Overview

URL gaypornhdfree.com/mochi-mochi-mochimochisosweet/
IP104.21.89.7
ASNCLOUDFLARENET
Location
Report completed2022-10-05 21:21:51 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-05 2 upgulpinon.com/1?z=5030496 Malware
2022-10-05 2 upgulpinon.com/27/450b06a884c3c0c41762684f20f35afe Malware
2022-10-05 2 gettlucksurvey.top/js/survey-site.js Phishing
2022-10-05 2 gettlucksurvey.top/css/survey.css?v=1 Phishing
2022-10-05 2 gettlucksurvey.top/js/binom-pixel.js Phishing
2022-10-05 2 gettlucksurvey.top/js/config.js?v=8 Phishing
2022-10-05 2 gettlucksurvey.top/js/data/rtc.js?v=1 Phishing
2022-10-05 2 gettlucksurvey.top/js/survey.js?v=14 Phishing
2022-10-05 2 gettlucksurvey.top/img/icon-survey.svg Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-10-05 2 passedofferundertake.com Sinkholed
2022-10-05 2 passedofferundertake.com Sinkholed
2022-10-05 2 prawnsimply.com Sinkholed
2022-10-05 2 tovanillitechan.com Sinkholed
2022-10-05 2 alleviatepracticableaddicted.com Sinkholed
2022-10-05 2 tovanillitechan.com Sinkholed
2022-10-05 2 banquetunarmedgrater.com Sinkholed
2022-10-05 2 tovanillitechan.com Sinkholed
2022-10-05 2 dictatepantry.com Sinkholed
2022-10-05 2 prawnsimply.com Sinkholed
2022-10-05 2 prawnsimply.com Sinkholed
2022-10-05 2 prawnsimply.com Sinkholed
2022-10-05 2 prawnsimply.com Sinkholed
2022-10-05 2 fleraprt.com Sinkholed
2022-10-05 2 interstitial-08.com Sinkholed
2022-10-05 2 interstitial-08.com Sinkholed
2022-10-05 2 interstitial-08.com Sinkholed
2022-10-05 2 tovanillitechan.com Sinkholed
2022-10-05 2 interstitial-08.com Sinkholed
2022-10-05 2 unphionetor.com Sinkholed
2022-10-05 2 unphionetor.com Sinkholed
2022-10-05 2 unphionetor.com Sinkholed
2022-10-05 2 oblongseller.com Sinkholed
2022-10-05 2 unseenreport.com Sinkholed
2022-10-05 2 unseenreport.com Sinkholed
2022-10-05 2 unphionetor.com Sinkholed
2022-10-05 2 unphionetor.com Sinkholed
2022-10-05 2 oblongseller.com Sinkholed
2022-10-05 2 interesteddeterminedeurope.com Sinkholed
2022-10-05 2 dictatepantry.com Sinkholed
2022-10-05 2 oblongseller.com Sinkholed
2022-10-05 2 unseenreport.com Sinkholed
2022-10-05 2 unseenreport.com Sinkholed
2022-10-05 2 unphionetor.com Sinkholed
2022-10-05 2 interstitial-08.com Sinkholed
2022-10-05 2 tovanillitechan.com Sinkholed
2022-10-05 2 interstitial-08.com Sinkholed


Files

No files detected



Passive DNS (83)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS interstitial-08.com (6) 0 2022-04-01 10:45:21 UTC 2022-10-05 18:00:28 UTC 139.45.197.151 Unknown ranking
mnemonic passive DNS testingmetriksbre.ru (1) 0 2022-06-30 21:55:42 UTC 2022-10-05 16:47:15 UTC 104.26.0.119 Unknown ranking
mnemonic passive DNS 2.bp.blogspot.com (1) 11071 2013-07-04 03:01:31 UTC 2022-10-05 17:50:22 UTC 142.250.74.161
mnemonic passive DNS q324op.dood.video (1) 0 2021-11-03 00:25:26 UTC 2021-11-03 00:25:27 UTC 152.228.250.225 Domain (dood.video) ranked at: 199610
mnemonic passive DNS q.xmlrtb.com (1) 57283 2021-10-01 06:16:02 UTC 2022-10-04 10:32:19 UTC 172.64.174.5
mnemonic passive DNS hqq.to (13) 57515 2020-08-28 22:24:15 UTC 2022-10-05 02:04:11 UTC 190.115.19.71
mnemonic passive DNS banquetunarmedgrater.com (1) 0 2022-08-04 15:12:50 UTC 2022-10-05 16:12:14 UTC 173.233.137.60 Unknown ranking
mnemonic passive DNS littlecdn.com (7) 11785 2019-06-04 10:44:02 UTC 2022-10-05 19:41:24 UTC 172.67.10.98
mnemonic passive DNS img.doodcdn.co (2) 0 2022-05-04 14:24:45 UTC 2022-10-05 13:43:45 UTC 104.26.7.74 Unknown ranking
mnemonic passive DNS cagothie.net (3) 198368 2021-07-06 02:00:26 UTC 2022-10-05 16:18:03 UTC 139.45.197.238
mnemonic passive DNS my.rtmark.net (2) 9054 2017-08-22 14:11:49 UTC 2022-10-05 12:17:08 UTC 139.45.195.8
mnemonic passive DNS 4.adsco.re (1) 19179 2021-01-04 16:47:52 UTC 2022-10-05 17:52:02 UTC 162.252.214.5
mnemonic passive DNS mc.yandex.ru (5) 2672 2017-01-29 05:34:36 UTC 2022-10-05 18:54:31 UTC 87.250.251.119
mnemonic passive DNS r3.o.lencr.org (26) 344 2020-12-02 08:52:13 UTC 2022-10-05 07:13:38 UTC 23.36.77.32
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-05 06:03:19 UTC 34.160.144.191
mnemonic passive DNS gphd-cdn.com (8) 379186 2019-04-02 01:26:05 UTC 2022-07-10 02:30:34 UTC 104.21.1.154
mnemonic passive DNS gettlucksurvey.top (10) 0 2022-08-12 19:07:00 UTC 2022-10-05 17:57:41 UTC 104.21.75.187 Unknown ranking
mnemonic passive DNS pagead2.googlesyndication.com (1) 101 2021-02-20 15:52:05 UTC 2022-10-05 17:26:37 UTC 142.250.74.162
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-05 14:02:21 UTC 54.230.111.118
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-10-05 16:07:29 UTC 93.184.220.29
mnemonic passive DNS popxperts.com (1) 271576 2022-02-09 21:51:54 UTC 2022-10-04 10:32:21 UTC 172.67.145.76
mnemonic passive DNS cdnjs.cloudflare.com (2) 235 2020-10-20 10:17:36 UTC 2022-10-05 11:30:49 UTC 104.17.25.14
mnemonic passive DNS blockadsnot.com (1) 32896 2020-04-28 15:35:52 UTC 2022-10-04 08:14:07 UTC 208.95.112.254
mnemonic passive DNS c12n8tsd26cg.s4.adsco.re (1) 0 No data No data 185.200.116.90 Domain (adsco.re) ranked at: 8541
mnemonic passive DNS unseenreport.com (4) 0 2022-03-30 14:33:17 UTC 2022-10-05 12:48:39 UTC 192.243.59.13 Unknown ranking
mnemonic passive DNS cdn.sb4you1.com (3) 22321 2021-09-16 11:26:58 UTC 2022-10-05 17:57:22 UTC 172.64.201.2
mnemonic passive DNS unpkg.com (3) 11693 2016-01-07 23:26:01 UTC 2022-10-05 11:44:09 UTC 104.16.126.175
mnemonic passive DNS ocsp2.globalsign.com (1) 1544 2012-05-21 07:12:19 UTC 2022-10-05 11:38:31 UTC 104.18.20.226
mnemonic passive DNS dozubatan.com (4) 33479 2021-05-18 14:02:27 UTC 2022-10-05 17:16:26 UTC 139.45.197.237
mnemonic passive DNS oblongseller.com (3) 0 2022-09-20 01:30:42 UTC 2022-10-05 17:18:40 UTC 192.243.59.12 Unknown ranking
mnemonic passive DNS xml.poprtb.com (1) 69835 2020-08-26 07:08:21 UTC 2022-10-05 17:57:21 UTC 174.137.133.17
mnemonic passive DNS googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-10-05 20:13:00 UTC 142.250.74.130
mnemonic passive DNS s3t3d2y8.afcdn.net (8) 0 2022-08-08 22:22:56 UTC 2022-10-05 14:15:55 UTC 185.76.9.21 Unknown ranking
mnemonic passive DNS zap.buzz (2) 54791 2019-02-21 18:56:19 UTC 2022-10-05 10:08:56 UTC 104.21.53.136
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-10-05 08:04:56 UTC 31.13.72.12
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-05 12:33:02 UTC 34.120.237.76
mnemonic passive DNS 6.adsco.re (1) 17812 2018-01-15 04:15:29 UTC 2022-10-05 17:52:02 UTC 104.17.166.186
mnemonic passive DNS c12n8tsd26cg.n4.adsco.re (1) 0 No data No data 38.132.109.186 Domain (adsco.re) ranked at: 8541
mnemonic passive DNS media.bigbasketshop.com (1) 644547 2021-05-27 13:11:29 UTC 2022-10-05 14:57:06 UTC 104.21.86.113
mnemonic passive DNS www.blockadsnot.com (1) 75043 2020-04-18 18:59:38 UTC 2022-10-05 18:33:15 UTC 185.76.9.19
mnemonic passive DNS syndication.realsrv.com (4) 9112 2019-07-03 21:39:52 UTC 2022-10-05 10:32:47 UTC 95.211.229.245
mnemonic passive DNS e1.o.lencr.org (19) 6159 2021-08-20 07:36:30 UTC 2022-10-05 11:38:43 UTC 23.36.76.226
mnemonic passive DNS interesteddeterminedeurope.com (1) 0 2022-09-20 01:29:11 UTC 2022-10-05 12:14:00 UTC 192.243.61.225 Unknown ranking
mnemonic passive DNS cdn.yourwebbars.com (2) 62037 2021-01-29 17:47:27 UTC 2022-10-05 18:11:33 UTC 104.26.7.19
mnemonic passive DNS jaygay.to (2) 0 2021-04-18 10:26:43 UTC 2022-09-02 12:59:10 UTC 104.21.7.180 Unknown ranking
mnemonic passive DNS addresseepaper.com (1) 18169 2021-11-01 21:11:31 UTC 2022-10-05 12:48:38 UTC 172.64.192.5
mnemonic passive DNS www.stormberg.com (1) 0 2017-01-30 05:07:01 UTC 2022-10-05 07:15:04 UTC 172.64.151.217 Unknown ranking
mnemonic passive DNS upgulpinon.com (5) 83187 2020-06-05 12:59:18 UTC 2022-10-05 16:47:24 UTC 139.45.197.242
mnemonic passive DNS offerimage.com (1) 304078 2019-06-10 11:11:53 UTC 2022-10-05 16:23:34 UTC 104.22.33.172
mnemonic passive DNS i.doodcdn.co (4) 0 2022-05-04 14:24:43 UTC 2022-10-05 13:43:41 UTC 104.26.7.74 Unknown ranking
mnemonic passive DNS ocsp.sectigo.com (5) 487 2018-12-17 11:31:55 UTC 2022-10-05 15:14:22 UTC 172.64.155.188
mnemonic passive DNS simplewebanalysis.com (4) 0 2022-02-25 04:06:25 UTC 2022-10-05 19:49:23 UTC 52.28.21.152 Unknown ranking
mnemonic passive DNS q.cachegorilla.com (1) 313173 2022-02-16 19:27:42 UTC 2022-10-05 17:57:21 UTC 172.67.190.155
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-05 05:01:05 UTC 34.117.237.239
mnemonic passive DNS ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2022-10-05 06:59:18 UTC 142.250.74.3
mnemonic passive DNS prawnsimply.com (5) 0 2022-09-29 01:52:25 UTC 2022-10-05 12:48:45 UTC 173.233.137.36 Unknown ranking
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-10-05 11:30:49 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS cdn.popcash.net (1) 109877 2012-12-16 03:00:03 UTC 2022-10-05 18:34:21 UTC 151.139.128.11
mnemonic passive DNS tsyndicate.com (1) 13042 2017-03-16 09:04:54 UTC 2022-10-05 15:35:42 UTC 136.243.46.131
mnemonic passive DNS c.trackmytarget.com (1) 0 2014-10-08 02:52:34 UTC 2022-10-05 07:45:04 UTC 34.255.242.12 Domain (trackmytarget.com) ranked at: 149336
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-10-05 11:38:58 UTC 104.18.20.226
mnemonic passive DNS dictatepantry.com (2) 0 2022-09-19 02:25:15 UTC 2022-10-05 21:15:40 UTC 173.233.137.60 Unknown ranking
mnemonic passive DNS h4ahsm.cfeucdn.com (1) 92871 2020-06-03 02:05:18 UTC 2022-10-05 17:57:20 UTC 84.16.243.193
mnemonic passive DNS ocsp.sca1b.amazontrust.com (4) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.110
mnemonic passive DNS alleviatepracticableaddicted.com (1) 0 2022-07-05 09:49:47 UTC 2022-10-04 10:32:35 UTC 192.243.59.20 Unknown ranking
mnemonic passive DNS c.cachegorilla.com (1) 0 2022-05-03 12:36:00 UTC 2022-10-04 10:32:20 UTC 172.67.190.155 Domain (cachegorilla.com) ranked at: 254625
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-05 09:14:56 UTC 44.242.32.27
mnemonic passive DNS passedofferundertake.com (2) 0 2022-08-02 01:46:33 UTC 2022-10-05 21:16:04 UTC 192.243.59.20 Unknown ranking
mnemonic passive DNS fleraprt.com (1) 0 2022-01-14 22:55:14 UTC 2022-10-05 16:42:59 UTC 139.45.195.254 Unknown ranking
mnemonic passive DNS unphionetor.com (6) 54035 2022-02-11 12:53:49 UTC 2022-10-05 16:10:05 UTC 139.45.197.236
mnemonic passive DNS xml.revrtb.net (1) 398197 2019-01-31 22:15:28 UTC 2022-10-04 10:32:22 UTC 174.137.133.16
mnemonic passive DNS cngcpy.com (1) 390783 2021-07-13 14:46:45 UTC 2022-10-05 10:59:44 UTC 104.21.38.243
mnemonic passive DNS ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2022-10-05 10:10:40 UTC 192.124.249.24
mnemonic passive DNS tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-10-05 16:42:56 UTC 104.21.84.149 Unknown ranking
mnemonic passive DNS a.realsrv.com (3) 10080 2019-07-03 16:12:14 UTC 2022-10-05 09:30:08 UTC 205.185.216.42
mnemonic passive DNS dcba.popcash.net (1) 99174 2018-01-31 15:18:32 UTC 2022-10-05 11:22:37 UTC 3.219.99.78
mnemonic passive DNS c.adsco.re (1) 16577 2017-11-29 18:42:15 UTC 2022-10-05 17:52:02 UTC 104.17.166.186
mnemonic passive DNS dood.so (5) 28415 2020-11-19 08:06:03 UTC 2022-09-26 19:10:36 UTC 190.115.31.133
mnemonic passive DNS tovanillitechan.com (5) 0 2022-07-22 05:21:08 UTC 2022-10-05 16:39:34 UTC 139.45.197.239 Unknown ranking
mnemonic passive DNS adsco.re (1) 8541 2017-04-03 03:11:30 UTC 2022-10-05 17:52:03 UTC 162.252.214.5
mnemonic passive DNS i.doodcdn.com (1) 56705 2020-04-06 15:51:16 UTC 2022-10-03 12:11:21 UTC 104.21.34.210
mnemonic passive DNS gaypornhdfree.com (2) 107814 2016-09-06 12:01:38 UTC 2022-09-28 04:46:39 UTC 104.21.89.7
mnemonic passive DNS fonts.googleapis.com (2) 8877 2013-06-10 20:14:26 UTC 2022-10-05 17:39:00 UTC 142.250.74.10


Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 104.21.89.7

Date UQ / IDS / BL URL IP
2022-11-18 11:12:52 +0000
0 - 0 - 2 hoodlumgames.com/marvels-spider-man-miles-mor (...) 104.21.89.7
2022-11-18 09:04:58 +0000
0 - 0 - 10 www.vriupepk.ml/ 104.21.89.7
2022-10-05 21:21:51 +0000
0 - 0 - 46 gaypornhdfree.com/mochi-mochi-mochimochisosweet/ 104.21.89.7

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-11-28 12:37:05 +0000
0 - 0 - 16 sh.st/st/44dcb565cd860c27a78bceebdffa534d/you (...) 104.26.6.218
2022-11-28 12:35:27 +0000
0 - 0 - 15 id9238319verify.com/ 172.67.129.45
2022-11-28 12:34:12 +0000
0 - 0 - 2 safeclk.fun/cash/mg/ 104.21.91.67
2022-11-28 12:34:01 +0000
0 - 0 - 15 www-imagefap-com.pornproxy.art/ 104.21.21.250
2022-11-28 12:32:27 +0000
0 - 0 - 2 vk-id54353432.ru/ 104.21.7.130

Last 1 reports on domain: gaypornhdfree.com

Date UQ / IDS / BL URL IP
2022-10-05 21:21:51 +0000
0 - 0 - 46 gaypornhdfree.com/mochi-mochi-mochimochisosweet/ 104.21.89.7

No other reports with similar screenshot



JavaScript

Executed Scripts (140)


Executed Evals (152)

#1 JavaScript::Eval (size: 744, repeated: 1) - SHA256: f80f22a1e628d9ebbb1d731aa2440efe2a67cbbbf9b4eed7e1664b459ae4114e

                                        function ZKZNt(e) {
    if (('isTrusted' in e) && (e.isTrusted) && (!eDLTMP || !WVQukRy)) {
        eDLTMP = !0;
        WVQukRy = !0;
        document.removeEventListener('mousemove', ZKZNt, passiveSupported ? {
            passive: true
        } : false);
        was_click = true;
        if (navigator.userAgent.toLowerCase().match(/wv/i)) {
            createcxt();
        }
        nfMOf = 'ef9222f1f02c3dba80c52f2086e874ea49684df3';
        XXicvQ = '1665004899';
        tFCyK = '595fc95c9497d577c46f5e474efd251d5c049cdf';
    }
}
document.addEventListener('mousemove', ZKZNt, passiveSupported ? {
    passive: true
} : false);
                                    

#2 JavaScript::Eval (size: 17, repeated: 1) - SHA256: e5ee82e31ec94cc385b3637227b4435f0547b3d0a4aa60cdda1d8fada4779df3

                                        screen.availWidth
                                    

#3 JavaScript::Eval (size: 20, repeated: 1) - SHA256: 1b0f9a28e673c21b9a668e2973157b075ac420eda7f39fd5727a77bb32b45ffe

                                        navigator.appVersion
                                    

#4 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 4b653dda0da63fbe970902ed9a8dc33f1f0555edd3d9f2ae1ad8ed9284632d72

                                        navigator.maxTouchPoints
                                    

#5 JavaScript::Eval (size: 24, repeated: 1) - SHA256: a097c9a52546fb53f0340afda7f34b4e47b836e551135e5ad0b5339ebb314a30

                                        window.opener.outerWidth
                                    

#6 JavaScript::Eval (size: 46, repeated: 1) - SHA256: 30f73e7f08c8e6a25fec00672f75fa725d3fa7a30bf847fb1dcb0115ec2f8607

                                        Intl.DateTimeFormat().resolvedOptions().locale
                                    

#7 JavaScript::Eval (size: 27, repeated: 1) - SHA256: c66fd00bf884bbcc3f43284fb1c86bcea447ce653124ca7b7202d0e5fd30ae08

                                        window.opener.location.href
                                    

#8 JavaScript::Eval (size: 46, repeated: 1) - SHA256: b1101545a9bed4591a67166c932701b5ec44cb1976bb9df3d584fa2ab8ba8245

                                        window.opener.screenY || window.opener.screenTop
                                    

#9 JavaScript::Eval (size: 32, repeated: 1) - SHA256: 8d8003d5d1afbb2b7118b1f14afe89138588ed08982c3e8ff31dd4123e7cb076

                                        performance.timing.responseStart
                                    

#10 JavaScript::Eval (size: 4, repeated: 1) - SHA256: aa0c292b18bdff8b7e90764b19acd5ade0348a738129a00fa0352412f706540e

                                        //
                                    

#11 JavaScript::Eval (size: 3523, repeated: 1) - SHA256: eff0da3fb869c8ba48826bf860d743ccc7f23d35f8d5c98fcf39409335738f44

                                        function makeid(t) {
    var text = "";
    var possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
    for (var i = 0; i < t; i++) text += possible.charAt(Math.floor(Math.random() * possible.length));
    return text;
}
if (typeof netu_player_datas !== 'undefined') {
    if (typeof netu_player_datas.height === 'undefined') {
        netu_player_datas.height = '450';
    }
} else {
    netu_player_datas = {
        'height': '450'
    };
}
if (typeof netu_player_datas !== 'undefined') {
    if (typeof netu_player_datas.width === 'undefined') {
        netu_player_datas.width = '720';
    }
} else {
    netu_player_datas = {
        'width': '720'
    };
}

function ch_video_sup() {
    var video = document.createElement("video");
    var mediasupport = {
        video: (video.play) ? true : false
    };
    return mediasupport.video;
}
var _0xf70b = ["x2E", "x69x6Ex64x65x78x4Fx66", "x73x75x62x73x74x72", "", "x6Cx65x6Ex67x74x68", "x25x75x30", "x73x6Cx69x63x65"];

function un(_0xf43cx2) {
    if (_0xf43cx2[_0xf70b[1]](_0xf70b[0]) == -1) {
        _0xf43cx2 = _0xf43cx2[_0xf70b[2]](1);
        s2 = _0xf70b[3];
        for (i = 0; i < _0xf43cx2[_0xf70b[4]]; i += 3) {
            s2 += _0xf70b[5] + _0xf43cx2[_0xf70b[6]](i, i + 3)
        };
        _0xf43cx2 = unescape(s2)
    };
    return _0xf43cx2
};
var isPhantom = !!window.callPhantom;
if (!isPhantom) {
    var isPhantom = !!window._phantom;
}
if ((!isPhantom) && (ch_video_sup())) {
    document.oncontextmenu = function() {
        return false;
    };
    document.onselectstart = function() {
        return false;
    };
    document.onkeydown = function(e) {
        e = e || window.event;
        if (e.ctrlKey) {
            if ((e.keyCode == '85') || (e.keyCode == '67') || (e.keyCode == '65') || (e.keyCode == '45')) return false;
        }
    };
    document.onkeypress = function(e) {
        e = e || window.event;
        if (e.ctrlKey) {
            if ((e.keyCode == '85') || (e.keyCode == '67') || (e.keyCode == '65') || (e.keyCode == '45')) return false;
        }
    };
    var domain_for_pl = 'hqq.to';

    function create_netu_player(vid_f, hash_from_f, type, id_netu_player_f, height_f, width_f) {
        if (hash_from_f) var GIDCOM = '<scr' + 'ipt>self.location="https://' + domain_for_pl + '/player/embed_player.php?vid=' + vid_f + '&autoplay=none&hash_from=' + hash_from_f + '"</scr' + 'ipt>';
        else
            var GIDCOM = '<scr' + 'ipt>self.location="https://' + domain_for_pl + '/player/embed_player.php?vid=' + vid_f + '&autoplay=none"</scr' + 'ipt>';
        var timer = setInterval(function() {
            var ZOXLP = document.getElementById(id_netu_player_f);
            if (ZOXLP) {
                var doc = ZOXLP.contentDocument;
                if (doc) {
                    var DWMZIA = ZOXLP.contentWindow.document;
                    DWMZIA.open();
                    DWMZIA.write(GIDCOM);
                    DWMZIA.close();
                }
            }
        }, 500);
    }

    function create_player_old() {
        var id = makeid(5);
        if (typeof netu_player_datas.vid !== 'undefined' && typeof netu_player_datas.hash_from !== 'undefined') {
            document.write('<iframe webkitAllowFullScreen mozallowfullscreen allowfullscreen scrolling="no" frameborder="0" height="' + netu_player_datas.height + '" width="' + netu_player_datas.width + '" id="' + id + '"></iframe>');
            create_netu_player(netu_player_datas.vid, netu_player_datas.hash_from, true, id, netu_player_datas.height, netu_player_datas.width);
            netu_player_datas = undefined;
        }
    }
    create_player_old();

    function create_player() {
        var list = document.getElementsByTagName("div");
        for (l = 0; l < list.length; l++) {
            if (typeof list[l].id !== 'undefined' && list[l].id !== '' && typeof list[l].children[0] === 'undefined') {
                try {
                    var o = JSON.parse(un('#' + list[l].id));
                    if (typeof o.v !== 'undefined') {
                        var id = makeid(12);
                        var ifr = document.createElement("iframe");
                        ifr.id = id;
                        ifr.style.width = "100%";
                        ifr.style.height = "100%";
                        ifr.setAttribute('webkitAllowFullScreen', '');
                        ifr.setAttribute('mozAllowFullScreen', '');
                        ifr.setAttribute('allowFullScreen', '');
                        ifr.setAttribute('frameBorder', '0');
                        var name = list[l].getAttribute("name");
                        if (name) {
                            ifr.setAttribute('name', name);
                        }
                        list[l].appendChild(ifr);
                        create_netu_player(o.v, false, false, id, netu_player_datas.height, netu_player_datas.width);
                    }
                } catch (e) {}
            }
        }
    }
    create_player();
}
                                    

