e47f5cf6f17a09
4687980db9a38006389264a9ae951f962c704f9a
94c347a11aae7ddc48698d16c64cc0b097e210f75115420eb023f25b3830199b
GET /h5/files/video/3189-24876-728x90.medium.mp4 HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://static.javhdhello.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Sat, 14 Jan 2023 23:22:28 GMT
content-type: video/mp4
content-length: 523070
last-modified: Mon, 07 Feb 2022 07:42:08 GMT
etag: "6200cd50-7fb3e"
expires: Tue, 24 May 2022 11:06:09 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-accel-expires: @1673792289
server: CDN77-Turbo
x-77-nzt: AblMCRSsxcr/k38AAA
x-77-nzt-ray: af5856302505c87c3439c363ac0c281f
x-cache: HIT
x-age: 32659
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-523069/523070
X-Firefox-Spdy: h2
static.javhdhello.com/h5/files/overlay/1561-overlay-preview.png
185.76.9.21200 OK 731 B URL HTTP/2 static.javhdhello.com/h5/files/overlay/1561-overlay-preview.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash cf636f543f2dde28b2343dcaf6d8e658
de9f6ab0500c3503be5df3404b7a144c033da904
204ebde2ec395135f92bf5c7dac63ef66bacab9eecb38c406d26027f450b5c8f
GET /h5/files/overlay/1561-overlay-preview.png HTTP/1.1
Host: static.javhdhello.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:28 GMT
content-type: image/png
content-length: 731
last-modified: Mon, 13 Dec 2021 14:58:13 GMT
etag: "61b75f85-2db"
expires: Sat, 16 Dec 2023 14:18:23 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1702736303
server: CDN77-Turbo
x-77-nzt: AblMCRQ8XwD/BbsmAA
x-77-nzt-ray: af5856302505c87c3439c36375e7a726
x-cache: HIT
x-age: 2538245
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhdhello.com/h5/files/overlay/1561-overlay.png
185.76.9.21200 OK 6.7 kB URL HTTP/2 static.javhdhello.com/h5/files/overlay/1561-overlay.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 312b0feee428bd7e53ded623e58f1efc
819289508710fa9dbd7ec9a18c40820acd5849b2
eb23b84ca057e9fedc6adb2bb8e6312836648549a475fb84506c77bbef0b654c
GET /h5/files/overlay/1561-overlay.png HTTP/1.1
Host: static.javhdhello.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:28 GMT
content-type: image/png
content-length: 6652
last-modified: Mon, 13 Dec 2021 14:58:13 GMT
etag: "61b75f85-19fc"
expires: Sat, 16 Dec 2023 14:18:23 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1702736303
server: CDN77-Turbo
x-77-nzt: AblMCRTE31X/BbsmAA
x-77-nzt-ray: af5856302505c87c3439c36318f2ab26
x-cache: HIT
x-age: 2538245
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhdhello.com/h5/files/button/29-button.png
185.76.9.21200 OK 733 B URL HTTP/2 static.javhdhello.com/h5/files/button/29-button.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 82a66a2d222379716ca9a03ff50d8f42
ae43d917ff791f9172edc527baa6266416182aaa
cc5da7b40e498d30bf5eaae43e59cae32202737076422676489dd8d3030803de
GET /h5/files/button/29-button.png HTTP/1.1
Host: static.javhdhello.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:28 GMT
content-type: image/png
content-length: 733
last-modified: Tue, 22 Dec 2015 18:41:22 GMT
etag: "56799952-2dd"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRQk3+L/4843AQ
x-77-nzt-ray: af5856302505c87c3439c3634ee9ae26
x-cache: HIT
x-age: 20434659
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhdhello.com/h5/files/video/183-17551-300x250.medium.mp4
185.76.9.21206 Partial Content 694 kB URL HTTP/2 static.javhdhello.com/h5/files/video/183-17551-300x250.medium.mp4
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 694 kB (693747 bytes)
Hash a97eff51e55c7359c16317d9b0c9b740
a2dd3f862a73d37eea19143f8af17401b85384f5
156b218547d6601c103bf36c3de8e49b71dd5d90c0289408a850c5f854e37b81
GET /h5/files/video/183-17551-300x250.medium.mp4 HTTP/1.1
Host: static.javhdhello.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://static.javhd.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Sat, 14 Jan 2023 23:22:28 GMT
content-type: video/mp4
content-length: 693747
last-modified: Fri, 16 Dec 2022 12:13:03 GMT
etag: "639c60cf-a95f3"
expires: Sat, 17 Dec 2022 15:54:22 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-accel-expires: @1673802311
server: CDN77-Turbo
x-77-nzt: AblMCRSS5nP/bVgAAA
x-77-nzt-ray: af5856302505c87c3439c363f63b9e29
x-cache: HIT
x-age: 22637
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-693746/693747
X-Firefox-Spdy: h2
blacknesskeepplan.com/sbar.json?key=1161294bdf84d07019f576208d7911a6&uuid=e5c8821a-e397-4dfd-9b76-231cf8931b11%3A2%3A1
173.233.137.60200 OK 5.3 kB URL HTTP/1.1 blacknesskeepplan.com/sbar.json?key=1161294bdf84d07019f576208d7911a6&uuid=e5c8821a-e397-4dfd-9b76-231cf8931b11%3A2%3A1
IP 173.233.137.60:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (7312), with no line terminators
Hash a9e85df37d3de0e526726c98be9e9163
09dcbba782a0a4d6aafea005809501226d6266dc
618dc2580443f5bb66f5f29c66a9765b98b15d922ddd7c0dff28c2acdea52451
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=1161294bdf84d07019f576208d7911a6&uuid=e5c8821a-e397-4dfd-9b76-231cf8931b11%3A2%3A1 HTTP/1.1
Host: blacknesskeepplan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www2.javhdporn.net
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 23:22:28 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www2.javhdporn.net
Access-Control-Allow-Origin: https://www2.javhdporn.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17363410; expires=Sun, 15 Jan 2023 23:22:28 GMT; secure; SameSite=None
uid_id2=e5c8821a-e397-4dfd-9b76-231cf8931b11:2:1; expires=Sat, 21 Jan 2023 23:22:28 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 15 Jan 2023 23:22:28 GMT; secure; SameSite=None
uncs=1; expires=Sun, 15 Jan 2023 23:22:28 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 15 Jan 2023 23:22:28 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 15 Jan 2023 23:22:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b1b4e47bc861ad49462b0d836d353b7f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
