firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 04:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: E-FkwSBs_z9dHjQcNcU-2I-oB2Jlwvhm1Zbx_ng_3Yhorb2DOE1eyw==
Age: 2086
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5644
Expires: Mon, 26 Sep 2022 06:24:08 GMT
Date: Mon, 26 Sep 2022 04:50:04 GMT
Connection: keep-alive
datawav.club/meth-whore-deflated-tits
173.208.199.194301 Moved Permanently 178 B URL HTTP/1.1 datawav.club/meth-whore-deflated-tits
IP 173.208.199.194:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Malware
GET /meth-whore-deflated-tits HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 26 Sep 2022 04:50:04 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://datawav.club/meth-whore-deflated-tits
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AczpaZ_Y9f59bWg-l4oKFa6qIHkKg7Q5RMLZ68kfGQSWXJ9VBcNetA==
age: 889
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 14d6fa3b84d231a6aa5bd60711471f34
4b3b1118569aed40307b07b2acc0de22d7a74140
6b4223ca60315c7c88d1bbba93072a583ecbc9a42ed4c0629866d80ef35907bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B4223CA60315C7C88D1BBBA93072A583ECBC9A42ED4C0629866D80EF35907BB"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18991
Expires: Mon, 26 Sep 2022 10:06:36 GMT
Date: Mon, 26 Sep 2022 04:50:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 26 Sep 2022 04:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 26 Sep 2022 04:22:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wYIrJ4a33WKT14p0tlO74pKl395y4bSqlhtL23pkw7uNmKWjvW_x9A==
Age: 2748
datawav.club/meth-whore-deflated-tits
173.208.199.194301 Moved Permanently 0 B URL HTTP/1.1 datawav.club/meth-whore-deflated-tits
IP 173.208.199.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /meth-whore-deflated-tits HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 26 Sep 2022 04:50:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Redirect-By: WordPress
Location: https://datawav.club/meth-whore-deflated-tits/
FrontCache: MISS
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5536
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 04:50:05 GMT
Last-Modified: Mon, 26 Sep 2022 03:17:49 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
datawav.club/meth-whore-deflated-tits/
173.208.199.194200 OK 13 kB URL HTTP/1.1 datawav.club/meth-whore-deflated-tits/
IP 173.208.199.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 24b4be75238577277be65f355e08dcd6
c62d928cab2450e6fbad57e0ceff8aea8053d66c
d57d28b64ce747a5af2c3bbf74e20c910bb34d07457cd7b4ab67c33431bcdd53
Analyzer Verdict Alert fortinet Malware
GET /meth-whore-deflated-tits/ HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 04:50:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Link: <https://datawav.club/wp-json/>; rel="https://api.w.org/", <https://datawav.club/wp-json/wp/v2/posts/332098>; rel="alternate"; type="application/json", <https://datawav.club/?p=332098>; rel=shortlink
X-ElasticPress-Query: true
Content-Encoding: gzip
FrontCache: MISS
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cPjxL27qvtbnI5iRfh7KhA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: D/iOfDrO+pEjDu8srMn/G+y0KB0=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 04:50:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
datawav.club/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
173.208.199.194200 OK 12 kB URL HTTP/1.1 datawav.club/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 173.208.199.194:0
File type ASCII text, with very long lines (43771)
Hash 88f413500303dc21250157a6aa913a32
ca138ec102d96e6d7b30bf83b7dab60a16f0b5d6
65e072ca8d53bf38d5dde355a039a61f6c7204206a9a58ded75d2d2730cc0999
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 04:50:05 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 06:31:23 GMT
Vary: Accept-Encoding
ETag: W/"630b0bbb-15b64"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 04:50:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
datawav.club/wp-content/themes/wellington/css/genericons/genericons.css?ver=3.4.1
173.208.199.194200 OK 16 kB URL HTTP/1.1 datawav.club/wp-content/themes/wellington/css/genericons/genericons.css?ver=3.4.1
IP 173.208.199.194:0
File type ASCII text, with very long lines (18732), with CRLF line terminators
Hash f9330a5b1ff4bb3d35693982b212e4bd
c2c837ab1e60cfec1d60eaf6a1e2ecfcf8c7b884
3019eb8fd0dc294ad6c3cce11f5b7ae2f1bf72fe259dc2b54b625e74af4e33ee
GET /wp-content/themes/wellington/css/genericons/genericons.css?ver=3.4.1 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 04:50:05 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2017 08:17:29 GMT
Vary: Accept-Encoding
ETag: W/"58f47a19-6f71"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT
datawav.club/wp-content/themes/wellington/style.css?ver=1.0.6
173.208.199.194200 OK 9.1 kB URL HTTP/1.1 datawav.club/wp-content/themes/wellington/style.css?ver=1.0.6
IP 173.208.199.194:0
File type ASCII text, with very long lines (355), with CRLF line terminators
Hash dea6095724497c9701e5e96321ea6bd0
a4bd04afdf2ede1b155b87872a34d1c97e443fe2
7ba56aa8ba7a9708aa49cc91cdd1db8a177af6505a735e68fa2f85a7e51b3d4c
GET /wp-content/themes/wellington/style.css?ver=1.0.6 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 04:50:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2017 08:17:29 GMT
Vary: Accept-Encoding
ETag: W/"58f47a19-c499"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT
datawav.club/uomdacwoqbvxwxj.php
173.208.199.194200 OK 11 kB URL HTTP/1.1 datawav.club/uomdacwoqbvxwxj.php
IP 173.208.199.194:0
File type ASCII text, with very long lines (10335)
Hash da473dea1bb1773efda6ce116f492149
0c3bd92efdc486ae6261332d3819646da3a65081
db98782f93780ea01b6c5aca405b54f087fb47be410530c79c564c49b82b8b06
GET /uomdacwoqbvxwxj.php HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 04:50:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
FrontCache: HIT
datawav.club/wp-content/themes/wellington/css/themezee-related-posts.css?ver=20160421
173.208.199.194200 OK 931 B URL HTTP/1.1 datawav.club/wp-content/themes/wellington/css/themezee-related-posts.css?ver=20160421
IP 173.208.199.194:0
File type ASCII text, with CRLF line terminators
Hash 99fddbd49303e57f150b016c8714159d
ed798b602726b08ea1e331d61469aab3138a558c
c2345b323c0571f8d9c95256a1d44ceefd33a0791e786afe4a4a534060e3275f
GET /wp-content/themes/wellington/css/themezee-related-posts.css?ver=20160421 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 04:50:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2017 08:17:29 GMT
Vary: Accept-Encoding
ETag: W/"58f47a19-1514"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT
datawav.club/wp-content/themes/wellington/js/navigation.js?ver=20160719
173.208.199.194200 OK 1.6 kB URL HTTP/1.1 datawav.club/wp-content/themes/wellington/js/navigation.js?ver=20160719
IP 173.208.199.194:0
File type ASCII text, with CRLF line terminators
Hash a73417e3fe8baa2f33f152e3bbc14097
622a93a734e15fc786f8f6887554c2c253028aad
8cb4ff8750d3f21e630c95a3c3ed5fc046e232b8c66c94c4580119bf4ae30c94
GET /wp-content/themes/wellington/js/navigation.js?ver=20160719 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 04:50:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2017 08:17:29 GMT
Vary: Accept-Encoding
ETag: W/"58f47a19-1538"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT
datawav.club/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
173.208.199.194200 OK 4.2 kB URL HTTP/1.1 datawav.club/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 173.208.199.194:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 04:50:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 06:31:23 GMT
Vary: Accept-Encoding
ETag: W/"630b0bbb-2bd8"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT
datawav.club/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
173.208.199.194200 OK 5.0 kB URL HTTP/1.1 datawav.club/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 173.208.199.194:0
File type ASCII text, with very long lines (15660)
Hash 1b982d290af16dac5885f21a198aaa66
f847ca85d23c2f240938bbde0135f3de97925759
0b6e238cc0728a0bace390dfff472ff8bb5a5fd4714bcfcdac7c28621d67b8dc
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 04:50:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 06:31:23 GMT
Vary: Accept-Encoding
ETag: W/"630b0bbb-48b9"
Expires: Wed, 13 Sep 2023 00:21:10 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT
datawav.club/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
173.208.199.194200 OK 31 kB URL HTTP/1.1 datawav.club/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 173.208.199.194:0
File type ASCII text, with very long lines (65447)
Hash 7a6e4a1e4a67fac0cd39ca1dd1982f47
a8bf880e5db17a703293d5a3c92623a97d5a1df1
daf4bcb15594deb268cc05f030ccaf8dfe4acab417758dd16a6f3b2d86d2908f
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 04:50:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 06:31:23 GMT
Vary: Accept-Encoding
ETag: W/"630b0bbb-15db1"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT
i2.wp.com/66.media.tumblr.com/d27de76c80a3e95e73a460a374b0f666/tumblr_mrhi0pQ3BP1sqwu1no1_1280.jpg
192.0.77.2200 OK 19 kB URL HTTP/2 i2.wp.com/66.media.tumblr.com/d27de76c80a3e95e73a460a374b0f666/tumblr_mrhi0pQ3BP1sqwu1no1_1280.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 922x639, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 35729e53dbc8061cd6d9f413617c078a
efb21029d32d22014c14dd07a368c868a79a92ec
ef1178ab8146c09468cd386815b2c0971666c966785066a6afcbbe34d1c196fa
GET /66.media.tumblr.com/d27de76c80a3e95e73a460a374b0f666/tumblr_mrhi0pQ3BP1sqwu1no1_1280.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-type: image/webp
content-length: 18598
last-modified: Sun, 11 Sep 2022 20:35:17 GMT
expires: Wed, 11 Sep 2024 08:35:17 GMT
cache-control: public, max-age=63115200
link: <http://66.media.tumblr.com/d27de76c80a3e95e73a460a374b0f666/tumblr_mrhi0pQ3BP1sqwu1no1_1280.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "523c66b30da58bd5"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/c1.staticflickr.com/1/36/122443056_61f421d187_z.jpg?zz=1
192.0.77.2200 OK 37 kB URL HTTP/2 i0.wp.com/c1.staticflickr.com/1/36/122443056_61f421d187_z.jpg?zz=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 99582acba972459f3cbf9bc9bb900a56
2636caeffddac5adb89e6c1903411f5e7b6bfeb9
24b08abe1376742244772c654670adfef3be8e27a2ca7dda56b0783b061ef2cd
GET /c1.staticflickr.com/1/36/122443056_61f421d187_z.jpg?zz=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-type: image/webp
content-length: 36900
last-modified: Sun, 18 Sep 2022 20:20:02 GMT
expires: Wed, 18 Sep 2024 08:20:02 GMT
cache-control: public, max-age=63115200
link: <http://c1.staticflickr.com/1/36/122443056_61f421d187_z.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "194d304c51e8d7ed"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/s.smutty.com/media_smutty_2/d/a/n/a/p/danarami-roxru-71b5e3.jpg
192.0.77.2200 OK 67 kB URL HTTP/2 i1.wp.com/s.smutty.com/media_smutty_2/d/a/n/a/p/danarami-roxru-71b5e3.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 620x654, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 434ba2cf7ceb8008e458b7d089b794dc
9e9853e7601d9000744a33d81562d65ec829be8d
171d7e681923a4cf5bd3fb6acad27f317fb75cfaf090008e52f06406e7bc7b9e
GET /s.smutty.com/media_smutty_2/d/a/n/a/p/danarami-roxru-71b5e3.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-type: image/webp
content-length: 67116
last-modified: Sun, 04 Sep 2022 02:16:07 GMT
expires: Tue, 03 Sep 2024 14:16:07 GMT
cache-control: public, max-age=63115200