#12 JavaScript::Eval (size: 20, repeated: 1) - SHA256: 3688d7e88d248ea850c456f0233738d10695a410a3dec97785ca7422c3f562c1

                                        document.innerHeight
                                    

#13 JavaScript::Eval (size: 17, repeated: 1) - SHA256: c66ced51cafdeb3a9e3544b0b2e7de4c955a4cd347c4d7b5d74f36923df5a7bd

                                        navigator.product
                                    

#14 JavaScript::Eval (size: 29, repeated: 1) - SHA256: a9dc93ae3dc52ac584bff8e382bf1db1f87b8e3a54243eae8d1e3badb180e834

                                        navigator.connection.downlink
                                    

#15 JavaScript::Eval (size: 29, repeated: 1) - SHA256: cb6f5b3573826ffd9a881e026fd85eb842d31266833666399582737149c5fc14

                                        navigator.connection.saveData
                                    

#16 JavaScript::Eval (size: 20, repeated: 1) - SHA256: fc0d820f6f6693ccd6462b02714dcea358f75a12b72a7fe3f38e24168433f487

                                        var bar = (x) => x + 1
                                    

#17 JavaScript::Eval (size: 10, repeated: 1) - SHA256: f73e4e03067983dd5196907f86c9020b174651f1bd0b5d291b217dc927ff068f

                                        screen.top
                                    

#18 JavaScript::Eval (size: 32, repeated: 1) - SHA256: 90190e51d410f9862884d5984262f9e1b8e46dd1010b50f1c22c9ef3fa1565fc

                                        window.opener.offscreenBuffering
                                    

#19 JavaScript::Eval (size: 12, repeated: 1) - SHA256: 27f88609267c27a6f4e778dcb686f1f2fdf0f4f7cd29ad34826b916266ae45a8

                                        window.close
                                    

#20 JavaScript::Eval (size: 12, repeated: 1) - SHA256: 4ab4edee422a7a6e621718d1ae7180b13ba13f18c0ce3e7e3e26fd68e57e119c

                                        class Foo {}
                                    

#21 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 15eb7e222abfc64660d0f94c04053839498df20ea9ac9a13a201701a56ce3bf6

                                        typeof window.chrome.csi
                                    

#22 JavaScript::Eval (size: 26, repeated: 1) - SHA256: 7510742fba4d25113b6124987e97cba40776bc5030a6a3678974dc8ba075bf81

                                        window.personalbar.visible
                                    

#23 JavaScript::Eval (size: 13, repeated: 1) - SHA256: 56e57af29d4af8b1fb7008dbfdf84a764970a6673f1f19165f1a8498ce903d93

                                        screen.height
                                    

#24 JavaScript::Eval (size: 25, repeated: 1) - SHA256: de1b699e93a44c66a069974d1603aee656a6e063b19b8bbf5b09946a3a1b9904

                                        window.opener.innerHeight
                                    

#25 JavaScript::Eval (size: 6, repeated: 1) - SHA256: 44ff7b02c80d38b26dd6aa31d9470aed81b32e10331a3c994fb1a9945fd847ba

                                        window
                                    

#26 JavaScript::Eval (size: 23, repeated: 1) - SHA256: 2ef7ca07ed70c4ffbc59b1d3fa8df8cd2be1bfc66d1604246926066c9f44fd0c

                                        screen.orientation.type
                                    

#27 JavaScript::Eval (size: 12, repeated: 1) - SHA256: bc1a6bd7f4ddbcd78987ea609d4595bdf2422cb1be9e85af5d6c199f62000d6c

                                        screen.width
                                    

#28 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 9094a3d888951e5671f4b6dce42ef291cd071cb196d8761fef42c010ecf5b142

                                        navigator.plugins
                                    

#29 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 6e880572810251d722d33109fc0420864f46d69522d25a1df47338c553e38e07

                                        window.isSecureContext
                                    

#30 JavaScript::Eval (size: 16, repeated: 1) - SHA256: cd74e6a3b779a514972758fa195725f40176261af18fbcd246e5f401a3ecf849

                                        screen.availLeft
                                    

#31 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 13871edf9ac7e58046d0f0d03811464e388c3f2323eebc6b61954c79dc883459

                                        screen.deviceXDPI
                                    

#32 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 13e19bbb45d0bb1d1915240763b5bca4ddef99d01edd749954115168c7842c9c

                                        navigator.buildID
                                    

#33 JavaScript::Eval (size: 540, repeated: 1) - SHA256: 64484bee759ffebab3fcd44da43a0c14ecfc9dc82b799fa2afc19d3b0b2605c3

                                        //
;
eval(function(w, i, s, e) {
    for (s = 0; s < w.length; s += 2) {
        i += String.fromCharCode(parseInt(w.substr(s, 2), 36));
    }
    return i;
}('1b1b0d0a', '', '', ''));;
eval(function(w, i, s, e) {
    for (s = 0; s < w.length; s += 2) {
        i += String.fromCharCode(parseInt(w.substr(s, 2), 36));
    }
    return i;
}('1b1b0d0a1n2t3a2p30142u39322r382x3332143b182x1837182t153f2u333614371p1c1n371o3b1a302t322v382w1n37171p1e153f2x171p2b38362x322v1a2u3633311v2w2p361v332s2t14342p36372t213238143b1a37392q3738361437181e15181f1i15151n3h362t383936320w2x1n3h14131d2q1d2q1c2s1c2p1318131318131318131315151n', '', '', ''));
                                    

#34 JavaScript::Eval (size: 14, repeated: 1) - SHA256: 28d9693460ce57dd4e01742e50a1baa10cbed3fa6c20c2a69f02424f80fb9a2e

                                        !(top == window)
                                    

#35 JavaScript::Eval (size: 25, repeated: 1) - SHA256: 02665a4c106fc96e71ef5a17511cf353ec3f5cccb82ec9fce719b23967728897

                                        typeof window.WebAssembly
                                    

#36 JavaScript::Eval (size: 22, repeated: 1) - SHA256: e924fcaf65b8ea057cb30e32bbdf04fdafe2bde622539d6d1abc466b050917d5

                                        navigator.userLanguage
                                    

#37 JavaScript::Eval (size: 34, repeated: 1) - SHA256: 9e0e45f2f824eefaed5af40bcadf2c0ce7943df52cda4c3d67ddb03583418dab

                                        window.ScriptEngineMinorVersion();
                                    

#38 JavaScript::Eval (size: 50, repeated: 1) - SHA256: 203d92af34680f7fe84b0047f738fae4e2d401f5d28af8d70f067dc77f5acb6a

                                        window.external.getHostEnvironmentValue("os-sku");
                                    

#39 JavaScript::Eval (size: 37, repeated: 1) - SHA256: 998158f6df4183edd82539e6dc971d32f50bc7ee075f64d4abc46d3011a9da27

                                        document.documentElement.clientHeight
                                    

#40 JavaScript::Eval (size: 17, repeated: 1) - SHA256: b4a3a83fe09d48db0c0b4416fefb19af5f9e069c12d2af8793a18f159574bb79

                                        window.outerWidth
                                    

#41 JavaScript::Eval (size: 18, repeated: 1) - SHA256: c1fcce173bd0b08415367c934d5db7c4ed130c7f83a485c91682873bff2954ee

                                        screen.availHeight
                                    

#42 JavaScript::Eval (size: 16, repeated: 1) - SHA256: d17194a96291e963420dd3361221101c8fdb7d8d382fc8993563576d3fd29dd6

                                        navigator.vendor
                                    

#43 JavaScript::Eval (size: 13, repeated: 1) - SHA256: 32c6c6c6d07bb5224356b89b5de1adc4c02b1f7b2f464830005443afc6624e85

                                        window.google
                                    

#44 JavaScript::Eval (size: 29, repeated: 1) - SHA256: d01a385e50e8e57c5f15bc18b82e1304ed42dcbe38967d66a30a786e39ed847b

                                        performance.timing.connectEnd
                                    

#45 JavaScript::Eval (size: 138, repeated: 1) - SHA256: 66ee2b5817289c79a8012cfc552aaadbd84cb5d23017246a10de5b4fe4035bdd

                                        //
;
eval(function(w, i, s, e) {
    for (s = 0; s < w.length; s += 2) {
        i += String.fromCharCode(parseInt(w.substr(s, 2), 36));
    }
    return i;
}('1b1b0d0a', '', '', ''));
                                    

#46 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 89e4c05e12e12f5bdf85a4fb89bad572dd85256091add09fdb9c6e42e703e2bb

                                        document.visibilityState
                                    

#47 JavaScript::Eval (size: 41, repeated: 1) - SHA256: af18ee7d06fe2ee2da28af260ea0c78923664ecbc220f3ce395c50b1822dab7a

                                        window.performance.memory.jsHeapSizeLimit
                                    

#48 JavaScript::Eval (size: 17, repeated: 1) - SHA256: f8b516a2a0538b8599ab0452be3f3aa473cf3b0c510275d0a30565cefd564701

                                        screen.pixelDepth
                                    

#49 JavaScript::Eval (size: 18, repeated: 1) - SHA256: 793401a4baa2fb67b2049b633d5ebb8c25d2dc67d41071aabd7c180ddbdd2599

                                        navigator.cpuClass
                                    

#50 JavaScript::Eval (size: 31, repeated: 1) - SHA256: 043b61c407c6f51e3a4ee18efee76fac227501d805df309988fc1494ae0a30dc

                                        performance.timing.connectStart
                                    

#51 JavaScript::Eval (size: 18860, repeated: 1) - SHA256: b6854a9f9b767e48d58cb0ed7a1626da05055fdfebebd363121b2db5f2a6bc1e

