njav.tv/en/v/stars-729-uncensored-leaked
104.21.23.31200 OK 9.5 kB URL HTTP/1.1 njav.tv/en/v/stars-729-uncensored-leaked
IP 104.21.23.31:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (369)
Hash 51ba551d0eb6fe83b0f71eda7c7d572f
fa169dc4d180b0f5137eb2f5f2007da027dfbe6b
6f79c29859c61bd216c066dae48220a8b5e4b7813897f092be1e72935a130bac
GET /en/v/stars-729-uncensored-leaked HTTP/1.1
Host: njav.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 10:55:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
Cache-Control: max-age=7200
CF-Cache-Status: MISS
Last-Modified: Mon, 30 Jan 2023 10:55:12 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CL12RbR0TIoc1OKsZVAVzPKExoZPhOQvuVYfdr9i0VvEeM%2FsxubpUY91HrPig1ROpm5f7GLJwa5vxrtNlvPqw9tRNTbOkXC36L4%2F0j%2Bbzlt5RfVFV8fp6Q7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7919ac841e830b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4282
Expires: Mon, 30 Jan 2023 12:06:34 GMT
Date: Mon, 30 Jan 2023 10:55:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6545
Expires: Mon, 30 Jan 2023 12:44:17 GMT
Date: Mon, 30 Jan 2023 10:55:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10464
Expires: Mon, 30 Jan 2023 13:49:36 GMT
Date: Mon, 30 Jan 2023 10:55:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 10:35:42 GMT
content-type: application/json
age: 1170
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: G/znFtlKfzSVUPHHRX3CD9Smhz3aUEb63QE4+T2CvYEIZaF/ZXRNDGpg8w1RpoFwgntRUM0qsmU=
x-amz-request-id: BJENWBH4SDFZRZEK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 10:50:42 GMT
age: 270
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 10:55:12 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
104.17.25.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (58749)
Hash fd91519379203e4f5d95a93f2997019b
806d29dabc59c13f96d58a1b6b0412c227bbfedf
48fdb6e3181b07a35045c83b2ab1cd884bbadf0d6e7edade1259d56b7c79bacf
GET /ajax/libs/font-awesome/5.14.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:12 GMT
content-type: text/css; charset=utf-8
content-length: 10391
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f0f47d3-e637"
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 18119939
expires: Sat, 20 Jan 2024 10:55:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Byk0XG82X0rV9dZ2VcIuDq9AE44zgVLuVQuQ%2F2xJN5Zi%2BBs2zo%2BjkQbZG%2BUTdQVAOe7oiCmBglvdCbtuJyDg%2FD%2FlSS7kVMS0A%2FBmcPey7PkDUHIAWRHE%2BMj8BNOv%2BpfhrdETZEBH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7919ac870e81b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2d7ee796171735641efa781e1cd57208
cbea40264459783587615fbf948c812c6943e48e
88d903d8589b01c735c8a6220d993704669bd6feba31a8e79f5b19b78e9a776f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4814
Cache-Control: max-age=116397
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 10:55:12 GMT
Etag: "63d6b2ef-118"
Expires: Tue, 31 Jan 2023 19:15:09 GMT
Last-Modified: Sun, 29 Jan 2023 17:54:55 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2d7ee796171735641efa781e1cd57208
cbea40264459783587615fbf948c812c6943e48e
88d903d8589b01c735c8a6220d993704669bd6feba31a8e79f5b19b78e9a776f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3821
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 10:55:12 GMT
Etag: "63d6b2ef-118"
Last-Modified: Mon, 30 Jan 2023 09:51:31 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 10:55:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 10:55:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
njav.tv/assets/site1/dist/app.css?v=1664416166
104.21.23.31200 OK 51 kB URL HTTP/2 njav.tv/assets/site1/dist/app.css?v=1664416166
IP 104.21.23.31:0
File type Unicode text, UTF-8 text, with very long lines (60533)
Hash 53de81cecdff2e1479649ec8d7dffb66
7c23e206d1e52de790227146089d6fc180c2c71a
790993a07ce27ca1151b4f628bcb80856b173b3fe6c67550d3689d78a416b936
GET /assets/site1/dist/app.css?v=1664416166 HTTP/1.1
Host: njav.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:12 GMT
content-type: text/css
last-modified: Tue, 27 Sep 2022 17:13:15 GMT
etag: W/"63332f2b-35623"
x-frame-options: SAMEORIGIN
x-cache: MISS
cache-control: max-age=7200
cf-cache-status: HIT
age: 4772
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTSY4%2FP6aDsAXyL5HqvfgyO%2FDlJ71aNdnlEc3rxGzQzzF2TApQ6X1It9fAlx2lKzRrU6AI%2BdMZh8k09Cozf3xcaa4vFZ5AmW%2FQVs5D92l9pGFbDJy0eCVR3n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac877be0b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-VZGC2QQBZ8
142.250.74.72200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-VZGC2QQBZ8
IP 142.250.74.72:0
File type ASCII text, with very long lines (21849)
Hash 4d2d8316201962cf7eee5e9c5d8fc41b
4a5c368dd461dc8196aa5eec89253283f237baf7
b3320e277f64da300a2d19f2e38a6c2c2bb9585fe62f39bfc0ebec8a32a68463
GET /gtag/js?id=G-VZGC2QQBZ8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 10:55:12 GMT
expires: Mon, 30 Jan 2023 10:55:12 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77786
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 10:55:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 10:55:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 123e304ce1f66666cebdc611eac959ca
d7013c49efe72137e962a61a9cfc4600be9ea696
5409bf929a0d7beedba64b9d9cea4efa3df301045e38706669c02a0c9c24e19c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5496
Cache-Control: max-age=111323
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 10:55:12 GMT
Etag: "63d69c73-116"
Expires: Tue, 31 Jan 2023 17:50:35 GMT
Last-Modified: Sun, 29 Jan 2023 16:18:59 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 123e304ce1f66666cebdc611eac959ca
d7013c49efe72137e962a61a9cfc4600be9ea696
5409bf929a0d7beedba64b9d9cea4efa3df301045e38706669c02a0c9c24e19c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2428
Cache-Control: max-age=108255
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 10:55:12 GMT
Etag: "63d69c73-116"
Expires: Tue, 31 Jan 2023 16:59:27 GMT
Last-Modified: Sun, 29 Jan 2023 16:18:59 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
go.xlivrdr.com/smartpop/8df9db4f8a3118d1d61eed4d514a2adea98a09da82da5784695a266997eb9a52?userId=c11b667e1e8a26cf7f31362ebc0577ab36a4ec57b491bae9f3f8939c70b4b75e
104.18.59.150302 Found 0 B URL HTTP/2 go.xlivrdr.com/smartpop/8df9db4f8a3118d1d61eed4d514a2adea98a09da82da5784695a266997eb9a52?userId=c11b667e1e8a26cf7f31362ebc0577ab36a4ec57b491bae9f3f8939c70b4b75e
IP 104.18.59.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/8df9db4f8a3118d1d61eed4d514a2adea98a09da82da5784695a266997eb9a52?userId=c11b667e1e8a26cf7f31362ebc0577ab36a4ec57b491bae9f3f8939c70b4b75e HTTP/1.1
Host: go.xlivrdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 30 Jan 2023 10:55:12 GMT
content-length: 0
location: https://creative.xlivrdr.com/widgets/v4/Universal?autoplay=all&autoplayForce=1&campaignId=8df9db4f8a3118d1d61eed4d514a2adea98a09da82da5784695a266997eb9a52&campaignType=smartpop&creativeId=d49e3d3a9b975acb4f851681ec547a20fe338c9b25c22ee683b984b37b679d1a&hideButton=1&hideTitle=1&iterationId=400280&masterSmartpopId=0&ruleId=0&smartpopId=8376&tag=girls%2Fasian&thumbsMargin=5&userId=c11b667e1e8a26cf7f31362ebc0577ab36a4ec57b491bae9f3f8939c70b4b75e&variationId=30224
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=67767939.30224; Path=/; HttpOnly; SameSite=Strict
__cflb=02DiuDfsBaY2bRYJiCeSF4mw3pyDiW7pwvZDrYAU4Q6yz; SameSite=None; Secure; path=/; expires=Tue, 31-Jan-23 09:55:12 GMT; HttpOnly
server: cloudflare
cf-ray: 7919ac886ab2b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
go.xlivrdr.com/smartpop/1f570985c98201f24626a02c754bfac937e2abbd6541885d068a9aa7a1843267?userId=c11b667e1e8a26cf7f31362ebc0577ab36a4ec57b491bae9f3f8939c70b4b75e
104.18.59.150302 Found 0 B URL HTTP/2 go.xlivrdr.com/smartpop/1f570985c98201f24626a02c754bfac937e2abbd6541885d068a9aa7a1843267?userId=c11b667e1e8a26cf7f31362ebc0577ab36a4ec57b491bae9f3f8939c70b4b75e
IP 104.18.59.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/1f570985c98201f24626a02c754bfac937e2abbd6541885d068a9aa7a1843267?userId=c11b667e1e8a26cf7f31362ebc0577ab36a4ec57b491bae9f3f8939c70b4b75e HTTP/1.1
Host: go.xlivrdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 30 Jan 2023 10:55:12 GMT
content-length: 0
location: https://creative.xlivrdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&applyGeobans=0&autoplay=all&autoplayForce=1&broadcastHD=0&broadcastMobile=0&broadcastVR=0&buttonColor=%23DC0C2C&campaignId=1f570985c98201f24626a02c754bfac937e2abbd6541885d068a9aa7a1843267&campaignType=smartpop&creativeId=930ca91ef518e84f2bf45ed3237f8227253ab9f3d5c0c3f3c426b0f9921dccaa&goalEnabled=0&hideButton=1&hideButtonOnSmallSpots=1&hideLiveBadge=0&hideModelName=0&hideModelNameOnSmallSpots=1&hideTitle=1&hideTitleOnSmallSpots=1&isFace=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&isMlCountry=0&isNew=0&isPerson=0&iterationId=274130&language=en&liveBadgeColor=%2300bd8f&masterSmartpopId=0&playButton=0&responsive=1&ruleId=0&smartpopId=7678&strict=0&stripcashR=0&tag=girls%2Fchinese&thumbFit=cover&thumbSizeKey=big&thumbType=default&thumbsMargin=2&userId=c11b667e1e8a26cf7f31362ebc0577ab36a4ec57b491bae9f3f8939c70b4b75e&variationId=29594
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=67687265.29594; Path=/; HttpOnly; SameSite=Strict
__cflb=02DiuDfsBaY2bRYJiCg3Rc4wrBy1LXpo7pMXtYnUyvpgk; SameSite=None; Secure; path=/; expires=Tue, 31-Jan-23 09:55:12 GMT; HttpOnly
server: cloudflare
cf-ray: 7919ac886ab4b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 123e304ce1f66666cebdc611eac959ca
d7013c49efe72137e962a61a9cfc4600be9ea696
5409bf929a0d7beedba64b9d9cea4efa3df301045e38706669c02a0c9c24e19c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5496
Cache-Control: max-age=111323
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 10:55:12 GMT
Etag: "63d69c73-116"
Expires: Tue, 31 Jan 2023 17:50:35 GMT
Last-Modified: Sun, 29 Jan 2023 16:18:59 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2
104.17.25.14200 OK 80 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2
IP 104.17.25.14:0
File type Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301\012- data
Hash c500da19d776384ba69573ae6fe274e7
6290834672aba86d5b6c1c73b30b57c9c53996f7