blacknesskeepplan.com/ren.gif?sid=H4sIAAAAAAAC%2F6xUT4gcRRev3uSD7%2BO7qMSDYLBxJERwZ7vnz850lrAm2U0cstlddjcEvITqrurZylRXNVXV07N7CkYlBw9rENGApPdNNms0muQYRJBZQWTwsCMY5uAevCiCkCh48SIzuxI9CB58h36%2Fx6%2B76%2Fd771Gvryc7yIEE9%2BfPyFXGOR4r5x378DkmiEy1Pbtku07embDPMTFemrBbg4dqHnGdct553j5Fg4YcKziu47iOa59kioayNTZkgcW3PDfvOflSIe%2BWS9BSf611YoHGFpDmDnoCGOn9Z%2FnLu8CCDojozhTVDSPjF6ajhGMjFTTJ5lnREDIVED2CobIgFJt7b4PUPYTeGQEpNvccgGxeHzgAn%2FWQdd8FX2zuyQS%2FubGr1OdABfjk%2F5A2O0B5BxjuQCAvASPbCCAgMDsHIroxK1WKV3ZZPGB7aP%2BvvwBLe2j%2FtwdARB8f56xlL0qeGCaFhlaYAWt1gNU7ECdbYFYtYOkWBOYVYASBiDJgpP8cLQfVasHFo7ToVUZLJCSjnl8ZHy0U3SCsekXXd91haxjrAAs7wOkaYD0CibYgYRYkoQVJbEFE%2BjYue6HjVEI%2FLBarpSAIisUgKFfHSZkUS9XQgSQYaF8DE69BwNcgUBchVhehwa5sl5%2FuIXTlAqjkM9DLGWhigTYImiSDlCJINYIUI0gZgtQgSJvZBuG6oLMbhOvEd%2FdyYS8Xs7Y09XW8IU2dCrQe76DHB42z%2FvuwBw3at1133C14JZ%2BE1RJxKo7rheXKeMGpkornungcNMuA6RHA2oJV1kMHvjsIMeuhkYmH4OMOaN6BgD0GODkIOG1XCg7g5Xap6sCq%2BOgCbi6TWCqRF9QAkRnEZj%2BYFWud76CnhhOsbP4ANOi%2BaP10%2BI3v992BQGUQqwwusM8R1Pnl9oJM0fUFmWp0dy42LGKreDDdRYMNRR%2BcpiupVKQ2pdduHgsGxADeWqLazGBBmKhr9OFxRghVJ6UKKPq0ps9Rfz7Ry8cTJZJ4Zv7EyVoUK6o1k6IDmG23XoaA9dD%2FvukO9%2FYg%2FgqY2gKV9KeWjYmPjI0FnAWNfBzwRl7giO7Wk5pic7Q47jmFwiFMGPkDs6NnvXpUxXOuw2rnHYiS7uS9dwdxFZjsQBC%2FejOXW6otzUzncv2xB9fe2lhiRPu0rqjQ1NiGcT8hR2zXcRx7du60HUplE1q3H1y7evF2Ljc1vXhioTa%2FVJubzeX6zy42VgQZ8lsbdri1YTcpb8hIG1%2BKRD%2B4duXO7Vxu5tjCqenztTPHTg0OfelvjJnlJPIFZvyfmns%2Fl6udGMpY%2BLd%2BeYhFdXOUBVKAjrtoL0BLBIo%2Fqv3YgjTJ2qrgdyff%2FvkZfmv7NeCshybuzQGn3clP3rv%2F5G8%2FfgHYz0DTP334CK%2Fry1BXFmBzaXg5NFUGTZ4B5mugk31tE6vu5NfFYYDPrbbPlXXd54q%2FubvJmvVtWg6dkDoF6oeeH1awQ7yw5PnYc2nFL2MXjO4FW17pdwAAAP%2F%2FAQAA%2F%2F%2FPfHlh%2FgUAAA%3D%3D
173.233.137.60200 OK 7 B URL HTTP/1.1 blacknesskeepplan.com/ren.gif?sid=H4sIAAAAAAAC%2F6xUT4gcRRev3uSD7%2BO7qMSDYLBxJERwZ7vnz850lrAm2U0cstlddjcEvITqrurZylRXNVXV07N7CkYlBw9rENGApPdNNms0muQYRJBZQWTwsCMY5uAevCiCkCh48SIzuxI9CB58h36%2Fx6%2B76%2Fd771Gvryc7yIEE9%2BfPyFXGOR4r5x378DkmiEy1Pbtku07embDPMTFemrBbg4dqHnGdct553j5Fg4YcKziu47iOa59kioayNTZkgcW3PDfvOflSIe%2BWS9BSf611YoHGFpDmDnoCGOn9Z%2FnLu8CCDojozhTVDSPjF6ajhGMjFTTJ5lnREDIVED2CobIgFJt7b4PUPYTeGQEpNvccgGxeHzgAn%2FWQdd8FX2zuyQS%2FubGr1OdABfjk%2F5A2O0B5BxjuQCAvASPbCCAgMDsHIroxK1WKV3ZZPGB7aP%2BvvwBLe2j%2FtwdARB8f56xlL0qeGCaFhlaYAWt1gNU7ECdbYFYtYOkWBOYVYASBiDJgpP8cLQfVasHFo7ToVUZLJCSjnl8ZHy0U3SCsekXXd91haxjrAAs7wOkaYD0CibYgYRYkoQVJbEFE%2BjYue6HjVEI%2FLBarpSAIisUgKFfHSZkUS9XQgSQYaF8DE69BwNcgUBchVhehwa5sl5%2FuIXTlAqjkM9DLGWhigTYImiSDlCJINYIUI0gZgtQgSJvZBuG6oLMbhOvEd%2FdyYS8Xs7Y09XW8IU2dCrQe76DHB42z%2FvuwBw3at1133C14JZ%2BE1RJxKo7rheXKeMGpkornungcNMuA6RHA2oJV1kMHvjsIMeuhkYmH4OMOaN6BgD0GODkIOG1XCg7g5Xap6sCq%2BOgCbi6TWCqRF9QAkRnEZj%2BYFWud76CnhhOsbP4ANOi%2BaP10%2BI3v992BQGUQqwwusM8R1Pnl9oJM0fUFmWp0dy42LGKreDDdRYMNRR%2BcpiupVKQ2pdduHgsGxADeWqLazGBBmKhr9OFxRghVJ6UKKPq0ps9Rfz7Ry8cTJZJ4Zv7EyVoUK6o1k6IDmG23XoaA9dD%2FvukO9%2FYg%2FgqY2gKV9KeWjYmPjI0FnAWNfBzwRl7giO7Wk5pic7Q47jmFwiFMGPkDs6NnvXpUxXOuw2rnHYiS7uS9dwdxFZjsQBC%2FejOXW6otzUzncv2xB9fe2lhiRPu0rqjQ1NiGcT8hR2zXcRx7du60HUplE1q3H1y7evF2Ljc1vXhioTa%2FVJubzeX6zy42VgQZ8lsbdri1YTcpb8hIG1%2BKRD%2B4duXO7Vxu5tjCqenztTPHTg0OfelvjJnlJPIFZvyfmns%2Fl6udGMpY%2BLd%2BeYhFdXOUBVKAjrtoL0BLBIo%2Fqv3YgjTJ2qrgdyff%2FvkZfmv7NeCshybuzQGn3clP3rv%2F5G8%2FfgHYz0DTP334CK%2Fry1BXFmBzaXg5NFUGTZ4B5mugk31tE6vu5NfFYYDPrbbPlXXd54q%2FubvJmvVtWg6dkDoF6oeeH1awQ7yw5PnYc2nFL2MXjO4FW17pdwAAAP%2F%2FAQAA%2F%2F%2FPfHlh%2FgUAAA%3D%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F6xUT4gcRRev3uSD7%2BO7qMSDYLBxJERwZ7vnz850lrAm2U0cstlddjcEvITqrurZylRXNVXV07N7CkYlBw9rENGApPdNNms0muQYRJBZQWTwsCMY5uAevCiCkCh48SIzuxI9CB58h36%2Fx6%2B76%2Fd771Gvryc7yIEE9%2BfPyFXGOR4r5x378DkmiEy1Pbtku07embDPMTFemrBbg4dqHnGdct553j5Fg4YcKziu47iOa59kioayNTZkgcW3PDfvOflSIe%2BWS9BSf611YoHGFpDmDnoCGOn9Z%2FnLu8CCDojozhTVDSPjF6ajhGMjFTTJ5lnREDIVED2CobIgFJt7b4PUPYTeGQEpNvccgGxeHzgAn%2FWQdd8FX2zuyQS%2FubGr1OdABfjk%2F5A2O0B5BxjuQCAvASPbCCAgMDsHIroxK1WKV3ZZPGB7aP%2BvvwBLe2j%2FtwdARB8f56xlL0qeGCaFhlaYAWt1gNU7ECdbYFYtYOkWBOYVYASBiDJgpP8cLQfVasHFo7ToVUZLJCSjnl8ZHy0U3SCsekXXd91haxjrAAs7wOkaYD0CibYgYRYkoQVJbEFE%2BjYue6HjVEI%2FLBarpSAIisUgKFfHSZkUS9XQgSQYaF8DE69BwNcgUBchVhehwa5sl5%2FuIXTlAqjkM9DLGWhigTYImiSDlCJINYIUI0gZgtQgSJvZBuG6oLMbhOvEd%2FdyYS8Xs7Y09XW8IU2dCrQe76DHB42z%2FvuwBw3at1133C14JZ%2BE1RJxKo7rheXKeMGpkornungcNMuA6RHA2oJV1kMHvjsIMeuhkYmH4OMOaN6BgD0GODkIOG1XCg7g5Xap6sCq%2BOgCbi6TWCqRF9QAkRnEZj%2BYFWud76CnhhOsbP4ANOi%2BaP10%2BI3v992BQGUQqwwusM8R1Pnl9oJM0fUFmWp0dy42LGKreDDdRYMNRR%2BcpiupVKQ2pdduHgsGxADeWqLazGBBmKhr9OFxRghVJ6UKKPq0ps9Rfz7Ry8cTJZJ4Zv7EyVoUK6o1k6IDmG23XoaA9dD%2FvukO9%2FYg%2FgqY2gKV9KeWjYmPjI0FnAWNfBzwRl7giO7Wk5pic7Q47jmFwiFMGPkDs6NnvXpUxXOuw2rnHYiS7uS9dwdxFZjsQBC%2FejOXW6otzUzncv2xB9fe2lhiRPu0rqjQ1NiGcT8hR2zXcRx7du60HUplE1q3H1y7evF2Ljc1vXhioTa%2FVJubzeX6zy42VgQZ8lsbdri1YTcpb8hIG1%2BKRD%2B4duXO7Vxu5tjCqenztTPHTg0OfelvjJnlJPIFZvyfmns%2Fl6udGMpY%2BLd%2BeYhFdXOUBVKAjrtoL0BLBIo%2Fqv3YgjTJ2qrgdyff%2FvkZfmv7NeCshybuzQGn3clP3rv%2F5G8%2FfgHYz0DTP334CK%2Fry1BXFmBzaXg5NFUGTZ4B5mugk31tE6vu5NfFYYDPrbbPlXXd54q%2FubvJmvVtWg6dkDoF6oeeH1awQ7yw5PnYc2nFL2MXjO4FW17pdwAAAP%2F%2FAQAA%2F%2F%2FPfHlh%2FgUAAA%3D%3D HTTP/1.1
Host: blacknesskeepplan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Cookie: u_pl=17363410; uid_id2=e5c8821a-e397-4dfd-9b76-231cf8931b11:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 23:22:28 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 86461c8e3689b0c6283ba1477087bd69
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8d21c11d27d426a1a36bd21372633a93
27ef15e0c5d22b1cb82676f8f59269e421fb670b
11cca01c4774096fd0daa67e7ad634a41d0566eba6c4c00fa955684c2823706a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11CCA01C4774096FD0DAA67E7AD634A41D0566EBA6C4C00FA955684C2823706A"
Last-Modified: Sat, 14 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9801
Expires: Sun, 15 Jan 2023 02:05:50 GMT
Date: Sat, 14 Jan 2023 23:22:29 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c331e41511bd05226650d40b8134e1c1
6b0f9c3b3417bbe2e1517fe27f233ba22b5f9653
d64e1826a4046fe7ca0dfae40e5a93b617e1d1de12b40d40cec60b120a29bd77
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D64E1826A4046FE7CA0DFAE40E5A93B617E1D1DE12B40D40CEC60B120A29BD77"
Last-Modified: Sat, 14 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5511
Expires: Sun, 15 Jan 2023 00:54:20 GMT
Date: Sat, 14 Jan 2023 23:22:29 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c331e41511bd05226650d40b8134e1c1
6b0f9c3b3417bbe2e1517fe27f233ba22b5f9653
d64e1826a4046fe7ca0dfae40e5a93b617e1d1de12b40d40cec60b120a29bd77
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D64E1826A4046FE7CA0DFAE40E5A93B617E1D1DE12B40D40CEC60B120A29BD77"
