cumception.com/photos/stewie-griffin-gay-porn
188.114.96.1301 Moved Permanently 0 B URL HTTP/1.1 cumception.com/photos/stewie-griffin-gay-porn
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /photos/stewie-griffin-gay-porn HTTP/1.1
Host: cumception.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 27 Jan 2023 02:01:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 27 Jan 2023 03:01:41 GMT
Location: https://cumception.com/photos/stewie-griffin-gay-porn
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Wn%2FoCiJL39pyHtRocHg49dZ2Favqm91n0L%2FoSnBctckYv8FDVeIvhZuCljoppHtX3E%2FSWeQYTT7Zi6zVwjpFHBsBvkQlC8XmjmGs3wVGPpLXQEBENm4r45kcLtjTzMjqA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fde6df8b2eb517-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3786
Expires: Fri, 27 Jan 2023 03:04:47 GMT
Date: Fri, 27 Jan 2023 02:01:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5683
Expires: Fri, 27 Jan 2023 03:36:24 GMT
Date: Fri, 27 Jan 2023 02:01:41 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 01:35:19 GMT
content-type: application/json
age: 1582
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7946
Expires: Fri, 27 Jan 2023 04:14:07 GMT
Date: Fri, 27 Jan 2023 02:01:41 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 88ff8913487b1f3d30cd773df1e7fe49
03b8a53213fff17caa4581da824883a86294986c
0fc673fd325998a615f8b4e05ccb4e688d8a40f9389ac597eba4f12589efbd58
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2482
Cache-Control: max-age=132733
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:01:41 GMT
Etag: "63d28a50-117"
Expires: Sat, 28 Jan 2023 14:53:54 GMT
Last-Modified: Thu, 26 Jan 2023 14:12:32 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YRKIkkxHLGsymiyrJNJIfRxenbr3rJvz3QTYKjShr7qZbxk+A4AkyOqWdHTlUIHNwge+/BIb4jU=
x-amz-request-id: AH7YB748AXEVAFRZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 01:49:13 GMT
age: 748
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 02:01:41 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 01:41:40 GMT
age: 1201
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 88ff8913487b1f3d30cd773df1e7fe49
03b8a53213fff17caa4581da824883a86294986c
0fc673fd325998a615f8b4e05ccb4e688d8a40f9389ac597eba4f12589efbd58
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2482
Cache-Control: max-age=132733
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:01:41 GMT
Etag: "63d28a50-117"
Expires: Sat, 28 Jan 2023 14:53:54 GMT
Last-Modified: Thu, 26 Jan 2023 14:12:32 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4666
Expires: Fri, 27 Jan 2023 03:19:28 GMT
Date: Fri, 27 Jan 2023 02:01:42 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 577 B IP 142.250.74.131:0
Hash 244796d01065f226299feb7629d0325f
0f1060575dbe75a3afec008b3e71d7ab6485b7a7
01a8ee01fbbc543df6070dd1b784bae0a241f2840767797edaab13fe397966a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:01:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-CU5ZlNu3OOY/VxCK_ta9qxI/AAAAAAAABk4/AhH1H8ib3O8E1eGnGy4RA0XE-UvYSCJ6ACLcB/s1600/button-readmore.png
142.250.74.161200 OK 2.8 kB URL HTTP/2 4.bp.blogspot.com/-CU5ZlNu3OOY/VxCK_ta9qxI/AAAAAAAABk4/AhH1H8ib3O8E1eGnGy4RA0XE-UvYSCJ6ACLcB/s1600/button-readmore.png
IP 142.250.74.161:0
File type PNG image data, 104 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash 177d8c3149549c19df432a6c7953681b
50abd264b3f612ebb29b2da3957923c06226f697
e98ecf30cd6191f9fc0787ced05023a2178a43af96b7e23f79b7fedf3bfec20b
GET /-CU5ZlNu3OOY/VxCK_ta9qxI/AAAAAAAABk4/AhH1H8ib3O8E1eGnGy4RA0XE-UvYSCJ6ACLcB/s1600/button-readmore.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="button-readmore.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2800
x-xss-protection: 0
date: Fri, 27 Jan 2023 00:22:01 GMT
expires: Mon, 23 Jan 2023 07:30:33 GMT
cache-control: public, max-age=86400, no-transform
age: 5981
etag: "v650"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e494fdd6ca9f320c6f0a2ddfeb399c50
41a888703eaf546c04e3d7110e0c6db79659e994
e0251effb62e37d108b9e6c955620ebf35267542a04dcd8ed30dbf90eaea2522
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:01:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d975e0c3f749eecf701e77854520ead9
eb1f522a689666f67c9167904abb4c462b6eea50
ec5ce4c633754dc7d4306b8f8f6bef6d7dfda26d0ce0600f237b2fa4cfdda81a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:01:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 14:35:37 GMT
Expires: Tue, 31 Jan 2023 14:35:36 GMT
Etag: "eb1f522a689666f67c9167904abb4c462b6eea50"
Cache-Control: max-age=390233,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fde6e62a920b51-OSL
poweredby.jads.co/js/jads.js
185.94.236.246301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 27 Jan 2023 02:01:42 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
poweredby.jads.co/js/jads2.js
185.94.236.246200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP 185.94.236.246:0
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cumception.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:01:42 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 21 Nov 2022 05:24:20 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"637b0b84-eae"
Content-Encoding: gzip
ocsp.sectigo.com/
104.18.32.68200 OK 12 kB IP 104.18.32.68:0
Hash ff2048da1674d2e6e4f779957f27901d
0d4efe8f0b9f5b1cd330e97599de0fce3bfbd4be
af734f0059c89a4c6a4b26f058b11b62cb0dbeeb117fd8da712d7bc94da90907
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:01:42 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 07:08:30 GMT
Expires: Tue, 31 Jan 2023 07:08:29 GMT
Etag: "641732152894e574590f60a80cb3542e2c6691e0"
Cache-Control: max-age=363406,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fde6e60cbeb4ed-OSL
push.services.mozilla.com/
34.212.115.25101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.212.115.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gdf/VSjE5IXdvOegXWGw1g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Cj2nNHYD8MkkdfPQ8Eomlsl1BjI=
adserver.juicyads.com/js/jfc.js
185.94.236.246200 OK 3.0 kB URL HTTP/1.1 adserver.juicyads.com/js/jfc.js
IP 185.94.236.246:0
File type ASCII text, with very long lines (1678)
Hash 7311e7e7b82474dbaeb85618a51abf16
e263b1d0547e2f11642453932bc499c01d1f9e99
f316aebbe120c1a29052fb80d76662d5dfb45e9a1f0f712945244f1199691a1f