                                        ;
eval(function(w, i, s, e) {
    var lIll = 0;
    var ll1I = 0;
    var Il1l = 0;
    var ll1l = [];
    var l1lI = [];
    while (true) {
        if (lIll < 5) l1lI.push(w.charAt(lIll));
        else if (lIll < w.length) ll1l.push(w.charAt(lIll));
        lIll++;
        if (ll1I < 5) l1lI.push(i.charAt(ll1I));
        else if (ll1I < i.length) ll1l.push(i.charAt(ll1I));
        ll1I++;
        if (Il1l < 5) l1lI.push(s.charAt(Il1l));
        else if (Il1l < s.length) ll1l.push(s.charAt(Il1l));
        Il1l++;
        if (w.length + i.length + s.length + e.length == ll1l.length + l1lI.length + e.length) break;
    }
    var lI1l = ll1l.join('');
    var I1lI = l1lI.join('');
    ll1I = 0;
    var l1ll = [];
    for (lIll = 0; lIll < ll1l.length; lIll += 2) {
        var ll11 = -1;
        if (I1lI.charCodeAt(ll1I) % 2) ll11 = 1;
        l1ll.push(String.fromCharCode(parseInt(lI1l.substr(lIll, 2), 36) - ll11));
        ll1I++;
        if (ll1I >= l1lI.length) ll1I = 0;
    }
    return l1ll.join('');
}('dab6a1u2z2a273139162622161o1a2u27161f3w1c3w29341v3w2s3o3u373b3p353917161g27332m142c1r2e172f1b1d1m1d1l3e1d1g1j3e1i1d1i2d1g1c1i3e111e1p2e191d1l3c1i1e1s1g1b1c1r1e1d1d1o3g1e1e1a3e1b1d191e131g171g1j1e1q1e161e1h1g1j2e1j2c1i1c1x1d1j1g1d3f112c1g2d1t3c162f1e1e1e1c1g1c1g1c113f1o3g1f3e1f3e1d1e1f2e1b1g1j3c1v3e1j1e132e1i3g1o1d1f3e1c3e1i3e1g2f1i3d1l1d1f3c181g1c3f131c1g3d1h1d1h1f1c1g1f2c1k1d1k1e1f1e1s1e1t2c1i3e1j3e1k1g1a3e1v1c1t3c162d1q3e1d2g1t3c1h2c1t2c1k2e1t2e1h2c1u2c1v2c1r2e142e1s2c102c1t2c1j2e1t3e1k2c1v2c1w2c1r1e152g1t2c1g2d1t3c1q2g1t2e1o2c1u2c1f2c1r2e1f2f1r2c1a2e1t2c1f2f1t2e1w2e1v2c1q2d1s1e1w2e1t2c1q2e1u1c1w2g1t2e1i2e1t2c1w2e1t2e1x2g1s2c1u2c1t2c142f1t2e1z2e1v2c102c1r2e1x2e1r3c1x2c1t3c1b2e1r2e1d2d1v2c1l2c1t2e1w2e1q2c1s2e1v3c1u2e1r3e1g2d1u1c172e1r3e1f2e1r3c1v2c1t2c1t2e1r2e1t2c1t2c1x2e1e1e1e1e1e1c1g1c13121214141x2933333w351w371g25222o193x3c1d3o00111m272z3o2o252e2o2m2y233a1e23211g2e29361c2v3u1z3z1o360y1z3z3b213x2z39381a2x3s1z211m21162t212n112038251q27333c162z2x233c1y3s291z1z3a231s25332e1421261w121z161z133x392q172z261s3u2t2z2p1z3w243c153v3b2o172134121z1m251z3w261z3w26113u26113u2q2z39233v2e29213x29233v2520393x2c1z112235143o02302e293w141m2e1b3o013z2m221z211m211z1z2u27112z1d3b3v2e181w12302x3u2s353c121z1c1o1z153v27231t322o12252522332c1826352z1d1g182e143z281w11101z223s291z101o3s370z3z243316331p2u2d1g3d1k2g1p3e1b1d143c1e1d1o2f1v3f1c1e1i2e1t2c103g1g3e121e1j1e1a3e1h3f1g3f1e1c1j3d1g3c1k1g103g1f1e1f3d163c181f1a1g1b1d1s3d1r3d141f161g123d141d1d1c1w1f1i1f121e1b3e1x1c1g1g163g1i3d141d1a1d1s1d1j3g173c1k3c1a1d1e2g163g1q1c1r2d1w1d1s3f122f112c193d181d1j1g193g163e183d1g3d1d2g151g1k2d1g3e163e191g1i1g141e1m3c1k2d142e1p2e1r2c1r3b1t2c1r2e1b2e1r2c1r3b1t2c1r2e1p2e193d1l3e181d1r2f103e103e153c1j2d1r3g142e1r2d123c1t2c1g2f1p2g1r3d101c1v3e153f1t2f193c1c1c1t2d1o1f1h2g1i3e162e1e3e142g1k3f1k3d1j3e1w1d141e1a1e141c1g3d1m1c123g1e1g1o1c1f3e1q1d1e2f1c3g123e1m1d1l1c161e161d1j2d1d1e1u2c161e162g1f3d1c3d1h1d183e122e1g1e181c1x1d173e1t3g1f3c1h3e1b1c172f1d3g1j2d1e1d1x1e1p1f1k1f1u1d1s3c1y2c181f1v1g1b3d1f1e1r2e142e1i1f182e173e1k3c1p1f1i1f1k1e1f3c143e1i3e163g123d1k3d1m3d1u1f171f1i1c1f3c1i1e1f1g191e1j1d1f1c1e3c181f1k1g1f3d1e1e161c1b1g193f121c1i1e141b1b3g1c3f1j1c151c161c1k3e1d3f121c1s2e143d1b2f1k3e1o1d1f3c1h3e1p3f121g1p1e1c1e1d2d163g1i3f1s1d1k1d143d1v1g153f1p1d1f1e1b1c1i2f1v1e1k1d1q1e1m2d1f1e1f3g181c121d1e3c1w2e1j1g1i1d1s3d1w1d143e1a1g1b1d1s3d1r3c1e3g1c2f1e2e183e1d3d1c1g1a3e163e1c1c163d1k1g1d1f1f1e1f3d161d1j3g1g3g1e3e153e1f3d1d1g1d3f143d1j3d161d1g2g1i1f1j3d1j1b1e3d123g163g1i3e141d1l3c1o1g153e1b1e1l3c1q3e173e181f1g2e1k2d1j3e141f1h1f182d1k1d143c1e3g163g181e1f1d1f1d1c3g1p1g173c1g2d1l3e121g1i3f1j1c142d1g1c1k3f121g1f1e103d1g2c1e3g1f1g1b1d143e1d3e103e1e1g1p3c181d1r3d1b3e1k3f1f1e1i1c1a1d1d1f1a3e1p2d173c1f3c1c3f122e191e1i2d1a3c1q1f161e191e1i2d1h3e1c3f1i1f1j3e1l1d1s3d181e171g1i2d1i3e1k1c141g1a2f1k1d181e141d1u1g1i3g1f1c1d3d101e173f1g3f121d1s1c163d183g103f141d1b1e1e3d142f103g182e183e1a1e122s193f1b3d1u1e163d1f3g183e1c1d1q2d173d1b1g1k2g1r2c121e1e3c1j1g1g1f141e1k3e1j3e1f1g1c3g1i1e1i1e1e1e1b1f1s3f1a1e1c3c1i1e183g1i3f163c1l3d1h1e1c3f143f122c183e143d141g1c1e1p3d1s1b1q1e173d1o3f1d3c183d1i2e1k1f141g1a3c1k1d141e173e123g163d1i3d1h3d1y1e1e3g103e1g2d1e1d1d1f1k3g1e3d121e161e1u3g1c1g1f1d1f2e1k1d1o1g173g103c1d3c123c1w2e1x3e1u2c1v2c1f3c1c2e1z3e1u2c1u3c1w2d1e3g1g2e1r3c193c1t2d1g2e1r3e103c142c1v2d1y2e1t2f1w3e143d1x2d193e1c2g122c1w3e182c1r2f1c1e173c183d1j1e1b2e1t1g1i1e1c1e161d1d3d1b1g123d1k3b192e1k3f1c1f1b1d1c1e1j2e181g1k1f173d1h3e1b1c1f1g1e3f123e1c1e1q3d123f1e1g1d3e1c1c1a2e1p3g1g3g1q3c1e3d1h1e1p2g142e163c142c1i1e181e1i1g1d3e163e1d1d193f183f1a1c1e3c1m1e193g1f3e1f1c1a3c1h2d1s3e1w2e161d1v1e1k3e1w1g1d1f1e1e1f3e1h3d121f1s1f1i1d1d1e1e1e1c3f183f1a3d193d1h3e1b3f1j1e131c141c1m3c1f3f121e1q2e123d1d2d1p3e1o1f1d1d191c1l3e1j3g1j1e1d2b1b2e1d1c1i1g181g1a3d1j2c163e1c2g1i1f1d3c163c191c1f3e182f1d1c1i3d1a1d1c1f1e2f1h1d1d1d1e3e173g123f1f3d1k2e181d1f3g1o1e151e1b2c1x2e1e3f171f192c181c1f2d1b3f1u1e1h1e1w1e181b143g1i3e123c181c1i1e183g1i3f1a3c181d1m3d1k1f121g1h3e141d1a1d1d1g183f163d1f2e183b141f1j3g1d3d1i1e1e1c1d1g1i1d193e1j1d1u3d1p3f1d3g1d3e141d1l3e1d3d173e1g3c1i1d1q1e1e1g183g1k1d1g2e1m2d191g1k1f1e2e1k2d1m3e141f1j3g1c2e183e1q3d123f123f1d1d1k1d1m1d1g1g1j3f1c3e1d1c1c1c1p3g143g1k1e1j2d1i3e1y1f1f3f151d1f3b1h1e1b1f163g1p3c181d1m2d141e1j1e1h1d1c1d1u1b1c1g1c3e1g3e1c2c1k3c1o1e143f1i3e1d3e163d1k3g1b2e1a2e1m3d1u1c1p1g153e1c3d1l2e1h1c1p1g153e161c1q3e1h3e1k1f183g1j2e1f1c1r1e153e1d1f1i1c1b1c1m3d1k3g1d1d173d191e1k2d141g1h3g1y1d1b3d143e183g1i1e1h3d1c1e1e3d143f1k1f1q3d1m3d1y1d1u2f1k1f1e221k1i1g3e1b3g141g1b3b1j1c1c3d1g1f1s2f153d1d1e1r2c1v2e1f1g1p3c1h2c1l3d141f1p1g1i1e1g1e1e1e1h1g1b2e1e1e183d1k3d141f181f1q1b1l1e193c1a3e173f1s1d1s3d1r3d1v1g1j1g1d3d142d1d3c1w3e183f1e2e1k3c193d1u1g193g121d1j3e161d181g123f121e1b3c1y1e1o3g173e1a3c1r3d1m1d1c1g1h3d163d1e3d1e1e1p3d141f1j1e1c1c1a1d1k3f181g193d1g1e1h2e1r2e1t1g1v2e1y2e1m2e1x2g1y1d1v2e1x3e1m2e1u1g1x2g1v3d1k1e1t2d1u1e1u2f1w3d1r3d1j2c1r2g1r2f103c102c143c101e123g143c1r2d162c1r2f1j2e1r2d1y3d1w3c1u2g163g101e1r2d141d141e1c1e1d3e1c3e1g1e1b1f1d3f1o1d1d3c1l3e1e3f181g1f1e1k1e1t3e1e3g1i1g1d3c1l1c1a3e1k1f1e2f1c3e123e1r1e1e1f1e1f1t1e1m1d1r1d1u1f1s3e1u2c181d1z1e1b3f1f1g1k2e142c1m1d182f1d1g1q3e1e3e1w3e171g121e1d2e1g1e1a1c1v1f173e1t3e1f3c1j1c1a3e1f1g191d121d1e3e141e121g193e183d1k3d143g192f101d1s3c1c3c1k3g1b3f102e1b1c1k1e181g1c3f1h2c143e1e2e1i1f1c3e143c171c1h3c183f1f1f101d1d1e1e3c183d1b1e1h1e1j1c1b1d1e3g1q1g1c1d1f1e1a3d1s1f1c1g171e1f3e153c1g1g1k3e1b3e193d1j3b1g3f1e3g1b1e1c1e1e3d1c2f1u1f1v1c1k1e1a3d161g1h3f1i1e1u3e183e1h3g1g3f1k3d1b1c1z2e1g2g1r2g1a3e181e1h1e1b3f171f1q1b1l1e193c1c1g1c3e1e3e123d161d121d1o3f1d3d1e2d1h3d1q3g1f1f163e1f3d1k1d1q3g181g1a3e191d1a3b1c1d183f1g3d183c1s1c1e1g183g1o1c1c3c1h3d1d1e143f1e2e1k1d141e173g141f1h3d1f1e193e141f1j3f1c2e183e1s1c1k1f121g153d1w3e1e3d1g3g1f3f103d1u1d163e1p1g1e3f121d1h1c141e181e1h3g1d1e103c1g3e1e3g1p3e1c1e1c3d1e1e141g1c3e1q3b1q2d1i1c1c2f1h3e163c141d1a1e1c1g1g1g1a3e182e1a3d1d1g121f153c1f2d1f2b1i1g183e1p3d181e1m1d1k3g1c1f1d3d181e1m1e1c3g1i1e101e1k3e1h1e1c1f1f3f161e1k1e1b3e1r3f143f1d3e1i2d163c1e3g1p1g133c181e1y1d143f1c3g1g1d1l1e1h1d1k3f1k1f1q3d1m3d1a3e1i3f1c3e123d1w3d143d12141f2k2o1o1u2f2q2q1p2q221o', '38a26m3q1t3q241a291s3t351b3p1z3u2o1o1g1o353w253w253r1536231a383916161h1m3u350y331p2d1o3f1o3e1h3e1f3e1b1g1f2e1b1e1l3c1v3e1h1g132e1i3e1q1d1f3e1a3g1i3e1g2d1k3d1l1d1d3e181g1c3d151c1g3d1f1f1h1f1c1e1h2c1k1d1i1g1f1e1s1c1v2c1i3e1h3g1k1g1a3c1x1c1t3c142f1q3e1j1c1l1c1l1c1g1e113g131c1a1e171d1e1e1p1f1j1c191e1a1e1f1e1q3g122c1d3e1b1d111e132e1t3c152e1j3e192f1h1g193d1j3e183c1f3g1i3f1d1c1r2e1m3e1j1e1i1e1g1c1y1c132e171g1h1d1b3e1h1c162d1q3e132g1s1c152e1v2c1u2g1t2e1s2e1v3c1s2c1t2e1u2f1r2c1s2c1v2c1y2g1r2e182e1v2c1y2c1t2e1f2f1r1c1z2e1v3c132e1s1e1s2e1v3c1r2e1t2e1x2g1r3c1x2d1u2c1x2g1s3e1y2c1u2c1u2e1r3e1k2e1t2c1t2e1u2c1f2e1r2e1t2e1u1c1w2c1s1e1w2e1s1c1t2c1v2c1u2f1r3e1x2c1u1c1z2c1t2e1u2e1r2c192c1t2c182f1r2e1v2e1v3c1y2e1t3e1z2e1t2c1r2e1t1c1a2e1r2e162e1t3c1i2d1s1e152g1r2c102c1t2c1y2e1r2e1y2c1t2c1x2c1r1e1j1e1j1c1l1c1i1c171917161m1s212829313718243q0z2z1o25212o193x3c1d3o0z112k3q0z202m3v2u35242v302p1z203a231s25332114212v23211a2u271z1138251q25352z1620261y1z12141z153v2b2o1731241u3s2t312n113u243e133x292o193z261z101o232e1g2c2b36182v3s121z1o260w121z3b213v313938162v3u10111m2c182t3b213v2b213x39213x29233v1z113s291z203u271u2s271r2o1i25203q3c1z21121b3v111z202433162z2o1b3v111i1t352z1d202n3e1z3w2m2z1q1e272z1o1o23111q253t172124143e1c2e29361c3w2b321v3w2s3q3s3732393r35203917162z1411101o232c1q1z113u243e1b37383v111x23121g1g1r1q1e123e1p3f1b2e1l3d1b3d1d1f1r2f143d1e1e1q2e1s2e191f123e1l3e1h3e193e1b1g122d1f1e172d193f1e3g172d1g1e1a3e121f1e1g1i3d1m1d141e1a1e1e3g1f3e161d1l3d1d2e1c2f1e2e1m3c1c1c1d2f1g3g103d161c1g3e1f3g1f1g1d3d162d162d1c1g1o1g153c1m1c1y1d1i1f121g1o1c1v2e181b1k3f1g2g153e1a1e1a3d1b3g1p3f1h1e1r3c192e141e1j3f1c3d1i1c1a2d1p2f1r3d1p2c1t2c1f2c1p2e1r3d1p2c1t2c1f2c1p3d1r2e1p3c181b143c1f3f1v2f173c143c123c1p2f123e1w2c1v1c162c1s3g1r3e1s2d102d1l1e103e102f1p3e173c1l2d1t2e1j1e1u3e143c1y3b191g1q3g1d3e141d161c1g1f1f3g1d3d1h2d1e3e1f1f173g1f3d1g1d1a1e1j1g1u1g123e183e1l3e1g3g1f1g1g3d1y1e1m1d1o3g1f3g1t3d1a1c1a1e1f3e181f1x1e1d3d1h1e1k2g142e163c162c1a1b1h2e1o1e161e1q1e1j3e1c2f1k3f1g3c1i1d193c1t3g1f3e1f1c1c3c1h2d1q3e1w1f1c3e1y3b163e1d3g1f2f1c1d1g1e1a2d193f121g153e161d1e1d153e1g1f1b1d1f1c181d1h3g1k1d1e2c1f1d1i1e163f1g2g1e3c1e3c1m1e1c3g1i3e191e1h2d1h1c1h3d1b3d183c1h3e1e1d1d3g111f1a3e1l1d1s3d121g1p3e101d1i2e1f1e1a3e1b1g1i1e1i1e1i2e1t3g182f161c1i3d1i2e101f1h3d122d1g1c1f1d1d2f1u1e1e3e1m1e1h1e1s1e1e3f161e1f1c1j3d163g1r3f1i1d1m1d143c1g3g1c2e1i3d1m1d141e153g193e1q1b1q3e193c191g1f3f152e1a1e1i3e193f1c3f1g1e1e2e183b1d1g183f1d3b1d3d193c163e1e2g163e1d3e1d3d1h1f1s3f1k3d1d3c1l3c123e183g103d1a3e1k3d1a1g1c3f123e1k1e1e1e1d3f143f1i1d1u3d1r3d163g1i3f1c3e1y1d1i2e153g1c3g161e1j3b1m1e1i3e181g1g3b1f3e1t3d1d3f1j3e163d1e3b1q3d1d3g103e1c2d1e1e1d3d1y3g193e1g2e1g1e1a1c1d1g173f1e3e161d1g1e193f172e191d1f1d1m1e1e3f1h3e1a3e1u1d162c171g1b3g1p3d1l3e1q1e1a3g1c3f1i1d1l3e1q1e1d2g163e1f3c1a1d1i1e1d3f1k1f1h3e1q1d1a1d1d1g1e3f1w2d1m3e1g3c1e1e1i3e1a1c1f1d143e1k1g1c1f143d1m1d1i2d163g173g121d1l3d1g2e163g1q1e143c1y2e1a1e1f191s2f141b1a1c1k3e121g1a3d191d1j1d1v2d183f1c1g1o2c1y3b1k3b121f1i1e1h1c1k1d1b1c1b3f1f1g163d1j3e1m1e1k3f1i1f101e1h3d192d1g3g103f121d1d3c1a1d1e1g163g193e1y3e1a3e141f1h1f1i1c143e1h1e1c3f123e161d1e1e1d1d1s3f1k3f1d3d192d1i2e1k1f122e163e143d161e171e1d2g1a3d193e1w1e1f1g1i1f1d3e1e1c1k3d1g1e153g1d1e1k3d1y3e1d3g1d2f103b1b3d1e3c1c2e1x3e1b2c1v2c1v3c1a2e1w2e1b2c1t3c1c2c1w3g1a3g1p2e1e3e182c1r2f1p2f122e1b3c1t2e1r2f1y1g1p2d141d1e2d1r3g133e1s1c1t2d143c1y2e1v1e1f3e183e161c1i1g1p2g1k3e1g1b1g2d1k1g173f1i1e1e3e162e1p3g103e1i1e1g3e1h1c1u3g1k3g1i1c181c1a1b1j2f1b1g1d1e161e1i1e1b3f152f1d3d161e1i2c1q3g163f141d1e1c1c3c1f2f1q3e1w2c1a1d1z1e1b3f1d1e1j3d143e1a1e1g1e141e162e1h3d1e3d1f1f163e122c1i1e1a1c1v1f153e1t3d1h3c1j3e191e1k3g1c1d1h1e1b3d163f1i1f1e3d1l3e1m1c1e1g163f193e1d1d163e193d183e1d3e1e1d1h3e111f1a3g1h1d1s3d161e1p3e101f1e2e1g1d1f1d191f113e1e1d1r3b1r3d1h3f1d1g1k3e161e1s3e121g1o3f1b3e1a1e191d1j3g121g1o1c1m3d1e1e1e1f1j1g1s1d1m1e1m3c183f153g121d1b1d1r3e1j1f163f1c3c1j3b1z3d1p1f1a1e1j1c1z2e1j2d1q1e181e1b3e1j2c1j3e1f3f103f1d1e1e1e1i3d1g3g103f121e162d1g1c183f1e2g1i2d1b1c1g3e1h1g1i1g111e1a3c1s3d181g1d2f163d1b1d1g3e1e3g1g3g1g2b1c3c1m1d121g1a1e1a3b1a3e1k3d1c3e151f1b2d1a1d1m1e1c3e1j1g153c1m1d1u3d1p1f1b1f1i1d1u3d1r3d183g1g3f1a3c1q1e193c181f143f121e1j2d1g1d1g2g1k3f152d1c3d1m2d1d3f101f1d3e1g3e1w1e193g1k3e153d1g1d1e3c1k3f1h1e1d3d162d1g1e1u1g1h1g1j1c1l1c1j3e1f1g1d3f152d193d1u3d193f1c3f1a1e1e3d1e1d121g163g1q1c1r2d1e1b1d3g1i1f162d1a1c1s3e1f3g1i1f161e1h2e1a1c1c1f1i3g121c1s3e1h3e1k1f163f1d3c1h2e1f3e103e1a1e1b1d161d1l3e1o1g1d3f1d1d1i1c193c183g103f1k3d1b1c1g1e183g193g1i1d141e191e1k1e1u1f1e2e1y121h1e1c3f151g1i1b161e1e3c1d1f1h2f1t3d1c3e1i1e1s2e1w3f1k3c153c1t3e151f1i3f1d1d1k3e1i1d1c3f1g2g1p2d1i3e143d141e1c3g1f3e1h1e1e3d143f121g1a3c1m1d141e1c1e1d2g1c2e1a3e1w3d112e1a1g191d1u3d1e1e1c3e1e1g163d1k3d1e3c1e3g1f3g121d1l3e101e1j1g1d3f122e1d1c141d1e3g1d2e122d192d183d1d1d161g1b3e1h3e1h1d1g2e163g1g2e191e1m3d1p3e1p2g1i2e1z2e1x2b1y2g1w2g1i1e1z2e102b1t2g1i2g1v2e122d1g1d1v2e1e2e1r2d103d102d1o2e1s2f1t2d1b3c1u1c193e1d3e103c102c1x3c1u1f1w2f1p2e1t3d121c122e1r1g162e1m1d1x2e1i1f1d3g1d3d161c1e1d1d1g1i1g1a1e1i1e1e1d141e142f1h1c1h1e1g1d183g1a1g1j3d143d1g1e161g1j1g1s1e163e183e1b3g1j1g1f3e1g2d1m3d1i3e1e2f153c1x3e1h3c1h1e183e1d2d1u3c1y1d1e3g1u1g1i1d1a3e1e1c182g1k3g1e3e1u3c1d3d1f1g1k2g122c1a3c162c1g3g161e1g2e1e3e1k1d193f1f1e1c3e1a3e143d1c3f101f1q1d1m1d143d122f173e191e1r3d1j3d1f1g1k3g121e1s3e141e1q3f1b3g161e191d1l3e141g123g1d3d1h3c1l1c153g193d1g1c1h3c1i1e1f1g191e1h1d1h1c1e3c181f1k1g1d3d1g1e161b161f1d3d161e1a3c181c142f152f183d1m1c1g1e183e1v1e1g1c1i3e1m3e121g1k3f161d1h3e191e183f161g192c1e1d1j3d1p1f1u1e1u1e1d3e1e3d1g1g121f1f3e1h1e1e3d141f1d3f151e1b3e161d1j3f1d3e161d192d1s1c191d1c3g1j2e1d2e1b3d1e3g1d3f1h1d161b1f1d1d3f1i1g103d161d1d1b1k3e1j1g153c1m1b1f3c133f1d3f101d1u1d1i2e1k1f163g1g3d163e1m3d183f1g3f163c1q1e193c1k3f1e2g1i3e1e3e1a3e181f173f143d161c1k3e163g1i3f173d1i3b1h3c1c1f1i1e172d1e1e193e193e1a2f1a1c1i3e101d1i2f1d3f152e161d1r1d1g1f1w2f1a1e1d2c1g3e1h3d1b3f1f3b163e1r3e181e1g3e1g3d1b1e1s1c1r3f1i3f193c141e1m3e1f3f1d3g1g1c141e1m3e1f2f1b1f1c1c1k3c1e1c1c3f1g1e101e1m3e1h3d171e101g121d1c3e1q1e1d3e163g1i1d1a1e1g3c1j3e163f1a1d1m1e1e3c1k3f1d1f1i1d141e1e1e123f121g192d1d1e183d141e171j1p1o1d2e1t2q1r2i2s1v14', 'f609a2923313y351w371e373q1639213x38142627231v302o12252720331628351d1e14373a3v1g1c1r2d113e131e1a1e151d1g1e1p1d1j1e191e181e1h1e1q3e122e1d3e191d131e132c1t3e152e1h3e1b2f1h1e193f1j3e163c1h3g1i3d1d1e1r2e1k3e1l1e1i1c1g1e1y1c112e191g1h1b1b3g1h1c142d1s3e131c1e1e1g1c1e1c1i3e172d1b1f1m1d1j3e1f1g1j3c1i1f1i2d1e1c1k3e111c1p2g191d1j3c1k1e1s1e1b1e1r1e1b1d1q3g1e1c1a3g1b1d171e151g171e1j1g1q1e141e1j1g1j2c1j2e1i1c1v1d1l1g1d3d112e1g2d1r3c182f1r1c1j2f1u1c1q2c1u1e1z2c1s1e102e1t2c1u2e1t3c1y2g1t3c1x2c1u1e1v2d1s1e1v2c1r2c1z2g1r3c1d2e1t1c142d1v2e1j2c1s2e102e1r1c1z2e1r1c172e1v3c1q2c1t1e142c1t2e1s2c1s2c152g1t2c1t2e1t2c1p2e1v2e1o2c1s1e1l2c1t2c1h2e1t2c1j2e1v2c1y2c1v3e132c1t2e1i2c1t3c1y2e1t2c1y2f1t2c1y2d1t3e1v2c1r1e1c2c1s1c102e1t2c1s2g1u2c1d2d1t2e1t2d1s1e182e1r3c1k2f1s1c1t2e1t2c1t2c1t2e1t2c1r2e1v2c1r2c1f1e1e1c1e1e1g1c1g321414121m0m3q1v3q221a291u393v2z1d3q0z101m27213o193v2e1k193v1z1k1c2z173s3y113z141z153x392o1722261s3s2t222p1z3u242e153v392o1922341z3z1o253c1g3c2b381w2v3s11121m260w111229213v212b361w2v3u11101m3c182v2z2n1z223a231q25352e142z2v252e162s27111138231q27353c142z281y1a2s271y2u27163s291u3s271o2e113u261z113w261z3u263u3m3o0z1121393w121o272c2o1z1z23121z101o273c2o2m37223o1z3z212b213v3028163o0z1c1e2v2c292o142u1z101d211q1z2z3825373u253u273t133621111138371z21161h1z1c1o2e162t3z2r2e29213v212q1g27312e2b3w121m142i2d1k1e1c1g1b2c1p3g153c1c1d1i2f1u2d193g1f1e1r2c1x3e1g1d1c3e181e1c3d181g1c1d1p1g1i1d1p1e121g183d1s1d1l3e173b1l3f1f3c183f1g2e1k2d1k3g193c183g1i3d183c1r2f1u1d1s3f143d1f2c1w1g193e141f1j3e193c192f1e1e183g1q1c1o3d1f1g1c3d142f1f2c1c2d1g2g1k3c1k3e1w3e1f3d181g1p3d143g1m3e181c173e1b3d1g1g181d1p3c1l3f121e183g1i1d1w1d1y3d1d2c1r2e1r2c1r2c1r2e1d3b1r2e1r2c1r2c1d2e1r2c1d3g1f1c193c192f1r3e153e193c141d1v2e193c1r2f1g3c1r2d191e132c1t2f1y3d1h2c193e1r2d123e103d1w2d1r2f1g1c181d193c143d1k3d171d1b1g1g1d1f2d1j3g1c3d123g1w1b1b1e1g3f121c172f1f1e1d2d1k1e1k1d183g181e181d193f1h3e191e1f1e1e2e193f183d1c1e1e3c1k1e193f1f3c1h1e1a3c1f2d1s3e1w2c181f1v1e1i3d1w3f1e1e1i1f1k1d142d1q2g191e182f1m2e142c183e142c1g1g181c1v2d173e1h1e143g143e121e1b2g1o1e1i1f1l3e1p3c1b1g1k3d183g1i1d1k1d122f1j3e1h1f1j1e1j1c191f1e3e1q1g1e1d1f1e183f1s1d1c1g191e1c3e1b3f143e1i3e1q1c1k3d1b3d143c141g1c3d1c3d1d1g1f1d193g1g2e153d1i3e141d1f2g1s1d1j1c152g1d3d1k2g1e3e1p3d143g1p1e1e2f121d1s3c1g2f143d1v2g1e1e1k3d1u1e1d2d161g1e2d1d1c1d1f121d1i3f1j3d181e122e121d1e1f1g2e172d173f1w3c183f1g2e1k2d141f181e1f1g1f3d143e1i3e173d1u3g1m3d1c3d151f1d3d1e1f1q3e183d1l1g1b1e1a1d143e143d1b3e1o3e173e1a1b173c1k1f121e171d141d153e153g183e141g123d141e1e2g183e1b3f1k1c1e2e183g1b3e1k1f121e171e123f141e193e1i1d1s3d121g1b3e1c3e143e1f1e181g1j2d183g191c131c1a3e1c1e1b1f1c3c181d1f1f173c1s1d1k3d171c141f181e1p3e1i3e1e1c1k3f121e192d1l3d1f2e141f1t1e1i1g1k1d1c3e191d193c1c2g1m3d1r3d1j1e1a3c1d3e181d1g3d1f2g163c1h3e181d1g1c1q1f181c191g1i1d1c2e163e1h3c181f1g1e1i1c1h3d183e1p1g153b183d1d2f181e1k1f1k1c1c3d1g3f1g1c143f1g2e1p3e143f183e1i3f183c1o1e173e1k3e163g1w3e1c3c141i2p3e1f1g1i2d163b1i1g183c1b1f1m2d1u3d1b1g1h1e1t2e113e123c1k1e1k1e1c3f1i1c1d1e141e1f3e181e1a1b1i3c183f1g2e1k3e193d1s1e193g141d1j3f161d1c1e1l1g173c1a3e143e163d1i3f1f3d1f2g1b2d1c2e183g142d1e1g1m3d1i1d121g173c173f1w1d1q3d1m3f1t3e183g161d1h1d1f2e1w1e1b3f141c1g3d1f1g1i1c181g1h3d163e1i2f113d1c1g133d161b1c2g1p3e143g173c1b3c1v2e1d2c1u2e1w2c1b3c1w3e1v2c1w2e1f2c1y2c121g1b1c1u2g143c1w2c1s1e1r2c1s3g183c1s2d1y2f1h2d1y2f1k3c1p2d123e103c1j3e1t2c173c1r2f1g3c123e163d1e1c1l3e1u2c1b1f1f3d1o3d1e1f1c3e1h3d1d1e1o3e1b1g193e1e1e1d3d1j1c163g161e1e3g1h1e1g3d1w1g1k1d1k3g1g3e1g2e1f3e1o1c181g1g3e1s3e172g121c1c2g1i3e161c1v2f173c1v3g1h3c1f1c1a3e1f1e1b3f143e1k1e1j3g1f3e1v3f1a1c161d1h3e181d1z1g1d3d1d1e1m2g142c183e162c161b1j2e1b1d1f1e1j1c141b143f1g2e171f1b1d1e3d1l1g193d193g1j3d101d141e141e1c3f1e3d1b1e1f1f193e1g2g173e1g3c142f1f2e1s1f1l3e1h1d1d1d161d1f3f1d3b193d131e1k3d163g1m1c153e1i1e141d173g1i3d1h3d141f1e3c1i1g141e1g3d1i1f1k1c1i1f1h1e161e193f183e1i1f1l1e193d1k1g1b2d1c3f163d122d1e1f1f3d1e3f1r3c1s1c1k1e1h2d161e1y2c173d163f141e1h3d1f3d101e193g141d1j3d1q3d1d1e1b1f1s3d1p1f1f3e173c1f1g1i3c1i3g1e3e1d3d1d3f1o1e1b3g1e1d141d1d3f181d1r3f161d1e2e1k2f1k3e1b1g143d121e1b3f1f3c1q1g1j1d1c2e181g1c3d141f1m1d101e1j3g1i1d1k1f141e1a1e123f141e1b1g1e3d122d1e3g143e1i3e1q1e1g1d1s1g1b1c1o1e1e1e1q3d1d2e1i3c1c1f1d1c1e1e1c2f1c1e1c3e1l3c121c183f1c3d182e1q3d1d1e1i3f1g1c1f1f1e3c172d1f3e173d1u1f163c101d172f163d1d1d163c1k3d1i1f1c3b1d3g1u1d1i2c1c2f1k3e1q3g1h1e161c1c2f1k3e1d3g1q2e1d1c1m1g153c1f1g1a1c1a2d1k3g191c181e1r3d1d1d181g1k3d1h3g1j3c161d1g3f141e1k2f1g3e173e183g141e191e1l3c1j1e173e1a1d1g2g1m1d1f2d1g2g1i1d1s1e191i1h1e1b1f1h3b1k3g1i1d1b3c1d1f1p2d143f1f1e1h2e1s2e1d1c1b2f1e1d121d1m3e142e1g1e191c1h1c1a1e1o3d1w1g1b3e121d1j3g193c192f1g1e163e1b3g1f3d172f1i2e1i2d1k2e1w1e1o3g193c163c1w2g1k3d1k1f141e1d3d172f1g3e123f161e193e193e183e1i3f1e3c1d2e1e2g183e1u3g1h2e1j1e1b3f1o1e1p3e1q1c123d1k2f1h3b1c1g163d1k3c1s1g143c1o3f1l1e1a1e1b2e1y2b1x2g1z2e1v1e1y2g1y2b1k2g1z2e1v1e1y2d1y2e1x2d1q1e1c2d1r2f1r2e1r2f122d1w1c1u2e1t2d1r3g173c1h3e153f1c3c193e1t2d103c1j2f1y1c1u2f102d1i2e1r2g1e3e1t3f1g2d1p3d1j3g1c3d163f1h3c1i1e1m3g1e1b1e2f1g1e1e1d1f1e1p3d1g1f1f1e1c2e141g1g1e1b3f191d1d3d1k1f1k1c1k1f1a3e162e171f1k1d142f1s1e172e182f1p2e142e1a3c122c1g1g181c1v1f193c1f1e143g1f1e1e2g161e1e2c1q3g183d163f1e1c183c1f2f1s3c1y2e1a1d1v1e1e3f1f1c1o3f143d1d3d123f1k3e1c3g1a3e121e193f1f3e1k3f1i2e193e1q1f1c3e1i3e1d3d111c1k3f163e1k1e193e1g1c141f171e1g3f1l3d121e1e3f121c143g1b3c1d3e183d1b3d1d1e181d1h3e1k1d1g2c1d1f1i1e163d1g2g1g3c1c3e1m3e1c3e1j1e141e1j1g163e1d1e1x1e1o1c1c1g1f3d1j1e193e1g2d1f2f181e143e1g3g1b1d1j1f1a2e1k3e121f1g1c1x1g1i3d192c1f1e1k2c1e3g1a3e161d1m3f1b3c192f1g1e163e1m3e173d1e1g1a3d1g3d143g142d1e1g1q1c1i1d1d2f181c1q3g1v3e1d1d1f2g163b1f3f1h3d1d3c1b3f1f3e141f1l3d1d2d1d1g1c3d142f1h3c1a1c191e163d1k1f1i1d1q3d1m3g123d141f141c163e123f141d1b1g1e3d122d121f1s3d143f192e161e1f1e161b143g1k2d1a3e182f181e143f1e1d1d3c1k3f1c1d1s1d1m3d121d181f1y2d1f1g1b3e1k3d1y3e173d1u2g1h2d1g1e1f3g1p1c1k3f1r3e173c143e181c143g183e163e1e3f183d173f1l3c1i3c121g183d1d2d1k3c1a1c151f1d1d1e1e1k3c1a1c1t1g1c1d1f3f1a1e1i1e1d1f1e1c1i3e1e1c123e1f2e1i3d1j3e1a1d1e3d1c1g1c2d1k3g1g3c162d1f3g1a1c1h1f1g1e161e1f1f1k1d1g2g1m1d1i3e141f1j3e1w3f1j2e123e1i341d1i1f2f2v2i1o2f2u2t2c141', '2647b74aa20af3e7d4aca4dce5bdea1f'));
                                    

#52 JavaScript::Eval (size: 25, repeated: 1) - SHA256: cfab5312f1cfff1e8162225ab27453306ff627f512bcf18225c0a305ca093e1c