Last-Modified: Sat, 14 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5511
Expires: Sun, 15 Jan 2023 00:54:20 GMT
Date: Sat, 14 Jan 2023 23:22:29 GMT
Connection: keep-alive
blacknesskeepplan.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2F%2Fsb%2Fnotifications%2Frtb%2Fsocial%2Ffacebook%2F1-1%2Findex.html&l=1222&fd=305
173.233.137.60200 OK 0 B URL HTTP/1.1 blacknesskeepplan.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2F%2Fsb%2Fnotifications%2Frtb%2Fsocial%2Ffacebook%2F1-1%2Findex.html&l=1222&fd=305
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2F%2Fsb%2Fnotifications%2Frtb%2Fsocial%2Ffacebook%2F1-1%2Findex.html&l=1222&fd=305 HTTP/1.1
Host: blacknesskeepplan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Cookie: u_pl=17363410; uid_id2=e5c8821a-e397-4dfd-9b76-231cf8931b11:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 23:22:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/rtb/social/facebook/1-1/img/close.svg
172.64.166.9200 OK 930 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/rtb/social/facebook/1-1/img/close.svg
IP 172.64.166.9:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 73e90914cc284ea779fff79b61c1b5ef
0e0ab4736fb2b0ba1a4557c6c40004844f12a2a8
ad117b2322552913779bc9b9f0575473500eff32a16ebb1af07bb3458cb8f388
GET /sb/notifications/rtb/social/facebook/1-1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:29 GMT
content-type: image/svg+xml
last-modified: Tue, 24 May 2022 12:11:20 GMT
etag: W/"628ccb68-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 731914
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQWQZeE3dI6NT5zL%2BAHC6k6kojWkYweRGEzFeXGxAnrq070F5pwps4SLAO0uaW%2FjVYAgr4xffla1pxeGizHmt9t9u%2BMHnclF2PuzTDheOY0tag8a1ctoePYDCrSRTIrFuLvOz5HFXi3T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 789a1d2d3cca073a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ffa4176a77544b2eb9550ee2bafbd578
a2473bfa84349de504b4784106d96dd065aea5bc
0c4cc932462aacd445d8e0a4990693095a92d3664de856339697d6cdaf4b93a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C4CC932462AACD445D8E0A4990693095A92D3664DE856339697D6CDAF4B93A2"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20083
Expires: Sun, 15 Jan 2023 04:57:12 GMT
Date: Sat, 14 Jan 2023 23:22:29 GMT
Connection: keep-alive
go.xlirdr.com/config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2FPlayer%3Fautoplay%3Dall%26autoplayForce%3Dall%26campaignId%3Db12dbba4a74f1f286b44c367348434fcb52005247fbe29388c0f42e2bb53542e%26campaignType%3Dsmartpop%26creativeId%3D9d1e7de94c9852b91e149dd135c0f31676824fa6327f94440e0cb99789281fe1%26iterationId%3D164961%26masterSmartpopId%3D0%26quality%3D240p%26ruleId%3D0%26showModal%3Dsignup%26smartpopId%3D5094%26tag%3Dgirls%252Fchinese%26userId%3Da857d671ed2ee3f67e327d7a3d55455ceef35f57922f8f8f71c52e413accec69%26variationId%3D27486
104.18.59.150200 OK 2.4 kB URL HTTP/2 go.xlirdr.com/config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2FPlayer%3Fautoplay%3Dall%26autoplayForce%3Dall%26campaignId%3Db12dbba4a74f1f286b44c367348434fcb52005247fbe29388c0f42e2bb53542e%26campaignType%3Dsmartpop%26creativeId%3D9d1e7de94c9852b91e149dd135c0f31676824fa6327f94440e0cb99789281fe1%26iterationId%3D164961%26masterSmartpopId%3D0%26quality%3D240p%26ruleId%3D0%26showModal%3Dsignup%26smartpopId%3D5094%26tag%3Dgirls%252Fchinese%26userId%3Da857d671ed2ee3f67e327d7a3d55455ceef35f57922f8f8f71c52e413accec69%26variationId%3D27486
IP 104.18.59.150:0
File type JSON data\012- , ASCII text
Hash 38cf390f8aa516e643c2d8a5c863fe6e
8005dfd842c01e3bebc8c51df7973bfaa5a6e945
850c79191f097632fa85b073e2212288c9aa592ff44a80356c945ac36b8d114e
GET /config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2FPlayer%3Fautoplay%3Dall%26autoplayForce%3Dall%26campaignId%3Db12dbba4a74f1f286b44c367348434fcb52005247fbe29388c0f42e2bb53542e%26campaignType%3Dsmartpop%26creativeId%3D9d1e7de94c9852b91e149dd135c0f31676824fa6327f94440e0cb99789281fe1%26iterationId%3D164961%26masterSmartpopId%3D0%26quality%3D240p%26ruleId%3D0%26showModal%3Dsignup%26smartpopId%3D5094%26tag%3Dgirls%252Fchinese%26userId%3Da857d671ed2ee3f67e327d7a3d55455ceef35f57922f8f8f71c52e413accec69%26variationId%3D27486 HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Origin: https://creative.xlirdr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:27 GMT
content-type: application/json
access-control-allow-origin: *
last-modified: Sat, 14 Jan 2023 23:08:59 GMT
cf-cache-status: HIT
age: 122
vary: Accept-Encoding
server: cloudflare
cf-ray: 789a1d20cea9b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blacknesskeepplan.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fsocial%2Ffacebook%2F1-1%2Fjs%2Fscript.js&l=802&fd=33
173.233.137.60200 OK 0 B URL HTTP/1.1 blacknesskeepplan.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fsocial%2Ffacebook%2F1-1%2Fjs%2Fscript.js&l=802&fd=33
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fsocial%2Ffacebook%2F1-1%2Fjs%2Fscript.js&l=802&fd=33 HTTP/1.1
Host: blacknesskeepplan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Cookie: u_pl=17363410; uid_id2=e5c8821a-e397-4dfd-9b76-231cf8931b11:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 23:22:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
blacknesskeepplan.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fsocial%2Ffacebook%2F1-1%2Fcss%2Fstyle.css&l=6698&fd=112
173.233.137.60200 OK 0 B URL HTTP/1.1 blacknesskeepplan.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fsocial%2Ffacebook%2F1-1%2Fcss%2Fstyle.css&l=6698&fd=112
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Frtb%2Fsocial%2Ffacebook%2F1-1%2Fcss%2Fstyle.css&l=6698&fd=112 HTTP/1.1
Host: blacknesskeepplan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Cookie: u_pl=17363410; uid_id2=e5c8821a-e397-4dfd-9b76-231cf8931b11:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 23:22:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
click.pclk.name/thumbnail?seat=369022&adid=369022&i=U9gm8aO10iI_0&imgt=icon
173.239.53.24302 Found 0 B URL HTTP/1.1 click.pclk.name/thumbnail?seat=369022&adid=369022&i=U9gm8aO10iI_0&imgt=icon
IP 173.239.53.24:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?seat=369022&adid=369022&i=U9gm8aO10iI_0&imgt=icon HTTP/1.1
