firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 11:40:45 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -HrSURr6GrellMpRCgyRZ-LkExEvQBITCS4jyFTOmQ0EN9evh1uw5w==
Age: 1683
kajase.blogspot.no/
302 Moved Temporarily 176 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 929471b05d68dfc17ea35206bd1578ef
17792ecd03d805fad8c9156baa8355578e8491f7
536c6670212a488b9256022c12de20c6609d3840f54a2060ff9e567c093333c3
GET / HTTP/1.1
Host: kajase.blogspot.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://kajase.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 04 Oct 2022 12:08:49 GMT
Expires: Tue, 04 Oct 2022 12:08:49 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 176
Server: GSE
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7424
Expires: Tue, 04 Oct 2022 14:12:34 GMT
Date: Tue, 04 Oct 2022 12:08:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1WTmtZzjK7_Q_t5dMbXlHZRmZJig-aX4gkYIVQRdTTZzKKUlRgL6-Q==
age: 24023
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 12:08:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
kajase.blogspot.com/
301 Moved Permanently 176 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash b4fe4fae77de1aff8e29e3d5451ae3d6
e48c1b629f4b8f71b26a55e54a0ac35f803da608
5f37aa3621fbffbdd358039bfb490d18dddf129983c4b013a813edf3a2e61c74
GET / HTTP/1.1
Host: kajase.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://kajase.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 04 Oct 2022 12:08:50 GMT
Expires: Tue, 04 Oct 2022 12:08:50 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 176
Server: GSE
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 938ca8d04dae51b68f67cb6b99851772
8a3956985c77128a745c8b50bf63ba9a1085d195
f5e23e685fda24bd65f31a39291ab9006074bf8c0b946de073297129515fe571
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 11:29:33 GMT
Expires: Tue, 04 Oct 2022 12:17:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: s0L3ii4paOihVLBQ5k9JLjDvZOhpjqGJgYKFnI6JniK4vEw504i_aQ==
Age: 2357
kajase.blogspot.com/
200 OK 16 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1495)
Hash 27def4a83162eeb180eacab79ef45694
6bce73cd53dfbd6addb9ab9c44bab5377ebcd936
a166f799e013d7de52b3c91bc708e31d53baeee809f7d57087dc8229af1f9b22
GET / HTTP/1.1
Host: kajase.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-robots-tag: all,noodp
content-type: text/html; charset=UTF-8
expires: Tue, 04 Oct 2022 12:08:50 GMT
date: Tue, 04 Oct 2022 12:08:50 GMT
cache-control: private, max-age=0
last-modified: Tue, 07 Jun 2022 16:43:56 GMT
etag: W/"e41eefe5f10db15780efa9da893a3c82726824736a12dbba0fa7486b98c95fd6"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 15584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 938ca8d04dae51b68f67cb6b99851772
8a3956985c77128a745c8b50bf63ba9a1085d195
f5e23e685fda24bd65f31a39291ab9006074bf8c0b946de073297129515fe571
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kajase.blogspot.com/js/cookienotice.js
200 OK 2.0 kB URL HTTP/2 kajase.blogspot.com/js/cookienotice.js
IP
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: kajase.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 11:11:21 GMT
expires: Tue, 11 Oct 2022 11:11:21 GMT
cache-control: public, max-age=604800
last-modified: Tue, 04 Oct 2022 09:10:01 GMT
content-type: text/javascript
age: 3449
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.bp.blogspot.com/-oswZsHUgKHc/Xndidend5_I/AAAAAAAABhU/BQ4icuXC6IIt31ROWsj_07rgXaUMt6IaQCK4BGAYYCw/s1600/312202_02big.jpg
200 OK 90 kB URL HTTP/2 4.bp.blogspot.com/-oswZsHUgKHc/Xndidend5_I/AAAAAAAABhU/BQ4icuXC6IIt31ROWsj_07rgXaUMt6IaQCK4BGAYYCw/s1600/312202_02big.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 1280x220, components 3\012- data
Hash 85fb837a5c32fbff1dbe4f4902f4eb2e
ebc49009e09ac6aec6480371a5bf7f109a3df5f3
b66178de5fd70a23481f1d51c81c091b7be44b76eb610ee0489a89237fd97b53
GET /-oswZsHUgKHc/Xndidend5_I/AAAAAAAABhU/BQ4icuXC6IIt31ROWsj_07rgXaUMt6IaQCK4BGAYYCw/s1600/312202_02big.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="312202_02big.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 90427
x-xss-protection: 0
date: Tue, 04 Oct 2022 11:11:21 GMT
expires: Wed, 05 Oct 2022 11:11:21 GMT
cache-control: public, max-age=86400, no-transform
etag: "v616"
content-type: image/jpeg
age: 3449
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 589d830dbd20c3dcf601bf7a2fe7fd29
e6fc4f0062189aee4c8616949f86571db0a92ff5
10137bb52117be557fae9e1cf90fdf106786da04f6d799b19e2c3100aeafdd61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 589d830dbd20c3dcf601bf7a2fe7fd29
e6fc4f0062189aee4c8616949f86571db0a92ff5
10137bb52117be557fae9e1cf90fdf106786da04f6d799b19e2c3100aeafdd61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 12:39:06 GMT
expires: Sun, 01 Oct 2023 12:39:06 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 30 Sep 2022 19:52:35 GMT
content-type: text/css
age: 257384
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/792789798-widgets.js
200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/792789798-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash 02e6bf311e18828a522b4d3a4079084f
a63cd373fa23b4fe11f938d57737e6bfa1ebe789
25d469843aa09be2473931d33aaa37b65ac371874bd98ca84ec780bead3e33e4
GET /static/v1/widgets/792789798-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56804
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 02:15:20 GMT
expires: Tue, 03 Oct 2023 02:15:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 03 Oct 2022 00:49:27 GMT
content-type: text/javascript
age: 122010
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 589d830dbd20c3dcf601bf7a2fe7fd29
e6fc4f0062189aee4c8616949f86571db0a92ff5
10137bb52117be557fae9e1cf90fdf106786da04f6d799b19e2c3100aeafdd61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 04 Oct 2022 10:41:09 GMT
expires: Tue, 04 Oct 2022 12:41:09 GMT
cache-control: public, max-age=7200
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
age: 5261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j98&a=1492296218&t=pageview&_s=1&dl=https%3A%2F%2Fkajase.blogspot.com%2F&ul=en-us&de=UTF-8&dt=New%20Porn%20Video%20HD%20I%20New%20Sex%20Video%20HD&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=IEBAAEABAAAAACAAI~&jid=571889559&gjid=2085876532&cid=464604776.1664885330&tid=UA-600700937-3&_gid=692858716.1664885330&_r=1&_slc=1&z=749680175
200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1492296218&t=pageview&_s=1&dl=https%3A%2F%2Fkajase.blogspot.com%2F&ul=en-us&de=UTF-8&dt=New%20Porn%20Video%20HD%20I%20New%20Sex%20Video%20HD&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=IEBAAEABAAAAACAAI~&jid=571889559&gjid=2085876532&cid=464604776.1664885330&tid=UA-600700937-3&_gid=692858716.1664885330&_r=1&_slc=1&z=749680175
IP
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j98&a=1492296218&t=pageview&_s=1&dl=https%3A%2F%2Fkajase.blogspot.com%2F&ul=en-us&de=UTF-8&dt=New%20Porn%20Video%20HD%20I%20New%20Sex%20Video%20HD&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=IEBAAEABAAAAACAAI~&jid=571889559&gjid=2085876532&cid=464604776.1664885330&tid=UA-600700937-3&_gid=692858716.1664885330&_r=1&_slc=1&z=749680175 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://kajase.blogspot.com
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://kajase.blogspot.com
date: Tue, 04 Oct 2022 12:08:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e0eAOeAjKk4ERZCRVTLBMQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: epXmhrD3K1l5pzew21lq0pa3II0=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 684ce2c7b2f08b3b0b66f9fa3dab6ca2
f31b891b8c3bb9b30ca79b0d545d8a989b350420
76ccf0017863eb8b5170056e24dff2567780a592321699c7ec6ca19f81dd2b42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "76CCF0017863EB8B5170056E24DFF2567780A592321699C7EC6CA19F81DD2B42"
Last-Modified: Sun, 02 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18137
Expires: Tue, 04 Oct 2022 17:11:08 GMT
Date: Tue, 04 Oct 2022 12:08:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5f89d9577f356dbe5924659de5abca6f
ee0ba69397feeb70098493a2739e575e4bf205c8
25e675cd14bf44df39805a1d20b8ef4e4d76fae5446a6209839e591413d1ef37
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25E675CD14BF44DF39805A1D20B8EF4E4D76FAE5446A6209839E591413D1EF37"
Last-Modified: Tue, 04 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=867
Expires: Tue, 04 Oct 2022 12:23:18 GMT
Date: Tue, 04 Oct 2022 12:08:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 684ce2c7b2f08b3b0b66f9fa3dab6ca2
f31b891b8c3bb9b30ca79b0d545d8a989b350420
76ccf0017863eb8b5170056e24dff2567780a592321699c7ec6ca19f81dd2b42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "76CCF0017863EB8B5170056E24DFF2567780A592321699C7EC6CA19F81DD2B42"
Last-Modified: Sun, 02 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18047
Expires: Tue, 04 Oct 2022 17:09:38 GMT
Date: Tue, 04 Oct 2022 12:08:51 GMT
Connection: keep-alive
treepullmerriment.com/b45826e3fe159c53b40597a1315a8053/invoke.js
200 OK 9.3 kB URL HTTP/1.1 treepullmerriment.com/b45826e3fe159c53b40597a1315a8053/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25102), with no line terminators
Hash d5fed10240b8eb153d2b07c19e5b8450
ca735dc3870ab56dae176541de2ffb66651b4da1
d6fe0c434e1060935c2a62256b058ec59f1be0357700aab1fa70cc6438525d36
GET /b45826e3fe159c53b40597a1315a8053/invoke.js HTTP/1.1
Host: treepullmerriment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e418f85658491ee1381e6f1362599a17
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.blogger.com/dyn-css/authorization.css?targetBlogID=5300068510729587468&zx=9dbe7b13-4532-4fc8-8696-c5d9f3016b25
200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=5300068510729587468&zx=9dbe7b13-4532-4fc8-8696-c5d9f3016b25
IP
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=5300068510729587468&zx=9dbe7b13-4532-4fc8-8696-c5d9f3016b25 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 04 Oct 2022 12:08:51 GMT
last-modified: Tue, 04 Oct 2022 12:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
treepullmerriment.com/781014a47260b2076177f35a262f56ba/invoke.js
200 OK 9.8 kB URL HTTP/1.1 treepullmerriment.com/781014a47260b2076177f35a262f56ba/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26965), with no line terminators
Hash 11725799ca96369b48e7732d0c9ccc65
a1b04e6543c7adf880090876cdd99cbc08995eac
da5f5241825d586ee556be97f5c87a577d6e652cec051d2f9fb323ba4087e386
GET /781014a47260b2076177f35a262f56ba/invoke.js HTTP/1.1
Host: treepullmerriment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ffb5ce6f81a141f2d875ab42efefb5ef
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
treepullmerriment.com/62/c7/a3/62c7a3e77b1b7b82bf319a886a611821.js
200 OK 20 kB URL HTTP/1.1 treepullmerriment.com/62/c7/a3/62c7a3e77b1b7b82bf319a886a611821.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59428), with no line terminators