GET /js/jfc.js HTTP/1.1
Host: adserver.juicyads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:01:42 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 21 Nov 2022 05:24:20 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"637b0b84-1a8e"
Content-Encoding: gzip
qgxbluhsgad.com/solid.gif?z=1828616&abvar=0
62.122.171.6200 OK 4.9 kB URL HTTP/2 qgxbluhsgad.com/solid.gif?z=1828616&abvar=0
IP 62.122.171.6:0
Hash 9a85725f5f04a02da83aa04c20041963
934e7434161ef449e1dd6077750a330794681e5c
96ae2ad891765f6acb5f30b7a98082f968b49b6956f9b49a8e6d64a493886374
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1828616&abvar=0 HTTP/1.1
Host: qgxbluhsgad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cumception.com
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 02:01:42 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1828616/?pb=c9bb9d13f03d959e729d63c535c9578f1674792102&psp=Q2c6bcEXOPSADi8GDoUsOmzgNk3fXVqJO2vfXofZr9R60t41Uo5FJUfAfaOiV9F6jgc8WxzQK_LiOQKJTC8ZA5by6sF5OrDnOHVp7DC3ufD1Qu-BBlRxnv4cIWV-6L4gBYWeXm6QDw2-3T2EMO28YKB0DQYMUcY2J366QvOol_ilJ1pKuSItFBXDjmGFj0c2Eg5sCXY-7ns3bsVtqNCmDieMC25jVh7oLuPMo27ycIRc9wnTPjnyUV2ROd6dTGP4jQyXeLyI0m8rXD3XI0mQB94QltQQVdMkzAb925shooXzg_ThHi-1FdpFmxHQC0-a4YaFsCU0a49OJul6eYIBc-je0rs1uIBXyQ0GZ0mBl8aJ9e9RtvRfazxAERYY2tV2WApvVCRdwxKUu7qwCUmWru-uKTUEnf_V4q7izKNWv5JU7l3f8Nwpr7ByMrguzzMuZG2FgEVylWq8WP4p8rNd4EZ6KpsUBC5iVhfSz1o_npkbA-BvAWzUQEn78zci-jywi2lrDQM_ZKlHj1Fke_AQLZX8rrWU0DWtpIjQDDJdIHFsCW5Zd9WRu1FTP4lefeuit0GGY13ByK_4OKbQtsqsd0yW1Nbhv0rtwjyQhe3cq8yC3-e6ga_IqJHyZeDQULatwbYrm8Ho2kso7orLwUoKBB0EZw_4XNVk7nOkenaG0fLae66diP6XOnYEdxxkPV838eVtLceQIjTWnO2oyEOCvvgmxzaaLPOOsZICkLBGE_p6qpEeke1jo-JxPrT3p45AUfWIVn0BRXlapg_ZYCJWmrbuwfsDFU5fvZLjW3GjmUsRe3PN2zZAWoJ0Vphl2Pw_qMq34i3SK4CsvKZ_6SkU4Mpp7kykYV4rMf7gabx0uweDC40voQyIxVvMBjk5bcgOSB52NNY0QC_IpXcp_CMEl-wT7CBUGxqkSsSZ-bbov86Q6pKdFJe44pdCMXno5AsQd0SQs_NW6rSSzm1A2reJ1qXZNUTkbq0Z9kHb0fdj2bcfr64352QNU_cXYoBxA23QQwgd1wy474WUSQhKlBZXXTfZ57N3-kxzVb6a_DKTfp9vbTGxNg==&cb=_clp3l85klsbkb38hhtp2m6&nojs=0&ix=0&abvar=0&t=0&x=1152&y=836&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1828616/?pb=c9bb9d13f03d959e729d63c535c9578f1674792102&psp=Q2c6bcEXOPSADi8GDoUsOmzgNk3fXVqJO2vfXofZr9R60t41Uo5FJUfAfaOiV9F6jgc8WxzQK_LiOQKJTC8ZA5by6sF5OrDnOHVp7DC3ufD1Qu-BBlRxnv4cIWV-6L4gBYWeXm6QDw2-3T2EMO28YKB0DQYMUcY2J366QvOol_ilJ1pKuSItFBXDjmGFj0c2Eg5sCXY-7ns3bsVtqNCmDieMC25jVh7oLuPMo27ycIRc9wnTPjnyUV2ROd6dTGP4jQyXeLyI0m8rXD3XI0mQB94QltQQVdMkzAb925shooXzg_ThHi-1FdpFmxHQC0-a4YaFsCU0a49OJul6eYIBc-je0rs1uIBXyQ0GZ0mBl8aJ9e9RtvRfazxAERYY2tV2WApvVCRdwxKUu7qwCUmWru-uKTUEnf_V4q7izKNWv5JU7l3f8Nwpr7ByMrguzzMuZG2FgEVylWq8WP4p8rNd4EZ6KpsUBC5iVhfSz1o_npkbA-BvAWzUQEn78zci-jywi2lrDQM_ZKlHj1Fke_AQLZX8rrWU0DWtpIjQDDJdIHFsCW5Zd9WRu1FTP4lefeuit0GGY13ByK_4OKbQtsqsd0yW1Nbhv0rtwjyQhe3cq8yC3-e6ga_IqJHyZeDQULatwbYrm8Ho2kso7orLwUoKBB0EZw_4XNVk7nOkenaG0fLae66diP6XOnYEdxxkPV838eVtLceQIjTWnO2oyEOCvvgmxzaaLPOOsZICkLBGE_p6qpEeke1jo-JxPrT3p45AUfWIVn0BRXlapg_ZYCJWmrbuwfsDFU5fvZLjW3GjmUsRe3PN2zZAWoJ0Vphl2Pw_qMq34i3SK4CsvKZ_6SkU4Mpp7kykYV4rMf7gabx0uweDC40voQyIxVvMBjk5bcgOSB52NNY0QC_IpXcp_CMEl-wT7CBUGxqkSsSZ-bbov86Q6pKdFJe44pdCMXno5AsQd0SQs_NW6rSSzm1A2reJ1qXZNUTkbq0Z9kHb0fdj2bcfr64352QNU_cXYoBxA23QQwgd1wy474WUSQhKlBZXXTfZ57N3-kxzVb6a_DKTfp9vbTGxNg==&cb=_clp3l85klsbkb38hhtp2m6&nojs=0&ix=0&abvar=0&t=0&x=1152&y=836&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1828616/?pb=c9bb9d13f03d959e729d63c535c9578f1674792102&psp=Q2c6bcEXOPSADi8GDoUsOmzgNk3fXVqJO2vfXofZr9R60t41Uo5FJUfAfaOiV9F6jgc8WxzQK_LiOQKJTC8ZA5by6sF5OrDnOHVp7DC3ufD1Qu-BBlRxnv4cIWV-6L4gBYWeXm6QDw2-3T2EMO28YKB0DQYMUcY2J366QvOol_ilJ1pKuSItFBXDjmGFj0c2Eg5sCXY-7ns3bsVtqNCmDieMC25jVh7oLuPMo27ycIRc9wnTPjnyUV2ROd6dTGP4jQyXeLyI0m8rXD3XI0mQB94QltQQVdMkzAb925shooXzg_ThHi-1FdpFmxHQC0-a4YaFsCU0a49OJul6eYIBc-je0rs1uIBXyQ0GZ0mBl8aJ9e9RtvRfazxAERYY2tV2WApvVCRdwxKUu7qwCUmWru-uKTUEnf_V4q7izKNWv5JU7l3f8Nwpr7ByMrguzzMuZG2FgEVylWq8WP4p8rNd4EZ6KpsUBC5iVhfSz1o_npkbA-BvAWzUQEn78zci-jywi2lrDQM_ZKlHj1Fke_AQLZX8rrWU0DWtpIjQDDJdIHFsCW5Zd9WRu1FTP4lefeuit0GGY13ByK_4OKbQtsqsd0yW1Nbhv0rtwjyQhe3cq8yC3-e6ga_IqJHyZeDQULatwbYrm8Ho2kso7orLwUoKBB0EZw_4XNVk7nOkenaG0fLae66diP6XOnYEdxxkPV838eVtLceQIjTWnO2oyEOCvvgmxzaaLPOOsZICkLBGE_p6qpEeke1jo-JxPrT3p45AUfWIVn0BRXlapg_ZYCJWmrbuwfsDFU5fvZLjW3GjmUsRe3PN2zZAWoJ0Vphl2Pw_qMq34i3SK4CsvKZ_6SkU4Mpp7kykYV4rMf7gabx0uweDC40voQyIxVvMBjk5bcgOSB52NNY0QC_IpXcp_CMEl-wT7CBUGxqkSsSZ-bbov86Q6pKdFJe44pdCMXno5AsQd0SQs_NW6rSSzm1A2reJ1qXZNUTkbq0Z9kHb0fdj2bcfr64352QNU_cXYoBxA23QQwgd1wy474WUSQhKlBZXXTfZ57N3-kxzVb6a_DKTfp9vbTGxNg==&cb=_clp3l85klsbkb38hhtp2m6&nojs=0&ix=0&abvar=0&t=0&x=1152&y=836&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 02:01:42 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2301262101dfaacb8e12a644b2b73f98fd5d; Path=/; Expires=Sat, 27 Jan 2024 02:01:42 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cumception.com
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:01:43 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://cumception.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fde6ebe9d30b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cumception.com
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:01:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://cumception.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 175510e096d45d02e7b8e2e1c0c6c7f4
9136d97970a3640c45717fa966a5e0e72a17f704
a13cf49b474c6c84e7d07a0e69ab920c689972dd1a953647493c399eff4dcdd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A13CF49B474C6C84E7D07A0E69AB920C689972DD1A953647493C399EFF4DCDD1"
Last-Modified: Tue, 24 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2304
Expires: Fri, 27 Jan 2023 02:40:07 GMT
Date: Fri, 27 Jan 2023 02:01:43 GMT
Connection: keep-alive
bz9ituqexqrd.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 bz9ituqexqrd.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: bz9ituqexqrd.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://cumception.com
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:01:43 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