link: <http://s.smutty.com/media_smutty_2/d/a/n/a/p/danarami-roxru-71b5e3.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "56d626dab2bee19a"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/mybigtitsbabes.com/wp-content/uploads/2014/11/Carla_White_Favourite_Chair_01.jpg
192.0.77.2200 OK 129 kB URL HTTP/2 i0.wp.com/mybigtitsbabes.com/wp-content/uploads/2014/11/Carla_White_Favourite_Chair_01.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 750x1124, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 129 kB (129188 bytes)
Hash 846d0daca2f8a4a308dcb877c6bd3701
6f5b4e5b27555694b0f589067917dedced19f5b7
b18522a26c875bee10eeb75265a7175dd996474f126a0849467379587d750182
GET /mybigtitsbabes.com/wp-content/uploads/2014/11/Carla_White_Favourite_Chair_01.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-type: image/webp
content-length: 129188
last-modified: Fri, 02 Sep 2022 17:25:33 GMT
expires: Mon, 02 Sep 2024 05:25:33 GMT
cache-control: public, max-age=63115200
link: <http://mybigtitsbabes.com/wp-content/uploads/2014/11/Carla_White_Favourite_Chair_01.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "edb43f5a785ce078"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/64.media.tumblr.com/81e489b389e50ed361dc1f23606b590c/tumblr_n5k86zxF3R1t0dazio1_400.jpg
192.0.77.2200 OK 34 kB URL HTTP/2 i1.wp.com/64.media.tumblr.com/81e489b389e50ed361dc1f23606b590c/tumblr_n5k86zxF3R1t0dazio1_400.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x542, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 056cb5d17c034dfb193d3ddb2bacde66
ea199f0e2fd22bcc60722b2cfa6192f2055bb29b
d4135c8e26722c4488447150360cb5fa0c41d085b00f2c5a51bea1571521c856
GET /64.media.tumblr.com/81e489b389e50ed361dc1f23606b590c/tumblr_n5k86zxF3R1t0dazio1_400.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-type: image/webp
content-length: 34270
last-modified: Mon, 29 Aug 2022 12:13:21 GMT
expires: Thu, 29 Aug 2024 00:13:21 GMT
cache-control: public, max-age=63115200
link: <http://64.media.tumblr.com/81e489b389e50ed361dc1f23606b590c/tumblr_n5k86zxF3R1t0dazio1_400.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "bb1047935c02f17f"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/i5.fapality.com/contents/albums/main/680x9999/1000/1012/44937.jpg
192.0.77.2200 OK 32 kB URL HTTP/2 i1.wp.com/i5.fapality.com/contents/albums/main/680x9999/1000/1012/44937.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 620x947, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9d63a2e0ffe317cfaf25d82e1610913f
d851f7135cf819ed0c6f92c2b3be725ed47576c2
72fdfa02b23e4bc9409c8dbb06434a6656b1b24ae05755766df81e0674289f5a
GET /i5.fapality.com/contents/albums/main/680x9999/1000/1012/44937.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-type: image/webp
content-length: 31880
last-modified: Sun, 24 Jul 2022 23:43:08 GMT
expires: Wed, 24 Jul 2024 11:43:08 GMT
cache-control: public, max-age=63115200
link: <http://i5.fapality.com/contents/albums/main/680x9999/1000/1012/44937.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5452595eb781c983"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
pfewuzbtkr.com/solid.gif?z=1830123&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 pfewuzbtkr.com/solid.gif?z=1830123&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1830123&abvar=0 HTTP/1.1
Host: pfewuzbtkr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 04:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7920, version 1.0\012- data
Hash 797ad5f8d84a297ab16f9a9c983adfc2
af074543e3bbd78e086cefa983867e0936515c41
e0037277509761be84d1c44b520649c2363df89e00568561ebf015cb3cedc91a
GET /s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datawav.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 20:54:14 GMT
expires: Fri, 22 Sep 2023 20:54:14 GMT
cache-control: public, max-age=31536000
age: 287752
last-modified: Thu, 21 Apr 2022 16:51:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i1.wp.com/gaycj.com/cumtomyass/first-gay-ass-sex/free-gay-muscle-twink-pics-ms/zXkl/free-first-gay-time-stories014.jpg
192.0.77.2200 OK 472 B URL HTTP/2 i1.wp.com/gaycj.com/cumtomyass/first-gay-ass-sex/free-gay-muscle-twink-pics-ms/zXkl/free-first-gay-time-stories014.jpg
IP 192.0.77.2:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
GET /gaycj.com/cumtomyass/first-gay-ass-sex/free-gay-muscle-twink-pics-ms/zXkl/free-first-gay-time-stories014.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-type: image/webp
content-length: 800734
last-modified: Sat, 24 Sep 2022 08:29:16 GMT
expires: Mon, 23 Sep 2024 20:29:16 GMT
cache-control: public, max-age=63115200
link: <http://gaycj.com/cumtomyass/first-gay-ass-sex/free-gay-muscle-twink-pics-ms/zXkl/free-first-gay-time-stories014.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "29bd10ec73b86bf9"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 04:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7908, version 1.0\012- data
Hash 15d9bbcfbc1d668a43c85d156d23262b
c436963710c58453c4ae27e66c051e85c084cd49
6db83475c4b6e3bcd2df60ca7afcedabc5140c3b55c9a6bb0ca636c5b6438e5f
GET /s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datawav.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 00:15:00 GMT
expires: Sat, 23 Sep 2023 00:15:00 GMT
cache-control: public, max-age=31536000
age: 275706
last-modified: Thu, 21 Apr 2022 16:47:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/magra/v14/uK_w4ruaZus72nbNDycQGvo.woff2
142.250.74.163200 OK 9.4 kB URL HTTP/2 fonts.gstatic.com/s/magra/v14/uK_w4ruaZus72nbNDycQGvo.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9436, version 1.0\012- data
Hash 267ecd80d0d89a255f676a8b3cce0db0
215515b0a5be67a4d9c980e8926231225b036ef6
c4920b39f85de27baf31e69b334cdf828ec2875ac4ec3a4a2d7a2e52773f7e79
GET /s/magra/v14/uK_w4ruaZus72nbNDycQGvo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datawav.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 22:06:51 GMT
expires: Wed, 20 Sep 2023 22:06:51 GMT
cache-control: public, max-age=31536000
age: 456195
last-modified: Tue, 26 Apr 2022 15:28:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 04:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash cb34c89a33b9faea81ba78914b519add
5e3e75b719ce668944dec0b3123f93c6d109bee8
7d1ab277076a440ce374b3f04616860bcf735271ee67556a3f348d31fbb1ee8c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 04:50:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 12:04:30 GMT
Expires: Sun, 02 Oct 2022 12:04:29 GMT
Etag: "5e3e75b719ce668944dec0b3123f93c6d109bee8"
Cache-Control: max-age=543862,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750960771ed00b31-OSL
limurol.com/ssp/req/1830123/?pb=ffb284a658447b5a72b094bdefa614641664175006&psp=SaJ-rARbfCoMpO63w2pMz1W7wLXPk2DAYJJKfd9wnOCFaUFDkGGY4XKM7nK_hr-2ywRxCmsPD8T7gU1FATvzfMLnOnaOaX4W5M4r0bd6VIoZP-DtLCJgdax6ncFt2DjxhlQQDwm5x_BUKLgxpVDVrs5UzjmrBTEwcsnZJ1_bMl4R0oJV7lVu_xGa13XWVKy6RJSdG58GdcbdxGVaJwR0McIIHgJws3gZbzcQldgcU9Va2YhTdM-jKVuGwJoXXx3PwDanF-xWa7WZ3vXwFOj_oa4YWjJQp25V-wB44r4GGpkqKTYcBjgEnP65B6X-pGShNGJmiUXTwVcsUCcmpvVYAt4HCXhziEtxTG6EupmNZLOlWbJv6OrKL5N3ph5iwOH8INufWgRgA4MYqDgtuk23_1c58HqchVMaHpkb90qiBzuf9JrP-2gnhA6-v6jt7qPf5BNoPDQvpyjErtpv_KJxZrI5IZACEY8WEYNqirVAM2Slm3rCsRA4GgHsMLrvfS3_RKFKRMAxOPejsTBo9uy0sUie0EUmJV2tYnagka0LCrTYrMr3OUhLMB2FcdtON-9oEBspSBgp7z90jr5LDUTtNK3-AvnJqmJLJ2nwR7T38coIT8xPapiJjavEdUjsNDmOJm3uZ2hsVA==&cb=_clcjdt0ksuhxrsdklwgkkj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1830123/?pb=ffb284a658447b5a72b094bdefa614641664175006&psp=SaJ-rARbfCoMpO63w2pMz1W7wLXPk2DAYJJKfd9wnOCFaUFDkGGY4XKM7nK_hr-2ywRxCmsPD8T7gU1FATvzfMLnOnaOaX4W5M4r0bd6VIoZP-DtLCJgdax6ncFt2DjxhlQQDwm5x_BUKLgxpVDVrs5UzjmrBTEwcsnZJ1_bMl4R0oJV7lVu_xGa13XWVKy6RJSdG58GdcbdxGVaJwR0McIIHgJws3gZbzcQldgcU9Va2YhTdM-jKVuGwJoXXx3PwDanF-xWa7WZ3vXwFOj_oa4YWjJQp25V-wB44r4GGpkqKTYcBjgEnP65B6X-pGShNGJmiUXTwVcsUCcmpvVYAt4HCXhziEtxTG6EupmNZLOlWbJv6OrKL5N3ph5iwOH8INufWgRgA4MYqDgtuk23_1c58HqchVMaHpkb90qiBzuf9JrP-2gnhA6-v6jt7qPf5BNoPDQvpyjErtpv_KJxZrI5IZACEY8WEYNqirVAM2Slm3rCsRA4GgHsMLrvfS3_RKFKRMAxOPejsTBo9uy0sUie0EUmJV2tYnagka0LCrTYrMr3OUhLMB2FcdtON-9oEBspSBgp7z90jr5LDUTtNK3-AvnJqmJLJ2nwR7T38coIT8xPapiJjavEdUjsNDmOJm3uZ2hsVA==&cb=_clcjdt0ksuhxrsdklwgkkj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1830123/?pb=ffb284a658447b5a72b094bdefa614641664175006&psp=SaJ-rARbfCoMpO63w2pMz1W7wLXPk2DAYJJKfd9wnOCFaUFDkGGY4XKM7nK_hr-2ywRxCmsPD8T7gU1FATvzfMLnOnaOaX4W5M4r0bd6VIoZP-DtLCJgdax6ncFt2DjxhlQQDwm5x_BUKLgxpVDVrs5UzjmrBTEwcsnZJ1_bMl4R0oJV7lVu_xGa13XWVKy6RJSdG58GdcbdxGVaJwR0McIIHgJws3gZbzcQldgcU9Va2YhTdM-jKVuGwJoXXx3PwDanF-xWa7WZ3vXwFOj_oa4YWjJQp25V-wB44r4GGpkqKTYcBjgEnP65B6X-pGShNGJmiUXTwVcsUCcmpvVYAt4HCXhziEtxTG6EupmNZLOlWbJv6OrKL5N3ph5iwOH8INufWgRgA4MYqDgtuk23_1c58HqchVMaHpkb90qiBzuf9JrP-2gnhA6-v6jt7qPf5BNoPDQvpyjErtpv_KJxZrI5IZACEY8WEYNqirVAM2Slm3rCsRA4GgHsMLrvfS3_RKFKRMAxOPejsTBo9uy0sUie0EUmJV2tYnagka0LCrTYrMr3OUhLMB2FcdtON-9oEBspSBgp7z90jr5LDUTtNK3-AvnJqmJLJ2nwR7T38coIT8xPapiJjavEdUjsNDmOJm3uZ2hsVA==&cb=_clcjdt0ksuhxrsdklwgkkj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2209252350cdd8d8fc0a974b56bc2ddbf462; Path=/; Expires=Tue, 26 Sep 2023 04:50:06 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash cb34c89a33b9faea81ba78914b519add
5e3e75b719ce668944dec0b3123f93c6d109bee8
7d1ab277076a440ce374b3f04616860bcf735271ee67556a3f348d31fbb1ee8c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 04:50:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 12:04:30 GMT
Expires: Sun, 02 Oct 2022 12:04:29 GMT
Etag: "5e3e75b719ce668944dec0b3123f93c6d109bee8"
Cache-Control: max-age=543862,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750960788f910b31-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8877
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 04:50:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8877
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 04:50:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8877
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 04:50:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8877
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 04:50:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8877
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 04:50:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H4KXhBaRw3SvzBrbl30mV6R_vJ8bXBkyicb8fQiTp6YSBHjE8iFkNQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:49:56 GMT
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
age: 21610
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa675e34b-7ee1-4318-a6a3-b49bce6a4ca4.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa675e34b-7ee1-4318-a6a3-b49bce6a4ca4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b6e43e36ae283d6ec12fb5c9c692fa83
a3b3a4396da5beac2430e8facdb4d4b799621c9d
49ed7dccf0fe8abb7b0bfdc34ff89b30ef719288571bb1d89d29a1cb8857310e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa675e34b-7ee1-4318-a6a3-b49bce6a4ca4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10944
x-amzn-requestid: 2711886c-e022-4a77-862e-9d7bbd0db02e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvxHsSIAMF8Pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-6b464e2e489825b51447d74d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N-nUwIxG9TDPRBSt8-RuITSg0nVZIMMidfKme75OXsqDXJ-vcXA41Q==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:25:00 GMT
age: 23106
etag: "a3b3a4396da5beac2430e8facdb4d4b799621c9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:35 GMT
age: 25951
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a7e9af9-ebe4-49ea-9af4-d118f2ef0b43.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a7e9af9-ebe4-49ea-9af4-d118f2ef0b43.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 431ff1171a3d7c60a31cc1c3f62164ee
4b32113aaf50132b38c8034017a6eb5a32d7040b
65d598db252fb3979d3df3cb8d052861bb31d6187552f9c694ec27a322b308c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a7e9af9-ebe4-49ea-9af4-d118f2ef0b43.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8851
x-amzn-requestid: dbe6ba4c-3d38-48e8-9d08-088d8e26e7a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUDAE23oAMF_yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd46-4f3b85952fa3109d2921d0e1;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wbbfzE5nQkhK_nsXX8XGJbOl3Yf6NDA1r_AC-0dOzqJDkLQ2BLxK9A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 23:15:06 GMT
age: 20101
etag: "4b32113aaf50132b38c8034017a6eb5a32d7040b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d79a3a5bd7dc7aa6cab306176fafd11
0d5cb1f3e3ea510308034a5e569c0e65fae30835
57979dfcf6fdc76f04e4790c2b94b876e188ac780aa49d9bfc8a58c498dc4203
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7185
x-amzn-requestid: e7b997d7-f9ce-40c6-b9bb-372ee10d8ad0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTAfEX5oAMFcHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb9c-31e295e33ead940f381121a1;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:43:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YW8Pk1qXdq3DBNRDO3abND1HGTqhUInN2Wo3N8Uzb0zzyXrsKPCvYg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:48:52 GMT
age: 25275
etag: "0d5cb1f3e3ea510308034a5e569c0e65fae30835"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20fede81-e065-476d-b8c9-466c4d80f419.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20fede81-e065-476d-b8c9-466c4d80f419.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27d324b1fb661c318aced98468501b3c
5c4ee294c98e8fc9312a7d481b6ec165494cf852
937296b5da48df0495ebd0cb3509b7c00059725c00c5b97f475ba2382a0e5437
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20fede81-e065-476d-b8c9-466c4d80f419.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7998
x-amzn-requestid: beedf4d8-29c0-43c6-92d0-40af6b9ee9f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTibE5LoAMFXLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cc75-1be97f2a525b9a5e3146d4be;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:47:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: i8BwIohBNqfEavPXBqSWshg7G-WF9UkBBScnDcyH4qEYV9TzreLXWA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:03:29 GMT
age: 24398
etag: "5c4ee294c98e8fc9312a7d481b6ec165494cf852"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:07 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://datawav.club
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 75096079c8271c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 97ffb92628eec1fd912e2a1a7a49dadb
9224081c2660b3d467c8ecc60a1a674c813c451c
88e956e1405478b590d58e73e534c07785a1274b25db9a3a3f1f58755dc993de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88E956E1405478B590D58E73E534C07785A1274B25DB9A3A3F1F58755DC993DE"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20452
Expires: Mon, 26 Sep 2022 10:30:59 GMT
Date: Mon, 26 Sep 2022 04:50:07 GMT
Connection: keep-alive
limurol.com/ssp/req/1830123/?pb=ffb284a658447b5a72b094bdefa614641664175006&psp=SaJ-rARbfCoMpO63w2pMz1W7wLXPk2DAYJJKfd9wnOCFaUFDkGGY4XKM7nK_hr-2ywRxCmsPD8T7gU1FATvzfMLnOnaOaX4W5M4r0bd6VIoZP-DtLCJgdax6ncFt2DjxhlQQDwm5x_BUKLgxpVDVrs5UzjmrBTEwcsnZJ1_bMl4R0oJV7lVu_xGa13XWVKy6RJSdG58GdcbdxGVaJwR0McIIHgJws3gZbzcQldgcU9Va2YhTdM-jKVuGwJoXXx3PwDanF-xWa7WZ3vXwFOj_oa4YWjJQp25V-wB44r4GGpkqKTYcBjgEnP65B6X-pGShNGJmiUXTwVcsUCcmpvVYAt4HCXhziEtxTG6EupmNZLOlWbJv6OrKL5N3ph5iwOH8INufWgRgA4MYqDgtuk23_1c58HqchVMaHpkb90qiBzuf9JrP-2gnhA6-v6jt7qPf5BNoPDQvpyjErtpv_KJxZrI5IZACEY8WEYNqirVAM2Slm3rCsRA4GgHsMLrvfS3_RKFKRMAxOPejsTBo9uy0sUie0EUmJV2tYnagka0LCrTYrMr3OUhLMB2FcdtON-9oEBspSBgp7z90jr5LDUTtNK3-AvnJqmJLJ2nwR7T38coIT8xPapiJjavEdUjsNDmOJm3uZ2hsVA==&cb=_clcjdt0ksuhxrsdklwgkkj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1830123/?pb=ffb284a658447b5a72b094bdefa614641664175006&psp=SaJ-rARbfCoMpO63w2pMz1W7wLXPk2DAYJJKfd9wnOCFaUFDkGGY4XKM7nK_hr-2ywRxCmsPD8T7gU1FATvzfMLnOnaOaX4W5M4r0bd6VIoZP-DtLCJgdax6ncFt2DjxhlQQDwm5x_BUKLgxpVDVrs5UzjmrBTEwcsnZJ1_bMl4R0oJV7lVu_xGa13XWVKy6RJSdG58GdcbdxGVaJwR0McIIHgJws3gZbzcQldgcU9Va2YhTdM-jKVuGwJoXXx3PwDanF-xWa7WZ3vXwFOj_oa4YWjJQp25V-wB44r4GGpkqKTYcBjgEnP65B6X-pGShNGJmiUXTwVcsUCcmpvVYAt4HCXhziEtxTG6EupmNZLOlWbJv6OrKL5N3ph5iwOH8INufWgRgA4MYqDgtuk23_1c58HqchVMaHpkb90qiBzuf9JrP-2gnhA6-v6jt7qPf5BNoPDQvpyjErtpv_KJxZrI5IZACEY8WEYNqirVAM2Slm3rCsRA4GgHsMLrvfS3_RKFKRMAxOPejsTBo9uy0sUie0EUmJV2tYnagka0LCrTYrMr3OUhLMB2FcdtON-9oEBspSBgp7z90jr5LDUTtNK3-AvnJqmJLJ2nwR7T38coIT8xPapiJjavEdUjsNDmOJm3uZ2hsVA==&cb=_clcjdt0ksuhxrsdklwgkkj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1830123/?pb=ffb284a658447b5a72b094bdefa614641664175006&psp=SaJ-rARbfCoMpO63w2pMz1W7wLXPk2DAYJJKfd9wnOCFaUFDkGGY4XKM7nK_hr-2ywRxCmsPD8T7gU1FATvzfMLnOnaOaX4W5M4r0bd6VIoZP-DtLCJgdax6ncFt2DjxhlQQDwm5x_BUKLgxpVDVrs5UzjmrBTEwcsnZJ1_bMl4R0oJV7lVu_xGa13XWVKy6RJSdG58GdcbdxGVaJwR0McIIHgJws3gZbzcQldgcU9Va2YhTdM-jKVuGwJoXXx3PwDanF-xWa7WZ3vXwFOj_oa4YWjJQp25V-wB44r4GGpkqKTYcBjgEnP65B6X-pGShNGJmiUXTwVcsUCcmpvVYAt4HCXhziEtxTG6EupmNZLOlWbJv6OrKL5N3ph5iwOH8INufWgRgA4MYqDgtuk23_1c58HqchVMaHpkb90qiBzuf9JrP-2gnhA6-v6jt7qPf5BNoPDQvpyjErtpv_KJxZrI5IZACEY8WEYNqirVAM2Slm3rCsRA4GgHsMLrvfS3_RKFKRMAxOPejsTBo9uy0sUie0EUmJV2tYnagka0LCrTYrMr3OUhLMB2FcdtON-9oEBspSBgp7z90jr5LDUTtNK3-AvnJqmJLJ2nwR7T38coIT8xPapiJjavEdUjsNDmOJm3uZ2hsVA==&cb=_clcjdt0ksuhxrsdklwgkkj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:07 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22092523502e35027476104b88a68e32b8a0; Path=/; Expires=Tue, 26 Sep 2023 04:50:06 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1830123/?pb=ffb284a658447b5a72b094bdefa614641664175006&psp=SaJ-rARbfCoMpO63w2pMz1W7wLXPk2DAYJJKfd9wnOCFaUFDkGGY4XKM7nK_hr-2ywRxCmsPD8T7gU1FATvzfMLnOnaOaX4W5M4r0bd6VIoZP-DtLCJgdax6ncFt2DjxhlQQDwm5x_BUKLgxpVDVrs5UzjmrBTEwcsnZJ1_bMl4R0oJV7lVu_xGa13XWVKy6RJSdG58GdcbdxGVaJwR0McIIHgJws3gZbzcQldgcU9Va2YhTdM-jKVuGwJoXXx3PwDanF-xWa7WZ3vXwFOj_oa4YWjJQp25V-wB44r4GGpkqKTYcBjgEnP65B6X-pGShNGJmiUXTwVcsUCcmpvVYAt4HCXhziEtxTG6EupmNZLOlWbJv6OrKL5N3ph5iwOH8INufWgRgA4MYqDgtuk23_1c58HqchVMaHpkb90qiBzuf9JrP-2gnhA6-v6jt7qPf5BNoPDQvpyjErtpv_KJxZrI5IZACEY8WEYNqirVAM2Slm3rCsRA4GgHsMLrvfS3_RKFKRMAxOPejsTBo9uy0sUie0EUmJV2tYnagka0LCrTYrMr3OUhLMB2FcdtON-9oEBspSBgp7z90jr5LDUTtNK3-AvnJqmJLJ2nwR7T38coIT8xPapiJjavEdUjsNDmOJm3uZ2hsVA==&cb=_clcjdt0ksuhxrsdklwgkkj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1830123/?pb=ffb284a658447b5a72b094bdefa614641664175006&psp=SaJ-rARbfCoMpO63w2pMz1W7wLXPk2DAYJJKfd9wnOCFaUFDkGGY4XKM7nK_hr-2ywRxCmsPD8T7gU1FATvzfMLnOnaOaX4W5M4r0bd6VIoZP-DtLCJgdax6ncFt2DjxhlQQDwm5x_BUKLgxpVDVrs5UzjmrBTEwcsnZJ1_bMl4R0oJV7lVu_xGa13XWVKy6RJSdG58GdcbdxGVaJwR0McIIHgJws3gZbzcQldgcU9Va2YhTdM-jKVuGwJoXXx3PwDanF-xWa7WZ3vXwFOj_oa4YWjJQp25V-wB44r4GGpkqKTYcBjgEnP65B6X-pGShNGJmiUXTwVcsUCcmpvVYAt4HCXhziEtxTG6EupmNZLOlWbJv6OrKL5N3ph5iwOH8INufWgRgA4MYqDgtuk23_1c58HqchVMaHpkb90qiBzuf9JrP-2gnhA6-v6jt7qPf5BNoPDQvpyjErtpv_KJxZrI5IZACEY8WEYNqirVAM2Slm3rCsRA4GgHsMLrvfS3_RKFKRMAxOPejsTBo9uy0sUie0EUmJV2tYnagka0LCrTYrMr3OUhLMB2FcdtON-9oEBspSBgp7z90jr5LDUTtNK3-AvnJqmJLJ2nwR7T38coIT8xPapiJjavEdUjsNDmOJm3uZ2hsVA==&cb=_clcjdt0ksuhxrsdklwgkkj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1830123/?pb=ffb284a658447b5a72b094bdefa614641664175006&psp=SaJ-rARbfCoMpO63w2pMz1W7wLXPk2DAYJJKfd9wnOCFaUFDkGGY4XKM7nK_hr-2ywRxCmsPD8T7gU1FATvzfMLnOnaOaX4W5M4r0bd6VIoZP-DtLCJgdax6ncFt2DjxhlQQDwm5x_BUKLgxpVDVrs5UzjmrBTEwcsnZJ1_bMl4R0oJV7lVu_xGa13XWVKy6RJSdG58GdcbdxGVaJwR0McIIHgJws3gZbzcQldgcU9Va2YhTdM-jKVuGwJoXXx3PwDanF-xWa7WZ3vXwFOj_oa4YWjJQp25V-wB44r4GGpkqKTYcBjgEnP65B6X-pGShNGJmiUXTwVcsUCcmpvVYAt4HCXhziEtxTG6EupmNZLOlWbJv6OrKL5N3ph5iwOH8INufWgRgA4MYqDgtuk23_1c58HqchVMaHpkb90qiBzuf9JrP-2gnhA6-v6jt7qPf5BNoPDQvpyjErtpv_KJxZrI5IZACEY8WEYNqirVAM2Slm3rCsRA4GgHsMLrvfS3_RKFKRMAxOPejsTBo9uy0sUie0EUmJV2tYnagka0LCrTYrMr3OUhLMB2FcdtON-9oEBspSBgp7z90jr5LDUTtNK3-AvnJqmJLJ2nwR7T38coIT8xPapiJjavEdUjsNDmOJm3uZ2hsVA==&cb=_clcjdt0ksuhxrsdklwgkkj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:07 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22092523505c269c928d824c53bf8e5f4503; Path=/; Expires=Tue, 26 Sep 2023 04:50:06 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 04:50:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://datawav.club
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
he2vye2vhrwt.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 he2vye2vhrwt.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: he2vye2vhrwt.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 04:50:07 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
adserver.juicyads.com/js/jads.js
185.94.236.245200 OK 1.7 kB URL HTTP/1.1 adserver.juicyads.com/js/jads.js
IP 185.94.236.245:0
File type ASCII text, with very long lines (3769), with no line terminators
Hash 65b1efdf55163b144c5018b8772765ad
509de5f40450f3cf05e0d8d1b939fed2bbb11cbe
cf23ab637d84de0eb1c1e67764e05ca0aa140e6ee932a60700fc35661644ee48
GET /js/jads.js HTTP/1.1
Host: adserver.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 04:50:07 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eb9"
Content-Encoding: gzip
datawav.club/favicon.ico
173.208.199.194404 Not Found 184 B IP 173.208.199.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 8ea8556770bd53150ab76b23f87936a6
6c615fdc6839c5ed11a30ebc227646ac6aef493b
c4f8c99f5287623d6325502365d07eb6dc33d0c58c1c2def811f9b06ff7d68f0
GET /favicon.ico HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72; a=S2tnAKf9oXcXsCraHETEMINSTJ7wV4Kf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 26 Sep 2022 04:50:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5f77c832-f7"
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 56077faa415259af9f2dddafe535ebdf
6877f10077f724f29c35fd4e5ef74fee9524d5be
3b21b85f70e346b703546486cfdeaaf08940ba9e57e5b7095cacc496e50cc46e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B21B85F70E346B703546486CFDEAAF08940BA9E57E5B7095CACC496E50CC46E"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1940
Expires: Mon, 26 Sep 2022 05:22:27 GMT
Date: Mon, 26 Sep 2022 04:50:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d60144b96f72539719011cc71dcaa7c2
02a0962fe84b3466d77542f7b1b42a9efcc84479
814e75d1f248cd7bdc505fabec42b103880ed89329940be06d039b84d1f1b95f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "814E75D1F248CD7BDC505FABEC42B103880ED89329940BE06D039B84D1F1B95F"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8220
Expires: Mon, 26 Sep 2022 07:07:07 GMT
Date: Mon, 26 Sep 2022 04:50:07 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:48:03 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 176030439
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
he2vye2vhrwt.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 he2vye2vhrwt.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: he2vye2vhrwt.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 04:50:07 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
adsco.re/p
162.252.214.5200 OK 171 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash 78c6c659abe59cc921a793b2b28da2cc
caf9dbf07c84dbb0be10e3e7f1d47eca7f00762d
c0786e60edec4e49b71547b57fe5e43b704a28a040e6c55617749a6bf8420c2f
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1891
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 04:50:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://datawav.club
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5db893a70674527dbf213685f9a88f70
6aa34ab9b618c3bc02fcc1e9e1aad421607ee66f
de1ab26ab1d9dc17304a5e60b3836031bd35a92d16f9a2770ff5a3442b2264b5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE1AB26AB1D9DC17304A5E60B3836031BD35A92D16F9A2770FF5A3442B2264B5"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20394
Expires: Mon, 26 Sep 2022 10:30:01 GMT
Date: Mon, 26 Sep 2022 04:50:07 GMT
Connection: keep-alive
s4.histats.com/stats/0.php?3916601&@f16&@g1&@h1&@i1&@j1664167805667&@k0&@l1&@mMeth%20Whore%20Deflated%20Tits&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:167783817&@b3:1664167806&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdatawav.club%2Fmeth-whore-deflated-tits%2F&@w
192.99.13.63200 OK 52 B URL HTTP/1.1 s4.histats.com/stats/0.php?3916601&@f16&@g1&@h1&@i1&@j1664167805667&@k0&@l1&@mMeth%20Whore%20Deflated%20Tits&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:167783817&@b3:1664167806&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdatawav.club%2Fmeth-whore-deflated-tits%2F&@w
IP 192.99.13.63:0
File type ASCII text, with no line terminators
Hash 802a9cb7068d86dda5b1975ff873d82c
91f20768011a917534bdbeba1a745732cc2158a1
ee7f3c7b05e12cf6101e9594d1cf60662afdc17476abc66b1363edbd31fada5d
GET /stats/0.php?3916601&@f16&@g1&@h1&@i1&@j1664167805667&@k0&@l1&@mMeth%20Whore%20Deflated%20Tits&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:167783817&@b3:1664167806&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdatawav.club%2Fmeth-whore-deflated-tits%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 04:50:07 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close
adserver.juicyads.com/adshow.php?adzone=593090
185.94.236.245200 OK 1.4 kB URL HTTP/1.1 adserver.juicyads.com/adshow.php?adzone=593090
IP 185.94.236.245:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash d31845241d3aba722f1085345839691a
c9aa2b00462273bbc2348f34951b065ec722bba8
7e1bef7c46a1ce695d3535384ce63e464dc9e3cdf5c93cbf7e07eed6ba41ac98
GET /adshow.php?adzone=593090 HTTP/1.1
Host: adserver.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 04:50:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=fab523e540a87d62f20f2b0b5e81a209; expires=Tue, 26-Sep-2023 04:50:07 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.juicyads.com
juicy_data_1=YTowOnt9; expires=Thu, 29-Sep-2022 04:50:07 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Thu, 29-Sep-2022 04:50:07 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com
Content-Encoding: gzip
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 5da3959b026bf5be18695162cb216306
7b4195903a0e2c596dfdbfa54288b12ebf1942a3
299a4c9af2c147fa29fade82f146a2275070d7381cfe5677b61a5bcb28dd4b4d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 04:50:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 13:12:44 GMT
Expires: Sat, 01 Oct 2022 13:12:43 GMT
Etag: "7b4195903a0e2c596dfdbfa54288b12ebf1942a3"
Cache-Control: max-age=461555,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7509607daa940b31-OSL
blockadsnot.com/paFV.htm?_=BAYAYzEvfwFjMS9_gAGBAsAAIGMuBT5hQW1VwxHy70PoEN2pr-wbeHL2UnCv0YMx_tf2wQBGMEQCIGwhg0ai2XNG-WUM--bLOFm04m_y2zP6ZykVlcei9XUIAiAF2vf1Zb7jMe2bqY4zn5ORNRgsaxD_50NmV0bix-Qm2A&v=4&HCzUOAKu=1955226&EDxBFPrc=&zJYVdOtW=0,0&zHqsMycB=&jlvbwKOu=&s=1280,1024,1,1280,1024,0
208.95.112.254200 OK 705 B URL HTTP/2 blockadsnot.com/paFV.htm?_=BAYAYzEvfwFjMS9_gAGBAsAAIGMuBT5hQW1VwxHy70PoEN2pr-wbeHL2UnCv0YMx_tf2wQBGMEQCIGwhg0ai2XNG-WUM--bLOFm04m_y2zP6ZykVlcei9XUIAiAF2vf1Zb7jMe2bqY4zn5ORNRgsaxD_50NmV0bix-Qm2A&v=4&HCzUOAKu=1955226&EDxBFPrc=&zJYVdOtW=0,0&zHqsMycB=&jlvbwKOu=&s=1280,1024,1,1280,1024,0
IP 208.95.112.254:0
File type ASCII text, with very long lines (1004), with no line terminators
Hash d73c1b2708ee3d7ec2d3ada27471e6a4
5a1497a27879842ed6a6e6220269abafb5ad5be9
9455d6ba03f90a502fa462cc294961a917687127851317dd1acfe8e2e9cd3c19
GET /paFV.htm?_=BAYAYzEvfwFjMS9_gAGBAsAAIGMuBT5hQW1VwxHy70PoEN2pr-wbeHL2UnCv0YMx_tf2wQBGMEQCIGwhg0ai2XNG-WUM--bLOFm04m_y2zP6ZykVlcei9XUIAiAF2vf1Zb7jMe2bqY4zn5ORNRgsaxD_50NmV0bix-Qm2A&v=4&HCzUOAKu=1955226&EDxBFPrc=&zJYVdOtW=0,0&zHqsMycB=&jlvbwKOu=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: blockadsnot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
content-type: application/javascript; charset=utf-8
set-cookie: PP_CV=yes; expires=Mon, 26-Sep-2022 05:50:07 GMT; Max-Age=3600
fraudcheck=77fcda4fa9dd6f5881b6daa61920e892; expires=Wed, 26-Oct-2022 04:50:07 GMT; Max-Age=2592000; path=/; domain=.popads.net
PopAds_CF_Pass=1; expires=Mon, 26-Sep-2022 10:50:07 GMT; Max-Age=21600
link: <https://www.pornsheriff.com>;rel=preconnect
content-length: 705
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 04:50:07 GMT
X-Firefox-Spdy: h2
adserver.juicyads.com/adshow.php?adzone=770180
185.94.236.245200 OK 1.7 kB URL HTTP/1.1 adserver.juicyads.com/adshow.php?adzone=770180
IP 185.94.236.245:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1386), with CRLF, LF line terminators
Hash f920570b7233faa70bb9461c1b28ad28
2156037cc0e2e1a163d4f150ba75b358472b71b2
b820b697a0da477afc5f844cded719c1721f812ec75a108fef42f47d0625f731
GET /adshow.php?adzone=770180 HTTP/1.1
Host: adserver.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 04:50:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=fab523e540a87d62f20f2b0b5e81a209; expires=Tue, 26-Sep-2023 04:50:07 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.juicyads.com
imps52696=1; expires=Tue, 27-Sep-2022 04:50:07 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.juicyads.com
juicy_data_1=YToxOntpOjE0NjQ4Mjg7aToxNjY0NDI3MDA3O30%3D; expires=Thu, 29-Sep-2022 04:50:07 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Thu, 29-Sep-2022 04:50:07 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1910098e48cca0d3f797fe8119aaf7f9
e08035a31b810ecb66aa2ce2de0f8a69a42caf81
896f916f7b74bf1dfbf6b95f66ba3af8a1f893fe5bf5c63c25903e4bda71bb99
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "896F916F7B74BF1DFBF6B95F66BA3AF8A1F893FE5BF5C63C25903E4BDA71BB99"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17511
Expires: Mon, 26 Sep 2022 09:41:59 GMT
Date: Mon, 26 Sep 2022 04:50:08 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 06de3d58febbb8b484574aaccc6abc21
288add816c3db7e496a51d41a6ba016fecfb8d83
dd2cf1804992596ffe8b3e34377714a4931d2f727265ea89e608e16705a5d76a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 04:50:08 GMT
Server: ECS (amb/6B7B)
Content-Length: 278
ads.juicyads.me/network/user73811/52696-1664031075-0801558001664031075.jpg
69.16.175.42200 OK 30 kB URL HTTP/2 ads.juicyads.me/network/user73811/52696-1664031075-0801558001664031075.jpg
IP 69.16.175.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 300x250, components 3\012- data
Hash a6e17d9cf7177857be7e4c3ff3de522a
e2f5e84b37336ea43a431bc4afb4c862ea877c5e
7290c51bdd96cb1828a7d7efdfbce5d5a3057b5e3dc57ddab4f659fcfb2280d8
GET /network/user73811/52696-1664031075-0801558001664031075.jpg HTTP/1.1
Host: ads.juicyads.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:08 GMT
etag: "1664031075"
cache-control: max-age=31526756
content-length: 29560
content-type: image/jpeg
last-modified: Sat, 24 Sep 2022 14:51:15 GMT
accept-ranges: bytes
x-hw: 1664167808.dop215.sk1.t,1664167808.cds065.sk1.hn,1664167808.cds251.sk1.c
X-Firefox-Spdy: h2
ads.juicyads.me/1x1.gif
69.16.175.42200 OK 43 B IP 69.16.175.42:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /1x1.gif HTTP/1.1
Host: ads.juicyads.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:08 GMT
etag: "1457030838"
cache-control: max-age=23057458
content-length: 43
content-type: image/gif
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
accept-ranges: bytes
x-hw: 1664167808.dop215.sk1.t,1664167808.cds065.sk1.hn,1664167808.cds217.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 06de3d58febbb8b484574aaccc6abc21
288add816c3db7e496a51d41a6ba016fecfb8d83
dd2cf1804992596ffe8b3e34377714a4931d2f727265ea89e608e16705a5d76a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 04:50:08 GMT
Last-Modified: Mon, 26 Sep 2022 04:50:08 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
he2vye2vhrwt.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 he2vye2vhrwt.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: he2vye2vhrwt.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 04:50:08 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
www.pornsheriff.com/favicon.ico
104.26.9.31301 Moved Permanently 1.1 kB URL HTTP/2 www.pornsheriff.com/favicon.ico
IP 104.26.9.31:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (379), with CRLF, LF line terminators
Hash 2a3e751e2516417239ab924af066402e
d7886298c83b53a8e87b7335a05e0cc67c2defc6
00737bb93e0ad23f57617d28ca03734f444d0d591a0900dc675dbd2b4357debb
GET /favicon.ico HTTP/1.1
Host: www.pornsheriff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 26 Sep 2022 04:50:08 GMT
content-type: text/html; charset=iso-8859-1
location: https://pornsheriff.com/favicon.ico
cf-cache-status: HIT
age: 1586
expires: Mon, 26 Sep 2022 05:20:08 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHE%2F9GvIC88JiUWXfreHhtHuJoDytHlIJyPjP5l4IDT9z6WmdQjTHyKm0%2BNvEpxMCjDDZmz%2F0Ve%2FFvZ8lmNFin9pQSLMXeFuIXw1U6qtVyMgkllMHqqKdrzCTrwGm3JjLqh0Ytc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75096080ea46b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash eb06a0b60b1e6ef856fc297006559e95
e4512cb9ab0dc5a85124a37c6e19fabdfb6c2147
7607b38945e02419fb9c52edf37b79839d00bb61c8be002ea34dc759226a46cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1962
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 04:50:08 GMT
Last-Modified: Mon, 26 Sep 2022 04:17:26 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash eb06a0b60b1e6ef856fc297006559e95
e4512cb9ab0dc5a85124a37c6e19fabdfb6c2147
7607b38945e02419fb9c52edf37b79839d00bb61c8be002ea34dc759226a46cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 16
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 04:50:08 GMT
Last-Modified: Mon, 26 Sep 2022 04:49:52 GMT
Server: ECS (amb/6BBA)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash eb06a0b60b1e6ef856fc297006559e95
e4512cb9ab0dc5a85124a37c6e19fabdfb6c2147
7607b38945e02419fb9c52edf37b79839d00bb61c8be002ea34dc759226a46cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 04:50:08 GMT
Server: ECS (amb/6B7B)
Content-Length: 278
chaturbate.com/in/?track=juicyront2-728x90-2022&tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f
104.18.101.40302 Found 278 B URL HTTP/2 chaturbate.com/in/?track=juicyront2-728x90-2022&tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f
IP 104.18.101.40:0
Hash eb06a0b60b1e6ef856fc297006559e95
e4512cb9ab0dc5a85124a37c6e19fabdfb6c2147
7607b38945e02419fb9c52edf37b79839d00bb61c8be002ea34dc759226a46cb
GET /in/?track=juicyront2-728x90-2022&tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 26 Sep 2022 04:50:08 GMT
content-type: text/html; charset=utf-8
location: /tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
set-cookie: u_x1Rd=1; expires=Sat, 01-Oct-2022 04:50:08 GMT; Max-Age=432000; Path=/
us_x1Rd=1; Path=/
affkey=eJwdjU0OQDAQRq8is0aZjZ+lC0jcoEabIkXakRBxdxnL972XfA8wtAlc5TBBmgD5Q5B1HzthDqvwcs50h31jzCqsr6bIsECUIIh2zEdslSLtIznN+WZYidXWiqd7NMHPq5HtP8AS3g9TlSKZ; Domain=.chaturbate.com; expires=Wed, 26-Oct-2022 04:50:08 GMT; Max-Age=2592000; Path=/
fromaffiliate=1; Domain=.chaturbate.com; Path=/
noads=1; expires=Mon, 26-Sep-2022 10:50:08 GMT; Max-Age=21600; Path=/
stcki="pOtSwZ=0\054FqPd9a=1\0546pduSG=0\054aDBbcK=0"; expires=Wed, 26-Oct-2022 04:50:08 GMT; Max-Age=2592000; Path=/
sbr=sec:sbrdd35ef8c-e985-4340-ad2e-0d2b5969ace4:1ocg4G:agGQ2RoCHUlxwUu70xOyS4dn7KY; Domain=.chaturbate.com; expires=Sat, 21-Jun-2025 04:50:08 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
__cf_bm=I7AobrWdnmT5i6UKxj3WxlRUnQgn5DwR3c.At8KHwPw-1664167808-0-AaA9kllX9oFDDODfhrF5Nk6JuE408xsUFaCzEvD4SkOAlrSk/Kxz8R+eYtr4ZFvs7W0dm9qaSeVBMt/4Bdpmwkg=; path=/; expires=Mon, 26-Sep-22 05:20:08 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 750960824c4fb4ff-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 5.1 kB IP 93.184.220.29:0
Hash e92c12f1ae64109638c83f0cb0235f2d
68140b303052f7d645b022bb38f4c50b54f45ddf
515bda70458dc819babc846df121a9b8e778ad440dc8b7a543a20bc78b99edde
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1287
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 04:50:08 GMT
Last-Modified: Mon, 26 Sep 2022 04:28:41 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
img.strpst.com/thumbs/1664167553/83546471
104.16.62.52200 OK 21 kB URL HTTP/2 img.strpst.com/thumbs/1664167553/83546471
IP 104.16.62.52:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Hash fa40046db045c3ec9ec66a0bf1f923e7
7c17a15554a8caaec62b6aa55bfd6677397badf1
be890c2895ffcfd4462adffcc0fca7e154150352b3c56a002cb15a141654e1da
GET /thumbs/1664167553/83546471 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.alxbgo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:08 GMT
content-type: image/jpeg
content-length: 20994
cf-bgj: imgq:100,h2pri
cf-polished: origSize=21946, status=webp_bigger
etag: "3cd731c069cbe1667035a36eae216b17"
last-modified: Mon, 26 Sep 2022 04:46:07 GMT
cf-cache-status: HIT
age: 119
expires: Mon, 26 Sep 2022 04:55:08 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 750960847a8d0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wankgod.com/links-en.php?&jl=4
104.21.72.209200 OK 870 B URL HTTP/2 wankgod.com/links-en.php?&jl=4
IP 104.21.72.209:0
Hash c5a1c4ad587bcc005bb2d01084db38a7
040d3da3366090a028a8448bfe262632698f08d9
bd9944d9dfc3402275bdd3e5d7c3586760d8202a70e6665a5863de5225bbc235
GET /links-en.php?&jl=4 HTTP/1.1
Host: wankgod.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:07 GMT
content-type: application/javascript
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giMh%2FPtzPH%2FYa%2F1vrdeP1%2BoErlKyGUYAUKvsFIywp3qkdQ%2FBTPX0p0wKLK66UW51K78Um%2B%2BZDHa167z0DuAU53d6NnYtS08A4LJsl4%2B32M6nHz7rwUFWx22Dxop1eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750960760e9ffac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 53cc3eea96392c2ff39ef2a58c818077
edeb4640232189b1c8115a66c77e38d71723f618
84075ef776cd172f768bd8e3827073139c12693cfd859d7f3c9c1b23866b4f02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84075EF776CD172F768BD8E3827073139C12693CFD859D7F3C9C1B23866B4F02"
Last-Modified: Sat, 24 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=924
Expires: Mon, 26 Sep 2022 05:05:32 GMT
Date: Mon, 26 Sep 2022 04:50:08 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8cd53c7654738019cdb0745f4a1af425
48664f12fc1f61eabe4efd8b8af19aae2f10249c
acd84cac33be6b55a568c01f327ae1bd751d245815a6e6af46916c63cb97baf4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1287
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 04:50:08 GMT
Last-Modified: Mon, 26 Sep 2022 04:28:41 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
camschat.net/72890/freegamet2.php
66.230.180.98200 OK 14 kB URL HTTP/2 camschat.net/72890/freegamet2.php
IP 66.230.180.98:0
Hash 4139c3205cc2952d7d40a0c83a6689cc
185baeeb3266ece5cb7bc5f2c94ae245ae1e6a32
aac63c8bb437c856afe5cc8aba00d1431d9a447c45b3cac0f7b006572f7a1546
GET /72890/freegamet2.php HTTP/1.1
Host: camschat.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/72890/juicyt2.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.3
content-encoding: gzip
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/images/ico-cams.png?829027f88094
104.16.94.42200 OK 549 B URL HTTP/2 static-assets.highwebmedia.com/images/ico-cams.png?829027f88094
IP 104.16.94.42:0
File type PNG image data, 13 x 15, 8-bit colormap, non-interlaced\012- data
Hash 4437b02e2efeaa0eb69858a7eb957af6
2dfa9c3fa2fc56c7504c043876eaad9526abed62
52dc5730b7afd3f35531dcca2bd7b9984f0271d15c8b449c4b1d425dddf12a33
GET /images/ico-cams.png?829027f88094 HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/CACHE/css/output.5c1e955e3832.css
Cookie: _cfuvid=RTlVUGEOTkXxD8gk91d7aY_gTaTfWp3_0ifSdadILnw-1664167808795-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:08 GMT
content-type: image/png
content-length: 549
cache-control: public, max-age=2592000
cf-bgj: imgq:100,h2pri,csam-hash
cf-polished: origSize=1457
etag: "58ecd9d7af4908cce84eccd4cbd6f0d0"
last-modified: Tue, 19 Jan 2021 22:03:22 GMT
x-amz-id-2: uk+Y+mMt51OLA32rfvOrwKQRVhebnzwVD7WNGN89HYS/N/FIKgMltVMzadOcg1MyUuhiPycAlHk=
x-amz-meta-s3cmd-attrs: md5:58ecd9d7af4908cce84eccd4cbd6f0d0
x-amz-request-id: 2BDHEK7PHQPF17BP
cf-cache-status: HIT
age: 950589
expires: Wed, 26 Oct 2022 04:50:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeRca9msFC25Ip2WhnAawjCxu7UMEHv0BcdEYMZOMupNj0gSDalR9VSTykFGokAXc3H3g3JJuEzBdv39jnlv0S8Q4M%2BmRgPJWCJF9nkjUpMXEJO9lUqPanb4q%2FgPs8HLHTLekznjsJn5N2bN2iZZnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7509608528540b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adserver.juicyads.com/adshow.php?adzone=593091
185.94.236.245200 OK 1.5 kB URL HTTP/1.1 adserver.juicyads.com/adshow.php?adzone=593091
IP 185.94.236.245:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (351), with CRLF, LF line terminators
Hash 79b3b8fd5c260cda98b80d11b1b29c1e
5f7ff35b8df66ee5d470a81da6f1e49b55ee7a3d
40da17f79785bec52c1be1e13bbc8644a2b78fbc264077b813f4fbcf7845a846
GET /adshow.php?adzone=593091 HTTP/1.1
Host: adserver.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 04:50:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=fab523e540a87d62f20f2b0b5e81a209; expires=Tue, 26-Sep-2023 04:50:07 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.juicyads.com
juicy_data_1=YTowOnt9; expires=Thu, 29-Sep-2022 04:50:07 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Thu, 29-Sep-2022 04:50:07 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 04:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
104.18.101.40200 OK 47 kB URL HTTP/2 chaturbate.com/tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
IP 104.18.101.40:0
File type Unicode text, UTF-8 text, with very long lines (35711), with no line terminators
Hash 9e755f18a3ac02d0c3d5cfc42e3776cd
7cc1b6e55c9f3b444990ed986897b8fe11bf676b
4e6df6d017c79f3e719bebbbcf5259c9e0ecbfd4ea36ecee6725b9bd45fd4621
GET /tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0 HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://camschat.net/
Connection: keep-alive
Cookie: __cf_bm=I7AobrWdnmT5i6UKxj3WxlRUnQgn5DwR3c.At8KHwPw-1664167808-0-AaA9kllX9oFDDODfhrF5Nk6JuE408xsUFaCzEvD4SkOAlrSk/Kxz8R+eYtr4ZFvs7W0dm9qaSeVBMt/4Bdpmwkg=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:08 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Language, Cookie
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
cache-control: no-cache
set-cookie: stcki="pOtSwZ=1\054FqPd9a=0\0546pduSG=0\054aDBbcK=0"; expires=Wed, 26-Oct-2022 04:50:08 GMT; Max-Age=2592000; Path=/
affkey="eJyrVipSslJQyigpKSi20tdPTswtTs5ILNHLSy3RV6oFAJUzCgA="; Domain=.chaturbate.com; expires=Wed, 26-Oct-2022 04:50:08 GMT; Max-Age=2592000; Path=/
sbr=sec:sbr22765154-63f6-444c-8aa3-a90581c16787:1ocg4G:5QRu039FmgnBeZ90-DIL_1pdO0U; Domain=.chaturbate.com; expires=Sat, 21-Jun-2025 04:50:08 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 750960835d0eb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 2.9 kB IP 142.250.74.3:0
Hash 66a34bb09cd39510070ab620de506d3c
414811b9bfc871caf8d412c72baf3a2b99e81029
2081dcd8c1ce210b6382ba9a0d2057057eed2bdf77141922e8b058c6279975f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 04:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 04:50:09 GMT
via: 1.1 varnish
x-served-by: cache-bma1639-BMA
x-cache: HIT
x-cache-hits: 51
x-timer: S1664167809.007908,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a449281f1207ea2446cbdc842823a531
44d859b4dd499794cab9f903588d5533fd378623
7296ebbb880995c6ab14b682035b74fba6ccb60481aa81248a1369b6dc4bd8ee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7296EBBB880995C6AB14B682035B74FBA6CCB60481AA81248A1369B6DC4BD8EE"
Last-Modified: Sat, 24 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10812
Expires: Mon, 26 Sep 2022 07:50:21 GMT
Date: Mon, 26 Sep 2022 04:50:09 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8cdaef8da493054ab3fa357f852661e3
48b40047919c85c7baa65b896158125c758d9f1a
f85aaa88b1325317a2cd62bc8d144518dca545d941a0589f8ec22eca07264a2d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5314
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 04:50:09 GMT
Last-Modified: Mon, 26 Sep 2022 03:21:35 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r.trwl1.com/s1/5309a775-e969-417d-a06a-3c85cf15d552?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=21942&cv4=195993&cv5=593091&cv6=
185.98.53.17200 OK 748 B URL HTTP/1.1 r.trwl1.com/s1/5309a775-e969-417d-a06a-3c85cf15d552?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=21942&cv4=195993&cv5=593091&cv6=
IP 185.98.53.17:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (552)
Hash a00f4587d70607c4025d0fb50f7c8842
2bd6a54a4d09ec8f22a3faf87eecb2f1bffd5778
f10f913a0962ec43663f768fb210fc493a58510683461b1d6491f721a62e0e38
GET /s1/5309a775-e969-417d-a06a-3c85cf15d552?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=21942&cv4=195993&cv5=593091&cv6= HTTP/1.1
Host: r.trwl1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Mon, 26 Sep 2022 04:50:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 748
Connection: close
Set-Cookie: uid=OMigVy4aM; Path=/; Domain=trwl1.com; Expires=Tue, 27 Sep 2022 04:50:09 GMT; HttpOnly
X-Request-Id: 6bf08d66-91c1-40e0-ab1e-390c352f8148
freecamsfan.com/gehentai.webp
104.232.43.9200 OK 22 kB URL HTTP/2 freecamsfan.com/gehentai.webp
IP 104.232.43.9:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 40a1e7e1f03a91c22f9888882f81d77b
b93537995bad8d3a1beba1687bf1e36ffa7ebac3
42f292e15a5fb58f3bdce2b70d0bcd41ec00482ef30b1a819d107fa49249a97b
GET /gehentai.webp HTTP/1.1
Host: freecamsfan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:08 GMT
content-type: image/webp
content-length: 22458
last-modified: Sun, 21 Feb 2021 16:44:26 GMT
etag: "60328dea-57ba"
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhd.com/h5/files/overlay/1602-overlay-preview.png
185.76.9.24200 OK 1.5 kB URL HTTP/2 static.javhd.com/h5/files/overlay/1602-overlay-preview.png
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 7083a71bc40e5d85670940c518cacca2
a2caeb7c6ca3960af2881434fb0df0c2241d7288
7c4049c76ecd35b05855df0c6ce7e1157213d9fb92c3b2b05ebf9b5d9bdff03a
GET /h5/files/overlay/1602-overlay-preview.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjI3ODQ4fQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:09 GMT
content-type: image/png
content-length: 1546
last-modified: Wed, 20 Apr 2022 13:56:48 GMT
etag: "62601120-60a"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRQAB4//MMWlAA
x-77-nzt-ray: 34En00Laix0
x-cache: HIT
x-age: 10863920
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhd.com/h5/files/overlay/1602-overlay.png
185.76.9.24200 OK 1.8 kB URL HTTP/2 static.javhd.com/h5/files/overlay/1602-overlay.png
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash f4403fc07b7c414db6ec613317885035
457d3e8f9e9fb0456292efdbd5f18b318e804ea7
00ffbfa9483f4a6e8b85b6ab368a9547cf29e54c1aeb2bfcf81f34ec2bf50ee7
GET /h5/files/overlay/1602-overlay.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjI3ODQ4fQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:09 GMT
content-type: image/png
content-length: 1839
last-modified: Wed, 20 Apr 2022 13:56:47 GMT
etag: "6260111f-72f"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRQUP1v/MMWlAA
x-77-nzt-ray: tCweD2g0ZH0
x-cache: HIT
x-age: 10863920
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhd.com/h5/files/button/29-button.png
185.76.9.24200 OK 733 B URL HTTP/2 static.javhd.com/h5/files/button/29-button.png
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 82a66a2d222379716ca9a03ff50d8f42
ae43d917ff791f9172edc527baa6266416182aaa
cc5da7b40e498d30bf5eaae43e59cae32202737076422676489dd8d3030803de
GET /h5/files/button/29-button.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjI3ODQ4fQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:09 GMT
content-type: image/png
content-length: 733
last-modified: Tue, 22 Dec 2015 18:41:22 GMT
etag: "56799952-2dd"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRQ8T8D/MMWlAA
x-77-nzt-ray: 3xOstZeiGEA
x-cache: HIT
x-age: 10863920
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=687&ck=1&ref=https://chaturbate.com/tours/3/&ap=37&be=409&fe=626&dc=474&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664167806663,%22n%22:0,%22r%22:0,%22re%22:185,%22f%22:185,%22dn%22:185,%22dne%22:185,%22c%22:185,%22s%22:185,%22ce%22:185,%22rq%22:188,%22rp%22:391,%22rpe%22:391,%22dl%22:395,%22di%22:473,%22ds%22:473,%22de%22:479,%22dc%22:624,%22l%22:624,%22le%22:626%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=483&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFMJDA8BWQIMBVIGBlcAXxh2Yi0TFUMhJTshCU0XAwdZHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwwBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEwtTVVVRUlMNGA8CBwcUVVZXB05eWFQKHAAICVRaUgdSUA4NDhNNE0sEBAYWBhQbDxtZFUVJElhMSwAHVEZaWQBFFw8HF0tBShtHXEAUVEoVPQ4BFw5WURsLQ3Z8NUBPRhMfTV1WXz5HXBMRCgsNRAMXCh9WExVDFwI7BwNPXFpUPldYDAsPHUFcG3pNWQRDG01AFgU8AlxDUFIEbk0YEgZGWURdUEpaFV5JQ05BEQI5VkZmVwBcUA0bQV5BKlBbTElDHRsUAzwLEDlPUEtCCF5XQ1hBRk9ETFRmUxNeThIHETsFB1RcVUhDCxsnCxEBBQlBFxUTFFBmAxAMExADS2pPVBNCUA4MQV5BXw8bCRNNE0wAPRAQEQ9XUhsLQ3xWGwsPCAJJDBsJEUlpCFBZQygKCExNGUlZB2ZXVlhEERADDA8fURgZJgcADwxJCwUIAVEACVBCJQ0RA19aQR5YBxdRQE9GBA9NalpeDFxQFUBZRlZXX1cBBVIJCVgHAkZPRElUS1AMQhtbQBg4QRJWQEttQwsZPUAbVTECZRcVET0TWgAPEwUKAVdpGwtBbRsVAywXITobGRltQ1JlQ1hDOEFXZRcVET0TST1AWUQ/RAlpGx1BbRsGBw0ABhRlFwMRPRNfPUBPRD9EXVxKUANdXD4RDBENAmUXAxE9Ewk9QB5GT0RcWVBWCFNVBD0QFA8PTWpNVBJFSkNYQUQnFVpDS3NQEX0SARUWIVQZcUpSF0N7UkInFwAQS3cNEUMdGwQOCgMKBFVQZkIRXVAVPRcBEBJKaldCQwsbQQYKFwAJT1BLSD5BWAYHQ0ZPRFhWTVgXVGYSEg8NFzlNUEpFEhMDQ0InFwAQS3cIEUMdGwABFw0VA2ZGSV0IRWYVBxAQEDlXRhsLQxFdCBEACxUDS0xmQQBWXEFAHhk%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=687&ck=1&ref=https://chaturbate.com/tours/3/&ap=37&be=409&fe=626&dc=474&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664167806663,%22n%22:0,%22r%22:0,%22re%22:185,%22f%22:185,%22dn%22:185,%22dne%22:185,%22c%22:185,%22s%22:185,%22ce%22:185,%22rq%22:188,%22rp%22:391,%22rpe%22:391,%22dl%22:395,%22di%22:473,%22ds%22:473,%22de%22:479,%22dc%22:624,%22l%22:624,%22le%22:626%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=483&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFMJDA8BWQIMBVIGBlcAXxh2Yi0TFUMhJTshCU0XAwdZHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwwBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEwtTVVVRUlMNGA8CBwcUVVZXB05eWFQKHAAICVRaUgdSUA4NDhNNE0sEBAYWBhQbDxtZFUVJElhMSwAHVEZaWQBFFw8HF0tBShtHXEAUVEoVPQ4BFw5WURsLQ3Z8NUBPRhMfTV1WXz5HXBMRCgsNRAMXCh9WExVDFwI7BwNPXFpUPldYDAsPHUFcG3pNWQRDG01AFgU8AlxDUFIEbk0YEgZGWURdUEpaFV5JQ05BEQI5VkZmVwBcUA0bQV5BKlBbTElDHRsUAzwLEDlPUEtCCF5XQ1hBRk9ETFRmUxNeThIHETsFB1RcVUhDCxsnCxEBBQlBFxUTFFBmAxAMExADS2pPVBNCUA4MQV5BXw8bCRNNE0wAPRAQEQ9XUhsLQ3xWGwsPCAJJDBsJEUlpCFBZQygKCExNGUlZB2ZXVlhEERADDA8fURgZJgcADwxJCwUIAVEACVBCJQ0RA19aQR5YBxdRQE9GBA9NalpeDFxQFUBZRlZXX1cBBVIJCVgHAkZPRElUS1AMQhtbQBg4QRJWQEttQwsZPUAbVTECZRcVET0TWgAPEwUKAVdpGwtBbRsVAywXITobGRltQ1JlQ1hDOEFXZRcVET0TST1AWUQ/RAlpGx1BbRsGBw0ABhRlFwMRPRNfPUBPRD9EXVxKUANdXD4RDBENAmUXAxE9Ewk9QB5GT0RcWVBWCFNVBD0QFA8PTWpNVBJFSkNYQUQnFVpDS3NQEX0SARUWIVQZcUpSF0N7UkInFwAQS3cNEUMdGwQOCgMKBFVQZkIRXVAVPRcBEBJKaldCQwsbQQYKFwAJT1BLSD5BWAYHQ0ZPRFhWTVgXVGYSEg8NFzlNUEpFEhMDQ0InFwAQS3cIEUMdGwABFw0VA2ZGSV0IRWYVBxAQEDlXRhsLQxFdCBEACxUDS0xmQQBWXEFAHhk%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=687&ck=1&ref=https://chaturbate.com/tours/3/&ap=37&be=409&fe=626&dc=474&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664167806663,%22n%22:0,%22r%22:0,%22re%22:185,%22f%22:185,%22dn%22:185,%22dne%22:185,%22c%22:185,%22s%22:185,%22ce%22:185,%22rq%22:188,%22rp%22:391,%22rpe%22:391,%22dl%22:395,%22di%22:473,%22ds%22:473,%22de%22:479,%22dc%22:624,%22l%22:624,%22le%22:626%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=483&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFMJDA8BWQIMBVIGBlcAXxh2Yi0TFUMhJTshCU0XAwdZHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwwBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEwtTVVVRUlMNGA8CBwcUVVZXB05eWFQKHAAICVRaUgdSUA4NDhNNE0sEBAYWBhQbDxtZFUVJElhMSwAHVEZaWQBFFw8HF0tBShtHXEAUVEoVPQ4BFw5WURsLQ3Z8NUBPRhMfTV1WXz5HXBMRCgsNRAMXCh9WExVDFwI7BwNPXFpUPldYDAsPHUFcG3pNWQRDG01AFgU8AlxDUFIEbk0YEgZGWURdUEpaFV5JQ05BEQI5VkZmVwBcUA0bQV5BKlBbTElDHRsUAzwLEDlPUEtCCF5XQ1hBRk9ETFRmUxNeThIHETsFB1RcVUhDCxsnCxEBBQlBFxUTFFBmAxAMExADS2pPVBNCUA4MQV5BXw8bCRNNE0wAPRAQEQ9XUhsLQ3xWGwsPCAJJDBsJEUlpCFBZQygKCExNGUlZB2ZXVlhEERADDA8fURgZJgcADwxJCwUIAVEACVBCJQ0RA19aQR5YBxdRQE9GBA9NalpeDFxQFUBZRlZXX1cBBVIJCVgHAkZPRElUS1AMQhtbQBg4QRJWQEttQwsZPUAbVTECZRcVET0TWgAPEwUKAVdpGwtBbRsVAywXITobGRltQ1JlQ1hDOEFXZRcVET0TST1AWUQ/RAlpGx1BbRsGBw0ABhRlFwMRPRNfPUBPRD9EXVxKUANdXD4RDBENAmUXAxE9Ewk9QB5GT0RcWVBWCFNVBD0QFA8PTWpNVBJFSkNYQUQnFVpDS3NQEX0SARUWIVQZcUpSF0N7UkInFwAQS3cNEUMdGwQOCgMKBFVQZkIRXVAVPRcBEBJKaldCQwsbQQYKFwAJT1BLSD5BWAYHQ0ZPRFhWTVgXVGYSEg8NFzlNUEpFEhMDQ0InFwAQS3cIEUMdGwABFw0VA2ZGSV0IRWYVBxAQEDlXRhsLQxFdCBEACxUDS0xmQQBWXEFAHhk%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 04:50:09 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75096086aad5b524-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=12f048ac13ee1a66; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=895&ck=1&ref=https://chaturbate.com/tours/3/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=895&ck=1&ref=https://chaturbate.com/tours/3/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=895&ck=1&ref=https://chaturbate.com/tours/3/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 1899
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 04:50:09 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 75096087cbc3b524-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
freecamsfan.com/dating.gif
104.232.43.9200 OK 186 kB URL HTTP/2 freecamsfan.com/dating.gif
IP 104.232.43.9:0
File type GIF image data, version 89a, 120 x 100\012- data
Size 186 kB (185793 bytes)
Hash b1aa3416bef335ab9109ad05ceee9735
3cf894858dcfd1cbca13d40ef1c7e564d99d029f
5edea533632cb22a9ba725b227cd54e01b5c3f7d8321eb84f5079c6a1a59e119
GET /dating.gif HTTP/1.1
Host: freecamsfan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:08 GMT
content-type: image/gif
content-length: 185793
last-modified: Fri, 26 Feb 2021 16:07:21 GMT
cache-control: max-age=31536000
expires: Tue, 26 Sep 2023 04:50:08 GMT
etag: "60391cb9-2d5c1"
accept-ranges: bytes
X-Firefox-Spdy: h2
as.2020mustang.com/as/if?p=reseller&w=120&h=100&v=8642&AFNO=1-367
216.127.52.242200 3.7 kB URL HTTP/1.1 as.2020mustang.com/as/if?p=reseller&w=120&h=100&v=8642&AFNO=1-367
IP 216.127.52.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (911)
Hash 8a4688ca7345af62f4b61acfd6905d55
7ebf89bbb40c9c26ddfccc8d35814564b210b70a
756b1748645c92ce99dca74681ba487067ddb71b8354a2abf8ee69961f2f4ce0
GET /as/if?p=reseller&w=120&h=100&v=8642&AFNO=1-367 HTTP/1.1
Host: as.2020mustang.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx/1.18.0
Date: Mon, 26 Sep 2022 04:50:09 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store
Access-Control-Allow-Origin: *
Set-Cookie: at11664167809937_0_8642_4965=0001000; expires=Wed, 26-Oct-2022 04:50:09 GMT; Max-Age=2592000; path=/as; secure; SameSite=None
iid=2090-1664167809; expires=Thu, 23-Sep-2032 04:50:09 GMT; Max-Age=315360000; path=/; secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"
Content-Encoding: gzip
code.jquery.com/jquery-2.1.3.min.js
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-2.1.3.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32180)
Hash de4fdb8e2e5d9b9624bad7ed2b726525
053a31e8e83b261e3863c4f9e652caba910a2b89
f44c9556d0ecebc0716a7fce2899c0b40ed96394bebafb2937f4305bf3b118f3
GET /jquery-2.1.3.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.2020mustang.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:09 GMT
content-encoding: gzip
content-length: 29507
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-14960"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664167809.dop026.sk1.t,1664167809.cds249.sk1.hn,1664167809.cds215.sk1.c
X-Firefox-Spdy: h2
m.2020mustang.com/jquery-plugins/modernizr-2.6.2-respond-1.1.0.min.js
69.16.175.10200 OK 20 kB URL HTTP/1.1 m.2020mustang.com/jquery-plugins/modernizr-2.6.2-respond-1.1.0.min.js
IP 69.16.175.10:0
File type HTML document, ASCII text, with very long lines (14756)
Hash 70d492eca4141bdd1452977dd893dd63
9cd9504b3afdeca86a03251591e1afab36ae2c57
ce0f70d9e807bb959717d8350c21a107f5b6b7221a774b6d1ed057219468a260
GET /jquery-plugins/modernizr-2.6.2-respond-1.1.0.min.js HTTP/1.1
Host: m.2020mustang.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.2020mustang.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 04:50:09 GMT
Connection: Keep-Alive
ETag: "1367368554"
Cache-Control: max-age=86400
Content-Length: 19484
Content-Type: application/javascript
Last-Modified: Wed, 01 May 2013 00:35:54 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1664167809.dop228.sk1.t,1664167809.cds021.sk1.shn,1664167809.cds021.sk1.c
m.2020mustang.com/common/fontawesome-430/font-awesome.min.css
69.16.175.10200 OK 24 kB URL HTTP/1.1 m.2020mustang.com/common/fontawesome-430/font-awesome.min.css
IP 69.16.175.10:0
File type ASCII text, with very long lines (23523)
Hash 3738ef90dad175977dc8a695809bb71a
98aa676ba7987caa86d49ab1b71f73896d08ad13
c86f7b62a894d5799f1aa0a535efb34ed6f914447f901f1da50c837dee13fa72
GET /common/fontawesome-430/font-awesome.min.css HTTP/1.1
Host: m.2020mustang.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.2020mustang.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 04:50:09 GMT
Connection: Keep-Alive
ETag: "1422564509"
Cache-Control: max-age=86400
Content-Length: 23685
Content-Type: text/css
Last-Modified: Thu, 29 Jan 2015 20:48:29 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1664167809.dop206.sk1.t,1664167809.cds212.sk1.shn,1664167809.cds212.sk1.c
m.2020mustang.com/common/videojs/videojs.min-original-v2.css
69.16.175.10200 OK 12 kB URL HTTP/1.1 m.2020mustang.com/common/videojs/videojs.min-original-v2.css
IP 69.16.175.10:0
File type ASCII text, with very long lines (11336)
Hash 4b6813504d31e3b11655aafacf165db4
96517f0033bd59f277cd2eefa7d088ae6ff82dad
063b4a568733054fea7f238a10b384170ce29c136d3194feed44d8c8b451f55d
GET /common/videojs/videojs.min-original-v2.css HTTP/1.1
Host: m.2020mustang.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.2020mustang.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 04:50:09 GMT
Connection: Keep-Alive
ETag: "1385146323"
Cache-Control: max-age=19953
Content-Length: 11451
Content-Type: text/css
Last-Modified: Fri, 22 Nov 2013 18:52:03 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1664167809.dop213.sk1.t,1664167809.cds204.sk1.shn,1664167809.cds204.sk1.c
static.javhd.com/h5/files/video/3849-30453-300x250.medium.mp4
185.76.9.24206 Partial Content 88 kB URL HTTP/2 static.javhd.com/h5/files/video/3849-30453-300x250.medium.mp4
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash aec8ec9ce6348f71c047b2051c177c46
55abe88343ed5bf6b6fd654b96b51e28e8f60854
dbd849de62b6f6e190a4e077706b931c7175c1e04a9a79160b8b6925d9db3720
GET /h5/files/video/3849-30453-300x250.medium.mp4 HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjI3ODQ4fQ
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Mon, 26 Sep 2022 04:50:09 GMT
content-type: video/mp4
content-length: 431883
last-modified: Mon, 07 Feb 2022 07:42:29 GMT
etag: "6200cd65-6970b"
expires: Tue, 24 May 2022 11:04:49 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-accel-expires: @1664191812
server: CDN77-Turbo
x-77-nzt: AblMCRRd+Ur/vfMAAA
x-77-nzt-ray: FRgq1+yQrDA
x-cache: HIT
x-age: 62397
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-431882/431883
X-Firefox-Spdy: h2
m.2020mustang.com/common/fontawesome-430/fontawesome-webfont.woff2?v=4.3.0
69.16.175.10200 OK 57 kB URL HTTP/1.1 m.2020mustang.com/common/fontawesome-430/fontawesome-webfont.woff2?v=4.3.0
IP 69.16.175.10:0
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
GET /common/fontawesome-430/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: m.2020mustang.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://as.2020mustang.com
Connection: keep-alive
Referer: https://m.2020mustang.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 04:50:09 GMT
Connection: Keep-Alive
ETag: "1422564509"
Cache-Control: max-age=86400
Content-Length: 56780
Content-Type: application/octet-stream
Last-Modified: Thu, 29 Jan 2015 20:48:29 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1664167809.dop016.sk1.t,1664167809.cds226.sk1.shn,1664167809.cds226.sk1.c
www.googletagmanager.com/gtm.js?id=GTM-KSFJ4V6
142.250.74.72200 OK 66 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KSFJ4V6
IP 142.250.74.72:0
File type ASCII text, with very long lines (5825)
Hash 4c3e3c68cb820b76ba5b6aa09d97900e
2c1ad4d8737fb440fa00da3544024c33150e9fc8
e14f9e32f75814a642ae0155f5605a39ba11f8384e317910e38b3855518cfbb4
GET /gtm.js?id=GTM-KSFJ4V6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.2020mustang.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 04:50:09 GMT
expires: Mon, 26 Sep 2022 04:50:09 GMT
cache-control: private, max-age=900
last-modified: Mon, 26 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 66281
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d9482a97b531e3693e0f6f990b56de8f
d378f2b46dbc9c9035701da88946b10e866873d6
9e16eed5190631c5ad82524e5ce98110e810b0c45edb8209aac6cd4caa86a332
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E16EED5190631C5AD82524E5CE98110E810B0C45EDB8209AAC6CD4CAA86A332"
Last-Modified: Sun, 25 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6937
Expires: Mon, 26 Sep 2022 06:45:47 GMT
Date: Mon, 26 Sep 2022 04:50:10 GMT
Connection: keep-alive
d.pssy.xyz/d/?resource=bundler&nada=1&widgets=1499332:4,1499333:2,1243820:1,1499368:1&isct=1663374975&rfrr=datawav.club&iscs=NGZiZDgwZTc1ZWRiYTczOWM2NmRjODU2MWUyN2M5NjgyNDE0YWM2MGJkOGI2MTM3ODE5YmMwZTZkOWU5YmZhNHwwfDV8MTkyLjE4Ny4xMjcuNjZ8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg0LjAuNDE0Ny4xMDUgU2FmYXJpLzUzNy4zNnwyODgxODV8MTY2MzM3NDk3NXxpYlpHRjBZWGRoZGk1amJIVmk=&width=620&reqc=1&ver=b38246effccfb5a0.1663374975956&page=aHR0cHM6Ly9kYXRhd2F2LmNsdWIvbWV0aC13aG9yZS1kZWZsYXRlZC10aXRzLw==
131.153.42.225200 OK 21 kB URL HTTP/1.1 d.pssy.xyz/d/?resource=bundler&nada=1&widgets=1499332:4,1499333:2,1243820:1,1499368:1&isct=1663374975&rfrr=datawav.club&iscs=NGZiZDgwZTc1ZWRiYTczOWM2NmRjODU2MWUyN2M5NjgyNDE0YWM2MGJkOGI2MTM3ODE5YmMwZTZkOWU5YmZhNHwwfDV8MTkyLjE4Ny4xMjcuNjZ8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg0LjAuNDE0Ny4xMDUgU2FmYXJpLzUzNy4zNnwyODgxODV8MTY2MzM3NDk3NXxpYlpHRjBZWGRoZGk1amJIVmk=&width=620&reqc=1&ver=b38246effccfb5a0.1663374975956&page=aHR0cHM6Ly9kYXRhd2F2LmNsdWIvbWV0aC13aG9yZS1kZWZsYXRlZC10aXRzLw==
IP 131.153.42.225:0
Hash e5c9e292f50f4604febfb67621f56822
2e694275a2145a5302d7d812cf56dab3c3fc6392
ac6b732fe995bfe5bd7498030845695511b801951cb623f8a2cdde5d63508585
Analyzer Verdict Alert quad9 Sinkholed
GET /d/?resource=bundler&nada=1&widgets=1499332:4,1499333:2,1243820:1,1499368:1&isct=1663374975&rfrr=datawav.club&iscs=NGZiZDgwZTc1ZWRiYTczOWM2NmRjODU2MWUyN2M5NjgyNDE0YWM2MGJkOGI2MTM3ODE5YmMwZTZkOWU5YmZhNHwwfDV8MTkyLjE4Ny4xMjcuNjZ8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg0LjAuNDE0Ny4xMDUgU2FmYXJpLzUzNy4zNnwyODgxODV8MTY2MzM3NDk3NXxpYlpHRjBZWGRoZGk1amJIVmk=&width=620&reqc=1&ver=b38246effccfb5a0.1663374975956&page=aHR0cHM6Ly9kYXRhd2F2LmNsdWIvbWV0aC13aG9yZS1kZWZsYXRlZC10aXRzLw== HTTP/1.1
Host: d.pssy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 04:50:10 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
ETag: W/"787b-ahaKuX0PGhN6fZ8LWBEPQ+VkaCk"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://datawav.club
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d28a2deba61ba9c3feec7d25306e24e
50ae46a75defd81dd15f2e34fa424cb41773d388
e8eb462591a81a5677dc8053a0ecb142253c038b3f87f5db9ff0b4f31ea83d92
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E8EB462591A81A5677DC8053A0ECB142253C038B3F87F5DB9FF0B4F31EA83D92"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13578
Expires: Mon, 26 Sep 2022 08:36:28 GMT
Date: Mon, 26 Sep 2022 04:50:10 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d28a2deba61ba9c3feec7d25306e24e
50ae46a75defd81dd15f2e34fa424cb41773d388
e8eb462591a81a5677dc8053a0ecb142253c038b3f87f5db9ff0b4f31ea83d92
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E8EB462591A81A5677DC8053A0ECB142253C038B3F87F5DB9FF0B4F31EA83D92"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13578
Expires: Mon, 26 Sep 2022 08:36:28 GMT
Date: Mon, 26 Sep 2022 04:50:10 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d28a2deba61ba9c3feec7d25306e24e
50ae46a75defd81dd15f2e34fa424cb41773d388
e8eb462591a81a5677dc8053a0ecb142253c038b3f87f5db9ff0b4f31ea83d92
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E8EB462591A81A5677DC8053A0ECB142253C038B3F87F5DB9FF0B4F31EA83D92"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13578
Expires: Mon, 26 Sep 2022 08:36:28 GMT
Date: Mon, 26 Sep 2022 04:50:10 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d28a2deba61ba9c3feec7d25306e24e
50ae46a75defd81dd15f2e34fa424cb41773d388
e8eb462591a81a5677dc8053a0ecb142253c038b3f87f5db9ff0b4f31ea83d92
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E8EB462591A81A5677DC8053A0ECB142253C038B3F87F5DB9FF0B4F31EA83D92"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13578
Expires: Mon, 26 Sep 2022 08:36:28 GMT
Date: Mon, 26 Sep 2022 04:50:10 GMT
Connection: keep-alive
s.w.org/images/core/emoji/14.0.0/svg/1f514.svg
192.0.77.48200 OK 314 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f514.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (314), with no line terminators
Hash 6201ff6add4821014e02cfc1bc82fc95
afd344621ef88b39f6e7013b7ce4765d67892315
5f70fb8150f0a1f184b40f86d012db040d229056b9b0d8c681f08987cb124e5f
GET /images/core/emoji/14.0.0/svg/1f514.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:10 GMT
content-type: image/svg+xml
content-length: 314
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.pssy.xyz/prplugs/0/1144692/240x180.jpg
104.21.69.85200 OK 17 kB URL HTTP/2 s.pssy.xyz/prplugs/0/1144692/240x180.jpg
IP 104.21.69.85:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 240x180, components 3\012- data
Hash 75db6cabdd2ff4c7176e192fc09c51e7
6410b776a15b23b18118b34b1781d98c02941ff7
5e4ad9400ee9a9264b2540cd00c28a8eac4f0404f5bd35d4cfe69ecba73576e8
Analyzer Verdict Alert quad9 Sinkholed
GET /prplugs/0/1144692/240x180.jpg HTTP/1.1
Host: s.pssy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:10 GMT
content-type: image/jpeg
content-length: 16750
last-modified: Tue, 27 Oct 2020 12:06:57 GMT
etag: "5f980d61-416e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2836
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bujNBIId4WXtprb%2BQ5QtIJkcQFq4AX7XXGctN8tUz2qcIm%2BC7HcqL7WoX%2BBkGAmCFXPQRwzOggaLBAucdllm1%2FZ2IIeRiaMRtEK2b8ZEpehvBytzWS337xGmxiyb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750960910bbdb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.pssy.xyz/prplugs/0/1071737/240x180.jpg
104.21.69.85200 OK 16 kB URL HTTP/2 s.pssy.xyz/prplugs/0/1071737/240x180.jpg
IP 104.21.69.85:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 240x180, components 3\012- data
Hash fd2030561bf98533490017cc612a16d1
687527a973b9f101d2211ec6b9255bb7db10af79
9b697c33be54157c4643cbe9663ca1fa9e7b9d2db8cf2b5fcaf540d8002e6511
Analyzer Verdict Alert quad9 Sinkholed
GET /prplugs/0/1071737/240x180.jpg HTTP/1.1
Host: s.pssy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:10 GMT
content-type: image/jpeg
content-length: 16035
last-modified: Wed, 20 Dec 2017 14:57:52 GMT
etag: "5a3a7a70-3ea3"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3929
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAehroGH9zxlt9CHHlBlzW5R9DKyllOHLPFtoJ4jXmmIZW%2FIe62y%2FAT0VlAQUGSerZqmqC8UEau43Xf8%2BPOjrlwvXYrT46uHM2d5zKvkrW%2B%2FV2hCNJof%2FXEp%2FHRJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750960910bc5b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.pssy.xyz/prplugs/0/1071735/240x180.jpg
104.21.69.85200 OK 17 kB URL HTTP/2 s.pssy.xyz/prplugs/0/1071735/240x180.jpg
IP 104.21.69.85:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 240x180, components 3\012- data
Hash 380cec60c3dc11cc07b0ee2d53a1e8bf
588b6da72ae73490f1c7e08abfdcc7553cac7692
1d5e8b50054407ded1384ddd32280a3162a461adcc8a6ecf0c769973f3d7d657
Analyzer Verdict Alert quad9 Sinkholed
GET /prplugs/0/1071735/240x180.jpg HTTP/1.1
Host: s.pssy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:10 GMT
content-type: image/jpeg
content-length: 17142
last-modified: Wed, 20 Dec 2017 14:57:51 GMT
etag: "5a3a7a6f-42f6"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6589
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1465WVfhVYhFBjrkJAtNx3MUtY4exxXPaTnkozn6Dy7mBrRp43csNgOp%2Fk8omCD4ZjWra6c60Zs9NcazDtsoViwXncTJeIT2AkkEO6ATgFEzwkPmr6ESlXWQdlA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750960910bc6b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.pssy.xyz/prplugs/0/1071738/240x180.jpg
104.21.69.85200 OK 13 kB URL HTTP/2 s.pssy.xyz/prplugs/0/1071738/240x180.jpg
IP 104.21.69.85:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 240x180, components 3\012- data
Hash 90f7add31dd5f68f70670c95ed362295
c61cd96b4fc176bcfd36049951b8e4778588bf49
10f008da2ebb67f056f18477d21ad5ba3ac353823a1ee840871b5b2b453ea98c
Analyzer Verdict Alert quad9 Sinkholed
GET /prplugs/0/1071738/240x180.jpg HTTP/1.1
Host: s.pssy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:10 GMT
content-type: image/jpeg
content-length: 13132
last-modified: Wed, 20 Dec 2017 14:57:53 GMT
etag: "5a3a7a71-334c"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 4391
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5YDFjvbmpD0y53Bs8dB0rLVmE11E7rynnQ9nrfOk8V0mPLpMGvIAHnyQZJnZthDpIBPrlg1MlkkwA65kXqHG5ZtilctQPMw690OlzhfBIJmKMRtACcvDBM%2FnQVc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750960910bc0b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d28a2deba61ba9c3feec7d25306e24e
50ae46a75defd81dd15f2e34fa424cb41773d388
e8eb462591a81a5677dc8053a0ecb142253c038b3f87f5db9ff0b4f31ea83d92
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E8EB462591A81A5677DC8053A0ECB142253C038B3F87F5DB9FF0B4F31EA83D92"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13578
Expires: Mon, 26 Sep 2022 08:36:28 GMT
Date: Mon, 26 Sep 2022 04:50:10 GMT
Connection: keep-alive
static.javhd.com/h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjI3ODQ4fQ
185.76.9.24200 OK 2.6 kB URL HTTP/2 static.javhd.com/h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjI3ODQ4fQ
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4cf76a6b4e886c401b798f73d60cab8e
2357db75ef1bd12c1036834d33718e2858a3eb9c
d431fde381b8c5ba6e0f19b09bb8eef1ca6cfe4f3e238ea5e47f38c37323d1e2