                                        window.scrollbars.visible
                                    

#53 JavaScript::Eval (size: 18, repeated: 1) - SHA256: 0200f755a2c13b9335fe39b3a88f696c334e518e8407780c4731d8e6be966c4e

                                        window.outerHeight
                                    

#54 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 526c9d85cebcd21526a3b7ffdb87a9c2b6229e00b0bf210634abf6c84e0ad143

                                        navigator.msDoNotTrack
                                    

#55 JavaScript::Eval (size: 33, repeated: 1) - SHA256: 0b543b4a53bd5beb9a294e018ea9a8c704e5487af1227121d60699a5ec715c5d

                                        navigator.connection.effectieType
                                    

#56 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 5c5bb18e544cb67f765d8a6d2c774838d3ae95df9b62f25660c64554a7302d8e

                                        document.referrer
                                    

#57 JavaScript::Eval (size: 28, repeated: 1) - SHA256: ef184af14e9e4c14bc286dcbd2a00161c209ce5cf6f9e30c4e7de6d929e9aa4d

                                        typeof document.ontouchstart
                                    

#58 JavaScript::Eval (size: 9, repeated: 1) - SHA256: ebf49dcd836f810084c14e0f2dab4dc1768bbdc5980481bf201fcf76771dff7a

                                        navigator
                                    

#59 JavaScript::Eval (size: 18, repeated: 1) - SHA256: 17720ad70d18a072962c7509a9e8f79d6227be2728fb0e89dafb5a1edbc19f40

                                        window.console.log
                                    

#60 JavaScript::Eval (size: 52, repeated: 1) - SHA256: b218e02bbc9cda846447b2e8fff62bc41f7f5b0e12ad8adfc05380f8df3288a4

                                        window.external.getHostEnvironmentValue("os-build");
                                    

#61 JavaScript::Eval (size: 18, repeated: 1) - SHA256: 64e360e85164e7675724c7fe1ed681b25a138c51d437bac5ff97e8910ccf2aa7

                                        window.innerHeight
                                    

#62 JavaScript::Eval (size: 19, repeated: 1) - SHA256: b37d024d71bdbd575b951acfa9a59a5e84dc2f9d7c89748081ccb862ff3c9033

                                        navigator.vendorSub
                                    

#63 JavaScript::Eval (size: 16, repeated: 1) - SHA256: d6b5ca1760fc8b29e007efc9c8d2cf7e8a2395825f6f77dada95483fc3171bdf

                                        navigator.onLine
                                    

#64 JavaScript::Eval (size: 40, repeated: 1) - SHA256: ba8f16658b19940e1168ca8394756fb18272a9ef95d5fb11442ba56601568687

                                        performance.timing.secureConnectionStart
                                    

#65 JavaScript::Eval (size: 30, repeated: 1) - SHA256: 55ef02d9591328210e59a68fcd1945791f4d0f70cdc7cd3999eb4ba175adbafb

                                        performance.timing.redirectEnd
                                    

#66 JavaScript::Eval (size: 6, repeated: 1) - SHA256: 4cd6c2914887dd4a68e4c9ffbed8b077f048cf795d6cfa0b801d43e0ea5a1560

                                        screen
                                    

#67 JavaScript::Eval (size: 15, repeated: 1) - SHA256: da82a56eb8524f5d12a2afcf2c5d0cb6184f26995167212a0ccb3bc2ba0def36

                                        document.hidden
                                    

#68 JavaScript::Eval (size: 22, repeated: 1) - SHA256: b19d05a8d492320ab4db4d74ea0e9e90374bed47a18e805f8018ebb00af0c23c

                                        window.menubar.visible
                                    

#69 JavaScript::Eval (size: 20, repeated: 1) - SHA256: dfafe4f2e08c006ec277e8042267c6237512a1a93bfcf57657420d4becc0a97b

                                        window.mozPaintCount
                                    

#70 JavaScript::Eval (size: 15, repeated: 1) - SHA256: 4f61f9e962c8c1d90b453b461dd9431c1d3a6a706e61ab5c2a9faf6a71aea93f

                                        screen.availTop
                                    

#71 JavaScript::Eval (size: 20, repeated: 1) - SHA256: 6af0594857ab3b4e97420ca6bf7e098fc0901e86860d2e6a26cdf1d176c37dec

                                        navigator.doNotTrack
                                    

#72 JavaScript::Eval (size: 108, repeated: 1) - SHA256: 8eab171b0d256cf386d222b71fbf5380f2051b67452dbd83f41401a6216a789c

                                        !!document.fullscreen || !!document.mozFullscreen || !!document.webkitIsFullScreen || !!document.fullScreenElement
                                    

#73 JavaScript::Eval (size: 25, repeated: 1) - SHA256: 791b28f4c489619d78906b8af22fbc11b48c0576134d36470ef92468e47da29c

                                        navigator.appMinorVersion
                                    

#74 JavaScript::Eval (size: 18, repeated: 1) - SHA256: addd231a2f2807fb0b4ebdadd2bc23ae2a1cb93a92b07fa6e20ee9af832a8b47

                                        navigator.platform
                                    

#75 JavaScript::Eval (size: 25, repeated: 1) - SHA256: 63d0de96ffe6e24d709e64517f883a6e6a72e3629aea379ee43b727541794c64

                                        navigator.browserLanguage
                                    

#76 JavaScript::Eval (size: 30, repeated: 1) - SHA256: ca1a06e2314f272f03bc401a7ae0f4056692895b060fd13c00280536b6c56e85

                                        performance.timing.responseEnd
                                    

#77 JavaScript::Eval (size: 37, repeated: 1) - SHA256: 6530649612f535f1adde48ecf8b5de0677e9b5d77db12eb3dfd90b79b363559e

                                        HTMLCanvasElement.prototype.toDataURL
                                    

#78 JavaScript::Eval (size: 224, repeated: 1) - SHA256: 06aede41202706e4df713c059cbec560afc759fe666f0679df6a56354378d8b9

                                        ['https://ku2d3a7pa8mdi.com/SDF/SDF.php?c=1884823', 'https://predictiondexchange.com/jump/next.php?r=3893043', 'https://tipcatscarola.com/i2CuGOIr4VQ/27615', 'https://nimrute.com/click?sid=e14b9af4-1d89-44ad-b359-4651a3654a3c']
                                    

#79 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 38be2b1c1c886666cd4ac85d71bb8b65e51d95c7c5f40b0c575f7d196a0442cd

                                        window.statusbar.visible
                                    

#80 JavaScript::Eval (size: 25, repeated: 1) - SHA256: 0098b3fb5f82abbebff8c293e42863b93e210b01f0032c4147fe1457f5b48a93

                                        window.offscreenBuffering
                                    

#81 JavaScript::Eval (size: 36, repeated: 1) - SHA256: 4105e0401cf30138cd3ec66def6e14b091f0617777c14cd703ba3e8be17d5777

                                        performance.navigation.redirectCount
                                    

#82 JavaScript::Eval (size: 33, repeated: 1) - SHA256: 511e9d231c9360fcb7670f7cbaffb35bf8180f124fc080ebbfa5962d4c8bb089

                                        window.screenX || window.screenLeft
                                    

#83 JavaScript::Eval (size: 34, repeated: 1) - SHA256: de98f45cade0178e1fd1a8257ab99e8431b3d5b35a393217e74ad6caa4efed60

                                        performance.timing.domainLookupEnd
                                    

#84 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 15dde2f8fcb5a8a423088da92307a50f6ba6c59577490e49e2ae24a15c75c2bd

                                        window.clientInformation
                                    

#85 JavaScript::Eval (size: 26, repeated: 1) - SHA256: e5a13721b456c9e090f80944728fc91767f5ae01b01f59160e73ff2c7cacc587

                                        window.locationbar.visible
                                    

#86 JavaScript::Eval (size: 24, repeated: 1) - SHA256: ebca0f427d949e5889ac01faf63de6370743bddd0169c9354c84bc47e3e8a0b1

                                        window.opener.innerWidth
                                    

#87 JavaScript::Eval (size: 4, repeated: 1) - SHA256: 1bbd174404efbce95f1af489ef93f4aa0f4d55718f24c3504682216afa7b7fb1

                                        eval
                                    

#88 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 42c1dc825c7afb2edca4a8bca3f669784ae08b69226a5ec5044ee7600fccb397

                                        window.mozInnerScreenY
                                    

#89 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 6b5c93eab3b74dadfbe0f6c5949ab9f1ec8f012df8f49495664b96b51881ed85

                                        window.RTCPeerConnection
                                    

#90 JavaScript::Eval (size: 15, repeated: 1) - SHA256: 2daa1a91b2430e9867296c9cb26d1483785954a9bdd66f79b2c754bab7092cae

                                        typeof __gCrWeb
                                    

#91 JavaScript::Eval (size: 19, repeated: 1) - SHA256: 63fd63a33ca43f07ce872672d604657ec0fbfbe24bec43f4b322c0f7a1c2ce25

                                        document.hasFocus()
                                    

#92 JavaScript::Eval (size: 29, repeated: 1) - SHA256: 876f3c9374f7069c7cabd0907ddad5466010a649a0f34984e5e2cc72f64878a5

                                        navigator.hardwareConcurrency
                                    

#93 JavaScript::Eval (size: 25, repeated: 1) - SHA256: 329a9b85817fb7d3bb2492cbcb23f12b14cf9abd181473b838250e3b745fab50

                                        navigator.connection.type
                                    

#94 JavaScript::Eval (size: 24, repeated: 1) - SHA256: ae3766b014bf6a5b6452d14a9f1de103d584e98933db2577122c136bfb9eb0c6

                                        navigator.connection.rtt
                                    

#95 JavaScript::Eval (size: 34, repeated: 1) - SHA256: fa103a26e90f8e37ab2371d0dd320ca199c0ff194f4ded9cee3ccfa85c22f713

                                        window.ScriptEngineMajorVersion();
                                    

#96 JavaScript::Eval (size: 51, repeated: 1) - SHA256: 8c6276b2ab288fa398c4bc128bf765ffc10696c7adb7b2db18019870fa29cbdd

                                        window.external.getHostEnvironmentValue("os-mode");
                                    

#97 JavaScript::Eval (size: 23, repeated: 1) - SHA256: fac21d8a86a99b88e4eb395a35aa2970ffb8ffdac1b12280959be2c117e3a09c

                                        window.devicePixelRatio
                                    

#98 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 4b14cf9e41e192a741c1cb8ec58f13b0495941f984f312bec01ab28807fe99ab

                                        navigator.deviceMemory
                                    

#99 JavaScript::Eval (size: 21, repeated: 1) - SHA256: 561f7f2574775993811ac7bc852a2054ede9fb58a62eb0804030e1ff877f4350

                                        document.webkitHidden
                                    

#100 JavaScript::Eval (size: 59, repeated: 1) - SHA256: f8aac102dc71390ed9b53b485b34d036f4c871e18d7015b307b95c8f1dcd9fa1

                                        window.external.getHostEnvironmentValue("os-architecture");
                                    

#101 JavaScript::Eval (size: 17, repeated: 1) - SHA256: c03ab22471edc55763f012b82b8d32f981b31ca921a55cc4a663b8bd953b96e7

                                        screen.deviceYDPI
                                    

#102 JavaScript::Eval (size: 23, repeated: 1) - SHA256: c5d184acbefde172c402f1100cb756d11e8a1c83484977f1d5975bc65a79a7c5

                                        navigator.cookieEnabled
                                    

#103 JavaScript::Eval (size: 31, repeated: 1) - SHA256: 7f96f13e41030d403da6d3c41ed3e161053572b43346d4e7c6ade69c0861d6ca

                                        typeof document.visibilityState
                                    

#104 JavaScript::Eval (size: 11, repeated: 1) - SHA256: c42b2a75055edd538c357b5923a7eca102ebf4e63f14d7d8b6fa2778d6b1cdd2

                                        screen.left
                                    

#105 JavaScript::Eval (size: 30, repeated: 1) - SHA256: 44e10caa26e37d5f8678a008f0d667c1975fbaec0f613439eb60694249001780

                                        navigator.languages.toString()
                                    

#106 JavaScript::Eval (size: 32, repeated: 1) - SHA256: d0ea77c33d12565615b751dd5d753895e6287577bc0cfe0522961048b211daa6

                                        navigator.connection.downlinkMax
                                    

#107 JavaScript::Eval (size: 34, repeated: 1) - SHA256: 3db042ba8dbf234b0ba7ed8b47e5c8cb58b267af983635a41652258f1e282c0c

                                        window.ScriptEngineBuildVersion();
                                    

#108 JavaScript::Eval (size: 29, repeated: 1) - SHA256: 9c27754d9297bf8d4022ded2628940ae5a837c7d7d130b197c3dc80627a453e2

                                        HTMLElement.prototype.animate
                                    

#109 JavaScript::Eval (size: 20, repeated: 1) - SHA256: 3f3d3b81e8706983e30a63da7389e8cd3e70bd7778063d63f748984c42007425

                                        IntersectionObserver
                                    

#110 JavaScript::Eval (size: 31, repeated: 1) - SHA256: 6e4c074bba968f3a2899edcbccf9e893ebdad7a5a533463e4d9630f28f3baed1

                                        (a = 0) => {
    let b;
    const c = class {};
}
                                    

#111 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 28be88d787b6e773eaf5d0818a6c62446ce628dd8ec0659c6f78410588838337

                                        window.toolbar.visible
                                    

#112 JavaScript::Eval (size: 19, repeated: 1) - SHA256: fc5a1ffc9513896711ec2c788490995715c8d32ccda8c4e2c68a9bd8cb214e77

                                        document.innerWidth
                                    

#113 JavaScript::Eval (size: 36, repeated: 1) - SHA256: 436179ef4964c80a03e62015696ba10c5ae70602c6538d07f50b75f35bd72a27

                                        document.documentElement.clientWidth
                                    

#114 JavaScript::Eval (size: 19, repeated: 1) - SHA256: 9b078b8e24e4655c21a5876570daac97f2ddc241bfdb259644582b6a7a60930b

                                        navigator.userAgent
                                    

#115 JavaScript::Eval (size: 20, repeated: 1) - SHA256: 6b612f597a0ed972ce30182713c197e510528ac68ff1711b560641d5f47afefa

                                        navigator.productSub
                                    

#116 JavaScript::Eval (size: 9038, repeated: 1) - SHA256: 8612f5442708723249fd0b70d02c1d6a40af04b67005373fab0ee27150b5eda8

                                        ;
eval(function(w, i, s, e) {
    for (s = 0; s < w.length; s += 2) {
        i += String.fromCharCode(parseInt(w.substr(s, 2), 36));
    }
    return i;
}('1b1b0d0a1n2t3a2p30142u39322r382x3332143b182x1837182t153f2u333614371p1c1n371o3b1a302t322v382w1n37171p1e153f2x171p2b38362x322v1a2u3633311v2w2p361v332s2t14342p36372t213238143b1a37392q3738361437181e15181f1i15151n3h362t383936320w2x1n3h14131d2q1d2q1c2s1c2p1318131318131318131315151n1n2t3a2p30142u39322r382x3332143b182x1837182t153f2u333614371p1c1n371o3b1a302t322v382w1n37171p1e153f2x171p2b38362x322v1a2u3633311v2w2p361v332s2t14342p36372t213238143b1a37392q3738361437181e15181f1i15151n3h362t383936320w2x1n3h14131d2q1d2q1c2s1c2p1d321e381f2p1e341f1c1d1g1e391f1l1f1e1e361f1k1e3c1f1f1f1e1d1g1f2q1d1k1e3c1d1k1f1j1d1k1e381d1h1f2u1e391f1f1f1i1d1g1f1j1d341d2r1d321f1j1d331f2q1d2p1f1c1e381f1e1e3a1f1k1e3b1d321f1j1d1j1d341d2t1d1h1f2u1e3c1d1j1d341e2q1f1k1f1i1e3c1f1e1e3a1d2p1e391f1i1f1f1f1d1d3a1e3b1e341f1i1d3a1f1f1e371e381d1g1f1g1e341f1i1f1j1e381e1d1f1e1f1k1d1g1f2q1d2p1f1j1f1l1e351f1j1f1k1f1i1d1g1f1j1d1k1d2t1d1h1d1k1d2u1d2x1d1h1d1h1d321f2w1f1i1e381f1k1f1l1f1i1f1e1c3b1e3c1d321f2w1d1g1d1f1d2s1e351d2s1e351d2r1e371d2r1e341d1f1d1k1d1f1d1f1d1k1d1f1d1f1d1k1d1f1d1f1d1h1d1h1d321318131318131318131315151n', '', '', ''));;;
eval(function(w, i, s, e) {
    var lIll = 0;
    var ll1I = 0;
    var Il1l = 0;
    var ll1l = [];
    var l1lI = [];
    while (true) {
        if (lIll < 5) l1lI.push(w.charAt(lIll));
        else if (lIll < w.length) ll1l.push(w.charAt(lIll));
        lIll++;
        if (ll1I < 5) l1lI.push(i.charAt(ll1I));
        else if (ll1I < i.length) ll1l.push(i.charAt(ll1I));
        ll1I++;
        if (Il1l < 5) l1lI.push(s.charAt(Il1l));
        else if (Il1l < s.length) ll1l.push(s.charAt(Il1l));
        Il1l++;
        if (w.length + i.length + s.length + e.length == ll1l.length + l1lI.length + e.length) break;
    }
    var lI1l = ll1l.join('');
    var I1lI = l1lI.join('');
    ll1I = 0;
    var l1ll = [];
    for (lIll = 0; lIll < ll1l.length; lIll += 2) {
        var ll11 = -1;
        if (I1lI.charCodeAt(ll1I) % 2) ll11 = 1;
        l1ll.push(String.fromCharCode(parseInt(lI1l.substr(lIll, 2), 36) - ll11));
        ll1I++;
        if (ll1I >= l1lI.length) ll1I = 0;
    }
    return l1ll.join('');
}('3b5de2a29333o2w193b3x2b1x1b3x382p2o1v1y2122252a2d2g2h2q2v2y3132353a3d3d1e1h1m1v35252o1y3o183s36343y3u2v3s163x21352o2b233215362r2b233v1m29333u3m2t3e2403383z3u2t3q0o182u23243w173u2x29232c3o293b2w271q332v3s143u3o3q252o282u2x121b1i212g27232e3o293o1v2w341h121g25353v3s3m3q272q261o332v3u142t3e2403383z3u2t3q1a271q1a2u2122333a313s2r3q1c29121b1i212g27232e3o293o1a291n1f1g3t3s240s292s28353b3v2r3q3s3u393s3u2u231x2r3z1b3x2r2635393b2s132t3b3q1q381v283o27313u2q3535192u1i272b2i2q0d1z0b1b1d1d1d1b1b1z0d1d1b1b1d1d1z0x0b1d1d1d1b1b1z0d1d1b1x0d1d1d1b1b1z1v3s22081o3v1s142t2d2h2d2m3t1r1m1o3t1p1m1q162b2f2d1o3v1q1i1d1d2f231m1q1d1d2e1t351d2p1b1e3f2d2k2i2k28163f1m3t1r1m2d2f2b2o3v1r1k1w281i2d2f2b1a2825161g3u370o3t1q1i3q0y2v373q0c3t392z2x393o23262q341g25262q341y3w221o2q341g230y2x3934132o2t3o33143t2a2312223u323a2827331g29312o3u3o3s3s39382u38251t3s24163s350v281i223039332e3a1t3s241u3s2f3y241u211w1u2934342t1u2u142o1j1635103u2s14143h292c3t1q1i1f1s3u142q1f143u370v261g1t2a23123s37382a2731262q3h213a2b392v29352u1g25292c3t1q1i1f1s3u142q1h1435103w2s12143h2b2c3r1q1i1627312q3u3i3o0r3q3o373z1v3b342a2731272923383z3u1b2o1v3v273o193s2r3u3o3q25272y29292r2m1g25282t3026272216123s1825163t3429330v331c183221222514313s1s2u252e39233y143y2t1139313q311v3x273q1v3v273o141a2514391o260v0x0x3q0y1u2q18341w3p21112q221x393n14222w2v3o38132c3c3r2o2o253x1b2q192m142a352c322z18341w3p1b3x223o27393b35313w353b3x2f2o3s3u3b273s231e252m27252e3o1m232h263q0r2o2h2b33211232392v221e271g221h231s3939213a2432391e2014231o242s373u22161m262u213s1m3i1d1o2827332729232c3o2t1g252r3q2y1i1w173u2x29232c3o293b2r1o332v3u113c24033a3z3s2t3q1x3v253y143t2w2r1g3s3u393w251y3q2v2p29213z2z252334213a3z3s2u0q2228383u3x253z3w030x3o2p3t3q1z2s2v1z133a3z3s2t3q1x2u360x2t2q1627252e3o27392t280x2o16280r1y3o2p1o3u3u3s3m3q273u3m3o272q283w113a313u2r3o1x3x2737381y133a3z3s2t3q1x2u3729252e3m273b2t263s3m3q272q26312v3u1i2527252e3o2r1m333y3x3s3s313u163o0z392432372s113u383b253u0t3z1t331d2p281z3u2o183y173s2x28211w0o1a2u23221z392m2t1o113e2401373k2x2t231k1o332v3u14353b3x13253o3u33101z373m2t1o23333v3b0q182s23243b3v2o202t1f193v272432372529113u332t22062v1w1w1y3b3e292r2q1d1z2t16311x2w3o1b1z2v183s352a253u2w1z3c312s2s17162v183s352a25341z3a312s2u17142v183u352825213c3z2q2u19162t163u372a23253u372712143q033u2w3i2b29392p3s033u1o23201g273u173w39142217201o2y3k29333t2y25251q2q2o29232c351b2q3s2o3u2t3u3m3o272q282s2v133a313s2r3q1c291m3q3s1u3i3g3s3u313u143', '5ecb2v3q24003u251e273s3q0o25343w3u0u1v102126292a2f2g2r2u2v203136393a3f1d1i1l0m373o0y1o172817391536211q2735271v32163x3o2414343y3s3u27163u3509373y193s2x27252e3m293w143t2w2t1e25353t3u3m3q272o282s2x1q182u21243338313s2t3q1v2w3o1i1o3s3u3s3o2q252q26342y27141b3o2v3c24013a313s2t3o0q1a2s23223y193s2x27252e3m29392t2q123t2w2t1g27252c3o29392t2o1f1o3s3u3s3o2q252q26342t221k121i333w3x2m2t3o331g253y2422323727291z3u333y241m273s2q35351g2r3n3y223134372n2z2i3s37022w3a323b2t3m3q0m3v1r2x1y1x1m1y1f1i1j1z1j1x1g1g1f1g1f1f1x1z1w1g1y1i1h1l1x1i1g1d1z1e1w1k1g1i2m333w3x351b1g3d3y1o3t1s1i1d1d2c251b1d2d1o1e3m3v1s1o1d1e3f2d2i2k2k163f2b2k2i2o372o1y2b2h2d2m3v1p1m1y1e381o1d1d2g1o3t1s1k1b1d2h251y141o3t1s1q3s2q231617383x1b1g3f193x3723320w233a2q2921322t0y2x37363o0y2x373q0a3t3b3v393m2v1y372330132x3w2438161g3q3u393s3937231t3s24143u350v281g243039332z293o3q333w35353a3x2z2o1r2a23123u223q333w351e1u3c3r3b3s3o251q312c3y151y3w2s14143f2b2c3t1q1i1h1s3u142o1j1435103u2u121417383x2z2o3o3q3u393035261v3q241u3s2h3w241u211y1s2924342v1s3u142o1l1435103u2u12143h292e3r1q1i1f1u2s142q1f163s370v361i193x322124231436321v3q240s2o2o27252e332t27282v3029331y2338313s2v2u2v2v3w3x262t2q2m342v3o001u2q18321y3p21112o241x393n12242w2v3o36152c3c3r2m3q253x1b2o1b2m142a332e3223282t3216282v30280n3s1823142z2b0x0v0b3v2x261n2712393u293s3w3q29361c1r3q3o35311a3q27202t3z3u153q2t162t281o342o133u1a2712391o253y253u2325212829331e2726292430392s113u3t2t2r3u3o3o27242v28273b3v3s2827243s3x2a211y1r263q0v2j1o2h2b31232w241t28231v2j1b3s161e221c27101u261g201s36163i1g163t3s240q2q2m3q273z163o0y123s251m25353t3u3m3q272o283w0q1a2s2322193u2v29232e3o273b262v321o332t3u16223237373u1n273s3u2y1z3c3z2s2u003q222a283s3x2z3v2125233q31231x3z253u37250d0v2w3q1629232e3o273b2w291z3w3x023u3o3o272o283y3v1z2r042t1x1c253u162529213a313s1338313u2r3q192929232e3m293b262v3037292729232e3o273b2w293u3m3q252q283w3x113a313s2t3o1a2u212o3q2q2o3o273z162a27332529252c35393x281r2a211w3y20391c2w221x2b1m372q1z3y39233x361g23353v3w3k292y143r2y2r13282z1y0o14193s2x26211s2z3u2b1q1a2s2322393g253q26153818141628211w162t3e24023y123t2y2r1g252t3q2w1e1m272v1r2a211s2q2w22370y3q2x1y392q2o25392s3y3x0c121w3b3e292y270e121w3b27392r3s1c2y3u24183c3s34141w3b27392r3s123s341a3a3u32141y3929372r3u1o34183c3u32141w3b29372r3s1v22122u17141b3v221z392m2s193w391z20062t3q262t183s372a233q223q263z392k25231v3t2t1o3u3s3u3m3q27391v261v281w1338313u2r3q1v2w3927252c3o29392t243i29231g3g2729232e331i', '77476333y3v202r363q07390x3q0536211x1w1z2025262b2e2f2q2r2w2z3035363b3e1c1h1i1z24193x1b2p1y142d1o382r292q172q2b323527173t33153621113u26153a3x2b1i23353v3s3o2o272q261q312v3u142v3c240338313s2t3q1v2w3o143t2w2t1e29252c3o273b2y271h123i38313a3z3u2t3o1g2s2x1n1g1i3w193u2v29232e3o273y123t2y2r1g23353v3s3o2o272q263y3v1q332t3u143u3o3o272o283y3v1k123i38313a3z3u2t3o1g3w3x141b3o2829332v3y223a163o0b2s1t2a211s2o2y22370b2s063q002y38343q3w24192u152c193s2q3u153a3v2t2833393w243b3v1d1b1k3f073j3h3j3j3i3h3h093k3i3j3i3k3k07093h3j3j3h3k3h093f3i3g073k3j3h3j3h0m2a2733312d2h2b1g231d1g3d2d2i2k2m2b2k2i261a1e1d1e3f2d2f2d2m3v1r1k1e161o3v1p1m221y1o1m3v1q1k1d1b2h2m1q1g162d2i2k281b1g3d2d2k2i2m271g3o1b1g3d333s3s3f3m29332b2h2b3o27262q321y3y221s2z2q341w1y372332393x3723320w233a2523303y13282q32131q2b2u26351424323733312d3u3o333w3537383x2z2o1t2823123u2s37392829331e29312q3u3m3s3s3b303r33282933242q3f233c29392t2b372s1g232b2e3r1q1g1h1u3s142o1j1633103u2u14123h292e3t1o1i1429332o3u3g243237332c3u3q313y331g1u3a3t393u3o231s3z2e3y13103u2u14123h292e3t1o1k1f1u3u122q1h16351y3w2s1414153a3v212o3m27222y2v3m2q24191o313y3v3u3u3s3o2o273y2t2q2m342v3c292m29252c3o1v2w3o1a292t3y1x3v273m1b3x2v261n2714373u293s3y3o29361c1t3o3o35311c3o27202t313s153q2t182r281o343q113u2o2o34122q2m342v1x18321y3r1s3u0v0x0x251216143s1625163v3427330v351c163221242512313s1u2u232e39253y123y2t13393z3q310p3s1625123q093s18303u3q1t3s22163q0h251r2a231u3y2039321w2338313u2t1y1h251g25241h251s37393q3u3o233s393x262s2827243u3e3t393s3u3m262s35351v2j193y252v261v2j1b32251g391d1g333w3x3u3s313s2425393x2o202t142v3c240338313s2t3q192y123t2y2r13333v3u3m2q252q282o2o320q1a2s23223t2a211c27142v200c2y3u34182c3s3x3f3z3v2z27232z3c3z3s2u06342w2q340t22222u1z0v2y27043u3m2q252q282s2x120c291x1338313u2r3q1a29140w1z1w141p2t22121s2q2m29232e3527252c3o29392t3s3o3q252q262q2o32193s2t3u3m2q252q282s2x113a313s2t3o1c291m29232e3o273q3r2y2t3g3u3s313u22251t3s240q2q2m3q271e272w3q3s3s3b273u233t2q2o252y04241z1o11372u2711162t3e2201393k2t1o332v3s132w3k2b2w1411353v3w3k292y273i2q123t2y2r1g3c3q042a2b252535122y3i2b261w193s2x1b1o332t3u163o0y103u25143q0w3q3s3s3b3s3u3u211z253u1o252t2r2v183z1c271z1d0m27373u2u2v1z1b0o273s193w39142p292z3z312523121o273s193w39143d213x312721141m273u173y3714313x212523141m273s193y37143o2v3t321d1m273q2o282z1w3u352a233q2z1w133s3y3b27392p3u133s133s1i282z1q3s2w211w3625292338313s14392z292z292927252c3o29392y273u3o3o272o283y3v1i2o2x263g3s2o2o3q251o', '2647b74aa20af3e7d4aca4dce5bdea1f'));
                                    