Hash 362dd53643c7eecd2822cbcd6aa95d33
9bf8504db8fb10f9f4c19f895c01b2774f42e4ae
72245f51f65cd7dd2fa05d9f6f8d4261e5814276dd63560d4a5e78546056ac4f
GET /62/c7/a3/62c7a3e77b1b7b82bf319a886a611821.js HTTP/1.1
Host: treepullmerriment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2dc56b22cf0648b05705f91b799177d6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
treepullmerriment.com/83d9449bc701849a55e93dbae67eaa31/invoke.js
200 OK 9.8 kB URL HTTP/1.1 treepullmerriment.com/83d9449bc701849a55e93dbae67eaa31/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26975), with no line terminators
Hash 1ec5d2af18f5ff429719db1b11320939
58559ba9eee02b32a79e8579c666be5a30a77613
b80f9720eeca7bdda39cd6caaa99f65508243f1e4d5ca49f0162f65981c7d8a7
GET /83d9449bc701849a55e93dbae67eaa31/invoke.js HTTP/1.1
Host: treepullmerriment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 55e408e0dedd88fc2b1ab113beeac27b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 5051734aa47e871f30936254a98cebee
38ecb55e50d18f22f54e1ebc0bf5d70f6912cc97
45727a8f22a365165d5bfd7b562ee3fe43cb02f918228bcd6441deb4a33bd421
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 12:08:51 GMT
Last-Modified: Tue, 04 Oct 2022 10:51:08 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tFRkknL8VxbYDUkS-TNSRo2OQbB8rkDajWd21EwIdrjgSSUcIJuwbw==
Age: 4663
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 5051734aa47e871f30936254a98cebee
38ecb55e50d18f22f54e1ebc0bf5d70f6912cc97
45727a8f22a365165d5bfd7b562ee3fe43cb02f918228bcd6441deb4a33bd421
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=91525
Date: Tue, 04 Oct 2022 12:08:51 GMT
Etag: "633ad600-1d7"
Expires: Wed, 05 Oct 2022 13:34:16 GMT
Last-Modified: Mon, 03 Oct 2022 12:30:56 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7Pvu4VQ3GBrkHGm29QuFjfbXuZOj0WjHDAA7gskiTNhltTqleD9hbQ==
Age: 3800
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 95649ffb7b2102caac2511c1dffb5549
6c78691462760d8fa0d31115512fe878f63b682e
0d7cb9ca2cb0d9d61f4c72e8e87ca44a4c6796da07ea7e92b8591011a2068d64
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kajase.blogspot.com
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://kajase.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=59e9314b-2da5-4c2a-8f77-b8f02b0a0210:2:1; expires=Fri, 01 Oct 2032 12:08:51 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 08e461a0b2999ae61cd2b139c25e1b4e
bfc5b16307eea388769638e2010725aa0a2a5131
1916d7962db9a1b1b89d47d514709845d14f046c2fcf0cc7c20b8ba9175ced8e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kajase.blogspot.com
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://kajase.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=200b525c-0dcd-437c-a728-11798b484ef2:3:1; expires=Fri, 01 Oct 2032 12:08:51 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash ec0e3fa86d25cd5f5f66846c64b9a756
030c55519ac51e968249ecb22c1eb0daacbba674
cc0347f2c1b2e0911b02e2e4bc9a1156f1e60a87399ddc9d0baa4986813cc1a4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kajase.blogspot.com
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://kajase.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=19ea2262-bef8-4cb4-b401-2a29443b692f:3:1; expires=Fri, 01 Oct 2032 12:08:51 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
treepullmerriment.com/229555a0775e26faf8536eac70bb12a5/invoke.js
200 OK 9.8 kB URL HTTP/1.1 treepullmerriment.com/229555a0775e26faf8536eac70bb12a5/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26947), with no line terminators
Hash 24a8d0070374d410f3e425a58a517891
f580efd2b4f8f174364c8d24c5a9fed3e4cfd2ed
3502c6af27058ffc9102b53e6c671ea1c0b0c85d79ffd6cfa24f691c87120e89
GET /229555a0775e26faf8536eac70bb12a5/invoke.js HTTP/1.1
Host: treepullmerriment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ebe1042f6fc5b8d87da2ccb77c842c8a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash ec0e3fa86d25cd5f5f66846c64b9a756
030c55519ac51e968249ecb22c1eb0daacbba674
cc0347f2c1b2e0911b02e2e4bc9a1156f1e60a87399ddc9d0baa4986813cc1a4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kajase.blogspot.com
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Cookie: uid_id2=19ea2262-bef8-4cb4-b401-2a29443b692f:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://kajase.blogspot.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
treepullmerriment.com/9c185d049536dbd57b1dbbe5701645fd/invoke.js
200 OK 9.8 kB URL HTTP/1.1 treepullmerriment.com/9c185d049536dbd57b1dbbe5701645fd/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26969), with no line terminators
Hash 6b4f67dcf9b37711e9eac36b3fc61cc9
a695aaf9df182584767dd9fe419369a474d866f2
891f3fa5e89dc13bd3dd1598db38403c3886808c7ad85bd375b7542ec226e089
GET /9c185d049536dbd57b1dbbe5701645fd/invoke.js HTTP/1.1
Host: treepullmerriment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 344bf1f8583b05afc290791153a05c89
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 28fee81c518f0f78c2b835051e33131d
d2ec6a6e8122524380dc2fda8e10314bc09a8d3b
b297bec29b6b6bc23667993793cc178695ee033a436de7cd38f3d39bc2cda6f6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B297BEC29B6B6BC23667993793CC178695EE033A436DE7CD38F3D39BC2CDA6F6"
Last-Modified: Tue, 04 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6683
Expires: Tue, 04 Oct 2022 14:00:14 GMT
Date: Tue, 04 Oct 2022 12:08:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e4b901d3abcd2993aff13f3011caf89e
7907482bcc08adc74c88bde08fdfd78926f3e7e5
ac22bd84ab38bdd0ad941bfe3dc469b37a9101ce21103f8f047ff5f3ec1a2182
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC22BD84AB38BDD0AD941BFE3DC469B37A9101CE21103F8F047FF5F3EC1A2182"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10219
Expires: Tue, 04 Oct 2022 14:59:10 GMT
Date: Tue, 04 Oct 2022 12:08:51 GMT
Connection: keep-alive
treepullmerriment.com/83d9449bc701849a55e93dbae67eaa31/invoke.js
200 OK 9.8 kB URL HTTP/1.1 treepullmerriment.com/83d9449bc701849a55e93dbae67eaa31/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash a1c0d7e9ce73e1d0d08e3d3af00b3fe9
d77709e1fb8eb95a23d99d3c1eeeaf3fda359716
9a45c0e622ab4af6e71776c72c96f42db701eac0cc7520b6510a07875e202474
GET /83d9449bc701849a55e93dbae67eaa31/invoke.js HTTP/1.1
Host: treepullmerriment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 829579c879e6d0613ea31d8af28612f0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2f965e104a3e9cc592c836131906a23f
d707915c41720d3e65e1d743b6e2bcaca2a6e6a6
c4436025b6c7ea7faf1e6b6d9d52e8e3e8cbd580efe47f7df9db847b996af73d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4436025B6C7EA7FAF1E6B6D9D52E8E3E8CBD580EFE47F7DF9DB847B996AF73D"
Last-Modified: Sun, 02 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2335
Expires: Tue, 04 Oct 2022 12:47:47 GMT
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: keep-alive
disreputablegenuinelyhonorary.com/watch.1338554385266.js?key=83d9449bc701849a55e93dbae67eaa31&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=200b525c-0dcd-437c-a728-11798b484ef2%3A3%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 disreputablegenuinelyhonorary.com/watch.1338554385266.js?key=83d9449bc701849a55e93dbae67eaa31&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=200b525c-0dcd-437c-a728-11798b484ef2%3A3%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1338554385266.js?key=83d9449bc701849a55e93dbae67eaa31&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=200b525c-0dcd-437c-a728-11798b484ef2%3A3%3A1 HTTP/1.1
Host: disreputablegenuinelyhonorary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kajase.blogspot.com
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kajase.blogspot.com
Access-Control-Allow-Origin: https://kajase.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://disreputablegenuinelyhonorary.com/watch.1338554385266.js?key=83d9449bc701849a55e93dbae67eaa31&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=200b525c-0dcd-437c-a728-11798b484ef2%3A3%3A1&shu=e80979447594a36e459daf186a0b723b14e98ef6854f617059ab963f561c1065f496a4b32b496d03f104bfca106b856f627470a0dfaffeb47de8d940b94705a3520eb1ab20478b7f813522365d9a49919cf42cbe165f379f9e0fb1acfe238a57&pst=1664885392&rmtc=t
Set-Cookie: u_pl=17249034; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI0OTAzNCwiayI6IjgzZDk0NDliYzcwMTg0OWE1NWU5M2RiYWU2N2VhYTMxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODU4Nzk4LCJwaWQiOjc1MjE1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ0aTNoejJyNiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9rYWphc2UuYmxvZ3Nwb3QuY29tLyJ9fQ.fsTcbxgdc4qwTVLeKk6WbPuk2G-arPQ1GQljzYmtUzo; expires=Tue, 04 Oct 2022 12:09:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d27a78f41e1f8c10cdcc629a786b15ce
Strict-Transport-Security: max-age=0; includeSubdomains
treepullmerriment.com/be60c67d1e88f5a3fd45eb569797a334/invoke.js
200 OK 9.8 kB URL HTTP/1.1 treepullmerriment.com/be60c67d1e88f5a3fd45eb569797a334/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash c113cee8c42c21185de6aae21c96927a
2c77193469881345b9e4ecc589a324849a1b12b4
4f00924c542de19fc6ed8e15fa0606e8c3bc546db159e346ccb1a9861e64245e
GET /be60c67d1e88f5a3fd45eb569797a334/invoke.js HTTP/1.1
Host: treepullmerriment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 88c0bddfdf87db445446a2c3d8a73964
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash deed4fe600bfe00e036b500d95ec9499
6829d50857626cf2a6f4e9cb3653410d57a9caa9
5bfc490619421cbb91476d88164dc1f80a67c5d2e93fba4a971061cd85006947
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5BFC490619421CBB91476D88164DC1F80A67C5D2E93FBA4A971061CD85006947"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7694
Expires: Tue, 04 Oct 2022 14:17:06 GMT
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: keep-alive
notifyoutspoken.com/watch.1531430734212.js?key=229555a0775e26faf8536eac70bb12a5&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 notifyoutspoken.com/watch.1531430734212.js?key=229555a0775e26faf8536eac70bb12a5&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1531430734212.js?key=229555a0775e26faf8536eac70bb12a5&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1 HTTP/1.1
Host: notifyoutspoken.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kajase.blogspot.com
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kajase.blogspot.com
Access-Control-Allow-Origin: https://kajase.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://notifyoutspoken.com/watch.1531430734212.js?key=229555a0775e26faf8536eac70bb12a5&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=baf1371f9ebddf84ec028bef4278501a7fce402be80ccec0b65eae9bae011ec3671d1519f87d90dd43ae41da1facdc938b3dcaf60fceb528bf6621b9d3ac399a1409a2ae9b97c010d05f7c0d0e0c110ab12a21&pst=1664885392&rmtc=t