Host: click.pclk.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://us.karoon.xyz/metrics/save.img?event=impressions&bid-id=v2-1673738548647-7-8077-1178228-27c613f8-7f2a-6109-2d5b-59c2e00563f1&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3DJhhJbtNI_8sEWpz80rYO0tEuPQuqe5Ru5Dh8474AGyD5U-m_3zBXaZaWakD-wQ3zrunthgxvOdYOEGNQD8dK78yUUHJUD-OMLW4PzYWJxVv9E8_aBig9T_n-PJk-o4p-qd3HFuHW1QTW2CaJes0JgYOJY485R5oPyUBNPEOdKbBTnOjAF_unFqTxjsmp55_kxvT89MuXtlkPVWq0tlz7OUrfycN5LtYcxCjcCPn5wKmgJt0uBnDzv84ocQwmEDn9ngQ6JDLDgzpO2A3FQnMiVNubPL7CQbJK96nPPFQq1vQS97f4uKBcVk2BWab4Pdonk0x-qWoQeDSTkfwzHQS7j9MrCQ6pI6n1rTdCXqx0FR0Rtz66G3xvcKWMMx2BGTIg2kWmh1C1LiX19miMyAhpyh4O89enjx88pQfvkhaU8s5We9HfvUfGs6pk_OvMET_E5ZYclnfnMxqopJ7X4RJo9ZOzlnZAr9cVPm5wF7emTB3U_mRtc3OHj-FPOnDjsL2ztupuezihnfCgpm-l4GBYpiKixXrN4lm5s_0A_zVrq0DMsed_vS6j7hloKGL12_wmUr0_-z-0uZLWpRdrtJx0VEo7Kiv_kc7eKZ_fmqnxq5G-Ldez
Pragma: no-cache
unseenreport.com/pxf.gif?uuid=e5c8821a-e397-4dfd-9b76-231cf8931b11&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=1161294bdf84d07019f576208d7911a6&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=e5c8821a-e397-4dfd-9b76-231cf8931b11&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=1161294bdf84d07019f576208d7911a6&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=e5c8821a-e397-4dfd-9b76-231cf8931b11&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=1161294bdf84d07019f576208d7911a6&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 14 Jan 2023 23:22:29 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d82458703bc3c12d0cdb0ceabb35f2dd
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:22:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.javhd.com/h5/files/16821/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Fcfab7283-f490-492c-abe3-d751a999c748%3Fcv1%3D4f871dba-9462-11ed-a601-e2e38133f3a0%26cv10%3D1%26cv2%3D0c1c5c30286e1db21a741e4b62c8b6e4%26cv3%3Ddesktop%26cv4%3D62e383b461d6e2197e222e81%26cv5%3D62e3800961d6e26273250a26%26cv6%3Den%26cv7%3DNTVB%26cv8%3DFirefox%26cv9%3D62e294ed61d6e24c01635c17%26externalId%3D4f871dba-9462-11ed-a601-e2e38133f3a0%26p%3DeyJiIjoyNzkxMzEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjIsInMiOjI3NTk0fQ
185.76.9.21200 OK 1.6 kB URL HTTP/2 static.javhd.com/h5/files/16821/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Fcfab7283-f490-492c-abe3-d751a999c748%3Fcv1%3D4f871dba-9462-11ed-a601-e2e38133f3a0%26cv10%3D1%26cv2%3D0c1c5c30286e1db21a741e4b62c8b6e4%26cv3%3Ddesktop%26cv4%3D62e383b461d6e2197e222e81%26cv5%3D62e3800961d6e26273250a26%26cv6%3Den%26cv7%3DNTVB%26cv8%3DFirefox%26cv9%3D62e294ed61d6e24c01635c17%26externalId%3D4f871dba-9462-11ed-a601-e2e38133f3a0%26p%3DeyJiIjoyNzkxMzEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjIsInMiOjI3NTk0fQ
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
Hash c9ef43720953d58e5ba9ff64906ee1b1
7728b737f0b1b62157aa05f4e9adfad298c25722
9199faeba0b990e2dab33f45e36ef8421887dc2ff927f7b71cfce635488e5f78
GET /h5/files/16821/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Fcfab7283-f490-492c-abe3-d751a999c748%3Fcv1%3D4f871dba-9462-11ed-a601-e2e38133f3a0%26cv10%3D1%26cv2%3D0c1c5c30286e1db21a741e4b62c8b6e4%26cv3%3Ddesktop%26cv4%3D62e383b461d6e2197e222e81%26cv5%3D62e3800961d6e26273250a26%26cv6%3Den%26cv7%3DNTVB%26cv8%3DFirefox%26cv9%3D62e294ed61d6e24c01635c17%26externalId%3D4f871dba-9462-11ed-a601-e2e38133f3a0%26p%3DeyJiIjoyNzkxMzEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjIsInMiOjI3NTk0fQ HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trackwilltrk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:28 GMT
content-type: text/html
last-modified: Tue, 27 Dec 2022 14:13:32 GMT
etag: W/"63aafd8c-ca2"
expires: Mon, 13 Feb 2023 23:22:28 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1676330548
server: CDN77-Turbo
x-77-nzt: AblMCRRK34yh
x-77-nzt-ray: af5856302505c87c3439c363509cf21b
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www2.javhdporn.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 13:33:13 GMT
expires: Sat, 13 Jan 2024 13:33:13 GMT
cache-control: public, max-age=31536000
age: 121756
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www2.javhdporn.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 19:33:54 GMT
expires: Thu, 11 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 272915
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blacknesskeepplan.com/pixel/sbs?c=1
173.233.137.60200 OK 0 B URL HTTP/1.1 blacknesskeepplan.com/pixel/sbs?c=1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: blacknesskeepplan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Cookie: u_pl=17363410; uid_id2=e5c8821a-e397-4dfd-9b76-231cf8931b11:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 23:22:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
blacknesskeepplan.com/impr.gif?sid=H4sIAAAAAAAC%2F6xUT2hcVRe%2FL%2B0H38e3UakLweLDkVLBTN6bP5mZhhLbJq1D0yQkKQU35b5775vczn33Pu69b16SVbEqXbiIRUQL0peTprFabbssIshEEBlcZATLLMzCjSIIrYIbNzKTSHUhuPAs3vkdfu%2B9%2B%2Fudc7ivryU7yIME92bPqBUuBB4p5z338DkuqUqNO73g%2Bl7eG3PPcTlaGnOX%2Bg%2FdOuJ75bz3vHuKkaYaKXi%2B5%2Fme757kmoVqaWTAAo9v1fx8zcuXCnm%2FXIIl%2FdfaJA4Y7ABt7aAngNPufxa%2FvAuctEFGdyaYaVoVvzAZJQJbpaFFN8%2FKplSphOgRDLUDodzcexuU6SL0zhAoubnnAFTret8BBLyLnPs%2BBHJzTyYErY1dpYEAJiGg%2F4e01QYm2sBxG4i6BJxuIwBCYXoGZHRjWukUL%2B%2ByuM920f5ffwGedtH%2Bbw%2BAjD4%2BLviSO69EYrmSBpbCDPhSG3ijDXGyBXbFAZ5uAbGvAKcIZJQBp73nWJlUqwUfD7NirTJcoiEdrgWV0eFC0SdhtVb0A98ftIbzNvCwDYKtAjZDkBgHEu5AEjqQxA5EtOfici30vEoYhMVitUQIKRYJKVdHaZkWS9XQg4T0ta%2BCjVeBiFUg%2BiLE%2BiI0%2BZXt8tNdhK5cAJ18BmYxA0MdMBZBi2aQMgSpQZBiBClHkFoEaSvboMIUTHaDCpME%2Fl4u7OVitq5sYw1vKNtgEq3FO%2BjxfuOc%2Fz7sQpP1XN8f9Qu1UkDDaol6Fc%2BvheXKaMGr0krN9%2FEoGJ4BN0OAjQMrvIsOfHcQYt5FQ2MPIcBtMKINhD8GODkIOF2vFDzAi%2Bulqgcr8qMLuLVIY6VlXjILVGUQ2%2F1gl501sYOeGkywsvkDMNJ50fnp8Bvf77sDRGcQ6wwu8M8RNMTl9TmVoutzKjXo7kxsecRXcH%2B68xZbhj44zZZTpWl9wqzePEb6RB%2FeWmDGTmFJuWwY9OFxTinTJ5UmDH1aN%2BdYMJuYxeOJlkk8NXviZD2KNTOGK9kGzLeXXgbCu%2Bh%2F33QGe3sQfwVcb4FOehOL1sZHRkaI4KSZj4lo5iWO2G49bhi2R4ujNa9QOIQpp39gfvRsrRFV8Yzv8fp5D6KkM37v3X5cBa7aQOJXb%2BZyC%2FWFqclcrjfy4NpbGwucmoA1NJOGWddyEST0iOt7nudOz5x2Q6Vdyhrug2tXL97O5SYm50%2FM1WcX6jPTuVzv2fnmsqQDfmvDDbc23BYTTRUZGyiZmAfXrty5nctNHZs7NXm%2BfubYqf6hL%2F2NMbuYRIHEXPxTc%2B%2FncvUTAxlz%2F9YvD%2FGoYY9yoiSYuIP2AoxCoMWjOogdSJNsXReCzvjbPz8jbm2%2FBoJ30di9GRCsM%2F7Je%2Fef%2FO3HLwAHGRj2pw8f4TVzGRraAWwvDS6Hls6gJTLAYhVMsm%2Fdxroz%2FnVxEBAIZz0Q2rkeCC3e3N1kw3tu2S%2BxalCtEEoDRqhfKRSrRc8rUFqq1JhfA2u6ZKtW%2Bh0AAP%2F%2FAQAA%2F%2F%2FbdPeH%2FgUAAA%3D%3D