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
GET /ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://njav.tv
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:12 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 80148
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5f0f47d3-13914"
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 307273
expires: Sat, 20 Jan 2024 10:55:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqitUwgB1NOkRLrf%2BurRUb5aOTUXTsh0p1IwLTodpuBglCXUy7OAGzg7XdXOwLa%2FJ1A9mJf9Dj8ufQz16gWpCuqixgNzKg2QADj%2Bf11p3E4tRuNxRj9m0u3ioPh%2BI3tlUv0FUmhh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7919ac895e65b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 10:55:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://njav.tv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:51:59 GMT
expires: Thu, 25 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 442993
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 10:55:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
142.250.74.35200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://njav.tv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 12:49:39 GMT
expires: Sun, 28 Jan 2024 12:49:39 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 165933
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://njav.tv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 13:09:06 GMT
expires: Wed, 24 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 510366
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-regular-400.woff2
104.17.25.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-regular-400.woff2
IP 104.17.25.14:0
File type Web Open Font Format (Version 2), TrueType, length 13600, version 331.17301\012- data
Hash 3a3398a6ef60fc64eacf45665958342e
5e4d45052f43e55aaad7f14d13280215e39aa45b
245818b22d1ec4892fcb722437e32888e97f63a0316bd22aaf9f44cde01f4c91
GET /ajax/libs/font-awesome/5.14.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://njav.tv
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:12 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 13600
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5f0f47d3-3520"
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6532215
expires: Sat, 20 Jan 2024 10:55:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8da7YVkWqYjR5eeysc6dEYWlEQDwXB2OysQc0JReWmTIMd%2BLp%2FI8LIXPAbPp5UPn60bwJgLSs2diClcayfT4WUQv3IffIdSHy08wDcZP7H%2FXSgl41YCcrryxJOFpSZb48K6KkAXF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7919ac8a0f88b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
Hash 60b014ae8ea34790acfa85509f2b35ed
c72b0fe04694d2051535908c7d6e4c43d9988f54
94ed111c5b0285de24fe0e49bc4d5293544804182908d1a1a9a729591afa985e
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://njav.tv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 46392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 10:55:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
enrichyummy.com/1215f0b0f17f269b24e018e09b076040/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 enrichyummy.com/1215f0b0f17f269b24e018e09b076040/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26972), with no line terminators
Hash 5b27b5d72ca78245e39371739c552fd0
d6866be63246db874eebd2c6a6f84a10a0754df2
e425b8c53223ce7f088b02c66e6b7901e6c54198f42df8d86d0d620262d350d7
Analyzer Verdict Alert fortinet Malware
GET /1215f0b0f17f269b24e018e09b076040/invoke.js HTTP/1.1
Host: enrichyummy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://njav.tv/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 30 Jan 2023 10:55:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a146cc8f55fa2d2780a34faa153b412
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
njav.tv/assets/site1/dist/app.js?v=1664416166
104.21.23.31200 OK 36 kB URL HTTP/2 njav.tv/assets/site1/dist/app.js?v=1664416166
IP 104.21.23.31:0
File type Unicode text, UTF-8 text, with very long lines (54011)
Hash fd8a595d8e371bc6805f65fab339e441
12e162c0ce510f9aafb642707c04ea188baacde8
498558ac90075c2b1407ed8c5cc81472ffde33bfbbbd5e3a4b6505208fe31e60
GET /assets/site1/dist/app.js?v=1664416166 HTTP/1.1
Host: njav.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:12 GMT
content-type: application/javascript
last-modified: Thu, 29 Sep 2022 01:50:38 GMT
etag: W/"6334f9ee-16f7d"
x-frame-options: SAMEORIGIN
x-cache: MISS
cache-control: max-age=7200
cf-cache-status: HIT
age: 4772
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FC%2BzasToB%2FvuVmC9PDsdn9czOCRBlvhzjb7BpnbAdJxdPaW2Xc2SVJFFywiyRfqJbhQdocHnV65fVkJgeD9n5cbnGaUa0qrEYn2dIOvh2ceeNr2RCKCUl31W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac878be4b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e9608896ee099e66526e17d53aff2a46
ce9a7337903463ed5cc84c40c2c053835d3060a0
e360cd53d1b7572e294f4787d04bc789c2ed67e4a9951e4445e1e751ab8253bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E360CD53D1B7572E294F4787D04BC789C2ED67E4A9951E4445E1E751AB8253BC"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8236
Expires: Mon, 30 Jan 2023 13:12:29 GMT
Date: Mon, 30 Jan 2023 10:55:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0328445afc12f1f604321b34f35b9eea
b7a407641bd6fcae719ad55ec948e1e901067c0b
cce710b17ff7d80268d97a57d98aa61b20c5923c5421e0f8cc67462f71fb27ab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCE710B17FF7D80268D97A57D98AA61B20C5923C5421E0F8CC67462F71FB27AB"
Last-Modified: Sat, 28 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8656
Expires: Mon, 30 Jan 2023 13:19:29 GMT
Date: Mon, 30 Jan 2023 10:55:13 GMT
Connection: keep-alive
enrichyummy.com/39/bf/32/39bf3278d30c7f4680f7c1db8a88483d.js
192.243.59.20200 OK 13 kB URL HTTP/1.1 enrichyummy.com/39/bf/32/39bf3278d30c7f4680f7c1db8a88483d.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37139), with no line terminators
Hash 261891f8c46d6578cb073acfd4a03195
f0b9c6288db9527b59fb11b07824ec59b5c47c11
e84046c240049e10fb7c6ede9feb83f7a74782296f0d4c623f92b8bca27ab0ba
Analyzer Verdict Alert fortinet Malware
GET /39/bf/32/39bf3278d30c7f4680f7c1db8a88483d.js HTTP/1.1
Host: enrichyummy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 30 Jan 2023 10:55:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0269cf16a276d4f3ad7829c7093798ab
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9835443e429d25c9927c9d0b52f0c63a
fcf22d22488ce9ad1900b7d1a88130fd1cd525e5
6cee9e660da50ec927d5203768a9922ec6bc7baa4b0a004115a37ca8adf685fc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6CEE9E660DA50EC927D5203768A9922EC6BC7BAA4B0A004115A37CA8ADF685FC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5689
Expires: Mon, 30 Jan 2023 12:30:02 GMT
Date: Mon, 30 Jan 2023 10:55:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9835443e429d25c9927c9d0b52f0c63a
fcf22d22488ce9ad1900b7d1a88130fd1cd525e5
6cee9e660da50ec927d5203768a9922ec6bc7baa4b0a004115a37ca8adf685fc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6CEE9E660DA50EC927D5203768A9922EC6BC7BAA4B0A004115A37CA8ADF685FC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5709
Expires: Mon, 30 Jan 2023 12:30:22 GMT
Date: Mon, 30 Jan 2023 10:55:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9835443e429d25c9927c9d0b52f0c63a
fcf22d22488ce9ad1900b7d1a88130fd1cd525e5
6cee9e660da50ec927d5203768a9922ec6bc7baa4b0a004115a37ca8adf685fc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6CEE9E660DA50EC927D5203768A9922EC6BC7BAA4B0A004115A37CA8ADF685FC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6856
Expires: Mon, 30 Jan 2023 12:49:29 GMT
Date: Mon, 30 Jan 2023 10:55:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9835443e429d25c9927c9d0b52f0c63a
fcf22d22488ce9ad1900b7d1a88130fd1cd525e5
6cee9e660da50ec927d5203768a9922ec6bc7baa4b0a004115a37ca8adf685fc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6CEE9E660DA50EC927D5203768A9922EC6BC7BAA4B0A004115A37CA8ADF685FC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6932
Expires: Mon, 30 Jan 2023 12:50:45 GMT
Date: Mon, 30 Jan 2023 10:55:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5177
Expires: Mon, 30 Jan 2023 12:21:30 GMT
Date: Mon, 30 Jan 2023 10:55:13 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 0e90c9d5521358d2754bbad686a2e9c1
013349b8f38535bae1e197d5d96d86d17d5a1ef0
47bb6aa901220aeab3800d1ea88eb456cfe3ea337f12c059d9549fa6bd8064ab
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98800
Date: Mon, 30 Jan 2023 10:55:13 GMT
Etag: "63d67516-1d7"
Expires: Tue, 31 Jan 2023 14:21:53 GMT
Last-Modified: Sun, 29 Jan 2023 13:31:02 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 49Ppr4f22SVj0WBhb3hfPUbW-xToihZsCOUNa1GQQ1cq_o1zJXW8_g==
Age: 3051
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fba2578a219c482ced81e299d0da0061
059d2a565118457c53f655c7c4e3faaa9ac0fc41
e94e09d0cc3d1767f4bfdb420aa7bb2be731d6427cd67980838959de3b2b2648
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E94E09D0CC3D1767F4BFDB420AA7BB2BE731D6427CD67980838959DE3B2B2648"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3260
Expires: Mon, 30 Jan 2023 11:49:33 GMT
Date: Mon, 30 Jan 2023 10:55:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cb05fe72cd5bb1f041e10afad86f98d3
c8a06f10b1c2e41a3bfb20037ee9535cc385c4d4
1b2bf7915ff10a3294887f50f050ef0125fa3e90d3e932322e5bba01c26d03c1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B2BF7915FF10A3294887F50F050EF0125FA3E90D3E932322E5BBA01C26D03C1"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15522
Expires: Mon, 30 Jan 2023 15:13:55 GMT
Date: Mon, 30 Jan 2023 10:55:13 GMT
Connection: keep-alive
static.javcdn.info/resize/s360/9/89/hnd-366/thumb_h.jpg?t=1654164191
104.21.234.30200 OK 52 kB URL HTTP/2 static.javcdn.info/resize/s360/9/89/hnd-366/thumb_h.jpg?t=1654164191
IP 104.21.234.30:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 360x242, components 3\012- data
Hash f51aa607c91db2711adea370c75519cc
e9c4118c701859ff2851679b4bbed6ab89b8635f
125089e84dcc3453e1f4900cdd195e6ae8701c983e861531dc407ea03cf23525
GET /resize/s360/9/89/hnd-366/thumb_h.jpg?t=1654164191 HTTP/1.1
Host: static.javcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:13 GMT
content-type: image/jpeg
content-length: 52336
