Overview

URL datawav.club/meth-whore-deflated-tits
IP173.208.199.194
ASNWII
Location United States
Report completed2022-09-26 04:50:16 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-26 2 datawav.club/meth-whore-deflated-tits Malware
2022-09-26 2 datawav.club/meth-whore-deflated-tits Malware
2022-09-26 2 datawav.club/meth-whore-deflated-tits/ Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-26 2 pfewuzbtkr.com Sinkholed
2022-09-26 2 limurol.com Sinkholed
2022-09-26 2 limurol.com Sinkholed
2022-09-26 2 limurol.com Sinkholed
2022-09-26 2 pssy.xyz Sinkholed
2022-09-26 2 pssy.xyz Sinkholed
2022-09-26 2 pssy.xyz Sinkholed
2022-09-26 2 pssy.xyz Sinkholed
2022-09-26 2 pssy.xyz Sinkholed
2022-09-26 2 pssy.xyz Sinkholed
2022-09-26 2 pfewuzbtkr.com Sinkholed
2022-09-26 2 pfewuzbtkr.com Sinkholed


Files

No files detected



Passive DNS (53)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ads.juicyads.me (2) 99752 2020-06-30 19:16:31 UTC 2022-09-25 03:49:24 UTC 69.16.175.42
mnemonic passive DNS img.strpst.com (1) 12993 2021-06-03 08:45:56 UTC 2022-09-26 00:34:52 UTC 104.16.62.52
mnemonic passive DNS m.2020mustang.com (4) 60583 2017-03-30 08:58:30 UTC 2022-09-25 20:17:15 UTC 69.16.175.10
mnemonic passive DNS ocsp.digicert.com (9) 86 2012-05-21 07:02:23 UTC 2022-09-26 04:12:21 UTC 93.184.220.29
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-26 04:11:51 UTC 34.120.237.76
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-09-25 06:16:45 UTC 69.16.175.10
mnemonic passive DNS static.javhd.com (6) 39788 2013-11-18 08:31:48 UTC 2022-09-26 01:16:19 UTC 185.76.9.24
mnemonic passive DNS bam.nr-data.net (2) 630 2015-02-10 00:06:27 UTC 2022-09-25 04:59:22 UTC 162.247.241.14
mnemonic passive DNS he2vye2vhrwt.l4.adsco.re (1) 0 No data No data 185.200.118.90 Domain (adsco.re) ranked at: 8541
mnemonic passive DNS www.pornsheriff.com (1) 0 2020-11-11 20:13:51 UTC 2022-09-20 03:43:23 UTC 104.26.9.31 Unknown ranking
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-26 04:27:27 UTC 142.250.74.72
mnemonic passive DNS freecamsfan.com (2) 192167 2014-04-10 13:02:14 UTC 2022-09-24 12:29:35 UTC 104.232.43.9
mnemonic passive DNS i1.wp.com (4) 6037 2012-09-27 05:17:34 UTC 2022-09-25 10:15:28 UTC 192.0.77.2
mnemonic passive DNS limurol.com (3) 0 2022-07-12 13:53:17 UTC 2022-09-25 19:20:08 UTC 62.122.171.6 Unknown ranking
mnemonic passive DNS adserver.juicyads.com (4) 36249 2012-05-21 13:14:28 UTC 2022-09-25 23:48:47 UTC 185.94.236.245
mnemonic passive DNS e1.o.lencr.org (5) 6159 2021-08-20 07:36:30 UTC 2022-09-25 21:37:35 UTC 23.36.77.32
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-25 04:51:16 UTC 34.117.237.239
mnemonic passive DNS s.w.org (1) 748 2017-01-30 04:56:16 UTC 2022-09-25 04:52:26 UTC 192.0.77.48
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-25 05:42:52 UTC 143.204.55.110
mnemonic passive DNS chaturbate.com (2) 6807 2012-05-22 23:11:36 UTC 2022-09-25 18:23:22 UTC 104.18.101.40
mnemonic passive DNS wankgod.com (1) 0 2019-11-13 07:07:05 UTC 2022-09-23 19:45:15 UTC 104.21.72.209 Unknown ranking
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-25 22:16:56 UTC 142.250.74.10
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-25 05:07:25 UTC 52.38.146.2
mnemonic passive DNS www.blockadsnot.com (1) 75043 2020-04-18 18:59:38 UTC 2022-09-24 19:04:36 UTC 185.76.9.19
mnemonic passive DNS ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-09-26 04:12:35 UTC 142.250.74.3
mnemonic passive DNS d.pssy.xyz (2) 0 2022-01-18 00:00:45 UTC 2022-09-25 03:49:26 UTC 131.153.42.225 Unknown ranking
mnemonic passive DNS he2vye2vhrwt.s4.adsco.re (1) 0 No data No data 185.200.116.90 Domain (adsco.re) ranked at: 8541
mnemonic passive DNS camschat.net (2) 64292 2014-07-22 23:32:18 UTC 2022-09-26 03:54:45 UTC 66.230.180.98
mnemonic passive DNS r.trwl1.com (1) 34565 2019-07-11 17:32:08 UTC 2022-09-25 12:47:12 UTC 185.98.53.17
mnemonic passive DNS creative.alxbgo.com (1) 390808 2020-10-29 05:30:36 UTC 2022-09-19 10:57:52 UTC 104.18.42.40
mnemonic passive DNS 6.adsco.re (1) 17812 2018-01-15 04:15:29 UTC 2022-09-26 01:55:38 UTC 104.17.166.186
mnemonic passive DNS adsco.re (1) 8541 2017-04-03 03:11:30 UTC 2022-09-25 19:26:11 UTC 162.252.214.5
mnemonic passive DNS pfewuzbtkr.com (3) 0 2022-09-06 12:04:54 UTC 2022-09-24 22:21:04 UTC 62.122.171.6 Unknown ranking
mnemonic passive DNS s4.histats.com (1) 12782 2012-05-21 17:14:14 UTC 2022-09-25 18:50:07 UTC 192.99.13.63
mnemonic passive DNS static-assets.highwebmedia.com (3) 16059 2021-01-19 21:46:26 UTC 2022-09-25 18:23:18 UTC 104.16.94.42
mnemonic passive DNS datawav.club (14) 460321 2017-05-11 21:13:38 UTC 2022-09-26 03:54:36 UTC 173.208.199.194
mnemonic passive DNS i2.wp.com (2) 5618 2017-01-30 05:03:40 UTC 2022-09-25 08:51:18 UTC 192.0.77.2
mnemonic passive DNS go.alxbgo.com (1) 264672 2020-10-02 08:56:48 UTC 2022-09-23 10:20:19 UTC 172.64.145.216
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-09-25 04:49:39 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS ocsp.sectigo.com (3) 487 2018-12-17 11:31:55 UTC 2022-09-25 21:23:23 UTC 104.18.32.68
mnemonic passive DNS he2vye2vhrwt.n4.adsco.re (1) 0 No data No data 38.132.109.186 Domain (adsco.re) ranked at: 8541
mnemonic passive DNS blockadsnot.com (1) 32896 2020-04-28 15:35:52 UTC 2022-09-24 19:04:37 UTC 208.95.112.254
mnemonic passive DNS i0.wp.com (3) 3021 2013-09-17 06:14:42 UTC 2022-09-25 08:51:18 UTC 192.0.77.2
mnemonic passive DNS 4.adsco.re (1) 19179 2021-01-04 16:47:52 UTC 2022-09-25 19:26:11 UTC 162.252.214.5
mnemonic passive DNS js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-09-25 06:13:43 UTC 151.101.86.137
mnemonic passive DNS r3.o.lencr.org (15) 344 2020-12-02 08:52:13 UTC 2022-09-25 05:02:41 UTC 23.36.77.32
mnemonic passive DNS s.pssy.xyz (4) 0 2022-01-18 00:00:45 UTC 2022-09-24 12:36:57 UTC 104.21.69.85 Unknown ranking
mnemonic passive DNS s10.histats.com (1) 15211 2012-05-21 17:14:14 UTC 2022-09-25 18:50:16 UTC 46.105.201.240
mnemonic passive DNS js.juicyads.com (1) 57029 2015-07-01 03:05:00 UTC 2022-09-25 23:48:47 UTC 143.204.55.92
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-25 19:02:29 UTC 143.204.55.36
mnemonic passive DNS c.adsco.re (1) 16577 2017-11-29 18:42:15 UTC 2022-09-25 19:26:11 UTC 104.17.167.186
mnemonic passive DNS as.2020mustang.com (1) 23443 2017-01-30 14:06:47 UTC 2022-09-25 20:17:14 UTC 216.127.52.242
mnemonic passive DNS pornsheriff.com (1) 0 2020-11-11 20:12:49 UTC 2022-09-26 03:01:44 UTC 104.26.9.31 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 173.208.199.194

Date UQ / IDS / BL URL IP
2022-11-25 11:31:50 +0000
0 - 0 - 7 datawav.club/bride-before-and-after-blowjob-tumblr 173.208.199.194
2022-11-24 07:20:12 +0000
0 - 0 - 10 xxgasm.com/photos/caught-fingering-in-school/ 173.208.199.194
2022-11-22 05:02:27 +0000
0 - 0 - 9 xxgasm.com/gay-male-hypnosis-mind-control/ 173.208.199.194
2022-11-17 22:53:55 +0000
0 - 0 - 14 datawav.club/big-breasted-dominatrix/ 173.208.199.194
2022-11-12 09:45:07 +0000
0 - 0 - 12 datawav.club/male-slave-milking-machines 173.208.199.194

Last 5 reports on ASN: WII

Date UQ / IDS / BL URL IP
2022-11-28 08:48:27 +0000
0 - 0 - 2 dhljd.sazcontinue.top/index.php?main_page=pro (...) 173.208.144.227
2022-11-28 08:35:00 +0000
0 - 0 - 2 gutz.cn/ 69.197.144.231
2022-11-28 07:52:57 +0000
0 - 0 - 2 jwbfj.ndwbrain.top/index.php?main_page=produc (...) 173.208.141.92
2022-11-28 02:36:39 +0000
0 - 0 - 19 kluygb.xheatxnk.top/index.php?main_page=produ (...) 69.30.240.182
2022-11-27 23:09:21 +0000
0 - 0 - 17 yyguy.ugzboy.top/index.php?main_page=product_ (...) 204.12.215.92

Last 5 reports on domain: datawav.club

Date UQ / IDS / BL URL IP
2022-11-25 11:31:50 +0000
0 - 0 - 7 datawav.club/bride-before-and-after-blowjob-tumblr 173.208.199.194
2022-11-17 22:53:55 +0000
0 - 0 - 14 datawav.club/big-breasted-dominatrix/ 173.208.199.194
2022-11-12 09:45:07 +0000
0 - 0 - 12 datawav.club/male-slave-milking-machines 173.208.199.194
2022-11-11 16:46:31 +0000
0 - 0 - 10 datawav.club/galleries/naked-women-suspended- (...) 173.208.199.194
2022-11-05 21:49:47 +0000
0 - 0 - 9 datawav.club/galleries/beach-bikini-crotch-pics/ 173.208.199.194

No other reports with similar screenshot



JavaScript

Executed Scripts (56)


Executed Evals (143)

#1 JavaScript::Eval (size: 32, repeated: 1) - SHA256: 1138f8c1bb11f4a5f7d8354b8c8a642ef94c9c741d76a7f476bac6473b7de085

                                        window.screenY || window.screenTop
                                    

#2 JavaScript::Eval (size: 19, repeated: 1) - SHA256: 63fd63a33ca43f07ce872672d604657ec0fbfbe24bec43f4b322c0f7a1c2ce25

                                        document.hasFocus()
                                    

#3 JavaScript::Eval (size: 23, repeated: 1) - SHA256: 2ef7ca07ed70c4ffbc59b1d3fa8df8cd2be1bfc66d1604246926066c9f44fd0c

                                        screen.orientation.type
                                    

#4 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 13e19bbb45d0bb1d1915240763b5bca4ddef99d01edd749954115168c7842c9c

                                        navigator.buildID
                                    

#5 JavaScript::Eval (size: 27, repeated: 1) - SHA256: e94a47b072c1a87127e88c17e992124bcf93c5d0d6b4e96c73a909444a7cd0d6

                                        window.mozRTCPeerConnection
                                    

#6 JavaScript::Eval (size: 4, repeated: 1) - SHA256: 1bbd174404efbce95f1af489ef93f4aa0f4d55718f24c3504682216afa7b7fb1

                                        eval
                                    

#7 JavaScript::Eval (size: 17, repeated: 1) - SHA256: d204422e9d49293ab422bfabae9607635876cb30f77215f133603bac691f6f4b

                                        document.location
                                    

#8 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 51c1083130407a8772738aa2380eb5a583240a47d98f2204b124c06fd11aabd5

                                        top.frames.length
                                    

#9 JavaScript::Eval (size: 27, repeated: 1) - SHA256: bc9c06f981e7daa0478c449324d4010cdbc3c83c9a95879b99a0b531f5cabb87

                                        window.navigator.standalone
                                    

#10 JavaScript::Eval (size: 36, repeated: 1) - SHA256: 436179ef4964c80a03e62015696ba10c5ae70602c6538d07f50b75f35bd72a27

                                        document.documentElement.clientWidth
                                    

#11 JavaScript::Eval (size: 37, repeated: 1) - SHA256: 0e27576eb1e9c067b58d47b8749be97d9e94c1e3d67cdf541784148cd80a04b1

                                        MouseEvent.WEBKIT_FORCE_AT_MOUSE_DOWN
                                    

#12 JavaScript::Eval (size: 11, repeated: 1) - SHA256: c42b2a75055edd538c357b5923a7eca102ebf4e63f14d7d8b6fa2778d6b1cdd2

                                        screen.left
                                    

#13 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 4b14cf9e41e192a741c1cb8ec58f13b0495941f984f312bec01ab28807fe99ab

                                        navigator.deviceMemory
                                    

#14 JavaScript::Eval (size: 20, repeated: 1) - SHA256: 1b0f9a28e673c21b9a668e2973157b075ac420eda7f39fd5727a77bb32b45ffe

                                        navigator.appVersion
                                    

#15 JavaScript::Eval (size: 25, repeated: 1) - SHA256: 791b28f4c489619d78906b8af22fbc11b48c0576134d36470ef92468e47da29c

                                        navigator.appMinorVersion
                                    

#16 JavaScript::Eval (size: 29, repeated: 1) - SHA256: a9dc93ae3dc52ac584bff8e382bf1db1f87b8e3a54243eae8d1e3badb180e834

                                        navigator.connection.downlink
                                    

#17 JavaScript::Eval (size: 12, repeated: 1) - SHA256: 27f88609267c27a6f4e778dcb686f1f2fdf0f4f7cd29ad34826b916266ae45a8

                                        window.close
                                    

#18 JavaScript::Eval (size: 22, repeated: 1) - SHA256: c49e342522959187d587f89ed7dde961d8df29cec6b02dce869f4aa1ac3ef254

                                        window.mozInnerScreenX
                                    

#19 JavaScript::Eval (size: 12, repeated: 1) - SHA256: 20dbc48604a9afee27f0eaf4b84634fabbf1b2c09f78e795896b6fa1747b154a

                                        window.alert
                                    

#20 JavaScript::Eval (size: 17, repeated: 1) - SHA256: c03ab22471edc55763f012b82b8d32f981b31ca921a55cc4a663b8bd953b96e7

                                        screen.deviceYDPI
                                    

#21 JavaScript::Eval (size: 19, repeated: 1) - SHA256: 9b078b8e24e4655c21a5876570daac97f2ddc241bfdb259644582b6a7a60930b

                                        navigator.userAgent
                                    

#22 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 4b653dda0da63fbe970902ed9a8dc33f1f0555edd3d9f2ae1ad8ed9284632d72

                                        navigator.maxTouchPoints
                                    

#23 JavaScript::Eval (size: 17, repeated: 1) - SHA256: b4a3a83fe09d48db0c0b4416fefb19af5f9e069c12d2af8793a18f159574bb79

                                        window.outerWidth
                                    

#24 JavaScript::Eval (size: 18, repeated: 1) - SHA256: 0200f755a2c13b9335fe39b3a88f696c334e518e8407780c4731d8e6be966c4e

                                        window.outerHeight
                                    

#25 JavaScript::Eval (size: 20, repeated: 1) - SHA256: 6b612f597a0ed972ce30182713c197e510528ac68ff1711b560641d5f47afefa

                                        navigator.productSub
                                    

#26 JavaScript::Eval (size: 30, repeated: 1) - SHA256: 44e10caa26e37d5f8678a008f0d667c1975fbaec0f613439eb60694249001780

                                        navigator.languages.toString()
                                    

#27 JavaScript::Eval (size: 20, repeated: 1) - SHA256: 6af0594857ab3b4e97420ca6bf7e098fc0901e86860d2e6a26cdf1d176c37dec

                                        navigator.doNotTrack
                                    

#28 JavaScript::Eval (size: 26, repeated: 1) - SHA256: 2638f8c5d74932a6dfe72bc21a585ef3525f7e26bd3dbb1f480071141c325af1

                                        navigator.msMaxTouchPoints
                                    

#29 JavaScript::Eval (size: 24, repeated: 1) - SHA256: ebca0f427d949e5889ac01faf63de6370743bddd0169c9354c84bc47e3e8a0b1

                                        window.opener.innerWidth
                                    

#30 JavaScript::Eval (size: 46, repeated: 1) - SHA256: 30f73e7f08c8e6a25fec00672f75fa725d3fa7a30bf847fb1dcb0115ec2f8607

                                        Intl.DateTimeFormat().resolvedOptions().locale
                                    

#31 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 9094a3d888951e5671f4b6dce42ef291cd071cb196d8761fef42c010ecf5b142

                                        navigator.plugins
                                    

#32 JavaScript::Eval (size: 12, repeated: 1) - SHA256: 5191a526bd66a118a4a51956503fdcf4555cc92b48b9a426d04a7af25d3980e1

                                        window.brave
                                    

#33 JavaScript::Eval (size: 13, repeated: 1) - SHA256: 56e57af29d4af8b1fb7008dbfdf84a764970a6673f1f19165f1a8498ce903d93

                                        screen.height
                                    

#34 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 13871edf9ac7e58046d0f0d03811464e388c3f2323eebc6b61954c79dc883459

                                        screen.deviceXDPI
                                    

#35 JavaScript::Eval (size: 29, repeated: 1) - SHA256: 876f3c9374f7069c7cabd0907ddad5466010a649a0f34984e5e2cc72f64878a5

                                        navigator.hardwareConcurrency
                                    

#36 JavaScript::Eval (size: 26, repeated: 1) - SHA256: 92f68565a2781a0fbd595ff5c54717d6b87c6cf19d42c7f3d3d4c81193bb2cb4

                                        navigator.battery.charging
                                    

#37 JavaScript::Eval (size: 27, repeated: 1) - SHA256: 1c82db5b05628505080952437a7fd64f03942b6e8ec97f799f4f867eaf492134

                                        typeof window.ondevicelight
                                    

#38 JavaScript::Eval (size: 6, repeated: 1) - SHA256: 44ff7b02c80d38b26dd6aa31d9470aed81b32e10331a3c994fb1a9945fd847ba

                                        window
                                    

#39 JavaScript::Eval (size: 17, repeated: 1) - SHA256: b18f7c2e4dbfe2926b0413634f7cd6781be55e27b4b885dc68a8f740a80d72e1

                                        window.innerWidth
                                    

#40 JavaScript::Eval (size: 32, repeated: 1) - SHA256: 8d8003d5d1afbb2b7118b1f14afe89138588ed08982c3e8ff31dd4123e7cb076

                                        performance.timing.responseStart
                                    

#41 JavaScript::Eval (size: 30, repeated: 1) - SHA256: c2ea2223b59cfea384b15228f4cdc0f7337d4909e20e97e2fa42648ef8ecf610

                                        window.webkitRTCPeerConnection
                                    

#42 JavaScript::Eval (size: 26, repeated: 1) - SHA256: e5a13721b456c9e090f80944728fc91767f5ae01b01f59160e73ff2c7cacc587

                                        window.locationbar.visible
                                    

#43 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 526c9d85cebcd21526a3b7ffdb87a9c2b6229e00b0bf210634abf6c84e0ad143

                                        navigator.msDoNotTrack
                                    

#44 JavaScript::Eval (size: 24, repeated: 1) - SHA256: a097c9a52546fb53f0340afda7f34b4e47b836e551135e5ad0b5339ebb314a30

                                        window.opener.outerWidth
                                    

#45 JavaScript::Eval (size: 33, repeated: 1) - SHA256: 0b543b4a53bd5beb9a294e018ea9a8c704e5487af1227121d60699a5ec715c5d

                                        navigator.connection.effectieType
                                    

#46 JavaScript::Eval (size: 36, repeated: 1) - SHA256: a7dc60bd6993c201941ea0bfc5218f7fea0bc015ee5dc88e658db78d98f8d98a

                                        performance.timing.domainLookupStart
                                    

#47 JavaScript::Eval (size: 41, repeated: 1) - SHA256: af18ee7d06fe2ee2da28af260ea0c78923664ecbc220f3ce395c50b1822dab7a

                                        window.performance.memory.jsHeapSizeLimit
                                    

#48 JavaScript::Eval (size: 29, repeated: 1) - SHA256: cb6f5b3573826ffd9a881e026fd85eb842d31266833666399582737149c5fc14

                                        navigator.connection.saveData
                                    

#49 JavaScript::Eval (size: 34, repeated: 1) - SHA256: fa103a26e90f8e37ab2371d0dd320ca199c0ff194f4ded9cee3ccfa85c22f713

                                        window.ScriptEngineMajorVersion();
                                    

#50 JavaScript::Eval (size: 19, repeated: 1) - SHA256: fc5a1ffc9513896711ec2c788490995715c8d32ccda8c4e2c68a9bd8cb214e77

                                        document.innerWidth
                                    

#51 JavaScript::Eval (size: 17, repeated: 1) - SHA256: c66ced51cafdeb3a9e3544b0b2e7de4c955a4cd347c4d7b5d74f36923df5a7bd

                                        navigator.product
                                    

#52 JavaScript::Eval (size: 47, repeated: 1) - SHA256: 423946cdca01d4915fdc795bb03491ce4251b32ed1717a7c0146ce14c838d373

                                        window.opener.screenX || window.opener.screenLeft
                                    

#53 JavaScript::Eval (size: 6, repeated: 1) - SHA256: 4cd6c2914887dd4a68e4c9ffbed8b077f048cf795d6cfa0b801d43e0ea5a1560

                                        screen
                                    

#54 JavaScript::Eval (size: 13, repeated: 1) - SHA256: 32c6c6c6d07bb5224356b89b5de1adc4c02b1f7b2f464830005443afc6624e85

                                        window.google
                                    

#55 JavaScript::Eval (size: 26, repeated: 1) - SHA256: 7510742fba4d25113b6124987e97cba40776bc5030a6a3678974dc8ba075bf81

                                        window.personalbar.visible
                                    

#56 JavaScript::Eval (size: 21, repeated: 1) - SHA256: 61e43d202b6cd0ebf29ac8014115fcb890eb5593c4160b9ae285206ca911bce6

                                        window.history.length
                                    

#57 JavaScript::Eval (size: 16, repeated: 1) - SHA256: d17194a96291e963420dd3361221101c8fdb7d8d382fc8993563576d3fd29dd6

                                        navigator.vendor
                                    

#58 JavaScript::Eval (size: 29, repeated: 1) - SHA256: d01a385e50e8e57c5f15bc18b82e1304ed42dcbe38967d66a30a786e39ed847b

                                        performance.timing.connectEnd
                                    

#59 JavaScript::Eval (size: 17, repeated: 1) - SHA256: e0bc19473df9795cd42be5da545b5a6828d31527b4ffa3769564f735abec0deb

                                        document.hasFocus
                                    

#60 JavaScript::Eval (size: 22, repeated: 1) - SHA256: e924fcaf65b8ea057cb30e32bbdf04fdafe2bde622539d6d1abc466b050917d5

                                        navigator.userLanguage
                                    

#61 JavaScript::Eval (size: 23, repeated: 1) - SHA256: c5d184acbefde172c402f1100cb756d11e8a1c83484977f1d5975bc65a79a7c5

                                        navigator.cookieEnabled
                                    

#62 JavaScript::Eval (size: 21, repeated: 1) - SHA256: 561f7f2574775993811ac7bc852a2054ede9fb58a62eb0804030e1ff877f4350

                                        document.webkitHidden
                                    

#63 JavaScript::Eval (size: 31, repeated: 1) - SHA256: 7f96f13e41030d403da6d3c41ed3e161053572b43346d4e7c6ade69c0861d6ca

                                        typeof document.visibilityState
                                    

#64 JavaScript::Eval (size: 15, repeated: 1) - SHA256: da82a56eb8524f5d12a2afcf2c5d0cb6184f26995167212a0ccb3bc2ba0def36

                                        document.hidden
                                    

#65 JavaScript::Eval (size: 27, repeated: 1) - SHA256: c66fd00bf884bbcc3f43284fb1c86bcea447ce653124ca7b7202d0e5fd30ae08

                                        window.opener.location.href
                                    

#66 JavaScript::Eval (size: 34, repeated: 1) - SHA256: de98f45cade0178e1fd1a8257ab99e8431b3d5b35a393217e74ad6caa4efed60

                                        performance.timing.domainLookupEnd
                                    

#67 JavaScript::Eval (size: 20, repeated: 1) - SHA256: 3f3d3b81e8706983e30a63da7389e8cd3e70bd7778063d63f748984c42007425

                                        IntersectionObserver
                                    

#68 JavaScript::Eval (size: 25, repeated: 1) - SHA256: 0098b3fb5f82abbebff8c293e42863b93e210b01f0032c4147fe1457f5b48a93

                                        window.offscreenBuffering
                                    

#69 JavaScript::Eval (size: 17, repeated: 1) - SHA256: e5ee82e31ec94cc385b3637227b4435f0547b3d0a4aa60cdda1d8fada4779df3

                                        screen.availWidth
                                    

#70 JavaScript::Eval (size: 30, repeated: 1) - SHA256: 55ef02d9591328210e59a68fcd1945791f4d0f70cdc7cd3999eb4ba175adbafb

                                        performance.timing.redirectEnd
                                    

#71 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 6e880572810251d722d33109fc0420864f46d69522d25a1df47338c553e38e07

                                        window.isSecureContext
                                    

#72 JavaScript::Eval (size: 26, repeated: 1) - SHA256: e495f8780d35a18d80e09be6211760313cd30ac601a5c7478f9ddf4ebf8536ba

                                        navigator.pdfViewerEnabled
                                    

#73 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 28be88d787b6e773eaf5d0818a6c62446ce628dd8ec0659c6f78410588838337

                                        window.toolbar.visible
                                    

#74 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 893fe12669f916947d99616b788aa245f8b45c5b8b34544df4114a6a789217ab

                                        navigator.systemLanguage
                                    

#75 JavaScript::Eval (size: 52, repeated: 1) - SHA256: b218e02bbc9cda846447b2e8fff62bc41f7f5b0e12ad8adfc05380f8df3288a4

                                        window.external.getHostEnvironmentValue("os-build");
                                    

#76 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 38be2b1c1c886666cd4ac85d71bb8b65e51d95c7c5f40b0c575f7d196a0442cd

                                        window.statusbar.visible
                                    

#77 JavaScript::Eval (size: 27, repeated: 1) - SHA256: d411f352f2428265f0fc9f43b7429dafafad74f69cf4022cd51d9df23a67f157

                                        performance.navigation.type
                                    

#78 JavaScript::Eval (size: 25, repeated: 1) - SHA256: de1b699e93a44c66a069974d1603aee656a6e063b19b8bbf5b09946a3a1b9904

                                        window.opener.innerHeight
                                    

#79 JavaScript::Eval (size: 30, repeated: 1) - SHA256: b6a3c0492b8e7ae0ff680b4806058d22f740029707c1f7dda3cad6f985020ba3

                                        (new Date).getTimezoneOffset()
                                    

#80 JavaScript::Eval (size: 28, repeated: 1) - SHA256: ef184af14e9e4c14bc286dcbd2a00161c209ce5cf6f9e30c4e7de6d929e9aa4d

                                        typeof document.ontouchstart
                                    

#81 JavaScript::Eval (size: 18, repeated: 1) - SHA256: 318e5db431b7c9515f38ae97da21d7c4e75ec281aea96271c0d0f4e22b35df92

                                        navigator.language
                                    

#82 JavaScript::Eval (size: 25, repeated: 1) - SHA256: 329a9b85817fb7d3bb2492cbcb23f12b14cf9abd181473b838250e3b745fab50

                                        navigator.connection.type
                                    

#83 JavaScript::Eval (size: 34, repeated: 1) - SHA256: 9e0e45f2f824eefaed5af40bcadf2c0ce7943df52cda4c3d67ddb03583418dab

                                        window.ScriptEngineMinorVersion();
                                    

#84 JavaScript::Eval (size: 9, repeated: 1) - SHA256: ebf49dcd836f810084c14e0f2dab4dc1768bbdc5980481bf201fcf76771dff7a

                                        navigator
                                    

#85 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 6b5c93eab3b74dadfbe0f6c5949ab9f1ec8f012df8f49495664b96b51881ed85

                                        window.RTCPeerConnection
                                    

#86 JavaScript::Eval (size: 20, repeated: 1) - SHA256: 3688d7e88d248ea850c456f0233738d10695a410a3dec97785ca7422c3f562c1

                                        document.innerHeight
                                    

#87 JavaScript::Eval (size: 15, repeated: 1) - SHA256: 4f61f9e962c8c1d90b453b461dd9431c1d3a6a706e61ab5c2a9faf6a71aea93f

                                        screen.availTop
                                    

#88 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 031688cb60b9631e34bc623cf81a9eeef73de67ca290d15cccfaa65399420932

                                        screen.colorDepth
                                    

#89 JavaScript::Eval (size: 25, repeated: 1) - SHA256: 11ae4500086472eb307c6d2459f0d1446b2cc02b1afda7925d800e2d49f1c9d1

                                        window.opener.outerHeight
                                    

#90 JavaScript::Eval (size: 32, repeated: 1) - SHA256: 90190e51d410f9862884d5984262f9e1b8e46dd1010b50f1c22c9ef3fa1565fc

                                        window.opener.offscreenBuffering
                                    

#91 JavaScript::Eval (size: 24, repeated: 1) - SHA256: ae3766b014bf6a5b6452d14a9f1de103d584e98933db2577122c136bfb9eb0c6

                                        navigator.connection.rtt
                                    

#92 JavaScript::Eval (size: 133, repeated: 1) - SHA256: 22b2728f137a8fcf29a63b141126cff4e206b2b7aa196cba3b9d6b84da5b78f9

                                        (function() {
    find = /UA-(.*)/;
    gacode = "";
    return void 0 === gacode || "undefined" == gacode || "" == gacode ? "" : !0 === find.test(gacode) ? gacode : ""
})();
                                    

#93 JavaScript::Eval (size: 23, repeated: 1) - SHA256: fac21d8a86a99b88e4eb395a35aa2970ffb8ffdac1b12280959be2c117e3a09c

                                        window.devicePixelRatio
                                    

#94 JavaScript::Eval (size: 20, repeated: 1) - SHA256: a5e2bc908c3bd3196d273564d073484f9905d13817490eca5aa249e701139cdc

                                        typeof window.chrome
                                    

#95 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 5c5bb18e544cb67f765d8a6d2c774838d3ae95df9b62f25660c64554a7302d8e

                                        document.referrer
                                    

#96 JavaScript::Eval (size: 32, repeated: 1) - SHA256: d0ea77c33d12565615b751dd5d753895e6287577bc0cfe0522961048b211daa6

                                        navigator.connection.downlinkMax
                                    

#97 JavaScript::Eval (size: 48, repeated: 1) - SHA256: e7678fa8be4ae3ca69e517858903bb107391f9de7ae346a75288b81b57630269

                                        Intl.DateTimeFormat().resolvedOptions().timeZone
                                    

#98 JavaScript::Eval (size: 25, repeated: 1) - SHA256: cfab5312f1cfff1e8162225ab27453306ff627f512bcf18225c0a305ca093e1c

                                        window.scrollbars.visible
                                    

#99 JavaScript::Eval (size: 33, repeated: 1) - SHA256: 511e9d231c9360fcb7670f7cbaffb35bf8180f124fc080ebbfa5962d4c8bb089

                                        window.screenX || window.screenLeft
                                    

#100 JavaScript::Eval (size: 21, repeated: 1) - SHA256: 023250096bcba5a18a624685884b3126896db722289f3281cea8ec5cc63476e7

                                        navigator.appCodeName
                                    

#101 JavaScript::Eval (size: 36, repeated: 1) - SHA256: 4105e0401cf30138cd3ec66def6e14b091f0617777c14cd703ba3e8be17d5777

                                        performance.navigation.redirectCount
                                    

#102 JavaScript::Eval (size: 19, repeated: 1) - SHA256: c26c62a09a687d08a3ef9d9a960c5ae2ad47fecc853b4fb0380d71586d260a1b

                                        window.opener == null
                                    

#103 JavaScript::Eval (size: 11, repeated: 1) - SHA256: 2c6631ee0cabea9afb499cec860aab5fcf40ed956651a0b0ea7b3411e1a31cd9

                                        window.open
                                    

#104 JavaScript::Eval (size: 18, repeated: 1) - SHA256: 17720ad70d18a072962c7509a9e8f79d6227be2728fb0e89dafb5a1edbc19f40

                                        window.console.log
                                    

#105 JavaScript::Eval (size: 751, repeated: 1) - SHA256: 97502d275c3288ffce5aa468a159a58a180d1b080ba2b2401b84eb8f4feb7bc4

                                        function ddlink() {
    var x = document.getElementById("bodypost");
    var y = x.innerHTML;
    var y = y.replace(/<a.*?>(<img.*?>)<\/a>/gi, '$1');
    var y = y.replace(/(<img.*?>)/gi, '<a class="gblink" rel="nofollow">$1</a>');
    var z = y.replace(new RegExp("csal", 'gi'), "class");
    x.innerHTML = y.replace(y, z)
}
ddlink();
var gd = document.getElementById("bodypost").getElementsByClassName("gblink");
document.write("<script src='https://wankgod.com/links-en.php?&jl=" + gd.length + "'><\/script>");

function boot() {
    s = s.split("\n");
    for (j = 0; j < gd.length; j++) {
        var g = s[j].split("\t");
        var entryURL = g[0];
        var entryTitle = g[1];
        var link2 = document.getElementById("bodypost").getElementsByTagName("img")[j].src.replace(/.*\//gi, '');
        gd[j].href = entryURL + "#" + link2;
        gd[j].title = entryTitle;
        gd[j].target = '_blank'
    }
}
                                    

#106 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 89e4c05e12e12f5bdf85a4fb89bad572dd85256091add09fdb9c6e42e703e2bb

                                        document.visibilityState
                                    

#107 JavaScript::Eval (size: 25, repeated: 1) - SHA256: 02665a4c106fc96e71ef5a17511cf353ec3f5cccb82ec9fce719b23967728897

                                        typeof window.WebAssembly
                                    

#108 JavaScript::Eval (size: 46, repeated: 1) - SHA256: b1101545a9bed4591a67166c932701b5ec44cb1976bb9df3d584fa2ab8ba8245

                                        window.opener.screenY || window.opener.screenTop
                                    

#109 JavaScript::Eval (size: 31, repeated: 1) - SHA256: 043b61c407c6f51e3a4ee18efee76fac227501d805df309988fc1494ae0a30dc

                                        performance.timing.connectStart
                                    

#110 JavaScript::Eval (size: 29, repeated: 1) - SHA256: 9c27754d9297bf8d4022ded2628940ae5a837c7d7d130b197c3dc80627a453e2

                                        HTMLElement.prototype.animate
                                    

#111 JavaScript::Eval (size: 51, repeated: 1) - SHA256: 8c6276b2ab288fa398c4bc128bf765ffc10696c7adb7b2db18019870fa29cbdd

                                        window.external.getHostEnvironmentValue("os-mode");
                                    

#112 JavaScript::Eval (size: 15, repeated: 1) - SHA256: 2daa1a91b2430e9867296c9cb26d1483785954a9bdd66f79b2c754bab7092cae

                                        typeof __gCrWeb
                                    

#113 JavaScript::Eval (size: 132, repeated: 1) - SHA256: d5d2fb10e6275127990e54c684efc0331a94d929f9ca4b303226acb63fd1b773

                                        (function() {
    find = /G-(.*)/;
    gacode = "";
    return void 0 === gacode || "undefined" == gacode || "" == gacode ? "" : !0 === find.test(gacode) ? gacode : ""
})();
                                    

#114 JavaScript::Eval (size: 14, repeated: 1) - SHA256: 28d9693460ce57dd4e01742e50a1baa10cbed3fa6c20c2a69f02424f80fb9a2e

                                        !(top == window)
                                    

#115 JavaScript::Eval (size: 18, repeated: 1) - SHA256: 64e360e85164e7675724c7fe1ed681b25a138c51d437bac5ff97e8910ccf2aa7

                                        window.innerHeight
                                    

#116 JavaScript::Eval (size: 18, repeated: 1) - SHA256: addd231a2f2807fb0b4ebdadd2bc23ae2a1cb93a92b07fa6e20ee9af832a8b47

                                        navigator.platform
                                    

#117 JavaScript::Eval (size: 34, repeated: 1) - SHA256: 3db042ba8dbf234b0ba7ed8b47e5c8cb58b267af983635a41652258f1e282c0c

                                        window.ScriptEngineBuildVersion();
                                    

#118 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 15dde2f8fcb5a8a423088da92307a50f6ba6c59577490e49e2ae24a15c75c2bd

                                        window.clientInformation
                                    

#119 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 42c1dc825c7afb2edca4a8bca3f669784ae08b69226a5ec5044ee7600fccb397

                                        window.mozInnerScreenY
                                    

#120 JavaScript::Eval (size: 50, repeated: 1) - SHA256: 203d92af34680f7fe84b0047f738fae4e2d401f5d28af8d70f067dc77f5acb6a

                                        window.external.getHostEnvironmentValue("os-sku");
                                    

#121 JavaScript::Eval (size: 16, repeated: 1) - SHA256: cd74e6a3b779a514972758fa195725f40176261af18fbcd246e5f401a3ecf849

                                        screen.availLeft
                                    

#122 JavaScript::Eval (size: 31, repeated: 1) - SHA256: df3486f2ca74e18e1c81ba55663a8dd4e668e36fed82949b9cca595051bd5064

                                        performance.timing.requestStart
                                    

#123 JavaScript::Eval (size: 22, repeated: 1) - SHA256: b19d05a8d492320ab4db4d74ea0e9e90374bed47a18e805f8018ebb00af0c23c

                                        window.menubar.visible
                                    

#124 JavaScript::Eval (size: 37, repeated: 1) - SHA256: 998158f6df4183edd82539e6dc971d32f50bc7ee075f64d4abc46d3011a9da27

                                        document.documentElement.clientHeight
                                    

#125 JavaScript::Eval (size: 17, repeated: 1) - SHA256: f8b516a2a0538b8599ab0452be3f3aa473cf3b0c510275d0a30565cefd564701

                                        screen.pixelDepth
                                    

#126 JavaScript::Eval (size: 23, repeated: 1) - SHA256: 76fae4cd7853897c738cd23148b2ebab825379d6ba153e245965183cc3304082

                                        navigator.battery.level
                                    

#127 JavaScript::Eval (size: 40, repeated: 1) - SHA256: ba8f16658b19940e1168ca8394756fb18272a9ef95d5fb11442ba56601568687

                                        performance.timing.secureConnectionStart
                                    

#128 JavaScript::Eval (size: 30, repeated: 1) - SHA256: ca1a06e2314f272f03bc401a7ae0f4056692895b060fd13c00280536b6c56e85

                                        performance.timing.responseEnd
                                    

#129 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 15eb7e222abfc64660d0f94c04053839498df20ea9ac9a13a201701a56ce3bf6

                                        typeof window.chrome.csi
                                    

#130 JavaScript::Eval (size: 20, repeated: 1) - SHA256: dfafe4f2e08c006ec277e8042267c6237512a1a93bfcf57657420d4becc0a97b

                                        window.mozPaintCount
                                    

#131 JavaScript::Eval (size: 12, repeated: 1) - SHA256: bc1a6bd7f4ddbcd78987ea609d4595bdf2422cb1be9e85af5d6c199f62000d6c

                                        screen.width
                                    

#132 JavaScript::Eval (size: 18, repeated: 1) - SHA256: c1fcce173bd0b08415367c934d5db7c4ed130c7f83a485c91682873bff2954ee

                                        screen.availHeight
                                    

#133 JavaScript::Eval (size: 18, repeated: 1) - SHA256: 793401a4baa2fb67b2049b633d5ebb8c25d2dc67d41071aabd7c180ddbdd2599

                                        navigator.cpuClass
                                    

#134 JavaScript::Eval (size: 29, repeated: 1) - SHA256: 95b2bbef556b3dc3b807638cb7b08274af9b8998def0c82d81e3a1517100d68f

                                        performance.timing.fetchStart
                                    

#135 JavaScript::Eval (size: 59, repeated: 1) - SHA256: f8aac102dc71390ed9b53b485b34d036f4c871e18d7015b307b95c8f1dcd9fa1

                                        window.external.getHostEnvironmentValue("os-architecture");
                                    

#136 JavaScript::Eval (size: 108, repeated: 1) - SHA256: 8eab171b0d256cf386d222b71fbf5380f2051b67452dbd83f41401a6216a789c

                                        !!document.fullscreen || !!document.mozFullscreen || !!document.webkitIsFullScreen || !!document.fullScreenElement
                                    

#137 JavaScript::Eval (size: 10, repeated: 1) - SHA256: f73e4e03067983dd5196907f86c9020b174651f1bd0b5d291b217dc927ff068f

                                        screen.top
                                    

#138 JavaScript::Eval (size: 19, repeated: 1) - SHA256: b37d024d71bdbd575b951acfa9a59a5e84dc2f9d7c89748081ccb862ff3c9033

                                        navigator.vendorSub
                                    

#139 JavaScript::Eval (size: 25, repeated: 1) - SHA256: 63d0de96ffe6e24d709e64517f883a6e6a72e3629aea379ee43b727541794c64

                                        navigator.browserLanguage
                                    

#140 JavaScript::Eval (size: 37, repeated: 1) - SHA256: 6530649612f535f1adde48ecf8b5de0677e9b5d77db12eb3dfd90b79b363559e

                                        HTMLCanvasElement.prototype.toDataURL
                                    

#141 JavaScript::Eval (size: 15, repeated: 1) - SHA256: de7f7b137340e1d218833d7afef73ea711325f139a4428eed317ca0374f67c91

                                        navigator.oscpu
                                    

#142 JavaScript::Eval (size: 16, repeated: 1) - SHA256: d6b5ca1760fc8b29e007efc9c8d2cf7e8a2395825f6f77dada95483fc3171bdf

                                        navigator.onLine
                                    

#143 JavaScript::Eval (size: 29, repeated: 1) - SHA256: 12c1e4b959357815447bdfe9fde3665a628e0cd4bbd622c9915820ea57fe01e3

                                        window.InstallTrigger.install
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 62, repeated: 1) - SHA256: bf62311aeab400a8cba75c8ccae6444ef57ea0311735bfa8622dc37035900705

                                        < script src = 'https://wankgod.com/links-en.php?&jl=4' > < /script>
                                    


HTTP Transactions (140)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 04:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: E-FkwSBs_z9dHjQcNcU-2I-oB2Jlwvhm1Zbx_ng_3Yhorb2DOE1eyw==
Age: 2086


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5644
Expires: Mon, 26 Sep 2022 06:24:08 GMT
Date: Mon, 26 Sep 2022 04:50:04 GMT
Connection: keep-alive

                                        
                                            GET /meth-whore-deflated-tits HTTP/1.1 
Host: datawav.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         173.208.199.194
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:04 GMT
Content-Length: 178
Connection: keep-alive
Location: https://datawav.club/meth-whore-deflated-tits


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AczpaZ_Y9f59bWg-l4oKFa6qIHkKg7Q5RMLZ68kfGQSWXJ9VBcNetA==
age: 889
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 26 Sep 2022 04:50:04 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6B4223CA60315C7C88D1BBBA93072A583ECBC9A42ED4C0629866D80EF35907BB"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18991
Expires: Mon, 26 Sep 2022 10:06:36 GMT
Date: Mon, 26 Sep 2022 04:50:05 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 26 Sep 2022 04:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 26 Sep 2022 04:22:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wYIrJ4a33WKT14p0tlO74pKl395y4bSqlhtL23pkw7uNmKWjvW_x9A==
Age: 2748


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /meth-whore-deflated-tits HTTP/1.1 
Host: datawav.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         173.208.199.194
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Redirect-By: WordPress
Location: https://datawav.club/meth-whore-deflated-tits/
FrontCache: MISS


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5536
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 04:50:05 GMT
Last-Modified: Mon, 26 Sep 2022 03:17:49 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /meth-whore-deflated-tits/ HTTP/1.1 
Host: datawav.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         173.208.199.194
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Link: <https://datawav.club/wp-json/>; rel="https://api.w.org/", <https://datawav.club/wp-json/wp/v2/posts/332098>; rel="alternate"; type="application/json", <https://datawav.club/?p=332098>; rel=shortlink
X-ElasticPress-Query: true
Content-Encoding: gzip
FrontCache: MISS


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   13436
Md5:    24b4be75238577277be65f355e08dcd6
Sha1:   c62d928cab2450e6fbad57e0ceff8aea8053d66c
Sha256: d57d28b64ce747a5af2c3bbf74e20c910bb34d07457cd7b4ab67c33431bcdd53

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cPjxL27qvtbnI5iRfh7KhA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.38.146.2
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: D/iOfDrO+pEjDu8srMn/G+y0KB0=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 04:50:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1 
Host: datawav.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         173.208.199.194
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 06:31:23 GMT
Vary: Accept-Encoding
ETag: W/"630b0bbb-15b64"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT


--- Additional Info ---
Magic:  ASCII text, with very long lines (43771)
Size:   11683
Md5:    88f413500303dc21250157a6aa913a32
Sha1:   ca138ec102d96e6d7b30bf83b7dab60a16f0b5d6
Sha256: 65e072ca8d53bf38d5dde355a039a61f6c7204206a9a58ded75d2d2730cc0999
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 04:50:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/wellington/css/genericons/genericons.css?ver=3.4.1 HTTP/1.1 
Host: datawav.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         173.208.199.194
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2017 08:17:29 GMT
Vary: Accept-Encoding
ETag: W/"58f47a19-6f71"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT


--- Additional Info ---
Magic:  ASCII text, with very long lines (18732), with CRLF line terminators
Size:   16320
Md5:    f9330a5b1ff4bb3d35693982b212e4bd
Sha1:   c2c837ab1e60cfec1d60eaf6a1e2ecfcf8c7b884
Sha256: 3019eb8fd0dc294ad6c3cce11f5b7ae2f1bf72fe259dc2b54b625e74af4e33ee
                                        
                                            GET /wp-content/themes/wellington/style.css?ver=1.0.6 HTTP/1.1 
Host: datawav.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         173.208.199.194
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2017 08:17:29 GMT
Vary: Accept-Encoding
ETag: W/"58f47a19-c499"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT


--- Additional Info ---
Magic:  ASCII text, with very long lines (355), with CRLF line terminators
Size:   9068
Md5:    dea6095724497c9701e5e96321ea6bd0
Sha1:   a4bd04afdf2ede1b155b87872a34d1c97e443fe2
Sha256: 7ba56aa8ba7a9708aa49cc91cdd1db8a177af6505a735e68fa2f85a7e51b3d4c
                                        
                                            GET /uomdacwoqbvxwxj.php HTTP/1.1 
Host: datawav.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         173.208.199.194
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
FrontCache: HIT


--- Additional Info ---
Magic:  ASCII text, with very long lines (10335)
Size:   10973
Md5:    da473dea1bb1773efda6ce116f492149
Sha1:   0c3bd92efdc486ae6261332d3819646da3a65081
Sha256: db98782f93780ea01b6c5aca405b54f087fb47be410530c79c564c49b82b8b06
                                        
                                            GET /wp-content/themes/wellington/css/themezee-related-posts.css?ver=20160421 HTTP/1.1 
Host: datawav.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         173.208.199.194
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2017 08:17:29 GMT
Vary: Accept-Encoding
ETag: W/"58f47a19-1514"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   931
Md5:    99fddbd49303e57f150b016c8714159d
Sha1:   ed798b602726b08ea1e331d61469aab3138a558c
Sha256: c2345b323c0571f8d9c95256a1d44ceefd33a0791e786afe4a4a534060e3275f
                                        
                                            GET /wp-content/themes/wellington/js/navigation.js?ver=20160719 HTTP/1.1 
Host: datawav.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         173.208.199.194
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 17 Apr 2017 08:17:29 GMT
Vary: Accept-Encoding
ETag: W/"58f47a19-1538"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1589
Md5:    a73417e3fe8baa2f33f152e3bbc14097
Sha1:   622a93a734e15fc786f8f6887554c2c253028aad
Sha256: 8cb4ff8750d3f21e630c95a3c3ed5fc046e232b8c66c94c4580119bf4ae30c94
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: datawav.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         173.208.199.194
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 06:31:23 GMT
Vary: Accept-Encoding
ETag: W/"630b0bbb-2bd8"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4169
Md5:    5629711d7fdd5b28441bac39b851299f
Sha1:   4e0bf2b7383097f7c352023a1b1b1b48a50356b6
Sha256: 44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1 
Host: datawav.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         173.208.199.194
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 06:31:23 GMT
Vary: Accept-Encoding
ETag: W/"630b0bbb-48b9"
Expires: Wed, 13 Sep 2023 00:21:10 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   5004
Md5:    1b982d290af16dac5885f21a198aaa66
Sha1:   f847ca85d23c2f240938bbde0135f3de97925759
Sha256: 0b6e238cc0728a0bace390dfff472ff8bb5a5fd4714bcfcdac7c28621d67b8dc
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: datawav.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         173.208.199.194
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 06:31:23 GMT
Vary: Accept-Encoding
ETag: W/"630b0bbb-15db1"
Expires: Wed, 13 Sep 2023 00:21:11 GMT
Cache-Control: max-age=31104000
Content-Encoding: gzip
FrontCache: HIT


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30953
Md5:    7a6e4a1e4a67fac0cd39ca1dd1982f47
Sha1:   a8bf880e5db17a703293d5a3c92623a97d5a1df1
Sha256: daf4bcb15594deb268cc05f030ccaf8dfe4acab417758dd16a6f3b2d86d2908f
                                        
                                            GET /66.media.tumblr.com/d27de76c80a3e95e73a460a374b0f666/tumblr_mrhi0pQ3BP1sqwu1no1_1280.jpg HTTP/1.1 
Host: i2.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.2
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-length: 18598
last-modified: Sun, 11 Sep 2022 20:35:17 GMT
expires: Wed, 11 Sep 2024 08:35:17 GMT
cache-control: public, max-age=63115200
link: <http://66.media.tumblr.com/d27de76c80a3e95e73a460a374b0f666/tumblr_mrhi0pQ3BP1sqwu1no1_1280.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "523c66b30da58bd5"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 922x639, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   18598
Md5:    35729e53dbc8061cd6d9f413617c078a
Sha1:   efb21029d32d22014c14dd07a368c868a79a92ec
Sha256: ef1178ab8146c09468cd386815b2c0971666c966785066a6afcbbe34d1c196fa
                                        
                                            GET /c1.staticflickr.com/1/36/122443056_61f421d187_z.jpg?zz=1 HTTP/1.1 
Host: i0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.2
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-length: 36900
last-modified: Sun, 18 Sep 2022 20:20:02 GMT
expires: Wed, 18 Sep 2024 08:20:02 GMT
cache-control: public, max-age=63115200
link: <http://c1.staticflickr.com/1/36/122443056_61f421d187_z.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "194d304c51e8d7ed"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   36900
Md5:    99582acba972459f3cbf9bc9bb900a56
Sha1:   2636caeffddac5adb89e6c1903411f5e7b6bfeb9
Sha256: 24b08abe1376742244772c654670adfef3be8e27a2ca7dda56b0783b061ef2cd
                                        
                                            GET /s.smutty.com/media_smutty_2/d/a/n/a/p/danarami-roxru-71b5e3.jpg HTTP/1.1 
Host: i1.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.2
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-length: 67116
last-modified: Sun, 04 Sep 2022 02:16:07 GMT
expires: Tue, 03 Sep 2024 14:16:07 GMT
cache-control: public, max-age=63115200
link: <http://s.smutty.com/media_smutty_2/d/a/n/a/p/danarami-roxru-71b5e3.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "56d626dab2bee19a"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 620x654, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   67116
Md5:    434ba2cf7ceb8008e458b7d089b794dc
Sha1:   9e9853e7601d9000744a33d81562d65ec829be8d
Sha256: 171d7e681923a4cf5bd3fb6acad27f317fb75cfaf090008e52f06406e7bc7b9e
                                        
                                            GET /mybigtitsbabes.com/wp-content/uploads/2014/11/Carla_White_Favourite_Chair_01.jpg HTTP/1.1 
Host: i0.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.2
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-length: 129188
last-modified: Fri, 02 Sep 2022 17:25:33 GMT
expires: Mon, 02 Sep 2024 05:25:33 GMT
cache-control: public, max-age=63115200
link: <http://mybigtitsbabes.com/wp-content/uploads/2014/11/Carla_White_Favourite_Chair_01.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "edb43f5a785ce078"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 750x1124, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   129188
Md5:    846d0daca2f8a4a308dcb877c6bd3701
Sha1:   6f5b4e5b27555694b0f589067917dedced19f5b7
Sha256: b18522a26c875bee10eeb75265a7175dd996474f126a0849467379587d750182
                                        
                                            GET /64.media.tumblr.com/81e489b389e50ed361dc1f23606b590c/tumblr_n5k86zxF3R1t0dazio1_400.jpg HTTP/1.1 
Host: i1.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.2
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-length: 34270
last-modified: Mon, 29 Aug 2022 12:13:21 GMT
expires: Thu, 29 Aug 2024 00:13:21 GMT
cache-control: public, max-age=63115200
link: <http://64.media.tumblr.com/81e489b389e50ed361dc1f23606b590c/tumblr_n5k86zxF3R1t0dazio1_400.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "bb1047935c02f17f"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 400x542, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   34270
Md5:    056cb5d17c034dfb193d3ddb2bacde66
Sha1:   ea199f0e2fd22bcc60722b2cfa6192f2055bb29b
Sha256: d4135c8e26722c4488447150360cb5fa0c41d085b00f2c5a51bea1571521c856
                                        
                                            GET /i5.fapality.com/contents/albums/main/680x9999/1000/1012/44937.jpg HTTP/1.1 
Host: i1.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.2
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-length: 31880
last-modified: Sun, 24 Jul 2022 23:43:08 GMT
expires: Wed, 24 Jul 2024 11:43:08 GMT
cache-control: public, max-age=63115200
link: <http://i5.fapality.com/contents/albums/main/680x9999/1000/1012/44937.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5452595eb781c983"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 620x947, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   31880
Md5:    9d63a2e0ffe317cfaf25d82e1610913f
Sha1:   d851f7135cf819ed0c6f92c2b3be725ed47576c2
Sha256: 72fdfa02b23e4bc9409c8dbb06434a6656b1b24ae05755766df81e0674289f5a
                                        
                                            POST /solid.gif?z=1830123&abvar=0 HTTP/1.1 
Host: pfewuzbtkr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         62.122.171.6
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    28e463819a210071de3b45ebe7633613
Sha1:   6dccd571828ec0912629119cf7eabfea9f33ddbc
Sha256: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 04:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/gudea/v15/neIIzCqgsI0mp9gz25WBFqw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datawav.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 20:54:14 GMT
expires: Fri, 22 Sep 2023 20:54:14 GMT
cache-control: public, max-age=31536000
age: 287752
last-modified: Thu, 21 Apr 2022 16:51:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7920, version 1.0\012- data
Size:   7920
Md5:    797ad5f8d84a297ab16f9a9c983adfc2
Sha1:   af074543e3bbd78e086cefa983867e0936515c41
Sha256: e0037277509761be84d1c44b520649c2363df89e00568561ebf015cb3cedc91a
                                        
                                            GET /gaycj.com/cumtomyass/first-gay-ass-sex/free-gay-muscle-twink-pics-ms/zXkl/free-first-gay-time-stories014.jpg HTTP/1.1 
Host: i1.wp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.2
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-length: 800734
last-modified: Sat, 24 Sep 2022 08:29:16 GMT
expires: Mon, 23 Sep 2024 20:29:16 GMT
cache-control: public, max-age=63115200
link: <http://gaycj.com/cumtomyass/first-gay-ass-sex/free-gay-muscle-twink-pics-ms/zXkl/free-first-gay-time-stories014.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "29bd10ec73b86bf9"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 04:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/gudea/v15/neIFzCqgsI0mp9CI_oA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datawav.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 00:15:00 GMT
expires: Sat, 23 Sep 2023 00:15:00 GMT
cache-control: public, max-age=31536000
age: 275706
last-modified: Thu, 21 Apr 2022 16:47:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7908, version 1.0\012- data
Size:   7908
Md5:    15d9bbcfbc1d668a43c85d156d23262b
Sha1:   c436963710c58453c4ae27e66c051e85c084cd49
Sha256: 6db83475c4b6e3bcd2df60ca7afcedabc5140c3b55c9a6bb0ca636c5b6438e5f
                                        
                                            GET /s/magra/v14/uK_w4ruaZus72nbNDycQGvo.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://datawav.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 22:06:51 GMT
expires: Wed, 20 Sep 2023 22:06:51 GMT
cache-control: public, max-age=31536000
age: 456195
last-modified: Tue, 26 Apr 2022 15:28:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 9436, version 1.0\012- data
Size:   9436
Md5:    267ecd80d0d89a255f676a8b3cce0db0
Sha1:   215515b0a5be67a4d9c980e8926231225b036ef6
Sha256: c4920b39f85de27baf31e69b334cdf828ec2875ac4ec3a4a2d7a2e52773f7e79
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 04:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 04:50:06 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 12:04:30 GMT
Expires: Sun, 02 Oct 2022 12:04:29 GMT
Etag: "5e3e75b719ce668944dec0b3123f93c6d109bee8"
Cache-Control: max-age=543862,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750960771ed00b31-OSL