173.233.137.60200 OK 7 B URL HTTP/1.1 blacknesskeepplan.com/impr.gif?sid=H4sIAAAAAAAC%2F6xUT2hcVRe%2FL%2B0H38e3UakLweLDkVLBTN6bP5mZhhLbJq1D0yQkKQU35b5775vczn33Pu69b16SVbEqXbiIRUQL0peTprFabbssIshEEBlcZATLLMzCjSIIrYIbNzKTSHUhuPAs3vkdfu%2B9%2B%2Fudc7ivryU7yIME92bPqBUuBB4p5z338DkuqUqNO73g%2Bl7eG3PPcTlaGnOX%2Bg%2FdOuJ75bz3vHuKkaYaKXi%2B5%2Fme757kmoVqaWTAAo9v1fx8zcuXCnm%2FXIIl%2FdfaJA4Y7ABt7aAngNPufxa%2FvAuctEFGdyaYaVoVvzAZJQJbpaFFN8%2FKplSphOgRDLUDodzcexuU6SL0zhAoubnnAFTret8BBLyLnPs%2BBHJzTyYErY1dpYEAJiGg%2F4e01QYm2sBxG4i6BJxuIwBCYXoGZHRjWukUL%2B%2ByuM920f5ffwGedtH%2Bbw%2BAjD4%2BLviSO69EYrmSBpbCDPhSG3ijDXGyBXbFAZ5uAbGvAKcIZJQBp73nWJlUqwUfD7NirTJcoiEdrgWV0eFC0SdhtVb0A98ftIbzNvCwDYKtAjZDkBgHEu5AEjqQxA5EtOfici30vEoYhMVitUQIKRYJKVdHaZkWS9XQg4T0ta%2BCjVeBiFUg%2BiLE%2BiI0%2BZXt8tNdhK5cAJ18BmYxA0MdMBZBi2aQMgSpQZBiBClHkFoEaSvboMIUTHaDCpME%2Fl4u7OVitq5sYw1vKNtgEq3FO%2BjxfuOc%2Fz7sQpP1XN8f9Qu1UkDDaol6Fc%2BvheXKaMGr0krN9%2FEoGJ4BN0OAjQMrvIsOfHcQYt5FQ2MPIcBtMKINhD8GODkIOF2vFDzAi%2Bulqgcr8qMLuLVIY6VlXjILVGUQ2%2F1gl501sYOeGkywsvkDMNJ50fnp8Bvf77sDRGcQ6wwu8M8RNMTl9TmVoutzKjXo7kxsecRXcH%2B68xZbhj44zZZTpWl9wqzePEb6RB%2FeWmDGTmFJuWwY9OFxTinTJ5UmDH1aN%2BdYMJuYxeOJlkk8NXviZD2KNTOGK9kGzLeXXgbCu%2Bh%2F33QGe3sQfwVcb4FOehOL1sZHRkaI4KSZj4lo5iWO2G49bhi2R4ujNa9QOIQpp39gfvRsrRFV8Yzv8fp5D6KkM37v3X5cBa7aQOJXb%2BZyC%2FWFqclcrjfy4NpbGwucmoA1NJOGWddyEST0iOt7nudOz5x2Q6Vdyhrug2tXL97O5SYm50%2FM1WcX6jPTuVzv2fnmsqQDfmvDDbc23BYTTRUZGyiZmAfXrty5nctNHZs7NXm%2BfubYqf6hL%2F2NMbuYRIHEXPxTc%2B%2FncvUTAxlz%2F9YvD%2FGoYY9yoiSYuIP2AoxCoMWjOogdSJNsXReCzvjbPz8jbm2%2FBoJ30di9GRCsM%2F7Je%2Fef%2FO3HLwAHGRj2pw8f4TVzGRraAWwvDS6Hls6gJTLAYhVMsm%2Fdxroz%2FnVxEBAIZz0Q2rkeCC3e3N1kw3tu2S%2BxalCtEEoDRqhfKRSrRc8rUFqq1JhfA2u6ZKtW%2Bh0AAP%2F%2FAQAA%2F%2F%2FbdPeH%2FgUAAA%3D%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F6xUT2hcVRe%2FL%2B0H38e3UakLweLDkVLBTN6bP5mZhhLbJq1D0yQkKQU35b5775vczn33Pu69b16SVbEqXbiIRUQL0peTprFabbssIshEEBlcZATLLMzCjSIIrYIbNzKTSHUhuPAs3vkdfu%2B9%2B%2Fudc7ivryU7yIME92bPqBUuBB4p5z338DkuqUqNO73g%2Bl7eG3PPcTlaGnOX%2Bg%2FdOuJ75bz3vHuKkaYaKXi%2B5%2Fme757kmoVqaWTAAo9v1fx8zcuXCnm%2FXIIl%2FdfaJA4Y7ABt7aAngNPufxa%2FvAuctEFGdyaYaVoVvzAZJQJbpaFFN8%2FKplSphOgRDLUDodzcexuU6SL0zhAoubnnAFTret8BBLyLnPs%2BBHJzTyYErY1dpYEAJiGg%2F4e01QYm2sBxG4i6BJxuIwBCYXoGZHRjWukUL%2B%2ByuM920f5ffwGedtH%2Bbw%2BAjD4%2BLviSO69EYrmSBpbCDPhSG3ijDXGyBXbFAZ5uAbGvAKcIZJQBp73nWJlUqwUfD7NirTJcoiEdrgWV0eFC0SdhtVb0A98ftIbzNvCwDYKtAjZDkBgHEu5AEjqQxA5EtOfici30vEoYhMVitUQIKRYJKVdHaZkWS9XQg4T0ta%2BCjVeBiFUg%2BiLE%2BiI0%2BZXt8tNdhK5cAJ18BmYxA0MdMBZBi2aQMgSpQZBiBClHkFoEaSvboMIUTHaDCpME%2Fl4u7OVitq5sYw1vKNtgEq3FO%2BjxfuOc%2Fz7sQpP1XN8f9Qu1UkDDaol6Fc%2BvheXKaMGr0krN9%2FEoGJ4BN0OAjQMrvIsOfHcQYt5FQ2MPIcBtMKINhD8GODkIOF2vFDzAi%2Bulqgcr8qMLuLVIY6VlXjILVGUQ2%2F1gl501sYOeGkywsvkDMNJ50fnp8Bvf77sDRGcQ6wwu8M8RNMTl9TmVoutzKjXo7kxsecRXcH%2B68xZbhj44zZZTpWl9wqzePEb6RB%2FeWmDGTmFJuWwY9OFxTinTJ5UmDH1aN%2BdYMJuYxeOJlkk8NXviZD2KNTOGK9kGzLeXXgbCu%2Bh%2F33QGe3sQfwVcb4FOehOL1sZHRkaI4KSZj4lo5iWO2G49bhi2R4ujNa9QOIQpp39gfvRsrRFV8Yzv8fp5D6KkM37v3X5cBa7aQOJXb%2BZyC%2FWFqclcrjfy4NpbGwucmoA1NJOGWddyEST0iOt7nudOz5x2Q6Vdyhrug2tXL97O5SYm50%2FM1WcX6jPTuVzv2fnmsqQDfmvDDbc23BYTTRUZGyiZmAfXrty5nctNHZs7NXm%2BfubYqf6hL%2F2NMbuYRIHEXPxTc%2B%2FncvUTAxlz%2F9YvD%2FGoYY9yoiSYuIP2AoxCoMWjOogdSJNsXReCzvjbPz8jbm2%2FBoJ30di9GRCsM%2F7Je%2Fef%2FO3HLwAHGRj2pw8f4TVzGRraAWwvDS6Hls6gJTLAYhVMsm%2Fdxroz%2FnVxEBAIZz0Q2rkeCC3e3N1kw3tu2S%2BxalCtEEoDRqhfKRSrRc8rUFqq1JhfA2u6ZKtW%2Bh0AAP%2F%2FAQAA%2F%2F%2FbdPeH%2FgUAAA%3D%3D HTTP/1.1
Host: blacknesskeepplan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Cookie: u_pl=17363410; uid_id2=e5c8821a-e397-4dfd-9b76-231cf8931b11:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jan 2023 23:22:29 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d827c1baa15a66d24fa2b32486de4197
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 23:22:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3a6b92d264d8c67cca1a6736be10ad0b
5e4cb5782295739047d0d7bed0a16f245c5d9195
17c935739f8afe1ca95adc00ea64a15aa2fd7631343f130346963c2031cca4e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C935739F8AFE1CA95ADC00EA64A15AA2FD7631343F130346963C2031CCA4E9"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2108
Expires: Sat, 14 Jan 2023 23:57:38 GMT
Date: Sat, 14 Jan 2023 23:22:30 GMT
Connection: keep-alive
us.karoon.xyz/metrics/save.img?event=impressions&bid-id=v2-1673738548647-7-8077-1178228-27c613f8-7f2a-6109-2d5b-59c2e00563f1&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3DJhhJbtNI_8sEWpz80rYO0tEuPQuqe5Ru5Dh8474AGyD5U-m_3zBXaZaWakD-wQ3zrunthgxvOdYOEGNQD8dK78yUUHJUD-OMLW4PzYWJxVv9E8_aBig9T_n-PJk-o4p-qd3HFuHW1QTW2CaJes0JgYOJY485R5oPyUBNPEOdKbBTnOjAF_unFqTxjsmp55_kxvT89MuXtlkPVWq0tlz7OUrfycN5LtYcxCjcCPn5wKmgJt0uBnDzv84ocQwmEDn9ngQ6JDLDgzpO2A3FQnMiVNubPL7CQbJK96nPPFQq1vQS97f4uKBcVk2BWab4Pdonk0x-qWoQeDSTkfwzHQS7j9MrCQ6pI6n1rTdCXqx0FR0Rtz66G3xvcKWMMx2BGTIg2kWmh1C1LiX19miMyAhpyh4O89enjx88pQfvkhaU8s5We9HfvUfGs6pk_OvMET_E5ZYclnfnMxqopJ7X4RJo9ZOzlnZAr9cVPm5wF7emTB3U_mRtc3OHj-FPOnDjsL2ztupuezihnfCgpm-l4GBYpiKixXrN4lm5s_0A_zVrq0DMsed_vS6j7hloKGL12_wmUr0_-z-0uZLWpRdrtJx0VEo7Kiv_kc7eKZ_fmqnxq5G-Ldez
38.100.129.11302 Found 0 B URL HTTP/2 us.karoon.xyz/metrics/save.img?event=impressions&bid-id=v2-1673738548647-7-8077-1178228-27c613f8-7f2a-6109-2d5b-59c2e00563f1&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3DJhhJbtNI_8sEWpz80rYO0tEuPQuqe5Ru5Dh8474AGyD5U-m_3zBXaZaWakD-wQ3zrunthgxvOdYOEGNQD8dK78yUUHJUD-OMLW4PzYWJxVv9E8_aBig9T_n-PJk-o4p-qd3HFuHW1QTW2CaJes0JgYOJY485R5oPyUBNPEOdKbBTnOjAF_unFqTxjsmp55_kxvT89MuXtlkPVWq0tlz7OUrfycN5LtYcxCjcCPn5wKmgJt0uBnDzv84ocQwmEDn9ngQ6JDLDgzpO2A3FQnMiVNubPL7CQbJK96nPPFQq1vQS97f4uKBcVk2BWab4Pdonk0x-qWoQeDSTkfwzHQS7j9MrCQ6pI6n1rTdCXqx0FR0Rtz66G3xvcKWMMx2BGTIg2kWmh1C1LiX19miMyAhpyh4O89enjx88pQfvkhaU8s5We9HfvUfGs6pk_OvMET_E5ZYclnfnMxqopJ7X4RJo9ZOzlnZAr9cVPm5wF7emTB3U_mRtc3OHj-FPOnDjsL2ztupuezihnfCgpm-l4GBYpiKixXrN4lm5s_0A_zVrq0DMsed_vS6j7hloKGL12_wmUr0_-z-0uZLWpRdrtJx0VEo7Kiv_kc7eKZ_fmqnxq5G-Ldez