GET /h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjI3ODQ4fQ HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trwl1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:09 GMT
content-type: text/html
last-modified: Wed, 20 Apr 2022 13:56:46 GMT
etag: W/"6260111e-c86"
expires: Sat, 22 Oct 2022 14:52:46 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1666450366
server: CDN77-Turbo
x-77-nzt: AblMCRSarCv/w7gEAA
x-77-nzt-ray: TPmJjPVD0W0
x-cache: HIT
x-age: 309443
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
datawav.club/uomdacwoqbvxwxj.php?sw
173.208.199.194200 OK 11 kB URL HTTP/1.1 datawav.club/uomdacwoqbvxwxj.php?sw
IP 173.208.199.194:0
File type ASCII text, with very long lines (10335)
Hash b8a2640800440013e2492a42cc98b6de
f909ac2b2f373b64f1d2cae78d4c281beb7122d0
2af67e0dd94997a82ba15645f61599c56882e17bc5d93ab00a76079a22712b99
GET /uomdacwoqbvxwxj.php?sw HTTP/1.1
Host: datawav.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72; a=S2tnAKf9oXcXsCraHETEMINSTJ7wV4Kf; HstCfa3916601=1664167805667; HstCla3916601=1664167805667; HstCmu3916601=1664167805667; HstPn3916601=1; HstPt3916601=1; HstCnv3916601=1; HstCns3916601=1; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BAYAYzEvfwFjMS9_gAGBAsAAIGMuBT5hQW1VwxHy70PoEN2pr-wbeHL2UnCv0YMx_tf2wQBGMEQCIGwhg0ai2XNG-WUM--bLOFm04m_y2zP6ZykVlcei9XUIAiAF2vf1Zb7jMe2bqY4zn5ORNRgsaxD_50NmV0bix-Qm2A
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 04:50:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
FrontCache: HIT
d.pssy.xyz/t.php
131.153.42.225200 OK 20 B IP 131.153.42.225:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer Verdict Alert quad9 Sinkholed
GET /t.php HTTP/1.1
Host: d.pssy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 04:50:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: guid=3f4bfd5f-48c1-4278-863c-f99832568bf1; expires=Tue, 26-Sep-2023 04:50:10 GMT; Max-Age=31536000; path=/; domain=pssy.xyz; secure; SameSite=None
Access-Control-Allow-Origin: *
Content-Encoding: gzip
go.alxbgo.com/config?url=https%3A%2F%2Fcreative.alxbgo.com%2Fwidgets%2Fv3.html%23namespace%3Dfemales%26cols%3D1%26rows%3D1%26margin%3D1%26refreshRate%3D60%26modelsLanguage%3Den%26hasPlayer%3Dtrue%26hasLive%3Dtrue%26campaignId%3Djuicy-728x90-t2%26userId%3D17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd
172.64.145.216200 OK 0 B URL HTTP/2 go.alxbgo.com/config?url=https%3A%2F%2Fcreative.alxbgo.com%2Fwidgets%2Fv3.html%23namespace%3Dfemales%26cols%3D1%26rows%3D1%26margin%3D1%26refreshRate%3D60%26modelsLanguage%3Den%26hasPlayer%3Dtrue%26hasLive%3Dtrue%26campaignId%3Djuicy-728x90-t2%26userId%3D17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd
IP 172.64.145.216:0
GET /config?url=https%3A%2F%2Fcreative.alxbgo.com%2Fwidgets%2Fv3.html%23namespace%3Dfemales%26cols%3D1%26rows%3D1%26margin%3D1%26refreshRate%3D60%26modelsLanguage%3Den%26hasPlayer%3Dtrue%26hasLive%3Dtrue%26campaignId%3Djuicy-728x90-t2%26userId%3D17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd HTTP/1.1
Host: go.alxbgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.alxbgo.com/
Origin: https://creative.alxbgo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:08 GMT
content-type: application/json
access-control-allow-origin: *
last-modified: Mon, 26 Sep 2022 04:19:21 GMT
cf-cache-status: HIT
age: 55
vary: Accept-Encoding
server: cloudflare
cf-ray: 750960833f0bb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.javhd.com/h5/files/css/style.css
185.76.9.24200 OK 0 B URL HTTP/2 static.javhd.com/h5/files/css/style.css
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /h5/files/css/style.css HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjI3ODQ4fQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:09 GMT
content-type: text/css
last-modified: Wed, 25 May 2016 08:29:12 GMT
etag: W/"57456258-7bd"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRSjABL/MMWlAA
x-77-nzt-ray: hZZfOC0+edc
x-cache: HIT
x-age: 10863920
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/css/output.5c1e955e3832.css
104.16.94.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/css/output.5c1e955e3832.css
IP 104.16.94.42:0
GET /CACHE/css/output.5c1e955e3832.css HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:08 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=63849
etag: W/"03c072147fa475d9bd57bcc9b73d3260"
last-modified: Thu, 22 Sep 2022 16:22:00 GMT
x-amz-id-2: src6WemkBrmxeGDZVP+4ipre01PPVsPb7jxfzfVQ0ssDy7l2IzQ439zT3Wf7YWS5u4ixFo+mPb4=
x-amz-meta-s3cmd-attrs: md5:03c072147fa475d9bd57bcc9b73d3260
x-amz-request-id: 12Q62S61BDK4RBY8
cf-cache-status: HIT
age: 303908
expires: Wed, 26 Oct 2022 04:50:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utIWk4p8tKvMEojFM%2FQ8bO%2FuRqJoNRoD%2Fg4R8X4KGlnCw6KC%2FgN%2FZj114oFZOnELy7fFPuBi9JskSFNRl%2F8ykhy9AYPa50a%2B7CBCKba2xGinAVqTW5zQOt7GKQ%2FjUAU%2BPp8QaUrOg1yYApG1gh%2BR9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=0b6eYqk7cjuQGYYF7t.YVWGFlP_ikk.Cx6d5BLPHlhQ-1664167808786-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75096084d8330b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.juicyads.com/jp.php?c=446433y2r256r2x2t2f46384&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23datawav
143.204.55.92200 OK 0 B URL HTTP/2 js.juicyads.com/jp.php?c=446433y2r256r2x2t2f46384&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23datawav
IP 143.204.55.92:0
GET /jp.php?c=446433y2r256r2x2t2f46384&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23datawav HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
date: Mon, 26 Sep 2022 04:35:38 GMT
expires: Mon, 26 Sep 2022 04:50:38 GMT
pragma: cache
server: nginx
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: P5ZaxWGbHgDOsbRI451drPJkjXE1nT7BclCffNhyTQth8TSjQC04LA==
age: 867
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Gudea%3A400%2C400italic%2C700%2C700italic%7CMagra%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Gudea%3A400%2C400italic%2C700%2C700italic%7CMagra%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext
IP 142.250.74.10:0
GET /css?family=Gudea%3A400%2C400italic%2C700%2C700italic%7CMagra%3A400%2C400italic%2C700%2C700italic&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 04:50:05 GMT
date: Mon, 26 Sep 2022 04:50:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i2.wp.com/whoresandhookers.com/whoresandhookers.com/wp-content/uploads/2011/07/crack-whore-sluts-3.jpg
192.0.77.2404 Not Found 0 B URL HTTP/2 i2.wp.com/whoresandhookers.com/whoresandhookers.com/wp-content/uploads/2011/07/crack-whore-sluts-3.jpg
IP 192.0.77.2:0
GET /whoresandhookers.com/whoresandhookers.com/wp-content/uploads/2011/07/crack-whore-sluts-3.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 7
X-Firefox-Spdy: h2
pfewuzbtkr.com/get/1830123?zoneid=1830123&jp=_cl0o7c6wpxk0oe1k6f0rkq&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=1797912761500807
62.122.171.6200 OK 0 B URL HTTP/2 pfewuzbtkr.com/get/1830123?zoneid=1830123&jp=_cl0o7c6wpxk0oe1k6f0rkq&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=1797912761500807
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1830123?zoneid=1830123&jp=_cl0o7c6wpxk0oe1k6f0rkq&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=1797912761500807 HTTP/1.1
Host: pfewuzbtkr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2209252350ecb97531c91c42c0bada4c3d5f; Path=/; Expires=Tue, 26 Sep 2023 04:50:06 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
www.blockadsnot.com/native.history.min.js
185.76.9.19200 OK 0 B URL HTTP/2 www.blockadsnot.com/native.history.min.js
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
GET /native.history.min.js HTTP/1.1
Host: www.blockadsnot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:06 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.13:443"; ma=2592000; v="44,43,39"
expires: Fri, 30 Sep 2022 20:36:56 GMT
access-control-allow-origin: *
link: <https://blockadsnot.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1664570216
server: CDN77-Turbo
x-77-nzt: AblMCQ2d8Sr/lhYDAA
x-77-nzt-ray: ptJtkfZXDXc
x-cache: HIT
x-age: 202390
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
camschat.net/72890/juicyt2.php
66.230.180.98200 OK 0 B URL HTTP/2 camschat.net/72890/juicyt2.php
IP 66.230.180.98:0
GET /72890/juicyt2.php HTTP/1.1
Host: camschat.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.3
content-encoding: gzip
X-Firefox-Spdy: h2
creative.alxbgo.com/widgets/v3.html
104.18.42.40200 OK 0 B URL HTTP/2 creative.alxbgo.com/widgets/v3.html
IP 104.18.42.40:0
GET /widgets/v3.html HTTP/1.1
Host: creative.alxbgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:08 GMT
content-type: text/html
last-modified: Mon, 19 Sep 2022 11:30:49 GMT
expires: Mon, 26 Sep 2022 04:50:06 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
cf-cache-status: HIT
age: 4
vary: Accept-Encoding
server: cloudflare
cf-ray: 75096081a95b1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pornsheriff.com/favicon.ico
104.26.9.31302 Found 0 B URL HTTP/2 pornsheriff.com/favicon.ico
IP 104.26.9.31:0
GET /favicon.ico HTTP/1.1
Host: pornsheriff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 26 Sep 2022 04:50:08 GMT
content-type: text/html; charset=iso-8859-1
location: https://pornsheriff.com/404
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTliabB%2FexaZtOzFigz7%2Bni6tmxshDeDVHpDRo3cML5YF0dmFeumRd6T3ow%2BtLHKw5dzIBDn3rfapGxIVglzeRD%2BdY%2BLuCpBJDEO0JDIKHVwyPYSwp1i7zFjHqO3CErNSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750960810a60b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
104.16.94.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
IP 104.16.94.42:0
GET /CACHE/js/output.6f6724a00cb8.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:08 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"a708027bfbbde438a72a93082d4bc4b5"
last-modified: Thu, 24 Jun 2021 21:24:05 GMT
x-amz-id-2: JSy2VAlm3gAahvlCm5/iqNOQuasckcIrq13CGup8iDmNjJ/I2mSXsAw6q4OzSeK3RH88h3oFZ3U=
x-amz-meta-s3cmd-attrs: md5:a708027bfbbde438a72a93082d4bc4b5
x-amz-request-id: 2D5V5B3Y2TWH6PZC
cf-cache-status: HIT
age: 717767
expires: Wed, 26 Oct 2022 04:50:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Y89O0fe5AYMEnpchogZvMs6o2LBiCJsn4%2Bgo9TbeiQnKw%2FeHWyYllRaXJ4dLlWQJHubUm66de%2F%2BCkkKA2K5l9%2BtwCNTbd7p%2FHH81MLIEifV2IrOEZfggzHUzVwytY5sEbdI8MSotOU4U31xmYFZiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=h2T.tyen.PIOU3Csq0BqQ6XWchVxw0mFxG_8fxvlwZo-1664167808788-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75096084e8340b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pfewuzbtkr.com/t/9/fret/meow4/1830123/brt.js
62.122.171.6200 OK 0 B URL HTTP/2 pfewuzbtkr.com/t/9/fret/meow4/1830123/brt.js
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /t/9/fret/meow4/1830123/brt.js HTTP/1.1
Host: pfewuzbtkr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 04:50:05 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1091a"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
i0.wp.com/thefappening.pro/wp-content/uploads/2020/09/Juliana-Cruz-Chubby-Nude-Model-TheFappening.Pro-133.jpg
192.0.77.2403 Forbidden 0 B URL HTTP/2 i0.wp.com/thefappening.pro/wp-content/uploads/2020/09/Juliana-Cruz-Chubby-Nude-Model-TheFappening.Pro-133.jpg
IP 192.0.77.2:0
GET /thefappening.pro/wp-content/uploads/2020/09/Juliana-Cruz-Chubby-Nude-Model-TheFappening.Pro-133.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 3
X-Firefox-Spdy: h2
c.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 04:50:06 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Thu, 27 Oct 2022 04:50:06 GMT
etag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
cf-cache-status: HIT
age: 888318
vary: Accept-Encoding
server: cloudflare
cf-ray: 750960786efcb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2