last-modified: Thu, 28 Apr 2022 11:16:46 GMT
etag: W/"626a779e-253d6"
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtTL6A0TVwgPf4faK4XVZxZzrLQa1uz%2FCClhzL4r6x9nFk7RZ57VRbrW1%2Fw6N%2Fe%2FSLA7Y546TH%2BW0CDDV2HMj2xRHp5zSNZuoQ%2Fansdqk7LDWjwSsTGwgC7sPJu080tq07kCM7k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac8d1d3f24e6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.javcdn.info/resize/s360/a/aa/hzgd-086/thumb_h.jpg?t=1654164192
104.21.234.30200 OK 52 kB URL HTTP/2 static.javcdn.info/resize/s360/a/aa/hzgd-086/thumb_h.jpg?t=1654164192
IP 104.21.234.30:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 360x241, components 3\012- data
Hash 1953a13716e5c719d3fddbc54100b8f0
67ccd21b9304a963038ddeea5b6ac9db534d3916
0a3b046927de496c11eceb84c5318f9ae2d1ee1a8a12252eb24604dab4f1c952
GET /resize/s360/a/aa/hzgd-086/thumb_h.jpg?t=1654164192 HTTP/1.1
Host: static.javcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:13 GMT
content-type: image/jpeg
content-length: 51893
last-modified: Thu, 28 Apr 2022 11:16:47 GMT
etag: W/"626a779f-27e25"
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEQZQ3U%2Bp19tC8SGKNSVl1JFueSykuMGCNzZofEBPae61E%2BNq%2FIB%2FnTN%2FaE0%2BKnC0jT10Q5SC8wlogYzTOFdKozTyuHvdAV%2Br9DGh72rcQxAVrJAYBl3AwaabREnUgxQ4prpU%2Fg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac8d3d8224e6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash bde78d4166e3fbbb7efee184b6e2d9fe
1e8e67da9cda382aa7e061319fcbb9da27835346
f8773a112f64dead5f5e1945d81c0f83019b243b7f50ef4b1f9e7014819cd323
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://njav.tv
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:13 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://njav.tv
access-control-allow-credentials: true
set-cookie: uid_id2=2fc2086a-edcf-439d-8cd5-ab21683eab63:1:1; expires=Thu, 27 Jan 2033 10:55:13 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d49f7aed2f183ad87462ebe20fb06c10
1b991d8e1b675f80711a2ed3197edfe609582aa3
7e9be1379810720ae61ba19e91df55f470e364ef5ab71495bc2acb7228142c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6560
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 10:55:13 GMT
Last-Modified: Mon, 30 Jan 2023 09:05:54 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash 2a10a9680a713075159182a4f8353c31
1805a6a759c4c27f561f881b9c3b994c192c3582
cacc4f74d50d79c0c2752c150398e375e8fe904690cf60198d7fd7ef7bd158fa
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://njav.tv
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:13 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://njav.tv
access-control-allow-credentials: true
set-cookie: uid_id2=8e6a83e8-70d8-42dd-a3cd-8f394d2ba226:3:1; expires=Thu, 27 Jan 2033 10:55:13 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 0e90c9d5521358d2754bbad686a2e9c1
013349b8f38535bae1e197d5d96d86d17d5a1ef0
47bb6aa901220aeab3800d1ea88eb456cfe3ea337f12c059d9549fa6bd8064ab
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 10:55:13 GMT
Last-Modified: Mon, 30 Jan 2023 10:13:12 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BmMTKvbnG91jSQbpLrvHUKn1JEbkpcHcqjJJZ6IxMGjsleCY_KuC3g==
Age: 2521
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d49f7aed2f183ad87462ebe20fb06c10
1b991d8e1b675f80711a2ed3197edfe609582aa3
7e9be1379810720ae61ba19e91df55f470e364ef5ab71495bc2acb7228142c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4
Cache-Control: max-age=142924
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 10:55:13 GMT
Etag: "63d72d59-116"
Expires: Wed, 01 Feb 2023 02:37:17 GMT
Last-Modified: Mon, 30 Jan 2023 02:37:13 GMT
Server: ECS (amb/6B93)
X-Cache: HIT
Content-Length: 278
video.ktkjmp.com/adsbygoogle.js
104.18.48.21200 OK 16 B URL HTTP/2 video.ktkjmp.com/adsbygoogle.js
IP 104.18.48.21:0
Hash 3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlivrdr.com/
Origin: https://creative.xlivrdr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:13 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: umnGOMVCjminO+qe5UBV06OrSizh/U59KvaEibge5v1gMRbq/UnThpljPBepeh+5w7wEpQIcu/4=
x-amz-request-id: 3YW9SERF7DC7262X
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.xlivrdr.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 2318
expires: Mon, 30 Jan 2023 14:55:13 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac8ddc65b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.javcdn.info/resize/s360/7/f7/hnd-365/thumb_h.jpg?t=1654164192
104.21.234.30200 OK 52 kB URL HTTP/2 static.javcdn.info/resize/s360/7/f7/hnd-365/thumb_h.jpg?t=1654164192
IP 104.21.234.30:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 360x242, components 3\012- data
Hash 927d62fe169704706102ddc5f6306da5
c393772cf9637d56e9257a032968727bd54b1d20
ef7f74eab2028b796725613aa8d4fa2662d8e85f9abba237bac171d9cb492ddf
GET /resize/s360/7/f7/hnd-365/thumb_h.jpg?t=1654164192 HTTP/1.1
Host: static.javcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:13 GMT
content-type: image/jpeg
content-length: 52255
last-modified: Thu, 28 Apr 2022 11:16:51 GMT
etag: W/"626a77a3-25cf6"
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZdDXfKWiS32YwRwEOtY9%2F7%2BQ%2FaOMVRQfLhv7lGQ5K%2Bo6P2akc6C1EuI38fKpY367FvfFdwYdugtbYqfjHMv0noWzYVp8aka8Sr63nF%2F4rCBfS1MAPlRixbZpf6EW4G7irk9OLg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac8d4d9824e6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.javcdn.info/resize/s360/2/52/mdb-905/thumb_h.jpg?t=1654164190
104.21.234.30200 OK 57 kB URL HTTP/2 static.javcdn.info/resize/s360/2/52/mdb-905/thumb_h.jpg?t=1654164190
IP 104.21.234.30:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 360x241, components 3\012- data
Hash c05baf15a06700bf986ed192e2371878
e05f6810580a9aee064c655f9a4d3fc0808b7542
45eedb0b92dde102e38427bb71fdca89a22b9c701a3237498fefe5c39b6ffea4
GET /resize/s360/2/52/mdb-905/thumb_h.jpg?t=1654164190 HTTP/1.1
Host: static.javcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:13 GMT
content-type: image/jpeg
content-length: 56691
last-modified: Thu, 28 Apr 2022 11:16:46 GMT
etag: W/"626a779e-2d105"
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbT54gSGhb0eaaNSay6nr9aSZoeZSmidSZq1dBIhGLDnOlE6NSQ5cXiMbBPwjDJHZfpKStABcBtWeVKdURD8vBkWqoOMaeGmHFrzo8mBTJiC9dBRT%2FSVkxUnuWKLnELhPdWf37c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac8d4da624e6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.javcdn.info/resize/s360/8/c8/rse-016/thumb_h.jpg?t=1654164190
104.21.234.30200 OK 65 kB URL HTTP/2 static.javcdn.info/resize/s360/8/c8/rse-016/thumb_h.jpg?t=1654164190
IP 104.21.234.30:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 360x242, components 3\012- data
Hash 86ad6fb88f365a46351b2f6f50ef2e89
b7d9f1c2c26a76f4cb85effc2131dd3941868cc1
3523a74451737f93b11d81140266ea3b807f68bd2265e9e7066bb31018a1fb18
GET /resize/s360/8/c8/rse-016/thumb_h.jpg?t=1654164190 HTTP/1.1
Host: static.javcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:13 GMT
content-type: image/jpeg
content-length: 65204
last-modified: Thu, 28 Apr 2022 11:16:48 GMT
etag: W/"626a77a0-35ab3"
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIXm8hqxgloH734atoPrvzFGrQtbMONsu4QdpMLTNsmKq486Oui6LoOUtnEu9a5kW%2BbA2rTuTuvSK0HkJXPQHQMbUTybFTb6yLm%2BuxUFscOD6oQpSHbeRSjDypZNMlLIumfhk3c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac8d3d8424e6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.javcdn.info/resize/s360/a/5a/voss-142/thumb_h.jpg?t=1654164190
104.21.234.30200 OK 66 kB URL HTTP/2 static.javcdn.info/resize/s360/a/5a/voss-142/thumb_h.jpg?t=1654164190
IP 104.21.234.30:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 360x243, components 3\012- data
Hash 8189d6ebae006ec81a48395471d3c217
8c1d4ff29ad7e8d6ba26bf420a9f84fbc1da1f1f
a5743b584652b6f8242ffac70368ad785d44f4382b3e10ff68cc830d4123c25c
GET /resize/s360/a/5a/voss-142/thumb_h.jpg?t=1654164190 HTTP/1.1
Host: static.javcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:13 GMT
content-type: image/jpeg
content-length: 65603
last-modified: Thu, 28 Apr 2022 11:16:49 GMT
etag: W/"626a77a1-327a4"
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cache-control: max-age=2678400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4IH1loIF8uyrKo8Y%2FvW8fgppAPBL1s8na1CdopgpW46PjiiZnucrj9%2BpRZftf1b2GvCDxfmv4guTwJlJuqjrLjM2Hz1FxYa%2BLeUkZQ%2BkTSJtcw4dt6IxYjvSIXn0B3LikAXVFo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac8d3d9024e6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash 20267153a3c27216aae475588df60d03
16709fd40df6cf67f1d8f147931fcfafeb6c187a
48743ba0ba481ec65eaa680c3e3f1ff85662de3a2489738f695dd63494ae46ee
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://njav.tv
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:13 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://njav.tv
access-control-allow-credentials: true
set-cookie: uid_id2=873f261a-244a-4529-94d4-3ce6a95619b2:1:1; expires=Thu, 27 Jan 2033 10:55:13 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9835443e429d25c9927c9d0b52f0c63a
fcf22d22488ce9ad1900b7d1a88130fd1cd525e5
6cee9e660da50ec927d5203768a9922ec6bc7baa4b0a004115a37ca8adf685fc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6CEE9E660DA50EC927D5203768A9922EC6BC7BAA4B0A004115A37CA8ADF685FC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6856
Expires: Mon, 30 Jan 2023 12:49:29 GMT
Date: Mon, 30 Jan 2023 10:55:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d49f7aed2f183ad87462ebe20fb06c10
1b991d8e1b675f80711a2ed3197edfe609582aa3
7e9be1379810720ae61ba19e91df55f470e364ef5ab71495bc2acb7228142c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6560
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 10:55:13 GMT
Last-Modified: Mon, 30 Jan 2023 09:05:54 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
push.services.mozilla.com/
54.203.75.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.203.75.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1YvYDbrb5W7YnvhW9e3CjQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JcqTtt0yMqdciLtZvHj/3zj774A=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a459eedb73942864f93a9aa9f05fed5f
507c68d1bb29951411a8655f979c673cc8b4036a