IP 38.100.129.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /metrics/save.img?event=impressions&bid-id=v2-1673738548647-7-8077-1178228-27c613f8-7f2a-6109-2d5b-59c2e00563f1&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3DJhhJbtNI_8sEWpz80rYO0tEuPQuqe5Ru5Dh8474AGyD5U-m_3zBXaZaWakD-wQ3zrunthgxvOdYOEGNQD8dK78yUUHJUD-OMLW4PzYWJxVv9E8_aBig9T_n-PJk-o4p-qd3HFuHW1QTW2CaJes0JgYOJY485R5oPyUBNPEOdKbBTnOjAF_unFqTxjsmp55_kxvT89MuXtlkPVWq0tlz7OUrfycN5LtYcxCjcCPn5wKmgJt0uBnDzv84ocQwmEDn9ngQ6JDLDgzpO2A3FQnMiVNubPL7CQbJK96nPPFQq1vQS97f4uKBcVk2BWab4Pdonk0x-qWoQeDSTkfwzHQS7j9MrCQ6pI6n1rTdCXqx0FR0Rtz66G3xvcKWMMx2BGTIg2kWmh1C1LiX19miMyAhpyh4O89enjx88pQfvkhaU8s5We9HfvUfGs6pk_OvMET_E5ZYclnfnMxqopJ7X4RJo9ZOzlnZAr9cVPm5wF7emTB3U_mRtc3OHj-FPOnDjsL2ztupuezihnfCgpm-l4GBYpiKixXrN4lm5s_0A_zVrq0DMsed_vS6j7hloKGL12_wmUr0_-z-0uZLWpRdrtJx0VEo7Kiv_kc7eKZ_fmqnxq5G-Ldez HTTP/1.1
Host: us.karoon.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty/1.15.8.3
date: Sat, 14 Jan 2023 23:22:30 GMT
content-length: 0
location: https://track.trackingtraffo.com/push/ic?auth=pz6u78&c=JhhJbtNI_8sEWpz80rYO0tEuPQuqe5Ru5Dh8474AGyD5U-m_3zBXaZaWakD-wQ3zrunthgxvOdYOEGNQD8dK78yUUHJUD-OMLW4PzYWJxVv9E8_aBig9T_n-PJk-o4p-qd3HFuHW1QTW2CaJes0JgYOJY485R5oPyUBNPEOdKbBTnOjAF_unFqTxjsmp55_kxvT89MuXtlkPVWq0tlz7OUrfycN5LtYcxCjcCPn5wKmgJt0uBnDzv84ocQwmEDn9ngQ6JDLDgzpO2A3FQnMiVNubPL7CQbJK96nPPFQq1vQS97f4uKBcVk2BWab4Pdonk0x-qWoQeDSTkfwzHQS7j9MrCQ6pI6n1rTdCXqx0FR0Rtz66G3xvcKWMMx2BGTIg2kWmh1C1LiX19miMyAhpyh4O89enjx88pQfvkhaU8s5We9HfvUfGs6pk_OvMET_E5ZYclnfnMxqopJ7X4RJo9ZOzlnZAr9cVPm5wF7emTB3U_mRtc3OHj-FPOnDjsL2ztupuezihnfCgpm-l4GBYpiKixXrN4lm5s_0A_zVrq0DMsed_vS6j7hloKGL12_wmUr0_-z-0uZLWpRdrtJx0VEo7Kiv_kc7eKZ_fmqnxq5G-Ldez
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 617bd8818b9c1ed26c05020b0141b872
063e3d21d2ae3a1f17b265ce662ed229aff2401e
54f4d69d4baff9b848ee4ca27c49469e634dbed6d3eeb4342f8cad275b4777aa
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 23:22:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 18:28:18 GMT
Expires: Sat, 21 Jan 2023 18:28:17 GMT
Etag: "063e3d21d2ae3a1f17b265ce662ed229aff2401e"
Cache-Control: max-age=586546,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 789a1d349b0eb509-OSL
track.trackingtraffo.com/push/ic?auth=pz6u78&c=JhhJbtNI_8sEWpz80rYO0tEuPQuqe5Ru5Dh8474AGyD5U-m_3zBXaZaWakD-wQ3zrunthgxvOdYOEGNQD8dK78yUUHJUD-OMLW4PzYWJxVv9E8_aBig9T_n-PJk-o4p-qd3HFuHW1QTW2CaJes0JgYOJY485R5oPyUBNPEOdKbBTnOjAF_unFqTxjsmp55_kxvT89MuXtlkPVWq0tlz7OUrfycN5LtYcxCjcCPn5wKmgJt0uBnDzv84ocQwmEDn9ngQ6JDLDgzpO2A3FQnMiVNubPL7CQbJK96nPPFQq1vQS97f4uKBcVk2BWab4Pdonk0x-qWoQeDSTkfwzHQS7j9MrCQ6pI6n1rTdCXqx0FR0Rtz66G3xvcKWMMx2BGTIg2kWmh1C1LiX19miMyAhpyh4O89enjx88pQfvkhaU8s5We9HfvUfGs6pk_OvMET_E5ZYclnfnMxqopJ7X4RJo9ZOzlnZAr9cVPm5wF7emTB3U_mRtc3OHj-FPOnDjsL2ztupuezihnfCgpm-l4GBYpiKixXrN4lm5s_0A_zVrq0DMsed_vS6j7hloKGL12_wmUr0_-z-0uZLWpRdrtJx0VEo7Kiv_kc7eKZ_fmqnxq5G-Ldez
88.214.206.175302 Found 0 B URL HTTP/1.1 track.trackingtraffo.com/push/ic?auth=pz6u78&c=JhhJbtNI_8sEWpz80rYO0tEuPQuqe5Ru5Dh8474AGyD5U-m_3zBXaZaWakD-wQ3zrunthgxvOdYOEGNQD8dK78yUUHJUD-OMLW4PzYWJxVv9E8_aBig9T_n-PJk-o4p-qd3HFuHW1QTW2CaJes0JgYOJY485R5oPyUBNPEOdKbBTnOjAF_unFqTxjsmp55_kxvT89MuXtlkPVWq0tlz7OUrfycN5LtYcxCjcCPn5wKmgJt0uBnDzv84ocQwmEDn9ngQ6JDLDgzpO2A3FQnMiVNubPL7CQbJK96nPPFQq1vQS97f4uKBcVk2BWab4Pdonk0x-qWoQeDSTkfwzHQS7j9MrCQ6pI6n1rTdCXqx0FR0Rtz66G3xvcKWMMx2BGTIg2kWmh1C1LiX19miMyAhpyh4O89enjx88pQfvkhaU8s5We9HfvUfGs6pk_OvMET_E5ZYclnfnMxqopJ7X4RJo9ZOzlnZAr9cVPm5wF7emTB3U_mRtc3OHj-FPOnDjsL2ztupuezihnfCgpm-l4GBYpiKixXrN4lm5s_0A_zVrq0DMsed_vS6j7hloKGL12_wmUr0_-z-0uZLWpRdrtJx0VEo7Kiv_kc7eKZ_fmqnxq5G-Ldez
IP 88.214.206.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /push/ic?auth=pz6u78&c=JhhJbtNI_8sEWpz80rYO0tEuPQuqe5Ru5Dh8474AGyD5U-m_3zBXaZaWakD-wQ3zrunthgxvOdYOEGNQD8dK78yUUHJUD-OMLW4PzYWJxVv9E8_aBig9T_n-PJk-o4p-qd3HFuHW1QTW2CaJes0JgYOJY485R5oPyUBNPEOdKbBTnOjAF_unFqTxjsmp55_kxvT89MuXtlkPVWq0tlz7OUrfycN5LtYcxCjcCPn5wKmgJt0uBnDzv84ocQwmEDn9ngQ6JDLDgzpO2A3FQnMiVNubPL7CQbJK96nPPFQq1vQS97f4uKBcVk2BWab4Pdonk0x-qWoQeDSTkfwzHQS7j9MrCQ6pI6n1rTdCXqx0FR0Rtz66G3xvcKWMMx2BGTIg2kWmh1C1LiX19miMyAhpyh4O89enjx88pQfvkhaU8s5We9HfvUfGs6pk_OvMET_E5ZYclnfnMxqopJ7X4RJo9ZOzlnZAr9cVPm5wF7emTB3U_mRtc3OHj-FPOnDjsL2ztupuezihnfCgpm-l4GBYpiKixXrN4lm5s_0A_zVrq0DMsed_vS6j7hloKGL12_wmUr0_-z-0uZLWpRdrtJx0VEo7Kiv_kc7eKZ_fmqnxq5G-Ldez HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 14 Jan 2023 23:22:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659514995116-National Casino black.png
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659514995116-National%20Casino%20black.png
142.132.194.196200 OK 4.5 kB URL HTTP/1.1 ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659514995116-National%20Casino%20black.png
IP 142.132.194.196:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 58be17b22d6e1178a54c92cf862c817e
b821bc2f016751647df49e49863077e927a70322
9cc4f3f40313b08baf54c956685ac7a21ac8a3573908b9763865c6f613ce1b5f
GET /creatives/k1qy286gxmd5g3dpr397nw5v/1659514995116-National%20Casino%20black.png HTTP/1.1
Host: ads.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 14 Jan 2023 23:22:31 GMT
Content-Type: image/png
Content-Length: 4456
Last-Modified: Wed, 03 Aug 2022 08:23:15 GMT
Connection: keep-alive
ETag: "62ea3073-1168"
Accept-Ranges: bytes
adxadserv.com/px/heartbeat/v1?pv_uid=7c705d10-623b-4790-b895-123402c2dbdf&t_op=5.312&p_nn=adxad-rtb&fpid_sa=1673738548294&fpid=bc43f01a151639d4c69739dcaca30e3b&feid_sa=1673738548294&sid_sa=1673738548294&feid=040edc668d76714f6406ad8c6cbf2001&sid=053ecc072d82d289d4e53401406ef620&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www2.javhdporn.net&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=16&dm=-1&dt=2&ed=0&sr=5497558139882&fb=10384
185.98.53.29200 OK 0 B URL HTTP/1.1 adxadserv.com/px/heartbeat/v1?pv_uid=7c705d10-623b-4790-b895-123402c2dbdf&t_op=5.312&p_nn=adxad-rtb&fpid_sa=1673738548294&fpid=bc43f01a151639d4c69739dcaca30e3b&feid_sa=1673738548294&sid_sa=1673738548294&feid=040edc668d76714f6406ad8c6cbf2001&sid=053ecc072d82d289d4e53401406ef620&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www2.javhdporn.net&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=16&dm=-1&dt=2&ed=0&sr=5497558139882&fb=10384