Set-Cookie: u_pl=17249007; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI0OTAwNywiayI6IjIyOTU1NWEwNzc1ZTI2ZmFmODUzNmVhYzcwYmIxMmE1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODU4Nzk4LCJwaWQiOjc1MjE1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjUsInB0Ijo0LCJwayI6ImJ4ZWo3bXpnNCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9rYWphc2UuYmxvZ3Nwb3QuY29tLyJ9fQ.Q0h0iAVEzJTJJ2foE5NA494a14WSnYPZz-TFmkl78mU; expires=Tue, 04 Oct 2022 12:09:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 18e48d517edfe35b7380bed6b020182b
Strict-Transport-Security: max-age=0; includeSubdomains
disreputablegenuinelyhonorary.com/watch.1338554385266.js?key=83d9449bc701849a55e93dbae67eaa31&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=200b525c-0dcd-437c-a728-11798b484ef2%3A3%3A1&shu=e80979447594a36e459daf186a0b723b14e98ef6854f617059ab963f561c1065f496a4b32b496d03f104bfca106b856f627470a0dfaffeb47de8d940b94705a3520eb1ab20478b7f813522365d9a49919cf42cbe165f379f9e0fb1acfe238a57&pst=1664885392&rmtc=t
200 OK 2.5 kB URL HTTP/1.1 disreputablegenuinelyhonorary.com/watch.1338554385266.js?key=83d9449bc701849a55e93dbae67eaa31&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=200b525c-0dcd-437c-a728-11798b484ef2%3A3%3A1&shu=e80979447594a36e459daf186a0b723b14e98ef6854f617059ab963f561c1065f496a4b32b496d03f104bfca106b856f627470a0dfaffeb47de8d940b94705a3520eb1ab20478b7f813522365d9a49919cf42cbe165f379f9e0fb1acfe238a57&pst=1664885392&rmtc=t
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (3158)
Hash 46506625f6ff4ff60dd06774339e121a
b9676b90cc3a2691a9d039dff365880b0a8d1863
964c23e5bf8a130b66a76b551dfd94ed6673f3afeb1902f71050e12d78959f91
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1338554385266.js?key=83d9449bc701849a55e93dbae67eaa31&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=200b525c-0dcd-437c-a728-11798b484ef2%3A3%3A1&shu=e80979447594a36e459daf186a0b723b14e98ef6854f617059ab963f561c1065f496a4b32b496d03f104bfca106b856f627470a0dfaffeb47de8d940b94705a3520eb1ab20478b7f813522365d9a49919cf42cbe165f379f9e0fb1acfe238a57&pst=1664885392&rmtc=t HTTP/1.1
Host: disreputablegenuinelyhonorary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kajase.blogspot.com
Referer: https://kajase.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17249034; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI0OTAzNCwiayI6IjgzZDk0NDliYzcwMTg0OWE1NWU5M2RiYWU2N2VhYTMxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODU4Nzk4LCJwaWQiOjc1MjE1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ0aTNoejJyNiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9rYWphc2UuYmxvZ3Nwb3QuY29tLyJ9fQ.fsTcbxgdc4qwTVLeKk6WbPuk2G-arPQ1GQljzYmtUzo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kajase.blogspot.com
Access-Control-Allow-Origin: https://kajase.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=200b525c-0dcd-437c-a728-11798b484ef2:3:1; expires=Tue, 11 Oct 2022 12:08:52 GMT; secure; SameSite=None
iprc172e838b1bccb1a8de5f34ec782254bc=3569683; expires=Tue, 04 Oct 2022 16:08:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
uncs=1; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
pdhtkv27=true; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
uncs27=1; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a1b7398de6f29a6a5539ccf2b3deaa93
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
treepullmerriment.com/d8fcb2d3f20008691f03775f642ee8c4/invoke.js
200 OK 9.8 kB URL HTTP/1.1 treepullmerriment.com/d8fcb2d3f20008691f03775f642ee8c4/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26961), with no line terminators
Hash 6cbb543ab21120ca993e88bb04db97b2
c0546b9bb38ceef5b46ee682bceeb53e846950f0
3e8a3b19cbc4a76382d6c097911403ddbf76994906345bf1aaa51fb644c8e682
GET /d8fcb2d3f20008691f03775f642ee8c4/invoke.js HTTP/1.1
Host: treepullmerriment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a5dfb60266b00ed6e790cb53e196b025
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0b3583bada6a90ca23d9af1db7f0b361
80070b13219a6df5dde7a2b7c84df33381d268b8
70efc800ed2f1acee19ccc88dbafa7724c0f00d9b7cda191d69cf69c1a38a98f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70EFC800ED2F1ACEE19CCC88DBAFA7724C0F00D9B7CDA191D69CF69C1A38A98F"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5563
Expires: Tue, 04 Oct 2022 13:41:35 GMT
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: keep-alive
sandwichesinstinctive.com/ntv.json?key=b45826e3fe159c53b40597a1315a8053&vstc=4
200 OK 17 kB URL HTTP/1.1 sandwichesinstinctive.com/ntv.json?key=b45826e3fe159c53b40597a1315a8053&vstc=4
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (16570), with no line terminators
Hash 59f04c52e592645c1298a2477e9142c4
a9e177fd43eaaa6188c2956d06b45a3fd980e85f
e3dc51c0484b8771db1f27bbb8bd3bf679dcf9bd464ffb6c981590b3f42606af
GET /ntv.json?key=b45826e3fe159c53b40597a1315a8053&vstc=4 HTTP/1.1
Host: sandwichesinstinctive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kajase.blogspot.com
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Type: application/json
Content-Length: 16570
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kajase.blogspot.com
Access-Control-Allow-Origin: https://kajase.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17249046; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
uncs=1; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
pdhtkv49=true; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
uncs49=1; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 48e395ba44d9f4e36b36e9d84f0742d6
Strict-Transport-Security: max-age=0; includeSubdomains
notifyoutspoken.com/watch.1531430734212.js?key=229555a0775e26faf8536eac70bb12a5&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=baf1371f9ebddf84ec028bef4278501a7fce402be80ccec0b65eae9bae011ec3671d1519f87d90dd43ae41da1facdc938b3dcaf60fceb528bf6621b9d3ac399a1409a2ae9b97c010d05f7c0d0e0c110ab12a21&pst=1664885392&rmtc=t
200 OK 2.4 kB URL HTTP/1.1 notifyoutspoken.com/watch.1531430734212.js?key=229555a0775e26faf8536eac70bb12a5&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=baf1371f9ebddf84ec028bef4278501a7fce402be80ccec0b65eae9bae011ec3671d1519f87d90dd43ae41da1facdc938b3dcaf60fceb528bf6621b9d3ac399a1409a2ae9b97c010d05f7c0d0e0c110ab12a21&pst=1664885392&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (3076)
Hash 08eafd5f7340db77706813c2a2b6447a
ec0990b895b9bb6ce735dc9fdfb75729a671ec40
0a9cfbe0011aec40d41319d5593bb631b263650491cf09805e6ff5c0394ee4ab
GET /watch.1531430734212.js?key=229555a0775e26faf8536eac70bb12a5&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=baf1371f9ebddf84ec028bef4278501a7fce402be80ccec0b65eae9bae011ec3671d1519f87d90dd43ae41da1facdc938b3dcaf60fceb528bf6621b9d3ac399a1409a2ae9b97c010d05f7c0d0e0c110ab12a21&pst=1664885392&rmtc=t HTTP/1.1
Host: notifyoutspoken.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kajase.blogspot.com
Referer: https://kajase.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17249007; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI0OTAwNywiayI6IjIyOTU1NWEwNzc1ZTI2ZmFmODUzNmVhYzcwYmIxMmE1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODU4Nzk4LCJwaWQiOjc1MjE1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjUsInB0Ijo0LCJwayI6ImJ4ZWo3bXpnNCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9rYWphc2UuYmxvZ3Nwb3QuY29tLyJ9fQ.Q0h0iAVEzJTJJ2foE5NA494a14WSnYPZz-TFmkl78mU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kajase.blogspot.com
Access-Control-Allow-Origin: https://kajase.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=19ea2262-bef8-4cb4-b401-2a29443b692f:3:1; expires=Tue, 11 Oct 2022 12:08:52 GMT; secure; SameSite=None
iprc178b6fc4484e6dbc085e87cf39259dee=3569681; expires=Tue, 04 Oct 2022 16:08:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
uncs=1; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
pdhtkv5=true; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
uncs5=1; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3677b4e6765d5ef2120c138b46f53cdf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
invaderannihilationperky.com/watch.442759448676.js?key=781014a47260b2076177f35a262f56ba&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=59e9314b-2da5-4c2a-8f77-b8f02b0a0210%3A2%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 invaderannihilationperky.com/watch.442759448676.js?key=781014a47260b2076177f35a262f56ba&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=59e9314b-2da5-4c2a-8f77-b8f02b0a0210%3A2%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.442759448676.js?key=781014a47260b2076177f35a262f56ba&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=59e9314b-2da5-4c2a-8f77-b8f02b0a0210%3A2%3A1 HTTP/1.1
Host: invaderannihilationperky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kajase.blogspot.com
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kajase.blogspot.com
Access-Control-Allow-Origin: https://kajase.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://invaderannihilationperky.com/watch.442759448676.js?key=781014a47260b2076177f35a262f56ba&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=59e9314b-2da5-4c2a-8f77-b8f02b0a0210%3A2%3A1&shu=143a1460c660561333156ceaa162695c4af20805c98fb701546152cf27f9d484e1e275b8a68820b96673972f61316627d613ec49ba273ce9e1b0dac0fb60800e4c610f4753ee15273bfbba8eed08a7cdf07cb686d9f218a9a19c24475d20f8&pst=1664885392&rmtc=t
Set-Cookie: u_pl=17249018; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI0OTAxOCwiayI6Ijc4MTAxNGE0NzI2MGIyMDc2MTc3ZjM1YTI2MmY1NmJhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODU4Nzk4LCJwaWQiOjc1MjE1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ6c3Jod2d1NWoiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8va2FqYXNlLmJsb2dzcG90LmNvbS8ifX0.d54ZjQ3y0XE69Ouv4JU0LHUmY2DENH5987zrEwZegAA; expires=Tue, 04 Oct 2022 12:09:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3a7d3f4c69c3f459d2c012483aea405e
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6586
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6586
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 51859
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 51872
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 51872
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d91d0f0e382af1264b5dea592c5776da
ab3a77c4aff5fcfd898cd2da983296c067689958
04ec0bde837b3e4a25096a580788ec3597096c6a6fa20fef11f2d4d8a42f373a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04EC0BDE837B3E4A25096A580788EC3597096C6A6FA20FEF11F2D4D8A42F373A"
Last-Modified: Mon, 03 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4528
Expires: Tue, 04 Oct 2022 13:24:20 GMT
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 515e23ff5ef0fc336ac5ec7fd31dfacd
a98da6b6ce993bd8f3b58ba42915cd9c4b45946c
77c186eb00def4a978d1bfd9eac755f70bf465f622991aaf6681227aec3e118a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8508