a2169da610b85f19f53330c5431ce46b733f2dc4d6492d144b5e9959812e5d29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2169DA610B85F19F53330C5431CE46B733F2DC4D6492D144B5E9959812E5D29"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2824
Expires: Mon, 30 Jan 2023 11:42:17 GMT
Date: Mon, 30 Jan 2023 10:55:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fba2578a219c482ced81e299d0da0061
059d2a565118457c53f655c7c4e3faaa9ac0fc41
e94e09d0cc3d1767f4bfdb420aa7bb2be731d6427cd67980838959de3b2b2648
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E94E09D0CC3D1767F4BFDB420AA7BB2BE731D6427CD67980838959DE3B2B2648"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3260
Expires: Mon, 30 Jan 2023 11:49:33 GMT
Date: Mon, 30 Jan 2023 10:55:13 GMT
Connection: keep-alive
tragicbeyond.com/a3/44/ad/a344ad3aa120e7b018b3813250fb1100.js
173.233.139.164200 OK 29 kB URL HTTP/1.1 tragicbeyond.com/a3/44/ad/a344ad3aa120e7b018b3813250fb1100.js
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash aa69aa9a12cd2e91cc49355b0f5c162a
85c723fec13c94366feed2c784d791e02600409b
bae7d3a8cdbd422e97c126ad6ace10ec47d4ea121ab2d4e035c691bb9674ff54
Analyzer Verdict Alert quad9 Sinkholed
GET /a3/44/ad/a344ad3aa120e7b018b3813250fb1100.js HTTP/1.1
Host: tragicbeyond.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 10:55:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 03c4150418fb3b1b60c465b284dfc749
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
region1.google-analytics.com/g/collect?v=2&tid=G-VZGC2QQBZ8>m=2oe1p0&_p=1257545683&cid=236608896.1675076125&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675076124&sct=1&seg=0&dl=http%3A%2F%2Fnjav.tv%2Fen%2Fv%2Fstars-729-uncensored-leaked&dt=nJAV.tv%20-%20Watch%20STARS-729%20%5BUncensored%20Leaked%5D%20A%20Convenience%20Mistress%20Natsume%20Hibiki%20Who%20Is%20Unfriendly%20But%20Has%20Excellent%20Sex%20Compatibility%20Seeking%20Only%20Each%20Other%27s%20Body%20JAV%20Online&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-VZGC2QQBZ8>m=2oe1p0&_p=1257545683&cid=236608896.1675076125&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675076124&sct=1&seg=0&dl=http%3A%2F%2Fnjav.tv%2Fen%2Fv%2Fstars-729-uncensored-leaked&dt=nJAV.tv%20-%20Watch%20STARS-729%20%5BUncensored%20Leaked%5D%20A%20Convenience%20Mistress%20Natsume%20Hibiki%20Who%20Is%20Unfriendly%20But%20Has%20Excellent%20Sex%20Compatibility%20Seeking%20Only%20Each%20Other%27s%20Body%20JAV%20Online&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-VZGC2QQBZ8>m=2oe1p0&_p=1257545683&cid=236608896.1675076125&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675076124&sct=1&seg=0&dl=http%3A%2F%2Fnjav.tv%2Fen%2Fv%2Fstars-729-uncensored-leaked&dt=nJAV.tv%20-%20Watch%20STARS-729%20%5BUncensored%20Leaked%5D%20A%20Convenience%20Mistress%20Natsume%20Hibiki%20Who%20Is%20Unfriendly%20But%20Has%20Excellent%20Sex%20Compatibility%20Seeking%20Only%20Each%20Other%27s%20Body%20JAV%20Online&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://njav.tv
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://njav.tv
date: Mon, 30 Jan 2023 10:55:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
104.21.234.93200 OK 69 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.93:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 8946ef68e0f1380ab5fbeec98e365993
9b7d8734b38d3fff3deb3f168462e7087659bf59
5448948b191bdcac86e13450c22aff1ac48565c19236823153b60586ccf4bd38
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:13 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e30ddfade981c84da22b61ccf6111856
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 30 Jan 2023 10:55:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhuXKbuRe30DQ%2Blu7Gxg3dEb6bQ09xiUmwz4AfkNeWELppO1lyBI6b0g9w97eUhwx00HiJ0wkA5AK%2BM9z80ywB3qdtsXfKXC5eNrL61MQov4qrIqgZ0GgKkw%2BTwVPeotH%2BmbCIo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac8dcf8b72d6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tragicbeyond.com/watch.70390934265.js?key=1215f0b0f17f269b24e018e09b076040&kw=%5B%22njav%22%2C%22tv%22%2C%22-%22%2C%22watch%22%2C%22stars-729%22%2C%22uncensored%22%2C%22leaked%22%2C%22a%22%2C%22convenience%22%2C%22mistress%22%2C%22natsume%22%2C%22hibiki%22%2C%22who%22%2C%22is%22%2C%22unfriendly%22%2C%22but%22%2C%22has%22%2C%22excellent%22%2C%22sex%22%2C%22compatibility%22%2C%22seeking%22%2C%22only%22%2C%22each%22%2C%22other%22%2C%22s%22%2C%22body%22%2C%22jav%22%2C%22online%22%5D&refer=http%3A%2F%2Fnjav.tv%2Fen%2Fv%2Fstars-729-uncensored-leaked&tz=0&dev=e&res=12.1053&uuid=8e6a83e8-70d8-42dd-a3cd-8f394d2ba226%3A3%3A1
173.233.139.164307 Temporary Redirect 0 B URL HTTP/1.1 tragicbeyond.com/watch.70390934265.js?key=1215f0b0f17f269b24e018e09b076040&kw=%5B%22njav%22%2C%22tv%22%2C%22-%22%2C%22watch%22%2C%22stars-729%22%2C%22uncensored%22%2C%22leaked%22%2C%22a%22%2C%22convenience%22%2C%22mistress%22%2C%22natsume%22%2C%22hibiki%22%2C%22who%22%2C%22is%22%2C%22unfriendly%22%2C%22but%22%2C%22has%22%2C%22excellent%22%2C%22sex%22%2C%22compatibility%22%2C%22seeking%22%2C%22only%22%2C%22each%22%2C%22other%22%2C%22s%22%2C%22body%22%2C%22jav%22%2C%22online%22%5D&refer=http%3A%2F%2Fnjav.tv%2Fen%2Fv%2Fstars-729-uncensored-leaked&tz=0&dev=e&res=12.1053&uuid=8e6a83e8-70d8-42dd-a3cd-8f394d2ba226%3A3%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.70390934265.js?key=1215f0b0f17f269b24e018e09b076040&kw=%5B%22njav%22%2C%22tv%22%2C%22-%22%2C%22watch%22%2C%22stars-729%22%2C%22uncensored%22%2C%22leaked%22%2C%22a%22%2C%22convenience%22%2C%22mistress%22%2C%22natsume%22%2C%22hibiki%22%2C%22who%22%2C%22is%22%2C%22unfriendly%22%2C%22but%22%2C%22has%22%2C%22excellent%22%2C%22sex%22%2C%22compatibility%22%2C%22seeking%22%2C%22only%22%2C%22each%22%2C%22other%22%2C%22s%22%2C%22body%22%2C%22jav%22%2C%22online%22%5D&refer=http%3A%2F%2Fnjav.tv%2Fen%2Fv%2Fstars-729-uncensored-leaked&tz=0&dev=e&res=12.1053&uuid=8e6a83e8-70d8-42dd-a3cd-8f394d2ba226%3A3%3A1 HTTP/1.1
Host: tragicbeyond.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://njav.tv
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 10:55:13 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://njav.tv
Access-Control-Allow-Origin: http://njav.tv
Access-Control-Allow-Credentials: true
Location: https://tragicbeyond.com/watch.70390934265.js?key=1215f0b0f17f269b24e018e09b076040&kw=%5B%22njav%22%2C%22tv%22%2C%22-%22%2C%22watch%22%2C%22stars-729%22%2C%22uncensored%22%2C%22leaked%22%2C%22a%22%2C%22convenience%22%2C%22mistress%22%2C%22natsume%22%2C%22hibiki%22%2C%22who%22%2C%22is%22%2C%22unfriendly%22%2C%22but%22%2C%22has%22%2C%22excellent%22%2C%22sex%22%2C%22compatibility%22%2C%22seeking%22%2C%22only%22%2C%22each%22%2C%22other%22%2C%22s%22%2C%22body%22%2C%22jav%22%2C%22online%22%5D&refer=http%3A%2F%2Fnjav.tv%2Fen%2Fv%2Fstars-729-uncensored-leaked&tz=0&dev=e&res=12.1053&uuid=8e6a83e8-70d8-42dd-a3cd-8f394d2ba226%3A3%3A1&shu=67d49d3c5aacd74f9412a4ad55ed9b6c57aed25ac2bfe33dac19161641c1e2d0a284f14fa6c135e24214e6b385c7e72a48a09057d4e70357dfffd280aa4f836ded0c89e9744fa3b9297dab22394d8cabdb4bb13243185187d840f5e36079&pst=1675076173&rmtc=t
Set-Cookie: u_pl=17626810; expires=Tue, 31 Jan 2023 10:55:13 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzYyNjgxMCwiayI6IjEyMTVmMGIwZjE3ZjI2OWIyNGUwMThlMDliMDc2MDQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTY4NDY2LCJwaWQiOjUzMTIxOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJzNXJhdWI2eGtmIiwiY3BrcyI6eyAiMjgiOiJhMzQ0YWQzYWExMjBlN2IwMThiMzgxMzI1MGZiMTEwMCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL25qYXYudHYvZW4vdi9zdGFycy03MjktdW5jZW5zb3JlZC1sZWFrZWQifX0.3uzAWjjeHN1t4H8zT3ItowBPdzQaDyW3yGHW7hf8b14; expires=Mon, 30 Jan 2023 10:56:13 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c67da03bb6b53c23da2c609dfaee869e
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 1.8 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 261614ca34bbc8d2ab01962fd923b92f
74ac313f93a5d35d26b2d8173b18ac8be8daaefa
121f1553bbaf163f472c9fc856f022266d1309d970aa5d195c3bf9f59fede8eb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AC3DA2F8CE052A3D27FEE0DCCC5712A55E917F9DE8DAFF8DB891D50249ABA90"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6985
Expires: Mon, 30 Jan 2023 12:51:38 GMT
Date: Mon, 30 Jan 2023 10:55:13 GMT
Connection: keep-alive
experimentalconcerningsuck.com/pixel/purst?dl=0&th=0&sc=0&rs=1471&rd=1471&fd=1090&bv=22.10.v.9&tmpl=70
192.243.59.12200 OK 0 B URL HTTP/1.1 experimentalconcerningsuck.com/pixel/purst?dl=0&th=0&sc=0&rs=1471&rd=1471&fd=1090&bv=22.10.v.9&tmpl=70
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1471&rd=1471&fd=1090&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: experimentalconcerningsuck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 30 Jan 2023 10:55:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
img.strpst.com/thumbs/1675076041/98080980
104.18.63.124200 OK 64 kB URL HTTP/2 img.strpst.com/thumbs/1675076041/98080980
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 4eac5c9bd60f569e4379cc48ebd30893
153dcbc891424580cd30d493465b2c2ece3d05a7
bf284cdff1c419a7947d2b5bf03a96566186d52940643aed65b94ef7c2baa962
GET /thumbs/1675076041/98080980 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:14 GMT
content-type: image/jpeg
content-length: 63882
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=65972, status=webp_bigger
etag: "dfa827a37bed20eb236d510db7a25b05"
last-modified: Mon, 30 Jan 2023 10:53:41 GMT
cf-cache-status: HIT
age: 39
expires: Mon, 30 Jan 2023 11:25:14 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac911e8eb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5c3039f23e984d102bba4850070fd282
b24cab5a7ca3211377b0e84c8ee0c69226538289
118fb04cb13eae332f2786842e1bd6a1b96b015e132ce43e9631493f46d78fd3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "118FB04CB13EAE332F2786842E1BD6A1B96B015E132CE43E9631493F46D78FD3"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5189
Expires: Mon, 30 Jan 2023 12:21:43 GMT
Date: Mon, 30 Jan 2023 10:55:14 GMT
Connection: keep-alive
img.strpst.com/thumbs/1675076041/65568286
104.18.63.124200 OK 60 kB URL HTTP/2 img.strpst.com/thumbs/1675076041/65568286
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 42a4cb8565d88d31b051f408e61578bf
0dc0298b3edf8f3d5b241988ae583c2a98c31f11