IP 185.98.53.29:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /px/heartbeat/v1?pv_uid=7c705d10-623b-4790-b895-123402c2dbdf&t_op=5.312&p_nn=adxad-rtb&fpid_sa=1673738548294&fpid=bc43f01a151639d4c69739dcaca30e3b&feid_sa=1673738548294&sid_sa=1673738548294&feid=040edc668d76714f6406ad8c6cbf2001&sid=053ecc072d82d289d4e53401406ef620&u_adb=0&vn=T-0.1.1&utm_typ=referral&utm_src=www2.javhdporn.net&s_rst=0&ts=%5B0%2Cfalse%2Cfalse%5D&pl=Linux%20x86_64&cc=NA&ss=1&ls=1&idb=1&ab=0&od=0&ll=0&lr=0&lo=1&lb=0&cd=24&hc=16&dm=-1&dt=2&ed=0&sr=5497558139882&fb=10384 HTTP/1.1
Host: adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1
Origin: https://ads.adxadserv.com
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 14 Jan 2023 23:22:33 GMT
Content-Length: 0
Connection: keep-alive
pics.pornfhd.com/s/mono/movie/adult/dass087/dass087pl.jpg
104.21.235.64200 OK 0 B URL HTTP/2 pics.pornfhd.com/s/mono/movie/adult/dass087/dass087pl.jpg
IP 104.21.235.64:0
GET /s/mono/movie/adult/dass087/dass087pl.jpg HTTP/1.1
Host: pics.pornfhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:25 GMT
content-type: image/jpeg
last-modified: Fri, 21 Oct 2022 11:25:39 GMT
vary: Accept-Encoding
etag: W/"635281b3-97d7"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2243268
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vi%2FZXWqVWJVmwtKW3jZUFg3CfgDEGTi04UurSMXpJJXauuqtOPBdW%2FFrBrTcPFrXtHcP8aYi%2FkmHzk4GaAZ%2BYLNMKLsOJ9tOYmUdgRqmwreVvPZ06OVdo7DCaMjPgGC4KJC1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 789a1d183ac876ea-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creative.xlirdr.com/widgets/Player?autoplay=all&autoplayForce=all&campaignId=b12dbba4a74f1f286b44c367348434fcb52005247fbe29388c0f42e2bb53542e&campaignType=smartpop&creativeId=9d1e7de94c9852b91e149dd135c0f31676824fa6327f94440e0cb99789281fe1&iterationId=164961&masterSmartpopId=0&quality=240p&ruleId=0&showModal=signup&smartpopId=5094&tag=girls%2Fchinese&userId=a857d671ed2ee3f67e327d7a3d55455ceef35f57922f8f8f71c52e413accec69&variationId=27486
104.18.59.150200 OK 0 B URL HTTP/2 creative.xlirdr.com/widgets/Player?autoplay=all&autoplayForce=all&campaignId=b12dbba4a74f1f286b44c367348434fcb52005247fbe29388c0f42e2bb53542e&campaignType=smartpop&creativeId=9d1e7de94c9852b91e149dd135c0f31676824fa6327f94440e0cb99789281fe1&iterationId=164961&masterSmartpopId=0&quality=240p&ruleId=0&showModal=signup&smartpopId=5094&tag=girls%2Fchinese&userId=a857d671ed2ee3f67e327d7a3d55455ceef35f57922f8f8f71c52e413accec69&variationId=27486
IP 104.18.59.150:0
GET /widgets/Player?autoplay=all&autoplayForce=all&campaignId=b12dbba4a74f1f286b44c367348434fcb52005247fbe29388c0f42e2bb53542e&campaignType=smartpop&creativeId=9d1e7de94c9852b91e149dd135c0f31676824fa6327f94440e0cb99789281fe1&iterationId=164961&masterSmartpopId=0&quality=240p&ruleId=0&showModal=signup&smartpopId=5094&tag=girls%2Fchinese&userId=a857d671ed2ee3f67e327d7a3d55455ceef35f57922f8f8f71c52e413accec69&variationId=27486 HTTP/1.1
Host: creative.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www2.javhdporn.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:27 GMT
content-type: text/html
last-modified: Fri, 23 Dec 2022 13:19:32 GMT
expires: Sat, 14 Jan 2023 23:22:30 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
cf-cache-status: HIT
age: 5
vary: Accept-Encoding
server: cloudflare
cf-ray: 789a1d1fdc0ab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/rtb/social/facebook/1-1/css/animate.css
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/rtb/social/facebook/1-1/css/animate.css
IP 172.64.166.9:0
GET /sb/notifications/rtb/social/facebook/1-1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www2.javhdporn.net
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:29 GMT
content-type: text/css
last-modified: Tue, 24 May 2022 12:11:15 GMT
etag: W/"628ccb63-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 100554
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTKChFERE1%2FT378SKF%2B58W5GmxMZyQgD9PM3ZXcT%2B0P5gt4TCnaQFE7%2BxpyBRWMZWukwXsJZvSTzpMomLQrdZpnEbPgAbf961S6N4AVQAaATBUexTsbV0%2FwlQ9a7e1xZgxHWJ5io7Zmr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 789a1d2cec84073a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/rtb/social/facebook/1-1/css/style.css
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/rtb/social/facebook/1-1/css/style.css
IP 172.64.166.9:0
GET /sb/notifications/rtb/social/facebook/1-1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www2.javhdporn.net
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:29 GMT
content-type: text/css
last-modified: Mon, 06 Jun 2022 09:53:30 GMT
etag: W/"629dce9a-1a2a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 100554
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9j8QMXewdNo0UdjkQVW4%2F7m1C9gaRV23Mm5tywsRDWMPS0sYhs90JtdIQIGzsnacCj6DfY66%2BhjIBeYO%2Bs838vlWoUqHQd%2BUO4LpXbzTmDqnlKtIjzsp%2FtjUUl1bMpb09gO4fHfAwGOs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 789a1d2cec88073a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.javhdhello.com/h5/files/css/style.css
185.76.9.21200 OK 0 B URL HTTP/2 static.javhdhello.com/h5/files/css/style.css
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /h5/files/css/style.css HTTP/1.1
Host: static.javhdhello.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:28 GMT
content-type: text/css
last-modified: Wed, 25 May 2016 08:29:12 GMT
etag: W/"57456258-7bd"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRQx34j/4843AQ
x-77-nzt-ray: af5856302505c87c3439c36332e9a226
x-cache: HIT
x-age: 20434659
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www2.javhdporn.net/video/dass-100-decensored/
104.21.233.142200 OK 0 B URL HTTP/2 www2.javhdporn.net/video/dass-100-decensored/
IP 104.21.233.142:0
GET /video/dass-100-decensored/ HTTP/1.1
Host: www2.javhdporn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:25 GMT
content-type: text/html
cf-ray: 789a1d154f3323ff-LHR
age: 27118
cache-control: max-age=14400
last-modified: Fri, 13 Jan 2023 07:56:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, Cookie
cf-cache-status: HIT
cf-apo-via: tcache
cf-edge-cache: cache,platform=wordpress
x-rocket-nginx-serving-static: Yes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvwt0tLnvbPlth6cnYRrVti5iwUhuVs%2FlTMugQz7%2FH7OEg37SJzPDmQCprXo0nDAokt5zYBc18rBrli8bshWowA1JSoo7OUVg0%2Boz0vBvTSrL5VyJUex6Psd6TYx3dop%2FIBAwMw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pics.pornfhd.com/s/mono/movie/adult/dass100/dass100pl.jpg