x-amzn-requestid: 63afa079-f66e-428a-b491-c5859aed2e3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJFU9EknoAMF1uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63338285-54f784262318d7ca0e560d44;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 23:08:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wueU8yVJPql7JutY2H26gdjyBCPTeyX_sG9c5mNE-PS57lyMGftW2g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 08:27:48 GMT
age: 13264
etag: "a98da6b6ce993bd8f3b58ba42915cd9c4b45946c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.pornalin.com/embed/17966
200 OK 13 kB URL HTTP/2 www.pornalin.com/embed/17966
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1217), with CRLF, LF line terminators
Hash 58f82a9f90cb7ab6382fb6380c971ed2
f9c23a4fdd0d8be56f8481846d90bb12cdd4f3e8
8f3f8b400d290f13c78025cd1bfba75ec19e98728e0b06aa101da0f11ace9d6b
GET /embed/17966 HTTP/1.1
Host: www.pornalin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=tb5m6gs224b6ljaaimkshhn2igm1aok7; path=/; domain=.pornalin.com; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2uR2KIlJQDohrJK6fwIcgO67GQkMzPUiG%2FLyKshsfQiT1OtKqSiJ25r7DnK%2F8clM7l3StolBJHKEEbQxJxK0JbJ6fPM1EnDAQ03nrKhRTzCDIBK01Hw61RgvrcbP5WU1%2FIGr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dce2a5d9d769d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xxxdessert.com/tube/embed/144416
200 OK 5.2 kB URL HTTP/2 xxxdessert.com/tube/embed/144416
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1147)
Hash ef51089a6d0c9aa507dd52a7d984f657
f1af34026b1b2e16abdb443050ca13f32d5d40ce
149af4ee7a45a44542dd1a7cd3aa68dcf5be985193152a51ded757c30928f049
GET /tube/embed/144416 HTTP/1.1
Host: xxxdessert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=5v8hu7qeug1oqmrrt15n0la1q8865u3s; path=/; domain=.xxxdessert.com; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2Fx2qvvJ3G%2BMDK2QBEEBywSTxj%2BnHS3%2BKwV3pJr%2BruhSkKMO8sdkvfxJAYKN49q1%2FlW5EpiSjwbxLH5ARzHC7f4YPAbCrUXVTWxWIN9xmTHEGS5XGP5DgCseNHNGqYth2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dce2a384e7306-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youx.xxx/videos/embed/176024
200 OK 231 kB URL HTTP/2 www.youx.xxx/videos/embed/176024
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1643)
Size 231 kB (230693 bytes)
Hash 6511a6e720f92925661d63a321793f1b
2c8b7477318e0586b7e5841a3f584986530fa13c
3eaca7efacb79850e4788e78d637a21b22e1a00111715ec641efcf9bb2f3552c
GET /videos/embed/176024 HTTP/1.1
Host: www.youx.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=9ef51252353de4b2b362279e065a0fc8; path=/; domain=.youx.xxx; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9U2sWadlKDc7CBy%2FyPSxo8XhxArejP3IwaARssQXgYVuLGgHGL7tdC9oijBJEHPcxuu1UeuqNI5bxfEoWR8jaloKgYTjsAYwSEqupew%2F%2B3QReCOJDViKZHdrDs0EsC8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dce2a39ac8895-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 61e5079a0e6812f78348c7a622279320
5295836d509d9eaee1c31bd129d08b65d0860a89
ff528b3e3551facb4aaf40f7c4befd70da4e707d5aed4bc9b49ca7905791f14d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "FF528B3E3551FACB4AAF40F7C4BEFD70DA4E707D5AED4BC9B49CA7905791F14D"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14923
Expires: Tue, 04 Oct 2022 16:17:35 GMT
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: keep-alive
disreputablegenuinelyhonorary.com/pixel/purst?dl=0&th=0&sc=0&rs=1694&rd=1694&fd=907&bv=22.8.v.1&tmpl=70
200 OK 4.2 kB URL HTTP/1.1 disreputablegenuinelyhonorary.com/pixel/purst?dl=0&th=0&sc=0&rs=1694&rd=1694&fd=907&bv=22.8.v.1&tmpl=70
IP
Hash 35419c3e93d13e672142104f6a941596
706685e401dd30adb36762e9ab7001a7555a6ce1
bf707db5a19c1413921de8d8c962c3e9bf4c43404e3c20a6c04400df5bbdf665
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1694&rd=1694&fd=907&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: disreputablegenuinelyhonorary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Cookie: u_pl=17249034; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI0OTAzNCwiayI6IjgzZDk0NDliYzcwMTg0OWE1NWU5M2RiYWU2N2VhYTMxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODU4Nzk4LCJwaWQiOjc1MjE1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ0aTNoejJyNiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9rYWphc2UuYmxvZ3Nwb3QuY29tLyJ9fQ.fsTcbxgdc4qwTVLeKk6WbPuk2G-arPQ1GQljzYmtUzo; uid_id2=200b525c-0dcd-437c-a728-11798b484ef2:3:1; iprc172e838b1bccb1a8de5f34ec782254bc=3569683; pdhtkv=true; uncs=1; pdhtkv27=true; uncs27=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 50286903b1552c5e10b5bb6fd180ff72
08136163cefbdbbe6b6b5e2bdf52932110cba789
694e9c4f0de7d7649cd48152b8433881d13d89f8389e98186b43b6db45d20f82
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "694E9C4F0DE7D7649CD48152B8433881D13D89F8389E98186B43B6DB45D20F82"
Last-Modified: Tue, 04 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5401
Expires: Tue, 04 Oct 2022 13:38:53 GMT
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: keep-alive
invaderannihilationperky.com/watch.442759448676.js?key=781014a47260b2076177f35a262f56ba&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=59e9314b-2da5-4c2a-8f77-b8f02b0a0210%3A2%3A1&shu=143a1460c660561333156ceaa162695c4af20805c98fb701546152cf27f9d484e1e275b8a68820b96673972f61316627d613ec49ba273ce9e1b0dac0fb60800e4c610f4753ee15273bfbba8eed08a7cdf07cb686d9f218a9a19c24475d20f8&pst=1664885392&rmtc=t
200 OK 7.0 kB URL HTTP/1.1 invaderannihilationperky.com/watch.442759448676.js?key=781014a47260b2076177f35a262f56ba&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=59e9314b-2da5-4c2a-8f77-b8f02b0a0210%3A2%3A1&shu=143a1460c660561333156ceaa162695c4af20805c98fb701546152cf27f9d484e1e275b8a68820b96673972f61316627d613ec49ba273ce9e1b0dac0fb60800e4c610f4753ee15273bfbba8eed08a7cdf07cb686d9f218a9a19c24475d20f8&pst=1664885392&rmtc=t
IP
Hash d11aa6d3cdab73b8c06ae8c01d829558
3c91b0f5ebfc66f91e455e0203bf8904dac2de81
364ab1d2eb7ef250512e91b04cd8f68d01c845ca82d1416af62e7603a2919bc0
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.442759448676.js?key=781014a47260b2076177f35a262f56ba&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=59e9314b-2da5-4c2a-8f77-b8f02b0a0210%3A2%3A1&shu=143a1460c660561333156ceaa162695c4af20805c98fb701546152cf27f9d484e1e275b8a68820b96673972f61316627d613ec49ba273ce9e1b0dac0fb60800e4c610f4753ee15273bfbba8eed08a7cdf07cb686d9f218a9a19c24475d20f8&pst=1664885392&rmtc=t HTTP/1.1
Host: invaderannihilationperky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kajase.blogspot.com
Referer: https://kajase.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17249018; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI0OTAxOCwiayI6Ijc4MTAxNGE0NzI2MGIyMDc2MTc3ZjM1YTI2MmY1NmJhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODU4Nzk4LCJwaWQiOjc1MjE1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ6c3Jod2d1NWoiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8va2FqYXNlLmJsb2dzcG90LmNvbS8ifX0.d54ZjQ3y0XE69Ouv4JU0LHUmY2DENH5987zrEwZegAA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kajase.blogspot.com
Access-Control-Allow-Origin: https://kajase.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=59e9314b-2da5-4c2a-8f77-b8f02b0a0210:2:1; expires=Tue, 11 Oct 2022 12:08:52 GMT; secure; SameSite=None
iprc6ba3ca94f1fa7eba795011166add23c6=3569684; expires=Tue, 04 Oct 2022 16:08:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
uncs=1; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
pdhtkv23=true; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
uncs23=1; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 58b2f6ecd94ff5a9b188e4a9a81f033c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash faff5ce768d45c0f60e789520157502b
24fc31960a99ec908181e3a4a60cda0a1a4a4b1e
e1fcd0df67cfc81d4dcb12292976ec571bd39f1c92e061b0b8d3e64068b204e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1FCD0DF67CFC81D4DCB12292976EC571BD39F1C92E061B0B8D3E64068B204E7"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7079
Expires: Tue, 04 Oct 2022 14:06:51 GMT
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash faff5ce768d45c0f60e789520157502b
24fc31960a99ec908181e3a4a60cda0a1a4a4b1e
e1fcd0df67cfc81d4dcb12292976ec571bd39f1c92e061b0b8d3e64068b204e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1FCD0DF67CFC81D4DCB12292976EC571BD39F1C92E061B0B8D3E64068B204E7"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7079
Expires: Tue, 04 Oct 2022 14:06:51 GMT
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: keep-alive
interesteddeterminedeurope.com/watch.523628594063.js?key=9c185d049536dbd57b1dbbe5701645fd&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 interesteddeterminedeurope.com/watch.523628594063.js?key=9c185d049536dbd57b1dbbe5701645fd&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.523628594063.js?key=9c185d049536dbd57b1dbbe5701645fd&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1 HTTP/1.1
Host: interesteddeterminedeurope.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kajase.blogspot.com
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kajase.blogspot.com
Access-Control-Allow-Origin: https://kajase.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://interesteddeterminedeurope.com/watch.523628594063.js?key=9c185d049536dbd57b1dbbe5701645fd&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=b550877968a5dda2d36e4eb7492e359c0ecd66ceb4b5550e62d8d89025e2260e511efcc6b2d5ad49672bf99362a11afbd5305c1bfb4b87938b7aebba755c427f989cf75f93105f646f388fcd7cd28d5bc81ebecd06819270ef4a426cdf5b581013ae5b641a&pst=1664885392&rmtc=t
Set-Cookie: u_pl=17249024; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI0OTAyNCwiayI6IjljMTg1ZDA0OTUzNmRiZDU3YjFkYmJlNTcwMTY0NWZkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODU4Nzk4LCJwaWQiOjc1MjE1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI1LCJwdCI6NCwicGsiOiJqOWl3dnh5NDQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8va2FqYXNlLmJsb2dzcG90LmNvbS8ifX0.OTQ2Fka6XGGFooxYGLvygWRsNbVAuJNfZm6Url_txHw; expires=Tue, 04 Oct 2022 12:09:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6979bd17848b207daf462a17f3247fc4
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash faff5ce768d45c0f60e789520157502b
24fc31960a99ec908181e3a4a60cda0a1a4a4b1e
e1fcd0df67cfc81d4dcb12292976ec571bd39f1c92e061b0b8d3e64068b204e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1FCD0DF67CFC81D4DCB12292976EC571BD39F1C92E061B0B8D3E64068B204E7"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7079
Expires: Tue, 04 Oct 2022 14:06:51 GMT
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: keep-alive
woodbeesdainty.com/watch.1083277780601.js?key=be60c67d1e88f5a3fd45eb569797a334&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 woodbeesdainty.com/watch.1083277780601.js?key=be60c67d1e88f5a3fd45eb569797a334&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1083277780601.js?key=be60c67d1e88f5a3fd45eb569797a334&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1 HTTP/1.1