69db09170cc655d61773a06ae7e9c5a6adb006237f7830bc508a728a16cc0cc5
GET /thumbs/1675076041/65568286 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:14 GMT
content-type: image/jpeg
content-length: 59765
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=62055, status=webp_bigger
etag: "f3c8a8eb4233e1304d11c4fdd09947f2"
last-modified: Mon, 30 Jan 2023 10:54:08 GMT
cf-cache-status: HIT
age: 19
expires: Mon, 30 Jan 2023 11:25:14 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac911e96b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1675076041/64241378
104.18.63.124200 OK 44 kB URL HTTP/2 img.strpst.com/thumbs/1675076041/64241378
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash b3bfe12d75f2fe744e94fa8787d55d18
08cee64d1761d5084157a8b3d91c59b5aba1d63a
9cd9153a9473022ba6a38490c265a71d0c02c53a4f893fd7f6f29ee160a250e8
GET /thumbs/1675076041/64241378 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:14 GMT
content-type: image/jpeg
content-length: 44326
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=45791, status=webp_bigger
etag: "9a6254fc240ef845f66f5bfd7e968ce5"
last-modified: Mon, 30 Jan 2023 10:54:25 GMT
cf-cache-status: HIT
age: 36
expires: Mon, 30 Jan 2023 11:25:14 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac911e97b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1675076041/98094401
104.18.63.124200 OK 47 kB URL HTTP/2 img.strpst.com/thumbs/1675076041/98094401
IP 104.18.63.124:0
Hash 5ab6079a758dbf4824a942bb6c504cc8
e13faf6c662cd57801cc51efb9080b5d5226db16
56899ff421a9d2cd62efadba95f73e13a46aaee8b01a43c989e31c6e623b3770
GET /thumbs/1675076041/98094401 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:14 GMT
content-type: image/jpeg
content-length: 46774
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=48794, status=webp_bigger
etag: "07605eca089a04d810126a8c7881a167"
last-modified: Mon, 30 Jan 2023 10:53:55 GMT
cf-cache-status: HIT
age: 26
expires: Mon, 30 Jan 2023 11:25:14 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac911e93b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1675076041/93944140
104.18.63.124200 OK 60 kB URL HTTP/2 img.strpst.com/thumbs/1675076041/93944140
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 3ae81cb513f38fdba4dd694d38d2f572
8eb001678f5d667c4e7330784fd3c78a035fa33c
6833da2a34bed32737b3d384ae20220388ffa0ee719185d97655663230965bc6
GET /thumbs/1675076041/93944140 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:14 GMT
content-type: image/jpeg
content-length: 60545
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=62583, status=webp_bigger
etag: "7a0561b813f546ced90df8bafc18b3fb"
last-modified: Mon, 30 Jan 2023 10:53:38 GMT
cf-cache-status: HIT
age: 38
expires: Mon, 30 Jan 2023 11:25:14 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac911e9cb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1675076041/93273471
104.18.63.124200 OK 30 kB URL HTTP/2 img.strpst.com/thumbs/1675076041/93273471
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Hash f69777e876f92e1612f5339b99c7f3db
f4995a623883599bea1004bd1f6e3aee0ac7f2c5
e7666d26b9920d86dcc3f9f5cd2dce622a33100d1e57022d45a68fd5c736ae9f
GET /thumbs/1675076041/93273471 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:14 GMT
content-type: image/jpeg
content-length: 29638
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=31161, status=webp_bigger
etag: "a3e2ac8218dd24df5c75e534ba40a82e"
last-modified: Mon, 30 Jan 2023 10:53:59 GMT
cf-cache-status: HIT
age: 36
expires: Mon, 30 Jan 2023 11:25:14 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac911e9db503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5f59c9a1c91957d6d5e5cffd6beddd92
55399dd9caf65759afacea2328abb26c924c0554
b7bb5e0ea0f386593d1f63c2eb474abcbf20564aabcc6f9d1b5bd8335f2b7379
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7BB5E0EA0F386593D1F63C2EB474ABCBF20564AABCC6F9D1B5BD8335F2B7379"
Last-Modified: Sat, 28 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14146
Expires: Mon, 30 Jan 2023 14:51:00 GMT
Date: Mon, 30 Jan 2023 10:55:14 GMT
Connection: keep-alive
img.strpst.com/thumbs/1675076041/92787952
104.18.63.124200 OK 43 kB URL HTTP/2 img.strpst.com/thumbs/1675076041/92787952
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash e8b941c6bc57c497eaf502c836a3e7e7
e00e3351233bc8c58043793d2c5eb275ccc6f53a
57624d55e2fdbbb862942fd94e818252dc695bfef59bfa944a5da7e125643fb2
GET /thumbs/1675076041/92787952 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:14 GMT
content-type: image/jpeg
content-length: 42995
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=44546, status=webp_bigger
etag: "d58166fe88f271615f876d35a3175512"
last-modified: Mon, 30 Jan 2023 10:54:03 GMT
cf-cache-status: HIT
age: 38
expires: Mon, 30 Jan 2023 11:25:14 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac911e9ab503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1675076041/93490618
104.18.63.124200 OK 58 kB URL HTTP/2 img.strpst.com/thumbs/1675076041/93490618
IP 104.18.63.124:0
Hash df8919673cb1a67d1c39dee2a4ba3bad
fe64b8113cafffab991d1fca5d8ae713b84a1a95
afdfec32eda0f07b098835f06d159ed5e4bc5944d863852360d47b17641b2133
GET /thumbs/1675076041/93490618 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:14 GMT
content-type: image/jpeg
content-length: 55490
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=57508, status=webp_bigger
etag: "af680b1699cfd662b7124aa63e3f156e"
last-modified: Mon, 30 Jan 2023 10:54:00 GMT
cf-cache-status: HIT
age: 38
expires: Mon, 30 Jan 2023 11:25:14 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac911e9fb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1675076041/96584812
104.18.63.124200 OK 18 kB URL HTTP/2 img.strpst.com/thumbs/1675076041/96584812
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Hash f139ae475b0c448d9d2b596337ddd187
7f4dbd3858eebe06ca5a208f2d500e7a78a43f4b
55d4cdb558394cb92462ab9706c61664c73247ce36b46cc789cc58be15112b18
GET /thumbs/1675076041/96584812 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:14 GMT
content-type: image/jpeg
content-length: 18188
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=18989, status=webp_bigger
etag: "4d214d1a62fc3bffa3f600de53488f85"
last-modified: Mon, 30 Jan 2023 10:53:59 GMT
cf-cache-status: HIT
age: 19
expires: Mon, 30 Jan 2023 11:25:14 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac911e94b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1675076041/81368539
104.18.63.124200 OK 39 kB URL HTTP/2 img.strpst.com/thumbs/1675076041/81368539
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash dcb3ff158956677e1647826446ceb5e2
20cd8fccc500b917ed32d784b2727cbf5c799db6
8fdb46713fcbc62f0605304d5d381e41a7fe3a17c2b770d0ecaacf247d5e559a
GET /thumbs/1675076041/81368539 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:14 GMT
content-type: image/jpeg
content-length: 38844
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=40017, status=webp_bigger
etag: "de25d6c901ba8f5817abb11f26b2c04a"
last-modified: Mon, 30 Jan 2023 10:54:29 GMT
cf-cache-status: HIT
expires: Mon, 30 Jan 2023 11:25:14 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac911e91b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1675076041/98340328
104.18.63.124200 OK 56 kB URL HTTP/2 img.strpst.com/thumbs/1675076041/98340328
IP 104.18.63.124:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash f275987440b1ecccddcc293c1042c27c
625c0e813d4f979d2ced84e5288f6735714c6443
19e93dc1064c1708cf66508a93e7d3489600a999ade648b2efdce7556585d9aa
GET /thumbs/1675076041/98340328 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlivrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:14 GMT
content-type: image/jpeg
content-length: 55652
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=57964, status=webp_bigger
etag: "f679a9aa776011649114f9ea40473e65"
last-modified: Mon, 30 Jan 2023 10:54:23 GMT
cf-cache-status: HIT
expires: Mon, 30 Jan 2023 11:25:14 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac911e95b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
173.233.139.164200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 10:55:14 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5af61fa8499e5eb5c6a20f5a17cd897d
Strict-Transport-Security: max-age=0; includeSubdomains
tragicbeyond.com/watch.70390934265.js?key=1215f0b0f17f269b24e018e09b076040&kw=%5B%22njav%22%2C%22tv%22%2C%22-%22%2C%22watch%22%2C%22stars-729%22%2C%22uncensored%22%2C%22leaked%22%2C%22a%22%2C%22convenience%22%2C%22mistress%22%2C%22natsume%22%2C%22hibiki%22%2C%22who%22%2C%22is%22%2C%22unfriendly%22%2C%22but%22%2C%22has%22%2C%22excellent%22%2C%22sex%22%2C%22compatibility%22%2C%22seeking%22%2C%22only%22%2C%22each%22%2C%22other%22%2C%22s%22%2C%22body%22%2C%22jav%22%2C%22online%22%5D&refer=http%3A%2F%2Fnjav.tv%2Fen%2Fv%2Fstars-729-uncensored-leaked&tz=0&dev=e&res=12.1053&uuid=8e6a83e8-70d8-42dd-a3cd-8f394d2ba226%3A3%3A1&shu=67d49d3c5aacd74f9412a4ad55ed9b6c57aed25ac2bfe33dac19161641c1e2d0a284f14fa6c135e24214e6b385c7e72a48a09057d4e70357dfffd280aa4f836ded0c89e9744fa3b9297dab22394d8cabdb4bb13243185187d840f5e36079&pst=1675076173&rmtc=t
173.233.139.164200 OK 2.1 kB URL HTTP/1.1 tragicbeyond.com/watch.70390934265.js?key=1215f0b0f17f269b24e018e09b076040&kw=%5B%22njav%22%2C%22tv%22%2C%22-%22%2C%22watch%22%2C%22stars-729%22%2C%22uncensored%22%2C%22leaked%22%2C%22a%22%2C%22convenience%22%2C%22mistress%22%2C%22natsume%22%2C%22hibiki%22%2C%22who%22%2C%22is%22%2C%22unfriendly%22%2C%22but%22%2C%22has%22%2C%22excellent%22%2C%22sex%22%2C%22compatibility%22%2C%22seeking%22%2C%22only%22%2C%22each%22%2C%22other%22%2C%22s%22%2C%22body%22%2C%22jav%22%2C%22online%22%5D&refer=http%3A%2F%2Fnjav.tv%2Fen%2Fv%2Fstars-729-uncensored-leaked&tz=0&dev=e&res=12.1053&uuid=8e6a83e8-70d8-42dd-a3cd-8f394d2ba226%3A3%3A1&shu=67d49d3c5aacd74f9412a4ad55ed9b6c57aed25ac2bfe33dac19161641c1e2d0a284f14fa6c135e24214e6b385c7e72a48a09057d4e70357dfffd280aa4f836ded0c89e9744fa3b9297dab22394d8cabdb4bb13243185187d840f5e36079&pst=1675076173&rmtc=t
IP 173.233.139.164:0
File type HTML document, ASCII text, with very long lines (2544)
Hash 9252d733a26f6d21a81861cd143e6e49
5f56299ef778a4daae25efbe54e7138d863203c8
0475b9579ab5d2d787e08d347d60939e1222413c2a9e24459185f21fff241d86