104.21.235.64200 OK 0 B URL HTTP/2 pics.pornfhd.com/s/mono/movie/adult/dass100/dass100pl.jpg
IP 104.21.235.64:0
GET /s/mono/movie/adult/dass100/dass100pl.jpg HTTP/1.1
Host: pics.pornfhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:25 GMT
content-type: image/jpeg
last-modified: Mon, 12 Dec 2022 02:50:41 GMT
vary: Accept-Encoding
etag: W/"63969701-9acf"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 679092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bLqKVRtbkmPE5aMK6Rc8nBDlX1Cxt7%2FX2mSGq9bBB847hHvnHgs2JSiO6%2BJgJItaTvW%2BWqAwxjMKidollEz5suskMb1biYtScDLYyaBqlVwnTcltICvIBH7t584jO5ZjIfO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 789a1d183ac676ea-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.adxadserv.com/js/adb.js
185.76.9.19200 OK 0 B URL HTTP/2 static.adxadserv.com/js/adb.js
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
GET /js/adb.js HTTP/1.1
Host: static.adxadserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:27 GMT
content-type: application/javascript
last-modified: Tue, 24 Mar 2020 11:15:59 GMT
etag: W/"5e79ebef-532"
x-accel-expires: @1673946076
server: CDN77-Turbo
x-77-nzt: AblMCQ3S70P/V6cMAA
x-77-nzt-ray: c0a4cc28b48e14ee3339c3635aafad30
x-cache: HIT
x-age: 829271
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.barscreative1.com//sb/notifications/rtb/social/facebook/1-1/index.html
45.133.44.4200 OK 0 B URL HTTP/2 cdn.barscreative1.com//sb/notifications/rtb/social/facebook/1-1/index.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET //sb/notifications/rtb/social/facebook/1-1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www2.javhdporn.net
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:29 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Tue, 24 May 2022 12:11:15 GMT
etag: W/"628ccb63-4c6"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 15 Jan 2023 00:22:29 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
pics.pornfhd.com/mono/movie/adult/dass100/dass100pl.jpg
104.21.235.64200 OK 0 B URL HTTP/2 pics.pornfhd.com/mono/movie/adult/dass100/dass100pl.jpg
IP 104.21.235.64:0
GET /mono/movie/adult/dass100/dass100pl.jpg HTTP/1.1
Host: pics.pornfhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:25 GMT
content-type: image/jpeg
last-modified: Mon, 12 Dec 2022 02:50:41 GMT
vary: Accept-Encoding
etag: W/"63969701-283ed"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 269563
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0p%2FvU5XTeL0er2sUgSO85wPCm6Ba4nHr2kUyeUFtiO%2BKWa7jjLAmItG%2FP%2BdtCkQitsKtnwSljY3COH6zG11aX2EB9rUYJP7F9E7%2FheakpalgmN2OPrbXMRvBBCM9kjUn86a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 789a1d1719d176ea-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
asg.phukienthoitranggiare.com/YgA4qA3.js
135.181.208.216200 OK 0 B URL HTTP/2 asg.phukienthoitranggiare.com/YgA4qA3.js
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /YgA4qA3.js HTTP/1.1
Host: asg.phukienthoitranggiare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.javhdporn.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 23:22:26 GMT
content-type: application/javascript
last-modified: Tue, 13 Dec 2022 09:50:49 GMT
etag: W/"63984af9-29f99"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
vary: Accept-Encoding, Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2f7792bdc67f7953e2dce93aea1bb9ee.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: qrCPDCplKU9FYasIPB3pPvnpXb4O3WdmV1qkaG6x9oZHFZHq18mJJw==
age: 1871756
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
static.javhd.com/h5/files/css/style.css
185.76.9.21200 OK 0 B URL HTTP/2 static.javhd.com/h5/files/css/style.css
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /h5/files/css/style.css HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhdhello.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:28 GMT
content-type: text/css
last-modified: Wed, 25 May 2016 08:29:12 GMT
etag: W/"57456258-7bd"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRTejiX/4843AQ
x-77-nzt-ray: af5856302505c87c3439c3632668ed1b
x-cache: HIT
x-age: 20434659
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
static.javhdhello.com/h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff05f0809-755f-4570-b3a2-fa8be883cea3%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D126401%26cv4%3D252407%26cv5%3D847494%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIxOTQwfQ
185.76.9.21200 OK 0 B URL HTTP/2 static.javhdhello.com/h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff05f0809-755f-4570-b3a2-fa8be883cea3%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D126401%26cv4%3D252407%26cv5%3D847494%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIxOTQwfQ
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2Ff05f0809-755f-4570-b3a2-fa8be883cea3%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D126401%26cv4%3D252407%26cv5%3D847494%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIxOTQwfQ HTTP/1.1
Host: static.javhdhello.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trackwilltrk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:28 GMT
content-type: text/html
last-modified: Wed, 20 Apr 2022 13:56:46 GMT
etag: W/"6260111e-c86"
expires: Fri, 25 Nov 2022 19:29:46 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1674598422
server: CDN77-Turbo
x-77-nzt: AblMCRToYj3/Hm4aAA
x-77-nzt-ray: af5856302505c87c3439c363b138340d
x-cache: HIT
x-age: 1732126
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/rtb/social/facebook/1-1/js/jquery-3.2.1.min.js
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/rtb/social/facebook/1-1/js/jquery-3.2.1.min.js
IP 172.64.166.9:0
GET /sb/notifications/rtb/social/facebook/1-1/js/jquery-3.2.1.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 23:22:29 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 12:11:21 GMT
etag: W/"628ccb69-1fa27"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 731914
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BlbZAkp41CohoEwiXB%2FZ2CthbJDF78UW40G82OsfMFUDDDPF45gI3PvvipIVdlNDxCxIkJtVS9U0xDDPLHRZdkbi3A6mDn2HNTWPIUPUGVg9rgxTFF%2FERvxXVsdpbXaH6hKYCzqHoJi4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 789a1d2d3ccb073a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2