www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
144.217.159.164301 Moved Permanently 284 B URL HTTP/1.1 www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
IP 144.217.159.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e6ae2a376cc6be51336561b95265c367
10b0a503430cce0a81b25384823d7811b9873b37
afcec90f20fec0de72e518d4ca24d57ef21e99d21ce3ccf971a11ba7f8cd4f40
GET /xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Dec 2022 16:24:04 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 284
Connection: keep-alive
Location: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cache-Control: max-age=1
Expires: Fri, 09 Dec 2022 16:24:05 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2699
Expires: Fri, 09 Dec 2022 17:09:03 GMT
Date: Fri, 09 Dec 2022 16:24:04 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6933
Expires: Fri, 09 Dec 2022 18:19:37 GMT
Date: Fri, 09 Dec 2022 16:24:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 16:08:19 GMT
content-type: application/json
age: 945
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9374
Expires: Fri, 09 Dec 2022 19:00:18 GMT
Date: Fri, 09 Dec 2022 16:24:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4QNmLRlEzaUqn2MPnqhlXYV+kl3clGXHkLGccquE/vZWMQnJ/gKGWIn27949PLOo8zwJ+BtiMWc=
x-amz-request-id: 25DPZ0R1EH5VQJTC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 15:48:23 GMT
age: 2141
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 16:24:04 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 16:07:55 GMT
age: 970
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2503
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 16:24:05 GMT
Last-Modified: Fri, 09 Dec 2022 15:42:22 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.dump.xxx/templates/dump_tube/css/A.style.css.pagespeed.cf.2azX20yOiJ.css
144.217.159.164200 OK 28 kB URL HTTP/2 www.dump.xxx/templates/dump_tube/css/A.style.css.pagespeed.cf.2azX20yOiJ.css
IP 144.217.159.164:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 348ef0e7256f9878691f0aa9352d3b71
cbab23613eaf570800c1c42f991143f7b039c99a
47b4241e297f90dab831880c91e3097e858e8e4a1adea340519bfc8612c979e9
GET /templates/dump_tube/css/A.style.css.pagespeed.cf.2azX20yOiJ.css HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
front-end-https: on
date: Fri, 09 Dec 2022 13:20:40 GMT
expires: Sat, 09 Dec 2023 13:20:40 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Fri, 09 Dec 2022 13:20:40 GMT
x-original-content-length: 149712
vary: Accept-Encoding
content-encoding: gzip
content-length: 28231
x-page-speed: 1.13.35.2-0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 16:24:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-8881943-10
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-8881943-10
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash 3e97cb7121fa1fae5c278d934da0087a
016ffb70a4d3790271ac7a45c76d90d9da602a76
88b1e5afbad300b403ea535b2ce7a93e4dbea0675fde74b24497d4e27a217bad
GET /gtag/js?id=UA-8881943-10 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 16:24:05 GMT
expires: Fri, 09 Dec 2022 16:24:05 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Dec 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43593
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 16:24:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.dump.xxx/templates/dump_tube/js/jQuery_v1.12.4.min.js.pagespeed.jm.29OAZzvhfX.js
144.217.159.164200 OK 34 kB URL HTTP/2 www.dump.xxx/templates/dump_tube/js/jQuery_v1.12.4.min.js.pagespeed.jm.29OAZzvhfX.js
IP 144.217.159.164:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3d98dcea67fce498b3dc85211308b1e5
dc3b3a6e02ba655ec35c2d1dc42cd4ae62c33313
e227b6a40c6d8c90a0022562120f1011e275d07cc5e16e0239b068a3993841b7
GET /templates/dump_tube/js/jQuery_v1.12.4.min.js.pagespeed.jm.29OAZzvhfX.js HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
front-end-https: on
date: Fri, 09 Dec 2022 13:10:48 GMT
expires: Sat, 09 Dec 2023 13:10:48 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Fri, 09 Dec 2022 13:10:48 GMT
x-original-content-length: 97166
vary: Accept-Encoding
content-encoding: gzip
content-length: 33689
x-page-speed: 1.13.35.2-0
X-Firefox-Spdy: h2
www.dump.xxx/xxx/791/_,Mjo.S3MGhoEYDR.js.pagespeed.jm.qSVd1Dfm3m.js
144.217.159.164200 OK 1.8 kB URL HTTP/2 www.dump.xxx/xxx/791/_,Mjo.S3MGhoEYDR.js.pagespeed.jm.qSVd1Dfm3m.js
IP 144.217.159.164:0
File type ASCII text, with very long lines (3987), with no line terminators
Hash 18e7286d004f0bc42a34695d523d1623
c098c70f41db388a0cb48ef8bdf3e656ab277316
2a9661032ba2b810ce990cea00e9d56d6432664dbd60a0edc4a4a3054599f764
GET /xxx/791/_,Mjo.S3MGhoEYDR.js.pagespeed.jm.qSVd1Dfm3m.js HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
date: Fri, 09 Dec 2022 16:24:05 GMT
expires: Sat, 09 Dec 2023 16:24:05 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Fri, 09 Dec 2022 16:24:05 GMT
x-original-content-length: 3997
vary: Accept-Encoding
content-encoding: gzip
content-length: 1848
x-page-speed: 1.13.35.2-0
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/1436.jpg
144.217.159.164200 OK 15 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/1436.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 7b1f34276e88eedd96c06da8789af00b
05867a2513ecb01f59e7c82091dc68312eeee792
d0f1410d7b03ce24bb7c9c519faebabaa669cf3075ad422998235c9f81a0bf45
GET /media/thumbs/embedded/1436.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 15180
last-modified: Sat, 06 Nov 2021 17:10:06 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 15:46:03 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 15:46:03 GMT
etag: W/"PSA-ex80J26I7t"
cache-control: max-age=2592000, public, s-maxage=10
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/2376.jpg
144.217.159.164200 OK 18 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/2376.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 55d40242c676332125d8ebedcb0d3900
7ef2c09f329314b407a4c6601e6a8fa5d4ea060c
2c6c8b380435308c6b4e88d1ee30b328947825858f839c85a47c97aabe9d4fb0
GET /media/thumbs/embedded/2376.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 17844
last-modified: Sat, 06 Nov 2021 17:10:25 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 14:34:10 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 14:34:12 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-VdQCQsZ2My"
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/779.jpg
144.217.159.164200 OK 18 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/779.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash e6a29f11ed39762ca5587bac55c07fce
acbba0e13479b045bcc75eb9587da6a802cc4772
270b245b57cff9a01d8f662c1f5daf441db235b03d1d04c5c0f7d517d856189d
GET /media/thumbs/embedded/779.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 18012
last-modified: Sat, 06 Nov 2021 17:09:54 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:34:37 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:34:37 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-5qKfEe05di"
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/2492.jpg
144.217.159.164200 OK 13 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/2492.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 834acd26a90c161e868f3d3bf99de203
5433ea1f90fe6abc346480238390ccf9cfee0f1f
7268f499adcf8ef045202760b41f6c893d73d95024bd1e86d9f1a9e950b8c62d
GET /media/thumbs/embedded/2492.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 12917
last-modified: Sat, 06 Nov 2021 17:10:27 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:31:47 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:31:47 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-g0rNJqkMFh"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.42.148.177101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.148.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: O3hb0JJ0/BUzID8hkAuIDA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7Rj1HWahz9M+n8NS24f42urYcsU=
www.dump.xxx/media/thumbs/embedded/2183.jpg
144.217.159.164200 OK 15 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/2183.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash e53c12c5355cf2da27a2e8ebd392c556
b7c4817ad86dc84a6cf234106f1f286515ca4019
3de944982651f352df2c792fe68e81e7be7d0de2fb661d77afcb80d2c2d14c8e
GET /media/thumbs/embedded/2183.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 14643
last-modified: Sat, 06 Nov 2021 17:10:20 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 16:04:06 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 16:04:07 GMT
etag: W/"PSA-5TwSxTVc8t"
cache-control: max-age=2592000, public, s-maxage=10
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/502.jpg
144.217.159.164200 OK 14 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/502.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 45778783c5a149ab5bd49fb9483bdf48
b61c6a10f643622c7e492d68a4e57a86a47a56c1
a768910623704766fb861c922cb5de2f889759d095dee9444a7e73a1190b2950
GET /media/thumbs/embedded/502.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 16:24:05 GMT
content-type: image/jpeg
content-length: 14432
last-modified: Sat, 06 Nov 2021 17:09:49 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 16:24:05 GMT
vary: User-Agent
front-end-https: on
cache-control: max-age=2592000, public, s-maxage=10
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/936.jpg
144.217.159.164200 OK 18 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/936.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 8aa1bf002f94225812efd9ea6fb0d8a1