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.70390934265.js?key=1215f0b0f17f269b24e018e09b076040&kw=%5B%22njav%22%2C%22tv%22%2C%22-%22%2C%22watch%22%2C%22stars-729%22%2C%22uncensored%22%2C%22leaked%22%2C%22a%22%2C%22convenience%22%2C%22mistress%22%2C%22natsume%22%2C%22hibiki%22%2C%22who%22%2C%22is%22%2C%22unfriendly%22%2C%22but%22%2C%22has%22%2C%22excellent%22%2C%22sex%22%2C%22compatibility%22%2C%22seeking%22%2C%22only%22%2C%22each%22%2C%22other%22%2C%22s%22%2C%22body%22%2C%22jav%22%2C%22online%22%5D&refer=http%3A%2F%2Fnjav.tv%2Fen%2Fv%2Fstars-729-uncensored-leaked&tz=0&dev=e&res=12.1053&uuid=8e6a83e8-70d8-42dd-a3cd-8f394d2ba226%3A3%3A1&shu=67d49d3c5aacd74f9412a4ad55ed9b6c57aed25ac2bfe33dac19161641c1e2d0a284f14fa6c135e24214e6b385c7e72a48a09057d4e70357dfffd280aa4f836ded0c89e9744fa3b9297dab22394d8cabdb4bb13243185187d840f5e36079&pst=1675076173&rmtc=t HTTP/1.1
Host: tragicbeyond.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://njav.tv
Referer: http://njav.tv/
Connection: keep-alive
Cookie: u_pl=17626810; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzYyNjgxMCwiayI6IjEyMTVmMGIwZjE3ZjI2OWIyNGUwMThlMDliMDc2MDQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTY4NDY2LCJwaWQiOjUzMTIxOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJzNXJhdWI2eGtmIiwiY3BrcyI6eyAiMjgiOiJhMzQ0YWQzYWExMjBlN2IwMThiMzgxMzI1MGZiMTEwMCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL25qYXYudHYvZW4vdi9zdGFycy03MjktdW5jZW5zb3JlZC1sZWFrZWQifX0.3uzAWjjeHN1t4H8zT3ItowBPdzQaDyW3yGHW7hf8b14
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 10:55:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://njav.tv
Access-Control-Allow-Origin: http://njav.tv
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=8e6a83e8-70d8-42dd-a3cd-8f394d2ba226:3:1; expires=Mon, 06 Feb 2023 10:55:14 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 31 Jan 2023 10:55:14 GMT; secure; SameSite=None
uncs=1; expires=Tue, 31 Jan 2023 10:55:14 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 31 Jan 2023 10:55:14 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 31 Jan 2023 10:55:14 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ed8a03a364c807a19fdc8f55fe46d407
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
sweepfrequencydissolved.com/pixel/purst?dl=0&th=0&sc=0&rs=1835&rd=1835&fd=690&bv=22.10.v.10&tmpl=136
192.243.61.227200 OK 0 B URL HTTP/1.1 sweepfrequencydissolved.com/pixel/purst?dl=0&th=0&sc=0&rs=1835&rd=1835&fd=690&bv=22.10.v.10&tmpl=136
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1835&rd=1835&fd=690&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: sweepfrequencydissolved.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 10:55:14 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ee545433fc455bd9987f628755305a60
26d861ed51e2e4d864cbf51f59f8553a7936fe76
73918e35ea537c5e5422872d19580ae0b1a71311052ba4ea5a97a7acda546665
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73918E35EA537C5E5422872D19580AE0B1A71311052BA4EA5A97A7ACDA546665"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16470
Expires: Mon, 30 Jan 2023 15:29:44 GMT
Date: Mon, 30 Jan 2023 10:55:14 GMT
Connection: keep-alive
prototypewailrubber.com/sbar.json?key=39bf3278d30c7f4680f7c1db8a88483d
192.243.59.20200 OK 4.0 kB URL HTTP/1.1 prototypewailrubber.com/sbar.json?key=39bf3278d30c7f4680f7c1db8a88483d
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6022), with no line terminators
Hash 08b6d4731af9196c812c472375840d12
651240760d4159dd3c09897dcee6eb8542839115
d11a340e77107eccaf7da93b3fb948db4e818a1315cf98e655b7090c43f882af
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=39bf3278d30c7f4680f7c1db8a88483d HTTP/1.1
Host: prototypewailrubber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://njav.tv
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 30 Jan 2023 10:55:14 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://njav.tv
Access-Control-Allow-Origin: http://njav.tv
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17629316; expires=Tue, 31 Jan 2023 10:55:14 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 31 Jan 2023 10:55:14 GMT; secure; SameSite=None
uncs=1; expires=Tue, 31 Jan 2023 10:55:14 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 31 Jan 2023 10:55:14 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 31 Jan 2023 10:55:14 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9cb86734428362582b0ebd34c3b0a692
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/bi/41/12/96/411296dc31ffd3277b57a1c99e9031c0/1611324050.jpg
45.133.44.9200 OK 100 kB URL HTTP/2 cdn.cloudimagesb.com/bi/41/12/96/411296dc31ffd3277b57a1c99e9031c0/1611324050.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.1 (Macintosh), datetime=2021:01:20 21:25:37], progressive, precision 8, 300x250, components 3\012- data
Size 100 kB (100318 bytes)
Hash b28ac66bef5edfeb580c04cc00e9e0f7
e8ffb619727dc9bc745e74d3a022cd10df049950
711e0c73c5536b0d67c5f6969619be8b9e52d88d2eb6e25aa6b7d8019fabd563
GET /bi/41/12/96/411296dc31ffd3277b57a1c99e9031c0/1611324050.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:14 GMT
content-type: image/jpeg
content-length: 100318
server: nginx/1.17.6
last-modified: Fri, 22 Jan 2021 14:00:59 GMT
etag: "600ada9b-187de"
expires: Wed, 01 Feb 2023 10:55:14 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
prototypewailrubber.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuu3s0Pfiqirl5E1MHTCjLpnp7JzOwiYeMaCcZszK7k4sHqqupJbWq62qr%2BM8kpuItEEHe8eew8k2xQF3E%2FgLB0vEgubntYcjA3P4HoWWYyEH2h%2B32qnrfged73%2FXwvPSUuUnqy%2BoHelkrR2VbdrV1elxHXua2t3Kp5bt29WluX0Vzzam0w%2Fpnsiue26u6btfcE29SzDddzXc%2F1aovSiFAPZicsZPyg69W7br3ZqHutJgbmv2ebOrDUAc9OySVIXv1v45eHkKxE1P%2FxurCbiY7ferefKppog4wffhRtRjqP0D%2BHoXEQRofTamhbEfLNBejocOoAOtsfO0AgK%2BI88RBEh1OZCLKDM6WBgogQ8GeQZyWEKiFpCabvQPLHBGAcKzcQ9e%2BvaJPTrTOWjtmKzPz9J2RekZnfX0LU%2F2FByUHtplZpInVkMQgLyEEJ2SsRp0dIth3I%2FAgs%2BQySE0T9ApIXE9dSlpBhCSWGoNZBOv6kgzR0kMYO%2BvykRlvd0HXbYRD6fqfJGPN9xlqdOd7ifrMTukjZWNYQSTwEU0Mws4PY7GBTDmHSR7AbBSx3YJOKOB%2FuIOMFckGQW4KcEuSSIE8I8qw44Mo2bHGfK5sG3jQ3ptkvRjrp7dEDnfRERPbiU%2FLCuB%2FOs%2BQuNsVJze8God9od7jvsnbYnOu4YZt5POjQTqfZ8TmsLCDthYnVbVmR155aQywr8v9XXkRAj2DVEZh8HjR9FTQftRsu6Mao2XGxHR1Gt2lWTzJwXSBOZpBsOXvqlLw8GcmVt5%2BDYMfz1b2PL%2F9V3gMzBWJT4Lb8maCndkdrOif7azq35OGNOJF9uU3H47qZ0ERc%2FO59sZVrw5eu2%2BG319iYGMMHt4RNlmnEZdSz5PsFybkwi9owQX5asusiWE3txkJqojReXn1ncakfG2Gt1FEJKh%2FbL8FkRZ7e%2FWqyiK%2B%2F8SmkKWHSAv30mEwDUpdg8Q5sfK7eagKjzmuC2EGeFiPTCM4vlaxI8%2B6vUOJ4%2FtEfn1z7or0MGhSw4l8Pz%2FGe3UXPOKDJnckKZqZApgpQNYRNL46S2BzP%2F%2BZPAoFyRoEyzn6gjPr6rL1WntREK3RD4TZEEHaDsE1d3g2b3YB2PdEOWtRDYiv2BJf%2BAQAA%2F%2F8BAAD%2F%2F5PuiIhkBAAA
192.243.59.20200 OK 7 B URL HTTP/1.1 prototypewailrubber.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuu3s0Pfiqirl5E1MHTCjLpnp7JzOwiYeMaCcZszK7k4sHqqupJbWq62qr%2BM8kpuItEEHe8eew8k2xQF3E%2FgLB0vEgubntYcjA3P4HoWWYyEH2h%2B32qnrfged73%2FXwvPSUuUnqy%2BoHelkrR2VbdrV1elxHXua2t3Kp5bt29WluX0Vzzam0w%2Fpnsiue26u6btfcE29SzDddzXc%2F1aovSiFAPZicsZPyg69W7br3ZqHutJgbmv2ebOrDUAc9OySVIXv1v45eHkKxE1P%2FxurCbiY7ferefKppog4wffhRtRjqP0D%2BHoXEQRofTamhbEfLNBejocOoAOtsfO0AgK%2BI88RBEh1OZCLKDM6WBgogQ8GeQZyWEKiFpCabvQPLHBGAcKzcQ9e%2BvaJPTrTOWjtmKzPz9J2RekZnfX0LU%2F2FByUHtplZpInVkMQgLyEEJ2SsRp0dIth3I%2FAgs%2BQySE0T9ApIXE9dSlpBhCSWGoNZBOv6kgzR0kMYO%2BvykRlvd0HXbYRD6fqfJGPN9xlqdOd7ifrMTukjZWNYQSTwEU0Mws4PY7GBTDmHSR7AbBSx3YJOKOB%2FuIOMFckGQW4KcEuSSIE8I8qw44Mo2bHGfK5sG3jQ3ptkvRjrp7dEDnfRERPbiU%2FLCuB%2FOs%2BQuNsVJze8God9od7jvsnbYnOu4YZt5POjQTqfZ8TmsLCDthYnVbVmR155aQywr8v9XXkRAj2DVEZh8HjR9FTQftRsu6Mao2XGxHR1Gt2lWTzJwXSBOZpBsOXvqlLw8GcmVt5%2BDYMfz1b2PL%2F9V3gMzBWJT4Lb8maCndkdrOif7azq35OGNOJF9uU3H47qZ0ERc%2FO59sZVrw5eu2%2BG319iYGMMHt4RNlmnEZdSz5PsFybkwi9owQX5asusiWE3txkJqojReXn1ncakfG2Gt1FEJKh%2FbL8FkRZ7e%2FWqyiK%2B%2F8SmkKWHSAv30mEwDUpdg8Q5sfK7eagKjzmuC2EGeFiPTCM4vlaxI8%2B6vUOJ4%2FtEfn1z7or0MGhSw4l8Pz%2FGe3UXPOKDJnckKZqZApgpQNYRNL46S2BzP%2F%2BZPAoFyRoEyzn6gjPr6rL1WntREK3RD4TZEEHaDsE1d3g2b3YB2PdEOWtRDYiv2BJf%2BAQAA%2F%2F8BAAD%2F%2F5PuiIhkBAAA
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuu3s0Pfiqirl5E1MHTCjLpnp7JzOwiYeMaCcZszK7k4sHqqupJbWq62qr%2BM8kpuItEEHe8eew8k2xQF3E%2FgLB0vEgubntYcjA3P4HoWWYyEH2h%2B32qnrfged73%2FXwvPSUuUnqy%2BoHelkrR2VbdrV1elxHXua2t3Kp5bt29WluX0Vzzam0w%2Fpnsiue26u6btfcE29SzDddzXc%2F1aovSiFAPZicsZPyg69W7br3ZqHutJgbmv2ebOrDUAc9OySVIXv1v45eHkKxE1P%2FxurCbiY7ferefKppog4wffhRtRjqP0D%2BHoXEQRofTamhbEfLNBejocOoAOtsfO0AgK%2BI88RBEh1OZCLKDM6WBgogQ8GeQZyWEKiFpCabvQPLHBGAcKzcQ9e%2BvaJPTrTOWjtmKzPz9J2RekZnfX0LU%2F2FByUHtplZpInVkMQgLyEEJ2SsRp0dIth3I%2FAgs%2BQySE0T9ApIXE9dSlpBhCSWGoNZBOv6kgzR0kMYO%2BvykRlvd0HXbYRD6fqfJGPN9xlqdOd7ifrMTukjZWNYQSTwEU0Mws4PY7GBTDmHSR7AbBSx3YJOKOB%2FuIOMFckGQW4KcEuSSIE8I8qw44Mo2bHGfK5sG3jQ3ptkvRjrp7dEDnfRERPbiU%2FLCuB%2FOs%2BQuNsVJze8God9od7jvsnbYnOu4YZt5POjQTqfZ8TmsLCDthYnVbVmR155aQywr8v9XXkRAj2DVEZh8HjR9FTQftRsu6Mao2XGxHR1Gt2lWTzJwXSBOZpBsOXvqlLw8GcmVt5%2BDYMfz1b2PL%2F9V3gMzBWJT4Lb8maCndkdrOif7azq35OGNOJF9uU3H47qZ0ERc%2FO59sZVrw5eu2%2BG319iYGMMHt4RNlmnEZdSz5PsFybkwi9owQX5asusiWE3txkJqojReXn1ncakfG2Gt1FEJKh%2FbL8FkRZ7e%2FWqyiK%2B%2F8SmkKWHSAv30mEwDUpdg8Q5sfK7eagKjzmuC2EGeFiPTCM4vlaxI8%2B6vUOJ4%2FtEfn1z7or0MGhSw4l8Pz%2FGe3UXPOKDJnckKZqZApgpQNYRNL46S2BzP%2F%2BZPAoFyRoEyzn6gjPr6rL1WntREK3RD4TZEEHaDsE1d3g2b3YB2PdEOWtRDYiv2BJf%2BAQAA%2F%2F8BAAD%2F%2F5PuiIhkBAAA HTTP/1.1
Host: prototypewailrubber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Cookie: u_pl=17629316; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 30 Jan 2023 10:55:14 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 030076a51899d7f6d18239cae65eb7a7
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 78ab2d5cc6d61c3c29944777767ccefe
a5380ce83cea0350b0ea550ac99d36b0093d220a
5901f2549eee80f63d44390d2c6de7ed62ce5e63b842dc366d58a367a6be9303
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5901F2549EEE80F63D44390D2C6DE7ED62CE5E63B842DC366D58A367A6BE9303"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4363
Expires: Mon, 30 Jan 2023 12:07:57 GMT
Date: Mon, 30 Jan 2023 10:55:14 GMT
Connection: keep-alive
njav.tv/en/user/info
104.21.23.31200 OK 9.1 kB IP 104.21.23.31:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash dc6c9d10ed5bdbb8e0b2b346a08bde52