Host: woodbeesdainty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kajase.blogspot.com
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kajase.blogspot.com
Access-Control-Allow-Origin: https://kajase.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://woodbeesdainty.com/watch.1083277780601.js?key=be60c67d1e88f5a3fd45eb569797a334&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=01cebf172cc94299d66aebb43ae361d6eeb3bb086c7f5a458f2a6858dbf7c0c070f962532a6a6e3c1fb4be5cb30b92c68e7c30b15056243a247fb94b82cdde0b12e7534a66610561f1f4073e40b0fec375031d&pst=1664885392&rmtc=t
Set-Cookie: u_pl=17249013; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI0OTAxMywiayI6ImJlNjBjNjdkMWU4OGY1YTNmZDQ1ZWI1Njk3OTdhMzM0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODU4Nzk4LCJwaWQiOjc1MjE1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJnMmFhaDd6engiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8va2FqYXNlLmJsb2dzcG90LmNvbS8ifX0.bUOa4M3jAxD0JKIA1uQlDC8hUKuMimDJGV9SoKV2WTY; expires=Tue, 04 Oct 2022 12:09:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a15d8b2697b786d92d90fcdbbf9ba8e5
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a81efbd7f92e8ab877070b2f9cd6247
389efbc67268d7460da1c041ecd8bd3de503bced
08f20e6c48dc1f16fb405a6e21df212677b34c1dcaf75335d163a3d1e18c40bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08F20E6C48DC1F16FB405A6E21DF212677B34C1DCAF75335D163A3D1E18C40BC"
Last-Modified: Sun, 02 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8239
Expires: Tue, 04 Oct 2022 14:26:11 GMT
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: keep-alive
interesteddeterminedeurope.com/watch.523628594063.js?key=9c185d049536dbd57b1dbbe5701645fd&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=b550877968a5dda2d36e4eb7492e359c0ecd66ceb4b5550e62d8d89025e2260e511efcc6b2d5ad49672bf99362a11afbd5305c1bfb4b87938b7aebba755c427f989cf75f93105f646f388fcd7cd28d5bc81ebecd06819270ef4a426cdf5b581013ae5b641a&pst=1664885392&rmtc=t
200 OK 2.0 kB URL HTTP/1.1 interesteddeterminedeurope.com/watch.523628594063.js?key=9c185d049536dbd57b1dbbe5701645fd&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=b550877968a5dda2d36e4eb7492e359c0ecd66ceb4b5550e62d8d89025e2260e511efcc6b2d5ad49672bf99362a11afbd5305c1bfb4b87938b7aebba755c427f989cf75f93105f646f388fcd7cd28d5bc81ebecd06819270ef4a426cdf5b581013ae5b641a&pst=1664885392&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2521)
Hash c4b0c3615074db50bdd6367c7336d8c8
94ceffc1fc6ddc9dcaab7f49aea4dcf91d80c148
a870f26023eac356b2fd1e31c280f9a930b5edf3a6d96bb5a4ae8cb8a7a365a7
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.523628594063.js?key=9c185d049536dbd57b1dbbe5701645fd&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=b550877968a5dda2d36e4eb7492e359c0ecd66ceb4b5550e62d8d89025e2260e511efcc6b2d5ad49672bf99362a11afbd5305c1bfb4b87938b7aebba755c427f989cf75f93105f646f388fcd7cd28d5bc81ebecd06819270ef4a426cdf5b581013ae5b641a&pst=1664885392&rmtc=t HTTP/1.1
Host: interesteddeterminedeurope.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kajase.blogspot.com
Referer: https://kajase.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17249024; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI0OTAyNCwiayI6IjljMTg1ZDA0OTUzNmRiZDU3YjFkYmJlNTcwMTY0NWZkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODU4Nzk4LCJwaWQiOjc1MjE1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI1LCJwdCI6NCwicGsiOiJqOWl3dnh5NDQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8va2FqYXNlLmJsb2dzcG90LmNvbS8ifX0.OTQ2Fka6XGGFooxYGLvygWRsNbVAuJNfZm6Url_txHw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kajase.blogspot.com
Access-Control-Allow-Origin: https://kajase.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=19ea2262-bef8-4cb4-b401-2a29443b692f:3:1; expires=Tue, 11 Oct 2022 12:08:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
uncs=1; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
pdhtkv25=true; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
uncs25=1; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f60eecb42740b1b0047a998aff01fd29
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a81efbd7f92e8ab877070b2f9cd6247
389efbc67268d7460da1c041ecd8bd3de503bced
08f20e6c48dc1f16fb405a6e21df212677b34c1dcaf75335d163a3d1e18c40bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08F20E6C48DC1F16FB405A6E21DF212677B34C1DCAF75335D163A3D1E18C40BC"
Last-Modified: Sun, 02 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8239
Expires: Tue, 04 Oct 2022 14:26:11 GMT
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: keep-alive
www.youx.xxx/videos/player/kt_player.js?v=5.4.0
200 OK 60 kB URL HTTP/2 www.youx.xxx/videos/player/kt_player.js?v=5.4.0
IP
File type ASCII text, with very long lines (33702)
Hash 0edf4f70fb93ecc03b750541bfb20603
cb3b66aca9bfd1d9671789418f5852fb282d6d5c
20a73efce560d9e735cb3b714d51b9d89887c2f3af4a0572356cf98b685e0d87
GET /videos/player/kt_player.js?v=5.4.0 HTTP/1.1
Host: www.youx.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youx.xxx/videos/embed/176024
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:52 GMT
content-type: application/javascript
last-modified: Tue, 06 Jul 2021 15:06:43 GMT
vary: Accept-Encoding
etag: W/"60e47183-2821e"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvkXhQ3JmmZHW7kdlmShsJRc8jvVwoo0CpF%2Fp7ga6DNCAji0QzXaksesvXcgtiuvJvmZAJMCXcDIL5Ic0XsfVnkdRSt6jzwDlH%2Bu3qiRyNNNoN%2BVKUZN23Wo5ZdvmZo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dce2b5c1f8895-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sandwichesinstinctive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRRStDoOCXlRCQPAwCIpCmO3umemZMYK4WVcW12xMIooIUl1VM1uZ6q6mqnt6dk%2BLAclxDoLoqffNbhY1iOLZoL0BkYCyc1vBFUE8CiIEj9Lj4uiH7v%2Fef%2F%2Fw%2Fv%2F13m52Qlxk9HjlVb0tlaJL7YZbf%2BZNz7tQX5dxNq6Pu8E7QetC3Yye6wUN99n6y4IN9ZLveq7ruV59VRrR1%2BOlSoRMbve8Rs9ttPyG125hbP7PbebAUgd8dEIeg%2BSz2l3nLCQrEUefrwg7THVy%2FqUoUzTVBiN%2B8Ho8jHUeI1rAvnHQjw9Ou6Ht0eod6Hh%2Fbhd69G9jKGfE%2BfYOwvjg1CTC0d7cZ6ggYoT8YeSjEkKVkLQE0zcg%2BREBGMelDcTRrUva5HTrH5VW6ozU7v8Jmc9I7aeziKPPlpUc169qlaVSxxbjfgE5LiEHJZLsEOn2Gcj8ECx9F5J%2FT5buryOO9jas0pC8mM8uZQnZL6HEBNQ6yKpPOsj6DrLEQcSP68zzvI7LGXW7PcaavCPCgLse7fQ96rlBFxmr7E2QJhMwNQEzO0jMDoZyApN9DbtZwHIHNp0R57UdjHiBXBDkliCnBLkkyFOCfFTsc2V9W9ziymahd5r909wspjod7NJ9nQ5ETHaTE%2FJotRfnweY5DMVxPWy1u34gmn3htXus3QxbbrvXoV7Ta9Ou227CygLSnpmPui1n5Im3f0dS3eqpHxDSQ1h1CCYfAc080Hza8V3QzWmr62I7%2FnJIr1MrGqHSA5votMF0BK4LJGkN6Zazq07I4%2FMznb%2F4GwS7R04DzBRITIHr8i7BQN2cXtE52buic0u%2B2EhSGcltWp3wakpT8cAnr4itXBu%2BtmInH7%2FIKqGCt68Jm67TmMt4YMmny5JzYVa1YYJ8tWbfEOHlzG4uZybOkvXLF1fXosQIa6WOS1B5tPEXmJyR2s8%2Fzt%2Fmubf%2BgDQlTFYgyhZOpS7Bkh3YZFGzmsCoBQ8TB3lWTI0fLopKEiix4DQsYP%2FDwwXetTcxMD5oegNxVGBkCoxUAaomsNlD0zQx91747sMqPkKoatNQmdpeqIx6f77aGXn6mw8q9Ev1%2BxVWHtc7zaZLg17b63So6IQtv9sPPE6p3wr8IKBNpHbGnn%2Fy2t8AAAD%2F%2FwEAAP%2F%2FbPp7InUEAAA%3D
200 OK 7 B URL HTTP/1.1 sandwichesinstinctive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRRStDoOCXlRCQPAwCIpCmO3umemZMYK4WVcW12xMIooIUl1VM1uZ6q6mqnt6dk%2BLAclxDoLoqffNbhY1iOLZoL0BkYCyc1vBFUE8CiIEj9Lj4uiH7v%2Fef%2F%2Fw%2Fv%2F13m52Qlxk9HjlVb0tlaJL7YZbf%2BZNz7tQX5dxNq6Pu8E7QetC3Yye6wUN99n6y4IN9ZLveq7ruV59VRrR1%2BOlSoRMbve8Rs9ttPyG125hbP7PbebAUgd8dEIeg%2BSz2l3nLCQrEUefrwg7THVy%2FqUoUzTVBiN%2B8Ho8jHUeI1rAvnHQjw9Ou6Ht0eod6Hh%2Fbhd69G9jKGfE%2BfYOwvjg1CTC0d7cZ6ggYoT8YeSjEkKVkLQE0zcg%2BREBGMelDcTRrUva5HTrH5VW6ozU7v8Jmc9I7aeziKPPlpUc169qlaVSxxbjfgE5LiEHJZLsEOn2Gcj8ECx9F5J%2FT5buryOO9jas0pC8mM8uZQnZL6HEBNQ6yKpPOsj6DrLEQcSP68zzvI7LGXW7PcaavCPCgLse7fQ96rlBFxmr7E2QJhMwNQEzO0jMDoZyApN9DbtZwHIHNp0R57UdjHiBXBDkliCnBLkkyFOCfFTsc2V9W9ziymahd5r909wspjod7NJ9nQ5ETHaTE%2FJotRfnweY5DMVxPWy1u34gmn3htXus3QxbbrvXoV7Ta9Ou227CygLSnpmPui1n5Im3f0dS3eqpHxDSQ1h1CCYfAc080Hza8V3QzWmr62I7%2FnJIr1MrGqHSA5votMF0BK4LJGkN6Zazq07I4%2FMznb%2F4GwS7R04DzBRITIHr8i7BQN2cXtE52buic0u%2B2EhSGcltWp3wakpT8cAnr4itXBu%2BtmInH7%2FIKqGCt68Jm67TmMt4YMmny5JzYVa1YYJ8tWbfEOHlzG4uZybOkvXLF1fXosQIa6WOS1B5tPEXmJyR2s8%2Fzt%2Fmubf%2BgDQlTFYgyhZOpS7Bkh3YZFGzmsCoBQ8TB3lWTI0fLopKEiix4DQsYP%2FDwwXetTcxMD5oegNxVGBkCoxUAaomsNlD0zQx91747sMqPkKoatNQmdpeqIx6f77aGXn6mw8q9Ev1%2BxVWHtc7zaZLg17b63So6IQtv9sPPE6p3wr8IKBNpHbGnn%2Fy2t8AAAD%2F%2FwEAAP%2F%2FbPp7InUEAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRRStDoOCXlRCQPAwCIpCmO3umemZMYK4WVcW12xMIooIUl1VM1uZ6q6mqnt6dk%2BLAclxDoLoqffNbhY1iOLZoL0BkYCyc1vBFUE8CiIEj9Lj4uiH7v%2Fef%2F%2Fw%2Fv%2F13m52Qlxk9HjlVb0tlaJL7YZbf%2BZNz7tQX5dxNq6Pu8E7QetC3Yye6wUN99n6y4IN9ZLveq7ruV59VRrR1%2BOlSoRMbve8Rs9ttPyG125hbP7PbebAUgd8dEIeg%2BSz2l3nLCQrEUefrwg7THVy%2FqUoUzTVBiN%2B8Ho8jHUeI1rAvnHQjw9Ou6Ht0eod6Hh%2Fbhd69G9jKGfE%2BfYOwvjg1CTC0d7cZ6ggYoT8YeSjEkKVkLQE0zcg%2BREBGMelDcTRrUva5HTrH5VW6ozU7v8Jmc9I7aeziKPPlpUc169qlaVSxxbjfgE5LiEHJZLsEOn2Gcj8ECx9F5J%2FT5buryOO9jas0pC8mM8uZQnZL6HEBNQ6yKpPOsj6DrLEQcSP68zzvI7LGXW7PcaavCPCgLse7fQ96rlBFxmr7E2QJhMwNQEzO0jMDoZyApN9DbtZwHIHNp0R57UdjHiBXBDkliCnBLkkyFOCfFTsc2V9W9ziymahd5r909wspjod7NJ9nQ5ETHaTE%2FJotRfnweY5DMVxPWy1u34gmn3htXus3QxbbrvXoV7Ta9Ou227CygLSnpmPui1n5Im3f0dS3eqpHxDSQ1h1CCYfAc080Hza8V3QzWmr62I7%2FnJIr1MrGqHSA5votMF0BK4LJGkN6Zazq07I4%2FMznb%2F4GwS7R04DzBRITIHr8i7BQN2cXtE52buic0u%2B2EhSGcltWp3wakpT8cAnr4itXBu%2BtmInH7%2FIKqGCt68Jm67TmMt4YMmny5JzYVa1YYJ8tWbfEOHlzG4uZybOkvXLF1fXosQIa6WOS1B5tPEXmJyR2s8%2Fzt%2Fmubf%2BgDQlTFYgyhZOpS7Bkh3YZFGzmsCoBQ8TB3lWTI0fLopKEiix4DQsYP%2FDwwXetTcxMD5oegNxVGBkCoxUAaomsNlD0zQx91747sMqPkKoatNQmdpeqIx6f77aGXn6mw8q9Ev1%2BxVWHtc7zaZLg17b63So6IQtv9sPPE6p3wr8IKBNpHbGnn%2Fy2t8AAAD%2F%2FwEAAP%2F%2FbPp7InUEAAA%3D HTTP/1.1
Host: sandwichesinstinctive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Cookie: u_pl=17249046; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3d9a463354a91f7f7dab6f0cd303e388
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a81efbd7f92e8ab877070b2f9cd6247
389efbc67268d7460da1c041ecd8bd3de503bced
08f20e6c48dc1f16fb405a6e21df212677b34c1dcaf75335d163a3d1e18c40bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08F20E6C48DC1F16FB405A6E21DF212677B34C1DCAF75335D163A3D1E18C40BC"
Last-Modified: Sun, 02 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8239
Expires: Tue, 04 Oct 2022 14:26:11 GMT
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: keep-alive
cdn.youx.xxx/videos/th/176000/176024/preview.mp4.jpg
200 OK 88 kB URL HTTP/2 cdn.youx.xxx/videos/th/176000/176024/preview.mp4.jpg
IP
File type JPEG image data, baseline, precision 8, 1280x720, components 3\012- data
Hash 77e17bb84a64faf152070349d0411188
fc0c58e70c2d33a34c740e9f899ca808a67f8ac4
86ee4c478aa52c7722f18f727c44c55ecfdfeb980f6f28076dc29e6ca2a6eb8e
GET /videos/th/176000/176024/preview.mp4.jpg HTTP/1.1
Host: cdn.youx.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youx.xxx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 12:08:52 GMT
content-type: image/jpeg
content-length: 87541
last-modified: Wed, 17 Jul 2019 14:33:29 GMT
etag: "5d2f31b9-155f5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a81efbd7f92e8ab877070b2f9cd6247
389efbc67268d7460da1c041ecd8bd3de503bced
08f20e6c48dc1f16fb405a6e21df212677b34c1dcaf75335d163a3d1e18c40bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08F20E6C48DC1F16FB405A6E21DF212677B34C1DCAF75335D163A3D1E18C40BC"
Last-Modified: Sun, 02 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8239
Expires: Tue, 04 Oct 2022 14:26:11 GMT
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: keep-alive
cdn.youx.xxx/videos/th/178000/178220/preview.mp4.jpg
200 OK 294 kB URL HTTP/2 cdn.youx.xxx/videos/th/178000/178220/preview.mp4.jpg
IP
File type JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size 294 kB (293831 bytes)
Hash d929eb3aeed5045857e4b2a258057088
0b2899196b534b58eaf6605086eccc048e4f88f9
d0e2eeda6e7ce16906916e2ef7442996a31cbd4d179a4a07fc060a7c70a3d138
GET /videos/th/178000/178220/preview.mp4.jpg HTTP/1.1
Host: cdn.youx.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youx.xxx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 12:08:52 GMT
content-type: image/jpeg
content-length: 293831
last-modified: Tue, 19 Nov 2019 23:25:33 GMT
etag: "5dd479ed-47bc7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/62/6e/ab/626eab7e38889c581265a71a20fb7a39/1628088560.jpg
200 OK 37 kB URL HTTP/2 cdn.cloudimagesb.com/cti/62/6e/ab/626eab7e38889c581265a71a20fb7a39/1628088560.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 8b00fea68e6ded36bb321fd852bdf6e9
acd8b987f65544f8a93c33a1172e24ddfcf797ea
e00f2c391269bf3fd735d828a983da76ba73b02e0816833f06bca1fc7d47bc6e
GET /cti/62/6e/ab/626eab7e38889c581265a71a20fb7a39/1628088560.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:52 GMT
content-type: image/jpeg
content-length: 36605
server: nginx/1.17.6
last-modified: Wed, 04 Aug 2021 14:49:29 GMT
etag: "610aa8f9-8efd"
expires: Thu, 06 Oct 2022 12:08:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.youx.xxx/videos/th/178000/178669/preview.mp4.jpg
200 OK 104 kB URL HTTP/2 cdn.youx.xxx/videos/th/178000/178669/preview.mp4.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.60.100", baseline, precision 8, 1920x1080, components 3\012- data
Size 104 kB (103742 bytes)
Hash bae25663819cde73403e128aa9bb1639
d20f4327effa58ab2f6810aeb41cdbc274cda9f7
a5ca4c9908c286169d8a7af08b4b42794292318d855944b86c91702273023427
GET /videos/th/178000/178669/preview.mp4.jpg HTTP/1.1
Host: cdn.youx.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youx.xxx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 12:08:52 GMT
content-type: image/jpeg
content-length: 103742
last-modified: Tue, 04 Feb 2020 18:46:04 GMT
etag: "5e39bbec-1953e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.youx.xxx/videos/th/178000/178136/preview.mp4.jpg
200 OK 166 kB URL HTTP/2 cdn.youx.xxx/videos/th/178000/178136/preview.mp4.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.60.100", baseline, precision 8, 1920x1080, components 3\012- data
Size 166 kB (166250 bytes)
Hash 2631682de183a6b9f658d7dfaaca5a8b
e2fc897979791728905205bc6e2b95b0f563ed50
6181ee0c6c068cdc10578eb6e713657ce8d4ad222bd88a85041a369d803aca7e
GET /videos/th/178000/178136/preview.mp4.jpg HTTP/1.1
Host: cdn.youx.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youx.xxx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 12:08:52 GMT
content-type: image/jpeg
content-length: 166250
last-modified: Fri, 06 Dec 2019 00:14:17 GMT
etag: "5de99d59-2896a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.youx.xxx/videos/th/178000/178108/preview.mp4.jpg
200 OK 139 kB URL HTTP/2 cdn.youx.xxx/videos/th/178000/178108/preview.mp4.jpg
IP
File type JPEG image data, baseline, precision 8, 1520x848, components 3\012- data
Size 139 kB (139048 bytes)
Hash 19008ce9c5a34007d21dc883908a50f9
cc614fd158deda74f5063547158d5423cfecc67e
1a6a2c58de322b0b9c50beadeef15c58add6a1b79ce6103ca4d0f3ed51659154
GET /videos/th/178000/178108/preview.mp4.jpg HTTP/1.1
Host: cdn.youx.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youx.xxx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 12:08:52 GMT
content-type: image/jpeg
content-length: 139048
last-modified: Tue, 12 Nov 2019 06:51:41 GMT
etag: "5dca567d-21f28"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.youx.xxx/videos/th/178000/178103/preview.mp4.jpg
200 OK 169 kB URL HTTP/2 cdn.youx.xxx/videos/th/178000/178103/preview.mp4.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.60.100", baseline, precision 8, 1920x1080, components 3\012- data
Size 169 kB (168882 bytes)
Hash 21d7c419c4cfdcd995f68497b32cd685
be31dfbadaba9e0d160514e217cd0562e2da2ccf
efd996d82f6cab504c5a8d613fe9d856a57ad41208c057a169b222742df8c0e8
GET /videos/th/178000/178103/preview.mp4.jpg HTTP/1.1
Host: cdn.youx.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youx.xxx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 12:08:52 GMT
content-type: image/jpeg
content-length: 168882
last-modified: Mon, 11 Nov 2019 19:12:07 GMT
etag: "5dc9b287-293b2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
woodbeesdainty.com/watch.1083277780601.js?key=be60c67d1e88f5a3fd45eb569797a334&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=01cebf172cc94299d66aebb43ae361d6eeb3bb086c7f5a458f2a6858dbf7c0c070f962532a6a6e3c1fb4be5cb30b92c68e7c30b15056243a247fb94b82cdde0b12e7534a66610561f1f4073e40b0fec375031d&pst=1664885392&rmtc=t
200 OK 2.3 kB URL HTTP/1.1 woodbeesdainty.com/watch.1083277780601.js?key=be60c67d1e88f5a3fd45eb569797a334&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=01cebf172cc94299d66aebb43ae361d6eeb3bb086c7f5a458f2a6858dbf7c0c070f962532a6a6e3c1fb4be5cb30b92c68e7c30b15056243a247fb94b82cdde0b12e7534a66610561f1f4073e40b0fec375031d&pst=1664885392&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2897)
Hash 01706ac39d430e1b3ba0b8b6069157e6
ca32a542ed34dd292bad1cbbfa7c0a39a3a70cba
3bf8d5fdb37b743f06d8d606d6a3a62b841c1401ed41fe440e05fffffff43480
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1083277780601.js?key=be60c67d1e88f5a3fd45eb569797a334&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=01cebf172cc94299d66aebb43ae361d6eeb3bb086c7f5a458f2a6858dbf7c0c070f962532a6a6e3c1fb4be5cb30b92c68e7c30b15056243a247fb94b82cdde0b12e7534a66610561f1f4073e40b0fec375031d&pst=1664885392&rmtc=t HTTP/1.1
Host: woodbeesdainty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kajase.blogspot.com
Referer: https://kajase.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17249013; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI0OTAxMywiayI6ImJlNjBjNjdkMWU4OGY1YTNmZDQ1ZWI1Njk3OTdhMzM0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODU4Nzk4LCJwaWQiOjc1MjE1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJnMmFhaDd6engiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8va2FqYXNlLmJsb2dzcG90LmNvbS8ifX0.bUOa4M3jAxD0JKIA1uQlDC8hUKuMimDJGV9SoKV2WTY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kajase.blogspot.com
Access-Control-Allow-Origin: https://kajase.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=19ea2262-bef8-4cb4-b401-2a29443b692f:3:1; expires=Tue, 11 Oct 2022 12:08:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
uncs=1; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
pdhtkv32=true; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
uncs32=1; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2b70702a4d0f5331ba9e9de8dfc22093
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/9d/f4/2f/9df42fffce83a72533205ab5c0ec687c/1607065015.jpg
200 OK 32 kB URL HTTP/2 cdn.cloudimagesb.com/cti/9d/f4/2f/9df42fffce83a72533205ab5c0ec687c/1607065015.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash 811335099e655ee6f9b6877479759cb3
d2baadde90b0ec3f039bf8ef05443d03e948c323
86eaf49c87f6958a519e90b6b5b479ded7d00402613dabe822fa01ddc419233a
GET /cti/9d/f4/2f/9df42fffce83a72533205ab5c0ec687c/1607065015.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:52 GMT
content-type: image/jpeg
content-length: 31835
server: nginx/1.17.6
last-modified: Fri, 04 Dec 2020 06:57:04 GMT
etag: "5fc9ddc0-7c5b"
expires: Thu, 06 Oct 2022 12:08:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 61e5079a0e6812f78348c7a622279320
5295836d509d9eaee1c31bd129d08b65d0860a89
ff528b3e3551facb4aaf40f7c4befd70da4e707d5aed4bc9b49ca7905791f14d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "FF528B3E3551FACB4AAF40F7C4BEFD70DA4E707D5AED4BC9B49CA7905791F14D"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14923
Expires: Tue, 04 Oct 2022 16:17:35 GMT
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/a7/81/a3/a781a3f5b0f5e23bdd2dd0518e7f7682/1658915583.png
200 OK 59 kB URL HTTP/2 cdn.cloudimagesb.com/cti/a7/81/a3/a781a3f5b0f5e23bdd2dd0518e7f7682/1658915583.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash a8d87e991a22e21fd415f8484a2c798d
512ec0da7b33b71c73453271860fae0a0e23c627
a26bd031fca0ac99e2ee032b81812e714bb94834b7ca304fbdf2aafd5c192045
GET /cti/a7/81/a3/a781a3f5b0f5e23bdd2dd0518e7f7682/1658915583.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:52 GMT
content-type: image/png
content-length: 59343
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 09:53:11 GMT
etag: "62e10b07-e7cf"
expires: Thu, 06 Oct 2022 12:08:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e15754b5e33b6adbe65da3db5ae7e09a
886c451595eb638c810e6f4f46853bc0cd71e73c
7942c8ac4ac4238450342a6b062e8ddb2f7611f55e4af066622397beac6b8022
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7942C8AC4AC4238450342A6B062E8DDB2F7611F55E4AF066622397BEAC6B8022"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3726
Expires: Tue, 04 Oct 2022 13:10:58 GMT
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: keep-alive
sandwichesinstinctive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcVRd9la%2F5BN2ohIDgohEUhdBT1f9tBHEyjgyOmZhEFBHk%2FXXPS7%2BqV7xX1dUzq8GAZNkLQXRVc3omgxpEcW3QmoBIQJnejeCIIK7EjRBcSrWDrReq7j333MW597x3d9MT4iOlxyuvmG2lNV1q1fzq028EwYXquorScXXcbb%2Fdbl6o2tGzvXbNf6b6kuRDs1T3A98P%2FKC6qqzsm%2FFSSULFt3tBrefXmvVa0GpibP%2BLXerBUQ9idEIehRKzyl3vLBQvEIWfrUg3TEx8%2FsUw1TQxFiNx8Fo0jEwWIVyUfeuhHx2cTsO4o9U7MNH%2BXC7M6J9BpmbE%2B%2BYOWHRwKhJstDfXyTRkBCYeQjYqIHUBRQtwcwNKHBGAC1zaQBTeumRsRrf%2BZmnJzkjl%2Fh9Q2YxUfjyLKPx0Watx9arRaaJM5DDu51DjAmpQIE4PkWyfgcoOwZN3oMR3ZOn%2BOqJwb8NpAyXy%2Be5KFVD9AlpOQJ2HtPyUh7TvIY09hOK4yoMg6PiCU7%2Fb47whOpK1hR%2FQTj%2Bggd%2FuIuWlvAmSeAKuJ%2BB2B7HdwVBNYNOv4DZzOOHBJTPivbqDkciRSYLMEWSUIFMEWUKQjfJ9oV3d5beEdikLTnP9NDfyqUkGu3TfJAMZkd34hDxS3sV7oHEOQ3lcZc1Wt96Wjb4MWj3earCm3%2Bp1aNAIWrTrtxpwKodyZ%2BarbqsZefyt3xGXXj35PRg9hNOH4Oph0DQAzaadug%2B6OW12fWxHXwzpdepkjWkzcLFJatyEECZHnFSQbHm7%2BoQ8Nrfp%2FMWfIfk9chrgNkdsc1xXdwkG%2Bub0isnI3hWTOfL5RpyoUG3T0sKrCU3k%2Fz9%2BWW5lxoq1FTf56AVeEmV5%2B5p0yTqNhIoGjnyyrISQdtVYLsmXa%2B51yS6nbnM5tVEar1%2B%2BuLoWxlY6p0xUgKqjjT%2FB1YxUfvph%2FjbPvfkblC1g0xxhulCqTAEe78DFi54zBFYvMIv%2FhyzNp7bOFk2tCLRcYMpyuH9htqh33U0MbB00uYEozDGyOUY6B9UTuPTBaRLbe89%2F%2B0EZH4LpypRpW9lj2ur3ytP%2BOiNPff3%2B%2FMjl7xc4dVxt%2BKLDZF92mGy2mn3JBWu1mM%2F7nDVEt8uRuBl%2F7olrfwEAAP%2F%2FAQAA%2F%2F%2BetKCNdQQAAA%3D%3D
200 OK 7 B URL HTTP/1.1 sandwichesinstinctive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcVRd9la%2F5BN2ohIDgohEUhdBT1f9tBHEyjgyOmZhEFBHk%2FXXPS7%2BqV7xX1dUzq8GAZNkLQXRVc3omgxpEcW3QmoBIQJnejeCIIK7EjRBcSrWDrReq7j333MW597x3d9MT4iOlxyuvmG2lNV1q1fzq028EwYXquorScXXcbb%2Fdbl6o2tGzvXbNf6b6kuRDs1T3A98P%2FKC6qqzsm%2FFSSULFt3tBrefXmvVa0GpibP%2BLXerBUQ9idEIehRKzyl3vLBQvEIWfrUg3TEx8%2FsUw1TQxFiNx8Fo0jEwWIVyUfeuhHx2cTsO4o9U7MNH%2BXC7M6J9BpmbE%2B%2BYOWHRwKhJstDfXyTRkBCYeQjYqIHUBRQtwcwNKHBGAC1zaQBTeumRsRrf%2BZmnJzkjl%2Fh9Q2YxUfjyLKPx0Watx9arRaaJM5DDu51DjAmpQIE4PkWyfgcoOwZN3oMR3ZOn%2BOqJwb8NpAyXy%2Be5KFVD9AlpOQJ2HtPyUh7TvIY09hOK4yoMg6PiCU7%2Fb47whOpK1hR%2FQTj%2Bggd%2FuIuWlvAmSeAKuJ%2BB2B7HdwVBNYNOv4DZzOOHBJTPivbqDkciRSYLMEWSUIFMEWUKQjfJ9oV3d5beEdikLTnP9NDfyqUkGu3TfJAMZkd34hDxS3sV7oHEOQ3lcZc1Wt96Wjb4MWj3earCm3%2Bp1aNAIWrTrtxpwKodyZ%2BarbqsZefyt3xGXXj35PRg9hNOH4Oph0DQAzaadug%2B6OW12fWxHXwzpdepkjWkzcLFJatyEECZHnFSQbHm7%2BoQ8Nrfp%2FMWfIfk9chrgNkdsc1xXdwkG%2Bub0isnI3hWTOfL5RpyoUG3T0sKrCU3k%2Fz9%2BWW5lxoq1FTf56AVeEmV5%2B5p0yTqNhIoGjnyyrISQdtVYLsmXa%2B51yS6nbnM5tVEar1%2B%2BuLoWxlY6p0xUgKqjjT%2FB1YxUfvph%2FjbPvfkblC1g0xxhulCqTAEe78DFi54zBFYvMIv%2FhyzNp7bOFk2tCLRcYMpyuH9htqh33U0MbB00uYEozDGyOUY6B9UTuPTBaRLbe89%2F%2B0EZH4LpypRpW9lj2ur3ytP%2BOiNPff3%2B%2FMjl7xc4dVxt%2BKLDZF92mGy2mn3JBWu1mM%2F7nDVEt8uRuBl%2F7olrfwEAAP%2F%2FAQAA%2F%2F%2BetKCNdQQAAA%3D%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcVRd9la%2F5BN2ohIDgohEUhdBT1f9tBHEyjgyOmZhEFBHk%2FXXPS7%2BqV7xX1dUzq8GAZNkLQXRVc3omgxpEcW3QmoBIQJnejeCIIK7EjRBcSrWDrReq7j333MW597x3d9MT4iOlxyuvmG2lNV1q1fzq028EwYXquorScXXcbb%2Fdbl6o2tGzvXbNf6b6kuRDs1T3A98P%2FKC6qqzsm%2FFSSULFt3tBrefXmvVa0GpibP%2BLXerBUQ9idEIehRKzyl3vLBQvEIWfrUg3TEx8%2FsUw1TQxFiNx8Fo0jEwWIVyUfeuhHx2cTsO4o9U7MNH%2BXC7M6J9BpmbE%2B%2BYOWHRwKhJstDfXyTRkBCYeQjYqIHUBRQtwcwNKHBGAC1zaQBTeumRsRrf%2BZmnJzkjl%2Fh9Q2YxUfjyLKPx0Watx9arRaaJM5DDu51DjAmpQIE4PkWyfgcoOwZN3oMR3ZOn%2BOqJwb8NpAyXy%2Be5KFVD9AlpOQJ2HtPyUh7TvIY09hOK4yoMg6PiCU7%2Fb47whOpK1hR%2FQTj%2Bggd%2FuIuWlvAmSeAKuJ%2BB2B7HdwVBNYNOv4DZzOOHBJTPivbqDkciRSYLMEWSUIFMEWUKQjfJ9oV3d5beEdikLTnP9NDfyqUkGu3TfJAMZkd34hDxS3sV7oHEOQ3lcZc1Wt96Wjb4MWj3earCm3%2Bp1aNAIWrTrtxpwKodyZ%2BarbqsZefyt3xGXXj35PRg9hNOH4Oph0DQAzaadug%2B6OW12fWxHXwzpdepkjWkzcLFJatyEECZHnFSQbHm7%2BoQ8Nrfp%2FMWfIfk9chrgNkdsc1xXdwkG%2Bub0isnI3hWTOfL5RpyoUG3T0sKrCU3k%2Fz9%2BWW5lxoq1FTf56AVeEmV5%2B5p0yTqNhIoGjnyyrISQdtVYLsmXa%2B51yS6nbnM5tVEar1%2B%2BuLoWxlY6p0xUgKqjjT%2FB1YxUfvph%2FjbPvfkblC1g0xxhulCqTAEe78DFi54zBFYvMIv%2FhyzNp7bOFk2tCLRcYMpyuH9htqh33U0MbB00uYEozDGyOUY6B9UTuPTBaRLbe89%2F%2B0EZH4LpypRpW9lj2ur3ytP%2BOiNPff3%2B%2FMjl7xc4dVxt%2BKLDZF92mGy2mn3JBWu1mM%2F7nDVEt8uRuBl%2F7olrfwEAAP%2F%2FAQAA%2F%2F%2BetKCNdQQAAA%3D%3D HTTP/1.1
Host: sandwichesinstinctive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Cookie: u_pl=17249046; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e9236612054abc0580097baee24f2ecd
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/d8/a3/d6/d8a3d67db86906a81581cb41da64f604/1628088693.png
200 OK 140 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d8/a3/d6/d8a3d67db86906a81581cb41da64f604/1628088693.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 321 x 240, 8-bit/color RGB, non-interlaced\012- data
Size 140 kB (140487 bytes)
Hash efb8265d96e4057c8e584ef0fd859200
6d43508e06d1f585983d18f290d2a286240173d5
79a2b5a90e9d6fec3e1787e05ac9f0beea7335c025d742065a84be205b0f4bd7
GET /cti/d8/a3/d6/d8a3d67db86906a81581cb41da64f604/1628088693.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:52 GMT
content-type: image/png
content-length: 140487
server: nginx/1.17.6
last-modified: Wed, 04 Aug 2021 14:51:41 GMT
etag: "610aa97d-224c7"
expires: Thu, 06 Oct 2022 12:08:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/61/cc/39/61cc39d74ad616038dc132f21d43532e/1628088652.jpg
200 OK 29 kB URL HTTP/2 cdn.cloudimagesb.com/cti/61/cc/39/61cc39d74ad616038dc132f21d43532e/1628088652.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 7c077438b2da29ea77ea9004a459673c
e91df3853e970d3013e12e58ef37ce4bda66ad40
cb03bf97f584f6961026e718ef900e99c23c95b3d6f9e7556ea69847c581100b
GET /cti/61/cc/39/61cc39d74ad616038dc132f21d43532e/1628088652.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:52 GMT
content-type: image/jpeg
content-length: 28971
server: nginx/1.17.6
last-modified: Wed, 04 Aug 2021 14:51:00 GMT
etag: "610aa954-712b"
expires: Thu, 06 Oct 2022 12:08:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ads.exoclick.com/ads.js
200 OK 974 B IP
File type ASCII text, with very long lines (2476), with no line terminators
Hash 92af51b4341a31ff621022c2a648c05e
3761459319128e7349981f338926abcd89ba58e0
6dd1f44f60b3c9584b3d9a54af5348c3fc36c7e13585f593f205ed42a0fa7e9f
GET /ads.js HTTP/1.1
Host: ads.exoclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youx.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 974
Content-Type: application/javascript
Accept-Ranges: bytes
Server: nginx
etag: W/"8f3c7314efe500b41baba9f571b"
Cache-Control: max-age=10800
X-HW: 1664885332.dop231.sk1.t,1664885332.cds214.sk1.shn,1664885332.dop231.sk1.t,1664885332.cds003.sk1.c
Access-Control-Allow-Origin: *, *
ads.exoclick.com/ad_track.js
200 OK 221 B URL HTTP/1.1 ads.exoclick.com/ad_track.js
IP
File type HTML document, ASCII text, with very long lines (368), with no line terminators
Hash 1aaf2775a48a6417574972dfbbe2797b
8562ab1dc5691c9026e9cdea6e0a84787a48be34
88479a62209f6f242c8f8b93461fa93aadbbaf07fab1152d806fba1b69f99aa1
GET /ad_track.js HTTP/1.1
Host: ads.exoclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youx.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 221
Content-Type: application/javascript
Accept-Ranges: bytes
Server: nginx
etag: W/"3ac21caf363100082c3f8c53986"
Cache-Control: max-age=10800
X-HW: 1664885332.dop018.sk1.t,1664885332.cds001.sk1.shn,1664885332.dop018.sk1.t,1664885332.cds026.sk1.c
Access-Control-Allow-Origin: *, *
knockoutantipathy.com/watch.1160116522337.js?key=83d9449bc701849a55e93dbae67eaa31&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=141d3c164898b702ad9bd429af387527765ed523a706d81b0fc146594aae54699c7838fa37b4044f9746c530f6b15563ad2ebc5325eeb048f93efd8b3408a02146fbc7629f6901718fe1df70f61d5b703b1935ec&pst=1664885392&rmtc=t
200 OK 2.0 kB URL HTTP/1.1 knockoutantipathy.com/watch.1160116522337.js?key=83d9449bc701849a55e93dbae67eaa31&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=141d3c164898b702ad9bd429af387527765ed523a706d81b0fc146594aae54699c7838fa37b4044f9746c530f6b15563ad2ebc5325eeb048f93efd8b3408a02146fbc7629f6901718fe1df70f61d5b703b1935ec&pst=1664885392&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2463)
Hash 61384d387a407d69f1639b8867cfbbb2
b1efed2aa92ba034ed2e1988e2ecb9817f8fe2d9
6c23b75de9c93b552340f9054acee6b979bb90c548f8d655f341232af2ae3099
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1160116522337.js?key=83d9449bc701849a55e93dbae67eaa31&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=141d3c164898b702ad9bd429af387527765ed523a706d81b0fc146594aae54699c7838fa37b4044f9746c530f6b15563ad2ebc5325eeb048f93efd8b3408a02146fbc7629f6901718fe1df70f61d5b703b1935ec&pst=1664885392&rmtc=t HTTP/1.1
Host: knockoutantipathy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kajase.blogspot.com
Referer: https://kajase.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17249034; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI0OTAzNCwiayI6IjgzZDk0NDliYzcwMTg0OWE1NWU5M2RiYWU2N2VhYTMxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODU4Nzk4LCJwaWQiOjc1MjE1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ0aTNoejJyNiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9rYWphc2UuYmxvZ3Nwb3QuY29tLyJ9fQ.fsTcbxgdc4qwTVLeKk6WbPuk2G-arPQ1GQljzYmtUzo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kajase.blogspot.com
Access-Control-Allow-Origin: https://kajase.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=19ea2262-bef8-4cb4-b401-2a29443b692f:3:1; expires=Tue, 11 Oct 2022 12:08:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
uncs=1; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
pdhtkv27=true; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
uncs27=1; expires=Wed, 05 Oct 2022 12:08:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ef69126fd037371c23b59060e4593ae8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ads.exoclick.com/ad99uip8i.php
200 OK 50 B URL HTTP/1.1 ads.exoclick.com/ad99uip8i.php
IP
File type ASCII text, with no line terminators
Hash 06d4faa411b83f9b0a030cf2b68ec904
ec633929782d2f0224a127a303023506262226ca
d4d18940a5b8abeaf48fd08e6d97a5990ef5ea98070dbca9577585fada3ef826
GET /ad99uip8i.php HTTP/1.1
Host: ads.exoclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youx.xxx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 12:08:52 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 50
Content-Type: text/html; charset=UTF-8
Accept-Ranges: bytes
Server: nginx
Cache-Control: max-age=10800
X-HW: 1664885332.dop231.sk1.t,1664885332.cds214.sk1.shn,1664885332.dop231.sk1.t,1664885332.cds262.sk1.c
Access-Control-Allow-Origin: *, *
sandwichesinstinctive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST4gcxReuDsPvB3pRCQHBwyAoCmG2e%2F6PEcTNurK4ZmMSUUSQ%2Bjezlanuaqq6p2f3tBiQHOcgiJ56v9nNogZRPBu0NyASUHZuK7giiEc9CMGj9GRx9EHxvu997%2FC99%2Bq93fSE%2BEjp8cqrZltpTZdaNb%2F6zJtBcKG6rqJ0XB132%2B%2B0mxeqdvRcr13zn62%2BLPnQLNX9wPcDP6iuKiv7ZrxUilDx7V5Q6%2Fm1Zr0WtJoY2%2F9yl3pw1IMYnZDHoMSsctc7C8ULROHnK9INExOffylMNU2MxUgcvB4NI5NFCBewbz30o4PTbhh3tHoHJtqf24UZ%2FdPI1Ix4394Biw5OTYKN9uY%2BmYaMwMTDyEYFpC6gaAFubkCJIwJwgUsbiMJbl4zN6NYDlZbqjFTu%2FwmVzUjlp7OIws%2BWtRpXrxqdJspEDuN%2BDjUuoAYF4vQQyfYZqOwQPHkXSnxPlu6vIwr3Npw2UCKfz65UAdUvoOUE1HlIy6c8pH0PaewhFMdVHgRBxxec%2Bt0e5w3Rkawt%2FIB2%2BgEN%2FHYXKS%2FtTZDEE3A9Abc7iO0OhmoCm34Nt5nDCQ8umRHvtR2MRI5MEmSOIKMEmSLIEoJslO8L7eouvyW0S1lwmuunuZFPTTLYpfsmGciI7MYn5NFyL97%2FG%2BcwlMdV1mx1623Z6Mug1eOtBmv6rV6HBo2gRbt%2BqwGncih3Zj7qtpqRJ97%2BHXF5q6d%2BAKOHcPoQXD0Cmgag2bRT90E3p82uj%2B3oyyG9Tp2sMW0GLjZJjZsQwuSIkwqSLW9Xn5DH52c6f%2FFXSH6PnAa4zRHbHNfVXYKBvjm9YjKyd8VkjnyxEScqVNu0POHVhCbyf5%2B8IrcyY8Xaipt8%2FCIvhRLeviZdsk4joaKBI58uKyGkXTWWS%2FLVmntDssup21xObZTG65cvrq6FsZXOKRMVoOpo4y9wNSOVn3%2Bc%2F81zb%2F0BZQvYNEeYLpwqU4DHO3DxouYMgdULzuIKsjSf2jpbFLUi0HLBKcvh%2FsXZAu%2B6mxjYOmhyA1GYY2RzjHQOqidw6UPTJLb3XvjuwzI%2BAtOVKdO2sse01e%2BXq%2F1tRp7%2B5oMS%2FfJg004dVxu%2B6DDZlx0mm61mX3LBWi3m8z5nDdHtciRuxp9%2F8trfAAAA%2F%2F8BAAD%2F%2Fwe6rbN1BAAA