#117 JavaScript::Eval (size: 27, repeated: 1) - SHA256: bc9c06f981e7daa0478c449324d4010cdbc3c83c9a95879b99a0b531f5cabb87

                                        window.navigator.standalone
                                    

#118 JavaScript::Eval (size: 17, repeated: 1) - SHA256: e0bc19473df9795cd42be5da545b5a6828d31527b4ffa3769564f735abec0deb

                                        document.hasFocus
                                    

#119 JavaScript::Eval (size: 15, repeated: 1) - SHA256: de7f7b137340e1d218833d7afef73ea711325f139a4428eed317ca0374f67c91

                                        navigator.oscpu
                                    

#120 JavaScript::Eval (size: 27, repeated: 1) - SHA256: 1c82db5b05628505080952437a7fd64f03942b6e8ec97f799f4f867eaf492134

                                        typeof window.ondevicelight
                                    

#121 JavaScript::Eval (size: 27, repeated: 1) - SHA256: e94a47b072c1a87127e88c17e992124bcf93c5d0d6b4e96c73a909444a7cd0d6

                                        window.mozRTCPeerConnection
                                    

#122 JavaScript::Eval (size: 21, repeated: 1) - SHA256: 023250096bcba5a18a624685884b3126896db722289f3281cea8ec5cc63476e7

                                        navigator.appCodeName
                                    

#123 JavaScript::Eval (size: 26, repeated: 1) - SHA256: 92f68565a2781a0fbd595ff5c54717d6b87c6cf19d42c7f3d3d4c81193bb2cb4

                                        navigator.battery.charging
                                    

#124 JavaScript::Eval (size: 29, repeated: 1) - SHA256: 12c1e4b959357815447bdfe9fde3665a628e0cd4bbd622c9915820ea57fe01e3

                                        window.InstallTrigger.install
                                    

#125 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 51c1083130407a8772738aa2380eb5a583240a47d98f2204b124c06fd11aabd5

                                        top.frames.length
                                    

#126 JavaScript::Eval (size: 17, repeated: 1) - SHA256: b18f7c2e4dbfe2926b0413634f7cd6781be55e27b4b885dc68a8f740a80d72e1

                                        window.innerWidth
                                    

#127 JavaScript::Eval (size: 37, repeated: 1) - SHA256: 0e27576eb1e9c067b58d47b8749be97d9e94c1e3d67cdf541784148cd80a04b1

                                        MouseEvent.WEBKIT_FORCE_AT_MOUSE_DOWN
                                    

#128 JavaScript::Eval (size: 18, repeated: 1) - SHA256: 318e5db431b7c9515f38ae97da21d7c4e75ec281aea96271c0d0f4e22b35df92

                                        navigator.language
                                    

#129 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 893fe12669f916947d99616b788aa245f8b45c5b8b34544df4114a6a789217ab

                                        navigator.systemLanguage
                                    

#130 JavaScript::Eval (size: 30, repeated: 1) - SHA256: c2ea2223b59cfea384b15228f4cdc0f7337d4909e20e97e2fa42648ef8ecf610

                                        window.webkitRTCPeerConnection
                                    

#131 JavaScript::Eval (size: 25, repeated: 1) - SHA256: 11ae4500086472eb307c6d2459f0d1446b2cc02b1afda7925d800e2d49f1c9d1

                                        window.opener.outerHeight
                                    

#132 JavaScript::Eval (size: 48, repeated: 1) - SHA256: e7678fa8be4ae3ca69e517858903bb107391f9de7ae346a75288b81b57630269

                                        Intl.DateTimeFormat().resolvedOptions().timeZone
                                    

#133 JavaScript::Eval (size: 32, repeated: 1) - SHA256: 1138f8c1bb11f4a5f7d8354b8c8a642ef94c9c741d76a7f476bac6473b7de085

                                        window.screenY || window.screenTop
                                    

#134 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 031688cb60b9631e34bc623cf81a9eeef73de67ca290d15cccfaa65399420932

                                        screen.colorDepth
                                    

#135 JavaScript::Eval (size: 26, repeated: 1) - SHA256: 2638f8c5d74932a6dfe72bc21a585ef3525f7e26bd3dbb1f480071141c325af1

                                        navigator.msMaxTouchPoints
                                    

#136 JavaScript::Eval (size: 27, repeated: 1) - SHA256: d411f352f2428265f0fc9f43b7429dafafad74f69cf4022cd51d9df23a67f157

                                        performance.navigation.type
                                    

#137 JavaScript::Eval (size: 19, repeated: 1) - SHA256: c26c62a09a687d08a3ef9d9a960c5ae2ad47fecc853b4fb0380d71586d260a1b

                                        window.opener == null
                                    

#138 JavaScript::Eval (size: 47, repeated: 1) - SHA256: 423946cdca01d4915fdc795bb03491ce4251b32ed1717a7c0146ce14c838d373

                                        window.opener.screenX || window.opener.screenLeft
                                    

#139 JavaScript::Eval (size: 23, repeated: 1) - SHA256: 76fae4cd7853897c738cd23148b2ebab825379d6ba153e245965183cc3304082

                                        navigator.battery.level
                                    

#140 JavaScript::Eval (size: 29, repeated: 1) - SHA256: 95b2bbef556b3dc3b807638cb7b08274af9b8998def0c82d81e3a1517100d68f

                                        performance.timing.fetchStart
                                    

#141 JavaScript::Eval (size: 26, repeated: 1) - SHA256: e495f8780d35a18d80e09be6211760313cd30ac601a5c7478f9ddf4ebf8536ba

                                        navigator.pdfViewerEnabled
                                    

#142 JavaScript::Eval (size: 224, repeated: 1) - SHA256: 4d2e7b2cdca040264ef955b70797e2ba664f63b2d58c7bccf790fcb75d0e120d

                                        ['https://ku2d3a7pa8mdi.com/BNM/BNM.php?c=1799975', 'https://tipcatscarola.com/i2CuGOIr4VQ/27615', 'https://predictiondexchange.com/jump/next.php?r=3893051', 'https://nimrute.com/click?sid=ff031b75-44d7-409d-be3a-a93291f6429c']
                                    

#143 JavaScript::Eval (size: 20, repeated: 1) - SHA256: a5e2bc908c3bd3196d273564d073484f9905d13817490eca5aa249e701139cdc

                                        typeof window.chrome
                                    

#144 JavaScript::Eval (size: 21, repeated: 1) - SHA256: 61e43d202b6cd0ebf29ac8014115fcb890eb5593c4160b9ae285206ca911bce6

                                        window.history.length
                                    

#145 JavaScript::Eval (size: 36, repeated: 1) - SHA256: a7dc60bd6993c201941ea0bfc5218f7fea0bc015ee5dc88e658db78d98f8d98a

                                        performance.timing.domainLookupStart
                                    

#146 JavaScript::Eval (size: 12, repeated: 1) - SHA256: 20dbc48604a9afee27f0eaf4b84634fabbf1b2c09f78e795896b6fa1747b154a

                                        window.alert
                                    

#147 JavaScript::Eval (size: 17, repeated: 1) - SHA256: d204422e9d49293ab422bfabae9607635876cb30f77215f133603bac691f6f4b

                                        document.location
                                    

#148 JavaScript::Eval (size: 30, repeated: 1) - SHA256: b6a3c0492b8e7ae0ff680b4806058d22f740029707c1f7dda3cad6f985020ba3

                                        (new Date).getTimezoneOffset()
                                    

#149 JavaScript::Eval (size: 31, repeated: 1) - SHA256: df3486f2ca74e18e1c81ba55663a8dd4e668e36fed82949b9cca595051bd5064

                                        performance.timing.requestStart
                                    

#150 JavaScript::Eval (size: 11, repeated: 1) - SHA256: 2c6631ee0cabea9afb499cec860aab5fcf40ed956651a0b0ea7b3411e1a31cd9

                                        window.open
                                    

#151 JavaScript::Eval (size: 12, repeated: 1) - SHA256: 5191a526bd66a118a4a51956503fdcf4555cc92b48b9a426d04a7af25d3980e1

                                        window.brave
                                    

#152 JavaScript::Eval (size: 22, repeated: 1) - SHA256: c49e342522959187d587f89ed7dde961d8df29cec6b02dce869f4aa1ac3ef254

                                        window.mozInnerScreenX
                                    

Executed Writes (4)

#1 JavaScript::Write (size: 141, repeated: 1) - SHA256: 25f5901409e957e15a3cdcaf449b9d1a63239a1e9bc31026e13a00ff1fd29460

                                        < iframe webkitAllowFullScreen mozallowfullscreen allowfullscreen scrolling = "no"
frameborder = "0"
height = "450"
width = "720"
id = "Fwjj0" > < /iframe>
                                    

#2 JavaScript::Write (size: 184, repeated: 1) - SHA256: 90f4cd7162ad0e1bbe95bbb5861eae8bac0c9b14112e1e8655439c9b5f36c0e1

                                        < script > self.location = "https://hqq.to/player/embed_player.php?vid=259229259205265273269254264234225276194271217271255&autoplay=none&hash_from=afd56fe43c75ac2d9c7decc24819fcb6" < /script>
                                    

#3 JavaScript::Write (size: 4, repeated: 1) - SHA256: b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0

                                        2022
                                    

#4 JavaScript::Write (size: 235, repeated: 1) - SHA256: 14a5426cb380f437e9ae6a181f508819bb3433bb9666b38712c6761e3642a3e5

                                        < script >
    var outerWidth = window.outerWidth || window.innerWidth;
if (outerWidth > 1) {
    var netu_player_datas = {
        'vid': '259229259205265273269254264234225276194271217271255',
        'hash_from': 'afd56fe43c75ac2d9c7decc24819fcb6'
    };
} < /script>
                                    


HTTP Transactions (254)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4709
Expires: Wed, 05 Oct 2022 22:40:06 GMT
Date: Wed, 05 Oct 2022 21:21:37 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: U36DVqYtOl3gx1ETv_i46A1sbh1wB1ZyFXDrI0e6nkSdIaqnX0dehA==
Age: 20059


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A9FB1F7ADE7C8A79D2EE83E9B7215E66DC89AC733B11079297A8F4B9ACEAE1F5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5862
Expires: Wed, 05 Oct 2022 22:59:19 GMT
Date: Wed, 05 Oct 2022 21:21:37 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: QZPmu7dh9ZoHpyvx8WG4oKHTcU3kbxrRo79TRIXDsINNDLPPdyyvyCnzyQToAUmaY0p7MG2XwHc=
x-amz-request-id: RREA74NQ2G0ZT49A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 05 Oct 2022 20:58:26 GMT
age: 1391
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 21:21:37 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /mochi-mochi-mochimochisosweet/ HTTP/1.1 
Host: gaypornhdfree.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.89.7
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 05 Oct 2022 21:21:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-pingback: http://gaypornhdfree.com/xmlrpc.php
x-redirect-by: WordPress
location: https://gaypornhdfree.com/mochi-mochi-mochimochisosweet/
x-litespeed-cache: miss
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAEAWdTMBgEXGVefxQpD0ESUIDdcyroCDvOpRnT782A0HY87p2AtskffZeKtBpsRcoIXuIAcZgdQ3W0iOsrW%2FrX8H6i6wwUXhiSI3ZuJzoPQYeZLBfj1uXZjwve6YL0%2Ff%2BzTdA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75593542a94ab518-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 05 Oct 2022 20:32:19 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 05 Oct 2022 20:54:26 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zqWeCB3v5wlUrxpXIXJZT6tbAJIFtEh0_-8wdOHCut8Pl2sbBhGLvQ==
Age: 3125


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3599
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 21:21:38 GMT
Last-Modified: Wed, 05 Oct 2022 20:21:40 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /nativeads-v2.js HTTP/1.1 
Host: a.realsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.216.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 05 Oct 2022 21:21:38 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 16524
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"5573ab9c54ae8fcb8c5f0205e02"
X-HW: 1665004898.dop202.sk1.t,1665004898.cds217.sk1.shn,1665004898.cds217.sk1.c
Access-Control-Allow-Origin: *, *


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (58899), with no line terminators
Size:   16524
Md5:    5b86684f9134faf92b79b62658dbac0f
Sha1:   7e202065a4186ca1383f644a2032263f7e0bb75d
Sha256: 63e678de1e957dd29c9ddd9abe85553b6c63d3640914e34e2aff780b580caaa3
                                        
                                            GET /popunder1000.js HTTP/1.1 
Host: a.realsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.216.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 05 Oct 2022 21:21:38 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 39969
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"1063790cabf57ffff66ecc0cab2"
X-HW: 1665004898.dop002.sk1.t,1665004898.cds212.sk1.shn,1665004898.cds212.sk1.c
Access-Control-Allow-Origin: *, *


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   39969
Md5:    ecf59349935e274ee2cb03e357d71158
Sha1:   7aa74be5d4c9e213b0692eaa0ac6a78e5d74b9e1
Sha256: 64603c3d15d7d1fdf05fd5ef4e582ec4766635797f974cc08f3d6e79c7725d31
                                        
                                            GET /ad-provider.js HTTP/1.1 
Host: a.realsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.216.42
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 05 Oct 2022 21:21:38 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 23795
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"7a6fef28e10ffbf7c5d56577798"
X-HW: 1665004898.dop069.sk1.t,1665004898.cds071.sk1.shn,1665004898.cds071.sk1.c
Access-Control-Allow-Origin: *, *


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   23795
Md5:    5ed9c35e690aa450445a48ddb532e13e
Sha1:   7066e4b5e5ca2a7f473a050483770384e07fa4e7
Sha256: cef1db226f71ef69960df557ced8619b3d6e589f0cc8316c7a3f6026943cee10
                                        
                                            GET /wp-content/uploads/2022/10/YI8796060.jpg HTTP/1.1 
Host: gphd-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.1.154
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 05 Oct 2022 21:21:38 GMT
content-length: 43715
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 01:39:14 GMT
last-modified: Tue, 04 Oct 2022 22:43:39 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 70944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpnXq5HqAbm6pzXlk5z%2FyyzMg1LhhaGJeXiOg7kippX7U7QcRt%2FaQdqYccv1qa%2FWyXohL4P98JVeBJzHv5J%2BUsWJlF%2BKPj9ZznK0H9ltNQdFNTFSiFshXEk2CsFPC0I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75593548d8b1b4f7-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 640x360, components 3\012- data
Size:   43715
Md5:    c87c7676f533d397a98789ed8690b232
Sha1:   3f30caed8b5e97b58c07df9ddd0158c2fe6248fd
Sha256: 63bd5bc4fb4a833e471e46f8ea34a5173d9b761af24432f86c4bb84e7573ac41
                                        
                                            GET /wp-content/uploads/2022/10/YI9679679760.jpg HTTP/1.1 
Host: gphd-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.1.154
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 05 Oct 2022 21:21:38 GMT
content-length: 61733
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 01:39:14 GMT
last-modified: Tue, 04 Oct 2022 22:40:56 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 70944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5riHsYU0IzS20UM6r3Ez%2BQBekyD3IQSe%2BZK61y87%2BWHOBmghjbdZt99mVo1r%2Bh89vQ2FLHlSI5pqN4MAtgoAx9b%2Blt1UPSJkcvqmQH%2FtS0TGGJBgQuHMir3bRpAwBY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75593548d8b7b4f7-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 640x360, components 3\012- data
Size:   61733
Md5:    678925c3868bc81ebcd91d07c3edc5df
Sha1:   ab23bd581daa65c1cfa8816f97592e71988ca2c1
Sha256: 81c34729a1c9c47905b302e2b02a9c04c33a41573e80fd14028b723858f17674
                                        
                                            GET /wp-content/uploads/2022/10/I8679679660.jpg HTTP/1.1 
Host: gphd-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.1.154
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 05 Oct 2022 21:21:38 GMT
content-length: 61511
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 01:39:14 GMT
last-modified: Tue, 04 Oct 2022 22:40:20 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 70944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8hEMHDiZtPOuZLa%2F4tM5Wzb3as1IErg2SCXQfP0LCBnuBX4zdn5F7Rkrn4JfPpB82osHNwQExxhX6BeMDfaFx%2FzNZvPoLOsdNgDmXKZfubsh%2BrWFiJNMTm5n4MT3aE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75593548d8b5b4f7-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 640x360, components 3\012- data
Size:   61511
Md5:    123f1ef4354128b2475006c38a3c13bf
Sha1:   976c7244b0e951ff1d997ac256071b252f1ece99
Sha256: 72bd2474966870a05a8f9d0d6a8df1bacdc19ed32922ec5cf46d69daa11a430d
                                        
                                            GET /wp-content/uploads/2022/10/I679769606.jpg HTTP/1.1 
Host: gphd-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.1.154
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 05 Oct 2022 21:21:38 GMT
content-length: 71734
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 01:39:14 GMT
last-modified: Tue, 04 Oct 2022 22:39:36 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 70944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qA%2FYRjfqgMG%2B69utXgERzE1hko9MBzR%2F3%2F3FEgQCWX00aYugIc8n%2FxI2ZgsU2Cr1prx7Wv2ll7puDx83Am855AcaSWEbNrj4MhPEyuqNdpLrizT5yGWq%2BT9fbw3na2U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75593548c8adb4f7-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 640x360, components 3\012- data
Size:   71734
Md5:    936f38fad2d024db78bea87fdf5cadee
Sha1:   2ddafd0f8d45b712c12499ba6f196f2336dc2da5
Sha256: 8b2c2807914e5c8db292ca28b5a20e1848f14129380a6be5be950a76003131d4
                                        
                                            GET /wp-content/uploads/2022/10/9696606-.jpg HTTP/1.1 
Host: gphd-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.1.154
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 05 Oct 2022 21:21:38 GMT
content-length: 56477
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 01:39:14 GMT
last-modified: Tue, 04 Oct 2022 22:44:19 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 70944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OVqDvrf0o5%2FHEHzpzw72RLvfskyEhexm93zd%2FH7xHFx5Iu2OW5xddjRd6nBIQ1PZsUMgz62T9G55NfXAojIXaHZA7CCRRSCfeHlcVxpjORl%2FaHvONregOSJW66lrU4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75593548d8b9b4f7-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 640x360, components 3\012- data
Size:   56477
Md5:    68c2c16830be189b8d29bf54fbff6276
Sha1:   37517f423662ffcf153164e1b52c3df3d7c0549e
Sha256: 61b2bc6c049ec076396790f0bba7e6487e5ac4f2eab7af4c168a357db6ebe334
                                        
                                            GET /wp-content/uploads/2022/10/I66797696.jpg HTTP/1.1 
Host: gphd-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.1.154
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 05 Oct 2022 21:21:38 GMT
content-length: 83882
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 01:39:14 GMT
last-modified: Tue, 04 Oct 2022 22:43:02 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 70944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8GQR9nopTciV3EyqTU1r%2BYEWqN87B1MrYl3J8%2F3ZkDSbYw6bNkX4eIatpvFBW3L98oG9apV1uQoc1plLBC01kBq2kDoxKgpSfBTLrSk9IS0Jflxfu5RZn%2FFZEG3pyY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75593548d8bab4f7-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 640x360, components 3\012- data
Size:   83882
Md5:    852d1f2dde94f6974ed83629635505c2
Sha1:   b21d1e9113ac0d03d18d14df1cf97d778e2f795c
Sha256: 9333718a73c2062949d29022bcede77cdda0ef250ea607dc810dfe05046344fe
                                        