4128ecb62fb8c049b5b79144ba14cd558330af8d
107278b29e62d7d822e6e9a16c81514a626c86263fc4567db7e7e470ad4233ea
GET /media/thumbs/embedded/936.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 16:24:05 GMT
content-type: image/jpeg
content-length: 18423
last-modified: Sat, 06 Nov 2021 17:09:56 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 16:24:05 GMT
vary: User-Agent
front-end-https: on
cache-control: max-age=2592000, public, s-maxage=10
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/2426.jpg
144.217.159.164200 OK 14 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/2426.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash a85d9f97422ee511384f53db9a164c99
14e10f9fd43308e98f59a09c18f0d2a5c1183aee
e1d6bbd34a74f339b02bee665c81ebbe843bc5f82a371ecc3931aa4a2bcc3d14
GET /media/thumbs/embedded/2426.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 13493
last-modified: Sat, 06 Nov 2021 17:10:26 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:05:04 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:05:04 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-qF2fl0Iu5R"
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/6/1/d/e/0/561ddfbec28379.mp4/561ddfbec28379.mp4-1.jpg
144.217.159.164200 OK 11 kB URL HTTP/2 www.dump.xxx/media/thumbs/6/1/d/e/0/561ddfbec28379.mp4/561ddfbec28379.mp4-1.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 784da035644ed50f23284eb5ae56f6d5
e6a023c6a30754aae8635505ea43d761b35e1f59
4188e14c3ec9b2647fc27250fa364f0782f26edf56f7e6e8108448f80b5d4858
GET /media/thumbs/6/1/d/e/0/561ddfbec28379.mp4/561ddfbec28379.mp4-1.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 11327
last-modified: Tue, 11 Jan 2022 22:25:54 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:49:23 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:49:23 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-eE2gNWRO1Q"
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/1410.jpg
144.217.159.164200 OK 15 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/1410.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash e86c36f41ac26bfd35ff2858cbfd82bb
842160d0d318e7f12b5457165bc99ee9bb416afe
943da8eb9581e30764ba688178df17664e42bb8acae76440a024db1f839fc6e2
GET /media/thumbs/embedded/1410.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 14973
last-modified: Sat, 06 Nov 2021 17:10:05 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:03:04 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:03:04 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-6Gw29BrCa_"
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/6/3/4/6/7/563466fe28a422.mp4/563466fe28a422.mp4-1.jpg
144.217.159.164200 OK 13 kB URL HTTP/2 www.dump.xxx/media/thumbs/6/3/4/6/7/563466fe28a422.mp4/563466fe28a422.mp4-1.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 397ca201aca43f6c1838978f78484848
0011c1b3ad2c5337ce2c9fe7c13247c36979005b
c7d761ff052229e6fa871dffa16b2ba220c3e9c3e2a6aeaf77518192d8ec108f
GET /media/thumbs/6/3/4/6/7/563466fe28a422.mp4/563466fe28a422.mp4-1.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 12878
last-modified: Wed, 12 Oct 2022 09:02:29 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:07:04 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:07:04 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-OXyiAaykP2"
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/2352.jpg
144.217.159.164200 OK 19 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/2352.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 8ce45c956e64d3b19f128a9d50fc18d4
d539a98166f34782fa436df602b71c39a11cde21
94c5e0d456ccee7532c5599a8fd283c2c97111de9ba667ae559e239116a2fa43
GET /media/thumbs/embedded/2352.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 18766
last-modified: Sat, 06 Nov 2021 17:10:24 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:23:37 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:23:37 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-jORclW5k07"
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/6/2/6/9/3/5626924ca9e910.mp4/5626924ca9e910.mp4-1.jpg
144.217.159.164200 OK 14 kB URL HTTP/2 www.dump.xxx/media/thumbs/6/2/6/9/3/5626924ca9e910.mp4/5626924ca9e910.mp4-1.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 73e1a99d6d4991ed25fe882bcfd087d2
cfbdb78b9e829f631a25130b6062bd5aa42a834c
86a109d31cc52b6a8767ae909e721a1b828de8dec63db440ecfb40e2cfcbffa0
GET /media/thumbs/6/2/6/9/3/5626924ca9e910.mp4/5626924ca9e910.mp4-1.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 13636
last-modified: Wed, 27 Apr 2022 13:54:17 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:14:34 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:14:34 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-c-GpnW1Jke"
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/400.jpg
144.217.159.164200 OK 16 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/400.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 1a98ff50a3d803e27ad37ed6549734d9
27a53ecfd18161abede086e95df054a9e388373c
86aeefbb4c61f5860d8cf47c720fb403d6ce11fcd1cdd07ca4238fb905c54205
GET /media/thumbs/embedded/400.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 15748
last-modified: Sat, 06 Nov 2021 17:09:48 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:27:00 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:27:00 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-Gpj_UKPYA-"
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/2204.jpg
144.217.159.164200 OK 17 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/2204.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 60ac28c045cf0038397bc7425a2b1b06
8f552a795f679834dcd4089017ca2293d324cfb6
55b857939bcd1a6708922ff03ff8764505aac8a321f363e18aacbc75fe668d5e
GET /media/thumbs/embedded/2204.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 16955
last-modified: Sat, 06 Nov 2021 17:10:21 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:21:44 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:21:44 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-YKwowEXPAD"
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/2045.jpg
144.217.159.164200 OK 14 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/2045.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 7704983dedb7163632e569cee6334f7e
e70dac5d86e8b4c2e20d29973caac809f6d63e37
3a873bf533fa2996cc604ba15fa61573aad6e80dbd40af80eeb483f6175dc4ba
GET /media/thumbs/embedded/2045.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 13660
last-modified: Sat, 06 Nov 2021 17:10:19 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:49:35 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:49:35 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-dwSYPe23Fj"
X-Firefox-Spdy: h2
www.dump.xxx/templates/dump_tube/css/overwrite.css
144.217.159.164200 OK 0 B URL HTTP/2 www.dump.xxx/templates/dump_tube/css/overwrite.css
IP 144.217.159.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /templates/dump_tube/css/overwrite.css HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 16:24:05 GMT
content-type: text/css
content-length: 0
last-modified: Mon, 14 May 2018 07:35:31 GMT
accept-ranges: bytes
cache-control: max-age=604800, proxy-revalidate
expires: Fri, 16 Dec 2022 16:24:05 GMT
vary: User-Agent
front-end-https: on
X-Firefox-Spdy: h2
www.dump.xxx/templates/dump_tube/css/custom.css
144.217.159.164200 OK 0 B URL HTTP/2 www.dump.xxx/templates/dump_tube/css/custom.css
IP 144.217.159.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /templates/dump_tube/css/custom.css HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 16:24:05 GMT
content-type: text/css
content-length: 0
last-modified: Tue, 25 Oct 2016 15:29:03 GMT
accept-ranges: bytes
cache-control: max-age=604800, proxy-revalidate
expires: Fri, 16 Dec 2022 16:24:05 GMT
vary: User-Agent
front-end-https: on
X-Firefox-Spdy: h2
www.dump.xxx/templates/dump_tube/js/bootstrap.min.js+lazyload.min.js.pagespeed.jc.M3XZ4xSlvO.js
144.217.159.164200 OK 22 kB URL HTTP/2 www.dump.xxx/templates/dump_tube/js/bootstrap.min.js+lazyload.min.js.pagespeed.jc.M3XZ4xSlvO.js
IP 144.217.159.164:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash cc3e81bf355508bb51571ef76ff3c300
2fe4638ac7c052ad646bece4069e97653851b460
51577d6110e07496b542917b4f5420c1ce50f094725a6e08c636434381a1eaaa
GET /templates/dump_tube/js/bootstrap.min.js+lazyload.min.js.pagespeed.jc.M3XZ4xSlvO.js HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
front-end-https: on
date: Fri, 09 Dec 2022 13:58:50 GMT
expires: Sat, 09 Dec 2023 13:58:50 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Fri, 09 Dec 2022 13:58:50 GMT
x-original-content-length: 73623
vary: Accept-Encoding
content-encoding: gzip
content-length: 21553
x-page-speed: 1.13.35.2-0
X-Firefox-Spdy: h2
www.dump.xxx/templates/dump_tube/js/bootstrap-select.min.js.pagespeed.jm.r7oG0__Cuc.js
144.217.159.164200 OK 9.6 kB URL HTTP/2 www.dump.xxx/templates/dump_tube/js/bootstrap-select.min.js.pagespeed.jm.r7oG0__Cuc.js
IP 144.217.159.164:0
File type ASCII text, with very long lines (33112), with no line terminators
Hash a4999add4a15eeb21a0f20e134dcc2a6
215cbbba06247c00f640329694eb0ab7860a6f98
ce36674b4ae83c3b19213d8d7e3a97597ef07a8a82680f473e4d13d96692558a
GET /templates/dump_tube/js/bootstrap-select.min.js.pagespeed.jm.r7oG0__Cuc.js HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
front-end-https: on
date: Fri, 09 Dec 2022 13:16:11 GMT
expires: Sat, 09 Dec 2023 13:16:11 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Fri, 09 Dec 2022 13:16:11 GMT