8cf6958deeb97b2907286cd3b43eb5e4649c865e
bedcc3cf83df9fe46572cf622e310063c0b2c3c0615b8457fd868864be76ea9e
OPTIONS /en/user/info HTTP/1.1
Host: njav.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Referer: http://njav.tv/
Origin: http://njav.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: session=9Csldnda8wZf3dpTFdMTW7cIjRCro8OdWqPtetNd; expires=Mon, 30-Jan-2023 12:55:13 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zthGx5gDz%2B45fIE02NdV0hfmVU1a4Lu5yLoUvarpniKDo9hXY0CWNm68dGGjAPMz2jkzeQBYTQHemfG%2FnkZXnysNBnR%2FPPXw4Z5sbr%2FcRWY%2BmyXvMUn1VFG4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7919ac89fd5fb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 92150eb32d9db49422cf29f24536530f
ee14343bc6797e6e4004aa93002e20e82ede365f
a3d92b83c5e18e8b559d0830a26ef62410a5922a213a1508ebb9f177ebdb8f51
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A3D92B83C5E18E8B559D0830A26EF62410A5922A213A1508EBB9F177EBDB8F51"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11870
Expires: Mon, 30 Jan 2023 14:13:05 GMT
Date: Mon, 30 Jan 2023 10:55:15 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 92150eb32d9db49422cf29f24536530f
ee14343bc6797e6e4004aa93002e20e82ede365f
a3d92b83c5e18e8b559d0830a26ef62410a5922a213a1508ebb9f177ebdb8f51
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A3D92B83C5E18E8B559D0830A26EF62410A5922A213A1508EBB9F177EBDB8F51"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11870
Expires: Mon, 30 Jan 2023 14:13:05 GMT
Date: Mon, 30 Jan 2023 10:55:15 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/4d/4a/74/4d4a74b19a14385ab3d7176c906ea94b/1669388730.png
45.133.44.9200 OK 87 kB URL HTTP/2 cdn.cloudimagesb.com/si/4d/4a/74/4d4a74b19a14385ab3d7176c906ea94b/1669388730.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash bf05659ee8411e39a9c3736736293d47
d86d4f9d1c16c38003a9f6cd8a6ece38f511755c
cd335b6e2e50e4474fb5276d9def3e7629e1d9278a2d597ccc09c896228e01c2
GET /si/4d/4a/74/4d4a74b19a14385ab3d7176c906ea94b/1669388730.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:15 GMT
content-type: image/png
content-length: 86644
server: nginx/1.17.6
last-modified: Fri, 25 Nov 2022 15:05:39 GMT
etag: "6380d9c3-15274"
expires: Wed, 01 Feb 2023 10:55:15 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
172.64.167.9200 OK 5.2 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP 172.64.167.9:0
Hash 62527f499d0cd9453d63a688e7a5cbd6
dc8f674f02374c1c3d92bd779c39a4370107d5b9
75fcc8a1b42465891c4903a8ead640f1674b8d12c343be430e264b5b481dfd29
GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://njav.tv
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:15 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3xitSbT77hHJPQTcFfemMWkAIK4K2i%2BPsoBJJYiyAYiwiNfKHMJclCI%2BKWoifU4Xjn8WUVpU6Q3XbyK2I9zPd8CjAMWlw7XYZyA64vBaB1UTQGwT2JScI%2FlQ6M2o3FEG4KGhgfQN6Hw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac971d997750-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14632
Expires: Mon, 30 Jan 2023 14:59:07 GMT
Date: Mon, 30 Jan 2023 10:55:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14632
Expires: Mon, 30 Jan 2023 14:59:07 GMT
Date: Mon, 30 Jan 2023 10:55:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14632
Expires: Mon, 30 Jan 2023 14:59:07 GMT
Date: Mon, 30 Jan 2023 10:55:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8d680cbaee5ef3e7b8e09b174ed6ecf
6651a0d3041920798240ea67e827c3d458769fa9
4c74e8ebff95e67da678248d3dc1d3f42d98c8a0d33d54d9d2bde36314c9f952
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3678
x-amzn-requestid: 21cd1ae3-b769-418a-b7f8-5efa486db859
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEvE-RIAMFpmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-6998009c289996563d78616a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Or8AGZIZTzP_EuRHaCfCNrdPQIw2OQW37MKvOTFQIQgO0h18ct0-Xg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:34:10 GMT
age: 44465
etag: "6651a0d3041920798240ea67e827c3d458769fa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14632
Expires: Mon, 30 Jan 2023 14:59:07 GMT
Date: Mon, 30 Jan 2023 10:55:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 1.2 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, max compression\012- data
Hash 4188bc27281eba072db19d11ac5b5793
db94b489fdbdacf255d9e8bc40bea01c80960fc8
3a9a50165dae2e2ab48dda11290fd8aacabefdf8b33c56151ef6754dc13ed4ac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1624708856CBCF339B6ACC2D31268B693AF742AA1B0C699391DDDBB09C493347"
Last-Modified: Sat, 28 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17964
Expires: Mon, 30 Jan 2023 15:54:39 GMT
Date: Mon, 30 Jan 2023 10:55:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ba712b809d1107138674cd304e041068
cb7ed5692720084e2b66e724712685d1d56dbe94
1624708856cbcf339b6acc2d31268b693af742aa1b0c699391dddbb09c493347
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1624708856CBCF339B6ACC2D31268B693AF742AA1B0C699391DDDBB09C493347"
Last-Modified: Sat, 28 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17964
Expires: Mon, 30 Jan 2023 15:54:39 GMT
Date: Mon, 30 Jan 2023 10:55:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f49153c1aade8aa30bc6c84db4fa09d7
5cce4e085c87e7fbe82907694a36a91cc1bc9bfc
3285916959352e77cdbea34515dad3b3a0315b74bca7f45a8e5a2de4661203e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6646
x-amzn-requestid: c8a7d4b9-1a13-41c1-8391-853f03f3150c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvRsHiaIAMF4Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d49271-634529cc6844e70829b5750f;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:11:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lp-314neKbpq8Kr5i_4i0fsRDVAIruvwGr8gHq-x45yXJtbesqRAsA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 04:09:50 GMT
age: 24325
etag: "5cce4e085c87e7fbe82907694a36a91cc1bc9bfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ba712b809d1107138674cd304e041068
cb7ed5692720084e2b66e724712685d1d56dbe94
1624708856cbcf339b6acc2d31268b693af742aa1b0c699391dddbb09c493347
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1624708856CBCF339B6ACC2D31268B693AF742AA1B0C699391DDDBB09C493347"
Last-Modified: Sat, 28 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17964
Expires: Mon, 30 Jan 2023 15:54:39 GMT
Date: Mon, 30 Jan 2023 10:55:15 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
172.64.167.9200 OK 9.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
IP 172.64.167.9:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ec55614acb8b042a3f8ab266871d260d
0d0b0cc5ff045800093e213913250ccec70f1d7a
3e974780bc80150deb874022c097b430ee2216e183486e6c621d122433afc50f
GET /sb/ssp/utility/social-media/facebook/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:15 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:13:59 GMT
etag: W/"602549b7-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 329774
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNJQvtcixBlbcIU44JWq4JCCvPO02huHPf2STpzS4ttdK6VrAIIb9WVnR%2B8S4KrSSoaiNDZNdRiOzd0vrC%2FdAWzqpbEUpBXCgS1KPJQlUn%2FBvwBy53MOzcHZ5Pqo%2BSAex19E1M9Ur4V4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac979ad772e8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb138c2a-a013-4652-92e0-920b0ab6d6fa.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb138c2a-a013-4652-92e0-920b0ab6d6fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8fce79ef35b4c943c2b60d5092d17b6f
d29ce982633d0cc50b2a968ea22893d92b9663e3
297e951e4ab09c3465deb222cbe8f66579f9154d4e8806eec3a52350e577fded
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb138c2a-a013-4652-92e0-920b0ab6d6fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5934
x-amzn-requestid: 75aeb64a-1ba1-4349-84f3-b94aabeccc9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFUMIAMF3nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-56d6fb7b337769986c5c567b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RKiUEsflAz1PfeT8AvkmfNGxTkGO_0Ajo5hgnRIvo0qdiVUA0wD46Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:34:18 GMT
age: 44457
etag: "d29ce982633d0cc50b2a968ea22893d92b9663e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx-qjsrMLYpLmE-8QmpR46BeRySbUGL2Rrr6LqhEQ8jaEEj_6Aj0qg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 46986
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 23:25:02 GMT
age: 41413
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
prototypewailrubber.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuu3s0Pfiqirl5E1MHTCjLpnu7J9OwiYeMaCcZszK7k4sHqqu5JbWq62qr%2BM8kpuItEEHe8eew8k2xQF3E%2FgLB0vEgubntYcjA3P4HoWWYyEH2h%2B32qnrfged73%2FXwvOyU2Mnqy%2BoHaFlLS2XbTblxeFzFXhWms3Go4dtO%2B2lgX8Zx3tTEY%2F3R%2BxbHbTfvNxnsh21SzLduxbcd2GotCh5EazE5YiORB12l27abXajptDwP937PJLBhqgeen5BIEr%2F%2B38ctDCFYh7v94PTSbqUreerefSZoqjZwffhRvxqqI0T%2BHkbYQxYfTaihTE%2FLNBaj4cOoAKt8fO0AgamI9cRDEh1OZCPKDM6WBRBgj4M%2BgyCuEsoKgFZi6A8EfE4BxrNxA3L%2B%2FonRBt85YOmZrMvP3nxBFTWZ%2Bfwlx%2F4cFKQaNm0pmqVCxwSAqIQYVRK9Ckh0h3bYgiiOw9DMIThD3SwheTlwLUUFEFWQ4BDUWsvEnLGSRhSyx0OcnDdruRrbdiYLIdX2PMea6jLX9Od7mrudHNjI2ljVEmgzB5BBM7yDRO9gUQ%2BjsEcxGCcMtmLQm1oc7yHmJIiQoDEFBCQpBUKQERV4ecGlaprzPpckCZ5pb0%2ByWI5X29uiBSnthTPaSU%2FLCuB%2FWs%2BQuNsOThtsNIrfV8blrs07kzfl21GEOD3zq%2B57vchhRQpgLE6vboiavPbWGRNTk%2F6%2B8iIAewcgjMPE8aPYqaDHqtGzQjZHn29iOD%2BPbNG%2BmObgqkaQzSLesPXlKXp6M5MrbzyFkx%2FP1vY8v%2F1XdA9MlEl3itviZoCd3R2uqIPtrqjDk4Y0kFX2xTcfjupnSNLz43fvhVqE0X7puht9eY2NiDB%2FcCk26TGMu4p4h3y8IzkO9qDQLyU9LZj0MVjOzsZDpOEuWV99ZXOonOjRGqLgCFY%2FNl2CiJk%2FvfjVZxNff%2BBRCV9BZiX52TKYBoSqwZAcmOVdvFIGW5zVBYqHIypFuBeeXUtTEu%2FsrZHg8%2F%2BiPT6590VkGDUqY8F8Pz%2FGe2UVPW6DpnckK5rpELktQOYTJLo7SRB%2FP%2F%2BZOAoG0RoHU1n4gtfz6rL1GnDTajhf6gd9hnAch406n5fqubbc49zrd0OkiNTV7gkv%2FAAAA%2F%2F8BAAD%2F%2F4fmBm5kBAAA