                                            GET /wp-content/uploads/2022/10/IK79O67606-.jpg HTTP/1.1 
Host: gphd-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.1.154
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 05 Oct 2022 21:21:38 GMT
content-length: 70082
cache-control: public, max-age=604800
expires: Wed, 12 Oct 2022 01:39:14 GMT
last-modified: Tue, 04 Oct 2022 22:41:40 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 70944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxslKvTDRbwACH0utVrAc0be2gGkOfN0l7u3y0VnZ8SbS4lO6eUc3AcSa55fQxydPVx1H4zhXBe4kA1JbiEkIbPqzXnQAJxwHrp6fmLAeC5TwKkULMBf0HkwxlZ90Gc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75593548d8b3b4f7-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 640x360, components 3\012- data
Size:   70082
Md5:    2b2d499546f9d641bfbd80f44d62f8a2
Sha1:   5c333c4fe87050e32d20b0f099c78325f3463148
Sha256: 566170166f0130917b896d34d864c32fe6185f099bacca4d42d44030810f9b5b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 21:21:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 21:21:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2+vjJGxpA2WKtLqNgeR2FQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.242.32.27
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pHUlc5qyfJ/qZg7TgQ97PBEdUzs=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0F6FA24049C300E785B8063EA0F74B058EA9B0F122E1A8E1912DF9EC84AA786C"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13154
Expires: Thu, 06 Oct 2022 01:00:53 GMT
Date: Wed, 05 Oct 2022 21:21:39 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 21:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   21487
Md5:    59afd0515de451735c1a435832d40017
Sha1:   ce42e44222aa98278cf70baeba1f1a2c0d4b2ca4
Sha256: f7e7b76cd6526e7665171d4f832290bc3c4da594105a425945634e205819692c
                                        
                                            GET /css?family=Open+Sans:400,400italic,600,600italic,300,300italic,700,700italic HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 21:21:38 GMT
date: Wed, 05 Oct 2022 21:21:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   54590
Md5:    32a3f0da5eef5fd1bcea92b77f1d0a5f
Sha1:   eb7003285c0189adf8192f091a1634c94f0107fc
Sha256: 448446a5ab22595e463148bb10565dfc2a62e71a9ad4ab66296ec51421edef77
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 21:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   2636
Md5:    c834b49a4d737aceb884794d1bcc798a
Sha1:   28c3e64e1a7acf78e4409980b90f2349f878ce77
Sha256: a948bf1fff3ef02c27845c3b9d0d2f0be2387fe7393cdab8fe42abc7f02bbc00
                                        
                                            GET /-KkjdNHzDqsc/WWLvKIuTWyI/AAAAAAAAmBE/4pOeO6sy87o-p9oWHELgAaHaDfw3Xe7SgCLcBGAs/s1600/overlay-play.png HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.161
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
content-disposition: inline;filename="overlay-play.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2495
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:13:12 GMT
expires: Wed, 17 Nov 2021 17:26:54 GMT
cache-control: public, max-age=86400, no-transform
age: 7707
etag: "v9815"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   42570
Md5:    88be9053c6bfcd94895a7a8fc109000b
Sha1:   dd854b63922249dc1a2d0d0ccff022f942d4d232
Sha256: 14145ecfe36a248229942f3839863e0e39ccd8d81073d3d18ca7977cf21a5725
                                        
                                            GET /splash.php?native-settings=1&idzone=4746716&cookieconsent=true&p=https%3A%2F%2Fgaypornhdfree.com%2Fmochi-mochi-mochimochisosweet%2F HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gaypornhdfree.com
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.245
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 05 Oct 2022 21:21:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://gaypornhdfree.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22633df5631472d3.542278131410307863%22%3B%7D; expires=Fri, 04 Oct 2024 21:21:39 GMT; path=; domain=.realsrv.com; Secure; SameSite=none impressions=oslmroemnxgxaacllaxbogeicxbmsbocnxgxaaclllesmgeioslmrxbrnxgxaacbmrobbgeicxbmsbxcnxgxaaclllercgeicxbmsbcenxgxaaclllercgeislsaroornxgxaacmobexrgeicxbmsboenxgxaareecbllgeimreaomxcnxgxaasaoabsrgeimreaobsonxgxaasaoabsrgeioslmrxbmnxgxaacllrobbgeimcclsoeenxgxaasamsoccgeimcclosconxgxaacobbxcxgeimrblelmonxgxaasamsoccgeimrblxembnxgxaasamsoccgeimrblxeecnxgxaasamsoccgeimrblxemcnxgxaasamsoccgeialbserecnxgxaacxeermsgeioslmrxlsnxgxaaclllercgeicaormbbonxgxaareecbllgeioslmrxlrnxgxaacmremaxgeimcclsxscnxgxaacsxbrblgeimrerbmbbnxgxaasmeceesgeialbsereanxgxaacsxbrblgeialbserebnxgxaasborcsogeiccmblmmcnxgxaaclllesmgeimrblelxcnxgxaasblsoxxgeimcclsxoanxgxaacmobexrgeimrblelmbnxgxaasblsoxxgeimcclossanxgxaacmobexrgeimcclselenxgxaasblsoxxgeimcclsoeonxgxaacllaxbogeimccloscenxgxaaslcsrobgeimcclsxacnxgxaaslcsrobgeicaormlebnxgxaacxeermsgeimcersxranxgxaacxeermsgeisaeeasslnxgxaacxeermsgeimcersxacnxgxaacxeermsgeimcersxrenxgxaacxeermsgeiccmblmmbnxgxaaclllesmgeiccmblmmanxgxaacbmcxxrgeislsarosxnxgxaacsremoegeiabeocmsbnxgxaacmobeeageimcclsxcanxgxaacmobexrgeimaecobxanxgxaacmobexrgeimcclsxsbnxgxaacmcrlolgeiccmblmmonxgxaaclllercgeialbserxonxgxaacmremaxgeimcclossbnxgxaacbmrobbgeimaelrlmanxgxaaclmelxogxcceimrsreaabnogxaaclmlsrrgxcceimrsreamcnogxaacllexergxcceimxlbmosanrgxaacllsxbxgxcceimrcaoaoanrgxaacllsxbxgxcceimxlbmoscnsgxaacllsxbxgxcceialxosmbanxgxaacllsxbxgxcceimxlbmoobnogxaacllsxbxgxcceimxxrecsanxgxaacllslcagxcceiaaxcabeonxgxaacllslcagxcceialrexeoonxgxaacllcxbsgxcceimrcaeesbnsgxaacllcaorgxcceixaoosscrnxgxaacllcaorgxcceixaoossalnxgxaacllcaorgxcceimeembecenxgxaacllcaorgxcceimeembesonxgxaacllcaorgxcceialrexexbnxgxaacllcmcrgxcceimcoaxmxonmgxaacllcmcrgxcceialaroxrcnxgxaacllcmcrgxcceialbbebsbnxgxaacllrobbgxcceimxlbmosenogxaacllrobbgxcceimxcbrxbenxgxaacllrobbgxcceimcssmlronsgxaacllrobbgxcceimxlbmosonogxaacllroblgxcceimclsaoxbncgxaacllrsccgxcceimcoaxmxcncgxaacllrsccgxcceimcssmlrcnsgxaacllrscrgxcceimsacexoonxgxaacllrscrgxcceimxeoxsacnrgxaacllrscrgxcceicaormlxbnxgxaacllrsrlgeimcrxeoocnxgxaacllrcoegxcceimcrxeoranxgxaacllrcoegxcceimcclsxobnxgxaacllaxbogeimcclsxbcnxgxaacllaxbogeimrblelxanxgxaacllaxbogeimaecsxccnxgxaacllaxbogeimaecsxcanxgxaacllaxbogeimrblxeeanxgxaacllaxbogeimcssmlrensgxaacllaoregxcceimrmbbrcbnxgxaacllaoregxcceimxlbmxlonxgxaacllascegxcceimxomorronxgxaacllascegxcceirrmlllronxgxaacllascegxcceialbbebsanxgxaacllascegxcceimxreaomcnxgxaacllaaeegxcceimclxlloanxgxaacllaaeegxcceimrcscosbnxgxaacllaaeegxcceimccoarcbnxgxaacllaaeegxcceiceecmorsnxgxaacllaaacgxcceimexexabbnxgxaacllaaargxcceimrxccoscnxgxaacllalbagxcceimrxccosonsgxaacllalbagxcceimrxccosenogxaacllalbagxcceimrxccosanogxaacllalbagxcceimxlbalscnxgxaacllmsaegxcceimemlxbocnxgxaacllmcccgxcceimeembeconxgxaacllmcccgxcceicxmecmcanxgxaacllmcccgxcceimeembescnxgxaacllbecxgxcceimrbxmxmanogxaacllbacxgxcceimrracorbnxgxaacllbblmgxcceimxeemleenxgxaacllbblmgxcceicmarxbbonagxaacllbblmgxcceimxcbrxscnxgxaaclllesmgxcceimxeoxsbenmgxaaclllercgxcceimxcbrxronxgxaaclllercgxcceialbbebrenxgxaaclllxomgxcceimxomsmconxgxaareexocrgxcceimcrxeobenxgxaareeocorgxcceimrcscrsanxgxaareeobslgxcceimcrxeocanxgxaareesebsgxcceimrmaobxanogxaareesxcrgxcceimrmaoboenogxaareesxcrgxcceimrmaobxbnxgxaareesxcrgxcceialcaercenxgxaareecssagxcceimrracoranxgxaareecssagxcceircleeobonxgxaareecrbsgxcceimrxccosbnxgxaareecrbsgxcceimocbmmmanxgxaareecbllgxcce; expires=Thu, 06 Oct 2022 21:21:39 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4746716%7C41873820%7C0%7C%7C118%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C96f86769e2c0ada26ff426ad42fe7c60%7C0%7Cgaypornhdfree.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Thu, 06 Oct 2022 21:21:39 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4746716%7C46257882%7C92448%7C%7C118%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C96f86769e2c0ada26ff426ad42fe7c60%7C0%7Cgaypornhdfree.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Thu, 06 Oct 2022 21:21:39 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4746716%7C72487776%7C0%7C%7C118%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C96f86769e2c0ada26ff426ad42fe7c60%7C0%7Cgaypornhdfree.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Thu, 06 Oct 2022 21:21:39 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (6043), with no line terminators
Size:   3102
Md5:    587a62ea0831dfe2156e435fe71ba0ec
Sha1:   cddd64f22f7ffb0fecc5481ccd3144c12a932dec
Sha256: 782f4336f0b975a4d139732c934916ea08350c79e461b303daedf89ccbdb963a
                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gaypornhdfree.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 03:08:55 GMT
expires: Sun, 01 Oct 2023 03:08:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
age: 411164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gaypornhdfree.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:59:14 GMT
expires: Tue, 03 Oct 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 181345
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   52237
Md5:    de0843accfb479221fa9947b2b791250
Sha1:   0c581616777fab3ac66f3518326577cf73de0e3f
Sha256: eb281a024fe052bf2ec8c6ced760bd07978431c37d8448157e7ebcda390bcde0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 21:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /splash.php?native-settings=1&idzone=4747562&cookieconsent=true&p=https%3A%2F%2Fgaypornhdfree.com%2Fmochi-mochi-mochimochisosweet%2F HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gaypornhdfree.com
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.245
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 05 Oct 2022 21:21:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://gaypornhdfree.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22633df563248121.354682443423923439%22%3B%7D; expires=Fri, 04 Oct 2024 21:21:39 GMT; path=; domain=.realsrv.com; Secure; SameSite=none impressions=oslmroemnxgxaacllaxbogeicxbmsbocnxgxaaclllesmgeioslmrxbrnxgxaacbmrobbgeicxbmsbxcnxgxaareecbllgeicxbmsbcenxgxaaclllercgeislsaroornxgxaacmobexrgeicxbmsboenxgxaareecbllgeimreaomxcnxgxaasaoabsrgeimreaobsonxgxaasaoabsrgeioslmrxbmnxgxaacllrobbgeimcclsoeenxgxaasamsoccgeimcclosconxgxaacobbxcxgeimrblelmonxgxaasamsoccgeimrblxembnxgxaasamsoccgeimrblxeecnxgxaasamsoccgeimrblxemcnxgxaasamsoccgeialbserecnxgxaacxeermsgeioslmrxlsnxgxaaclllercgeicaormbbonxgxaareecbllgeioslmrxlrnxgxaacmremaxgeimcclsxscnxgxaacsxbrblgeimrerbmbbnxgxaasmeceesgeialbsereanxgxaacsxbrblgeialbserebnxgxaasborcsogeiccmblmmcnxgxaaclllesmgeimrblelxcnxgxaasblsoxxgeimcclsxoanxgxaacmobexrgeimrblelmbnxgxaasblsoxxgeimcclossanxgxaacmobexrgeimcclselenxgxaasblsoxxgeimcclsoeonxgxaacllaxbogeimccloscenxgxaaslcsrobgeimcclsxacnxgxaaslcsrobgeicaormlebnxgxaacxeermsgeimcersxranxgxaacxeermsgeisaeeasslnxgxaacxeermsgeimcersxacnxgxaacxeermsgeimcersxrenxgxaacxeermsgeiccmblmmbnxgxaaclllesmgeiccmblmmanxgxaacbmcxxrgeislsarosxnxgxaacsremoegeiabeocmsbnxgxaacmobeeageimcclsxcanxgxaacmobexrgeimaecobxanxgxaacmobexrgeimcclsxsbnxgxaacmcrlolgeiccmblmmonxgxaaclllercgeialbserxonxgxaacmremaxgeimcclossbnxgxaacbmrobbgeimaelrlmanxgxaaclmelxogxcceimrsreaabnogxaaclmlsrrgxcceimrsreamcnogxaacllexergxcceimxlbmosanrgxaacllsxbxgxcceimrcaoaoanrgxaacllsxbxgxcceimxlbmoscnsgxaacllsxbxgxcceialxosmbanxgxaacllsxbxgxcceimxlbmoobnogxaacllsxbxgxcceimxxrecsanxgxaacllslcagxcceiaaxcabeonxgxaacllslcagxcceialrexeoonxgxaacllcxbsgxcceimrcaeesbnsgxaacllcaorgxcceixaoosscrnxgxaacllcaorgxcceixaoossalnxgxaacllcaorgxcceimeembecenxgxaacllcaorgxcceimeembesonxgxaacllcaorgxcceialrexexbnxgxaacllcmcrgxcceimcoaxmxonmgxaacllcmcrgxcceialaroxrcnxgxaacllcmcrgxcceialbbebsbnxgxaacllrobbgxcceimxlbmosenogxaacllrobbgxcceimxcbrxbenxgxaacllrobbgxcceimcssmlronsgxaacllrobbgxcceimxlbmosonogxaacllroblgxcceimclsaoxbncgxaacllrsccgxcceimcoaxmxcncgxaacllrsccgxcceimcssmlrcnsgxaacllrscrgxcceimsacexoonxgxaacllrscrgxcceimxeoxsacnrgxaacllrscrgxcceicaormlxbnxgxaareecbllgeimcrxeoocnxgxaacllrcoegxcceimcrxeoranxgxaacllrcoegxcceimcclsxobnxgxaacllaxbogeimcclsxbcnxgxaacllaxbogeimrblelxanxgxaacllaxbogeimaecsxccnxgxaacllaxbogeimaecsxcanxgxaacllaxbogeimrblxeeanxgxaacllaxbogeimcssmlrensgxaacllaoregxcceimrmbbrcbnxgxaacllaoregxcceimxlbmxlonxgxaacllascegxcceimxomorronxgxaacllascegxcceirrmlllronxgxaacllascegxcceialbbebsanxgxaacllascegxcceimxreaomcnxgxaacllaaeegxcceimclxlloanxgxaacllaaeegxcceimrcscosbnxgxaacllaaeegxcceimccoarcbnxgxaacllaaeegxcceiceecmorsnxgxaacllaaacgxcceimexexabbnxgxaacllaaargxcceimrxccoscnxgxaacllalbagxcceimrxccosonsgxaacllalbagxcceimrxccosenogxaacllalbagxcceimrxccosanogxaacllalbagxcceimxlbalscnxgxaacllmsaegxcceimemlxbocnxgxaacllmcccgxcceimeembeconxgxaacllmcccgxcceicxmecmcanxgxaacllmcccgxcceimeembescnxgxaacllbecxgxcceimrbxmxmanogxaacllbacxgxcceimrracorbnxgxaacllbblmgxcceimxeemleenxgxaacllbblmgxcceicmarxbbonagxaacllbblmgxcceimxcbrxscnxgxaaclllesmgxcceimxeoxsbenmgxaaclllercgxcceimxcbrxronxgxaaclllercgxcceialbbebrenxgxaaclllxomgxcceimxomsmconxgxaareexocrgxcceimcrxeobenxgxaareeocorgxcceimrcscrsanxgxaareeobslgxcceimcrxeocanxgxaareesebsgxcceimrmaobxanogxaareesxcrgxcceimrmaoboenogxaareesxcrgxcceimrmaobxbnxgxaareesxcrgxcceialcaercenxgxaareecssagxcceimrracoranxgxaareecssagxcceircleeobonxgxaareecrbsgxcceimrxccosbnxgxaareecrbsgxcceimocbmmmanxgxaareecbllgxcceimocbmmacnxgxaareecbllgxcceicaormbbcnxgxaareecbllge; expires=Thu, 06 Oct 2022 21:21:39 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4747562%7C72487764%7C0%7C%7C118%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C96f86769e2c0ada26ff426ad42fe7c60%7C0%7Cgaypornhdfree.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Thu, 06 Oct 2022 21:21:39 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4747562%7C46257918%7C92448%7C%7C118%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C96f86769e2c0ada26ff426ad42fe7c60%7C0%7Cgaypornhdfree.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Thu, 06 Oct 2022 21:21:39 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4747562%7C41873814%7C0%7C%7C118%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C96f86769e2c0ada26ff426ad42fe7c60%7C0%7Cgaypornhdfree.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Thu, 06 Oct 2022 21:21:39 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4747562%7C46257884%7C92446%7C%7C118%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C96f86769e2c0ada26ff426ad42fe7c60%7C0%7Cgaypornhdfree.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Thu, 06 Oct 2022 21:21:39 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (7229), with no line terminators
Size:   3556
Md5:    bb1183b260d1f24c8c2c96f82c6acf18
Sha1:   16decc9b4abac55a6bc45aec1184ef2ad9f57492
Sha256: a2363c67919ae0557a52e7f440e8957ec678c8d7773454fe6b7f010575bcaadd
                                        
                                            GET /e/uarv5qu2r8v8k4sotskbmu4ngjv8vvl3 HTTP/1.1 
Host: dood.so
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         190.115.31.133
HTTP/2 302 Found
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 05 Oct 2022 21:21:39 GMT
content-length: 0
set-cookie: __ddg1_=Rdxp51yzM8VjcfsJ2PpA; Domain=.dood.so; HttpOnly; Path=/; Expires=Thu, 05-Oct-2023 21:21:39 GMT lang=1; domain=.dood.so; path=/ referer=; domain=.dood.so; path=/; expires=Wed, 05-Oct-2022 21:22:39 GMT
location: /e/djcuxf1ipslae6tryaxw0rgrb32nnje
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 21:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /show.js HTTP/1.1 
Host: cdn.popcash.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 05 Oct 2022 21:21:39 GMT
content-encoding: br
content-length: 36402
last-modified: Tue, 05 Jul 2022 13:28:20 GMT
accept-ranges: bytes
etag: W/"62c43c74-1b189"
cache-control: max-age=2592000, public
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUwmSZ8jvagq9rT3laa5kdGAHTfTjtwSj%2BwydgCY8vz8Q2kuNQa0WJW0RlGhy%2BSc3FWh9O8omX33%2FtJFewrhiomS%2BLyvc9RfhLE64gY4AyMS2ld9GkMRNXLDVnwq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 72f659fe7a21be38-CPH
vary: Accept-Encoding
x-hw: 1665004899.cds243.sk1.hn,1665004899.cds015.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65387)
Size:   36402
Md5:    67006a1f5f35b63343332cbfec97cd85
Sha1:   9d5be86bebf78c5bc3aee39e74ced6631939ab5c
Sha256: f82f11a982dc0602cdef4bc9eccfd26637a8b9bdd504a456a93426a376fff60b
                                        
                                            GET /e/uarv5qu2r8v8k4sotskbmu4ngjv8vvl3 HTTP/1.1 
Host: dood.so
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         190.115.31.133
HTTP/2 302 Found
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 05 Oct 2022 21:21:39 GMT
content-length: 0
set-cookie: __ddg1_=bkw1MkYoWNe61M0WEwZF; Domain=.dood.so; HttpOnly; Path=/; Expires=Thu, 05-Oct-2023 21:21:39 GMT lang=1; domain=.dood.so; path=/ referer=; domain=.dood.so; path=/; expires=Wed, 05-Oct-2022 21:22:39 GMT
location: /e/eeyxdpnnlt5vylnu90ziykyc4zadvv2
X-Firefox-Spdy: h2

                                        
                                            POST /v1/api.php HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 272
Origin: https://gaypornhdfree.com
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22633df563248121.354682443423923439%22%3B%7D; impressions=oslmroemnxgxaacllaxbogeicxbmsbocnxgxaaclllesmgeioslmrxbrnxgxaacbmrobbgeicxbmsbxcnxgxaareecbllgeicxbmsbcenxgxaaclllercgeislsaroornxgxaacmobexrgeicxbmsboenxgxaareecbllgeimreaomxcnxgxaasaoabsrgeimreaobsonxgxaasaoabsrgeioslmrxbmnxgxaacllrobbgeimcclsoeenxgxaasamsoccgeimcclosconxgxaacobbxcxgeimrblelmonxgxaasamsoccgeimrblxembnxgxaasamsoccgeimrblxeecnxgxaasamsoccgeimrblxemcnxgxaasamsoccgeialbserecnxgxaacxeermsgeioslmrxlsnxgxaaclllercgeicaormbbonxgxaareecbllgeioslmrxlrnxgxaacmremaxgeimcclsxscnxgxaacsxbrblgeimrerbmbbnxgxaasmeceesgeialbsereanxgxaacsxbrblgeialbserebnxgxaasborcsogeiccmblmmcnxgxaaclllesmgeimrblelxcnxgxaasblsoxxgeimcclsxoanxgxaacmobexrgeimrblelmbnxgxaasblsoxxgeimcclossanxgxaacmobexrgeimcclselenxgxaasblsoxxgeimcclsoeonxgxaacllaxbogeimccloscenxgxaaslcsrobgeimcclsxacnxgxaaslcsrobgeicaormlebnxgxaacxeermsgeimcersxranxgxaacxeermsgeisaeeasslnxgxaacxeermsgeimcersxacnxgxaacxeermsgeimcersxrenxgxaacxeermsgeiccmblmmbnxgxaaclllesmgeiccmblmmanxgxaacbmcxxrgeislsarosxnxgxaacsremoegeiabeocmsbnxgxaacmobeeageimcclsxcanxgxaacmobexrgeimaecobxanxgxaacmobexrgeimcclsxsbnxgxaacmcrlolgeiccmblmmonxgxaaclllercgeialbserxonxgxaacmremaxgeimcclossbnxgxaacbmrobbgeimaelrlmanxgxaaclmelxogxcceimrsreaabnogxaaclmlsrrgxcceimrsreamcnogxaacllexergxcceimxlbmosanrgxaacllsxbxgxcceimrcaoaoanrgxaacllsxbxgxcceimxlbmoscnsgxaacllsxbxgxcceialxosmbanxgxaacllsxbxgxcceimxlbmoobnogxaacllsxbxgxcceimxxrecsanxgxaacllslcagxcceiaaxcabeonxgxaacllslcagxcceialrexeoonxgxaacllcxbsgxcceimrcaeesbnsgxaacllcaorgxcceixaoosscrnxgxaacllcaorgxcceixaoossalnxgxaacllcaorgxcceimeembecenxgxaacllcaorgxcceimeembesonxgxaacllcaorgxcceialrexexbnxgxaacllcmcrgxcceimcoaxmxonmgxaacllcmcrgxcceialaroxrcnxgxaacllcmcrgxcceialbbebsbnxgxaacllrobbgxcceimxlbmosenogxaacllrobbgxcceimxcbrxbenxgxaacllrobbgxcceimcssmlronsgxaacllrobbgxcceimxlbmosonogxaacllroblgxcceimclsaoxbncgxaacllrsccgxcceimcoaxmxcncgxaacllrsccgxcceimcssmlrcnsgxaacllrscrgxcceimsacexoonxgxaacllrscrgxcceimxeoxsacnrgxaacllrscrgxcceicaormlxbnxgxaareecbllgeimcrxeoocnxgxaacllrcoegxcceimcrxeoranxgxaacllrcoegxcceimcclsxobnxgxaacllaxbogeimcclsxbcnxgxaacllaxbogeimrblelxanxgxaacllaxbogeimaecsxccnxgxaacllaxbogeimaecsxcanxgxaacllaxbogeimrblxeeanxgxaacllaxbogeimcssmlrensgxaacllaoregxcceimrmbbrcbnxgxaacllaoregxcceimxlbmxlonxgxaacllascegxcceimxomorronxgxaacllascegxcceirrmlllronxgxaacllascegxcceialbbebsanxgxaacllascegxcceimxreaomcnxgxaacllaaeegxcceimclxlloanxgxaacllaaeegxcceimrcscosbnxgxaacllaaeegxcceimccoarcbnxgxaacllaaeegxcceiceecmorsnxgxaacllaaacgxcceimexexabbnxgxaacllaaargxcceimrxccoscnxgxaacllalbagxcceimrxccosonsgxaacllalbagxcceimrxccosenogxaacllalbagxcceimrxccosanogxaacllalbagxcceimxlbalscnxgxaacllmsaegxcceimemlxbocnxgxaacllmcccgxcceimeembeconxgxaacllmcccgxcceicxmecmcanxgxaacllmcccgxcceimeembescnxgxaacllbecxgxcceimrbxmxmanogxaacllbacxgxcceimrracorbnxgxaacllbblmgxcceimxeemleenxgxaacllbblmgxcceicmarxbbonagxaacllbblmgxcceimxcbrxscnxgxaaclllesmgxcceimxeoxsbenmgxaaclllercgxcceimxcbrxronxgxaaclllercgxcceialbbebrenxgxaaclllxomgxcceimxomsmconxgxaareexocrgxcceimcrxeobenxgxaareeocorgxcceimrcscrsanxgxaareeobslgxcceimcrxeocanxgxaareesebsgxcceimrmaobxanogxaareesxcrgxcceimrmaoboenogxaareesxcrgxcceimrmaobxbnxgxaareesxcrgxcceialcaercenxgxaareecssagxcceimrracoranxgxaareecssagxcceircleeobonxgxaareecrbsgxcceimrxccosbnxgxaareecrbsgxcceimocbmmmanxgxaareecbllgxcceimocbmmacnxgxaareecbllgxcceicaormbbcnxgxaareecbllge; c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4747562%7C46257884%7C92446%7C%7C118%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C96f86769e2c0ada26ff426ad42fe7c60%7C0%7Cgaypornhdfree.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.245
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Wed, 05 Oct 2022 21:21:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://gaypornhdfree.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1584), with no line terminators
Size:   1133
Md5:    b4efcb4592bbbe569bb7a448a65efd4e
Sha1:   3c46a52d1a2cc081cd7fba1e444f66e5efdfc6f9
Sha256: d9d358e203fcd0c4b0fc1414c5ee8011e2703b6f8f90bf2beca503309f0f60f3
                                        