x-original-content-length: 33335
vary: Accept-Encoding
content-encoding: gzip
content-length: 9603
x-page-speed: 1.13.35.2-0
X-Firefox-Spdy: h2
www.dump.xxx/templates/dump_tube/js/jquery.tinyscrollbar.min.js.pagespeed.jm.3FxXIp0s1A.js
144.217.159.164200 OK 1.4 kB URL HTTP/2 www.dump.xxx/templates/dump_tube/js/jquery.tinyscrollbar.min.js.pagespeed.jm.3FxXIp0s1A.js
IP 144.217.159.164:0
File type ASCII text, with very long lines (3927), with no line terminators
Hash 220fa1c58da89e0d11dd2ba41ae2517f
cd49b07c75e4c24b1f23f1f1ba5fc0bcb005b63a
685e1d263751bb5520346db25b6c0c1a7ad26c2052d8987aef7a2c8b0422679f
GET /templates/dump_tube/js/jquery.tinyscrollbar.min.js.pagespeed.jm.3FxXIp0s1A.js HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
front-end-https: on
date: Fri, 09 Dec 2022 13:16:11 GMT
expires: Sat, 09 Dec 2023 13:16:11 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Fri, 09 Dec 2022 13:16:11 GMT
x-original-content-length: 4105
vary: Accept-Encoding
content-encoding: gzip
content-length: 1412
x-page-speed: 1.13.35.2-0
X-Firefox-Spdy: h2
www.dump.xxx/templates/dump_tube/js/functions.js.pagespeed.jm.0knEcl_q6V.js
144.217.159.164200 OK 5.1 kB URL HTTP/2 www.dump.xxx/templates/dump_tube/js/functions.js.pagespeed.jm.0knEcl_q6V.js
IP 144.217.159.164:0
File type ASCII text, with very long lines (9719)
Hash 162b8fafc8189f3f15ca6418f35d36f1
11caded352825bb579e93f6eb20b7d4420053e22
5e6ea5b76568b7e3466835ced6363c609ee15de95f8f2638940a1b0d178710db
GET /templates/dump_tube/js/functions.js.pagespeed.jm.0knEcl_q6V.js HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
front-end-https: on
date: Fri, 09 Dec 2022 13:16:11 GMT
expires: Sat, 09 Dec 2023 13:16:11 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Fri, 09 Dec 2022 13:16:11 GMT
x-original-content-length: 26636
vary: Accept-Encoding
content-encoding: gzip
content-length: 5116
x-page-speed: 1.13.35.2-0
X-Firefox-Spdy: h2
www.dump.xxx/xxx/791/_,Mjo.Q8Szk-jnGf.js.pagespeed.jm.rtj3ylCGpu.js
144.217.159.164200 OK 11 kB URL HTTP/2 www.dump.xxx/xxx/791/_,Mjo.Q8Szk-jnGf.js.pagespeed.jm.rtj3ylCGpu.js
IP 144.217.159.164:0
File type ASCII text, with very long lines (45930), with no line terminators
Hash 4874619026ecc8ed7c4685d46c5d0541
1091ad62170ecea796d8af488492c75de53ff0f9
82cc791c258ebbec1c414848e46a893bf949db9853e565f0aa17ce14b58300aa
GET /xxx/791/_,Mjo.Q8Szk-jnGf.js.pagespeed.jm.rtj3ylCGpu.js HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
date: Fri, 09 Dec 2022 16:24:05 GMT
expires: Sat, 09 Dec 2023 16:24:05 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Fri, 09 Dec 2022 16:24:05 GMT
x-original-content-length: 45933
vary: Accept-Encoding
content-encoding: gzip
content-length: 11386
x-page-speed: 1.13.35.2-0
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/6/2/6/7/e/56267e0d089d83.mp4/56267e0d089d83.mp4-1.jpg
144.217.159.164200 OK 12 kB URL HTTP/2 www.dump.xxx/media/thumbs/6/2/6/7/e/56267e0d089d83.mp4/56267e0d089d83.mp4-1.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 6c29b31588d6d4cd87bc7903b5b50bb5
0a87535b0fda543f023828f013901a23b23fa102
cbcd9af661712c82bd11c4a6ec30ac1ec44872edffe304951ea1c7383e05e220
GET /media/thumbs/6/2/6/7/e/56267e0d089d83.mp4/56267e0d089d83.mp4-1.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 12152
last-modified: Tue, 26 Apr 2022 13:01:45 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:00:24 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:00:24 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-bCmzFYjW1M"
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/6/2/d/7/7/562d76e0b024ef.mp4/562d76e0b024ef.mp4-1.jpg
144.217.159.164200 OK 12 kB URL HTTP/2 www.dump.xxx/media/thumbs/6/2/d/7/7/562d76e0b024ef.mp4/562d76e0b024ef.mp4-1.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 947b419ca30a9ca4469efe827cd15d81
f74eefad72dbacf312165189de530e0481cd81f0
49f5bd4a573510fbea7379c799e4fc7547876c976888ef61ccb3cbba5f3b291d
GET /media/thumbs/6/2/d/7/7/562d76e0b024ef.mp4/562d76e0b024ef.mp4-1.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 12426
last-modified: Wed, 20 Jul 2022 03:48:25 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:42:13 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:42:13 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-lHtBnKMKnK"
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/6/2/0/b/5/5620b57197415f.mp4/5620b57197415f.mp4-1.jpg
144.217.159.164200 OK 11 kB URL HTTP/2 www.dump.xxx/media/thumbs/6/2/0/b/5/5620b57197415f.mp4/5620b57197415f.mp4-1.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 3b178584be548cafcb011ec6304c6e15
e720e7b51b8560c770cc6b821dcf39331c65d4c8
87d7f6cea04d09222badd23e8ee40717ec84b3a45a5ed5b51239290cc8be3b2f
GET /media/thumbs/6/2/0/b/5/5620b57197415f.mp4/5620b57197415f.mp4-1.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 11156
last-modified: Tue, 15 Feb 2022 08:00:37 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:08:19 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:08:19 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-OxeFhL5UjK"
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/2385.jpg
144.217.159.164200 OK 15 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/2385.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 4103577b7ec911ab7d39b7599ae7c98d
1c19f2cd822071a5668ba309297320757235de37
791be63654d2adbd78509058dcf0dcb61b8ec5f0b60af979547855730bd47988
GET /media/thumbs/embedded/2385.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 14928
last-modified: Sat, 06 Nov 2021 17:10:25 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:12:48 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:12:48 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-QQNXe37JEa"
X-Firefox-Spdy: h2
www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
144.217.159.164404 Not Found 23 kB URL HTTP/2 www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
IP 144.217.159.164:0
Hash 5ed532a9cd16158afcb6c639b97ba51c
c7d0a82870884780bf1fe7c85b13227bc3efbaea
e64bc493c05809b84eb8e14e917962c6a7fbc5052fbadf22fe0ec678f203879d
GET /xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
server: nginx
content-type: text/html;charset=utf-8
pragma: no-cache
x-xss-protection: 1
x-content-type-options: nosniff
set-cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3; expires=Sat, 10-Dec-2022 16:24:05 GMT; Max-Age=86400; path=/
vary: Accept-Encoding, User-Agent
date: Fri, 09 Dec 2022 16:24:05 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/422.jpg
144.217.159.164200 OK 19 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/422.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 69337cba1639fa6304f5c06e16e3a14c
15cc3fff6a6642213ae120a04a6c17922d812f2a
f23a06fcc36b7c2ba1bd456c2fb33a455873875b88cca254f1e34cbd5c778896
GET /media/thumbs/embedded/422.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 18978
last-modified: Sat, 06 Nov 2021 17:09:48 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:30:50 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:30:50 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-aTN8uhY5-m"
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/6/1/b/5/5/561b53d7370cce.mp4/561b53d7370cce.mp4-1.jpg
144.217.159.164200 OK 13 kB URL HTTP/2 www.dump.xxx/media/thumbs/6/1/b/5/5/561b53d7370cce.mp4/561b53d7370cce.mp4-1.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash b7a9402748e461ab6cbd86447921072d
2ce814c919842b6e22d613beb22b91c8966c44c5
7a828c4b67d98150e277b55ffbda72afec6845bfa2bc02b0e5e454bb750d5ee3
GET /media/thumbs/6/1/b/5/5/561b53d7370cce.mp4/561b53d7370cce.mp4-1.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 12635
last-modified: Sun, 12 Dec 2021 02:45:47 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:07:34 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:07:34 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-t6lAJ0jkYa"
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/6/2/5/1/1/5625119ba3cd13.mp4/5625119ba3cd13.mp4-1.jpg
144.217.159.164200 OK 12 kB URL HTTP/2 www.dump.xxx/media/thumbs/6/2/5/1/1/5625119ba3cd13.mp4/5625119ba3cd13.mp4-1.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash a3f76cfd169124a8d01b7b4e8675bbf0
a6b0c253dc02bfd0fe193ab22b4b32069dfb4085
6e95d2bfbd73a30b9e20a8c2dd0a8b82d746e11a301b487a5d862025b0437ad5
GET /media/thumbs/6/2/5/1/1/5625119ba3cd13.mp4/5625119ba3cd13.mp4-1.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 12139
last-modified: Sat, 09 Apr 2022 06:11:48 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 14:14:20 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 14:14:20 GMT
etag: W/"PSA-o_ds_RaRJK"
cache-control: max-age=2592000, public, s-maxage=10
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/6/2/e/3/c/562e3b8f0cde41.mp4/562e3b8f0cde41.mp4-1.jpg
144.217.159.164200 OK 11 kB URL HTTP/2 www.dump.xxx/media/thumbs/6/2/e/3/c/562e3b8f0cde41.mp4/562e3b8f0cde41.mp4-1.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 6510af66c2508a3e3032c1c5fb2a1836
1c684af6b4eb32264c96e4a2345ef0b7f8d8fc7a
777376d879803c8fb68adf07cef67ea2e8b350f69ae0c4eab0868a5e89ef8307
GET /media/thumbs/6/2/e/3/c/562e3b8f0cde41.mp4/562e3b8f0cde41.mp4-1.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 10605
last-modified: Fri, 29 Jul 2022 11:57:01 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 14:02:52 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 14:02:52 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-ZRCvZsJQij"
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/362.jpg