limurol.com/ssp/req/1828616/?pb=c9bb9d13f03d959e729d63c535c9578f1674792102&psp=Q2c6bcEXOPSADi8GDoUsOmzgNk3fXVqJO2vfXofZr9R60t41Uo5FJUfAfaOiV9F6jgc8WxzQK_LiOQKJTC8ZA5by6sF5OrDnOHVp7DC3ufD1Qu-BBlRxnv4cIWV-6L4gBYWeXm6QDw2-3T2EMO28YKB0DQYMUcY2J366QvOol_ilJ1pKuSItFBXDjmGFj0c2Eg5sCXY-7ns3bsVtqNCmDieMC25jVh7oLuPMo27ycIRc9wnTPjnyUV2ROd6dTGP4jQyXeLyI0m8rXD3XI0mQB94QltQQVdMkzAb925shooXzg_ThHi-1FdpFmxHQC0-a4YaFsCU0a49OJul6eYIBc-je0rs1uIBXyQ0GZ0mBl8aJ9e9RtvRfazxAERYY2tV2WApvVCRdwxKUu7qwCUmWru-uKTUEnf_V4q7izKNWv5JU7l3f8Nwpr7ByMrguzzMuZG2FgEVylWq8WP4p8rNd4EZ6KpsUBC5iVhfSz1o_npkbA-BvAWzUQEn78zci-jywi2lrDQM_ZKlHj1Fke_AQLZX8rrWU0DWtpIjQDDJdIHFsCW5Zd9WRu1FTP4lefeuit0GGY13ByK_4OKbQtsqsd0yW1Nbhv0rtwjyQhe3cq8yC3-e6ga_IqJHyZeDQULatwbYrm8Ho2kso7orLwUoKBB0EZw_4XNVk7nOkenaG0fLae66diP6XOnYEdxxkPV838eVtLceQIjTWnO2oyEOCvvgmxzaaLPOOsZICkLBGE_p6qpEeke1jo-JxPrT3p45AUfWIVn0BRXlapg_ZYCJWmrbuwfsDFU5fvZLjW3GjmUsRe3PN2zZAWoJ0Vphl2Pw_qMq34i3SK4CsvKZ_6SkU4Mpp7kykYV4rMf7gabx0uweDC40voQyIxVvMBjk5bcgOSB52NNY0QC_IpXcp_CMEl-wT7CBUGxqkSsSZ-bbov86Q6pKdFJe44pdCMXno5AsQd0SQs_NW6rSSzm1A2reJ1qXZNUTkbq0Z9kHb0fdj2bcfr64352QNU_cXYoBxA23QQwgd1wy474WUSQhKlBZXXTfZ57N3-kxzVb6a_DKTfp9vbTGxNg==&cb=_clp3l85klsbkb38hhtp2m6&nojs=0&ix=0&abvar=0&t=0&x=1152&y=836&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1828616/?pb=c9bb9d13f03d959e729d63c535c9578f1674792102&psp=Q2c6bcEXOPSADi8GDoUsOmzgNk3fXVqJO2vfXofZr9R60t41Uo5FJUfAfaOiV9F6jgc8WxzQK_LiOQKJTC8ZA5by6sF5OrDnOHVp7DC3ufD1Qu-BBlRxnv4cIWV-6L4gBYWeXm6QDw2-3T2EMO28YKB0DQYMUcY2J366QvOol_ilJ1pKuSItFBXDjmGFj0c2Eg5sCXY-7ns3bsVtqNCmDieMC25jVh7oLuPMo27ycIRc9wnTPjnyUV2ROd6dTGP4jQyXeLyI0m8rXD3XI0mQB94QltQQVdMkzAb925shooXzg_ThHi-1FdpFmxHQC0-a4YaFsCU0a49OJul6eYIBc-je0rs1uIBXyQ0GZ0mBl8aJ9e9RtvRfazxAERYY2tV2WApvVCRdwxKUu7qwCUmWru-uKTUEnf_V4q7izKNWv5JU7l3f8Nwpr7ByMrguzzMuZG2FgEVylWq8WP4p8rNd4EZ6KpsUBC5iVhfSz1o_npkbA-BvAWzUQEn78zci-jywi2lrDQM_ZKlHj1Fke_AQLZX8rrWU0DWtpIjQDDJdIHFsCW5Zd9WRu1FTP4lefeuit0GGY13ByK_4OKbQtsqsd0yW1Nbhv0rtwjyQhe3cq8yC3-e6ga_IqJHyZeDQULatwbYrm8Ho2kso7orLwUoKBB0EZw_4XNVk7nOkenaG0fLae66diP6XOnYEdxxkPV838eVtLceQIjTWnO2oyEOCvvgmxzaaLPOOsZICkLBGE_p6qpEeke1jo-JxPrT3p45AUfWIVn0BRXlapg_ZYCJWmrbuwfsDFU5fvZLjW3GjmUsRe3PN2zZAWoJ0Vphl2Pw_qMq34i3SK4CsvKZ_6SkU4Mpp7kykYV4rMf7gabx0uweDC40voQyIxVvMBjk5bcgOSB52NNY0QC_IpXcp_CMEl-wT7CBUGxqkSsSZ-bbov86Q6pKdFJe44pdCMXno5AsQd0SQs_NW6rSSzm1A2reJ1qXZNUTkbq0Z9kHb0fdj2bcfr64352QNU_cXYoBxA23QQwgd1wy474WUSQhKlBZXXTfZ57N3-kxzVb6a_DKTfp9vbTGxNg==&cb=_clp3l85klsbkb38hhtp2m6&nojs=0&ix=0&abvar=0&t=0&x=1152&y=836&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1828616/?pb=c9bb9d13f03d959e729d63c535c9578f1674792102&psp=Q2c6bcEXOPSADi8GDoUsOmzgNk3fXVqJO2vfXofZr9R60t41Uo5FJUfAfaOiV9F6jgc8WxzQK_LiOQKJTC8ZA5by6sF5OrDnOHVp7DC3ufD1Qu-BBlRxnv4cIWV-6L4gBYWeXm6QDw2-3T2EMO28YKB0DQYMUcY2J366QvOol_ilJ1pKuSItFBXDjmGFj0c2Eg5sCXY-7ns3bsVtqNCmDieMC25jVh7oLuPMo27ycIRc9wnTPjnyUV2ROd6dTGP4jQyXeLyI0m8rXD3XI0mQB94QltQQVdMkzAb925shooXzg_ThHi-1FdpFmxHQC0-a4YaFsCU0a49OJul6eYIBc-je0rs1uIBXyQ0GZ0mBl8aJ9e9RtvRfazxAERYY2tV2WApvVCRdwxKUu7qwCUmWru-uKTUEnf_V4q7izKNWv5JU7l3f8Nwpr7ByMrguzzMuZG2FgEVylWq8WP4p8rNd4EZ6KpsUBC5iVhfSz1o_npkbA-BvAWzUQEn78zci-jywi2lrDQM_ZKlHj1Fke_AQLZX8rrWU0DWtpIjQDDJdIHFsCW5Zd9WRu1FTP4lefeuit0GGY13ByK_4OKbQtsqsd0yW1Nbhv0rtwjyQhe3cq8yC3-e6ga_IqJHyZeDQULatwbYrm8Ho2kso7orLwUoKBB0EZw_4XNVk7nOkenaG0fLae66diP6XOnYEdxxkPV838eVtLceQIjTWnO2oyEOCvvgmxzaaLPOOsZICkLBGE_p6qpEeke1jo-JxPrT3p45AUfWIVn0BRXlapg_ZYCJWmrbuwfsDFU5fvZLjW3GjmUsRe3PN2zZAWoJ0Vphl2Pw_qMq34i3SK4CsvKZ_6SkU4Mpp7kykYV4rMf7gabx0uweDC40voQyIxVvMBjk5bcgOSB52NNY0QC_IpXcp_CMEl-wT7CBUGxqkSsSZ-bbov86Q6pKdFJe44pdCMXno5AsQd0SQs_NW6rSSzm1A2reJ1qXZNUTkbq0Z9kHb0fdj2bcfr64352QNU_cXYoBxA23QQwgd1wy474WUSQhKlBZXXTfZ57N3-kxzVb6a_DKTfp9vbTGxNg==&cb=_clp3l85klsbkb38hhtp2m6&nojs=0&ix=0&abvar=0&t=0&x=1152&y=836&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 02:01:43 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2301262101353ce7896b7049a8ba5e852d4a; Path=/; Expires=Sat, 27 Jan 2024 02:01:43 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7cd96ccfe4dc44afc2d44fd000556820
4ec95cdb153ef2aadd20db225e0636ee74630a89
b333f1090ded2993463fc97e4b3b9aa713554c7588a1e83d2905e3ee58987f3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B333F1090DED2993463FC97E4B3B9AA713554C7588A1E83D2905E3EE58987F3E"
Last-Modified: Tue, 24 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2225
Expires: Fri, 27 Jan 2023 02:38:48 GMT
Date: Fri, 27 Jan 2023 02:01:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 92883be66cd7785ebde7f1922e719351
8beea21f0f2952848886e7bbdec544f8d734fa43
13dc6320b728da4134e7a0b03250116600dc8260ba1254b7dfb792727858ca6e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "13DC6320B728DA4134E7A0B03250116600DC8260BA1254B7DFB792727858CA6E"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3118
Expires: Fri, 27 Jan 2023 02:53:41 GMT
Date: Fri, 27 Jan 2023 02:01:43 GMT
Connection: keep-alive
adserver.juicyads.com/js/fadeinbox.js
185.94.236.246200 OK 1.6 kB URL HTTP/1.1 adserver.juicyads.com/js/fadeinbox.js
IP 185.94.236.246:0
Hash c52e611bfbdf55bcf63a3b9821568b4e
70ab7c9c759020ce752a0a9d997a2150ae14bf33
36b190ad7bbb6f6fee04f2b86ab4198a6061338771559850720cbe5711d06e9e
GET /js/fadeinbox.js HTTP/1.1
Host: adserver.juicyads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:01:43 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 21 Nov 2022 05:24:20 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"637b0b84-fa8"
Content-Encoding: gzip
adserver.juicyads.com/js/jads.js
185.94.236.246200 OK 1.7 kB URL HTTP/1.1 adserver.juicyads.com/js/jads.js
IP 185.94.236.246:0
File type ASCII text, with very long lines (3769), with no line terminators
Hash 65b1efdf55163b144c5018b8772765ad
509de5f40450f3cf05e0d8d1b939fed2bbb11cbe
cf23ab637d84de0eb1c1e67764e05ca0aa140e6ee932a60700fc35661644ee48
GET /js/jads.js HTTP/1.1
Host: adserver.juicyads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:01:43 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 21 Nov 2022 05:24:20 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"637b0b84-eb9"
Content-Encoding: gzip
limurol.com/ssp/req/1828616/?pb=c9bb9d13f03d959e729d63c535c9578f1674792102&psp=Q2c6bcEXOPSADi8GDoUsOmzgNk3fXVqJO2vfXofZr9R60t41Uo5FJUfAfaOiV9F6jgc8WxzQK_LiOQKJTC8ZA5by6sF5OrDnOHVp7DC3ufD1Qu-BBlRxnv4cIWV-6L4gBYWeXm6QDw2-3T2EMO28YKB0DQYMUcY2J366QvOol_ilJ1pKuSItFBXDjmGFj0c2Eg5sCXY-7ns3bsVtqNCmDieMC25jVh7oLuPMo27ycIRc9wnTPjnyUV2ROd6dTGP4jQyXeLyI0m8rXD3XI0mQB94QltQQVdMkzAb925shooXzg_ThHi-1FdpFmxHQC0-a4YaFsCU0a49OJul6eYIBc-je0rs1uIBXyQ0GZ0mBl8aJ9e9RtvRfazxAERYY2tV2WApvVCRdwxKUu7qwCUmWru-uKTUEnf_V4q7izKNWv5JU7l3f8Nwpr7ByMrguzzMuZG2FgEVylWq8WP4p8rNd4EZ6KpsUBC5iVhfSz1o_npkbA-BvAWzUQEn78zci-jywi2lrDQM_ZKlHj1Fke_AQLZX8rrWU0DWtpIjQDDJdIHFsCW5Zd9WRu1FTP4lefeuit0GGY13ByK_4OKbQtsqsd0yW1Nbhv0rtwjyQhe3cq8yC3-e6ga_IqJHyZeDQULatwbYrm8Ho2kso7orLwUoKBB0EZw_4XNVk7nOkenaG0fLae66diP6XOnYEdxxkPV838eVtLceQIjTWnO2oyEOCvvgmxzaaLPOOsZICkLBGE_p6qpEeke1jo-JxPrT3p45AUfWIVn0BRXlapg_ZYCJWmrbuwfsDFU5fvZLjW3GjmUsRe3PN2zZAWoJ0Vphl2Pw_qMq34i3SK4CsvKZ_6SkU4Mpp7kykYV4rMf7gabx0uweDC40voQyIxVvMBjk5bcgOSB52NNY0QC_IpXcp_CMEl-wT7CBUGxqkSsSZ-bbov86Q6pKdFJe44pdCMXno5AsQd0SQs_NW6rSSzm1A2reJ1qXZNUTkbq0Z9kHb0fdj2bcfr64352QNU_cXYoBxA23QQwgd1wy474WUSQhKlBZXXTfZ57N3-kxzVb6a_DKTfp9vbTGxNg==&cb=_clp3l85klsbkb38hhtp2m6&nojs=0&ix=0&abvar=0&t=0&x=1152&y=836&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1828616/?pb=c9bb9d13f03d959e729d63c535c9578f1674792102&psp=Q2c6bcEXOPSADi8GDoUsOmzgNk3fXVqJO2vfXofZr9R60t41Uo5FJUfAfaOiV9F6jgc8WxzQK_LiOQKJTC8ZA5by6sF5OrDnOHVp7DC3ufD1Qu-BBlRxnv4cIWV-6L4gBYWeXm6QDw2-3T2EMO28YKB0DQYMUcY2J366QvOol_ilJ1pKuSItFBXDjmGFj0c2Eg5sCXY-7ns3bsVtqNCmDieMC25jVh7oLuPMo27ycIRc9wnTPjnyUV2ROd6dTGP4jQyXeLyI0m8rXD3XI0mQB94QltQQVdMkzAb925shooXzg_ThHi-1FdpFmxHQC0-a4YaFsCU0a49OJul6eYIBc-je0rs1uIBXyQ0GZ0mBl8aJ9e9RtvRfazxAERYY2tV2WApvVCRdwxKUu7qwCUmWru-uKTUEnf_V4q7izKNWv5JU7l3f8Nwpr7ByMrguzzMuZG2FgEVylWq8WP4p8rNd4EZ6KpsUBC5iVhfSz1o_npkbA-BvAWzUQEn78zci-jywi2lrDQM_ZKlHj1Fke_AQLZX8rrWU0DWtpIjQDDJdIHFsCW5Zd9WRu1FTP4lefeuit0GGY13ByK_4OKbQtsqsd0yW1Nbhv0rtwjyQhe3cq8yC3-e6ga_IqJHyZeDQULatwbYrm8Ho2kso7orLwUoKBB0EZw_4XNVk7nOkenaG0fLae66diP6XOnYEdxxkPV838eVtLceQIjTWnO2oyEOCvvgmxzaaLPOOsZICkLBGE_p6qpEeke1jo-JxPrT3p45AUfWIVn0BRXlapg_ZYCJWmrbuwfsDFU5fvZLjW3GjmUsRe3PN2zZAWoJ0Vphl2Pw_qMq34i3SK4CsvKZ_6SkU4Mpp7kykYV4rMf7gabx0uweDC40voQyIxVvMBjk5bcgOSB52NNY0QC_IpXcp_CMEl-wT7CBUGxqkSsSZ-bbov86Q6pKdFJe44pdCMXno5AsQd0SQs_NW6rSSzm1A2reJ1qXZNUTkbq0Z9kHb0fdj2bcfr64352QNU_cXYoBxA23QQwgd1wy474WUSQhKlBZXXTfZ57N3-kxzVb6a_DKTfp9vbTGxNg==&cb=_clp3l85klsbkb38hhtp2m6&nojs=0&ix=0&abvar=0&t=0&x=1152&y=836&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1828616/?pb=c9bb9d13f03d959e729d63c535c9578f1674792102&psp=Q2c6bcEXOPSADi8GDoUsOmzgNk3fXVqJO2vfXofZr9R60t41Uo5FJUfAfaOiV9F6jgc8WxzQK_LiOQKJTC8ZA5by6sF5OrDnOHVp7DC3ufD1Qu-BBlRxnv4cIWV-6L4gBYWeXm6QDw2-3T2EMO28YKB0DQYMUcY2J366QvOol_ilJ1pKuSItFBXDjmGFj0c2Eg5sCXY-7ns3bsVtqNCmDieMC25jVh7oLuPMo27ycIRc9wnTPjnyUV2ROd6dTGP4jQyXeLyI0m8rXD3XI0mQB94QltQQVdMkzAb925shooXzg_ThHi-1FdpFmxHQC0-a4YaFsCU0a49OJul6eYIBc-je0rs1uIBXyQ0GZ0mBl8aJ9e9RtvRfazxAERYY2tV2WApvVCRdwxKUu7qwCUmWru-uKTUEnf_V4q7izKNWv5JU7l3f8Nwpr7ByMrguzzMuZG2FgEVylWq8WP4p8rNd4EZ6KpsUBC5iVhfSz1o_npkbA-BvAWzUQEn78zci-jywi2lrDQM_ZKlHj1Fke_AQLZX8rrWU0DWtpIjQDDJdIHFsCW5Zd9WRu1FTP4lefeuit0GGY13ByK_4OKbQtsqsd0yW1Nbhv0rtwjyQhe3cq8yC3-e6ga_IqJHyZeDQULatwbYrm8Ho2kso7orLwUoKBB0EZw_4XNVk7nOkenaG0fLae66diP6XOnYEdxxkPV838eVtLceQIjTWnO2oyEOCvvgmxzaaLPOOsZICkLBGE_p6qpEeke1jo-JxPrT3p45AUfWIVn0BRXlapg_ZYCJWmrbuwfsDFU5fvZLjW3GjmUsRe3PN2zZAWoJ0Vphl2Pw_qMq34i3SK4CsvKZ_6SkU4Mpp7kykYV4rMf7gabx0uweDC40voQyIxVvMBjk5bcgOSB52NNY0QC_IpXcp_CMEl-wT7CBUGxqkSsSZ-bbov86Q6pKdFJe44pdCMXno5AsQd0SQs_NW6rSSzm1A2reJ1qXZNUTkbq0Z9kHb0fdj2bcfr64352QNU_cXYoBxA23QQwgd1wy474WUSQhKlBZXXTfZ57N3-kxzVb6a_DKTfp9vbTGxNg==&cb=_clp3l85klsbkb38hhtp2m6&nojs=0&ix=0&abvar=0&t=0&x=1152&y=836&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Cookie: UID=2301262101dfaacb8e12a644b2b73f98fd5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 02:01:43 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 01:55:21 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 415990546
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15505
Expires: Fri, 27 Jan 2023 06:20:08 GMT
Date: Fri, 27 Jan 2023 02:01:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15505
Expires: Fri, 27 Jan 2023 06:20:08 GMT
Date: Fri, 27 Jan 2023 02:01:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b8fa26c-af88-46ea-a5c6-1122db65d6d4.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b8fa26c-af88-46ea-a5c6-1122db65d6d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3605538118d3aaef721a03d482b0f9a
2e2e770d552a05a0f24f4bbb1110266440b2bf76
1011d275125968599a8dd082810deca07e82770efad760b3f1ebf7f74ebab78e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b8fa26c-af88-46ea-a5c6-1122db65d6d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9063
x-amzn-requestid: 8eb82d16-63f8-4e6e-b9fe-1795c7703c03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIgq2EbSoAMFUwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce178-67a0958d7cd1f132605d93be;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:10:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fEX2-oiOwaU7l9OQzljVzFI-CQOwn4yQjUJ_fv0pmjc6C8evz1LDbQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 11:12:36 GMT
age: 53347
etag: "2e2e770d552a05a0f24f4bbb1110266440b2bf76"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zt4bgV2C6Wb_Ufa5mZ7-UDTfCvhXJggPJw9668v5DEmyBnWZ-aNrCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 23:01:22 GMT
age: 10821
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7364957de1b4c82a923bd947f0cce750
d8aa55b64a65757e043b4b1b63efd93c8261d275
f1f7059968d08adfa1c775c906ecb6e5b752210af0bcdcebfa77c2ba6f15bbf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: 2946b91b-1d7e-4eba-966d-600ae368cd3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzVxGw1oAMF-xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce328b-04037751257e13ca156eee8d;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4TidB2H164ziAxKhEORFw4BBF0FB2pkkwNq3iMQfS4t7yObXCA59Pw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 08:40:53 GMT
age: 62450
etag: "d8aa55b64a65757e043b4b1b63efd93c8261d275"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bz9ituqexqrd.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 bz9ituqexqrd.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: bz9ituqexqrd.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://cumception.com
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:01:43 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
poweredby.jads.co/adshow.php?adzone=601758
185.94.236.246200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=601758
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1320), with CRLF, LF line terminators
Hash 68c5f65ba570b9576dabd7972b9a9f1d
40791c117f04efb5ccdbbfedadf2f6ce1d3c9f96
d7c4c6368c1e5aef9d3fce35813e8dcf561bfcb2e9726d022c6432feb6624aed
GET /adshow.php?adzone=601758 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:01:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=d0881d13fef9fbc8ab535a900c03cc98; expires=Sat, 27-Jan-2024 02:01:42 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps50289=1; expires=Sat, 28-Jan-2023 02:01:43 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEzODkyMTU7aToxNjc1MDQ0MTAyO30%3D; expires=Mon, 30-Jan-2023 02:01:42 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 30-Jan-2023 02:01:42 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
adsco.re/p
162.252.214.5200 OK 410 B IP 162.252.214.5:0
File type ASCII text, with very long lines (487), with no line terminators
Hash 30651ecebd1280f87aa0d7d06aa46643
f8ccf746fa2399df3811630ca8609c3132c12f3f
c5c8cd5487c9ed0cb76118ca985b1c326ad437ee71c47a39f7bd029afc31f2c2
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1932
Origin: https://cumception.com
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:01:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://cumception.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
i.jads.co/network/user81419/50289-1654836996-0658613001654836996.gif
69.16.175.10200 OK 225 kB URL HTTP/2 i.jads.co/network/user81419/50289-1654836996-0658613001654836996.gif
IP 69.16.175.10:0
File type GIF image data, version 89a, 728 x 90\012- data
Size 225 kB (224766 bytes)
Hash 4f1fc32aa682f7639c7ab92469282eb8
e9d3d0e0fcc103c26b70dc007341f0a1722697ed
20f56b6db21a44c49a0a91750723bf50ca5a34e10cd6323273577b36e8f2fad6
GET /network/user81419/50289-1654836996-0658613001654836996.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=d0881d13fef9fbc8ab535a900c03cc98; imps50289=1; juicy_data_1=YToxOntpOjEzODkyMTU7aToxNjc1MDQ0MTAyO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:01:43 GMT
etag: "1654836996"
cache-control: max-age=11649202
content-length: 224766
content-type: image/gif
last-modified: Fri, 10 Jun 2022 04:56:36 GMT
accept-ranges: bytes
x-hw: 1674784903.dop231.sk1.t,1674784903.cds232.sk1.hn,1674784903.cds253.sk1.c
X-Firefox-Spdy: h2
i.jads.co/1x1.gif
69.16.175.10200 OK 43 B IP 69.16.175.10:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /1x1.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=d0881d13fef9fbc8ab535a900c03cc98; imps50289=1; juicy_data_1=YToxOntpOjEzODkyMTU7aToxNjc1MDQ0MTAyO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:01:43 GMT
etag: "1457030838"
cache-control: max-age=12440363
content-length: 43
content-type: image/gif
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
accept-ranges: bytes
x-hw: 1674784903.dop231.sk1.t,1674784903.cds232.sk1.hn,1674784903.cds264.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0c4f4ac08cca038a4f11a41d780953b
0139b49968adc6c78039d819db87edb603577917
d841d8a84c3fba4122c157d64e85248540949e7ecc28a33279a2d017bff80ed4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D841D8A84C3FBA4122C157D64E85248540949E7ECC28A33279A2D017BFF80ED4"
Last-Modified: Tue, 24 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3590
Expires: Fri, 27 Jan 2023 03:01:33 GMT
Date: Fri, 27 Jan 2023 02:01:43 GMT
Connection: keep-alive
s4.histats.com/stats/0.php?3749291&@f16&@g1&@h1&@i1&@j1674784903300&@k0&@l1&@mStewie%20Griffin%20Gay%20Porn%20-%20Cumception&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:179042093&@b3:1674784903&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcumception.com%2Fphotos%2Fstewie-griffin-gay-porn&@w
149.56.240.31200 OK 52 B URL HTTP/1.1 s4.histats.com/stats/0.php?3749291&@f16&@g1&@h1&@i1&@j1674784903300&@k0&@l1&@mStewie%20Griffin%20Gay%20Porn%20-%20Cumception&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:179042093&@b3:1674784903&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcumception.com%2Fphotos%2Fstewie-griffin-gay-porn&@w
IP 149.56.240.31:0
File type ASCII text, with no line terminators
Hash 32660d2c5f3cd43a69ae3d5004308271
462fec2bf84d776c72ce64d2aa8fea18e1243f52
c9147a3ef957ed6af7c699156d56b7be8c5044d9657dda294639ef3f57fec369
GET /stats/0.php?3749291&@f16&@g1&@h1&@i1&@j1674784903300&@k0&@l1&@mStewie%20Griffin%20Gay%20Porn%20-%20Cumception&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:179042093&@b3:1674784903&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcumception.com%2Fphotos%2Fstewie-griffin-gay-porn&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:01:43 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close
poweredby.jads.co/adshow.php?adzone=876535
185.94.236.246200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=876535
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1320), with CRLF, LF line terminators
Hash 39de0741be05a32a902f25119d85f120
6ebc7fb61291a8b374073003513b3f3d27331393
97afdabff20171c4737035750aff0bfad91274cdc3239ee9fee1df7190eb85a2
GET /adshow.php?adzone=876535 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:01:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=d0881d13fef9fbc8ab535a900c03cc98; expires=Sat, 27-Jan-2024 02:01:42 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps53761=1; expires=Sat, 28-Jan-2023 02:01:43 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjE1MDg2OTM7aToxNjc1MDQ0MTAyO30%3D; expires=Mon, 30-Jan-2023 02:01:42 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 30-Jan-2023 02:01:42 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/network/user179029/53761-1668593612-0579920001668593612.gif
69.16.175.10200 OK 224 kB URL HTTP/2 i.jads.co/network/user179029/53761-1668593612-0579920001668593612.gif
IP 69.16.175.10:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 224 kB (224323 bytes)
Hash 7b494b5aaf84a333cb6b6ea39d9c6ae5
64ee159352ac8e86ba96f487f12c55e4adcccc3a
203d1d747bd2e070fd9d04410ac1ffd34e76ab38bfb3c2bd97db2dfc3d48bc92
GET /network/user179029/53761-1668593612-0579920001668593612.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=d0881d13fef9fbc8ab535a900c03cc98; imps50289=1; juicy_data_1=YToxOntpOjE1MDg2OTM7aToxNjc1MDQ0MTAyO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps53761=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:01:43 GMT
etag: "1668593612"
cache-control: max-age=26759568
content-length: 224323
content-type: image/gif
last-modified: Wed, 16 Nov 2022 10:13:32 GMT
accept-ranges: bytes