                                            GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 21:21:39 GMT
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10448603
expires: Mon, 25 Sep 2023 21:21:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEOdYuhe8ZT1Y2pn1sNepYSiZLbqpQ%2BnL%2FxS1VpvyA1ou8wzQYZjEFzZV%2FBzUGAdNkqcr7TFPknBR3E01tock0jNicjgymcftZ5YPeopJy5%2BUXF4RMKLMjww%2FYreg3OM%2FhEtGj4q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7559354e2dddb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   27958
Md5:    4b5f47439b640180cc3450f7de05d0d8
Sha1:   5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
Sha256: 1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "6BD4256B008A6BBCC880A2A7A6DF7BA561BB5DB896C5AA12C16BD76ADA584A3F"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16104
Expires: Thu, 06 Oct 2022 01:50:03 GMT
Date: Wed, 05 Oct 2022 21:21:39 GMT
Connection: keep-alive

                                        
                                            GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 21:21:39 GMT
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2821880
expires: Mon, 25 Sep 2023 21:21:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ed%2B98xvdUCLfuNzI5H4VtbkJy%2BBmk5wC2LGroqG2xqVziOPcOlfREAUGUgWtTBn6erbEYgrrpP083yT6dTFA%2FSrixjZq0Wv%2BF0jfSYs%2FG0YGy9zGku0jh7iOCp3zZeAL92QP2Hxa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7559354e2dd3b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1266)
Size:   591
Md5:    414869f16aa77a65b4928a018f7f1abb
Sha1:   cea521f7a2958a50239526ed6b068f0937527653
Sha256: afee364ce513c6517247b81cce5eb5eadb1dbbb35e439eb3fa97bbc15fac2cd3
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "6BD4256B008A6BBCC880A2A7A6DF7BA561BB5DB896C5AA12C16BD76ADA584A3F"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16104
Expires: Thu, 06 Oct 2022 01:50:03 GMT
Date: Wed, 05 Oct 2022 21:21:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "6BD4256B008A6BBCC880A2A7A6DF7BA561BB5DB896C5AA12C16BD76ADA584A3F"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16104
Expires: Thu, 06 Oct 2022 01:50:03 GMT
Date: Wed, 05 Oct 2022 21:21:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "6BD4256B008A6BBCC880A2A7A6DF7BA561BB5DB896C5AA12C16BD76ADA584A3F"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16104
Expires: Thu, 06 Oct 2022 01:50:03 GMT
Date: Wed, 05 Oct 2022 21:21:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "6BD4256B008A6BBCC880A2A7A6DF7BA561BB5DB896C5AA12C16BD76ADA584A3F"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16104
Expires: Thu, 06 Oct 2022 01:50:03 GMT
Date: Wed, 05 Oct 2022 21:21:39 GMT
Connection: keep-alive

                                        
                                            GET /img/no_video_3.svg HTTP/1.1 
Host: i.doodcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.7.74
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 05 Oct 2022 21:21:39 GMT
content-length: 2812
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
etag: "61d3187c-afc"
expires: Thu, 03 Nov 2022 08:08:01 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
cf-cache-status: HIT
age: 85747
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S58As%2BbSGdedjQBcqoyFmEcNkfh1w%2BJ8Y4LhsNbQIM67cZ8wfZLynzAhnLNwFT5vMLAgNkcbaZmqq2OL39Q3kbTB7mhfZ0cjvXTDZmjHXKGHpJFFw8oWvE3Kzh3oNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7559354ea9f7b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (2789)
Size:   2812
Md5:    077bfdaa49ae4877a42611b739ec4752
Sha1:   a2f9e1222b7af9abc05122411ab8902efcc08ead
Sha256: 70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c
                                        
                                            GET /ads/ad.js HTTP/1.1 
Host: i.doodcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.7.74
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 05 Oct 2022 21:21:39 GMT
content-length: 18
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=20
expires: Wed, 04 Oct 2023 08:04:45 GMT
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
vary: User-Agent,Accept-Encoding
cf-cache-status: HIT
age: 76260
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itnd71kslgoCR7xnhmZzY56oB08acaVDFwBdSA9sQ3pRp7h79U1XwlQ4lL2c94kZIxu9fOkI6jnZmrIibsJNAk10YDd53M3Dk3FV8bEkJ3RvWn%2B5noaQkAH0vvoxYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7559354eaa04b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   18
Md5:    071c641b229d2bfadd243b8fa2a9c88d
Sha1:   4048ed3ad506f9bb9052c23283912d0cfea8bcc6
Sha256: 3716878d3ceb2042b22c092b31c6f43cc862f8464e92ddde416a49624b32716e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "37241AE3A733B19D93E78C58ACA4A5E6BDD8CB559E4A1A8EB570732F9684FB16"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5884
Expires: Wed, 05 Oct 2022 22:59:43 GMT
Date: Wed, 05 Oct 2022 21:21:39 GMT
Connection: keep-alive

                                        
                                            GET /js/embed2.js HTTP/1.1 
Host: i.doodcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.7.74
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 05 Oct 2022 21:21:39 GMT
content-length: 339271
access-control-allow-origin: *
cache-control: public, max-age=2592000, no-transform
cf-bgj: minify
cf-polished: origSize=339527
etag: "61d3187c-52e47"
expires: Thu, 03 Nov 2022 19:47:08 GMT
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
cf-cache-status: HIT
age: 76241
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Cnt06qghzN9gS7FaudFbTpX9Z%2FNXDHFyCBxvp2FmKPsmvc1lKvK1znL2KhoO6Bg%2BLa8SEhX%2BmJTAOQzl0k6gKU0dGu63hS5wjQuGT9tr%2FEVFItEKGM%2BcaF7aAtwxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7559354eba0eb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size:   339271
Md5:    cac27d72c22014f70500e507a7a82231
Sha1:   edcac36287bfc654b2ee6c0fe0727cdc725a9fe5
Sha256: 01c49e02b98bc8a4275650b65787cdd100c362abc7e54e8b9e99396b6117c2c6
                                        
                                            GET /css/embed.css HTTP/1.1 
Host: i.doodcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.7.74
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 05 Oct 2022 21:21:39 GMT
content-length: 79720
access-control-allow-origin: *
cache-control: public, max-age=2592000, no-transform
cf-bgj: minify
cf-polished: origSize=79890
etag: "61d3187c-13812"
expires: Thu, 03 Nov 2022 08:05:20 GMT
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
cf-cache-status: HIT
age: 76241
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2fhn%2B0Gnv1%2F%2Fxh3CQtOOQGdnwZ3hyXvY9Z2guNqbMRkgRXwxpeeGdLJA2WI9Fr9r3Ius%2FMXsenamZlxq9Gw4nwEjixMPd8DemaIztf30ba1x7q02ex3BRAfXup%2FKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7559354eca25b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size:   79720
Md5:    010e9740f2148647b93ae896d452119c
Sha1:   888e44accbd7e78a0654fd4eaf7541269d95e4e9
Sha256: d33d9d5fc2eef77dd7cda0770e9bc8213f058f2ead19b7d9b7ed731bcd081a47
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 21:21:39 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 09 Oct 2022 17:40:09 GMT
ETag: "a7d4d7ad6b231ec124c732b242d8c623fd247392"
Last-Modified: Wed, 05 Oct 2022 17:40:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1058
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7559354eebc9b4f9-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    0f19f59323944d6d436d167efd618d11
Sha1:   a7d4d7ad6b231ec124c732b242d8c623fd247392
Sha256: d87057e1c5847df324a7594e95145760a2e01ba2787ce98f3681255a00aedfb0
                                        
                                            GET /library/623611/08383e72ee30f54920b69f036aa7050b9906cf65.webp HTTP/1.1 
Host: s3t3d2y8.afcdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.76.9.21
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 05 Oct 2022 21:21:39 GMT
content-length: 10274
last-modified: Wed, 03 Nov 2021 19:29:43 GMT
etag: "6182e327-2822"
expires: Fri, 30 Jun 2023 11:10:59 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195228
server: CDN77-Turbo
x-77-nzt: AblMCRTzKOH/R1h/AA
x-77-nzt-ray: qlibqd8EBLY
x-cache: HIT
x-age: 8345671
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   10274
Md5:    e456e1fcd5b9782e95a8a4beafdaa6f7
Sha1:   08383e72ee30f54920b69f036aa7050b9906cf65
Sha256: 652ef2a4170f9f3331fa3efbbf4f76a170be4d96c0b22a8ad23b490ccab9b534
                                        
                                            GET /library/256238/44e23873565d8ddbc01b8ab1727efc77f516c884.webp HTTP/1.1 
Host: s3t3d2y8.afcdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.76.9.21
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 05 Oct 2022 21:21:39 GMT
content-length: 12460
last-modified: Wed, 03 Nov 2021 21:49:57 GMT
etag: "61830405-30ac"
expires: Fri, 30 Jun 2023 18:47:08 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195425
server: CDN77-Turbo
x-77-nzt: AblMCRQO1cL/gld/AA
x-77-nzt-ray: HupUlAqzGBA
x-cache: HIT
x-age: 8345474
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   12460
Md5:    7d3236d5c82901ad7210ae85ba446f25
Sha1:   44e23873565d8ddbc01b8ab1727efc77f516c884
Sha256: e16eedc198f417ffa4d501511beb48aa7ef1e449987450f2e252ad6423d10f42
                                        
                                            GET /library/623611/26c94b1b9322fb1f2558083727af47e58151007e.webp HTTP/1.1 
Host: s3t3d2y8.afcdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.76.9.21
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 05 Oct 2022 21:21:39 GMT
content-length: 6782
last-modified: Wed, 03 Nov 2021 19:29:43 GMT
etag: "6182e327-1a7e"
expires: Fri, 30 Jun 2023 11:12:51 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195209
server: CDN77-Turbo
x-77-nzt: AblMCRQmZmv/Wlh/AA
x-77-nzt-ray: 391nzOwTRZU
x-cache: HIT
x-age: 8345690
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   6782
Md5:    ac7f0a83b67d9661811c62d68cdd2074
Sha1:   26c94b1b9322fb1f2558083727af47e58151007e
Sha256: 24c3c958813cf663205712c9a41003d3c5f304d3a90301d63847ab46047fc66f
                                        
                                            GET /splash/3z1jp2gxudsorelo.jpg HTTP/1.1 
Host: img.doodcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.7.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 05 Oct 2022 21:21:39 GMT
content-length: 100592
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=101343, status=webp_bigger
etag: "63289fa3-18bdf"
expires: Tue, 18 Oct 2022 23:06:38 GMT
last-modified: Mon, 19 Sep 2022 16:58:11 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzRS60GeXlYVe%2BA%2F%2BiuubGig8m0v0l9Nwi8e5BNBpBg2JAHl%2BVoY6yccDk5PwU60RUV%2BtvmO4aqGN3DWbadyYp80VGbVarhs0lb46Yn3mg8qPK5Z%2FR9goSAHoIP8mRa6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7559354eeea1b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1264x715, components 3\012- data
Size:   100592
Md5:    80729f1e1eef68ee9a40d32d6b37758e
Sha1:   b76b64dbca843f137b17a5ebc4feb39fd3febf0e
Sha256: dccbb8d0a6890a811e138694de43ae04e6e48b7a7eb45d9682078bb054371689
                                        
                                            GET /library/256238/eed61115a0a8c42956f7559581856e5f5bb659ba.webp HTTP/1.1 
Host: s3t3d2y8.afcdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.76.9.21
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 05 Oct 2022 21:21:39 GMT
content-length: 19320
last-modified: Wed, 03 Nov 2021 21:49:57 GMT
etag: "61830405-4b78"
expires: Fri, 30 Jun 2023 18:46:41 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195262
server: CDN77-Turbo
x-77-nzt: AblMCRQg6qH/JVh/AA
x-77-nzt-ray: UdXcE37gD1U
x-cache: HIT
x-age: 8345637
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   19320
Md5:    47f589a29dcae8e22fc31bb67531eed8
Sha1:   eed61115a0a8c42956f7559581856e5f5bb659ba
Sha256: 12719b99f089d5e4551dddf31c960ed13564fb0958b8e1a2bd7158d8bbe6d51f
                                        
                                            GET /library/256238/eb67abb5c0147471220b391085319b9ad47fea48.webp HTTP/1.1 
Host: s3t3d2y8.afcdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.76.9.21
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 05 Oct 2022 21:21:39 GMT
content-length: 10478
last-modified: Wed, 03 Nov 2021 21:49:57 GMT
etag: "61830405-28ee"
expires: Fri, 30 Jun 2023 18:47:08 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195385
server: CDN77-Turbo
x-77-nzt: AblMCRRZCjz/qld/AA
x-77-nzt-ray: cAb+PbdMtlk
x-cache: HIT
x-age: 8345514
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   10478
Md5:    a8d404a221b92d82db0c2164fafd7795
Sha1:   eb67abb5c0147471220b391085319b9ad47fea48
Sha256: ad61d9cd2ebbd5f70e7b6c6ec6beb4231e94f88b0addcca6bbb6211a0429f593
                                        
                                            GET /library/343282/9d5617c24290b065529e4a6863e85961f1ae4227.webp HTTP/1.1 
Host: s3t3d2y8.afcdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.76.9.21
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 05 Oct 2022 21:21:39 GMT
content-length: 7530
last-modified: Wed, 03 Nov 2021 19:54:35 GMT
etag: "6182e8fb-1d6a"
expires: Fri, 30 Jun 2023 11:35:37 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688196165
server: CDN77-Turbo
x-77-nzt: AblMCRREECj/nlR/AA
x-77-nzt-ray: KOl9sLRP4fM
x-cache: HIT
x-age: 8344734
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   7530
Md5:    5b0aa195d3f5fbab89780d9443ffb1e1
Sha1:   9d5617c24290b065529e4a6863e85961f1ae4227
Sha256: 0a95433a81355b317ed5911f4a45e85c578f94e5162c2d9f0afbbf4ce73c62ae
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "6BD4256B008A6BBCC880A2A7A6DF7BA561BB5DB896C5AA12C16BD76ADA584A3F"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16104
Expires: Thu, 06 Oct 2022 01:50:03 GMT
Date: Wed, 05 Oct 2022 21:21:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4393
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 21:21:39 GMT
Last-Modified: Wed, 05 Oct 2022 20:08:26 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /vi_VN/sdk.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 614c41880efb47cc78a0f0852fce3db9
etag: "e022945f672bc5114ac0b6b8c80ac9e7"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 05 Oct 2022 21:26:39 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: aLzO/g6ICj77jJRuliTN3A==
x-fb-debug: ncoTGu+JHoSAyfMV5E+s9ivWxA+qYE7d5stzW9R7YmrmG0I2Y3Da+QGLqv2yDOTk2X9blaneQP33GT08+NsCkw==
content-length: 1687
x-fb-trip-id: 1904183273
date: Wed, 05 Oct 2022 21:21:39 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1961)
Size:   1687
Md5:    68bccefe0e880a3efb8c946e9624cddc
Sha1:   c011e65ea89ddebc8585541b8751ffa584c2788e
Sha256: d6b07faeb79dcc5bfd139ba3eac98584c6f65471a1b99388d50a412565bba740
                                        
                                            GET /znWaa3gu HTTP/1.1 
Host: dcba.popcash.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gaypornhdfree.com
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         3.219.99.78
HTTP/2 204 No Content
                                        
date: Wed, 05 Oct 2022 21:21:39 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4393
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 21:21:39 GMT
Last-Modified: Wed, 05 Oct 2022 20:08:26 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "A547AD5A018FC49ED91F1B074B0DABEC40DFB5E54DB446D7D693FA524B177F67"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17485
Expires: Thu, 06 Oct 2022 02:13:05 GMT
Date: Wed, 05 Oct 2022 21:21:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "A547AD5A018FC49ED91F1B074B0DABEC40DFB5E54DB446D7D693FA524B177F67"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17485
Expires: Thu, 06 Oct 2022 02:13:05 GMT
Date: Wed, 05 Oct 2022 21:21:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "73AE170424AAB040D6FEAC08DA52CB0CC61D8278261508FDBF40D43A06C31102"
Last-Modified: Mon, 03 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2370
Expires: Wed, 05 Oct 2022 22:01:10 GMT
Date: Wed, 05 Oct 2022 21:21:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "73AE170424AAB040D6FEAC08DA52CB0CC61D8278261508FDBF40D43A06C31102"
Last-Modified: Mon, 03 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2370
Expires: Wed, 05 Oct 2022 22:01:10 GMT
Date: Wed, 05 Oct 2022 21:21:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A9D2C04AB6560116FEB8CAE8D037FD41B97D5B2A7DC51739481BE0680DACFD25"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2787
Expires: Wed, 05 Oct 2022 22:08:07 GMT
Date: Wed, 05 Oct 2022 21:21:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A9D2C04AB6560116FEB8CAE8D037FD41B97D5B2A7DC51739481BE0680DACFD25"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2787
Expires: Wed, 05 Oct 2022 22:08:07 GMT
Date: Wed, 05 Oct 2022 21:21:40 GMT
Connection: keep-alive

                                        
                                            HEAD /e/eeyxdpnnlt5vylnu90ziykyc4zadvv2 HTTP/1.1 
Host: dood.so
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/e/eeyxdpnnlt5vylnu90ziykyc4zadvv2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.31.133
HTTP/2 403 Forbidden
content-type: text/html
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=VyerKISTdWrlShuNgOJ1; Domain=.dood.so; HttpOnly; Path=/; Expires=Thu, 05-Oct-2023 21:21:40 GMT
date: Wed, 05 Oct 2022 21:21:40 GMT
content-length: 159
X-Firefox-Spdy: h2

                                        
                                            GET /splash/3z1jp2gxudsorelo.jpg HTTP/1.1 
Host: img.doodcdn.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.7.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 05 Oct 2022 21:21:40 GMT
content-length: 101343
last-modified: Mon, 19 Sep 2022 16:58:11 GMT
etag: "63289fa3-18bdf"
expires: Wed, 19 Oct 2022 21:21:40 GMT
cache-control: max-age=1209600
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qt28cBHn3jCaLCOlMar8CehTtHS6LcVU3SkhxANVJAQfrlfGvIS0XpFREDhc%2FMfjsnqDNQ6vxh26Fg%2BGT10WgzUWXceMgndIkoRO9nEYCgm1pHlWihan60%2Bsd9Iw4XLX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75593550d93eb4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1264x715, components 3\012- data
Size:   101343
Md5:    ab2e7aa6ae50d8c96c2898c831ef8539
Sha1:   7e494a9b74613dc6beba3ed73faad9f408fb487d
Sha256: d503d034eb0a7ed5bc899ceec10edde6fb8f1cbe620f4be394b7ec8c3f8e32bb
                                        
                                            GET /pass_md5/55084018-91-90-1665004899-78fdab22bf26fdd7d9a3a64f4fadd148/ixs4w91tk9e5sxuwbai3duo6 HTTP/1.1 
Host: dood.so
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://dood.so/e/eeyxdpnnlt5vylnu90ziykyc4zadvv2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.31.133
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=eYs39YDzo5O9svHcxZZB; Domain=.dood.so; HttpOnly; Path=/; Expires=Thu, 05-Oct-2023 21:21:39 GMT
date: Wed, 05 Oct 2022 21:21:40 GMT
access-control-allow-origin: *
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   87148
Md5:    bd1dd12542f27e3d7aaee0674f875b94
Sha1:   0e0ae10633a492e3c11dbf3c35cb5bc57f0ab193
Sha256: bc2f283c8914287159c20ddffb33db9b57ada967a68f2abc058b9a78a8f6fdd0
                                        
                                            GET /library/754674/570ca8097d9a9db31ab70383eda1e403e03abe19.webp HTTP/1.1 
Host: s3t3d2y8.afcdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.76.9.21
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 05 Oct 2022 21:21:40 GMT
content-length: 4778
last-modified: Thu, 04 Nov 2021 11:55:22 GMT
etag: "6183ca2a-12aa"
expires: Fri, 15 Sep 2023 21:11:16 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1694813009
server: CDN77-Turbo
x-77-nzt: AblMCRT80+//k10aAA
x-77-nzt-ray: ObbawnnmAec
x-cache: HIT
x-age: 1727891
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   4778
Md5:    7f54534886fbc952ca10c6da1997f289
Sha1:   570ca8097d9a9db31ab70383eda1e403e03abe19
Sha256: 4663c2398b5f6f99bde3c951fbb86d69d8c9fe0a791e7f8e4e2bb1584b155623
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "B5FE162ABB3E3B36BA084121FBF49442898952DFFC05BCFF28294E7DCDA1AB6D"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5717
Expires: Wed, 05 Oct 2022 22:56:57 GMT
Date: Wed, 05 Oct 2022 21:21:40 GMT
Connection: keep-alive