144.217.159.164200 OK 15 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/362.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash e402696fc363ffd069327385a674b2ba
503fc6bec17b791535cbe1ba9c6d846611625bfc
3e157bb1b0c438a014b65dbb67399f1c0e29560c0602b5c01d350110bb86ddaa
GET /media/thumbs/embedded/362.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 14974
last-modified: Sat, 06 Nov 2021 17:09:47 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 15:53:24 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 15:53:28 GMT
etag: W/"PSA-5AJpb8Nj_9"
cache-control: max-age=2592000, public, s-maxage=10
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/1284.jpg
144.217.159.164200 OK 13 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/1284.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 87426db510dafd217aea1d4ed5e5faec
87c27a0407a5e22e97b52b0315b0fbf411a5ddd4
be1bcb636899fa5e05948fc4bd9501aeec344064cddde2f49156430cfe34f46c
GET /media/thumbs/embedded/1284.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 13390
last-modified: Sat, 06 Nov 2021 17:10:03 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:14:02 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:14:02 GMT
etag: W/"PSA-h0JttRDa_S"
cache-control: max-age=2592000, public, s-maxage=10
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/1061.jpg
144.217.159.164200 OK 15 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/1061.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash e84f506cc2add88d2c58f20899bf361b
f486cd338534fd2ba3bae95856c6b4cc33b4f775
7505cd4209f32364db67afa83aa52181fba67cb5d3226dafa8de5e1a763bd225
GET /media/thumbs/embedded/1061.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 15227
last-modified: Sat, 06 Nov 2021 17:09:58 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 14:17:50 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 14:17:50 GMT
etag: W/"PSA-6E9QbMKt2I"
cache-control: max-age=2592000, public, s-maxage=10
X-Firefox-Spdy: h2
www.dump.xxx/templates/dump_tube/fonts/Roboto/Roboto-Medium.ttf
144.217.159.164200 OK 172 kB URL HTTP/2 www.dump.xxx/templates/dump_tube/fonts/Roboto/Roboto-Medium.ttf
IP 144.217.159.164:0
File type TrueType Font data, 18 tables, 1st "GDEF", 28 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.Roboto MediumRegularVersion 2.137; 2017Roboto-Med\012- data
Size 172 kB (172064 bytes)
Hash d08840599e05db7345652d3d417574a9
5f16f4d6dbb4a4f12d8ae96488ac209bb49762a5
f205cc511821ea56078a105557fcea6253129404d411c997e1866fbd006abb68
GET /templates/dump_tube/fonts/Roboto/Roboto-Medium.ttf HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/templates/dump_tube/css/A.style.css.pagespeed.cf.2azX20yOiJ.css
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 16:24:05 GMT
content-type: font/ttf
content-length: 172064
last-modified: Tue, 08 Jan 2013 23:00:00 GMT
accept-ranges: bytes
expires: Sun, 11 Dec 2022 16:24:05 GMT
vary: Accept-Encoding,User-Agent
front-end-https: on
cache-control: max-age=172800, s-maxage=10
X-Firefox-Spdy: h2
www.dump.xxx/templates/dump_tube/fonts/fontawesome_5.7.1/fa-solid-900.woff2
144.217.159.164200 OK 74 kB URL HTTP/2 www.dump.xxx/templates/dump_tube/fonts/fontawesome_5.7.1/fa-solid-900.woff2
IP 144.217.159.164:0
File type Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Hash 3638e62ea50e6f5859b6a15276c25c87
f5aa1a463e223a294a42b314e1c63a614d594ec0
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
GET /templates/dump_tube/fonts/fontawesome_5.7.1/fa-solid-900.woff2 HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.dump.xxx/templates/dump_tube/css/A.style.css.pagespeed.cf.2azX20yOiJ.css
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 16:24:05 GMT
content-type: font/woff2
content-length: 74320
last-modified: Tue, 12 Feb 2019 08:42:30 GMT
accept-ranges: bytes
expires: Sun, 11 Dec 2022 16:24:05 GMT
vary: User-Agent
front-end-https: on
cache-control: max-age=172800, s-maxage=10
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/497.jpg
144.217.159.164200 OK 16 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/497.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 837d074b4df1adec4d9635d49e89bb19
0e9e0f2614f027ad2dd0b18c336008516120d2ec
7621829b60c74bfeff2fe96b9033bbc02f65abc9241ffa79480fcc310ead5883
GET /media/thumbs/embedded/497.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 16:24:05 GMT
content-type: image/jpeg
content-length: 16349
last-modified: Sat, 06 Nov 2021 17:09:49 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 16:24:05 GMT
vary: User-Agent
front-end-https: on
cache-control: max-age=2592000, public, s-maxage=10
X-Firefox-Spdy: h2
www.dump.xxx/media/thumbs/embedded/1493.jpg
144.217.159.164200 OK 14 kB URL HTTP/2 www.dump.xxx/media/thumbs/embedded/1493.jpg
IP 144.217.159.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 278x170, components 3\012- data
Hash 278c8283c05f54884b6d2df64296c1a9
5e8bb6e9deb510bb7c716d4a4fd32afdcb69609d
a224fab14cd044c845059a0eb77b7d4c3f4f7acce9794e467897f9f438666d18
GET /media/thumbs/embedded/1493.jpg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 16:24:05 GMT
content-type: image/jpeg
content-length: 14330
last-modified: Sat, 06 Nov 2021 17:10:07 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 16:24:05 GMT
vary: User-Agent
front-end-https: on
cache-control: max-age=2592000, public, s-maxage=10
X-Firefox-Spdy: h2
www.dump.xxx/templates/dump_tube/fonts/Roboto/Roboto-Regular.ttf
144.217.159.164200 OK 172 kB URL HTTP/2 www.dump.xxx/templates/dump_tube/fonts/Roboto/Roboto-Regular.ttf
IP 144.217.159.164:0
File type TrueType Font data, 18 tables, 1st "GDEF", 26 names, Macintosh, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRob\012- data
Size 172 kB (171676 bytes)
Hash 3e1af3ef546b9e6ecef9f3ba197bf7d2
dd1b1db13ff1f72138c134c62f38fef83749f36a
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
GET /templates/dump_tube/fonts/Roboto/Roboto-Regular.ttf HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/templates/dump_tube/css/A.style.css.pagespeed.cf.2azX20yOiJ.css
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 16:24:05 GMT
content-type: font/ttf
content-length: 171676
last-modified: Tue, 08 Jan 2013 23:00:00 GMT
accept-ranges: bytes
expires: Sun, 11 Dec 2022 16:24:05 GMT
vary: Accept-Encoding,User-Agent
front-end-https: on
cache-control: max-age=172800, s-maxage=10
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 606e3534ee01faea35dbd1ff71113671
e60579ad92de7b731fc67ed1d00e1d865eaf0492
dda482a6359af8811bef36e09c871db47d90665a24fa4e9809f247f7f8ec8a8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DDA482A6359AF8811BEF36E09C871DB47D90665A24FA4E9809F247F7F8EC8A8F"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2049
Expires: Fri, 09 Dec 2022 16:58:15 GMT
Date: Fri, 09 Dec 2022 16:24:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1a61c2552d60d26f1fae5a7977c002cd
af90e005825272553f8dca275f83d4affc52e27d
e847f8dfffe6dc58abf1d89afe44ba4c7367a52df4d2863d3c90d97e3470b77d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E847F8DFFFE6DC58ABF1D89AFE44BA4C7367A52DF4D2863D3C90D97E3470B77D"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11131
Expires: Fri, 09 Dec 2022 19:29:37 GMT
Date: Fri, 09 Dec 2022 16:24:06 GMT
Connection: keep-alive
coreportions.com/10/53/04/105304e684ccab534731149ed1bdf124.js
173.233.139.164200 OK 13 kB URL HTTP/1.1 coreportions.com/10/53/04/105304e684ccab534731149ed1bdf124.js
IP 173.233.139.164:0
File type ASCII text, with very long lines (37190), with no line terminators
Hash e5fb09704d467972415290610de9dd7c
065df11e695737df67bd73ae52332f9d9e8e2188
2d939d0c87561fb30cdf1cdb12ad122bf091e5a2e651cc0b02a24ffa7ca7be11
Analyzer Verdict Alert quad9 Sinkholed
GET /10/53/04/105304e684ccab534731149ed1bdf124.js HTTP/1.1
Host: coreportions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 16:24:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a18045bfaa6725854e7da288ebea9b3b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
coreportions.com/67/2d/85/672d85ea2c0a2440ce89a486df2fb3d3.js
173.233.139.164200 OK 21 kB URL HTTP/1.1 coreportions.com/67/2d/85/672d85ea2c0a2440ce89a486df2fb3d3.js
IP 173.233.139.164:0
File type HTML document, ASCII text, with very long lines (60203), with no line terminators
Hash 43c55c52557803f3bcbcca625a1eaea3
3d6493f54553458231f33c5d707ec25719eb6163
a259a0a62bd76abb34bbbf3bef027c904a356db8b065dfd41912d02323f0628e
Analyzer Verdict Alert quad9 Sinkholed
GET /67/2d/85/672d85ea2c0a2440ce89a486df2fb3d3.js HTTP/1.1
Host: coreportions.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 16:24:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: da07b42265b06cae812aeeae7979a521
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.dump.xxx/stats/u.php?id=8d6d3faa53499ef7a2662dcf1646cc4f&s=91
144.217.159.164200 OK 0 B URL HTTP/2 www.dump.xxx/stats/u.php?id=8d6d3faa53499ef7a2662dcf1646cc4f&s=91
IP 144.217.159.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/u.php?id=8d6d3faa53499ef7a2662dcf1646cc4f&s=91 HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3; dump_xxx=bm9yZWZ8fHwxfDB8MHxub25lfDA6; dump_xxx_b=1670603045
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 16:24:06 GMT
content-type: text/html; charset=UTF-8
content-length: 0
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0, private, no-store, no-cache, must-revalidate
expires: Fri, 09 Dec 2022 16:24:07 GMT
vary: User-Agent
front-end-https: on
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 903b57e9469c6f9aed96e4c10f8d335d
a6a4b2f07388b846299e86785a8c746a71632ed3
1ed983e83ea9a1c376a5b801250b9f22aecdffddf4f4600b5b92646fe0609f6a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1ED983E83EA9A1C376A5B801250B9F22AECDFFDDF4F4600B5B92646FE0609F6A"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3091
Expires: Fri, 09 Dec 2022 17:15:37 GMT
Date: Fri, 09 Dec 2022 16:24:06 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 7a3b93489047f9ea14340f8606a4e869
6ed81d6bfa1507093680864ac2a93414473afcb2
ad23df78236e546d4650ec7b8b8f9094a4c927f0291c5f5ad86abfd997afae45
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Dec 2022 16:24:06 GMT
Last-Modified: Fri, 09 Dec 2022 16:06:45 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TYaFTGo15jLejmgvisU8Um1gLTLoO9oCsm4MD0hqmPmT-Gz_bFDArA==
Age: 1041
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8cd3be089cb19b3f640ea8cda3cc2af2
48f4c70d9a6f49b9f3671b811dd2fe37d8576c38
d95f3b2bf54014fbd6e4d5dc0df799c8ca655f63dd44a2b8f40e2205152b541b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D95F3B2BF54014FBD6E4D5DC0DF799C8CA655F63DD44A2B8F40E2205152B541B"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6327
Expires: Fri, 09 Dec 2022 18:09:33 GMT
Date: Fri, 09 Dec 2022 16:24:06 GMT
Connection: keep-alive
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash b24b5c5d632fdf7ceedc5e56fdae59c0
6805f34c8711f9836cab2e334d9781225b2f2d36
11a5f2d6190b4f5797a5ec87e45d285eb2f33a7a0e0fcbb27891ecf6fda96c37
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dump.xxx
Connection: keep-alive
Referer: https://www.dump.xxx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 16:24:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.dump.xxx
access-control-allow-credentials: true
set-cookie: uid_id2=2d8a4906-a24b-4fd5-8431-ea9baed2d5ca:1:1; expires=Mon, 06 Dec 2032 16:24:06 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 7a3b93489047f9ea14340f8606a4e869
6ed81d6bfa1507093680864ac2a93414473afcb2
ad23df78236e546d4650ec7b8b8f9094a4c927f0291c5f5ad86abfd997afae45
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163566
Date: Fri, 09 Dec 2022 16:24:06 GMT
Etag: "6393389b-1d7"
Expires: Sun, 11 Dec 2022 13:50:12 GMT
Last-Modified: Fri, 09 Dec 2022 13:31:07 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EX_pLoBed5NQrsX8xOWG4hkFmGAmjzjFO39jG2edBOR93ypeJ5q74w==
Age: 1145
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 804376fcc1dcd133e01f49cd3efce9dc
32213e1745468bebe2851c1bde2f8394350f8009
1b1473910eefca58f5cdcaacda16602546cc0ed3e36725b9b5f0c33617bb7a16
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dump.xxx
Connection: keep-alive
Referer: https://www.dump.xxx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 16:24:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.dump.xxx
access-control-allow-credentials: true
set-cookie: uid_id2=591d61cf-0806-4cdf-827e-1bb0d66bb7ba:1:1; expires=Mon, 06 Dec 2032 16:24:06 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 903b57e9469c6f9aed96e4c10f8d335d
a6a4b2f07388b846299e86785a8c746a71632ed3
1ed983e83ea9a1c376a5b801250b9f22aecdffddf4f4600b5b92646fe0609f6a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1ED983E83EA9A1C376A5B801250B9F22AECDFFDDF4F4600B5B92646FE0609F6A"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3091
Expires: Fri, 09 Dec 2022 17:15:37 GMT
Date: Fri, 09 Dec 2022 16:24:06 GMT
Connection: keep-alive
fairfaxgeorgianayourself.com/pixel/purst?dl=0&th=0&sc=0&rs=1762&rd=1762&fd=945&bv=22.10.v.9&tmpl=70
173.233.137.36200 OK 0 B URL HTTP/1.1 fairfaxgeorgianayourself.com/pixel/purst?dl=0&th=0&sc=0&rs=1762&rd=1762&fd=945&bv=22.10.v.9&tmpl=70
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1762&rd=1762&fd=945&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 16:24:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fairfaxgeorgianayourself.com/43/9b/c9/439bc92bde6d9b897c90c9694312cc38.js
173.233.137.36200 OK 29 kB URL HTTP/1.1 fairfaxgeorgianayourself.com/43/9b/c9/439bc92bde6d9b897c90c9694312cc38.js
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 610d22de417d8f4b851533d623621e32
5e65fd5a04a511ea932bb0f17526aac59e6c1274
2eebdb72530167f433c85097ea03fbe0d381fd12983f3844b1f47fc77c10a555
Analyzer Verdict Alert quad9 Sinkholed
GET /43/9b/c9/439bc92bde6d9b897c90c9694312cc38.js HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 16:24:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3e74ade3c0a1a8c6161f6eb2f772b02c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3777
Expires: Fri, 09 Dec 2022 17:27:03 GMT
Date: Fri, 09 Dec 2022 16:24:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3777
Expires: Fri, 09 Dec 2022 17:27:03 GMT
Date: Fri, 09 Dec 2022 16:24:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3777
Expires: Fri, 09 Dec 2022 17:27:03 GMT
Date: Fri, 09 Dec 2022 16:24:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3777
Expires: Fri, 09 Dec 2022 17:27:03 GMT
Date: Fri, 09 Dec 2022 16:24:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3777
Expires: Fri, 09 Dec 2022 17:27:03 GMT
Date: Fri, 09 Dec 2022 16:24:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 33051
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nXaZ1pazAGWMI9GFYZjGlvVVIb8wX6feD0O8VpzjsL8F8l3mFmydAw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:59 GMT
age: 33007
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 66762
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a22fc7807fb3337f0af5e546c7ad366a
0d5969394b370a5c77c53ed58f55e5f8a45da3ab
98b4f4fd27dc036697fb0328083bce6e691b7493428f3a54991087d9d1165d97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5530
x-amzn-requestid: adecbb8c-cec3-46a0-b32c-0026b8421fe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4d8Fg6IAMF61g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903abf-4bcb385f27cb438c36a2cd5e;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uoulSfEOLxBRCmwK55huNOYSqpyZMFiibwTjm-HqOf67vsf-3o5jtg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 13:33:54 GMT
age: 85181
etag: "0d5969394b370a5c77c53ed58f55e5f8a45da3ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: swNGUcNy2i0w9UGe-EJhwslE01TzTC3rrDhLhVVxHyhWMGSC1uq0mA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:46:15 GMT
age: 41871
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:38:26 GMT
age: 45940
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 583e393554c6c39e8b5e35445d44e256
ce70b1ecd95117cd989ff9b2f968afd16197f789
72d81586c02ab7ef1b7a89ca4611f72cfe6c023dede064ddb4b8cc8f1519490a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72D81586C02AB7EF1B7A89CA4611F72CFE6C023DEDE064DDB4B8CC8F1519490A"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9257
Expires: Fri, 09 Dec 2022 18:58:23 GMT
Date: Fri, 09 Dec 2022 16:24:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b4187bb7832fd2a3dbc269d981466f7a
c5129b0ee10e1ed34341cc13a5b7f979632e119f
c7d55fcd8889e65ece8ad1ab223432b882adaa26efe4289e0504705f988f9b35
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7D55FCD8889E65ECE8AD1AB223432B882ADAA26EFE4289E0504705F988F9B35"
Last-Modified: Fri, 09 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5947
Expires: Fri, 09 Dec 2022 18:03:13 GMT
Date: Fri, 09 Dec 2022 16:24:06 GMT
Connection: keep-alive
fairfaxgeorgianayourself.com/sbar.json?key=105304e684ccab534731149ed1bdf124&uuid=2d8a4906-a24b-4fd5-8431-ea9baed2d5ca%3A1%3A1
173.233.137.36200 OK 3.4 kB URL HTTP/1.1 fairfaxgeorgianayourself.com/sbar.json?key=105304e684ccab534731149ed1bdf124&uuid=2d8a4906-a24b-4fd5-8431-ea9baed2d5ca%3A1%3A1
IP 173.233.137.36:0
File type JSON data\012- , ASCII text, with very long lines (5983), with no line terminators
Hash 02aa59d728a1f0b550fc6ffd8f94f82c
cb53f8079898c17c59cb0a91244df6768b6322eb
943b2d49e1fa1e5ab6afcf6fbb06b4bbec6c7de93e22780ab6657e56092f86dd
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=105304e684ccab534731149ed1bdf124&uuid=2d8a4906-a24b-4fd5-8431-ea9baed2d5ca%3A1%3A1 HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dump.xxx
Connection: keep-alive
Referer: https://www.dump.xxx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 16:24:07 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.dump.xxx
Access-Control-Allow-Origin: https://www.dump.xxx
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17233750; expires=Sat, 10 Dec 2022 16:24:06 GMT; secure; SameSite=None
uid_id2=2d8a4906-a24b-4fd5-8431-ea9baed2d5ca:1:1; expires=Fri, 16 Dec 2022 16:24:06 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 10 Dec 2022 16:24:07 GMT; secure; SameSite=None
uncs=1; expires=Sat, 10 Dec 2022 16:24:07 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 10 Dec 2022 16:24:07 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 10 Dec 2022 16:24:07 GMT; secure; SameSite=None
slec105304e684ccab534731149ed1bdf124=[3843301]; expires=Fri, 09 Dec 2022 16:24:12 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9d8fa51cede4d6903498ddb910aa85f8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 09 Dec 2022 15:34:02 GMT
expires: Fri, 09 Dec 2022 17:34:02 GMT
cache-control: public, max-age=7200
age: 3005
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
192.243.59.12200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Dec 2022 16:24:07 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ba87c4653865a8d072d52c8a528d7842
Strict-Transport-Security: max-age=0; includeSubdomains
www.dump.xxx/favicon/android-icon-192x192.png
144.217.159.164200 OK 40 kB URL HTTP/2 www.dump.xxx/favicon/android-icon-192x192.png
IP 144.217.159.164:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash c6ea7d4edd7a519a51710282b883256a
778ae51d8e89f9c2466af45a4d63f87900a69f93
8d403a2598cd9029d279271c336439553e23959c6b4052ed1304f5cf8b00617c
GET /favicon/android-icon-192x192.png HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3; dump_xxx=bm9yZWZ8fHwxfDB8MHxub25lfDA6; dump_xxx_b=1670603045; ppu_show_on_672d85ea2c0a2440ce89a486df2fb3d3=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=591d61cf-0806-4cdf-827e-1bb0d66bb7ba%3A1%3A1; sb_page_105304e684ccab534731149ed1bdf124=1; sb_onpage_105304e684ccab534731149ed1bdf124=1; sb_main_105304e684ccab534731149ed1bdf124=1; sb_count_105304e684ccab534731149ed1bdf124=1; ppu_main_672d85ea2c0a2440ce89a486df2fb3d3=1; ppu_exp_672d85ea2c0a2440ce89a486df2fb3d3=1670604845904
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 39483
last-modified: Mon, 08 Nov 2021 12:54:00 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:00:19 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:00:19 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-xup9Tt16UZ"
X-Firefox-Spdy: h2
www.dump.xxx/favicon/favicon-16x16.png
144.217.159.164200 OK 1.6 kB URL HTTP/2 www.dump.xxx/favicon/favicon-16x16.png
IP 144.217.159.164:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b2d6e31ab4b59fbd24bdcb2f2bc38516
234d0d3904278f758dbfcc06f61d7852632caea8
0fcf1ea6724b71e18fc1d09030c86ea76f4bd65223399ed8fd7f4c95cb321ca4
GET /favicon/favicon-16x16.png HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3; dump_xxx=bm9yZWZ8fHwxfDB8MHxub25lfDA6; dump_xxx_b=1670603045; ppu_show_on_672d85ea2c0a2440ce89a486df2fb3d3=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=591d61cf-0806-4cdf-827e-1bb0d66bb7ba%3A1%3A1; sb_page_105304e684ccab534731149ed1bdf124=1; sb_onpage_105304e684ccab534731149ed1bdf124=1; sb_main_105304e684ccab534731149ed1bdf124=1; sb_count_105304e684ccab534731149ed1bdf124=1; ppu_main_672d85ea2c0a2440ce89a486df2fb3d3=1; ppu_exp_672d85ea2c0a2440ce89a486df2fb3d3=1670604845904
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 1633
last-modified: Mon, 08 Nov 2021 12:54:00 GMT
accept-ranges: bytes
expires: Sun, 08 Jan 2023 13:00:19 GMT
vary: User-Agent
front-end-https: on
date: Fri, 09 Dec 2022 13:00:19 GMT
cache-control: max-age=2592000, public
etag: W/"PSA-stbjGrS1n7"
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 96ffc94704e14c0a43103e77a67ea03c
16ac34abeb5c091f06142488f557b2aea78f146f
8ebd242e747c1d7010394568b6bc785cab76888767ebf9dea4e86e1951999efc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EBD242E747C1D7010394568B6BC785CAB76888767EBF9DEA4E86E1951999EFC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7372
Expires: Fri, 09 Dec 2022 18:26:59 GMT
Date: Fri, 09 Dec 2022 16:24:07 GMT
Connection: keep-alive
recesslikeness.com/pixel/purst?dl=0&th=0&sc=0&rs=2191&rd=2191&fd=506&bv=22.10.v.10&tmpl=136
192.243.61.225200 OK 0 B URL HTTP/1.1 recesslikeness.com/pixel/purst?dl=0&th=0&sc=0&rs=2191&rd=2191&fd=506&bv=22.10.v.10&tmpl=136
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2191&rd=2191&fd=506&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: recesslikeness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 16:24:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fairfaxgeorgianayourself.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRRStjpsgetHgRVAcUTCCO9s90727kxyWxLgSXJOQRHPxYFVX9Wy51V1tVff0ZE%2FBiEYQMtGLJ%2Bl9M8kSDWLuCqHXiwwIOx5kENdTwLskghdlJoOLH6r%2Br3r%2F8N77%2F6OtfI%2B4yOn47Jt6UypFF4K6WztyUSZcF7Z2%2BkLNc%2BvusdpFmSz6x2rdyWU6Rz03qLsv114X4YZeaLie63quV1uVRkS6uzBFIdPbLa%2Fecut%2Bo%2B4FPrrm%2F2%2BbO7DUAe%2FskcOQfHRw%2Fcc7kGGFJP72pLAbmU5feS3OFc20QYdvv5VsJLpIEO%2BXkXEQJduzbmg7IuSLA9DJ9kwBdGcwUQAmR8T5xQNLtmc0wTo3HjJlCiIB44%2Bj6FQQqoKkFUJ9BZLvEiDkOH0GSXzztDYFvfQQpRN0ROYe%2FAlZjMjcb08hib85oWS3dl6rPJM6sehGJWS3gmxXSPMdZJsOZLGDMPsAkv9EFh6sIYkHZ6zSkHz8YoMvU7%2FlLs7Ths%2Fm%2FYgH88t%2B05sXtMWo4A0ehHRqkZQVZFRBiR6odZBPjnSQRw7y1EHMxzUatCLXXYpY1Gwu%2B2EYNpthGCwv8oA3%2FeXIRR5ONPSQpT2EqofQXEZqLmNDfrYbHH4eJr8Lu17Ccgc2I%2BjwEoUgKCxBQQkKSVBkBEWnvMGVbdjyJlc2Z94sN2a5WfZ11t6iN3TWFgnZSvfIkxPznEN%2FvY0NMa55btB0fbE4YUlZ0PSXmp7ntwT3GI%2B8hg8rS0h7YCp1U47IM6tzSOXuCx%2BC0R1YtYNQPgGaPwta9JcaLuh63192sZncivL3hamHOgbXJdJsDtklZ0vtkaen8zs6uAcRDld2%2Fzn063fnxwhNidSUeE%2F%2BQNBWV%2FvndEEG53RhyZ0zaSZjuUknsz2f0Uwc%2FOoNcanQhp86aXu3jocTYFLeviBstkYTLpO2JV%2BfkJwLs6pNKMj3p%2BxFwc7mdv1EbpI8XTv76uqpODXCWqmTClSOCLn%2BO0I5Io99%2Bel0b5%2BL%2FoA0FUxeIs6HZBaQegdhehk2Ha7s%2Fn1fDh69CqsJjNrvYamDIi%2F7psH2P5UcEf%2Fje1BiuHL33rvHP1laA2UlrBiuVNfeOXK%2FugYm%2FjNly15F2zig2RUkcYmOKdFRJajqweaP9LPUDFd%2Bbk4DTDl9powzYMqo6w8NtnJcE0HkRsJtCBa1WLREXd6K%2FBajLU8ssYB6yOwo%2FJy%2B9C8AAAD%2F%2FwEAAP%2F%2FMt%2FoGpMEAAA%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 fairfaxgeorgianayourself.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRRStjpsgetHgRVAcUTCCO9s90727kxyWxLgSXJOQRHPxYFVX9Wy51V1tVff0ZE%2FBiEYQMtGLJ%2Bl9M8kSDWLuCqHXiwwIOx5kENdTwLskghdlJoOLH6r%2Br3r%2F8N77%2F6OtfI%2B4yOn47Jt6UypFF4K6WztyUSZcF7Z2%2BkLNc%2BvusdpFmSz6x2rdyWU6Rz03qLsv114X4YZeaLie63quV1uVRkS6uzBFIdPbLa%2Fecut%2Bo%2B4FPrrm%2F2%2BbO7DUAe%2FskcOQfHRw%2Fcc7kGGFJP72pLAbmU5feS3OFc20QYdvv5VsJLpIEO%2BXkXEQJduzbmg7IuSLA9DJ9kwBdGcwUQAmR8T5xQNLtmc0wTo3HjJlCiIB44%2Bj6FQQqoKkFUJ9BZLvEiDkOH0GSXzztDYFvfQQpRN0ROYe%2FAlZjMjcb08hib85oWS3dl6rPJM6sehGJWS3gmxXSPMdZJsOZLGDMPsAkv9EFh6sIYkHZ6zSkHz8YoMvU7%2FlLs7Ths%2Fm%2FYgH88t%2B05sXtMWo4A0ehHRqkZQVZFRBiR6odZBPjnSQRw7y1EHMxzUatCLXXYpY1Gwu%2B2EYNpthGCwv8oA3%2FeXIRR5ONPSQpT2EqofQXEZqLmNDfrYbHH4eJr8Lu17Ccgc2I%2BjwEoUgKCxBQQkKSVBkBEWnvMGVbdjyJlc2Z94sN2a5WfZ11t6iN3TWFgnZSvfIkxPznEN%2FvY0NMa55btB0fbE4YUlZ0PSXmp7ntwT3GI%2B8hg8rS0h7YCp1U47IM6tzSOXuCx%2BC0R1YtYNQPgGaPwta9JcaLuh63192sZncivL3hamHOgbXJdJsDtklZ0vtkaen8zs6uAcRDld2%2Fzn063fnxwhNidSUeE%2F%2BQNBWV%2FvndEEG53RhyZ0zaSZjuUknsz2f0Uwc%2FOoNcanQhp86aXu3jocTYFLeviBstkYTLpO2JV%2BfkJwLs6pNKMj3p%2BxFwc7mdv1EbpI8XTv76uqpODXCWqmTClSOCLn%2BO0I5Io99%2Bel0b5%2BL%2FoA0FUxeIs6HZBaQegdhehk2Ha7s%2Fn1fDh69CqsJjNrvYamDIi%2F7psH2P5UcEf%2Fje1BiuHL33rvHP1laA2UlrBiuVNfeOXK%2FugYm%2FjNly15F2zig2RUkcYmOKdFRJajqweaP9LPUDFd%2Bbk4DTDl9powzYMqo6w8NtnJcE0HkRsJtCBa1WLREXd6K%2FBajLU8ssYB6yOwo%2FJy%2B9C8AAAD%2F%2FwEAAP%2F%2FMt%2FoGpMEAAA%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRRStjpsgetHgRVAcUTCCO9s90727kxyWxLgSXJOQRHPxYFVX9Wy51V1tVff0ZE%2FBiEYQMtGLJ%2Bl9M8kSDWLuCqHXiwwIOx5kENdTwLskghdlJoOLH6r%2Br3r%2F8N77%2F6OtfI%2B4yOn47Jt6UypFF4K6WztyUSZcF7Z2%2BkLNc%2BvusdpFmSz6x2rdyWU6Rz03qLsv114X4YZeaLie63quV1uVRkS6uzBFIdPbLa%2Fecut%2Bo%2B4FPrrm%2F2%2BbO7DUAe%2FskcOQfHRw%2Fcc7kGGFJP72pLAbmU5feS3OFc20QYdvv5VsJLpIEO%2BXkXEQJduzbmg7IuSLA9DJ9kwBdGcwUQAmR8T5xQNLtmc0wTo3HjJlCiIB44%2Bj6FQQqoKkFUJ9BZLvEiDkOH0GSXzztDYFvfQQpRN0ROYe%2FAlZjMjcb08hib85oWS3dl6rPJM6sehGJWS3gmxXSPMdZJsOZLGDMPsAkv9EFh6sIYkHZ6zSkHz8YoMvU7%2FlLs7Ths%2Fm%2FYgH88t%2B05sXtMWo4A0ehHRqkZQVZFRBiR6odZBPjnSQRw7y1EHMxzUatCLXXYpY1Gwu%2B2EYNpthGCwv8oA3%2FeXIRR5ONPSQpT2EqofQXEZqLmNDfrYbHH4eJr8Lu17Ccgc2I%2BjwEoUgKCxBQQkKSVBkBEWnvMGVbdjyJlc2Z94sN2a5WfZ11t6iN3TWFgnZSvfIkxPznEN%2FvY0NMa55btB0fbE4YUlZ0PSXmp7ntwT3GI%2B8hg8rS0h7YCp1U47IM6tzSOXuCx%2BC0R1YtYNQPgGaPwta9JcaLuh63192sZncivL3hamHOgbXJdJsDtklZ0vtkaen8zs6uAcRDld2%2Fzn063fnxwhNidSUeE%2F%2BQNBWV%2FvndEEG53RhyZ0zaSZjuUknsz2f0Uwc%2FOoNcanQhp86aXu3jocTYFLeviBstkYTLpO2JV%2BfkJwLs6pNKMj3p%2BxFwc7mdv1EbpI8XTv76uqpODXCWqmTClSOCLn%2BO0I5Io99%2Bel0b5%2BL%2FoA0FUxeIs6HZBaQegdhehk2Ha7s%2Fn1fDh69CqsJjNrvYamDIi%2F7psH2P5UcEf%2Fje1BiuHL33rvHP1laA2UlrBiuVNfeOXK%2FugYm%2FjNly15F2zig2RUkcYmOKdFRJajqweaP9LPUDFd%2Bbk4DTDl9powzYMqo6w8NtnJcE0HkRsJtCBa1WLREXd6K%2FBajLU8ssYB6yOwo%2FJy%2B9C8AAAD%2F%2FwEAAP%2F%2FMt%2FoGpMEAAA%3D HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Cookie: u_pl=17233750; uid_id2=2d8a4906-a24b-4fd5-8431-ea9baed2d5ca:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec105304e684ccab534731149ed1bdf124=[3843301]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 16:24:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3df5af16f94536d3f549789de5b7821d
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 86fc724a00926b02780c2d6459b90fb7
dbf925559b90d11e9bdfbbc171f3ac1fe3210322
a096e53a81068e99d5caa600d62ae48d28b3f841598dfd85bfb61d5e050f890e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A096E53A81068E99D5CAA600D62AE48D28B3F841598DFD85BFB61D5E050F890E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8924
Expires: Fri, 09 Dec 2022 18:52:51 GMT
Date: Fri, 09 Dec 2022 16:24:07 GMT
Connection: keep-alive
fairfaxgeorgianayourself.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fe6%2Fd7%2F97%2Fe6d797a3a7be0e7ec1877d1b33146dfa%2F1657714258.html&l=1190&fd=96
173.233.137.36200 OK 0 B URL HTTP/1.1 fairfaxgeorgianayourself.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fe6%2Fd7%2F97%2Fe6d797a3a7be0e7ec1877d1b33146dfa%2F1657714258.html&l=1190&fd=96
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fe6%2Fd7%2F97%2Fe6d797a3a7be0e7ec1877d1b33146dfa%2F1657714258.html&l=1190&fd=96 HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Cookie: u_pl=17233750; uid_id2=2d8a4906-a24b-4fd5-8431-ea9baed2d5ca:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec105304e684ccab534731149ed1bdf124=[3843301]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 16:24:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.dump.xxx/templates/dump_tube/images/logo.svg
144.217.159.164200 OK 24 kB URL HTTP/2 www.dump.xxx/templates/dump_tube/images/logo.svg
IP 144.217.159.164:0
Hash f962d76ed58e09f913cb3078c9a58191
004ac38d127b83d2ff126c2849913c368008047e
eaf43d3998341d9962e8529cd2a56c967054ea8da77fdb0d2a4c6189b0f5b96c
GET /templates/dump_tube/images/logo.svg HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 16:24:05 GMT
content-type: image/svg+xml
last-modified: Sat, 06 Nov 2021 21:14:06 GMT
expires: Sun, 11 Dec 2022 16:24:05 GMT
vary: Accept-Encoding, Accept-Encoding,User-Agent
front-end-https: on
content-encoding: gzip
cache-control: max-age=172800, s-maxage=10
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 16:24:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 86fc724a00926b02780c2d6459b90fb7
dbf925559b90d11e9bdfbbc171f3ac1fe3210322
a096e53a81068e99d5caa600d62ae48d28b3f841598dfd85bfb61d5e050f890e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A096E53A81068E99D5CAA600D62AE48D28B3F841598DFD85BFB61D5E050F890E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8924
Expires: Fri, 09 Dec 2022 18:52:51 GMT
Date: Fri, 09 Dec 2022 16:24:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0c8f51dc9f0403e9a4e798b49f977948
34ce92d502b92fd964f80d4c331cca9e42546954
ec4b08d6a0c6fd5733c3ceaf542b37eba10869511c0a782ece7c75bd74ee1084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC4B08D6A0C6FD5733C3CEAF542B37EBA10869511C0A782ECE7C75BD74EE1084"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12704
Expires: Fri, 09 Dec 2022 19:55:51 GMT
Date: Fri, 09 Dec 2022 16:24:07 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 16:24:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fairfaxgeorgianayourself.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fstyle.css&l=4649&fd=115
173.233.137.36200 OK 0 B URL HTTP/1.1 fairfaxgeorgianayourself.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fstyle.css&l=4649&fd=115
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fstyle.css&l=4649&fd=115 HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Cookie: u_pl=17233750; uid_id2=2d8a4906-a24b-4fd5-8431-ea9baed2d5ca:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec105304e684ccab534731149ed1bdf124=[3843301]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 16:24:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fairfaxgeorgianayourself.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fanimate.css&l=79313&fd=127
173.233.137.36200 OK 0 B URL HTTP/1.1 fairfaxgeorgianayourself.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fanimate.css&l=79313&fd=127
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fanimate.css&l=79313&fd=127 HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Cookie: u_pl=17233750; uid_id2=2d8a4906-a24b-4fd5-8431-ea9baed2d5ca:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec105304e684ccab534731149ed1bdf124=[3843301]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 16:24:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.dump.xxx/ngx_pagespeed_beacon?url=https%3A%2F%2Fwww.dump.xxx%2Fxxx%2F791%2FBarely_Legal_Blonde_Assign_To_Porn_Casting.html
144.217.159.164204 No Content 0 B URL HTTP/2 www.dump.xxx/ngx_pagespeed_beacon?url=https%3A%2F%2Fwww.dump.xxx%2Fxxx%2F791%2FBarely_Legal_Blonde_Assign_To_Porn_Casting.html
IP 144.217.159.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ngx_pagespeed_beacon?url=https%3A%2F%2Fwww.dump.xxx%2Fxxx%2F791%2FBarely_Legal_Blonde_Assign_To_Porn_Casting.html HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 200
Origin: https://www.dump.xxx
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3; dump_xxx=bm9yZWZ8fHwxfDB8MHxub25lfDA6; dump_xxx_b=1670603045; ppu_show_on_672d85ea2c0a2440ce89a486df2fb3d3=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=591d61cf-0806-4cdf-827e-1bb0d66bb7ba%3A1%3A1; sb_page_105304e684ccab534731149ed1bdf124=1; sb_onpage_105304e684ccab534731149ed1bdf124=1; sb_main_105304e684ccab534731149ed1bdf124=1; sb_count_105304e684ccab534731149ed1bdf124=1; ppu_main_672d85ea2c0a2440ce89a486df2fb3d3=1; ppu_exp_672d85ea2c0a2440ce89a486df2fb3d3=1670604845904; _ga=GA1.2.1267906134.1670603046; _gid=GA1.2.730015050.1670603046; _gat_gtag_UA_8881943_10=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=fairfaxgeorgianayourself.com; ppu_idelay_439bc92bde6d9b897c90c9694312cc38=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 09 Dec 2022 16:24:07 GMT
cache-control: max-age=0, no-cache
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/d1/90/26/d190268dee103ee1f2ce0c8843373c8c/1669910386.png
45.133.44.10200 OK 70 kB URL HTTP/2 cdn.cloudimagesb.com/si/d1/90/26/d190268dee103ee1f2ce0c8843373c8c/1669910386.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash eafe1a0bfd2db8c1aa79136e4826d19e
1d67e0efb736dfd011ae8cb71440e2301a97dc4e
2bc894548ddaf6375cbd7a7f604d3b27a5b8971a5768d68ac7b6c5ed64d7a3c8
GET /si/d1/90/26/d190268dee103ee1f2ce0c8843373c8c/1669910386.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 16:24:07 GMT
content-type: image/png
content-length: 69836
server: nginx/1.17.6
last-modified: Thu, 01 Dec 2022 15:59:54 GMT
etag: "6388cf7a-110cc"
expires: Sun, 11 Dec 2022 16:24:07 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fairfaxgeorgianayourself.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fjs%2Fscript.js&l=383&fd=40
173.233.137.36200 OK 0 B URL HTTP/1.1 fairfaxgeorgianayourself.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fjs%2Fscript.js&l=383&fd=40
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fjs%2Fscript.js&l=383&fd=40 HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Cookie: u_pl=17233750; uid_id2=2d8a4906-a24b-4fd5-8431-ea9baed2d5ca:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec105304e684ccab534731149ed1bdf124=[3843301]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 16:24:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.dump.xxx/ngx_pagespeed_beacon?url=https%3A%2F%2Fwww.dump.xxx%2Fxxx%2F791%2FBarely_Legal_Blonde_Assign_To_Porn_Casting.html
144.217.159.164204 No Content 0 B URL HTTP/2 www.dump.xxx/ngx_pagespeed_beacon?url=https%3A%2F%2Fwww.dump.xxx%2Fxxx%2F791%2FBarely_Legal_Blonde_Assign_To_Porn_Casting.html
IP 144.217.159.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ngx_pagespeed_beacon?url=https%3A%2F%2Fwww.dump.xxx%2Fxxx%2F791%2FBarely_Legal_Blonde_Assign_To_Porn_Casting.html HTTP/1.1
Host: www.dump.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1291
Origin: https://www.dump.xxx
Connection: keep-alive
Referer: https://www.dump.xxx/xxx/791/Barely_Legal_Blonde_Assign_To_Porn_Casting.html
Cookie: PHPSESSID=47f7a4f18eefdd3c087e7de44bb557d3; dump_xxx=bm9yZWZ8fHwxfDB8MHxub25lfDA6; dump_xxx_b=1670603045; ppu_show_on_672d85ea2c0a2440ce89a486df2fb3d3=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=591d61cf-0806-4cdf-827e-1bb0d66bb7ba%3A1%3A1; sb_page_105304e684ccab534731149ed1bdf124=1; sb_onpage_105304e684ccab534731149ed1bdf124=1; sb_main_105304e684ccab534731149ed1bdf124=1; sb_count_105304e684ccab534731149ed1bdf124=1; ppu_main_672d85ea2c0a2440ce89a486df2fb3d3=1; ppu_exp_672d85ea2c0a2440ce89a486df2fb3d3=1670604845904; _ga=GA1.2.1267906134.1670603046; _gid=GA1.2.730015050.1670603046; _gat_gtag_UA_8881943_10=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=fairfaxgeorgianayourself.com; ppu_idelay_439bc92bde6d9b897c90c9694312cc38=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 09 Dec 2022 16:24:07 GMT
cache-control: max-age=0, no-cache
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 43965e8362467edc064e07984ceb6468
6317037ffe022b657a87db808ae6641e7ca3325f
ff348f0f8947e883866aa8f1cab9b98eeb0ebcd4be85550d780c6282018f08c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF348F0F8947E883866AA8F1CAB9B98EEB0EBCD4BE85550D780C6282018F08C5"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10688
Expires: Fri, 09 Dec 2022 19:22:15 GMT
Date: Fri, 09 Dec 2022 16:24:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 43965e8362467edc064e07984ceb6468
6317037ffe022b657a87db808ae6641e7ca3325f
ff348f0f8947e883866aa8f1cab9b98eeb0ebcd4be85550d780c6282018f08c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF348F0F8947E883866AA8F1CAB9B98EEB0EBCD4BE85550D780C6282018F08C5"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10688
Expires: Fri, 09 Dec 2022 19:22:15 GMT
Date: Fri, 09 Dec 2022 16:24:07 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 16:24:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 16:24:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dump.xxx
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 161413
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/js/script.js
172.64.108.13200 OK 16 kB URL HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/js/script.js
IP 172.64.108.13:0
Hash 16060ea9f36d475bee76eea6a900e287
6b552627a4f415889e3d9a7d051b55e7e50068a5
fbd1d173e8d66e6e1d7b303a29ba33582be9547be4d04e18fb30fee559cd936e
GET /sb/chat/mob/ssp/v2/new/3/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dump.xxx
Connection: keep-alive
Referer: https://www.dump.xxx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 16:24:07 GMT
content-type: application/javascript
last-modified: Wed, 13 Jul 2022 12:13:56 GMT
etag: W/"62ceb704-17f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 584095
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzgSezOMa1Y6jXMFC7h9nrCAPdvsjvZsThJZ9CVIRnh1ljX2lX2FTB12UESn2J%2F8n%2B%2Bjjr35OZlpcTkqgFDe13mC9eeJiVp1KbDEdoiLomvtdtLW4oirYb40g4HAFP5XXKYX9wLEQODO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776f16d77b4176a3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fairfaxgeorgianayourself.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSujpsgetHgRVAcUTCCO9u%2FOzPJYUmMK8E1CUk0Fw9WV1Xvllvd1VZ1T2%2F2FIxoBCEbvXiS3m82WaJBzF0h9HqRBWHHgyziegp4l0TwosxkcPFB1XtV3zt83%2FfeR%2BvlHnFR0t2zb%2BpVqRSdidpu68hFmXFd2dbpCy3PbbvHWhdlNhsea62MLtM%2F6rlR23259bpgy3rGdz3X9VyvNS%2BNSPTKzBiFzG%2F3vHbPbYd%2B24tCrJj%2Fv23pwFIHvL9HDkPy4cGlH%2B9AsgZZ%2Bu1JYZcLnb%2FyWloqWmiDPt98K1vOdJUh3S8T4yDJNifd0HZIyBcHoLPNiQLo%2FsZIAWI5JM4vHuJsc0ITcf%2FGQ6axgsgQ88dR9RsI1UDSBkxfgeQ7BGAcp88gS2%2Be1qailx6idIQOydSDPyGrIZn67Slk6TcnlFxpndeqLKTOLFaSGnKlgVxskJdbKFYdyGoLrPgAkv9EZh4sIEs3zlilIfnuiz7v0rDnzk5TP4ynw4RH090w8KYF7cVUcJ9HjI4tkrKBTBoosQZqHZSjIx2UiYMyd5Dy3RaNeonrdpI4CYJuyBgLAsai7iyPeBB2ExclG2lYQ5Gvgak1MHMZubmMZfnZTnT4eZjyLuxSDcsd2IKgz2tUgqCyBBUlqCRBVRBU%2FfoGV9a39U2ubBl7k%2BxPclAPdLG4Tm%2FoYlFkZD3fI0%2BOzHMO%2FfU2lsVuy3OjwA3F7IgljaMg7ASeF%2FYE92KeeH4IK2tIe2AsdVUOyTPzU8jlzgsfIqZbsGoLTD4BWj4LWg06vgu6NAi7LlazW0n5vjBtplNwXSMvplBcctbVHnl6PL%2BjG%2Fcg2Pbczj%2BHfv3u%2FC6YqZGbGu%2FJHwgW1dXBOV2RjXO6suTOmbyQqVylo9meL2ghDn71hrhUacNPnbRrt46zETAqb18QtligGZfZoiVfn5CcCzOvDRPk%2B1P2oojPlnbpRGmyMl84%2B%2Br8qTQ3wlqpswZUDgm5%2FjuYHJLHvvx0vLfPJX9AmgamrJGW22QSkHoLLL8Mm2%2FP7fx9X248ehVWExi13xPnDqqyHhg%2F3v9UckjCj%2B9Bie25u%2FfePf5JZwE0rmHF9lxz7Z0j95triMV%2Fpqzbq1g0DmhxBVlao29q9FUNqtZgy0cGRW62534OxoFYOYNYGWcjVkZdf2iwlbutyAtFN%2B52GOexYNzr%2BEE3cF2f87DTE14PhR2yz%2BlL%2FwIAAP%2F%2FAQAA%2F%2F8m12b8kwQAAA%3D%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 fairfaxgeorgianayourself.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSujpsgetHgRVAcUTCCO9u%2FOzPJYUmMK8E1CUk0Fw9WV1Xvllvd1VZ1T2%2F2FIxoBCEbvXiS3m82WaJBzF0h9HqRBWHHgyziegp4l0TwosxkcPFB1XtV3zt83%2FfeR%2BvlHnFR0t2zb%2BpVqRSdidpu68hFmXFd2dbpCy3PbbvHWhdlNhsea62MLtM%2F6rlR23259bpgy3rGdz3X9VyvNS%2BNSPTKzBiFzG%2F3vHbPbYd%2B24tCrJj%2Fv23pwFIHvL9HDkPy4cGlH%2B9AsgZZ%2Bu1JYZcLnb%2FyWloqWmiDPt98K1vOdJUh3S8T4yDJNifd0HZIyBcHoLPNiQLo%2FsZIAWI5JM4vHuJsc0ITcf%2FGQ6axgsgQ88dR9RsI1UDSBkxfgeQ7BGAcp88gS2%2Be1qailx6idIQOydSDPyGrIZn67Slk6TcnlFxpndeqLKTOLFaSGnKlgVxskJdbKFYdyGoLrPgAkv9EZh4sIEs3zlilIfnuiz7v0rDnzk5TP4ynw4RH090w8KYF7cVUcJ9HjI4tkrKBTBoosQZqHZSjIx2UiYMyd5Dy3RaNeonrdpI4CYJuyBgLAsai7iyPeBB2ExclG2lYQ5Gvgak1MHMZubmMZfnZTnT4eZjyLuxSDcsd2IKgz2tUgqCyBBUlqCRBVRBU%2FfoGV9a39U2ubBl7k%2BxPclAPdLG4Tm%2FoYlFkZD3fI0%2BOzHMO%2FfU2lsVuy3OjwA3F7IgljaMg7ASeF%2FYE92KeeH4IK2tIe2AsdVUOyTPzU8jlzgsfIqZbsGoLTD4BWj4LWg06vgu6NAi7LlazW0n5vjBtplNwXSMvplBcctbVHnl6PL%2BjG%2Fcg2Pbczj%2BHfv3u%2FC6YqZGbGu%2FJHwgW1dXBOV2RjXO6suTOmbyQqVylo9meL2ghDn71hrhUacNPnbRrt46zETAqb18QtligGZfZoiVfn5CcCzOvDRPk%2B1P2oojPlnbpRGmyMl84%2B%2Br8qTQ3wlqpswZUDgm5%2FjuYHJLHvvx0vLfPJX9AmgamrJGW22QSkHoLLL8Mm2%2FP7fx9X248ehVWExi13xPnDqqyHhg%2F3v9UckjCj%2B9Bie25u%2FfePf5JZwE0rmHF9lxz7Z0j95triMV%2Fpqzbq1g0DmhxBVlao29q9FUNqtZgy0cGRW62534OxoFYOYNYGWcjVkZdf2iwlbutyAtFN%2B52GOexYNzr%2BEE3cF2f87DTE14PhR2yz%2BlL%2FwIAAP%2F%2FAQAA%2F%2F8m12b8kwQAAA%3D%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSujpsgetHgRVAcUTCCO9u%2FOzPJYUmMK8E1CUk0Fw9WV1Xvllvd1VZ1T2%2F2FIxoBCEbvXiS3m82WaJBzF0h9HqRBWHHgyziegp4l0TwosxkcPFB1XtV3zt83%2FfeR%2BvlHnFR0t2zb%2BpVqRSdidpu68hFmXFd2dbpCy3PbbvHWhdlNhsea62MLtM%2F6rlR23259bpgy3rGdz3X9VyvNS%2BNSPTKzBiFzG%2F3vHbPbYd%2B24tCrJj%2Fv23pwFIHvL9HDkPy4cGlH%2B9AsgZZ%2Bu1JYZcLnb%2FyWloqWmiDPt98K1vOdJUh3S8T4yDJNifd0HZIyBcHoLPNiQLo%2FsZIAWI5JM4vHuJsc0ITcf%2FGQ6axgsgQ88dR9RsI1UDSBkxfgeQ7BGAcp88gS2%2Be1qailx6idIQOydSDPyGrIZn67Slk6TcnlFxpndeqLKTOLFaSGnKlgVxskJdbKFYdyGoLrPgAkv9EZh4sIEs3zlilIfnuiz7v0rDnzk5TP4ynw4RH090w8KYF7cVUcJ9HjI4tkrKBTBoosQZqHZSjIx2UiYMyd5Dy3RaNeonrdpI4CYJuyBgLAsai7iyPeBB2ExclG2lYQ5Gvgak1MHMZubmMZfnZTnT4eZjyLuxSDcsd2IKgz2tUgqCyBBUlqCRBVRBU%2FfoGV9a39U2ubBl7k%2BxPclAPdLG4Tm%2FoYlFkZD3fI0%2BOzHMO%2FfU2lsVuy3OjwA3F7IgljaMg7ASeF%2FYE92KeeH4IK2tIe2AsdVUOyTPzU8jlzgsfIqZbsGoLTD4BWj4LWg06vgu6NAi7LlazW0n5vjBtplNwXSMvplBcctbVHnl6PL%2BjG%2Fcg2Pbczj%2BHfv3u%2FC6YqZGbGu%2FJHwgW1dXBOV2RjXO6suTOmbyQqVylo9meL2ghDn71hrhUacNPnbRrt46zETAqb18QtligGZfZoiVfn5CcCzOvDRPk%2B1P2oojPlnbpRGmyMl84%2B%2Br8qTQ3wlqpswZUDgm5%2FjuYHJLHvvx0vLfPJX9AmgamrJGW22QSkHoLLL8Mm2%2FP7fx9X248ehVWExi13xPnDqqyHhg%2F3v9UckjCj%2B9Bie25u%2FfePf5JZwE0rmHF9lxz7Z0j95triMV%2Fpqzbq1g0DmhxBVlao29q9FUNqtZgy0cGRW62534OxoFYOYNYGWcjVkZdf2iwlbutyAtFN%2B52GOexYNzr%2BEE3cF2f87DTE14PhR2yz%2BlL%2FwIAAP%2F%2FAQAA%2F%2F8m12b8kwQAAA%3D%3D HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Cookie: u_pl=17233750; uid_id2=2d8a4906-a24b-4fd5-8431-ea9baed2d5ca:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec105304e684ccab534731149ed1bdf124=[3843301]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 16:24:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 07764fb7088d8a709034004ecf7324fd
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 16:24:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fairfaxgeorgianayourself.com/pixel/sbs?c=1
173.233.137.36200 OK 0 B URL HTTP/1.1 fairfaxgeorgianayourself.com/pixel/sbs?c=1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Cookie: u_pl=17233750; uid_id2=2d8a4906-a24b-4fd5-8431-ea9baed2d5ca:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec105304e684ccab534731149ed1bdf124=[3843301]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 16:24:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
unseenreport.com/pxf.gif?uuid=591d61cf-0806-4cdf-827e-1bb0d66bb7ba&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=672d85ea2c0a2440ce89a486df2fb3d3&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=591d61cf-0806-4cdf-827e-1bb0d66bb7ba&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=672d85ea2c0a2440ce89a486df2fb3d3&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=591d61cf-0806-4cdf-827e-1bb0d66bb7ba&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=672d85ea2c0a2440ce89a486df2fb3d3&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Dec 2022 16:24:08 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fbfe9a297999bbdd6c43b7ea3f279e58
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=591d61cf-0806-4cdf-827e-1bb0d66bb7ba&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=105304e684ccab534731149ed1bdf124&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=591d61cf-0806-4cdf-827e-1bb0d66bb7ba&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=105304e684ccab534731149ed1bdf124&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=591d61cf-0806-4cdf-827e-1bb0d66bb7ba&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=105304e684ccab534731149ed1bdf124&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Dec 2022 16:24:08 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7488bc79bc5e70b2ffdce45af9f16ba0
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=591d61cf-0806-4cdf-827e-1bb0d66bb7ba&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=439bc92bde6d9b897c90c9694312cc38&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=591d61cf-0806-4cdf-827e-1bb0d66bb7ba&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=439bc92bde6d9b897c90c9694312cc38&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=591d61cf-0806-4cdf-827e-1bb0d66bb7ba&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=439bc92bde6d9b897c90c9694312cc38&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Dec 2022 16:24:08 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f1d4efbb9e2fd7bdb427728e15075d3e
Strict-Transport-Security: max-age=0; includeSubdomains
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 12:33:36 GMT
age: 13837
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.163.31200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.163.31:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dump.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 16:24:06 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 7d6d58e910dfa8dd4a1e91fe59abe900
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 09 Dec 2022 16:24:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OurDigehGAdgalLCxyxaTGhpgpufrP9f8KNfk5Zr81HUkbUt5TOJry0XZfogkkXeBiW1zv%2FeN7N5WehapoKubNmI2FUqGmy3nnBC13vC5cZgL4Y2Uaq2mG%2FWwCHPgIjXkqr10qg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776f16cfdcfd72eb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dump.xxx
Connection: keep-alive
Referer: https://www.dump.xxx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 16:24:07 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 13 Jul 2022 12:11:03 GMT
etag: W/"62ceb657-4a6"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 09 Dec 2022 17:24:07 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/animate.css
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/animate.css
IP 172.64.108.13:0
GET /sb/chat/mob/ssp/v2/new/3/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dump.xxx
Connection: keep-alive
Referer: https://www.dump.xxx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 16:24:07 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 12:13:56 GMT
etag: W/"62ceb704-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1123928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHtsLI6OC32VRY%2BUPod78Q%2FVIUdoQchRi8iLnhGsCcPCUSjsf6%2FZ2gPTFVED5DKFkGHyB9WH%2B2KsGGDUhHvCI1%2FP9KxN7DjaKKCcKwLplz86BxW1O8X8kocUEaOX91%2BcCbCflpqAIW%2B1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776f16d6294b76a3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/js/jquery.min.js
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/js/jquery.min.js
IP 172.64.108.13:0
GET /sb/chat/mob/ssp/v2/new/3/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 16:24:07 GMT
content-type: application/javascript
last-modified: Wed, 13 Jul 2022 12:13:58 GMT
etag: W/"62ceb706-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2082787
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2B4Ou2rvDfP1Cd02jKin%2BABVsF%2BXf3ivd2mjmvtjEcx%2BmCdAzXZAcsDXje2lM%2BT%2FtXbc6VZ8ZpmMC8l4p5FwpLVbMcbs3%2BwKW7h6%2FxwTA3%2BjCQsjRKb53Tp%2BfNDcC5HiJ%2FIrTcuzEuvT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776f16d679fe76a3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2