x-hw: 1674784903.dop231.sk1.t,1674784903.cds232.sk1.hn,1674784903.cds260.sk1.c
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=601760
185.94.236.246200 OK 5.8 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=601760
IP 185.94.236.246:0
Hash a09c28cae00f700463b48435e0cad31c
2317cfdc8ee98d6c9615bb2c4b53e64f13c0d805
ccf118acf7ba6945c37274cfb93399764afb8e7b035c75956cde41e747e8c9dc
GET /adshow.php?adzone=601760 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:01:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=d0881d13fef9fbc8ab535a900c03cc98; expires=Sat, 27-Jan-2024 02:01:42 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps53761=1; expires=Sat, 28-Jan-2023 02:01:43 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjE1MDg2OTM7aToxNjc1MDQ0MTAyO30%3D; expires=Mon, 30-Jan-2023 02:01:42 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 30-Jan-2023 02:01:42 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
adserver.juicyads.com/adshow.php?adzone=601757&mobile=false
185.94.236.246200 OK 1.6 kB URL HTTP/1.1 adserver.juicyads.com/adshow.php?adzone=601757&mobile=false
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (474), with CRLF, LF line terminators
Hash 370be6394aaedfc881f0c5ee45a78f8a
d55d04f0e9ae7bd4d5f7e012998e71b731c82f20
88651f43e440440460ae044ad3e659c71c540f4d251b7cf63757f6dd057f5d7f
GET /adshow.php?adzone=601757&mobile=false HTTP/1.1
Host: adserver.juicyads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:01:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=d0881d13fef9fbc8ab535a900c03cc98; expires=Sat, 27-Jan-2024 02:01:42 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.juicyads.com
imps5492=1; expires=Sat, 28-Jan-2023 02:01:43 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.juicyads.com
juicy_data_1=YToxOntpOjE0Nzg5NDE7aToxNjc1MDQ0MTAyO30%3D; expires=Mon, 30-Jan-2023 02:01:42 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=juicyads.com
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 30-Jan-2023 02:01:42 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=juicyads.com
Content-Encoding: gzip
ads.juicyads.me/ads/juicyads_black.gif
69.16.175.42200 OK 2.2 kB URL HTTP/2 ads.juicyads.me/ads/juicyads_black.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 62 x 24\012- data
Hash 4dffc647a404d4297cd77b3974cd666e
c4a02f126e24601bd9288a4080eea39adb472e6f
b1e12c59a9b1d3e8447d6a7aeb584101c71751561b98f3f0162f58f1e617c7fb
GET /ads/juicyads_black.gif HTTP/1.1
Host: ads.juicyads.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:01:44 GMT
etag: "1456941299"
cache-control: max-age=13385548
content-length: 2193
content-type: image/gif
last-modified: Wed, 02 Mar 2016 17:54:59 GMT
accept-ranges: bytes
x-hw: 1674784904.dop215.sk1.t,1674784904.cds020.sk1.hn,1674784904.cds263.sk1.c
X-Firefox-Spdy: h2
ads.juicyads.me/network/user12421/5492-1665506459-0934303001665506459.jpg
69.16.175.42200 OK 60 kB URL HTTP/2 ads.juicyads.me/network/user12421/5492-1665506459-0934303001665506459.jpg
IP 69.16.175.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 300x250, components 3\012- data
Hash 778921eea29cee527843d5b52add6923
e0b910197bc37da51bcd9ff7347681061bb2a030
1226efcbbfbe38f6eeb51444f4207b301ce4c99104fbc5fa527890c9d9149bed
GET /network/user12421/5492-1665506459-0934303001665506459.jpg HTTP/1.1
Host: ads.juicyads.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:01:44 GMT
etag: "1665506459"
cache-control: max-age=25234373
content-length: 59579
content-type: image/jpeg
last-modified: Tue, 11 Oct 2022 16:40:59 GMT
accept-ranges: bytes
x-hw: 1674784904.dop215.sk1.t,1674784904.cds020.sk1.hn,1674784904.cds211.sk1.c
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 4d8ae67c17f92f8e0fb6fe982d69623f
067e277315ebc47b31dd05ce7847f6739b203370
da22d2bf1e23875d05d738253b47072de88255910321c889ccd5d6c0c9aeb268
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:01:44 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 01:12:44 GMT
Expires: Wed, 01 Feb 2023 01:12:43 GMT
Etag: "067e277315ebc47b31dd05ce7847f6739b203370"
Cache-Control: max-age=428458,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fde6f1e976b4ed-OSL
bz9ituqexqrd.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 bz9ituqexqrd.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: bz9ituqexqrd.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://cumception.com
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:01:44 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:01:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
blockadsnot.com/jFkBqP.asp?_=BQFiAAAAAAAACZUAAv9zsDGKgeoPOcI89IQle25sl0zKcX-qDyybumQe9KovQhGc9H4DpbWatDWZUlWn5AwzLHOR_nWJCGUvEzFTnOzIHjG0hoDo2MGBvT96f2e0CzYo0TMArMDsavk7HwK5Ud7IfvI4LKSaU9EPx3lK9WQf5B6vs-BFh7YGQqrMQyksArvHIjf7q1H2bL9LdxLaV6k3hRAldp0xcNy37FrMY4Mzc-Wpg-Z-QM9x8Yfr2bOX_2c2re7S75TaGHrku_iZObS0dtSks5F2SJxoqjysWXQCinyLLAz1tsL8A62AA_rigtDKBlhmAAZC9OXoeqYnN85gTV6PECXd5mnPmlPKfcgftujt0JvTFRkKCrhyHHuQeUOPnPt1GHJ6RIldIs_UT3s9iF06RZShfdmYDZU1oHdS3ndsZdwTsyXaRqt6eRi6upObdYrZyWcBd_tMMrwaPxj1s58mhdsge3YiCdkn5HQ&v=4&ZTkxuSbr=2374563&minBid=&tHJkljBx=0,0&mFXTfqQZ=&BZtmLglX=&s=1280,1024,1,1280,1024,0
208.95.112.254200 OK 44 B URL HTTP/2 blockadsnot.com/jFkBqP.asp?_=BQFiAAAAAAAACZUAAv9zsDGKgeoPOcI89IQle25sl0zKcX-qDyybumQe9KovQhGc9H4DpbWatDWZUlWn5AwzLHOR_nWJCGUvEzFTnOzIHjG0hoDo2MGBvT96f2e0CzYo0TMArMDsavk7HwK5Ud7IfvI4LKSaU9EPx3lK9WQf5B6vs-BFh7YGQqrMQyksArvHIjf7q1H2bL9LdxLaV6k3hRAldp0xcNy37FrMY4Mzc-Wpg-Z-QM9x8Yfr2bOX_2c2re7S75TaGHrku_iZObS0dtSks5F2SJxoqjysWXQCinyLLAz1tsL8A62AA_rigtDKBlhmAAZC9OXoeqYnN85gTV6PECXd5mnPmlPKfcgftujt0JvTFRkKCrhyHHuQeUOPnPt1GHJ6RIldIs_UT3s9iF06RZShfdmYDZU1oHdS3ndsZdwTsyXaRqt6eRi6upObdYrZyWcBd_tMMrwaPxj1s58mhdsge3YiCdkn5HQ&v=4&ZTkxuSbr=2374563&minBid=&tHJkljBx=0,0&mFXTfqQZ=&BZtmLglX=&s=1280,1024,1,1280,1024,0
IP 208.95.112.254:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /jFkBqP.asp?_=BQFiAAAAAAAACZUAAv9zsDGKgeoPOcI89IQle25sl0zKcX-qDyybumQe9KovQhGc9H4DpbWatDWZUlWn5AwzLHOR_nWJCGUvEzFTnOzIHjG0hoDo2MGBvT96f2e0CzYo0TMArMDsavk7HwK5Ud7IfvI4LKSaU9EPx3lK9WQf5B6vs-BFh7YGQqrMQyksArvHIjf7q1H2bL9LdxLaV6k3hRAldp0xcNy37FrMY4Mzc-Wpg-Z-QM9x8Yfr2bOX_2c2re7S75TaGHrku_iZObS0dtSks5F2SJxoqjysWXQCinyLLAz1tsL8A62AA_rigtDKBlhmAAZC9OXoeqYnN85gTV6PECXd5mnPmlPKfcgftujt0JvTFRkKCrhyHHuQeUOPnPt1GHJ6RIldIs_UT3s9iF06RZShfdmYDZU1oHdS3ndsZdwTsyXaRqt6eRi6upObdYrZyWcBd_tMMrwaPxj1s58mhdsge3YiCdkn5HQ&v=4&ZTkxuSbr=2374563&minBid=&tHJkljBx=0,0&mFXTfqQZ=&BZtmLglX=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: blockadsnot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Fri, 27 Jan 2023 02:01:44 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e7196cbb378213ae1410d51d2c18d620