                                        
                                            GET /cimp.php?t=api&data=H4sIAAAAAAAAA22PTU4DMQyFr8IFZmQ/O39dswYJxAFCJoENLSqbVvLhcaaiK/JkJbY/2S8gYGFaKDxwOoAPUqzwWmhVrBzUnp5fTNk+6vX7dD5+buPc+9pOX5aCxqQmAnIsJCUW06ReV2POFpA1F3UQCTlm42Bi5EIQZ+Yrkb29Pu7BLoVxwcXDk7nZQHuDLpMuceSYYuloVLeKOIYi1k0xempxovSPU7ppBeAmDH8FE1aB71z4nqj5Idvb9ed6bGZ3/KawD3BTqvOS7l/uPgU1NH4XyiyjaxK3GdzlL4eQeethAQAA HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gaypornhdfree.com
Connection: keep-alive
Referer: https://gaypornhdfree.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22633df563248121.354682443423923439%22%3B%7D; impressions=oslmroemnxgxaacllaxbogeicxbmsbocnxgxaaclllesmgeioslmrxbrnxgxaacbmrobbgeicxbmsbxcnxgxaareecbllgeicxbmsbcenxgxaaclllercgeislsaroornxgxaacmobexrgeicxbmsboenxgxaareecbllgeimreaomxcnxgxaasaoabsrgeimreaobsonxgxaasaoabsrgeioslmrxbmnxgxaacllrobbgeimcclsoeenxgxaasamsoccgeimcclosconxgxaacobbxcxgeimrblelmonxgxaasamsoccgeimrblxembnxgxaasamsoccgeimrblxeecnxgxaasamsoccgeimrblxemcnxgxaasamsoccgeialbserecnxgxaacxeermsgeioslmrxlsnxgxaaclllercgeicaormbbonxgxaareecbllgeioslmrxlrnxgxaacmremaxgeimcclsxscnxgxaacsxbrblgeimrerbmbbnxgxaasmeceesgeialbsereanxgxaacsxbrblgeialbserebnxgxaasborcsogeiccmblmmcnxgxaaclllesmgeimrblelxcnxgxaasblsoxxgeimcclsxoanxgxaacmobexrgeimrblelmbnxgxaasblsoxxgeimcclossanxgxaacmobexrgeimcclselenxgxaasblsoxxgeimcclsoeonxgxaacllaxbogeimccloscenxgxaaslcsrobgeimcclsxacnxgxaaslcsrobgeicaormlebnxgxaacxeermsgeimcersxranxgxaacxeermsgeisaeeasslnxgxaacxeermsgeimcersxacnxgxaacxeermsgeimcersxrenxgxaacxeermsgeiccmblmmbnxgxaaclllesmgeiccmblmmanxgxaacbmcxxrgeislsarosxnxgxaacsremoegeiabeocmsbnxgxaacmobeeageimcclsxcanxgxaacmobexrgeimaecobxanxgxaacmobexrgeimcclsxsbnxgxaacmcrlolgeiccmblmmonxgxaaclllercgeialbserxonxgxaacmremaxgeimcclossbnxgxaacbmrobbgeimaelrlmanxgxaaclmelxogxcceimrsreaabnogxaaclmlsrrgxcceimrsreamcnogxaacllexergxcceimxlbmosanrgxaacllsxbxgxcceimrcaoaoanrgxaacllsxbxgxcceimxlbmoscnsgxaacllsxbxgxcceialxosmbanxgxaacllsxbxgxcceimxlbmoobnogxaacllsxbxgxcceimxxrecsanxgxaacllslcagxcceiaaxcabeonxgxaacllslcagxcceialrexeoonxgxaacllcxbsgxcceimrcaeesbnsgxaacllcaorgxcceixaoosscrnxgxaacllcaorgxcceixaoossalnxgxaacllcaorgxcceimeembecenxgxaacllcaorgxcceimeembesonxgxaacllcaorgxcceialrexexbnxgxaacllcmcrgxcceimcoaxmxonmgxaacllcmcrgxcceialaroxrcnxgxaacllcmcrgxcceialbbebsbnxgxaacllrobbgxcceimxlbmosenogxaacllrobbgxcceimxcbrxbenxgxaacllrobbgxcceimcssmlronsgxaacllrobbgxcceimxlbmosonogxaacllroblgxcceimclsaoxbncgxaacllrsccgxcceimcoaxmxcncgxaacllrsccgxcceimcssmlrcnsgxaacllrscrgxcceimsacexoonxgxaacllrscrgxcceimxeoxsacnrgxaacllrscrgxcceicaormlxbnxgxaareecbllgeimcrxeoocnxgxaacllrcoegxcceimcrxeoranxgxaacllrcoegxcceimcclsxobnxgxaacllaxbogeimcclsxbcnxgxaacllaxbogeimrblelxanxgxaacllaxbogeimaecsxccnxgxaacllaxbogeimaecsxcanxgxaacllaxbogeimrblxeeanxgxaacllaxbogeimcssmlrensgxaacllaoregxcceimrmbbrcbnxgxaacllaoregxcceimxlbmxlonxgxaacllascegxcceimxomorronxgxaacllascegxcceirrmlllronxgxaacllascegxcceialbbebsanxgxaacllascegxcceimxreaomcnxgxaacllaaeegxcceimclxlloanxgxaacllaaeegxcceimrcscosbnxgxaacllaaeegxcceimccoarcbnxgxaacllaaeegxcceiceecmorsnxgxaacllaaacgxcceimexexabbnxgxaacllaaargxcceimrxccoscnxgxaacllalbagxcceimrxccosonsgxaacllalbagxcceimrxccosenogxaacllalbagxcceimrxccosanogxaacllalbagxcceimxlbalscnxgxaacllmsaegxcceimemlxbocnxgxaacllmcccgxcceimeembeconxgxaacllmcccgxcceicxmecmcanxgxaacllmcccgxcceimeembescnxgxaacllbecxgxcceimrbxmxmanogxaacllbacxgxcceimrracorbnxgxaacllbblmgxcceimxeemleenxgxaacllbblmgxcceicmarxbbonagxaacllbblmgxcceimxcbrxscnxgxaaclllesmgxcceimxeoxsbenmgxaaclllercgxcceimxcbrxronxgxaaclllercgxcceialbbebrenxgxaaclllxomgxcceimxomsmconxgxaareexocrgxcceimcrxeobenxgxaareeocorgxcceimrcscrsanxgxaareeobslgxcceimcrxeocanxgxaareesebsgxcceimrmaobxanogxaareesxcrgxcceimrmaoboenogxaareesxcrgxcceimrmaobxbnxgxaareesxcrgxcceialcaercenxgxaareecssagxcceimrracoranxgxaareecssagxcceircleeobonxgxaareecrbsgxcceimrxccosbnxgxaareecrbsgxcceimocbmmmanxgxaareecbllgxcceimocbmmacnxgxaareecbllgxcceicaormbbcnxgxaareecbllge; c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C4747562%7C46257884%7C92446%7C%7C118%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C96f86769e2c0ada26ff426ad42fe7c60%7C0%7Cgaypornhdfree.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.245
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 05 Oct 2022 21:21:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://gaypornhdfree.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22633df563248121.354682443423923439%22%3B%7D; expires=Fri, 04 Oct 2024 21:21:40 GMT; path=; domain=.realsrv.com; Secure; SameSite=none __upt=%7B%22v%22%3A1%2C%22id%22%3A%22633df563248121.354682443423923439%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22118.0199%22%7D; expires=Fri, 04 Oct 2024 21:21:40 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

                                        
                                            GET /tag.min.js HTTP/1.1 
Host: cagothie.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.238
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 21:21:40 GMT
content-length: 22987
content-encoding: br
x-trace-id: 77d58303c8a808f46af1fee7bc61102c
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Wed, 05 Oct 2022 15:41:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   22987
Md5:    475fe72306987212afa61d6ddd01043f
Sha1:   7b82b5387d0dc1279ced204b3f181af417e68ea1
Sha256: f187e1acfd027b65659d5d3173e9c5a834ebe34a25f98e68c3d3bad3a9b44d2c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10280
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 21:21:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10280
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 21:21:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10280
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 21:21:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10280
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 21:21:40 GMT
Connection: keep-alive

                                        
                                            GET /ed/b8/70/edb8703573695076feb99cb156693613.js HTTP/1.1 
Host: passedofferundertake.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.9
Date: Wed, 05 Oct 2022 21:21:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fbf2a9ed80a97deeced91c304c2c2d83
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (32088), with no line terminators
Size:   10735
Md5:    773244d077d08ed1672a5322db708a1f
Sha1:   51a3cb023374967a71ebbcd458c509164295ccc4
Sha256: 45646d62006ef06b20432b7409c5e626f7dcac7de3d2eb544dcde293a1ef7e51

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10280
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 21:21:40 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iR82CJ6A06dpqy_nm6JrmjeUJT-uhI5rr0dr6ZnhrQQo9Jqxh10qRQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:43 GMT
age: 85077
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5832
Md5:    3257b782efae9b64e6e18a547866ec50
Sha1:   4daf0c001e86af8477fb097e8ca932edb8e5f981
Sha256: 899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3585
x-amzn-requestid: 43c510d4-d87c-4665-a132-d798b836d415
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaJbLHEOoAMFfxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a55e0-614faff31425ff183b7ca4dd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:24:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d1LCc44Gj_0Je8adu7Iv3I9MwkaDPgWqlNHI96UAtZub22l210J65A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:53:07 GMT
age: 59313
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3585
Md5:    5d7d7df8d4c440f9db445c3d99e818d6
Sha1:   612b6dbd4ba895c167964ff7e6d9263013b52b0a
Sha256: bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:06:09 GMT
age: 62131
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10158
Md5:    4fc2ddd86450d64d3fb659ab4e78be58
Sha1:   bbe71936b78a8c34d03ab87948dc840b35c6948f
Sha256: 84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7021
x-amzn-requestid: 2e30bdac-360e-4d0a-8bb7-c3144e074abe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8ucHb1oAMFjYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7f5-18ba6bc50cb32b1e14c882bd;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: UPEhTwAYEIRy-Cnb0ITefEotLyg3rFe_NaGy92xwWe_7hrdo6UQLwQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:56:53 GMT
age: 84287
etag: "6b5db8fbfb56f083d54b13e7660d0e4bc866aa00"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10179
Md5:    7c38bbf2a3db1a01e6df5b2eaa8da1ff
Sha1:   1cda8e54f8072018e60592c6baa5b2b1a052f767
Sha256: 5c327bc49fe3d2787fccd6be1788768dff71ef48180f5d84b60d95a8b92de495
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8816
x-amzn-requestid: b9f3ec8a-f478-4405-b275-e21f2d7d89d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKK7gFPJIAMF-7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f1e3-250348e6140f3c74762263ea;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8f83Wv7OrO7NOd1y1LXjfphRmJjdwrkcAxrxUN4A4qSgsEzIQMq81g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:38:40 GMT
age: 81780
etag: "5261a6c2ee6d6cc87e91ee82e32d8be234db393e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8816
Md5:    100559d746bedd7c3802661c875c35ee
Sha1:   5261a6c2ee6d6cc87e91ee82e32d8be234db393e
Sha256: ff06f31267ddcc9a0d84ddc68932872bfed29d072783c3a1dd3790d41c280aec
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:25 GMT
age: 85095
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8926
Md5:    1de7c17a0ba9295135e7f8b490b6a8d3
Sha1:   70e8d1589f3daf71378965dd197934e220fb6aa4
Sha256: ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24
                                        
                                            GET /f0/6f/53/f06f53688194268edaf23d2b44a59e27.js HTTP/1.1 
Host: passedofferundertake.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.9
Date: Wed, 05 Oct 2022 21:21:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 240b7fdbde01451aeb016b32aebddceb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (59377), with no line terminators
Size:   20321
Md5:    99bec11e69fe693bfd3e8d4b2cfe3ab5
Sha1:   93a6fab1ab66fc8691419cad2cbb9a8882031cbd
Sha256: 31dcfa347d007c452121b1062837b409a6c3345e031f97e83c9325f6da26fda6

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "FF528B3E3551FACB4AAF40F7C4BEFD70DA4E707D5AED4BC9B49CA7905791F14D"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4230
Expires: Wed, 05 Oct 2022 22:32:10 GMT
Date: Wed, 05 Oct 2022 21:21:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 21:21:40 GMT
Content-Length: 281
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 01:05:14 GMT
Expires: Tue, 11 Oct 2022 01:05:13 GMT
Etag: "387486c88a9b8c8505cb10fd315b2364559cc9e5"
Cache-Control: max-age=444812,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755935551a24b4e8-OSL

                                        
                                            GET /video_short.mp4 HTTP/1.1 
Host: h4ahsm.cfeucdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://hqq.to
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         84.16.243.193
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
Date: Wed, 05 Oct 2022 21:21:39 GMT
Content-Length: 3078
Last-Modified: Sat, 03 Apr 2021 21:17:34 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6068db6e-c06"
server: YouTube Frontend Proxy
Expires: Fri, 04 Nov 2022 21:21:39 GMT
Cache-Control: max-age=2592000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Origin,Range
Access-Control-Expose-Headers: Content-Range,Content-Length,ETag
Content-Range: bytes 0-3077/3078


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   3078
Md5:    639ec085afd48ff720cb1716bb09c075
Sha1:   04789db6677b1e59ae5b2c8c3b565f7ad8bf5c52
Sha256: 7e3c990c8c3e6ad1a07710e7032c1ff22975d6322937e80b0446a07de1b227cb
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "68558DC1FECB241726FF5ABA02EBCE492CAFD03B098C1BE8CA28B826112ABA06"
Last-Modified: Tue, 04 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4755
Expires: Wed, 05 Oct 2022 22:40:55 GMT
Date: Wed, 05 Oct 2022 21:21:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 21:21:40 GMT
Last-Modified: Wed, 05 Oct 2022 19:40:46 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aVR5YoIdg0SUJHhGmfAs7vveLP4tzBPYT8yvweUqT19vbZHXLMgpWw==
Age: 6054

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=145120
Date: Wed, 05 Oct 2022 21:21:40 GMT
Etag: "633d7900-1d7"
Expires: Fri, 07 Oct 2022 13:40:20 GMT
Last-Modified: Wed, 05 Oct 2022 12:30:56 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BE4i6wNS7vtVA5T5fgAMeL34EXEZXOVo6VPJfNiZtrpFZrfg8g765g==
Age: 4164

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.28.21.152
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 05 Oct 2022 21:21:40 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://dood.so
access-control-allow-credentials: true
set-cookie: uid_id2=f3ac84f2-d7c7-472f-befc-36b71cff9781:2:1; expires=Sat, 02 Oct 2032 21:21:40 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    f160f8cee3e7d904ac0b7c17f95b34f7
Sha1:   4e14848fd65b40abdefc1e0e7a6c6981a796be59
Sha256: 407ab2cd0302d98cd7e07af1527844caacb5bb74310250e1281bc1593251270a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "056F5709D2B63AE99DE4997E1D53D8B7754F22227B8813E229271E13F3F7466F"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4697
Expires: Wed, 05 Oct 2022 22:39:57 GMT
Date: Wed, 05 Oct 2022 21:21:40 GMT
Connection: keep-alive

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.28.21.152
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 05 Oct 2022 21:21:40 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://dood.so
access-control-allow-credentials: true
set-cookie: uid_id2=a85b65dc-8258-475b-9f64-cf3c251f3864:1:1; expires=Sat, 02 Oct 2032 21:21:40 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    042a2accf85efaaa384bfbde4006ebb8
Sha1:   0be50026dd436c607eb895ace586a2f98bb53314
Sha256: dfdac6a9d58566fd32ee78afb2d326fba3e0a35f6db79ebbdb27970fa9acf55c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 21:21:40 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 06:25:20 GMT
Expires: Mon, 10 Oct 2022 06:25:19 GMT
Etag: "41a1b476967aed6ac227717098cd8be3209b45b3"
Cache-Control: max-age=377618,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755935561b4bb4e8-OSL

                                        
                                            GET /favicon.ico?i HTTP/1.1 
Host: q324op.dood.video
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         152.228.250.225
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: nginx
Date: Wed, 05 Oct 2022 21:21:40 GMT
Content-Length: 15406
Connection: keep-alive
Last-Modified: Sat, 29 Feb 2020 09:26:04 GMT
ETag: "3c2e-59fb38b06e300"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   15406
Md5:    30d3656f43c817e38c3e7d70b2bfbdad
Sha1:   1aa43b43755e7cba5e145d0978517f7bedad7da6
Sha256: a558a4796f60f07743027eec96b538b2e7758cca8c544ed796ff745837478555
                                        
                                            GET /gid.js?userId=8cf80dae776d4d1cb594ff7a78953d18 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Wed, 05 Oct 2022 21:21:40 GMT
content-length: 65
access-control-allow-origin: https://dood.so
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8cf80dae776d4d1cb594ff7a78953d18; expires=Thu, 05 Oct 2023 21:21:40 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    4bdaee49c976b7ca38cf5e38985944f4
Sha1:   0580d1c99ccb2260dbe59fd595278395e2da6736
Sha256: d93d3ef799d6948adde7b1c02f7fdabe06cd58227907fbba2d546ce333fa4b07
                                        
                                            GET /pixel/purst?dl=0&th=0&sc=0&rs=1269&rd=1269&fd=897&bv=22.8.v.1&tmpl=70 HTTP/1.1 
Host: prawnsimply.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.36
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Wed, 05 Oct 2022 21:21:40 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /1?z=3203051 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Wed, 05 Oct 2022 21:21:40 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 9cd0749641dd41ef9b4e7763fbeb6b09
access-control-expose-headers: X-Sc
x-sc: 9V1h5VGfrmf5Ktr2ZdwKwS-Ej5bw4FtWPszi37hK68eERd2ckKBYp2j8XYFLYONCFJeLvBSqIFde3yWghqSCCP1QRc8=
set-cookie: scm=1; expires=Thu, 05 Oct 2023 21:21:40 GMT; secure; SameSite=None OAID=1892729f2daf4a7ea0ad8c66b57c5aa3; expires=Thu, 05 Oct 2023 21:21:40 GMT; secure; SameSite=None oaidts=1665004900; expires=Thu, 05 Oct 2023 21:21:40 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3913
Md5:    c8bb791f466a750ba117e6d271586a3f
Sha1:   49ceb8ff8b9a0077df5d3c7163a9569f99e912bf
Sha256: 7f1873e141f879db8bd157b8311ee1ac6f0a4b212409ecf1c21362c13e788dfd

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7DB1A695EE3348C6196FC7529633F272963294B20D39A1EE46B2C3775AABB048"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5371
Expires: Wed, 05 Oct 2022 22:51:11 GMT
Date: Wed, 05 Oct 2022 21:21:40 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: 6.adsco.re
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.166.186
HTTP/2 200 OK
content-type: text/plain;charset=UTF-8
                                        
date: Wed, 05 Oct 2022 21:21:40 GMT
content-length: 0
access-control-allow-origin: https://dood.so
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 755935572c7eb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 21:21:40 GMT
Content-Length: 939
Connection: keep-alive
Expires: Sun, 09 Oct 2022 19:22:31 GMT
ETag: "db6207c04e1a06d9cc540188d2e784d8fc6aa62b"
Last-Modified: Wed, 05 Oct 2022 19:22:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1478
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7559355739b90b59-OSL

                                        
                                            GET / HTTP/1.1 
Host: 4.adsco.re
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         162.252.214.5
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 05 Oct 2022 21:21:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://dood.so
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   62
Md5:    adde5febc7b5b6c2c759ec735cce83a0
Sha1:   77ec17be8a9970ff04663294d41c590d0d24fde4
Sha256: ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
                                        
                                            GET /metrika/tag.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         87.250.251.119
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 72341
date: Wed, 05 Oct 2022 21:21:41 GMT
access-control-allow-origin: *
etag: "633be002-11a95"
expires: Wed, 05 Oct 2022 22:21:41 GMT
last-modified: Tue, 04 Oct 2022 10:25:54 GMT
cache-control: max-age=3600
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Size:   72341
Md5:    7a68c8644032413981e4ba5bc0d66c4a
Sha1:   2d46ca8055e8577ae7138140e34a6e633434973c
Sha256: e0573e9a9cbfc3f00a921fa64c50270f5941a1ebb253ab70af2cc0dac45cb0d5
                                        
                                            GET /a6/b0/b8/a6b0b8925d9b3a4154c035c24b4ed97e.js HTTP/1.1 
Host: alleviatepracticableaddicted.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.9
Date: Wed, 05 Oct 2022 21:21:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7252ae3772bd6010dc115226d1720249
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (32120), with no line terminators
Size:   10754
Md5:    a31dc11ab35b29235c67775a4936db87
Sha1:   8f6836f06a0be31330bdcaef325002e3a7ec19d0
Sha256: 75d1835824221488a4705fe82edc0bc459c1d28bdb85cb487b32ecdb953c49d0

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5166A734DA8356A1295D45A38B27401AD091ADB26B2C4F16EE2F3E9326A5CFD2"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16936
Expires: Thu, 06 Oct 2022 02:03:57 GMT
Date: Wed, 05 Oct 2022 21:21:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "42859AD12D0DA7F2CE87649A8CE65867CBB307470570E9F375EC7A1FE69ADE52"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1853
Expires: Wed, 05 Oct 2022 21:52:34 GMT
Date: Wed, 05 Oct 2022 21:21:41 GMT
Connection: keep-alive

                                        
                                            GET /42/38?z=3203051 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Cookie: scm=1; OAID=1892729f2daf4a7ea0ad8c66b57c5aa3; oaidts=1665004900
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 05 Oct 2022 21:21:41 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: f17de45606060a1a2a3d596ee1d863e0
access-control-expose-headers: X-Sc
set-cookie: OAID=1892729f2daf4a7ea0ad8c66b57c5aa3; expires=Thu, 05 Oct 2023 21:21:41 GMT; secure; SameSite=None oaidts=1665004900; expires=Thu, 05 Oct 2023 21:21:41 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3C377861EE40EA7B3AA43B03867F9ABB11746E9FE1CACD37039899A717EB4695"
Last-Modified: Tue, 04 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5662
Expires: Wed, 05 Oct 2022 22:56:03 GMT
Date: Wed, 05 Oct 2022 21:21:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: c12n8tsd26cg.n4.adsco.re
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         38.132.109.186
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Wed, 05 Oct 2022 21:21:41 GMT
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes

                                        
                                            GET /1?z=5030496 HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.242
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Wed, 05 Oct 2022 21:21:41 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: c95df26e8614f0e13de49da590281c08
access-control-expose-headers: X-Sc
x-sc: S-Vs8i-nhRhol5saED7M1vl4X6QIIYO10uoo7ROpbrr-_7oOrC_e-jmhT4WFGb5W1NcaBruwJKEbOlyEduqtPJXwKg8=
set-cookie: scm=1; expires=Thu, 05 Oct 2023 21:21:41 GMT; secure; SameSite=None OAID=ec66a3f64df64c73856bfcc6e0248db0; expires=Thu, 05 Oct 2023 21:21:41 GMT; secure; SameSite=None oaidts=1665004901; expires=Thu, 05 Oct 2023 21:21:41 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3593
Md5:    d322431f917ab74eb7fa3825b8a82388
Sha1:   3f8c09ea711bcd738a29ad701fcb4b90beb67e98
Sha256: 288f644853c103baf27953d7c4ea3c2c1627ed941996f1db75d2bcc5d6413a1e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /advertisers.js HTTP/1.1 
Host: banquetunarmedgrater.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.60
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Wed, 05 Oct 2022 21:21:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f84326427ddb20029a2b3d06d797118f
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /42/38?z=5030496 HTTP/1.1 
Host: upgulpinon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Cookie: scm=1; OAID=ec66a3f64df64c73856bfcc6e0248db0; oaidts=1665004901
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.242
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 05 Oct 2022 21:21:41 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 3e61ca19912f8a6ef9b91b2f18d0a409
access-control-expose-headers: X-Sc
set-cookie: OAID=ec66a3f64df64c73856bfcc6e0248db0; expires=Thu, 05 Oct 2023 21:21:41 GMT; secure; SameSite=None oaidts=1665004901; expires=Thu, 05 Oct 2023 21:21:41 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /watch/48329336?wmode=7&page-url=https%3A%2F%2Fhqq.to%2Fplayer%2Fembed_player.php%3Fvid%3D259229259205265273269254264234225276194271217271255%26autoplay%3Dnone%26hash_from%3Dafd56fe43c75ac2d9c7decc24819fcb6&page-ref=https%3A%2F%2Fgaypornhdfree.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A801%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A101198472998%3Ahid%3A128805785%3Az%3A0%3Ai%3A20221005212141%3Aet%3A1665004901%3Arn%3A945097440%3Arqn%3A1%3Au%3A1665004901354468012%3Aw%3A734x413%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C2%2C0%2C%2C671%2C1%2C%2C%2C%2C1041%3Ans%3A1665004899449%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665004901%3At%3AVideo%20player&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.to
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers