www.camwhoresbay.com/search/ari_lovexo%20asian/
185.94.236.17301 Moved Permanently 166 B URL HTTP/1.1 www.camwhoresbay.com/search/ari_lovexo%20asian/
IP 185.94.236.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /search/ari_lovexo%20asian/ HTTP/1.1
Host: www.camwhoresbay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: openresty
Date: Mon, 26 Sep 2022 13:08:49 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://www.camwhoresbay.com/search/ari_lovexo%20asian/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6316
Expires: Mon, 26 Sep 2022 14:54:05 GMT
Date: Mon, 26 Sep 2022 13:08:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 12:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G4v1PvOzGxQJevucyv2P6d5Lk6dmrvWDgRQr_jl2d1MGbjTNQn7EYA==
Age: 3211
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Vgv0yvQozLzxhcFjnSam2eBzKO60WTed8LL32SOTQgvUNDTch-o6yw==
age: 30814
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 13:08:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 40135a53e5cff20e324af316daf82a92
a65d16bb00b4fa2930d4c5e58f5c01da0a75e0de
16e7736783da9688c6c43995ab8f1d1f400882c0876fab6c904be6593bff1b8c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 13:08:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 01:14:24 GMT
Expires: Sun, 02 Oct 2022 01:14:23 GMT
Etag: "a65d16bb00b4fa2930d4c5e58f5c01da0a75e0de"
Cache-Control: max-age=474932,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750c3b0519f50b61-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 12:10:46 GMT
Expires: Mon, 26 Sep 2022 12:20:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: isb-DVAszFfN32LAPImqZu7yE0ywUSR2B7Hn7mXX65Sove49jeaSJA==
Age: 3484
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4305
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:08:50 GMT
Last-Modified: Mon, 26 Sep 2022 11:57:05 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
cwbstatic.cdntrex.com/nb/fl_nb.js
151.139.128.11200 OK 6.0 kB URL HTTP/2 cwbstatic.cdntrex.com/nb/fl_nb.js
IP 151.139.128.11:0
Hash 5a08733af0c00912909842708070cf69
69466df61ceeb42413eaf56b14787c130311b10b
b3ec0b455b2e8a862b46fbca16bf4519b2e5ee91b44d2337e7444759d2cdb0a1
GET /nb/fl_nb.js HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:50 GMT
content-encoding: gzip
content-length: 5974
content-type: application/javascript
last-modified: Fri, 05 Jul 2019 11:12:20 GMT
accept-ranges: bytes
server: openresty
etag: W/"5d1f3094-675b"
cache-control: max-age=315360000
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664197730.cds226.sk1.hn,1664197730.cds229.sk1.c
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/styles/all-responsive-metal.css?v=4.4
151.139.128.11200 OK 16 kB URL HTTP/2 cwbstatic.cdntrex.com/styles/all-responsive-metal.css?v=4.4
IP 151.139.128.11:0
Hash fab7a267248db701fa35bbf03635b994
681fe6489bf15012e3851a6bf644ad34c4ce4f69
ab9f02f23aa0496cb3ec1d947bd9d158166b0c0319b2d16991d36ca479da3a8f
GET /styles/all-responsive-metal.css?v=4.4 HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:50 GMT
content-encoding: gzip
content-length: 15691
content-type: text/css
last-modified: Mon, 18 May 2020 17:06:32 GMT
accept-ranges: bytes
server: openresty
etag: W/"5ec2c098-14d56"
cache-control: max-age=315360000
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664197730.cds226.sk1.hn,1664197730.cds022.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cwbstatic.cdntrex.com/js/main.min.new.js?v=6.9
151.139.128.11200 OK 69 kB URL HTTP/2 cwbstatic.cdntrex.com/js/main.min.new.js?v=6.9
IP 151.139.128.11:0
File type ASCII text, with very long lines (32089)
Hash ee5e314b3e686b0a6ff60b872849929a
1c4e4e0e0074be31d16d9b1cba51398d4e671705
968264a118eb0eb2ece3d4dab9be9c64ae4d6ad49fad5073508a85e05b78c216
GET /js/main.min.new.js?v=6.9 HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:50 GMT
content-encoding: gzip
content-length: 68826
content-type: application/javascript
last-modified: Tue, 14 Sep 2021 07:26:52 GMT
accept-ranges: bytes
server: openresty
etag: W/"61404ebc-32f9c"
cache-control: max-age=315360000
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664197730.cds226.sk1.hn,1664197730.cds250.sk1.c
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/js/slider.js?v=6.8
151.139.128.11200 OK 14 kB URL HTTP/2 cwbstatic.cdntrex.com/js/slider.js?v=6.8
IP 151.139.128.11:0
File type ASCII text, with very long lines (32040)
Hash 7a9af738dfd2a64dbd0f98a99072991d
58682e77a24f1fa2cb432ea7b85bbdcd20a3a544
a6611bcf8e8f791fd958316582c558195e2284b41a010c515193395362f4baaf
GET /js/slider.js?v=6.8 HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:50 GMT
content-encoding: gzip
content-length: 13820
content-type: application/javascript
last-modified: Wed, 20 Dec 2017 13:34:33 GMT
accept-ranges: bytes
server: openresty
etag: W/"5a3a66e9-bbb6"
cache-control: max-age=315360000
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664197730.cds226.sk1.hn,1664197730.cds244.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bc7883d0a03d9c3559288a600fecc70a
b0e538996510ec8c861264cba4bf79fa73f6f7d6
c3bdc9bb12c7c951ca2d861c95156de2c724acc82386e882864c464132e07ac3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cwbstatic.cdntrex.com/images/porntrex.ico
151.139.128.11200 OK 1.2 kB URL HTTP/2 cwbstatic.cdntrex.com/images/porntrex.ico
IP 151.139.128.11:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash f252364f59248fa541ea3f15f25131b2
2596343095dbc2d7e95849dadb2e3abe7a8c63e7
03ec4c375628dfad9359197755e2d0a45f610a256b2150437dfbe089ce8d8bf9
GET /images/porntrex.ico HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:50 GMT
content-length: 1150
content-type: image/x-icon
last-modified: Sun, 02 Jul 2017 13:13:48 GMT
accept-ranges: bytes
server: openresty
etag: "5958f18c-47e"
cache-control: max-age=315360000
access-control-allow-origin: *
x-hw: 1664197730.cds226.sk1.hn,1664197730.cds243.sk1.c
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
216.58.211.10200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 18:17:49 GMT
expires: Mon, 25 Sep 2023 18:17:49 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 67861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/images/javbangers.ico
151.139.128.11200 OK 850 B URL HTTP/2 cwbstatic.cdntrex.com/images/javbangers.ico
IP 151.139.128.11:0
File type PNG image data, 49 x 49, 8-bit/color RGBA, non-interlaced\012- data
Hash e6bf88bee6f01ccb4f616dc0b7e59028
bcba814e166ff6402d84d08e14917bcde0e77571
f5661cab3bafa42509e8f2e02c4800d1fbb9b323c489cdc710ab3ee1137a1256
GET /images/javbangers.ico HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:50 GMT
content-length: 850
content-type: image/x-icon
last-modified: Mon, 16 Dec 2019 16:11:37 GMT
accept-ranges: bytes
server: openresty
etag: "5df7acb9-352"
cache-control: max-age=315360000
access-control-allow-origin: *
x-hw: 1664197730.cds226.sk1.hn,1664197730.cds203.sk1.c
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/images/cwb.ico
151.139.128.11200 OK 1.2 kB URL HTTP/2 cwbstatic.cdntrex.com/images/cwb.ico
IP 151.139.128.11:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash a4a5077c4d83b053260e0905fcb7aae2
7e02508b37f26a461fdec3843ca8f95a63cc6937
537e78710a1d88f979fb02307ede819c85a4065452b93fe2e7fd3f7d454d8bcf
GET /images/cwb.ico HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:50 GMT
content-length: 1150
content-type: image/x-icon
last-modified: Mon, 20 Aug 2018 15:03:00 GMT
accept-ranges: bytes
server: openresty
etag: "5b7ad824-47e"
cache-control: max-age=315360000
access-control-allow-origin: *
x-hw: 1664197730.cds226.sk1.hn,1664197730.cds253.sk1.c
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/js/bootstrap.js
151.139.128.11200 OK 15 kB URL HTTP/2 cwbstatic.cdntrex.com/js/bootstrap.js
IP 151.139.128.11:0
Hash 3a6497de6c261207ab440e9ffd0e9b68
b12baa10a6aea320f1abc4dc01c1476fce37bd77
6934270e987408bc018e7e517ff4888e351c3ac0d9f611cfb8c2ab74b2fbbfed
GET /js/bootstrap.js HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:50 GMT
content-encoding: gzip
content-length: 14720
content-type: application/javascript
last-modified: Mon, 03 Apr 2017 17:27:43 GMT
accept-ranges: bytes
server: openresty
etag: W/"58e2860f-1104b"
cache-control: max-age=315360000
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664197730.cds226.sk1.hn,1664197730.cds250.sk1.c
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/styles/font-awesome.min.css
151.139.128.11200 OK 7.1 kB URL HTTP/2 cwbstatic.cdntrex.com/styles/font-awesome.min.css
IP 151.139.128.11:0
File type ASCII text, with very long lines (30837)
Hash f529ce613d8baf3f3cccfd46f03a084d
84ef851e9885ccc24911e5c03f1cc0d094959cd3
ad0cc939bf160d744317828d29614b37cde0ba0ef08365d8f8b919fe89df3caf
GET /styles/font-awesome.min.css HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:50 GMT
content-encoding: gzip
content-length: 7102
content-type: text/css
last-modified: Mon, 03 Apr 2017 17:28:10 GMT
accept-ranges: bytes
server: openresty
etag: W/"58e2862a-7918"
cache-control: max-age=315360000
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664197730.cds226.sk1.hn,1664197730.cds253.sk1.c
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/styles/jquery.fancybox-metal.css?v=4.2
151.139.128.11200 OK 1.5 kB URL HTTP/2 cwbstatic.cdntrex.com/styles/jquery.fancybox-metal.css?v=4.2
IP 151.139.128.11:0
Hash a03729fce59787b957d03c6bfcd6b202
687f36c8b888055746e2a4d4d9df4591d5107fad
8a7d1820fcace7f196e2f83c1e8705a0afa73e9427ba55e85700779d2304ae75
GET /styles/jquery.fancybox-metal.css?v=4.2 HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:50 GMT
content-encoding: gzip
content-length: 1450
content-type: text/css
last-modified: Tue, 14 Aug 2018 15:11:58 GMT
accept-ranges: bytes
server: openresty
etag: W/"5b72f13e-135e"
cache-control: max-age=315360000
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664197730.cds226.sk1.hn,1664197730.cds020.sk1.c
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/styles/javwhores.css?v=5.67
151.139.128.11200 OK 10 kB URL HTTP/2 cwbstatic.cdntrex.com/styles/javwhores.css?v=5.67
IP 151.139.128.11:0
File type ASCII text, with very long lines (2366)
Hash 437fd7b8879f8cdb92725c5641443463
a2c9e0c41c3fa21e962babfe493bb0a2ff796fda
5262f574ec5e512027ceefe5e8efc8b2522a5e191e9f1e330324e01c95aa8a7f
GET /styles/javwhores.css?v=5.67 HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:50 GMT
content-encoding: gzip
content-length: 10028
content-type: text/css
last-modified: Tue, 21 Aug 2018 11:47:36 GMT
accept-ranges: bytes
server: openresty
etag: W/"5b7bfbd8-b240"
cache-control: max-age=315360000
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664197730.cds226.sk1.hn,1664197730.cds217.sk1.c
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/styles/bootstrap.css
151.139.128.11200 OK 22 kB URL HTTP/2 cwbstatic.cdntrex.com/styles/bootstrap.css
IP 151.139.128.11:0
File type ASCII text, with very long lines (540)
Hash 3cdb26c3f3ee62eb4068d05a6c9df745
7d55ae0f6e98bfb79b1590d6fd7fd3f3bfd596c9
1cf4803fe419b365bcd19d3ba3178f33a595fd9d73ad459101f6d43b416f5cc1
GET /styles/bootstrap.css HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:50 GMT
content-encoding: gzip
content-length: 21603
content-type: text/css
last-modified: Tue, 21 Aug 2018 10:58:40 GMT
accept-ranges: bytes
server: openresty
etag: W/"5b7bf060-2366b"
cache-control: max-age=315360000
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664197730.cds226.sk1.hn,1664197730.cds225.sk1.c
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?onload=recaptchaOnLoad&render=explicit
142.250.74.164200 OK 576 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=recaptchaOnLoad&render=explicit
IP 142.250.74.164:0
File type ASCII text, with very long lines (910), with no line terminators
Hash 37f63b0211ff3be39365f0e6e656ec10
82577218215aafe6c7720eef7e6e152105190ec6
22bd4752fbfaf098fe099603714af0bc46066dd47d405a0da1ed6449be2b9bdb
GET /recaptcha/api.js?onload=recaptchaOnLoad&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 26 Sep 2022 13:08:50 GMT
date: Mon, 26 Sep 2022 13:08:50 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 576
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 280a157fc054d417f6b4125c6aa7e857
bca4a10d5a83d4ad41b67de4185eeb96824b8dbf
99b2772f0cec473d3b3232a161adecab5fc321cf3e3d31f2dec541c3f35400e1
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 13:08:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 08:56:02 GMT
Expires: Mon, 03 Oct 2022 08:56:01 GMT
Etag: "bca4a10d5a83d4ad41b67de4185eeb96824b8dbf"
Cache-Control: max-age=603580,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1024
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750c3b09fabbb523-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4474bfba80fa3257384d1c908e1353bf
9a2869a3888743d575e6f87d2a7479d5d97fa123
63378e949c0ea9564e7660ea0522ce7a59727a0a5232b81b77f8525899f67a2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.149.101.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.101.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TU3sO+viiA9LSo9QsLsftA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OrgngDK9gyus5nSjMfC+sNIXJnc=
cwbstatic.cdntrex.com/images/ico-sort.png
151.139.128.11200 OK 279 B URL HTTP/2 cwbstatic.cdntrex.com/images/ico-sort.png
IP 151.139.128.11:0
File type PNG image data, 14 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash a2601980592f46dc1af53e52e6e37453
d61a735042896e03a7c8afd58d2989415d9134ec
cf4f0e3603aafa4d803f275ce58472db4f0aaaa951adff95bf6b30cc63f7508d
GET /images/ico-sort.png HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cwbstatic.cdntrex.com/styles/all-responsive-metal.css?v=4.4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:51 GMT
content-length: 279
content-type: image/png
last-modified: Tue, 14 Aug 2018 12:41:14 GMT
accept-ranges: bytes
server: openresty
etag: "5b72cdea-117"
cache-control: max-age=315360000
access-control-allow-origin: *
x-hw: 1664197731.cds226.sk1.hn,1664197731.cds203.sk1.c
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/images/hd_ico.png
151.139.128.11200 OK 614 B URL HTTP/2 cwbstatic.cdntrex.com/images/hd_ico.png
IP 151.139.128.11:0
File type PNG image data, 60 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 49201cbf8e5555ba5acf16487c3d0032
1f07b575aac6fbb5cbd120957b5fa5b787583eaf
04043653dddf0af24ee29bb892718259a977175e19ba28e38f8f0d90fd0be97f
GET /images/hd_ico.png HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cwbstatic.cdntrex.com/styles/javwhores.css?v=5.67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:51 GMT
content-length: 614
content-type: image/png
last-modified: Tue, 14 Aug 2018 12:44:54 GMT
accept-ranges: bytes
server: openresty
etag: "5b72cec6-266"
cache-control: max-age=315360000
access-control-allow-origin: *
x-hw: 1664197731.cds226.sk1.hn,1664197731.cds209.sk1.c
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/images/ico-rating-positive.png
151.139.128.11200 OK 544 B URL HTTP/2 cwbstatic.cdntrex.com/images/ico-rating-positive.png
IP 151.139.128.11:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 279b171f3fa91dec541e5877ebdc1fa1
ce04f68891e91675dcd3a3eb0d6e9cefeb01eaf4
5add880925d8328b00259575f3f2ebb2a9eb0165fd977170e8c188b1c569dd20
GET /images/ico-rating-positive.png HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cwbstatic.cdntrex.com/styles/all-responsive-metal.css?v=4.4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:51 GMT
content-length: 544
content-type: image/png
last-modified: Mon, 03 Apr 2017 17:27:38 GMT
accept-ranges: bytes
server: openresty
etag: "58e2860a-220"
cache-control: max-age=315360000
access-control-allow-origin: *
x-hw: 1664197731.cds226.sk1.hn,1664197731.cds244.sk1.c
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/fonts/SF-Pro-Text-Regular.otf
151.139.128.11200 OK 310 kB URL HTTP/2 cwbstatic.cdntrex.com/fonts/SF-Pro-Text-Regular.otf
IP 151.139.128.11:0
File type OpenType font data\012- data
Size 310 kB (310148 bytes)
Hash 404e4373cba1344d28a4a257152ac8b8
85b4043974a2a3be5afbcc9ea2becab072d2cd8f
86189a6307187a6943add3596432f72a7cb914fa1c77697736292f5e4d8ea6d8
GET /fonts/SF-Pro-Text-Regular.otf HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.camwhoresbay.com
Connection: keep-alive
Referer: https://cwbstatic.cdntrex.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:51 GMT
content-length: 310148
content-type: application/octet-stream
last-modified: Tue, 14 Aug 2018 13:23:41 GMT
accept-ranges: bytes
server: openresty
etag: "5b72d7dd-4bb84"
cache-control: max-age=315360000
access-control-allow-origin: *
x-hw: 1664197731.cds226.sk1.hn,1664197731.cds229.sk1.c
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/fonts/fontawesome-webfont.woff2?v=4.7.0
151.139.128.11200 OK 77 kB URL HTTP/2 cwbstatic.cdntrex.com/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 151.139.128.11:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.camwhoresbay.com
Connection: keep-alive
Referer: https://cwbstatic.cdntrex.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:51 GMT
content-length: 77160
content-type: font/woff2
last-modified: Mon, 03 Apr 2017 17:27:22 GMT
accept-ranges: bytes
server: openresty
etag: "58e285fa-12d68"
cache-control: max-age=315360000
access-control-allow-origin: *
x-hw: 1664197731.cds226.sk1.hn,1664197731.cds065.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d15b31c55029fdd75760c206ef634672
524b31f01e8e1972467561c1a5f7a9f5d2cffb0c
422fefcf0874b85e6dd600221fa4ea44b98bf6920b5b17f5906922649b65d4b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422FEFCF0874B85E6DD600221FA4EA44B98BF6920B5B17F5906922649B65D4B3"
Last-Modified: Mon, 26 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1121
Expires: Mon, 26 Sep 2022 13:27:32 GMT
Date: Mon, 26 Sep 2022 13:08:51 GMT
Connection: keep-alive
nightfallroad.com/3e/e7/8a/3ee78ab96b0f14ba064a6156ade226e2.js
192.243.59.13200 OK 13 kB URL HTTP/1.1 nightfallroad.com/3e/e7/8a/3ee78ab96b0f14ba064a6156ade226e2.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37159), with no line terminators
Hash 20fd236bf56d54050286bb354bdfe308
eaffe92942699c925e8d4a22b9e7b9b95d75f709
9224a0a35bc0d428b1dbd5d693438e7c09063b39dcde5f32a204edcd2d7b507e
GET /3e/e7/8a/3ee78ab96b0f14ba064a6156ade226e2.js HTTP/1.1
Host: nightfallroad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 26 Sep 2022 13:08:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 00edebaa1af2b255f4220d728ab7e5ff
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d4b6754623c703f8f659ab34993db691
afe4c2d19ed5b935cee021d22ffcc087cb28bc5a
ab870c0885ad500c1311869458cff15e32783b8f83d0e441fea398ae60431cae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4389
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:08:51 GMT
Last-Modified: Mon, 26 Sep 2022 11:55:42 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 287d2412da1baf3c6215a6fcd00c7093
11d609821fa875407c9a943ff30875aa44459adb
accdc26685c3a61244f0fdc3b054c1cf26093c167e7a2e633f35f258dd7a2e45
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 13:08:51 GMT
Last-Modified: Mon, 26 Sep 2022 12:19:02 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TnM8nC_ii-DllGt5Lf0thkHJ_ONU5OZuk6S_MVGq-db6m04jPKNlOQ==
Age: 2989
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash f08ec931d27b2bc4b16320407ab6ecc1
972442273a05c06cb5ced8a5f9bede25f892e303
b1955392aa21a007fe7e45526514e1edeb06b4832f168c18df08e3309553d9dc
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.camwhoresbay.com
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.camwhoresbay.com
access-control-allow-credentials: true
set-cookie: uid_id2=86361d27-d598-4f76-b572-c792084a3e4c:2:1; expires=Thu, 23 Sep 2032 13:08:51 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d4b6754623c703f8f659ab34993db691
afe4c2d19ed5b935cee021d22ffcc087cb28bc5a
ab870c0885ad500c1311869458cff15e32783b8f83d0e441fea398ae60431cae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4389
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:08:51 GMT
Last-Modified: Mon, 26 Sep 2022 11:55:42 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
ocsp.usertrust.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 50077751c9bbeb87fa5ae505513a9c56
2fa3fd911e3f2bdb1160598ddd71246086f5c11c
c017147abbc3c90dd86af83abe75686bb124b2f094057a9627e9cdb9544474e1
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 13:08:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 12:03:26 GMT
Expires: Mon, 03 Oct 2022 12:03:25 GMT
Etag: "2fa3fd911e3f2bdb1160598ddd71246086f5c11c"
Cache-Control: max-age=602776,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750c3b0ffa80b523-OSL
www.camwhoresbay.com/favicon.ico
185.94.236.17200 OK 1.2 kB URL HTTP/2 www.camwhoresbay.com/favicon.ico
IP 185.94.236.17:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash a4a5077c4d83b053260e0905fcb7aae2
7e02508b37f26a461fdec3843ca8f95a63cc6937
537e78710a1d88f979fb02307ede819c85a4065452b93fe2e7fd3f7d454d8bcf
GET /favicon.ico HTTP/1.1
Host: www.camwhoresbay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/search/ari_lovexo%20asian/
Cookie: PHPSESSID=e824146310c567774e2f3cb3d17af3d3; kt_qparams=q%3Dari_lovexo%2520asian; kt_ips=91.90.42.154; kt_tcookie=1; kt_is_visited=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=86361d27-d598-4f76-b572-c792084a3e4c%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 13:08:51 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Mon, 20 Aug 2018 15:03:00 GMT
etag: "5b7ad824-47e"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 80333dbc38df34f4548705a38352036c
a174a7de6b47f0bb6eea868a3a59776e60b9c5b9
56d162e1c01babc061fa42516fb62e90fff63a2c8bf2a7e87bab2b57eeed2e77
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56D162E1C01BABC061FA42516FB62E90FFF63A2C8BF2A7E87BAB2B57EEED2E77"
Last-Modified: Sat, 24 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4054
Expires: Mon, 26 Sep 2022 14:16:25 GMT
Date: Mon, 26 Sep 2022 13:08:51 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:08:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cwbstatic.cdntrex.com/js/custom.js
151.139.128.11200 OK 472 B URL HTTP/2 cwbstatic.cdntrex.com/js/custom.js
IP 151.139.128.11:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
GET /js/custom.js HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:50 GMT
content-encoding: gzip
content-length: 320
content-type: application/javascript
last-modified: Tue, 27 Mar 2018 12:18:13 GMT
accept-ranges: bytes
server: openresty
etag: "5aba3685-2c3"
cache-control: max-age=315360000
access-control-allow-origin: *
x-hw: 1664197730.cds226.sk1.hn,1664197730.cds215.sk1.c
X-Firefox-Spdy: h2
ssl.google-analytics.com/ga.js
216.58.207.200200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 216.58.207.200:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Mon, 26 Sep 2022 12:17:11 GMT
expires: Mon, 26 Sep 2022 14:17:11 GMT
cache-control: public, max-age=7200
age: 3101
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (826)
Size 158 kB (158248 bytes)
Hash db1b5789e9915e9c82f5df92e5982980
2e193e502995501c85f45fd89d9f83707a7f9573
db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.camwhoresbay.com
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 52977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.bngvs.com/video_slider/amg63/wl/en.webm
64.210.135.150206 Partial Content 3.3 MB URL HTTP/2 i.bngvs.com/video_slider/amg63/wl/en.webm
IP 64.210.135.150:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 3.3 MB (3337416 bytes)
Hash 93405dea43c9c4d006a56de173d18c4b
1618f7b45522269ae94d7abbc847f1b6fcd32fa6
d22c983de5ee950846fc7928715d1182a393311d672a3d973f742156a8ffb594
GET /video_slider/amg63/wl/en.webm HTTP/1.1
Host: i.bngvs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Mon, 26 Sep 2022 13:08:51 GMT
content-type: video/webm
content-length: 3337416
last-modified: Wed, 17 Nov 2021 07:37:12 GMT
expires: Fri, 17 Jun 2022 18:32:31 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-range: bytes 0-3337415/3337416
x-cdn-diag: ams5-7737-4-45975-h-0-0---;7736-23-19103----0-0-1
X-Firefox-Spdy: h2
plainmarshyaltered.com/4d/61/72/4d6172bdb90852625b1e4829141ad0df.js
173.233.139.164200 OK 29 kB URL HTTP/1.1 plainmarshyaltered.com/4d/61/72/4d6172bdb90852625b1e4829141ad0df.js
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash cf55ef8d98b9c95862746677190ea118
bb5b246a6618d68ceabff22fd0ac803838ce54d2
1d74a43fa1c2fef23e78e659e96f8871b84ac126f29c9d26f3d089e5a1f6b8df
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /4d/61/72/4d6172bdb90852625b1e4829141ad0df.js HTTP/1.1
Host: plainmarshyaltered.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 13:08:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3112978955de2a6bdffeba2a66054ca5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:08:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 13:08:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18064
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 13:08:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18064
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 13:08:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18064
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 13:08:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18064
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 13:08:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18064
Expires: Mon, 26 Sep 2022 18:09:56 GMT
Date: Mon, 26 Sep 2022 13:08:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:35 GMT
age: 55877
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HCJ483GPdpPhC7oYm1GrA02BqqST9sfqfCBSA93rZqaQYl-jezgP5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:20:40 GMT
age: 53292
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a7e9af9-ebe4-49ea-9af4-d118f2ef0b43.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a7e9af9-ebe4-49ea-9af4-d118f2ef0b43.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 431ff1171a3d7c60a31cc1c3f62164ee
4b32113aaf50132b38c8034017a6eb5a32d7040b
65d598db252fb3979d3df3cb8d052861bb31d6187552f9c694ec27a322b308c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a7e9af9-ebe4-49ea-9af4-d118f2ef0b43.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8851
x-amzn-requestid: dbe6ba4c-3d38-48e8-9d08-088d8e26e7a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUDAE23oAMF_yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd46-4f3b85952fa3109d2921d0e1;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wbbfzE5nQkhK_nsXX8XGJbOl3Yf6NDA1r_AC-0dOzqJDkLQ2BLxK9A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 23:15:06 GMT
age: 50026
etag: "4b32113aaf50132b38c8034017a6eb5a32d7040b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 53916
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H4KXhBaRw3SvzBrbl30mV6R_vJ8bXBkyicb8fQiTp6YSBHjE8iFkNQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:49:56 GMT
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
age: 51536
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bfaf0f-e716-4cf7-9785-ffcd146aed68.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bfaf0f-e716-4cf7-9785-ffcd146aed68.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75a459d4f554d38a1701e727185c7e91
042d4b6927f80c5a44bb7baf77b763577c19ed36
c01b0d3a28ed31ec9432d879310cffa313260f97044f1ed473aa0331bdba5607
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bfaf0f-e716-4cf7-9785-ffcd146aed68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7648
x-amzn-requestid: 359116cc-4e08-4c57-8aba-0aa7bd232c98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSKWG2BIAMFlHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca42-2130239f2dab781c0f49f0e4;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sGZMSLXPUq8Ssxe_SFGePrvvnUGePGb7ZQn3RYH20EKwN2vzpA1RjQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:48:52 GMT
age: 55200
etag: "042d4b6927f80c5a44bb7baf77b763577c19ed36"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a077e10eaeb9460d25305c5a6f88b2c
997db28a300de40d2e836894fa2700a24634ad52
972f108ffcc2dcbe86234194232d2b540b7c1005035e6ebf52f50ee59ba1ed04
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "972F108FFCC2DCBE86234194232D2B540B7C1005035E6EBF52F50EE59BA1ED04"
Last-Modified: Mon, 26 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5278
Expires: Mon, 26 Sep 2022 14:36:50 GMT
Date: Mon, 26 Sep 2022 13:08:52 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a077e10eaeb9460d25305c5a6f88b2c
997db28a300de40d2e836894fa2700a24634ad52
972f108ffcc2dcbe86234194232d2b540b7c1005035e6ebf52f50ee59ba1ed04
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "972F108FFCC2DCBE86234194232D2B540B7C1005035E6EBF52F50EE59BA1ED04"
Last-Modified: Mon, 26 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5278
Expires: Mon, 26 Sep 2022 14:36:50 GMT
Date: Mon, 26 Sep 2022 13:08:52 GMT
Connection: keep-alive
plainmarshyaltered.com/sbar.json?key=3ee78ab96b0f14ba064a6156ade226e2&uuid=86361d27-d598-4f76-b572-c792084a3e4c%3A2%3A1
173.233.139.164200 OK 4.3 kB URL HTTP/1.1 plainmarshyaltered.com/sbar.json?key=3ee78ab96b0f14ba064a6156ade226e2&uuid=86361d27-d598-4f76-b572-c792084a3e4c%3A2%3A1
IP 173.233.139.164:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6243), with no line terminators
Hash 88e48322c6a32f841f13ea28c0d7b6f2
a9782353e66442cd8c70c96bfc9b1686fc77780a
e7f8598bc9aa6c9fd181ceb8b9b756464a8f90337f23540c33b49bb42e3121df
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=3ee78ab96b0f14ba064a6156ade226e2&uuid=86361d27-d598-4f76-b572-c792084a3e4c%3A2%3A1 HTTP/1.1
Host: plainmarshyaltered.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.camwhoresbay.com
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 13:08:52 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.camwhoresbay.com
Access-Control-Allow-Origin: https://www.camwhoresbay.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16379166; expires=Tue, 27 Sep 2022 13:08:52 GMT; secure; SameSite=None
uid_id2=86361d27-d598-4f76-b572-c792084a3e4c:2:1; expires=Mon, 03 Oct 2022 13:08:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 27 Sep 2022 13:08:52 GMT; secure; SameSite=None
uncs=1; expires=Tue, 27 Sep 2022 13:08:52 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 27 Sep 2022 13:08:52 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 27 Sep 2022 13:08:52 GMT; secure; SameSite=None
slec3ee78ab96b0f14ba064a6156ade226e2=[3551995]; expires=Mon, 26 Sep 2022 13:08:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 26c407848bf7ed1cacb72d7e795d34cf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dd0c641962f209f265ab10f7fc9fa10d
81bb99e27226cbbdae3f0968e0c410d260c23fbd
0a2e757c138563bcdd8c7763535bbd73b20befea1a62661575fe32bbf5a5d782
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A2E757C138563BCDD8C7763535BBD73B20BEFEA1A62661575FE32BBF5A5D782"
Last-Modified: Sat, 24 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3878
Expires: Mon, 26 Sep 2022 14:13:30 GMT
Date: Mon, 26 Sep 2022 13:08:52 GMT
Connection: keep-alive
plainmarshyaltered.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgcVRh%2B0%2BYiXmzpRdCyBw8KZjMzuzuzaw%2FBGFOCsSmtorfy5r23m9e8mTe8N7OzWRGCBenBw%2BpF8DT5NmlQS6hnseimIDQgZL2Yg4HevIiHQqF4kd0Go%2F%2Fl%2F977vgff%2B%2F7%2F0638mLjI6dHiu7ovlaJzjapbefVDz7tUWZFJ3qv0msGNoH6pYrpvtIKq%2B1rlsmDres53Pdf1XK%2ByJI1o697chIRM77a8asut1v2q16ijZ%2F5%2FtrkDSx3w7jE5D8nHMw%2BcC5BshCS%2BtyjseqbT19%2BOc0UzbdDlu%2B8n64kuEsSnsG0ctJPdEzW0PVy6D53sTO1Cd%2F8VRnJMnJ%2FvI0p2T0wi6m5PfUYKIkHEn0fRHUGoESQdgelbkPyQAIzjyiqS%2BM4VbQq68YylE3ZMZp48hizGZOb3C0jivQUle5XrWuWZ1IlFr11C9kaQnRHSfB9Z%2FwxksQ%2BWfQLJfyFzT1aQxNurVmlIfvRKM6gFHvfDWd5oNWfr7TCYjRqhP8vClu8267Qm6mwakJQjyPYISgxA7Rnk1kEuHeRtB3nqIOZHFeZ5XuhyRt1mi7EaD0UUcNejYdujnhs0kbPJHwbI0gGYGoCZTaRmE%2Bvyi8PG%2BTEhf5yDyX%2BEXSthuQObEXR5iUIQFJagoASFJCgygqJb7nBlfVve4crmkXfS%2FZNeK4c662zRHZ11REK20mNybhrg0z8vYl0cVWpChE0atYLIbXv1iLpBnQZeI6Bc%2BH4gfFhZQtozoNZBfzLML58ilWNCvvoJEd2HVftg8gXQ%2FGXQYhj6LujasN500U%2FuMRoXa9oIG9GNKtMxuC6RZjPINpwtdUxenHoJ%2FL8h2MH8w0eX9y70H4GZEqkpcVM%2BIOio28NruiDb13RhyXeraSZj2aeTQV%2FPaCbOfvOO2Ci04cuLdvD1m2xCTODd94TNVmjCZdKx5NsFybkwS9owQX5Yth%2BI6Gpu1xZyk%2BTpytW3lpbj1AhrpU5GoPLQfgYmx%2BQ5qqcb%2FNLN7yHNCCYvEecH5KQg9T5Yugmbnrq3%2BiyMOtVEqYMiL4fGj04vlRwT%2F%2FFDKHEwv3ej89fHH%2F0GGpWw4j8PT%2FGWvY2OuQia3UISl%2BiaEl1VgqoBbH52mKXmYP7X2rQQKWcYKeNsR8qoz5%2FFa%2BVRJazVXBq0Gl4YUhFGdb%2FZDjxOqV8P%2FCCgNWR2zLxt%2Fg8AAAD%2F%2FwEAAP%2F%2FbU6j5JAEAAA%3D
173.233.139.164200 OK 7 B URL HTTP/1.1 plainmarshyaltered.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgcVRh%2B0%2BYiXmzpRdCyBw8KZjMzuzuzaw%2FBGFOCsSmtorfy5r23m9e8mTe8N7OzWRGCBenBw%2BpF8DT5NmlQS6hnseimIDQgZL2Yg4HevIiHQqF4kd0Go%2F%2Fl%2F977vgff%2B%2F7%2F0638mLjI6dHiu7ovlaJzjapbefVDz7tUWZFJ3qv0msGNoH6pYrpvtIKq%2B1rlsmDres53Pdf1XK%2ByJI1o697chIRM77a8asut1v2q16ijZ%2F5%2FtrkDSx3w7jE5D8nHMw%2BcC5BshCS%2BtyjseqbT19%2BOc0UzbdDlu%2B8n64kuEsSnsG0ctJPdEzW0PVy6D53sTO1Cd%2F8VRnJMnJ%2FvI0p2T0wi6m5PfUYKIkHEn0fRHUGoESQdgelbkPyQAIzjyiqS%2BM4VbQq68YylE3ZMZp48hizGZOb3C0jivQUle5XrWuWZ1IlFr11C9kaQnRHSfB9Z%2FwxksQ%2BWfQLJfyFzT1aQxNurVmlIfvRKM6gFHvfDWd5oNWfr7TCYjRqhP8vClu8267Qm6mwakJQjyPYISgxA7Rnk1kEuHeRtB3nqIOZHFeZ5XuhyRt1mi7EaD0UUcNejYdujnhs0kbPJHwbI0gGYGoCZTaRmE%2Bvyi8PG%2BTEhf5yDyX%2BEXSthuQObEXR5iUIQFJagoASFJCgygqJb7nBlfVve4crmkXfS%2FZNeK4c662zRHZ11REK20mNybhrg0z8vYl0cVWpChE0atYLIbXv1iLpBnQZeI6Bc%2BH4gfFhZQtozoNZBfzLML58ilWNCvvoJEd2HVftg8gXQ%2FGXQYhj6LujasN500U%2FuMRoXa9oIG9GNKtMxuC6RZjPINpwtdUxenHoJ%2FL8h2MH8w0eX9y70H4GZEqkpcVM%2BIOio28NruiDb13RhyXeraSZj2aeTQV%2FPaCbOfvOO2Ci04cuLdvD1m2xCTODd94TNVmjCZdKx5NsFybkwS9owQX5Yth%2BI6Gpu1xZyk%2BTpytW3lpbj1AhrpU5GoPLQfgYmx%2BQ5qqcb%2FNLN7yHNCCYvEecH5KQg9T5Yugmbnrq3%2BiyMOtVEqYMiL4fGj04vlRwT%2F%2FFDKHEwv3ej89fHH%2F0GGpWw4j8PT%2FGWvY2OuQia3UISl%2BiaEl1VgqoBbH52mKXmYP7X2rQQKWcYKeNsR8qoz5%2FFa%2BVRJazVXBq0Gl4YUhFGdb%2FZDjxOqV8P%2FCCgNWR2zLxt%2Fg8AAAD%2F%2FwEAAP%2F%2FbU6j5JAEAAA%3D
IP 173.233.139.164:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgcVRh%2B0%2BYiXmzpRdCyBw8KZjMzuzuzaw%2FBGFOCsSmtorfy5r23m9e8mTe8N7OzWRGCBenBw%2BpF8DT5NmlQS6hnseimIDQgZL2Yg4HevIiHQqF4kd0Go%2F%2Fl%2F977vgff%2B%2F7%2F0638mLjI6dHiu7ovlaJzjapbefVDz7tUWZFJ3qv0msGNoH6pYrpvtIKq%2B1rlsmDres53Pdf1XK%2ByJI1o697chIRM77a8asut1v2q16ijZ%2F5%2FtrkDSx3w7jE5D8nHMw%2BcC5BshCS%2BtyjseqbT19%2BOc0UzbdDlu%2B8n64kuEsSnsG0ctJPdEzW0PVy6D53sTO1Cd%2F8VRnJMnJ%2FvI0p2T0wi6m5PfUYKIkHEn0fRHUGoESQdgelbkPyQAIzjyiqS%2BM4VbQq68YylE3ZMZp48hizGZOb3C0jivQUle5XrWuWZ1IlFr11C9kaQnRHSfB9Z%2FwxksQ%2BWfQLJfyFzT1aQxNurVmlIfvRKM6gFHvfDWd5oNWfr7TCYjRqhP8vClu8267Qm6mwakJQjyPYISgxA7Rnk1kEuHeRtB3nqIOZHFeZ5XuhyRt1mi7EaD0UUcNejYdujnhs0kbPJHwbI0gGYGoCZTaRmE%2Bvyi8PG%2BTEhf5yDyX%2BEXSthuQObEXR5iUIQFJagoASFJCgygqJb7nBlfVve4crmkXfS%2FZNeK4c662zRHZ11REK20mNybhrg0z8vYl0cVWpChE0atYLIbXv1iLpBnQZeI6Bc%2BH4gfFhZQtozoNZBfzLML58ilWNCvvoJEd2HVftg8gXQ%2FGXQYhj6LujasN500U%2FuMRoXa9oIG9GNKtMxuC6RZjPINpwtdUxenHoJ%2FL8h2MH8w0eX9y70H4GZEqkpcVM%2BIOio28NruiDb13RhyXeraSZj2aeTQV%2FPaCbOfvOO2Ci04cuLdvD1m2xCTODd94TNVmjCZdKx5NsFybkwS9owQX5Yth%2BI6Gpu1xZyk%2BTpytW3lpbj1AhrpU5GoPLQfgYmx%2BQ5qqcb%2FNLN7yHNCCYvEecH5KQg9T5Yugmbnrq3%2BiyMOtVEqYMiL4fGj04vlRwT%2F%2FFDKHEwv3ej89fHH%2F0GGpWw4j8PT%2FGWvY2OuQia3UISl%2BiaEl1VgqoBbH52mKXmYP7X2rQQKWcYKeNsR8qoz5%2FFa%2BVRJazVXBq0Gl4YUhFGdb%2FZDjxOqV8P%2FCCgNWR2zLxt%2Fg8AAAD%2F%2FwEAAP%2F%2FbU6j5JAEAAA%3D HTTP/1.1
Host: plainmarshyaltered.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Cookie: u_pl=16379166; uid_id2=86361d27-d598-4f76-b572-c792084a3e4c:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3ee78ab96b0f14ba064a6156ade226e2=[3551995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 13:08:52 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d6ec63554100d22a4da1b945b59dc280
Strict-Transport-Security: max-age=0; includeSubdomains
precedentadministrator.com/pixel/purst?dl=0&th=0&sc=0&rs=2561&rd=2561&fd=796&bv=22.8.v.2&tmpl=136
192.243.59.13200 OK 0 B URL HTTP/1.1 precedentadministrator.com/pixel/purst?dl=0&th=0&sc=0&rs=2561&rd=2561&fd=796&bv=22.8.v.2&tmpl=136
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2561&rd=2561&fd=796&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: precedentadministrator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 26 Sep 2022 13:08:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f97fb3901ca271d482507144beb94227
1e11e37741ce260eb4333678fdd1ee977faf4073
9ac322b9a22c80ac8386a51efd64e14349144b1a159471e18689cc729a8ed97f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AC322B9A22C80AC8386A51EFD64E14349144B1A159471E18689CC729A8ED97F"
Last-Modified: Sun, 25 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8675
Expires: Mon, 26 Sep 2022 15:33:28 GMT
Date: Mon, 26 Sep 2022 13:08:53 GMT
Connection: keep-alive
cwbstatic.cdntrex.com/contents/videos_screenshots/461000/461142/300x168/1.jpg
151.139.128.11200 OK 48 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/461000/461142/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash f576a5a4e3e4b213ec104550d666c46f
9ed99b0f84155efd903427cd2c0152721c8ceb8d
3a92ce05bcaf76d5c946068e4314fc0f858a23a658657adf748135585936a947
GET /contents/videos_screenshots/461000/461142/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=3600
content-length: 47581
content-type: image/jpeg
last-modified: Tue, 23 Nov 2021 01:52:02 GMT
accept-ranges: bytes
server: openresty
etag: "619c4942-b9dd"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds201.sk1.sc,1664197733.cds201.sk1.pr
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/556000/556179/300x168/1.jpg
151.139.128.11200 OK 56 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/556000/556179/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash 3ec2842eb0f7e6bd623e7ab4428946e6
e79892f5aa3f726b32b6de48b7a031103951e114
de299a3ce53f8c4294803f69465b94a0ae64d18ca393c4c87c634434b4314873
GET /contents/videos_screenshots/556000/556179/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=3600
content-length: 55693
content-type: image/jpeg
last-modified: Sun, 10 Jul 2022 03:38:16 GMT
accept-ranges: bytes
server: openresty
etag: "62ca49a8-d98d"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds017.sk1.sc,1664197733.cds017.sk1.pr
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/141000/141727/300x168/1.jpg
151.139.128.11200 OK 53 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/141000/141727/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash fa981ad4c2de4f26265ca858744238ec
7b5d61f42d2117d8b1039417b544edfb6be38798
dd932855f3cfa386c06371513708260d87b27eac472af7211bb3a97f43c9df0a
GET /contents/videos_screenshots/141000/141727/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=101046
content-length: 53260
content-type: image/jpeg
last-modified: Thu, 29 Aug 2019 14:36:08 GMT
accept-ranges: bytes
server: openresty
etag: "5d67e2d8-d00c"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds065.sk1.c
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/563000/563310/300x168/1.jpg
151.139.128.11200 OK 55 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/563000/563310/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash 3e1675c46187f0a166e126bab8c12425
10b7889af408d0bf0d783b698df5842645c97ece
18404fd185c73caae0e98af5376a5b002f0e36113e7531a4e5b9e33651a48197
GET /contents/videos_screenshots/563000/563310/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=3600
content-length: 54851
content-type: image/jpeg
last-modified: Sun, 24 Jul 2022 02:04:04 GMT
accept-ranges: bytes
server: openresty
etag: "62dca894-d643"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds259.sk1.sc,1664197733.cds259.sk1.pr
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/200000/200744/300x168/1.jpg
151.139.128.11200 OK 56 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/200000/200744/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash dd5828f3fbcbb311b4b138ce36df3fc8
9f864e1e6c133f9830e17abd5d7529c25e3c1597
b047f95b79dc89d11eb6af7c55eb89932793e424644b4442bfb7918a0b1c0769
GET /contents/videos_screenshots/200000/200744/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=481393
content-length: 55814
content-type: image/jpeg
last-modified: Wed, 12 Feb 2020 14:57:57 GMT
accept-ranges: bytes
server: openresty
etag: "5e441275-da06"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds228.sk1.c
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/202000/202250/300x168/1.jpg
151.139.128.11200 OK 32 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/202000/202250/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash bfe3e56f69edced9a9a5d6b389b0983b
58f3ac05fd17f18db2ef89a3f4e15d6989fe3db4
8408b8b127f92f3438ee58342acc04eb58910be8716c73d289d71f1eca3d07fd
GET /contents/videos_screenshots/202000/202250/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=267595
content-length: 32439
content-type: image/jpeg
last-modified: Mon, 17 Feb 2020 00:04:03 GMT
accept-ranges: bytes
server: openresty
etag: "5e49d873-7eb7"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds203.sk1.c
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/567000/567352/300x168/1.jpg
151.139.128.11200 OK 49 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/567000/567352/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash 71540cb565dbd7f3ba2cafd9d38ebb81
67fda35ab0d0a3439b7e78abe15fafd3b8e623fb
727ea690834bb4a74caa7e8f52c4803c0c75c82d847f76bf09b0c55cd4d904db
GET /contents/videos_screenshots/567000/567352/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=3600
content-length: 48845
content-type: image/jpeg
last-modified: Mon, 01 Aug 2022 18:07:32 GMT
accept-ranges: bytes
server: openresty
etag: "62e81664-becd"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds067.sk1.sc,1664197733.cds067.sk1.pr
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/249000/249018/300x168/1.jpg
151.139.128.11200 OK 63 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/249000/249018/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash 8f119baaf8df0bfe65dcc8a349dde7ac
b173ad31f9514dfb5dda5e28ed1b05337dd875ec
b02753cd12361ef80e55d8306074d86811a3b5c495823213404c6aca5a401bf7
GET /contents/videos_screenshots/249000/249018/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=3600
content-length: 63119
content-type: image/jpeg
last-modified: Wed, 01 Jul 2020 03:15:02 GMT
accept-ranges: bytes
server: openresty
etag: "5efbffb6-f68f"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds009.sk1.sc,1664197733.cds009.sk1.pr
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/474000/474347/300x168/1.jpg
151.139.128.11200 OK 44 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/474000/474347/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash 1c2ba16fadedb1d9a72370103f414492
68c5e7f49176cf9992ca72d39aedfaf350b3b8bb
cf70a27fcdd57dbf0a9c9d91610745013416f66659c184a1d8e7d5de6a9809f1
GET /contents/videos_screenshots/474000/474347/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=3600
content-length: 43924
content-type: image/jpeg
last-modified: Thu, 30 Dec 2021 19:22:01 GMT
accept-ranges: bytes
server: openresty
etag: "61ce06d9-ab94"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds214.sk1.sc,1664197733.cds214.sk1.pr
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/273000/273650/300x168/1.jpg
151.139.128.11200 OK 53 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/273000/273650/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash 847e488cf26c96b72611493953d68286
1828951bb7ff323793a1f2f196bc53282ceb3c00
3ee42639d00a757eec7d7b2f1a1b1e61297332cc2ec6e70b11bceee031824897
GET /contents/videos_screenshots/273000/273650/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=62188
content-length: 53294
content-type: image/jpeg
last-modified: Tue, 22 Sep 2020 20:42:09 GMT
accept-ranges: bytes
server: openresty
etag: "5f6a61a1-d02e"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds222.sk1.c
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/504000/504820/300x168/1.jpg
151.139.128.11200 OK 45 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/504000/504820/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash dbd498b95ad685846a8a6971597dd858
172241618128a1000fab2bb8bc5713c6c173fa0f
9f00319fbab99258fa4820b441758e6438f3b9c80a8e7b23acb4ec154b4162a8
GET /contents/videos_screenshots/504000/504820/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=3600
content-length: 44879
content-type: image/jpeg
last-modified: Sun, 20 Mar 2022 00:04:02 GMT
accept-ranges: bytes
server: openresty
etag: "62366f72-af4f"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds244.sk1.sc,1664197733.cds244.sk1.pr
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/64000/64096/300x168/1.jpg
151.139.128.11200 OK 60 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/64000/64096/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash b06b1ba48aa3b4dad6c0990347440e56
14fcbf76299b1cc4df605ba1427a26e51000151a
f64a2af81a6824c15869256272086607ad8ebb44fa45642ddeb9faa2e211ec99
GET /contents/videos_screenshots/64000/64096/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=3600
content-length: 59678
content-type: image/jpeg
last-modified: Thu, 23 Aug 2018 08:08:33 GMT
accept-ranges: bytes
server: openresty
etag: "5b7e6b81-e91e"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds201.sk1.sc,1664197733.cds201.sk1.pr
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/340000/340463/300x168/1.jpg
151.139.128.11200 OK 47 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/340000/340463/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash a89b41087be6675157575cd1a33f2a3a
7959cfaa86c3f97f2822b9effc05a76c4958a753
92fabe1086e81db39490b3e7c45373b7c41731eb29e0b3d42f4b55dda6d57eb9
GET /contents/videos_screenshots/340000/340463/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=460664
content-length: 46794
content-type: image/jpeg
last-modified: Fri, 05 Feb 2021 16:00:04 GMT
accept-ranges: bytes
server: openresty
etag: "601d6b84-b6ca"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds009.sk1.c
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/95000/95721/300x168/1.jpg
151.139.128.11200 OK 53 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/95000/95721/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash 6ade28a5e9f6693b38c128f4dd1e3c98
22484a1b39c5f20ded7479b1f4088f49c256f345
1eca7e5035fde97dbcc24518b3d6c48e1a5e55dcd97dc2cb1978a6436905d95b
GET /contents/videos_screenshots/95000/95721/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=3600
content-length: 53150
content-type: image/jpeg
last-modified: Sun, 24 Mar 2019 19:50:56 GMT
accept-ranges: bytes
server: openresty
etag: "5c97dfa0-cf9e"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds206.sk1.sc,1664197733.cds206.sk1.pr
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/95000/95724/300x168/1.jpg
151.139.128.11200 OK 60 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/95000/95724/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash 2edec74efe6f04332af165d3b3022f63
fa328965d9c47ea293fb870d7055508280ed2f3f
bb5847307a7d008ca03192521f3420a688cebb93526fcd80611c95fefe9f9b95
GET /contents/videos_screenshots/95000/95724/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=3600
content-length: 59985
content-type: image/jpeg
last-modified: Sun, 24 Mar 2019 19:34:14 GMT
accept-ranges: bytes
server: openresty
etag: "5c97dbb6-ea51"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds230.sk1.sc,1664197733.cds230.sk1.pr
X-Firefox-Spdy: h2
www.camwhoresbay.com/search/ari_lovexo%20asian/?mode=async&action=js_stats&rand=1664197729738
185.94.236.17200 OK 62 kB URL HTTP/2 www.camwhoresbay.com/search/ari_lovexo%20asian/?mode=async&action=js_stats&rand=1664197729738
IP 185.94.236.17:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 463a1c8baced0c0d7dd02026476b7a0d
0e801cef3be5dc2c49603b54765f465ad13c3164
9f2d55eb1e94ebf906fdda9f8f17b0a894146d5e949c246c4151bda3525985ab
GET /search/ari_lovexo%20asian/?mode=async&action=js_stats&rand=1664197729738 HTTP/1.1
Host: www.camwhoresbay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/search/ari_lovexo%20asian/
Cookie: PHPSESSID=e824146310c567774e2f3cb3d17af3d3; kt_qparams=q%3Dari_lovexo%2520asian; kt_ips=91.90.42.154; kt_tcookie=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 13:08:51 GMT
content-type: image/gif
x-powered-by: PHP/7.3.13
x-frame-options: SAMEORIGIN
set-cookie: kt_is_visited=1; expires=Tue, 27-Sep-2022 13:08:51 GMT; Max-Age=86400; path=/; domain=.camwhoresbay.com; SameSite=Lax
access-control-allow-origin: *
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/214000/214685/300x168/1.jpg
151.139.128.11200 OK 57 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/214000/214685/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash 1ba1b9b8b65172b3833082854dda296b
abd3263742afa027f75c05e4a270e850b26a66ea
69e617b3c47a9d9f8204c5b6c52036f2af79673469425624fd09fe35bbc93f03
GET /contents/videos_screenshots/214000/214685/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=3600
content-length: 56712
content-type: image/jpeg
last-modified: Sun, 15 Mar 2020 07:09:07 GMT
accept-ranges: bytes
server: openresty
etag: "5e6dd493-dd88"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds240.sk1.sc,1664197733.cds240.sk1.pr
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/160000/160741/300x168/1.jpg
151.139.128.11200 OK 54 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/160000/160741/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash 9cea04f481ed83d2f4558912b690cb86
6fb874f95f67eb1eb9c96561fbbee0fb0d940988
1c569c5f6e8774e59b676bc628d7e09c92ca44c56a941a0d95cf2662341caecf
GET /contents/videos_screenshots/160000/160741/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=3600
content-length: 53851
content-type: image/jpeg
last-modified: Thu, 17 Oct 2019 15:56:23 GMT
accept-ranges: bytes
server: openresty
etag: "5da88f27-d25b"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds236.sk1.sc,1664197733.cds236.sk1.pr
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/339000/339362/300x168/1.jpg
151.139.128.11200 OK 47 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/339000/339362/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash a89b41087be6675157575cd1a33f2a3a
7959cfaa86c3f97f2822b9effc05a76c4958a753
92fabe1086e81db39490b3e7c45373b7c41731eb29e0b3d42f4b55dda6d57eb9
GET /contents/videos_screenshots/339000/339362/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=3600
content-length: 46794
content-type: image/jpeg
last-modified: Wed, 03 Feb 2021 19:26:03 GMT
accept-ranges: bytes
server: openresty
etag: "601af8cb-b6ca"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds256.sk1.sc,1664197733.cds256.sk1.pr
X-Firefox-Spdy: h2
bcprm.com/promo.php?c=766838&type=video_slider&name=amg63&frequency=43200000
185.75.254.28200 OK 52 kB URL HTTP/2 bcprm.com/promo.php?c=766838&type=video_slider&name=amg63&frequency=43200000
IP 185.75.254.28:0
ASN #48684 Viking Host B.V.
Hash 94dc303aafcfa187ac66832d30f781c9
2401568181c251764569155cf701dfcea2d03407
379ad8a72c604100df807d699eb7913fb08be34dee411ac59984e66997cf7f2c
GET /promo.php?c=766838&type=video_slider&name=amg63&frequency=43200000 HTTP/1.1
Host: bcprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 13:08:51 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin:
expires: Mon, 26 Sep 2022 13:08:50 GMT
x-bcs: ded7015
strict-transport-security: max-age=0;
cache-control: no-cache, public
content-encoding: gzip
x-bc-bl: 105
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/410000/410465/300x168/1.jpg
151.139.128.11200 OK 50 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/410000/410465/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash d9a1e248f0cd6fe7250cdd15c10a8f73
307675491ccdf0919a420b6181d4586e35bd377d
3bf2b406edecdee6ee548f159dc8ef0a5797b21dc055825ff3d81a121e3cae61
GET /contents/videos_screenshots/410000/410465/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=3600
content-length: 49659
content-type: image/jpeg
last-modified: Sun, 01 Aug 2021 18:05:05 GMT
accept-ranges: bytes
server: openresty
etag: "6106e251-c1fb"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds231.sk1.sc,1664197733.cds231.sk1.pr
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/contents/videos_screenshots/481000/481221/300x168/1.jpg
151.139.128.11200 OK 50 kB URL HTTP/2 cwbstatic.cdntrex.com/contents/videos_screenshots/481000/481221/300x168/1.jpg
IP 151.139.128.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash c401a1d780036f872f160c305b72d8ad
3606938d2d94c09d21fd75f4e2e8bc388c556353
f0b1488687ce85b4a33fb9d29ac3cf56896ffc057fbe8153fcf186ac9bf53a9b
GET /contents/videos_screenshots/481000/481221/300x168/1.jpg HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: max-age=3600
content-length: 50393
content-type: image/jpeg
last-modified: Fri, 14 Jan 2022 17:49:01 GMT
accept-ranges: bytes
server: openresty
etag: "61e1b78d-c4d9"
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds258.sk1.sc,1664197733.cds258.sk1.pr
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/images/ico-favourite.png
151.139.128.11200 OK 494 B URL HTTP/2 cwbstatic.cdntrex.com/images/ico-favourite.png
IP 151.139.128.11:0
File type PNG image data, 18 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash f97430e6cae487af5e3ddb3ddbb406f0
a40ceb28c33f02764d9ad89ad72cd26c969939c5
9a8dab9a068e47fe1d0d6af85b293ac5de4ff062c7b8e3bbc4028012dbf76a14
GET /images/ico-favourite.png HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cwbstatic.cdntrex.com/styles/javwhores.css?v=5.67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
content-length: 494
content-type: image/png
last-modified: Fri, 17 Aug 2018 10:44:07 GMT
accept-ranges: bytes
server: openresty
etag: "5b76a6f7-1ee"
cache-control: max-age=315360000
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds245.sk1.c
X-Firefox-Spdy: h2
cwbstatic.cdntrex.com/images/ico-later.png
151.139.128.11200 OK 656 B URL HTTP/2 cwbstatic.cdntrex.com/images/ico-later.png
IP 151.139.128.11:0
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 056cbf83aefdde8633b89e9bcf4ea50f
20bf85fb8c3e331a16cdab5bbcaa8f2987a7b9d1
be65024dcdd06e6aede5b8e624f2acc790da807d42a395435628635ca747ec47
GET /images/ico-later.png HTTP/1.1
Host: cwbstatic.cdntrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cwbstatic.cdntrex.com/styles/javwhores.css?v=5.67
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
content-length: 656
content-type: image/png
last-modified: Fri, 17 Aug 2018 10:46:04 GMT
accept-ranges: bytes
server: openresty
etag: "5b76a76c-290"
cache-control: max-age=315360000
access-control-allow-origin: *
x-hw: 1664197733.cds226.sk1.hn,1664197733.cds262.sk1.c
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8e1d1bdba60caa417a7fd246f892767e
896349dbd1f09d917b20b25653d656d555f7578b
9e0efd3fdb74064ce371b5457597d724ff875add6711267cf29d05bb0189b2fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9E0EFD3FDB74064CE371B5457597D724FF875ADD6711267CF29D05BB0189B2FD"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10910
Expires: Mon, 26 Sep 2022 16:10:43 GMT
Date: Mon, 26 Sep 2022 13:08:53 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8e1d1bdba60caa417a7fd246f892767e
896349dbd1f09d917b20b25653d656d555f7578b
9e0efd3fdb74064ce371b5457597d724ff875add6711267cf29d05bb0189b2fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9E0EFD3FDB74064CE371B5457597D724FF875ADD6711267CF29D05BB0189B2FD"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10910
Expires: Mon, 26 Sep 2022 16:10:43 GMT
Date: Mon, 26 Sep 2022 13:08:53 GMT
Connection: keep-alive
plainmarshyaltered.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=382
173.233.139.164200 OK 0 B URL HTTP/1.1 plainmarshyaltered.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=382
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=382 HTTP/1.1
Host: plainmarshyaltered.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Cookie: u_pl=16379166; uid_id2=86361d27-d598-4f76-b572-c792084a3e4c:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3ee78ab96b0f14ba064a6156ade226e2=[3551995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 13:08:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/js/script.js
172.64.201.2200 OK 556 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/js/script.js
IP 172.64.201.2:0
Hash b7aa7bfe125a9dc5123eeb3bafeb1c2b
f3c59eed610632640e5d89abecc679b6c2b0b083
86d7ba765167c6eab4591fa6b9cab482b120923402e18dc01260c133ba2186da
GET /sb/ssp/utility/social-media/facebook/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.camwhoresbay.com
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4676062
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUXQUPuvANK4Zk37D3jF1JTe7Xrkx3JXf2hNA4ADr90c7dRC5u%2FN5nfwuRp5xyQh%2F7CcmkXPZNaS6FkFadGcSb3wTCCFhGjgq10Ej7KnlGeVughHFR1dpiL%2FOYgDU80qN1U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750c3b19fbe771c3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
plainmarshyaltered.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fanimate.css&l=79245&fd=207
173.233.139.164200 OK 0 B URL HTTP/1.1 plainmarshyaltered.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fanimate.css&l=79245&fd=207
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fcss%2Fanimate.css&l=79245&fd=207 HTTP/1.1
Host: plainmarshyaltered.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Cookie: u_pl=16379166; uid_id2=86361d27-d598-4f76-b572-c792084a3e4c:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3ee78ab96b0f14ba064a6156ade226e2=[3551995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 13:08:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
plainmarshyaltered.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=201
173.233.139.164200 OK 0 B URL HTTP/1.1 plainmarshyaltered.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=201
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=201 HTTP/1.1
Host: plainmarshyaltered.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Cookie: u_pl=16379166; uid_id2=86361d27-d598-4f76-b572-c792084a3e4c:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3ee78ab96b0f14ba064a6156ade226e2=[3551995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 13:08:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 1.1 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f0bd3b69bd4c365d843a0a1499e73bce
67873f41f2c6a5e91e61627f24dbeadb6adb135a
2d7f3d8268b940d9fae3bbacd303a1c525a24a8921ea825e7002aaebc13822ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D77DBD82BEE113D61E08F6CF2573A251F6583B09B19AE0E8BBAC527C80273A12"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2862
Expires: Mon, 26 Sep 2022 13:56:35 GMT
Date: Mon, 26 Sep 2022 13:08:53 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/f4/8f/27/f48f278d5573f6712a27ddf0cda0e79c/1658144797.jpg
45.133.44.10200 OK 12 kB URL HTTP/2 cdn.cloudimagesb.com/si/f4/8f/27/f48f278d5573f6712a27ddf0cda0e79c/1658144797.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 80fd4412ef8de332749aa9078fd43dcc
17b0ae5b23e4e2b14110c21935a390db1e40c213
dce2df47202e23cff5dc1b198884109f96219679dc1d762c29d2c602bae0c643
GET /si/f4/8f/27/f48f278d5573f6712a27ddf0cda0e79c/1658144797.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
content-type: image/jpeg
content-length: 12303
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:46:46 GMT
etag: "62d54826-300f"
expires: Wed, 28 Sep 2022 13:08:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.10200 OK 660 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.10:0
Hash 5860c780c8e9daa4f852038f02b5bdc2
c75c8b4db36bffe075ce493f06d011f855d5541a
f11b9f8e851e15c0c6abd53a9994c6dcef78ceeebd0f0b8bbde610fec8332c85
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 13:08:53 GMT
date: Mon, 26 Sep 2022 13:08:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.camwhoresbay.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 408885
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.camwhoresbay.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 408885
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
plainmarshyaltered.com/pixel/sbs?c=1
173.233.139.164200 OK 0 B URL HTTP/1.1 plainmarshyaltered.com/pixel/sbs?c=1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: plainmarshyaltered.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Cookie: u_pl=16379166; uid_id2=86361d27-d598-4f76-b572-c792084a3e4c:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3ee78ab96b0f14ba064a6156ade226e2=[3551995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 26 Sep 2022 13:08:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css
172.64.201.2200 OK 1.5 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css
IP 172.64.201.2:0
Hash 6e5d41efc3d66ab2e3d6e8f03db26f32
35f7e90880f17ee9b0e6059876875e4c34c40114
7708ea6a4080a43d0eed0925cef95d19bbd1c378a10bb07b01577d2489040988
GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.camwhoresbay.com
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:19:14 GMT
etag: W/"6128d842-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4676062
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ftu6Q8rp4OMSM5Jt%2Byz6gAxg7eeBN16PmNYhCtAdi56d1HMZXfS5iZU6hT5FkeeAuruDuwrcDhHPWB7GTev3wmKn3KWj0ElgtB8puGW%2BoR7ivce4T73kkvpu205NDT2VmoI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750c3b19fbe671c3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 30f7bd40b234f7d4313f4d35ecef68a2
de0049b26d8484ad57bb61d0d84eabf4dae81e1d
536197d9b0247e1899a2d96c85fd95c3d7f2fa592fe5371e0f147a297f372982
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "536197D9B0247E1899A2D96C85FD95C3D7F2FA592FE5371E0F147A297F372982"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8027
Expires: Mon, 26 Sep 2022 15:22:41 GMT
Date: Mon, 26 Sep 2022 13:08:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 30f7bd40b234f7d4313f4d35ecef68a2
de0049b26d8484ad57bb61d0d84eabf4dae81e1d
536197d9b0247e1899a2d96c85fd95c3d7f2fa592fe5371e0f147a297f372982
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "536197D9B0247E1899A2D96C85FD95C3D7F2FA592FE5371E0F147A297F372982"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8027
Expires: Mon, 26 Sep 2022 15:22:41 GMT
Date: Mon, 26 Sep 2022 13:08:54 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=86361d27-d598-4f76-b572-c792084a3e4c&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=3ee78ab96b0f14ba064a6156ade226e2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=86361d27-d598-4f76-b572-c792084a3e4c&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=3ee78ab96b0f14ba064a6156ade226e2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=86361d27-d598-4f76-b572-c792084a3e4c&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=3ee78ab96b0f14ba064a6156ade226e2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 13:08:54 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d0838efd7c1a50d2b511d6006e05c301
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=86361d27-d598-4f76-b572-c792084a3e4c&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=4d6172bdb90852625b1e4829141ad0df&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=86361d27-d598-4f76-b572-c792084a3e4c&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=4d6172bdb90852625b1e4829141ad0df&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=86361d27-d598-4f76-b572-c792084a3e4c&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=4d6172bdb90852625b1e4829141ad0df&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 26 Sep 2022 13:08:54 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 38bbd6709428a8e45ae26d3237cfa424
Strict-Transport-Security: max-age=0; includeSubdomains
cluster.awmdelivery.com/incstage/min_exec_cam_2.js?key=4fc57517c816c66964190dba3e6a7a32&opt1=3&opt2=1
23.111.9.64200 OK 0 B URL HTTP/2 cluster.awmdelivery.com/incstage/min_exec_cam_2.js?key=4fc57517c816c66964190dba3e6a7a32&opt1=3&opt2=1
IP 23.111.9.64:0
GET /incstage/min_exec_cam_2.js?key=4fc57517c816c66964190dba3e6a7a32&opt1=3&opt2=1 HTTP/1.1
Host: cluster.awmdelivery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:50 GMT
content-type: application/javascript
last-modified: Thu, 30 Jun 2022 13:19:39 GMT
etag: W/"1eb6bd848cd81:0"
x-powered-by: ASP.NET
server: NetDNA-cache/2.2
expires: Mon, 03 Oct 2022 13:08:50 GMT
cache-control: max-age=604800
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/animate.css
172.64.201.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP 172.64.201.2:0
GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.camwhoresbay.com
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4676062
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6RRzxWirY0geEUXP%2B28%2BJvudabfrlgv%2BA9beu0G6qmWn%2BgfFlQ5gcsSdQ1ZmyMAazLEgoaWjz2bt%2Fv8iIRV7QVRylWpWputkJVuFYsZ%2B0huf9KJfGi8QzVbSOT%2B4McRZvA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750c3b19fbe471c3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
172.64.128.12200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP 172.64.128.12:0
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:51 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 7bd3e7bb705d5ae284ff5da582c18190
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 26 Sep 2022 13:08:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLWqhtniX5e3F%2FPaSCNgOECdABCZBpz9t2i0DEhMEzuMX7olLp%2Bf72UF8lZrgHis6OINOQUuuY7OPHPsdmQqUd96piAbp5mQFCdB3BvlDrh%2Bv3jkD41ISwXsbSiXVM%2Fq%2Fx1BFws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750c3b0e5e37775b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.camwhoresbay.com/search/ari_lovexo%20asian/
185.94.236.17200 OK 0 B URL HTTP/2 www.camwhoresbay.com/search/ari_lovexo%20asian/
IP 185.94.236.17:0
GET /search/ari_lovexo%20asian/ HTTP/1.1
Host: www.camwhoresbay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: openresty
date: Mon, 26 Sep 2022 13:08:50 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.13
x-frame-options: SAMEORIGIN
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=e824146310c567774e2f3cb3d17af3d3; path=/; domain=.camwhoresbay.com; secure; SameSite=None
kt_qparams=q%3Dari_lovexo%2520asian; expires=Tue, 27-Sep-2022 13:08:50 GMT; Max-Age=86400; path=/; domain=.camwhoresbay.com; secure; SameSite=None
kt_ips=91.90.42.154; expires=Tue, 27-Sep-2022 13:08:50 GMT; Max-Age=86400; path=/; domain=.camwhoresbay.com; secure; SameSite=None
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.camwhoresbay.com
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:53 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 26 Sep 2022 14:08:53 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
172.64.132.22200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP 172.64.132.22:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.camwhoresbay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 13:08:52 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: c8a2e5caf82a04d411d665dd21b9a765
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 26 Sep 2022 13:08:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MMKtfK8O1y89gyGdzeUIMMqP%2FF5UYbJCi%2FuHsqxStm77i8igMAKY51BIS09XWU1PFV9y3fJOu7JZG4qr%2FMKH5Lrs%2FOE88Fhgg893ZbbmeJXmE7HcAs%2FAgwf6%2FeSv%2FMBTIZLmlw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750c3b142860719f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2