                                        
                                            GET /ssp/req/1830123/?pb=ffb284a658447b5a72b094bdefa614641664175006&psp=SaJ-rARbfCoMpO63w2pMz1W7wLXPk2DAYJJKfd9wnOCFaUFDkGGY4XKM7nK_hr-2ywRxCmsPD8T7gU1FATvzfMLnOnaOaX4W5M4r0bd6VIoZP-DtLCJgdax6ncFt2DjxhlQQDwm5x_BUKLgxpVDVrs5UzjmrBTEwcsnZJ1_bMl4R0oJV7lVu_xGa13XWVKy6RJSdG58GdcbdxGVaJwR0McIIHgJws3gZbzcQldgcU9Va2YhTdM-jKVuGwJoXXx3PwDanF-xWa7WZ3vXwFOj_oa4YWjJQp25V-wB44r4GGpkqKTYcBjgEnP65B6X-pGShNGJmiUXTwVcsUCcmpvVYAt4HCXhziEtxTG6EupmNZLOlWbJv6OrKL5N3ph5iwOH8INufWgRgA4MYqDgtuk23_1c58HqchVMaHpkb90qiBzuf9JrP-2gnhA6-v6jt7qPf5BNoPDQvpyjErtpv_KJxZrI5IZACEY8WEYNqirVAM2Slm3rCsRA4GgHsMLrvfS3_RKFKRMAxOPejsTBo9uy0sUie0EUmJV2tYnagka0LCrTYrMr3OUhLMB2FcdtON-9oEBspSBgp7z90jr5LDUTtNK3-AvnJqmJLJ2nwR7T38coIT8xPapiJjavEdUjsNDmOJm3uZ2hsVA==&cb=_clcjdt0ksuhxrsdklwgkkj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1 
Host: limurol.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         62.122.171.6
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Mon, 26 Sep 2022 04:50:06 GMT
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2209252350cdd8d8fc0a974b56bc2ddbf462; Path=/; Expires=Tue, 26 Sep 2023 04:50:06 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    a97eb6fbe6f13b601d5d48c0eba8baae
Sha1:   736efb938caf3d0edec406932ada889f1a4f2268
Sha256: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 04:50:06 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 12:04:30 GMT
Expires: Sun, 02 Oct 2022 12:04:29 GMT
Etag: "5e3e75b719ce668944dec0b3123f93c6d109bee8"
Cache-Control: max-age=543862,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750960788f910b31-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8877
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 04:50:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8877
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 04:50:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8877
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 04:50:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8877
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 04:50:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8877
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 04:50:06 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H4KXhBaRw3SvzBrbl30mV6R_vJ8bXBkyicb8fQiTp6YSBHjE8iFkNQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:49:56 GMT
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
age: 21610
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11728
Md5:    968b9c138702fb5994d1d9eab1a697fa
Sha1:   9660bb2d38079182efbd11d7a687bfc7f9d30751
Sha256: 5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa675e34b-7ee1-4318-a6a3-b49bce6a4ca4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10944
x-amzn-requestid: 2711886c-e022-4a77-862e-9d7bbd0db02e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvxHsSIAMF8Pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-6b464e2e489825b51447d74d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N-nUwIxG9TDPRBSt8-RuITSg0nVZIMMidfKme75OXsqDXJ-vcXA41Q==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:25:00 GMT
age: 23106
etag: "a3b3a4396da5beac2430e8facdb4d4b799621c9d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10944
Md5:    b6e43e36ae283d6ec12fb5c9c692fa83
Sha1:   a3b3a4396da5beac2430e8facdb4d4b799621c9d
Sha256: 49ed7dccf0fe8abb7b0bfdc34ff89b30ef719288571bb1d89d29a1cb8857310e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:35 GMT
age: 25951
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size:   12826
Md5:    b3a72e81317074689a71dac7059e4b6a
Sha1:   b6d56333d7f1ea7ddc8838d84de498ff913c5464
Sha256: e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a7e9af9-ebe4-49ea-9af4-d118f2ef0b43.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8851
x-amzn-requestid: dbe6ba4c-3d38-48e8-9d08-088d8e26e7a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUDAE23oAMF_yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd46-4f3b85952fa3109d2921d0e1;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wbbfzE5nQkhK_nsXX8XGJbOl3Yf6NDA1r_AC-0dOzqJDkLQ2BLxK9A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 23:15:06 GMT
age: 20101
etag: "4b32113aaf50132b38c8034017a6eb5a32d7040b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8851
Md5:    431ff1171a3d7c60a31cc1c3f62164ee
Sha1:   4b32113aaf50132b38c8034017a6eb5a32d7040b
Sha256: 65d598db252fb3979d3df3cb8d052861bb31d6187552f9c694ec27a322b308c9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7185
x-amzn-requestid: e7b997d7-f9ce-40c6-b9bb-372ee10d8ad0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTAfEX5oAMFcHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb9c-31e295e33ead940f381121a1;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:43:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YW8Pk1qXdq3DBNRDO3abND1HGTqhUInN2Wo3N8Uzb0zzyXrsKPCvYg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:48:52 GMT
age: 25275
etag: "0d5cb1f3e3ea510308034a5e569c0e65fae30835"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7185
Md5:    6d79a3a5bd7dc7aa6cab306176fafd11
Sha1:   0d5cb1f3e3ea510308034a5e569c0e65fae30835
Sha256: 57979dfcf6fdc76f04e4790c2b94b876e188ac780aa49d9bfc8a58c498dc4203
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20fede81-e065-476d-b8c9-466c4d80f419.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7998
x-amzn-requestid: beedf4d8-29c0-43c6-92d0-40af6b9ee9f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTibE5LoAMFXLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cc75-1be97f2a525b9a5e3146d4be;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:47:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: i8BwIohBNqfEavPXBqSWshg7G-WF9UkBBScnDcyH4qEYV9TzreLXWA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:03:29 GMT
age: 24398
etag: "5c4ee294c98e8fc9312a7d481b6ec165494cf852"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7998
Md5:    27d324b1fb661c318aced98468501b3c
Sha1:   5c4ee294c98e8fc9312a7d481b6ec165494cf852
Sha256: 937296b5da48df0495ebd0cb3509b7c00059725c00c5b97f475ba2382a0e5437
                                        
                                            GET / HTTP/1.1 
Host: 6.adsco.re
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.166.186
HTTP/2 200 OK
content-type: text/plain;charset=UTF-8
                                        
date: Mon, 26 Sep 2022 04:50:07 GMT
content-length: 0
access-control-allow-origin: https://datawav.club
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 75096079c8271c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "88E956E1405478B590D58E73E534C07785A1274B25DB9A3A3F1F58755DC993DE"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20452
Expires: Mon, 26 Sep 2022 10:30:59 GMT
Date: Mon, 26 Sep 2022 04:50:07 GMT
Connection: keep-alive

                                        
                                            GET /ssp/req/1830123/?pb=ffb284a658447b5a72b094bdefa614641664175006&psp=SaJ-rARbfCoMpO63w2pMz1W7wLXPk2DAYJJKfd9wnOCFaUFDkGGY4XKM7nK_hr-2ywRxCmsPD8T7gU1FATvzfMLnOnaOaX4W5M4r0bd6VIoZP-DtLCJgdax6ncFt2DjxhlQQDwm5x_BUKLgxpVDVrs5UzjmrBTEwcsnZJ1_bMl4R0oJV7lVu_xGa13XWVKy6RJSdG58GdcbdxGVaJwR0McIIHgJws3gZbzcQldgcU9Va2YhTdM-jKVuGwJoXXx3PwDanF-xWa7WZ3vXwFOj_oa4YWjJQp25V-wB44r4GGpkqKTYcBjgEnP65B6X-pGShNGJmiUXTwVcsUCcmpvVYAt4HCXhziEtxTG6EupmNZLOlWbJv6OrKL5N3ph5iwOH8INufWgRgA4MYqDgtuk23_1c58HqchVMaHpkb90qiBzuf9JrP-2gnhA6-v6jt7qPf5BNoPDQvpyjErtpv_KJxZrI5IZACEY8WEYNqirVAM2Slm3rCsRA4GgHsMLrvfS3_RKFKRMAxOPejsTBo9uy0sUie0EUmJV2tYnagka0LCrTYrMr3OUhLMB2FcdtON-9oEBspSBgp7z90jr5LDUTtNK3-AvnJqmJLJ2nwR7T38coIT8xPapiJjavEdUjsNDmOJm3uZ2hsVA==&cb=_clcjdt0ksuhxrsdklwgkkj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1 
Host: limurol.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         62.122.171.6
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Mon, 26 Sep 2022 04:50:07 GMT
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22092523502e35027476104b88a68e32b8a0; Path=/; Expires=Tue, 26 Sep 2023 04:50:06 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    a97eb6fbe6f13b601d5d48c0eba8baae
Sha1:   736efb938caf3d0edec406932ada889f1a4f2268
Sha256: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ssp/req/1830123/?pb=ffb284a658447b5a72b094bdefa614641664175006&psp=SaJ-rARbfCoMpO63w2pMz1W7wLXPk2DAYJJKfd9wnOCFaUFDkGGY4XKM7nK_hr-2ywRxCmsPD8T7gU1FATvzfMLnOnaOaX4W5M4r0bd6VIoZP-DtLCJgdax6ncFt2DjxhlQQDwm5x_BUKLgxpVDVrs5UzjmrBTEwcsnZJ1_bMl4R0oJV7lVu_xGa13XWVKy6RJSdG58GdcbdxGVaJwR0McIIHgJws3gZbzcQldgcU9Va2YhTdM-jKVuGwJoXXx3PwDanF-xWa7WZ3vXwFOj_oa4YWjJQp25V-wB44r4GGpkqKTYcBjgEnP65B6X-pGShNGJmiUXTwVcsUCcmpvVYAt4HCXhziEtxTG6EupmNZLOlWbJv6OrKL5N3ph5iwOH8INufWgRgA4MYqDgtuk23_1c58HqchVMaHpkb90qiBzuf9JrP-2gnhA6-v6jt7qPf5BNoPDQvpyjErtpv_KJxZrI5IZACEY8WEYNqirVAM2Slm3rCsRA4GgHsMLrvfS3_RKFKRMAxOPejsTBo9uy0sUie0EUmJV2tYnagka0LCrTYrMr3OUhLMB2FcdtON-9oEBspSBgp7z90jr5LDUTtNK3-AvnJqmJLJ2nwR7T38coIT8xPapiJjavEdUjsNDmOJm3uZ2hsVA==&cb=_clcjdt0ksuhxrsdklwgkkj&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1 
Host: limurol.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         62.122.171.6
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Mon, 26 Sep 2022 04:50:07 GMT
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22092523505c269c928d824c53bf8e5f4503; Path=/; Expires=Tue, 26 Sep 2023 04:50:06 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    a97eb6fbe6f13b601d5d48c0eba8baae
Sha1:   736efb938caf3d0edec406932ada889f1a4f2268
Sha256: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: 4.adsco.re
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         162.252.214.5
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 26 Sep 2022 04:50:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://datawav.club
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   62
Md5:    adde5febc7b5b6c2c759ec735cce83a0
Sha1:   77ec17be8a9970ff04663294d41c590d0d24fde4
Sha256: ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
                                        
                                            POST / HTTP/1.1 
Host: he2vye2vhrwt.l4.adsco.re
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.200.118.90
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Mon, 26 Sep 2022 04:50:07 GMT
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes

                                        
                                            GET /js/jads.js HTTP/1.1 
Host: adserver.juicyads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.245
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:07 GMT
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eb9"
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3769), with no line terminators
Size:   1720
Md5:    65b1efdf55163b144c5018b8772765ad
Sha1:   509de5f40450f3cf05e0d8d1b939fed2bbb11cbe
Sha256: cf23ab637d84de0eb1c1e67764e05ca0aa140e6ee932a60700fc35661644ee48
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: datawav.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72; a=S2tnAKf9oXcXsCraHETEMINSTJ7wV4Kf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         173.208.199.194
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5f77c832-f7"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   184
Md5:    8ea8556770bd53150ab76b23f87936a6
Sha1:   6c615fdc6839c5ed11a30ebc227646ac6aef493b
Sha256: c4f8c99f5287623d6325502365d07eb6dc33d0c58c1c2def811f9b06ff7d68f0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3B21B85F70E346B703546486CFDEAAF08940BA9E57E5B7095CACC496E50CC46E"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1940
Expires: Mon, 26 Sep 2022 05:22:27 GMT
Date: Mon, 26 Sep 2022 04:50:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "814E75D1F248CD7BDC505FABEC42B103880ED89329940BE06D039B84D1F1B95F"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8220
Expires: Mon, 26 Sep 2022 07:07:07 GMT
Date: Mon, 26 Sep 2022 04:50:07 GMT
Connection: keep-alive

                                        
                                            GET /js15_as.js HTTP/1.1 
Host: s10.histats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         46.105.201.240
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Mon, 26 Sep 2022 04:48:03 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 176030439
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (11440), with no line terminators
Size:   4364
Md5:    ed192092c129db6123a3397855f42619
Sha1:   067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
Sha256: 998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
                                        
                                            POST / HTTP/1.1 
Host: he2vye2vhrwt.n4.adsco.re
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         38.132.109.186
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Mon, 26 Sep 2022 04:50:07 GMT
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes

                                        
                                            POST /p HTTP/1.1 
Host: adsco.re
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1891
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         162.252.214.5
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 26 Sep 2022 04:50:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://datawav.club
Access-Control-Allow-Credentials: true
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   171
Md5:    78c6c659abe59cc921a793b2b28da2cc
Sha1:   caf9dbf07c84dbb0be10e3e7f1d47eca7f00762d
Sha256: c0786e60edec4e49b71547b57fe5e43b704a28a040e6c55617749a6bf8420c2f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DE1AB26AB1D9DC17304A5E60B3836031BD35A92D16F9A2770FF5A3442B2264B5"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20394
Expires: Mon, 26 Sep 2022 10:30:01 GMT
Date: Mon, 26 Sep 2022 04:50:07 GMT
Connection: keep-alive

                                        
                                            GET /stats/0.php?3916601&@f16&@g1&@h1&@i1&@j1664167805667&@k0&@l1&@mMeth%20Whore%20Deflated%20Tits&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:167783817&@b3:1664167806&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdatawav.club%2Fmeth-whore-deflated-tits%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.99.13.63
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Mon, 26 Sep 2022 04:50:07 GMT
Content-Length: 52
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   52
Md5:    802a9cb7068d86dda5b1975ff873d82c
Sha1:   91f20768011a917534bdbeba1a745732cc2158a1
Sha256: ee7f3c7b05e12cf6101e9594d1cf60662afdc17476abc66b1363edbd31fada5d
                                        
                                            GET /adshow.php?adzone=593090 HTTP/1.1 
Host: adserver.juicyads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.245
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:07 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=fab523e540a87d62f20f2b0b5e81a209; expires=Tue, 26-Sep-2023 04:50:07 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.juicyads.com juicy_data_1=YTowOnt9; expires=Thu, 29-Sep-2022 04:50:07 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Thu, 29-Sep-2022 04:50:07 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   1357
Md5:    d31845241d3aba722f1085345839691a
Sha1:   c9aa2b00462273bbc2348f34951b065ec722bba8
Sha256: 7e1bef7c46a1ce695d3535384ce63e464dc9e3cdf5c93cbf7e07eed6ba41ac98
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 04:50:07 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 13:12:44 GMT
Expires: Sat, 01 Oct 2022 13:12:43 GMT
Etag: "7b4195903a0e2c596dfdbfa54288b12ebf1942a3"
Cache-Control: max-age=461555,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7509607daa940b31-OSL

                                        
                                            GET /paFV.htm?_=BAYAYzEvfwFjMS9_gAGBAsAAIGMuBT5hQW1VwxHy70PoEN2pr-wbeHL2UnCv0YMx_tf2wQBGMEQCIGwhg0ai2XNG-WUM--bLOFm04m_y2zP6ZykVlcei9XUIAiAF2vf1Zb7jMe2bqY4zn5ORNRgsaxD_50NmV0bix-Qm2A&v=4&HCzUOAKu=1955226&EDxBFPrc=&zJYVdOtW=0,0&zHqsMycB=&jlvbwKOu=&s=1280,1024,1,1280,1024,0 HTTP/1.1 
Host: blockadsnot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         208.95.112.254
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
set-cookie: PP_CV=yes; expires=Mon, 26-Sep-2022 05:50:07 GMT; Max-Age=3600 fraudcheck=77fcda4fa9dd6f5881b6daa61920e892; expires=Wed, 26-Oct-2022 04:50:07 GMT; Max-Age=2592000; path=/; domain=.popads.net PopAds_CF_Pass=1; expires=Mon, 26-Sep-2022 10:50:07 GMT; Max-Age=21600
link: <https://www.pornsheriff.com>;rel=preconnect
content-length: 705
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 04:50:07 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1004), with no line terminators
Size:   705
Md5:    d73c1b2708ee3d7ec2d3ada27471e6a4
Sha1:   5a1497a27879842ed6a6e6220269abafb5ad5be9
Sha256: 9455d6ba03f90a502fa462cc294961a917687127851317dd1acfe8e2e9cd3c19
                                        
                                            GET /adshow.php?adzone=770180 HTTP/1.1 
Host: adserver.juicyads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.245
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:08 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=fab523e540a87d62f20f2b0b5e81a209; expires=Tue, 26-Sep-2023 04:50:07 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.juicyads.com imps52696=1; expires=Tue, 27-Sep-2022 04:50:07 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.juicyads.com juicy_data_1=YToxOntpOjE0NjQ4Mjg7aToxNjY0NDI3MDA3O30%3D; expires=Thu, 29-Sep-2022 04:50:07 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Thu, 29-Sep-2022 04:50:07 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1386), with CRLF, LF line terminators
Size:   1720
Md5:    f920570b7233faa70bb9461c1b28ad28
Sha1:   2156037cc0e2e1a163d4f150ba75b358472b71b2
Sha256: b820b697a0da477afc5f844cded719c1721f812ec75a108fef42f47d0625f731
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "896F916F7B74BF1DFBF6B95F66BA3AF8A1F893FE5BF5C63C25903E4BDA71BB99"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17511
Expires: Mon, 26 Sep 2022 09:41:59 GMT
Date: Mon, 26 Sep 2022 04:50:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 04:50:08 GMT
Server: ECS (amb/6B7B)
Content-Length: 278

                                        
                                            GET /network/user73811/52696-1664031075-0801558001664031075.jpg HTTP/1.1 
Host: ads.juicyads.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 26 Sep 2022 04:50:08 GMT
etag: "1664031075"
cache-control: max-age=31526756
content-length: 29560
last-modified: Sat, 24 Sep 2022 14:51:15 GMT
accept-ranges: bytes
x-hw: 1664167808.dop215.sk1.t,1664167808.cds065.sk1.hn,1664167808.cds251.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 300x250, components 3\012- data
Size:   29560
Md5:    a6e17d9cf7177857be7e4c3ff3de522a
Sha1:   e2f5e84b37336ea43a431bc4afb4c862ea877c5e
Sha256: 7290c51bdd96cb1828a7d7efdfbce5d5a3057b5e3dc57ddab4f659fcfb2280d8
                                        
                                            GET /1x1.gif HTTP/1.1 
Host: ads.juicyads.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: image/gif
                                        
date: Mon, 26 Sep 2022 04:50:08 GMT
etag: "1457030838"
cache-control: max-age=23057458
content-length: 43
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
accept-ranges: bytes
x-hw: 1664167808.dop215.sk1.t,1664167808.cds065.sk1.hn,1664167808.cds217.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    9bb191c6827273aa978cab39a3587950
Sha1:   25d8043336eb799e52b1a0e15ff6b95e09c24e35
Sha256: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 04:50:08 GMT
Last-Modified: Mon, 26 Sep 2022 04:50:08 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: he2vye2vhrwt.s4.adsco.re
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.200.116.90
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Mon, 26 Sep 2022 04:50:08 GMT
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.pornsheriff.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.9.31
HTTP/2 301 Moved Permanently
content-type: text/html; charset=iso-8859-1
                                        
date: Mon, 26 Sep 2022 04:50:08 GMT
location: https://pornsheriff.com/favicon.ico
cf-cache-status: HIT
age: 1586
expires: Mon, 26 Sep 2022 05:20:08 GMT
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHE%2F9GvIC88JiUWXfreHhtHuJoDytHlIJyPjP5l4IDT9z6WmdQjTHyKm0%2BNvEpxMCjDDZmz%2F0Ve%2FFvZ8lmNFin9pQSLMXeFuIXw1U6qtVyMgkllMHqqKdrzCTrwGm3JjLqh0Ytc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75096080ea46b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (379), with CRLF, LF line terminators
Size:   1073
Md5:    2a3e751e2516417239ab924af066402e
Sha1:   d7886298c83b53a8e87b7335a05e0cc67c2defc6
Sha256: 00737bb93e0ad23f57617d28ca03734f444d0d591a0900dc675dbd2b4357debb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1962
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 04:50:08 GMT
Last-Modified: Mon, 26 Sep 2022 04:17:26 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 16
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 04:50:08 GMT
Last-Modified: Mon, 26 Sep 2022 04:49:52 GMT
Server: ECS (amb/6BBA)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 04:50:08 GMT
Server: ECS (amb/6B7B)
Content-Length: 278

                                        
                                            GET /in/?track=juicyront2-728x90-2022&tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f HTTP/1.1 
Host: chaturbate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.18.101.40
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Mon, 26 Sep 2022 04:50:08 GMT
location: /tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
set-cookie: u_x1Rd=1; expires=Sat, 01-Oct-2022 04:50:08 GMT; Max-Age=432000; Path=/ us_x1Rd=1; Path=/ affkey=eJwdjU0OQDAQRq8is0aZjZ+lC0jcoEabIkXakRBxdxnL972XfA8wtAlc5TBBmgD5Q5B1HzthDqvwcs50h31jzCqsr6bIsECUIIh2zEdslSLtIznN+WZYidXWiqd7NMHPq5HtP8AS3g9TlSKZ; Domain=.chaturbate.com; expires=Wed, 26-Oct-2022 04:50:08 GMT; Max-Age=2592000; Path=/ fromaffiliate=1; Domain=.chaturbate.com; Path=/ noads=1; expires=Mon, 26-Sep-2022 10:50:08 GMT; Max-Age=21600; Path=/ stcki="pOtSwZ=0\054FqPd9a=1\0546pduSG=0\054aDBbcK=0"; expires=Wed, 26-Oct-2022 04:50:08 GMT; Max-Age=2592000; Path=/ sbr=sec:sbrdd35ef8c-e985-4340-ad2e-0d2b5969ace4:1ocg4G:agGQ2RoCHUlxwUu70xOyS4dn7KY; Domain=.chaturbate.com; expires=Sat, 21-Jun-2025 04:50:08 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure __cf_bm=I7AobrWdnmT5i6UKxj3WxlRUnQgn5DwR3c.At8KHwPw-1664167808-0-AaA9kllX9oFDDODfhrF5Nk6JuE408xsUFaCzEvD4SkOAlrSk/Kxz8R+eYtr4ZFvs7W0dm9qaSeVBMt/4Bdpmwkg=; path=/; expires=Mon, 26-Sep-22 05:20:08 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 750960824c4fb4ff-OSL
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1287
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 04:50:08 GMT
Last-Modified: Mon, 26 Sep 2022 04:28:41 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279


--- Additional Info ---
Magic:  data
Size:   5124
Md5:    e92c12f1ae64109638c83f0cb0235f2d
Sha1:   68140b303052f7d645b022bb38f4c50b54f45ddf
Sha256: 515bda70458dc819babc846df121a9b8e778ad440dc8b7a543a20bc78b99edde
                                        
                                            GET /thumbs/1664167553/83546471 HTTP/1.1 
Host: img.strpst.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.alxbgo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.62.52
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 26 Sep 2022 04:50:08 GMT
content-length: 20994
cf-bgj: imgq:100,h2pri
cf-polished: origSize=21946, status=webp_bigger
etag: "3cd731c069cbe1667035a36eae216b17"
last-modified: Mon, 26 Sep 2022 04:46:07 GMT
cf-cache-status: HIT
age: 119
expires: Mon, 26 Sep 2022 04:55:08 GMT
cache-control: public, max-age=300
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 750960847a8d0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Size:   20994
Md5:    fa40046db045c3ec9ec66a0bf1f923e7
Sha1:   7c17a15554a8caaec62b6aa55bfd6677397badf1
Sha256: be890c2895ffcfd4462adffcc0fca7e154150352b3c56a002cb15a141654e1da
                                        
                                            GET /links-en.php?&jl=4 HTTP/1.1 
Host: wankgod.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.72.209
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 26 Sep 2022 04:50:07 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giMh%2FPtzPH%2FYa%2F1vrdeP1%2BoErlKyGUYAUKvsFIywp3qkdQ%2FBTPX0p0wKLK66UW51K78Um%2B%2BZDHa167z0DuAU53d6NnYtS08A4LJsl4%2B32M6nHz7rwUFWx22Dxop1eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750960760e9ffac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   870
Md5:    c5a1c4ad587bcc005bb2d01084db38a7
Sha1:   040d3da3366090a028a8448bfe262632698f08d9
Sha256: bd9944d9dfc3402275bdd3e5d7c3586760d8202a70e6665a5863de5225bbc235
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "84075EF776CD172F768BD8E3827073139C12693CFD859D7F3C9C1B23866B4F02"
Last-Modified: Sat, 24 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=924
Expires: Mon, 26 Sep 2022 05:05:32 GMT
Date: Mon, 26 Sep 2022 04:50:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1287
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 04:50:08 GMT
Last-Modified: Mon, 26 Sep 2022 04:28:41 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /72890/freegamet2.php HTTP/1.1 
Host: camschat.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/72890/juicyt2.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         66.230.180.98
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Mon, 26 Sep 2022 04:50:08 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.3
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   14119
Md5:    4139c3205cc2952d7d40a0c83a6689cc
Sha1:   185baeeb3266ece5cb7bc5f2c94ae245ae1e6a32
Sha256: aac63c8bb437c856afe5cc8aba00d1431d9a447c45b3cac0f7b006572f7a1546
                                        
                                            GET /images/ico-cams.png?829027f88094 HTTP/1.1 
Host: static-assets.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/CACHE/css/output.5c1e955e3832.css
Cookie: _cfuvid=RTlVUGEOTkXxD8gk91d7aY_gTaTfWp3_0ifSdadILnw-1664167808795-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.16.94.42
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 26 Sep 2022 04:50:08 GMT
content-length: 549
cache-control: public, max-age=2592000
cf-bgj: imgq:100,h2pri,csam-hash
cf-polished: origSize=1457
etag: "58ecd9d7af4908cce84eccd4cbd6f0d0"
last-modified: Tue, 19 Jan 2021 22:03:22 GMT
x-amz-id-2: uk+Y+mMt51OLA32rfvOrwKQRVhebnzwVD7WNGN89HYS/N/FIKgMltVMzadOcg1MyUuhiPycAlHk=
x-amz-meta-s3cmd-attrs: md5:58ecd9d7af4908cce84eccd4cbd6f0d0
x-amz-request-id: 2BDHEK7PHQPF17BP
cf-cache-status: HIT
age: 950589
expires: Wed, 26 Oct 2022 04:50:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeRca9msFC25Ip2WhnAawjCxu7UMEHv0BcdEYMZOMupNj0gSDalR9VSTykFGokAXc3H3g3JJuEzBdv39jnlv0S8Q4M%2BmRgPJWCJF9nkjUpMXEJO9lUqPanb4q%2FgPs8HLHTLekznjsJn5N2bN2iZZnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7509608528540b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 13 x 15, 8-bit colormap, non-interlaced\012- data
Size:   549
Md5:    4437b02e2efeaa0eb69858a7eb957af6
Sha1:   2dfa9c3fa2fc56c7504c043876eaad9526abed62
Sha256: 52dc5730b7afd3f35531dcca2bd7b9984f0271d15c8b449c4b1d425dddf12a33
                                        
                                            GET /adshow.php?adzone=593091 HTTP/1.1 
Host: adserver.juicyads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.94.236.245
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:08 GMT
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=fab523e540a87d62f20f2b0b5e81a209; expires=Tue, 26-Sep-2023 04:50:07 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.juicyads.com juicy_data_1=YTowOnt9; expires=Thu, 29-Sep-2022 04:50:07 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Thu, 29-Sep-2022 04:50:07 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=juicyads.com
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (351), with CRLF, LF line terminators
Size:   1465
Md5:    79b3b8fd5c260cda98b80d11b1b29c1e
Sha1:   5f7ff35b8df66ee5d470a81da6f1e49b55ee7a3d
Sha256: 40da17f79785bec52c1be1e13bbc8644a2b78fbc264077b813f4fbcf7845a846
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 04:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0 HTTP/1.1 
Host: chaturbate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://camschat.net/
Connection: keep-alive
Cookie: __cf_bm=I7AobrWdnmT5i6UKxj3WxlRUnQgn5DwR3c.At8KHwPw-1664167808-0-AaA9kllX9oFDDODfhrF5Nk6JuE408xsUFaCzEvD4SkOAlrSk/Kxz8R+eYtr4ZFvs7W0dm9qaSeVBMt/4Bdpmwkg=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.101.40
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Mon, 26 Sep 2022 04:50:08 GMT
vary: Accept-Encoding, Accept-Language, Cookie
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
cache-control: no-cache
set-cookie: stcki="pOtSwZ=1\054FqPd9a=0\0546pduSG=0\054aDBbcK=0"; expires=Wed, 26-Oct-2022 04:50:08 GMT; Max-Age=2592000; Path=/ affkey="eJyrVipSslJQyigpKSi20tdPTswtTs5ILNHLSy3RV6oFAJUzCgA="; Domain=.chaturbate.com; expires=Wed, 26-Oct-2022 04:50:08 GMT; Max-Age=2592000; Path=/ sbr=sec:sbr22765154-63f6-444c-8aa3-a90581c16787:1ocg4G:5QRu039FmgnBeZ90-DIL_1pdO0U; Domain=.chaturbate.com; expires=Sat, 21-Jun-2025 04:50:08 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 750960835d0eb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (35711), with no line terminators
Size:   46930
Md5:    9e755f18a3ac02d0c3d5cfc42e3776cd
Sha1:   7cc1b6e55c9f3b444990ed986897b8fe11bf676b
Sha256: 4e6df6d017c79f3e719bebbbcf5259c9e0ecbfd4ea36ecee6725b9bd45fd4621
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 04:50:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   2922
Md5:    66a34bb09cd39510070ab620de506d3c
Sha1:   414811b9bfc871caf8d412c72baf3a2b99e81029
Sha256: 2081dcd8c1ce210b6382ba9a0d2057057eed2bdf77141922e8b058c6279975f6
                                        
                                            GET /nr-spa-1216.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 04:50:09 GMT
via: 1.1 varnish
x-served-by: cache-bma1639-BMA
x-cache: HIT
x-cache-hits: 51
x-timer: S1664167809.007908,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32010)
Size:   18216
Md5:    6561a2403142205f966207d61576f1a6
Sha1:   1310e72f494e12ab63a4280fc1600a2c89dc9bb8
Sha256: 0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7296EBBB880995C6AB14B682035B74FBA6CCB60481AA81248A1369B6DC4BD8EE"
Last-Modified: Sat, 24 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10812
Expires: Mon, 26 Sep 2022 07:50:21 GMT
Date: Mon, 26 Sep 2022 04:50:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5314
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 04:50:09 GMT
Last-Modified: Mon, 26 Sep 2022 03:21:35 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /s1/5309a775-e969-417d-a06a-3c85cf15d552?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=21942&cv4=195993&cv5=593091&cv6= HTTP/1.1 
Host: r.trwl1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adserver.juicyads.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.98.53.17
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.20.1
Date: Mon, 26 Sep 2022 04:50:09 GMT
Content-Length: 748
Connection: close
Set-Cookie: uid=OMigVy4aM; Path=/; Domain=trwl1.com; Expires=Tue, 27 Sep 2022 04:50:09 GMT; HttpOnly
X-Request-Id: 6bf08d66-91c1-40e0-ab1e-390c352f8148


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (552)
Size:   748
Md5:    a00f4587d70607c4025d0fb50f7c8842
Sha1:   2bd6a54a4d09ec8f22a3faf87eecb2f1bffd5778
Sha256: f10f913a0962ec43663f768fb210fc493a58510683461b1d6491f721a62e0e38
                                        
                                            GET /gehentai.webp HTTP/1.1 
Host: freecamsfan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.232.43.9
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Mon, 26 Sep 2022 04:50:08 GMT
content-length: 22458
last-modified: Sun, 21 Feb 2021 16:44:26 GMT
etag: "60328dea-57ba"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   22458
Md5:    40a1e7e1f03a91c22f9888882f81d77b
Sha1:   b93537995bad8d3a1beba1687bf1e36ffa7ebac3
Sha256: 42f292e15a5fb58f3bdce2b70d0bcd41ec00482ef30b1a819d107fa49249a97b
                                        
                                            GET /h5/files/overlay/1602-overlay-preview.png HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjI3ODQ4fQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.76.9.24
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 26 Sep 2022 04:50:09 GMT
content-length: 1546
last-modified: Wed, 20 Apr 2022 13:56:48 GMT
etag: "62601120-60a"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRQAB4//MMWlAA
x-77-nzt-ray: 34En00Laix0
x-cache: HIT
x-age: 10863920
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size:   1546
Md5:    7083a71bc40e5d85670940c518cacca2
Sha1:   a2caeb7c6ca3960af2881434fb0df0c2241d7288
Sha256: 7c4049c76ecd35b05855df0c6ce7e1157213d9fb92c3b2b05ebf9b5d9bdff03a
                                        
                                            GET /h5/files/overlay/1602-overlay.png HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjI3ODQ4fQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.76.9.24
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 26 Sep 2022 04:50:09 GMT
content-length: 1839
last-modified: Wed, 20 Apr 2022 13:56:47 GMT
etag: "6260111f-72f"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRQUP1v/MMWlAA
x-77-nzt-ray: tCweD2g0ZH0
x-cache: HIT
x-age: 10863920
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size:   1839
Md5:    f4403fc07b7c414db6ec613317885035
Sha1:   457d3e8f9e9fb0456292efdbd5f18b318e804ea7
Sha256: 00ffbfa9483f4a6e8b85b6ab368a9547cf29e54c1aeb2bfcf81f34ec2bf50ee7
                                        
                                            GET /h5/files/button/29-button.png HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjI3ODQ4fQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.76.9.24
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 26 Sep 2022 04:50:09 GMT
content-length: 733
last-modified: Tue, 22 Dec 2015 18:41:22 GMT
etag: "56799952-2dd"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRQ8T8D/MMWlAA
x-77-nzt-ray: 3xOstZeiGEA
x-cache: HIT
x-age: 10863920
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size:   733
Md5:    82a66a2d222379716ca9a03ff50d8f42
Sha1:   ae43d917ff791f9172edc527baa6266416182aaa
Sha256: cc5da7b40e498d30bf5eaae43e59cae32202737076422676489dd8d3030803de
                                        
                                            GET /1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=687&ck=1&ref=https://chaturbate.com/tours/3/&ap=37&be=409&fe=626&dc=474&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664167806663,%22n%22:0,%22r%22:0,%22re%22:185,%22f%22:185,%22dn%22:185,%22dne%22:185,%22c%22:185,%22s%22:185,%22ce%22:185,%22rq%22:188,%22rp%22:391,%22rpe%22:391,%22dl%22:395,%22di%22:473,%22ds%22:473,%22de%22:479,%22dc%22:624,%22l%22:624,%22le%22:626%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=483&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFMJDA8BWQIMBVIGBlcAXxh2Yi0TFUMhJTshCU0XAwdZHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwwBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEwtTVVVRUlMNGA8CBwcUVVZXB05eWFQKHAAICVRaUgdSUA4NDhNNE0sEBAYWBhQbDxtZFUVJElhMSwAHVEZaWQBFFw8HF0tBShtHXEAUVEoVPQ4BFw5WURsLQ3Z8NUBPRhMfTV1WXz5HXBMRCgsNRAMXCh9WExVDFwI7BwNPXFpUPldYDAsPHUFcG3pNWQRDG01AFgU8AlxDUFIEbk0YEgZGWURdUEpaFV5JQ05BEQI5VkZmVwBcUA0bQV5BKlBbTElDHRsUAzwLEDlPUEtCCF5XQ1hBRk9ETFRmUxNeThIHETsFB1RcVUhDCxsnCxEBBQlBFxUTFFBmAxAMExADS2pPVBNCUA4MQV5BXw8bCRNNE0wAPRAQEQ9XUhsLQ3xWGwsPCAJJDBsJEUlpCFBZQygKCExNGUlZB2ZXVlhEERADDA8fURgZJgcADwxJCwUIAVEACVBCJQ0RA19aQR5YBxdRQE9GBA9NalpeDFxQFUBZRlZXX1cBBVIJCVgHAkZPRElUS1AMQhtbQBg4QRJWQEttQwsZPUAbVTECZRcVET0TWgAPEwUKAVdpGwtBbRsVAywXITobGRltQ1JlQ1hDOEFXZRcVET0TST1AWUQ/RAlpGx1BbRsGBw0ABhRlFwMRPRNfPUBPRD9EXVxKUANdXD4RDBENAmUXAxE9Ewk9QB5GT0RcWVBWCFNVBD0QFA8PTWpNVBJFSkNYQUQnFVpDS3NQEX0SARUWIVQZcUpSF0N7UkInFwAQS3cNEUMdGwQOCgMKBFVQZkIRXVAVPRcBEBJKaldCQwsbQQYKFwAJT1BLSD5BWAYHQ0ZPRFhWTVgXVGYSEg8NFzlNUEpFEhMDQ0InFwAQS3cIEUMdGwABFw0VA2ZGSV0IRWYVBxAQEDlXRhsLQxFdCBEACxUDS0xmQQBWXEFAHhk%3D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Mon, 26 Sep 2022 04:50:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75096086aad5b524-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=12f048ac13ee1a66; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   72
Md5:    107d93e382e2c9b00fbf9fb0edc65d86
Sha1:   77e750e3ebf9706f4f6dd253785602d70be17c6c
Sha256: a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
                                        
                                            POST /events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=895&ck=1&ref=https://chaturbate.com/tours/3/ HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 1899
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 26 Sep 2022 04:50:09 GMT
Content-Length: 24
Connection: keep-alive
CF-Ray: 75096087cbc3b524-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   24
Md5:    bc32ed98d624acb4008f986349a20d26
Sha1:   2d3df8c11d2168ce2c27e0937421d11d85016361
Sha256: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
                                        
                                            GET /dating.gif HTTP/1.1 
Host: freecamsfan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.232.43.9
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 26 Sep 2022 04:50:08 GMT
content-length: 185793
last-modified: Fri, 26 Feb 2021 16:07:21 GMT
cache-control: max-age=31536000
expires: Tue, 26 Sep 2023 04:50:08 GMT
etag: "60391cb9-2d5c1"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 120 x 100\012- data
Size:   185793
Md5:    b1aa3416bef335ab9109ad05ceee9735
Sha1:   3cf894858dcfd1cbca13d40ef1c7e564d99d029f
Sha256: 5edea533632cb22a9ba725b227cd54e01b5c3f7d8321eb84f5079c6a1a59e119
                                        
                                            GET /as/if?p=reseller&w=120&h=100&v=8642&AFNO=1-367 HTTP/1.1 
Host: as.2020mustang.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         216.127.52.242
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx/1.18.0
Date: Mon, 26 Sep 2022 04:50:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store
Access-Control-Allow-Origin: *
Set-Cookie: at11664167809937_0_8642_4965=0001000; expires=Wed, 26-Oct-2022 04:50:09 GMT; Max-Age=2592000; path=/as; secure; SameSite=None iid=2090-1664167809; expires=Thu, 23-Sep-2032 04:50:09 GMT; Max-Age=315360000; path=/; secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (911)
Size:   3674
Md5:    8a4688ca7345af62f4b61acfd6905d55
Sha1:   7ebf89bbb40c9c26ddfccc8d35814564b210b70a
Sha256: 756b1748645c92ce99dca74681ba487067ddb71b8354a2abf8ee69961f2f4ce0
                                        
                                            GET /jquery-2.1.3.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.2020mustang.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 26 Sep 2022 04:50:09 GMT
content-encoding: gzip
content-length: 29507
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-14960"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664167809.dop026.sk1.t,1664167809.cds249.sk1.hn,1664167809.cds215.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32180)
Size:   29507
Md5:    de4fdb8e2e5d9b9624bad7ed2b726525
Sha1:   053a31e8e83b261e3863c4f9e652caba910a2b89
Sha256: f44c9556d0ecebc0716a7fce2899c0b40ed96394bebafb2937f4305bf3b118f3
                                        
                                            GET /jquery-plugins/modernizr-2.6.2-respond-1.1.0.min.js HTTP/1.1 
Host: m.2020mustang.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.2020mustang.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         69.16.175.10
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 26 Sep 2022 04:50:09 GMT
Connection: Keep-Alive
ETag: "1367368554"
Cache-Control: max-age=86400
Content-Length: 19484
Last-Modified: Wed, 01 May 2013 00:35:54 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1664167809.dop228.sk1.t,1664167809.cds021.sk1.shn,1664167809.cds021.sk1.c


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (14756)
Size:   19484
Md5:    70d492eca4141bdd1452977dd893dd63
Sha1:   9cd9504b3afdeca86a03251591e1afab36ae2c57
Sha256: ce0f70d9e807bb959717d8350c21a107f5b6b7221a774b6d1ed057219468a260
                                        
                                            GET /common/fontawesome-430/font-awesome.min.css HTTP/1.1 
Host: m.2020mustang.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.2020mustang.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         69.16.175.10
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 26 Sep 2022 04:50:09 GMT
Connection: Keep-Alive
ETag: "1422564509"
Cache-Control: max-age=86400
Content-Length: 23685
Last-Modified: Thu, 29 Jan 2015 20:48:29 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1664167809.dop206.sk1.t,1664167809.cds212.sk1.shn,1664167809.cds212.sk1.c


--- Additional Info ---
Magic:  ASCII text, with very long lines (23523)
Size:   23685
Md5:    3738ef90dad175977dc8a695809bb71a
Sha1:   98aa676ba7987caa86d49ab1b71f73896d08ad13
Sha256: c86f7b62a894d5799f1aa0a535efb34ed6f914447f901f1da50c837dee13fa72
                                        
                                            GET /common/videojs/videojs.min-original-v2.css HTTP/1.1 
Host: m.2020mustang.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.2020mustang.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         69.16.175.10
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 26 Sep 2022 04:50:09 GMT
Connection: Keep-Alive
ETag: "1385146323"
Cache-Control: max-age=19953
Content-Length: 11451
Last-Modified: Fri, 22 Nov 2013 18:52:03 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1664167809.dop213.sk1.t,1664167809.cds204.sk1.shn,1664167809.cds204.sk1.c


--- Additional Info ---
Magic:  ASCII text, with very long lines (11336)
Size:   11451
Md5:    4b6813504d31e3b11655aafacf165db4
Sha1:   96517f0033bd59f277cd2eefa7d088ae6ff82dad
Sha256: 063b4a568733054fea7f238a10b384170ce29c136d3194feed44d8c8b451f55d
                                        
                                            GET /h5/files/video/3849-30453-300x250.medium.mp4 HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjI3ODQ4fQ
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.76.9.24
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
date: Mon, 26 Sep 2022 04:50:09 GMT
content-length: 431883
last-modified: Mon, 07 Feb 2022 07:42:29 GMT
etag: "6200cd65-6970b"
expires: Tue, 24 May 2022 11:04:49 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-accel-expires: @1664191812
server: CDN77-Turbo
x-77-nzt: AblMCRRd+Ur/vfMAAA
x-77-nzt-ray: FRgq1+yQrDA
x-cache: HIT
x-age: 62397
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-431882/431883
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   88160
Md5:    aec8ec9ce6348f71c047b2051c177c46
Sha1:   55abe88343ed5bf6b6fd654b96b51e28e8f60854
Sha256: dbd849de62b6f6e190a4e077706b931c7175c1e04a9a79160b8b6925d9db3720
                                        
                                            GET /common/fontawesome-430/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1 
Host: m.2020mustang.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://as.2020mustang.com
Connection: keep-alive
Referer: https://m.2020mustang.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         69.16.175.10
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Date: Mon, 26 Sep 2022 04:50:09 GMT
Connection: Keep-Alive
ETag: "1422564509"
Cache-Control: max-age=86400
Content-Length: 56780
Last-Modified: Thu, 29 Jan 2015 20:48:29 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1664167809.dop016.sk1.t,1664167809.cds226.sk1.shn,1664167809.cds226.sk1.c


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Size:   56780
Md5:    97493d3f11c0a3bd5cbd959f5d19b699
Sha1:   1075231650f579955905bb2f6527148a8e2b4b16
Sha256: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
                                        
                                            GET /gtm.js?id=GTM-KSFJ4V6 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.2020mustang.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 04:50:09 GMT
expires: Mon, 26 Sep 2022 04:50:09 GMT
cache-control: private, max-age=900
last-modified: Mon, 26 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 66281
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5825)
Size:   66281
Md5:    4c3e3c68cb820b76ba5b6aa09d97900e
Sha1:   2c1ad4d8737fb440fa00da3544024c33150e9fc8
Sha256: e14f9e32f75814a642ae0155f5605a39ba11f8384e317910e38b3855518cfbb4
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9E16EED5190631C5AD82524E5CE98110E810B0C45EDB8209AAC6CD4CAA86A332"
Last-Modified: Sun, 25 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6937
Expires: Mon, 26 Sep 2022 06:45:47 GMT
Date: Mon, 26 Sep 2022 04:50:10 GMT
Connection: keep-alive

                                        
                                            GET /d/?resource=bundler&nada=1&widgets=1499332:4,1499333:2,1243820:1,1499368:1&isct=1663374975&rfrr=datawav.club&iscs=NGZiZDgwZTc1ZWRiYTczOWM2NmRjODU2MWUyN2M5NjgyNDE0YWM2MGJkOGI2MTM3ODE5YmMwZTZkOWU5YmZhNHwwfDV8MTkyLjE4Ny4xMjcuNjZ8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg0LjAuNDE0Ny4xMDUgU2FmYXJpLzUzNy4zNnwyODgxODV8MTY2MzM3NDk3NXxpYlpHRjBZWGRoZGk1amJIVmk=&width=620&reqc=1&ver=b38246effccfb5a0.1663374975956&page=aHR0cHM6Ly9kYXRhd2F2LmNsdWIvbWV0aC13aG9yZS1kZWZsYXRlZC10aXRzLw== HTTP/1.1 
Host: d.pssy.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datawav.club
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         131.153.42.225
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
ETag: W/"787b-ahaKuX0PGhN6fZ8LWBEPQ+VkaCk"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://datawav.club
Content-Encoding: gzip


--- Additional Info ---
Magic:  data
Size:   21395
Md5:    e5c9e292f50f4604febfb67621f56822
Sha1:   2e694275a2145a5302d7d812cf56dab3c3fc6392
Sha256: ac6b732fe995bfe5bd7498030845695511b801951cb623f8a2cdde5d63508585

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "E8EB462591A81A5677DC8053A0ECB142253C038B3F87F5DB9FF0B4F31EA83D92"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13578
Expires: Mon, 26 Sep 2022 08:36:28 GMT
Date: Mon, 26 Sep 2022 04:50:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "E8EB462591A81A5677DC8053A0ECB142253C038B3F87F5DB9FF0B4F31EA83D92"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13578
Expires: Mon, 26 Sep 2022 08:36:28 GMT
Date: Mon, 26 Sep 2022 04:50:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "E8EB462591A81A5677DC8053A0ECB142253C038B3F87F5DB9FF0B4F31EA83D92"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13578
Expires: Mon, 26 Sep 2022 08:36:28 GMT
Date: Mon, 26 Sep 2022 04:50:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "E8EB462591A81A5677DC8053A0ECB142253C038B3F87F5DB9FF0B4F31EA83D92"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13578
Expires: Mon, 26 Sep 2022 08:36:28 GMT
Date: Mon, 26 Sep 2022 04:50:10 GMT
Connection: keep-alive

                                        
                                            GET /images/core/emoji/14.0.0/svg/1f514.svg HTTP/1.1 
Host: s.w.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.0.77.48
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Mon, 26 Sep 2022 04:50:10 GMT
content-length: 314
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (314), with no line terminators
Size:   314
Md5:    6201ff6add4821014e02cfc1bc82fc95
Sha1:   afd344621ef88b39f6e7013b7ce4765d67892315
Sha256: 5f70fb8150f0a1f184b40f86d012db040d229056b9b0d8c681f08987cb124e5f
                                        
                                            GET /prplugs/0/1144692/240x180.jpg HTTP/1.1 
Host: s.pssy.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.69.85
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 26 Sep 2022 04:50:10 GMT
content-length: 16750
last-modified: Tue, 27 Oct 2020 12:06:57 GMT
etag: "5f980d61-416e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2836
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bujNBIId4WXtprb%2BQ5QtIJkcQFq4AX7XXGctN8tUz2qcIm%2BC7HcqL7WoX%2BBkGAmCFXPQRwzOggaLBAucdllm1%2FZ2IIeRiaMRtEK2b8ZEpehvBytzWS337xGmxiyb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750960910bbdb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 240x180, components 3\012- data
Size:   16750
Md5:    75db6cabdd2ff4c7176e192fc09c51e7
Sha1:   6410b776a15b23b18118b34b1781d98c02941ff7
Sha256: 5e4ad9400ee9a9264b2540cd00c28a8eac4f0404f5bd35d4cfe69ecba73576e8

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /prplugs/0/1071737/240x180.jpg HTTP/1.1 
Host: s.pssy.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.69.85
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 26 Sep 2022 04:50:10 GMT
content-length: 16035
last-modified: Wed, 20 Dec 2017 14:57:52 GMT
etag: "5a3a7a70-3ea3"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3929
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAehroGH9zxlt9CHHlBlzW5R9DKyllOHLPFtoJ4jXmmIZW%2FIe62y%2FAT0VlAQUGSerZqmqC8UEau43Xf8%2BPOjrlwvXYrT46uHM2d5zKvkrW%2B%2FV2hCNJof%2FXEp%2FHRJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750960910bc5b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 240x180, components 3\012- data
Size:   16035
Md5:    fd2030561bf98533490017cc612a16d1
Sha1:   687527a973b9f101d2211ec6b9255bb7db10af79
Sha256: 9b697c33be54157c4643cbe9663ca1fa9e7b9d2db8cf2b5fcaf540d8002e6511

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /prplugs/0/1071735/240x180.jpg HTTP/1.1 
Host: s.pssy.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.69.85
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 26 Sep 2022 04:50:10 GMT
content-length: 17142
last-modified: Wed, 20 Dec 2017 14:57:51 GMT
etag: "5a3a7a6f-42f6"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6589
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1465WVfhVYhFBjrkJAtNx3MUtY4exxXPaTnkozn6Dy7mBrRp43csNgOp%2Fk8omCD4ZjWra6c60Zs9NcazDtsoViwXncTJeIT2AkkEO6ATgFEzwkPmr6ESlXWQdlA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750960910bc6b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 240x180, components 3\012- data
Size:   17142
Md5:    380cec60c3dc11cc07b0ee2d53a1e8bf
Sha1:   588b6da72ae73490f1c7e08abfdcc7553cac7692
Sha256: 1d5e8b50054407ded1384ddd32280a3162a461adcc8a6ecf0c769973f3d7d657

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /prplugs/0/1071738/240x180.jpg HTTP/1.1 
Host: s.pssy.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.69.85
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 26 Sep 2022 04:50:10 GMT
content-length: 13132
last-modified: Wed, 20 Dec 2017 14:57:53 GMT
etag: "5a3a7a71-334c"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 4391
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5YDFjvbmpD0y53Bs8dB0rLVmE11E7rynnQ9nrfOk8V0mPLpMGvIAHnyQZJnZthDpIBPrlg1MlkkwA65kXqHG5ZtilctQPMw690OlzhfBIJmKMRtACcvDBM%2FnQVc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750960910bc0b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 240x180, components 3\012- data
Size:   13132
Md5:    90f7add31dd5f68f70670c95ed362295
Sha1:   c61cd96b4fc176bcfd36049951b8e4778588bf49
Sha256: 10f008da2ebb67f056f18477d21ad5ba3ac353823a1ee840871b5b2b453ea98c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "E8EB462591A81A5677DC8053A0ECB142253C038B3F87F5DB9FF0B4F31EA83D92"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13578
Expires: Mon, 26 Sep 2022 08:36:28 GMT
Date: Mon, 26 Sep 2022 04:50:10 GMT
Connection: keep-alive

                                        
                                            GET /h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjI3ODQ4fQ HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trwl1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.76.9.24
HTTP/2 200 OK
content-type: text/html
                                        
date: Mon, 26 Sep 2022 04:50:09 GMT
last-modified: Wed, 20 Apr 2022 13:56:46 GMT
etag: W/"6260111e-c86"
expires: Sat, 22 Oct 2022 14:52:46 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1666450366
server: CDN77-Turbo
x-77-nzt: AblMCRSarCv/w7gEAA
x-77-nzt-ray: TPmJjPVD0W0
x-cache: HIT
x-age: 309443
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   2646
Md5:    4cf76a6b4e886c401b798f73d60cab8e
Sha1:   2357db75ef1bd12c1036834d33718e2858a3eb9c
Sha256: d431fde381b8c5ba6e0f19b09bb8eef1ca6cfe4f3e238ea5e47f38c37323d1e2
                                        
                                            GET /uomdacwoqbvxwxj.php?sw HTTP/1.1 
Host: datawav.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/meth-whore-deflated-tits/
Cookie: PHPSESSID=le93iafp5k1ege7v9fgkoj6j72; a=S2tnAKf9oXcXsCraHETEMINSTJ7wV4Kf; HstCfa3916601=1664167805667; HstCla3916601=1664167805667; HstCmu3916601=1664167805667; HstPn3916601=1; HstPt3916601=1; HstCnv3916601=1; HstCns3916601=1; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BAYAYzEvfwFjMS9_gAGBAsAAIGMuBT5hQW1VwxHy70PoEN2pr-wbeHL2UnCv0YMx_tf2wQBGMEQCIGwhg0ai2XNG-WUM--bLOFm04m_y2zP6ZykVlcei9XUIAiAF2vf1Zb7jMe2bqY4zn5ORNRgsaxD_50NmV0bix-Qm2A
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         173.208.199.194
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
FrontCache: HIT


--- Additional Info ---
Magic:  ASCII text, with very long lines (10335)
Size:   11059
Md5:    b8a2640800440013e2492a42cc98b6de
Sha1:   f909ac2b2f373b64f1d2cae78d4c281beb7122d0
Sha256: 2af67e0dd94997a82ba15645f61599c56882e17bc5d93ab00a76079a22712b99
                                        
                                            GET /t.php HTTP/1.1 
Host: d.pssy.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         131.153.42.225
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 26 Sep 2022 04:50:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: guid=3f4bfd5f-48c1-4278-863c-f99832568bf1; expires=Tue, 26-Sep-2023 04:50:10 GMT; Max-Age=31536000; path=/; domain=pssy.xyz; secure; SameSite=None
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  data
Size:   20
Md5:    7029066c27ac6f5ef18d660d5741979a
Sha1:   46c6643f07aa7f6bfe7118de926b86defc5087c4
Sha256: 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /config?url=https%3A%2F%2Fcreative.alxbgo.com%2Fwidgets%2Fv3.html%23namespace%3Dfemales%26cols%3D1%26rows%3D1%26margin%3D1%26refreshRate%3D60%26modelsLanguage%3Den%26hasPlayer%3Dtrue%26hasLive%3Dtrue%26campaignId%3Djuicy-728x90-t2%26userId%3D17f9365c62dae0392084d66eed45063ce6b41df9976c693e547fc771f6c551fd HTTP/1.1 
Host: go.alxbgo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.alxbgo.com/
Origin: https://creative.alxbgo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         172.64.145.216
HTTP/2 200 OK
content-type: application/json
                                        
date: Mon, 26 Sep 2022 04:50:08 GMT
access-control-allow-origin: *
last-modified: Mon, 26 Sep 2022 04:19:21 GMT
cf-cache-status: HIT
age: 55
vary: Accept-Encoding
server: cloudflare
cf-ray: 750960833f0bb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /h5/files/css/style.css HTTP/1.1 
Host: static.javhd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/15970/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F423f9e94-9b46-4079-9d75-78431d8d0480%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D21942%26cv4%3D195993%26cv5%3D593091%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0NTEsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjI3ODQ4fQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.76.9.24
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 26 Sep 2022 04:50:09 GMT
last-modified: Wed, 25 May 2016 08:29:12 GMT
etag: W/"57456258-7bd"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRSjABL/MMWlAA
x-77-nzt-ray: hZZfOC0+edc
x-cache: HIT
x-age: 10863920
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /CACHE/css/output.5c1e955e3832.css HTTP/1.1 
Host: static-assets.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.94.42
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 26 Sep 2022 04:50:08 GMT
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=63849
etag: W/"03c072147fa475d9bd57bcc9b73d3260"
last-modified: Thu, 22 Sep 2022 16:22:00 GMT
x-amz-id-2: src6WemkBrmxeGDZVP+4ipre01PPVsPb7jxfzfVQ0ssDy7l2IzQ439zT3Wf7YWS5u4ixFo+mPb4=
x-amz-meta-s3cmd-attrs: md5:03c072147fa475d9bd57bcc9b73d3260
x-amz-request-id: 12Q62S61BDK4RBY8
cf-cache-status: HIT
age: 303908
expires: Wed, 26 Oct 2022 04:50:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utIWk4p8tKvMEojFM%2FQ8bO%2FuRqJoNRoD%2Fg4R8X4KGlnCw6KC%2FgN%2FZj114oFZOnELy7fFPuBi9JskSFNRl%2F8ykhy9AYPa50a%2B7CBCKba2xGinAVqTW5zQOt7GKQ%2FjUAU%2BPp8QaUrOg1yYApG1gh%2BR9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=0b6eYqk7cjuQGYYF7t.YVWGFlP_ikk.Cx6d5BLPHlhQ-1664167808786-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75096084d8330b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /jp.php?c=446433y2r256r2x2t2f46384&u=https%3A%2F%2Ftorrsexvid.com%2Fgallery.php%23datawav HTTP/1.1 
Host: js.juicyads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datawav.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.92
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
cache-control: max-age=900
date: Mon, 26 Sep 2022 04:35:38 GMT
expires: Mon, 26 Sep 2022 04:50:38 GMT
pragma: cache
server: nginx
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: P5ZaxWGbHgDOsbRI451drPJkjXE1nT7BclCffNhyTQth8TSjQC04LA==
age: 867
X-Firefox-Spdy: h2


--- Additional Info ---