43b7a777d9ca753bd02ff455a10a674aad023aa2
d4f36b111b4fd0b158da928d742e444cf6f409adebae422cb732056c122b4dbd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D4F36B111B4FD0B158DA928D742E444CF6F409ADEBAE422CB732056C122B4DBD"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15324
Expires: Fri, 27 Jan 2023 06:17:08 GMT
Date: Fri, 27 Jan 2023 02:01:44 GMT
Connection: keep-alive
d.pssy.xyz/d/?resource=bundler&nada=1&widgets=1499330:2,1243823:1,1499369:1&isct=1674727731&rfrr=https://cumception.com/photos/sex-making-love-tumblr/&iscs=Mjg0YjE0OWQzYmI3ODM4ZTRlYTBjNjhkZGQ0MTNjNTY4NDEyYzFiN2JkOGM2ZjE1NzJmNDA4ODk0OGQwOTM1ZXwwfDV8MTcyLjk4LjE5Ni42NnxNb3ppbGxhLzUuMCAoTGludXg7IEFuZHJvaWQgMTI7IE0yMDAzSjE1U0MpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDkuMC4wLjAgTW9iaWxlIFNhZmFyaS81MzcuMzZ8Mjc1MDA0fDE2NzQ3Mjc3MzF8aWJhSFIwY0hNNkx5OWpkVzFqWlhCMGFXOXVMbU52YlM5d2FHOTBiM012YzJWNExXMWhhMmx1Wnkxc2IzWmxMWFIxYldKc2NpOD0=&width=104&reqc=1&ver=d426c10ffd7fb893.1674727731207&page=aHR0cHM6Ly9jdW1jZXB0aW9uLmNvbS9waG90b3Mvc3Rld2llLWdyaWZmaW4tZ2F5LXBvcm4=
23.235.244.225200 OK 4.5 kB URL HTTP/1.1 d.pssy.xyz/d/?resource=bundler&nada=1&widgets=1499330:2,1243823:1,1499369:1&isct=1674727731&rfrr=https://cumception.com/photos/sex-making-love-tumblr/&iscs=Mjg0YjE0OWQzYmI3ODM4ZTRlYTBjNjhkZGQ0MTNjNTY4NDEyYzFiN2JkOGM2ZjE1NzJmNDA4ODk0OGQwOTM1ZXwwfDV8MTcyLjk4LjE5Ni42NnxNb3ppbGxhLzUuMCAoTGludXg7IEFuZHJvaWQgMTI7IE0yMDAzSjE1U0MpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDkuMC4wLjAgTW9iaWxlIFNhZmFyaS81MzcuMzZ8Mjc1MDA0fDE2NzQ3Mjc3MzF8aWJhSFIwY0hNNkx5OWpkVzFqWlhCMGFXOXVMbU52YlM5d2FHOTBiM012YzJWNExXMWhhMmx1Wnkxc2IzWmxMWFIxYldKc2NpOD0=&width=104&reqc=1&ver=d426c10ffd7fb893.1674727731207&page=aHR0cHM6Ly9jdW1jZXB0aW9uLmNvbS9waG90b3Mvc3Rld2llLWdyaWZmaW4tZ2F5LXBvcm4=
IP 23.235.244.225:0
File type JSON data\012- C source, Unicode text, UTF-8 text, with very long lines (14780), with no line terminators
Hash 6629391ed4663dcdd35cdd1e124ceae9
fa8c95d2f343da3c5d536b7bd44a4fcf6491da35
0e4b1ab7961b3b65b8176d102d685eb0856cc6fb78f9d8fe0ba9550583f327ab
GET /d/?resource=bundler&nada=1&widgets=1499330:2,1243823:1,1499369:1&isct=1674727731&rfrr=https://cumception.com/photos/sex-making-love-tumblr/&iscs=Mjg0YjE0OWQzYmI3ODM4ZTRlYTBjNjhkZGQ0MTNjNTY4NDEyYzFiN2JkOGM2ZjE1NzJmNDA4ODk0OGQwOTM1ZXwwfDV8MTcyLjk4LjE5Ni42NnxNb3ppbGxhLzUuMCAoTGludXg7IEFuZHJvaWQgMTI7IE0yMDAzSjE1U0MpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDkuMC4wLjAgTW9iaWxlIFNhZmFyaS81MzcuMzZ8Mjc1MDA0fDE2NzQ3Mjc3MzF8aWJhSFIwY0hNNkx5OWpkVzFqWlhCMGFXOXVMbU52YlM5d2FHOTBiM012YzJWNExXMWhhMmx1Wnkxc2IzWmxMWFIxYldKc2NpOD0=&width=104&reqc=1&ver=d426c10ffd7fb893.1674727731207&page=aHR0cHM6Ly9jdW1jZXB0aW9uLmNvbS9waG90b3Mvc3Rld2llLWdyaWZmaW4tZ2F5LXBvcm4= HTTP/1.1
Host: d.pssy.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cumception.com
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:01:44 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
ETag: W/"39bf-N7ezVlN0RxJ0yvgZeMMkKRTv6bk"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cumception.com
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ad40bdf34132e3eb7ad8e6b98ae26c54
7b4ba2989adb25436481e932356b8ea8717f0283
cd933c4d055f1b5d02df421d90aa2e05fc138581a0518e137a048d7545145432
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CD933C4D055F1B5D02DF421D90AA2E05FC138581A0518E137A048D7545145432"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4312
Expires: Fri, 27 Jan 2023 03:13:37 GMT
Date: Fri, 27 Jan 2023 02:01:45 GMT
Connection: keep-alive
s.w.org/images/core/emoji/14.0.0/svg/1f514.svg
192.0.77.48200 OK 314 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f514.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (314), with no line terminators
Hash 6201ff6add4821014e02cfc1bc82fc95
afd344621ef88b39f6e7013b7ce4765d67892315
5f70fb8150f0a1f184b40f86d012db040d229056b9b0d8c681f08987cb124e5f
GET /images/core/emoji/14.0.0/svg/1f514.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 02:01:45 GMT
content-type: image/svg+xml
content-length: 314
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
d.pssy.xyz/d/n/iframe?domain=cumception.com&id=1499369
23.235.244.225200 OK 1.7 kB URL HTTP/1.1 d.pssy.xyz/d/n/iframe?domain=cumception.com&id=1499369
IP 23.235.244.225:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 68abb335423c45a9e369351d3191900a
0ac191c5a11d050c4af827b52c12103e7b23f080
b0fd4e596439694c327759a35f3672153ee7dc345a8ead7e81331c0173ead82c
GET /d/n/iframe?domain=cumception.com&id=1499369 HTTP/1.1
Host: d.pssy.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:01:45 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
ETag: W/"1487-icpPve9BTwGeprZ2Ju4SAjSmDlI"
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
s.pssy.xyz/prplugs/0/1237567/120x90.jpg
172.67.206.135200 OK 4.5 kB URL HTTP/2 s.pssy.xyz/prplugs/0/1237567/120x90.jpg
IP 172.67.206.135:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 120x90, components 3\012- data
Hash 486cbeb8904b8bd1d59b4f4cbc78ae7a
fa41f2ebad3f25b612d508fb4d40bfde8ca03b0f
7a8c9819a90bccc47f2959055c6da7e862719c980e901d4bca8cbe7f2b5c81b5
GET /prplugs/0/1237567/120x90.jpg HTTP/1.1
Host: s.pssy.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:01:45 GMT
content-type: image/jpeg
content-length: 4548
last-modified: Thu, 26 Jan 2023 22:18:12 GMT
etag: "63d2fc24-11c4"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssZ3uW28N%2Bmm0DQtJxpd5mVwjb3aV99Bfb9A6CLxGUGXreW5DDRrdGqDZfh85UTBkS2dyV0Ylx3ODUDQhaQh37d0yYQyOqypf5FrV4aWZ9IFdPqK5ER9Qxbh0t3d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fde6f8a9d2b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ad40bdf34132e3eb7ad8e6b98ae26c54
7b4ba2989adb25436481e932356b8ea8717f0283
cd933c4d055f1b5d02df421d90aa2e05fc138581a0518e137a048d7545145432
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CD933C4D055F1B5D02DF421D90AA2E05FC138581A0518E137A048D7545145432"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4312
Expires: Fri, 27 Jan 2023 03:13:37 GMT
Date: Fri, 27 Jan 2023 02:01:45 GMT
Connection: keep-alive
d.pssy.xyz/t.php
23.235.244.225200 OK 20 B IP 23.235.244.225:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /t.php HTTP/1.1
Host: d.pssy.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:01:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: guid=2839e58b-42fb-41e3-9a9e-6780c8da7c95; expires=Sat, 27-Jan-2024 02:01:45 GMT; Max-Age=31536000; path=/; domain=pssy.xyz; secure; SameSite=None
Access-Control-Allow-Origin: *
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a181da5-9eaa-4508-9ba5-ce3527c87698.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a181da5-9eaa-4508-9ba5-ce3527c87698.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a01352e094fda751e3227191ca74469
7ad63fabc3d52f7fc3f2f648d11edf7241e24368
8c06a16bab3b9c3130a8d8d91e52a01073b685d4831d1ba7129ac571bd7d0bc3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a181da5-9eaa-4508-9ba5-ce3527c87698.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7525
x-amzn-requestid: a7a05ec2-92ae-4813-b087-c4f32df1f7f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fB5k7GgkoAMF6eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca3c85-3c08d20509992a0d031213ad;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 07:02:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PyRhsgixwVqdtaNructs84RGA6AYOgTbqE_lUViwIZCHFMosWEo_8w==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 09:59:33 GMT
age: 57734
etag: "7ad63fabc3d52f7fc3f2f648d11edf7241e24368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d2506ac511dfbea29e29ab14ba10f85
b2e2972ffa82b103c62ffde0fca99454e12d95e6
fbe6f833114208d84033ba691a74da18d641e38f0f327c752333a339f1baae34
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5263
x-amzn-requestid: ea2f25ff-f62a-4850-a9d1-72f26d817faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzOkGtWoAMFV0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce325d-39e5ed054ead447d3cedf047;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BcMB1y0etnIGvZr54EllkdEOlahZGTjgrw2-3FYu3WET2f5lDLV1dw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:24:02 GMT
age: 16666
etag: "b2e2972ffa82b103c62ffde0fca99454e12d95e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52a1f3b3-38ab-4f58-ad1a-ca4c9f82503e.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52a1f3b3-38ab-4f58-ad1a-ca4c9f82503e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1695371c247eedad65b4cac82f01215d
50510052f0e22e23f747c761d57cdf72910ac533
aadde426229f04f6a489b87d6949a485b19d4fd035cb244b6094549efc08013f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52a1f3b3-38ab-4f58-ad1a-ca4c9f82503e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6394
x-amzn-requestid: 859587bc-081f-4092-8fed-40e3f2bc8ee4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOjE6FJNIAMFz6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf4bb8-28848a07545a0e557f1250b1;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 03:08:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KIQ-V8uU0HwYAPEfXMUw7T2IYlStHuZ0mwWdVFUNf46i6ugVGZm-Bw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 11:50:55 GMT
age: 51054
etag: "50510052f0e22e23f747c761d57cdf72910ac533"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cumception.com/photos/stewie-griffin-gay-porn
188.114.96.1200 OK 0 B URL HTTP/2 cumception.com/photos/stewie-griffin-gay-porn
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Malware
GET /photos/stewie-griffin-gay-porn HTTP/1.1
Host: cumception.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:01:41 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-edge-cache: cache,platform=wordpress
x-elasticpress-query: true
link: <https://cumception.com/wp-json/>; rel="https://api.w.org/"
x-fastcgi-cache: BYPASS, BYPASS, HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b80HwP%2Ftq7Ty9ukqZ2v7Fygqw4SJ3eecojFuLgwLNAv0Vr8GdqTHF3cxOUvEQNAEqeVTG1CvjNOlxqn7X4HzhBr%2BEAMt0D1twi8TkPSM99nZEEvoweqWQ%2B5P%2BicyVlH%2B0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fde6e11a47b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
qgxbluhsgad.com/t/9/fret/meow4/1828616/brt.js
62.122.171.6200 OK 0 B URL HTTP/2 qgxbluhsgad.com/t/9/fret/meow4/1828616/brt.js
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /t/9/fret/meow4/1828616/brt.js HTTP/1.1
Host: qgxbluhsgad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 02:01:42 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 13:21:09 GMT
vary: Accept-Encoding
etag: W/"63d27e45-10d38"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
js.juicyads.com/jp.php?c=446433y2r256r2x2w28433b4&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23cumception
54.230.111.84200 OK 0 B URL HTTP/2 js.juicyads.com/jp.php?c=446433y2r256r2x2w28433b4&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23cumception
IP 54.230.111.84:0
GET /jp.php?c=446433y2r256r2x2w28433b4&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23cumception HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
date: Fri, 27 Jan 2023 01:49:35 GMT
expires: Fri, 27 Jan 2023 02:04:35 GMT
pragma: cache
server: nginx
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Es7hv5LLsl4mA-45CWl_yTbTIhEQVqgQ5jCd8T7hbSJ4ZeHRuQvnwQ==
age: 727
X-Firefox-Spdy: h2
www.blockadsnot.com/gh.min.js
185.76.9.16200 OK 0 B URL HTTP/2 www.blockadsnot.com/gh.min.js
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
GET /gh.min.js HTTP/1.1
Host: www.blockadsnot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cumception.com
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:01:42 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.13:443"; ma=2592000; v="44,43,39"
expires: Fri, 27 Jan 2023 21:20:55 GMT
access-control-allow-origin: *
link: <https://blockadsnot.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1674854455
server: CDN77-Turbo
x-77-nzt: AblMCQ29qP3/zyoIAA
x-77-nzt-ray: c0a4cc28b349ea458630d363c2939926
x-cache: HIT
x-age: 535247
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cumception.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:01:42 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 27 Feb 2023 02:01:42 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 2174863
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fde6eb0e980b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2