192.243.59.20200 OK 7 B URL HTTP/1.1 prototypewailrubber.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuu3s0Pfiqirl5E1MHTCjLpnu7J9OwiYeMaCcZszK7k4sHqqu5JbWq62qr%2BM8kpuItEEHe8eew8k2xQF3E%2FgLB0vEgubntYcjA3P4HoWWYyEH2h%2B32qnrfged73%2FXwvOyU2Mnqy%2BoHaFlLS2XbTblxeFzFXhWms3Go4dtO%2B2lgX8Zx3tTEY%2F3R%2BxbHbTfvNxnsh21SzLduxbcd2GotCh5EazE5YiORB12l27abXajptDwP937PJLBhqgeen5BIEr%2F%2B38ctDCFYh7v94PTSbqUreerefSZoqjZwffhRvxqqI0T%2BHkbYQxYfTaihTE%2FLNBaj4cOoAKt8fO0AgamI9cRDEh1OZCPKDM6WBRBgj4M%2BgyCuEsoKgFZi6A8EfE4BxrNxA3L%2B%2FonRBt85YOmZrMvP3nxBFTWZ%2Bfwlx%2F4cFKQaNm0pmqVCxwSAqIQYVRK9Ckh0h3bYgiiOw9DMIThD3SwheTlwLUUFEFWQ4BDUWsvEnLGSRhSyx0OcnDdruRrbdiYLIdX2PMea6jLX9Od7mrudHNjI2ljVEmgzB5BBM7yDRO9gUQ%2BjsEcxGCcMtmLQm1oc7yHmJIiQoDEFBCQpBUKQERV4ecGlaprzPpckCZ5pb0%2ByWI5X29uiBSnthTPaSU%2FLCuB%2FWs%2BQuNsOThtsNIrfV8blrs07kzfl21GEOD3zq%2B57vchhRQpgLE6vboiavPbWGRNTk%2F6%2B8iIAewcgjMPE8aPYqaDHqtGzQjZHn29iOD%2BPbNG%2BmObgqkaQzSLesPXlKXp6M5MrbzyFkx%2FP1vY8v%2F1XdA9MlEl3itviZoCd3R2uqIPtrqjDk4Y0kFX2xTcfjupnSNLz43fvhVqE0X7puht9eY2NiDB%2FcCk26TGMu4p4h3y8IzkO9qDQLyU9LZj0MVjOzsZDpOEuWV99ZXOonOjRGqLgCFY%2FNl2CiJk%2FvfjVZxNff%2BBRCV9BZiX52TKYBoSqwZAcmOVdvFIGW5zVBYqHIypFuBeeXUtTEu%2FsrZHg8%2F%2BiPT6590VkGDUqY8F8Pz%2FGe2UVPW6DpnckK5rpELktQOYTJLo7SRB%2FP%2F%2BZOAoG0RoHU1n4gtfz6rL1GnDTajhf6gd9hnAch406n5fqubbc49zrd0OkiNTV7gkv%2FAAAA%2F%2F8BAAD%2F%2F4fmBm5kBAAA
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuu3s0Pfiqirl5E1MHTCjLpnu7J9OwiYeMaCcZszK7k4sHqqu5JbWq62qr%2BM8kpuItEEHe8eew8k2xQF3E%2FgLB0vEgubntYcjA3P4HoWWYyEH2h%2B32qnrfged73%2FXwvOyU2Mnqy%2BoHaFlLS2XbTblxeFzFXhWms3Go4dtO%2B2lgX8Zx3tTEY%2F3R%2BxbHbTfvNxnsh21SzLduxbcd2GotCh5EazE5YiORB12l27abXajptDwP937PJLBhqgeen5BIEr%2F%2B38ctDCFYh7v94PTSbqUreerefSZoqjZwffhRvxqqI0T%2BHkbYQxYfTaihTE%2FLNBaj4cOoAKt8fO0AgamI9cRDEh1OZCPKDM6WBRBgj4M%2BgyCuEsoKgFZi6A8EfE4BxrNxA3L%2B%2FonRBt85YOmZrMvP3nxBFTWZ%2Bfwlx%2F4cFKQaNm0pmqVCxwSAqIQYVRK9Ckh0h3bYgiiOw9DMIThD3SwheTlwLUUFEFWQ4BDUWsvEnLGSRhSyx0OcnDdruRrbdiYLIdX2PMea6jLX9Od7mrudHNjI2ljVEmgzB5BBM7yDRO9gUQ%2BjsEcxGCcMtmLQm1oc7yHmJIiQoDEFBCQpBUKQERV4ecGlaprzPpckCZ5pb0%2ByWI5X29uiBSnthTPaSU%2FLCuB%2FWs%2BQuNsOThtsNIrfV8blrs07kzfl21GEOD3zq%2B57vchhRQpgLE6vboiavPbWGRNTk%2F6%2B8iIAewcgjMPE8aPYqaDHqtGzQjZHn29iOD%2BPbNG%2BmObgqkaQzSLesPXlKXp6M5MrbzyFkx%2FP1vY8v%2F1XdA9MlEl3itviZoCd3R2uqIPtrqjDk4Y0kFX2xTcfjupnSNLz43fvhVqE0X7puht9eY2NiDB%2FcCk26TGMu4p4h3y8IzkO9qDQLyU9LZj0MVjOzsZDpOEuWV99ZXOonOjRGqLgCFY%2FNl2CiJk%2FvfjVZxNff%2BBRCV9BZiX52TKYBoSqwZAcmOVdvFIGW5zVBYqHIypFuBeeXUtTEu%2FsrZHg8%2F%2BiPT6590VkGDUqY8F8Pz%2FGe2UVPW6DpnckK5rpELktQOYTJLo7SRB%2FP%2F%2BZOAoG0RoHU1n4gtfz6rL1GnDTajhf6gd9hnAch406n5fqubbc49zrd0OkiNTV7gkv%2FAAAA%2F%2F8BAAD%2F%2F4fmBm5kBAAA HTTP/1.1
Host: prototypewailrubber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Cookie: u_pl=17629316; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 30 Jan 2023 10:55:15 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2df04e60cb7191797903b07023ec4be3
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=873f261a-244a-4529-94d4-3ce6a95619b2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=a344ad3aa120e7b018b3813250fb1100&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=873f261a-244a-4529-94d4-3ce6a95619b2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=a344ad3aa120e7b018b3813250fb1100&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=873f261a-244a-4529-94d4-3ce6a95619b2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=a344ad3aa120e7b018b3813250fb1100&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 10:55:15 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 420c013630ff9bfc7d334a662a4bfd54
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=873f261a-244a-4529-94d4-3ce6a95619b2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=26f913a7f9e8cc1089ed462c92490305&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=873f261a-244a-4529-94d4-3ce6a95619b2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=26f913a7f9e8cc1089ed462c92490305&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=873f261a-244a-4529-94d4-3ce6a95619b2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=26f913a7f9e8cc1089ed462c92490305&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 10:55:15 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1313840d40a63dac9bd7221c0b2891ba
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=873f261a-244a-4529-94d4-3ce6a95619b2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=39bf3278d30c7f4680f7c1db8a88483d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=873f261a-244a-4529-94d4-3ce6a95619b2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=39bf3278d30c7f4680f7c1db8a88483d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=873f261a-244a-4529-94d4-3ce6a95619b2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=39bf3278d30c7f4680f7c1db8a88483d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 10:55:15 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3d930ea75e3478c466a61d1612687446
Strict-Transport-Security: max-age=0; includeSubdomains
prototypewailrubber.com/pixel/sbs?c=1
192.243.59.20200 OK 0 B URL HTTP/1.1 prototypewailrubber.com/pixel/sbs?c=1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: prototypewailrubber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Cookie: u_pl=17629316; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 30 Jan 2023 10:55:15 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,700;0,900;1,400&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,700;0,900;1,400&display=swap
IP 142.250.74.106:0
GET /css2?family=Roboto:ital,wght@0,400;0,500;0,700;0,900;1,400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 10:55:12 GMT
date: Mon, 30 Jan 2023 10:55:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
45.133.44.4200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://njav.tv
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:14 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 30 Jan 2023 11:55:14 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js
172.64.167.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js
IP 172.64.167.9:0
GET /sb/ssp/utility/social-media/facebook/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://njav.tv
Connection: keep-alive
Referer: http://njav.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:15 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1IZ%2FwavEu94zl%2BkZVHmIG7eyRa2APP2wzwBTRxoTYOK6PYDFqB6vuqVz%2B408z4RsOapIOfMNJxTC65PV6JyFNTzbuB4nQIaOed31s1FERX2ZNnFAtWZMWsXaHOdCLZd60pMgEeyGxII"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac972db17750-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
njav.tv/en/api/v/173317/videos?r=0.3355260172906456
104.21.23.31200 OK 0 B URL HTTP/2 njav.tv/en/api/v/173317/videos?r=0.3355260172906456
IP 104.21.23.31:0
OPTIONS /en/api/v/173317/videos?r=0.3355260172906456 HTTP/1.1
Host: njav.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Referer: http://njav.tv/
Origin: http://njav.tv
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: session=VKy95HMN7NgLMLK6UptfCegcgnV1h6ccbiFlarRF; expires=Mon, 30-Jan-2023 12:55:13 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrhJM8BItXShHf7AMgAlMhrzoGS%2FnrLYGY4HIs6uBWpgzX4jCdfZJ%2FBGv2BgwWXTvr2Jp6iCKkkhCiHBISgaEXRIsVDBb%2FjIVA1h0jy7Q1N%2FR0vhHTeAWa3y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7919ac89ed4ab4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creative.xlivrdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&applyGeobans=0&autoplay=all&autoplayForce=1&broadcastHD=0&broadcastMobile=0&broadcastVR=0&buttonColor=%23DC0C2C&campaignId=1f570985c98201f24626a02c754bfac937e2abbd6541885d068a9aa7a1843267&campaignType=smartpop&creativeId=930ca91ef518e84f2bf45ed3237f8227253ab9f3d5c0c3f3c426b0f9921dccaa&goalEnabled=0&hideButton=1&hideButtonOnSmallSpots=1&hideLiveBadge=0&hideModelName=0&hideModelNameOnSmallSpots=1&hideTitle=1&hideTitleOnSmallSpots=1&isFace=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&isMlCountry=0&isNew=0&isPerson=0&iterationId=274130&language=en&liveBadgeColor=%2300bd8f&masterSmartpopId=0&playButton=0&responsive=1&ruleId=0&smartpopId=7678&strict=0&stripcashR=0&tag=girls%2Fchinese&thumbFit=cover&thumbSizeKey=big&thumbType=default&thumbsMargin=2&userId=c11b667e1e8a26cf7f31362ebc0577ab36a4ec57b491bae9f3f8939c70b4b75e&variationId=29594
104.18.59.150200 OK 0 B URL HTTP/2 creative.xlivrdr.com/widgets/v4/Universal?actionButtonPlacement=bottom&applyGeobans=0&autoplay=all&autoplayForce=1&broadcastHD=0&broadcastMobile=0&broadcastVR=0&buttonColor=%23DC0C2C&campaignId=1f570985c98201f24626a02c754bfac937e2abbd6541885d068a9aa7a1843267&campaignType=smartpop&creativeId=930ca91ef518e84f2bf45ed3237f8227253ab9f3d5c0c3f3c426b0f9921dccaa&goalEnabled=0&hideButton=1&hideButtonOnSmallSpots=1&hideLiveBadge=0&hideModelName=0&hideModelNameOnSmallSpots=1&hideTitle=1&hideTitleOnSmallSpots=1&isFace=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&isMlCountry=0&isNew=0&isPerson=0&iterationId=274130&language=en&liveBadgeColor=%2300bd8f&masterSmartpopId=0&playButton=0&responsive=1&ruleId=0&smartpopId=7678&strict=0&stripcashR=0&tag=girls%2Fchinese&thumbFit=cover&thumbSizeKey=big&thumbType=default&thumbsMargin=2&userId=c11b667e1e8a26cf7f31362ebc0577ab36a4ec57b491bae9f3f8939c70b4b75e&variationId=29594
IP 104.18.59.150:0
GET /widgets/v4/Universal?actionButtonPlacement=bottom&applyGeobans=0&autoplay=all&autoplayForce=1&broadcastHD=0&broadcastMobile=0&broadcastVR=0&buttonColor=%23DC0C2C&campaignId=1f570985c98201f24626a02c754bfac937e2abbd6541885d068a9aa7a1843267&campaignType=smartpop&creativeId=930ca91ef518e84f2bf45ed3237f8227253ab9f3d5c0c3f3c426b0f9921dccaa&goalEnabled=0&hideButton=1&hideButtonOnSmallSpots=1&hideLiveBadge=0&hideModelName=0&hideModelNameOnSmallSpots=1&hideTitle=1&hideTitleOnSmallSpots=1&isFace=0&isLogged=0&isMlAnal=0&isMlBlowjob=0&isMlCountry=0&isNew=0&isPerson=0&iterationId=274130&language=en&liveBadgeColor=%2300bd8f&masterSmartpopId=0&playButton=0&responsive=1&ruleId=0&smartpopId=7678&strict=0&stripcashR=0&tag=girls%2Fchinese&thumbFit=cover&thumbSizeKey=big&thumbType=default&thumbsMargin=2&userId=c11b667e1e8a26cf7f31362ebc0577ab36a4ec57b491bae9f3f8939c70b4b75e&variationId=29594 HTTP/1.1
Host: creative.xlivrdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://njav.tv/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:55:12 GMT
content-type: text/html
last-modified: Tue, 24 Jan 2023 03:07:04 GMT
expires: Mon, 30 Jan 2023 10:55:04 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
cf-cache-status: HIT
age: 10
vary: Accept-Encoding
server: cloudflare
cf-ray: 7919ac88eb55b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2