200 OK 7 B URL HTTP/1.1 sandwichesinstinctive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST4gcxReuDsPvB3pRCQHBwyAoCmG2e%2F6PEcTNurK4ZmMSUUSQ%2Bjezlanuaqq6p2f3tBiQHOcgiJ56v9nNogZRPBu0NyASUHZuK7giiEc9CMGj9GRx9EHxvu997%2FC99%2Bq93fSE%2BEjp8cqrZltpTZdaNb%2F6zJtBcKG6rqJ0XB132%2B%2B0mxeqdvRcr13zn62%2BLPnQLNX9wPcDP6iuKiv7ZrxUilDx7V5Q6%2Fm1Zr0WtJoY2%2F9yl3pw1IMYnZDHoMSsctc7C8ULROHnK9INExOffylMNU2MxUgcvB4NI5NFCBewbz30o4PTbhh3tHoHJtqf24UZ%2FdPI1Ix4394Biw5OTYKN9uY%2BmYaMwMTDyEYFpC6gaAFubkCJIwJwgUsbiMJbl4zN6NYDlZbqjFTu%2FwmVzUjlp7OIws%2BWtRpXrxqdJspEDuN%2BDjUuoAYF4vQQyfYZqOwQPHkXSnxPlu6vIwr3Npw2UCKfz65UAdUvoOUE1HlIy6c8pH0PaewhFMdVHgRBxxec%2Bt0e5w3Rkawt%2FIB2%2BgEN%2FHYXKS%2FtTZDEE3A9Abc7iO0OhmoCm34Nt5nDCQ8umRHvtR2MRI5MEmSOIKMEmSLIEoJslO8L7eouvyW0S1lwmuunuZFPTTLYpfsmGciI7MYn5NFyL97%2FG%2BcwlMdV1mx1623Z6Mug1eOtBmv6rV6HBo2gRbt%2BqwGncih3Zj7qtpqRJ97%2BHXF5q6d%2BAKOHcPoQXD0Cmgag2bRT90E3p82uj%2B3oyyG9Tp2sMW0GLjZJjZsQwuSIkwqSLW9Xn5DH52c6f%2FFXSH6PnAa4zRHbHNfVXYKBvjm9YjKyd8VkjnyxEScqVNu0POHVhCbyf5%2B8IrcyY8Xaipt8%2FCIvhRLeviZdsk4joaKBI58uKyGkXTWWS%2FLVmntDssup21xObZTG65cvrq6FsZXOKRMVoOpo4y9wNSOVn3%2Bc%2F81zb%2F0BZQvYNEeYLpwqU4DHO3DxouYMgdULzuIKsjSf2jpbFLUi0HLBKcvh%2FsXZAu%2B6mxjYOmhyA1GYY2RzjHQOqidw6UPTJLb3XvjuwzI%2BAtOVKdO2sse01e%2BXq%2F1tRp7%2B5oMS%2FfJg004dVxu%2B6DDZlx0mm61mX3LBWi3m8z5nDdHtciRuxp9%2F8trfAAAA%2F%2F8BAAD%2F%2Fwe6rbN1BAAA
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST4gcxReuDsPvB3pRCQHBwyAoCmG2e%2F6PEcTNurK4ZmMSUUSQ%2Bjezlanuaqq6p2f3tBiQHOcgiJ56v9nNogZRPBu0NyASUHZuK7giiEc9CMGj9GRx9EHxvu997%2FC99%2Bq93fSE%2BEjp8cqrZltpTZdaNb%2F6zJtBcKG6rqJ0XB132%2B%2B0mxeqdvRcr13zn62%2BLPnQLNX9wPcDP6iuKiv7ZrxUilDx7V5Q6%2Fm1Zr0WtJoY2%2F9yl3pw1IMYnZDHoMSsctc7C8ULROHnK9INExOffylMNU2MxUgcvB4NI5NFCBewbz30o4PTbhh3tHoHJtqf24UZ%2FdPI1Ix4394Biw5OTYKN9uY%2BmYaMwMTDyEYFpC6gaAFubkCJIwJwgUsbiMJbl4zN6NYDlZbqjFTu%2FwmVzUjlp7OIws%2BWtRpXrxqdJspEDuN%2BDjUuoAYF4vQQyfYZqOwQPHkXSnxPlu6vIwr3Npw2UCKfz65UAdUvoOUE1HlIy6c8pH0PaewhFMdVHgRBxxec%2Bt0e5w3Rkawt%2FIB2%2BgEN%2FHYXKS%2FtTZDEE3A9Abc7iO0OhmoCm34Nt5nDCQ8umRHvtR2MRI5MEmSOIKMEmSLIEoJslO8L7eouvyW0S1lwmuunuZFPTTLYpfsmGciI7MYn5NFyL97%2FG%2BcwlMdV1mx1623Z6Mug1eOtBmv6rV6HBo2gRbt%2BqwGncih3Zj7qtpqRJ97%2BHXF5q6d%2BAKOHcPoQXD0Cmgag2bRT90E3p82uj%2B3oyyG9Tp2sMW0GLjZJjZsQwuSIkwqSLW9Xn5DH52c6f%2FFXSH6PnAa4zRHbHNfVXYKBvjm9YjKyd8VkjnyxEScqVNu0POHVhCbyf5%2B8IrcyY8Xaipt8%2FCIvhRLeviZdsk4joaKBI58uKyGkXTWWS%2FLVmntDssup21xObZTG65cvrq6FsZXOKRMVoOpo4y9wNSOVn3%2Bc%2F81zb%2F0BZQvYNEeYLpwqU4DHO3DxouYMgdULzuIKsjSf2jpbFLUi0HLBKcvh%2FsXZAu%2B6mxjYOmhyA1GYY2RzjHQOqidw6UPTJLb3XvjuwzI%2BAtOVKdO2sse01e%2BXq%2F1tRp7%2B5oMS%2FfJg004dVxu%2B6DDZlx0mm61mX3LBWi3m8z5nDdHtciRuxp9%2F8trfAAAA%2F%2F8BAAD%2F%2Fwe6rbN1BAAA HTTP/1.1
Host: sandwichesinstinctive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Cookie: u_pl=17249046; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 502c18649c54ed784536e2678144e291
Strict-Transport-Security: max-age=0; includeSubdomains
sandwichesinstinctive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRReuzj%2F8gl5UQkDwMAiKQpjt7pnpmTGCuFlXFtdsTCKKCFJdVTNbmequpqp7enZPiwHJcQ6C6Kn3m90sahDFs0F7AyIBZee2giuCeBIvQvAoPS6OPuh%2B73vfO3zvffXubnZCXGT0eOUVvS2Vokvthlt%2F%2Bg3Pu1Bfl3E2ro%2B7wdtB60LdjJ7tBQ33mfpLgg31ku96ruu5Xn1VGtHX46WKhExu97xGz220%2FIbXbmFs%2Fott5sBSB3x0Qh6F5LPaXecsJCsRR5%2BtCDtMdXL%2BxShTNNUGI37wWjyMdR4jWpR946AfH5xOQ9uj1TvQ8f5cLvTon8FQzojzzR2E8cGpSISjvbnOUEHECPlDyEclhCohaQmmb0DyIwIwjksbiKNbl7TJ6dbfLK3YGand%2FwMyn5Haj2cRR58uKzmuX9UqS6WOLcb9AnJcQg5KJNkh0u0zkPkhWPoOJP%2BOLN1fRxztbVilIXkx313KErJfQokJqHWQVZ90kPUdZImDiB%2FXmed5HZcz6nZ7jDV5R4QBdz3a6XvUc4MuMlbJmyBNJmBqAmZ2kJgdDOUEJvsKdrOA5Q5sOiPOqzsY8QK5IMgtQU4JckmQpwT5qNjnyvq2uMWVzULvNPunuVlMdTrYpfs6HYiY7CYn5JHqLs4DzXMYiuN62Gp3%2FUA0%2B8Jr91i7Gbbcdq9DvabXpl233YSVBaQ9M191W87I42%2F9jqTy6snvEdJDWHUIJh8GzTzQfNrxXdDNaavrYjv%2BYkivUysaodIDm%2Bi0wXQErgskaQ3plrOrTshjc5vOX%2FwZgt0jpwFmCiSmwHV5l2Cgbk6v6JzsXdG5JZ9vJKmM5DatLLya0lT8%2F%2BOXxVauDV9bsZOPXmAVUZW3rwmbrtOYy3hgySfLknNhVrVhgny5Zl8X4eXMbi5nJs6S9csXV9eixAhrpY5LUHm08SeYnJHaTz%2FM3%2Ba5N3%2BDNCVMViDKFkqlLsGSHdhk0bOawKgFDpP%2FIc%2BKqfHDRVNJAiUWmIYF7L9wuKh37U0MjA%2Ba3kAcFRiZAiNVgKoJbPbgNE3Mvee%2F%2FaCKDxGq2jRUprYXKqPeq07764w89fX78yNXv19g5XG902y6NOi1vU6Hik7Y8rv9wOOU%2Bq3ADwLaRGpn7Lknrv0FAAD%2F%2FwEAAP%2F%2FHmB1ZXUEAAA%3D
200 OK 7 B URL HTTP/1.1 sandwichesinstinctive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRReuzj%2F8gl5UQkDwMAiKQpjt7pnpmTGCuFlXFtdsTCKKCFJdVTNbmequpqp7enZPiwHJcQ6C6Kn3m90sahDFs0F7AyIBZee2giuCeBIvQvAoPS6OPuh%2B73vfO3zvffXubnZCXGT0eOUVvS2Vokvthlt%2F%2Bg3Pu1Bfl3E2ro%2B7wdtB60LdjJ7tBQ33mfpLgg31ku96ruu5Xn1VGtHX46WKhExu97xGz220%2FIbXbmFs%2Fott5sBSB3x0Qh6F5LPaXecsJCsRR5%2BtCDtMdXL%2BxShTNNUGI37wWjyMdR4jWpR946AfH5xOQ9uj1TvQ8f5cLvTon8FQzojzzR2E8cGpSISjvbnOUEHECPlDyEclhCohaQmmb0DyIwIwjksbiKNbl7TJ6dbfLK3YGand%2FwMyn5Haj2cRR58uKzmuX9UqS6WOLcb9AnJcQg5KJNkh0u0zkPkhWPoOJP%2BOLN1fRxztbVilIXkx313KErJfQokJqHWQVZ90kPUdZImDiB%2FXmed5HZcz6nZ7jDV5R4QBdz3a6XvUc4MuMlbJmyBNJmBqAmZ2kJgdDOUEJvsKdrOA5Q5sOiPOqzsY8QK5IMgtQU4JckmQpwT5qNjnyvq2uMWVzULvNPunuVlMdTrYpfs6HYiY7CYn5JHqLs4DzXMYiuN62Gp3%2FUA0%2B8Jr91i7Gbbcdq9DvabXpl233YSVBaQ9M191W87I42%2F9jqTy6snvEdJDWHUIJh8GzTzQfNrxXdDNaavrYjv%2BYkivUysaodIDm%2Bi0wXQErgskaQ3plrOrTshjc5vOX%2FwZgt0jpwFmCiSmwHV5l2Cgbk6v6JzsXdG5JZ9vJKmM5DatLLya0lT8%2F%2BOXxVauDV9bsZOPXmAVUZW3rwmbrtOYy3hgySfLknNhVrVhgny5Zl8X4eXMbi5nJs6S9csXV9eixAhrpY5LUHm08SeYnJHaTz%2FM3%2Ba5N3%2BDNCVMViDKFkqlLsGSHdhk0bOawKgFDpP%2FIc%2BKqfHDRVNJAiUWmIYF7L9wuKh37U0MjA%2Ba3kAcFRiZAiNVgKoJbPbgNE3Mvee%2F%2FaCKDxGq2jRUprYXKqPeq07764w89fX78yNXv19g5XG902y6NOi1vU6Hik7Y8rv9wOOU%2Bq3ADwLaRGpn7Lknrv0FAAD%2F%2FwEAAP%2F%2FHmB1ZXUEAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRReuzj%2F8gl5UQkDwMAiKQpjt7pnpmTGCuFlXFtdsTCKKCFJdVTNbmequpqp7enZPiwHJcQ6C6Kn3m90sahDFs0F7AyIBZee2giuCeBIvQvAoPS6OPuh%2B73vfO3zvffXubnZCXGT0eOUVvS2Vokvthlt%2F%2Bg3Pu1Bfl3E2ro%2B7wdtB60LdjJ7tBQ33mfpLgg31ku96ruu5Xn1VGtHX46WKhExu97xGz220%2FIbXbmFs%2Fott5sBSB3x0Qh6F5LPaXecsJCsRR5%2BtCDtMdXL%2BxShTNNUGI37wWjyMdR4jWpR946AfH5xOQ9uj1TvQ8f5cLvTon8FQzojzzR2E8cGpSISjvbnOUEHECPlDyEclhCohaQmmb0DyIwIwjksbiKNbl7TJ6dbfLK3YGand%2FwMyn5Haj2cRR58uKzmuX9UqS6WOLcb9AnJcQg5KJNkh0u0zkPkhWPoOJP%2BOLN1fRxztbVilIXkx313KErJfQokJqHWQVZ90kPUdZImDiB%2FXmed5HZcz6nZ7jDV5R4QBdz3a6XvUc4MuMlbJmyBNJmBqAmZ2kJgdDOUEJvsKdrOA5Q5sOiPOqzsY8QK5IMgtQU4JckmQpwT5qNjnyvq2uMWVzULvNPunuVlMdTrYpfs6HYiY7CYn5JHqLs4DzXMYiuN62Gp3%2FUA0%2B8Jr91i7Gbbcdq9DvabXpl233YSVBaQ9M191W87I42%2F9jqTy6snvEdJDWHUIJh8GzTzQfNrxXdDNaavrYjv%2BYkivUysaodIDm%2Bi0wXQErgskaQ3plrOrTshjc5vOX%2FwZgt0jpwFmCiSmwHV5l2Cgbk6v6JzsXdG5JZ9vJKmM5DatLLya0lT8%2F%2BOXxVauDV9bsZOPXmAVUZW3rwmbrtOYy3hgySfLknNhVrVhgny5Zl8X4eXMbi5nJs6S9csXV9eixAhrpY5LUHm08SeYnJHaTz%2FM3%2Ba5N3%2BDNCVMViDKFkqlLsGSHdhk0bOawKgFDpP%2FIc%2BKqfHDRVNJAiUWmIYF7L9wuKh37U0MjA%2Ba3kAcFRiZAiNVgKoJbPbgNE3Mvee%2F%2FaCKDxGq2jRUprYXKqPeq07764w89fX78yNXv19g5XG902y6NOi1vU6Hik7Y8rv9wOOU%2Bq3ADwLaRGpn7Lknrv0FAAD%2F%2FwEAAP%2F%2FHmB1ZXUEAAA%3D HTTP/1.1
Host: sandwichesinstinctive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Cookie: u_pl=17249046; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:52 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d17d253ab94542acccfaeb65e4c1ea9f
Strict-Transport-Security: max-age=0; includeSubdomains
sandwichesinstinctive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRReuDsP%2Fg15UQkDwMAiKQpjt7pnpmTGCuFlXFtdsTCKKCFJdVTNbmequpqp7enZPiwHJcQ6C6Kn3m90sahDFs0F7AyIBZee2giuCeNSDEDxKTxZHHxTv%2B973Dt97r97bzU6Ii4wer7yqt6VSdKndcOvPvOl5F%2BrrMs7G9XE3eCdoXaib0XO9oOE%2BW39ZsKFe8l3PdT3Xq69KI%2Fp6vFSJkMntntfouY2W3%2FDaLYzNf7nNHFjqgI9OyGOQfFa765yFZCXi6PMVYYepTs6%2FFGWKptpgxA9ej4exzmNEC9g3DvrxwWk3tD1avQMd78%2FtQo%2F%2BaQzljDjf3kEYH5yaRDjam%2FsMFUSMkD%2BMfFRCqBKSlmD6BiQ%2FIgDjuLSBOLp1SZucbj1QaaXOSO3%2Bn5D5jNR%2BOos4%2BmxZyXH9qlZZKnVsMe4XkOMSclAiyQ6Rbp%2BBzA%2FB0nch%2Bfdk6f464mhvwyoNyYv57FKWkP0SSkxArYOsetJB1neQJQ4iflxnnud1XM6o2%2B0x1uQdEQbc9Win71HPDbrIWGVvgjSZgKkJmNlBYnYwlBOY7GvYzQKWO7DpjDiv7WDEC%2BSCILcEOSXIJUGeEuSjYp8r69viFlc2C73T7J%2FmZjHV6WCX7ut0IGKym5yQR6u9OP9vnsNQHNfDVrvrB6LZF167x9rNsOW2ex3qNb027brtJqwsIO2Z%2BajbckaeePt3JNWtnvoBIT2EVYdg8hHQzAPNpx3fBd2ctroutuMvh%2FQ6taIRKj2wiU4bTEfgukCS1pBuObvqhDw%2BP9P5i79CsHvkNMBMgcQUuC7vEgzUzekVnZO9Kzq35IuNJJWR3KbVCa%2BmNBX%2F%2B%2BQVsZVrw9dW7OTjF1klVPD2NWHTdRpzGQ8s%2BXRZci7MqjZMkK%2FW7BsivJzZzeXMxFmyfvni6lqUGGGt1HEJKo82%2FgKTM1L7%2Bcf53zz31h%2BQpoTJCkTZwqnUJViyA5ssalYTGLXgYVJDnhVT44eLopIESiw4DQvYf%2FFwgXftTQyMD5reQBwVGJkCI1WAqgls9tA0Tcy9F777sIqPEKraNFSmthcqo96vVvvbjDz9zQcV%2BuXBpq08rneaTZcGvbbX6VDRCVt%2Btx94nFK%2FFfhBQJtI7Yw9%2F%2BS1vwEAAP%2F%2FAQAA%2F%2F%2BHbnhbdQQAAA%3D%3D
200 OK 7 B URL HTTP/1.1 sandwichesinstinctive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRReuDsP%2Fg15UQkDwMAiKQpjt7pnpmTGCuFlXFtdsTCKKCFJdVTNbmequpqp7enZPiwHJcQ6C6Kn3m90sahDFs0F7AyIBZee2giuCeNSDEDxKTxZHHxTv%2B973Dt97r97bzU6Ii4wer7yqt6VSdKndcOvPvOl5F%2BrrMs7G9XE3eCdoXaib0XO9oOE%2BW39ZsKFe8l3PdT3Xq69KI%2Fp6vFSJkMntntfouY2W3%2FDaLYzNf7nNHFjqgI9OyGOQfFa765yFZCXi6PMVYYepTs6%2FFGWKptpgxA9ej4exzmNEC9g3DvrxwWk3tD1avQMd78%2FtQo%2F%2BaQzljDjf3kEYH5yaRDjam%2FsMFUSMkD%2BMfFRCqBKSlmD6BiQ%2FIgDjuLSBOLp1SZucbj1QaaXOSO3%2Bn5D5jNR%2BOos4%2BmxZyXH9qlZZKnVsMe4XkOMSclAiyQ6Rbp%2BBzA%2FB0nch%2Bfdk6f464mhvwyoNyYv57FKWkP0SSkxArYOsetJB1neQJQ4iflxnnud1XM6o2%2B0x1uQdEQbc9Win71HPDbrIWGVvgjSZgKkJmNlBYnYwlBOY7GvYzQKWO7DpjDiv7WDEC%2BSCILcEOSXIJUGeEuSjYp8r69viFlc2C73T7J%2FmZjHV6WCX7ut0IGKym5yQR6u9OP9vnsNQHNfDVrvrB6LZF167x9rNsOW2ex3qNb027brtJqwsIO2Z%2BajbckaeePt3JNWtnvoBIT2EVYdg8hHQzAPNpx3fBd2ctroutuMvh%2FQ6taIRKj2wiU4bTEfgukCS1pBuObvqhDw%2BP9P5i79CsHvkNMBMgcQUuC7vEgzUzekVnZO9Kzq35IuNJJWR3KbVCa%2BmNBX%2F%2B%2BQVsZVrw9dW7OTjF1klVPD2NWHTdRpzGQ8s%2BXRZci7MqjZMkK%2FW7BsivJzZzeXMxFmyfvni6lqUGGGt1HEJKo82%2FgKTM1L7%2Bcf53zz31h%2BQpoTJCkTZwqnUJViyA5ssalYTGLXgYVJDnhVT44eLopIESiw4DQvYf%2FFwgXftTQyMD5reQBwVGJkCI1WAqgls9tA0Tcy9F777sIqPEKraNFSmthcqo96vVvvbjDz9zQcV%2BuXBpq08rneaTZcGvbbX6VDRCVt%2Btx94nFK%2FFfhBQJtI7Yw9%2F%2BS1vwEAAP%2F%2FAQAA%2F%2F%2BHbnhbdQQAAA%3D%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRReuDsP%2Fg15UQkDwMAiKQpjt7pnpmTGCuFlXFtdsTCKKCFJdVTNbmequpqp7enZPiwHJcQ6C6Kn3m90sahDFs0F7AyIBZee2giuCeNSDEDxKTxZHHxTv%2B973Dt97r97bzU6Ii4wer7yqt6VSdKndcOvPvOl5F%2BrrMs7G9XE3eCdoXaib0XO9oOE%2BW39ZsKFe8l3PdT3Xq69KI%2Fp6vFSJkMntntfouY2W3%2FDaLYzNf7nNHFjqgI9OyGOQfFa765yFZCXi6PMVYYepTs6%2FFGWKptpgxA9ej4exzmNEC9g3DvrxwWk3tD1avQMd78%2FtQo%2F%2BaQzljDjf3kEYH5yaRDjam%2FsMFUSMkD%2BMfFRCqBKSlmD6BiQ%2FIgDjuLSBOLp1SZucbj1QaaXOSO3%2Bn5D5jNR%2BOos4%2BmxZyXH9qlZZKnVsMe4XkOMSclAiyQ6Rbp%2BBzA%2FB0nch%2Bfdk6f464mhvwyoNyYv57FKWkP0SSkxArYOsetJB1neQJQ4iflxnnud1XM6o2%2B0x1uQdEQbc9Win71HPDbrIWGVvgjSZgKkJmNlBYnYwlBOY7GvYzQKWO7DpjDiv7WDEC%2BSCILcEOSXIJUGeEuSjYp8r69viFlc2C73T7J%2FmZjHV6WCX7ut0IGKym5yQR6u9OP9vnsNQHNfDVrvrB6LZF167x9rNsOW2ex3qNb027brtJqwsIO2Z%2BajbckaeePt3JNWtnvoBIT2EVYdg8hHQzAPNpx3fBd2ctroutuMvh%2FQ6taIRKj2wiU4bTEfgukCS1pBuObvqhDw%2BP9P5i79CsHvkNMBMgcQUuC7vEgzUzekVnZO9Kzq35IuNJJWR3KbVCa%2BmNBX%2F%2B%2BQVsZVrw9dW7OTjF1klVPD2NWHTdRpzGQ8s%2BXRZci7MqjZMkK%2FW7BsivJzZzeXMxFmyfvni6lqUGGGt1HEJKo82%2FgKTM1L7%2Bcf53zz31h%2BQpoTJCkTZwqnUJViyA5ssalYTGLXgYVJDnhVT44eLopIESiw4DQvYf%2FFwgXftTQyMD5reQBwVGJkCI1WAqgls9tA0Tcy9F777sIqPEKraNFSmthcqo96vVvvbjDz9zQcV%2BuXBpq08rneaTZcGvbbX6VDRCVt%2Btx94nFK%2FFfhBQJtI7Yw9%2F%2BS1vwEAAP%2F%2FAQAA%2F%2F%2BHbnhbdQQAAA%3D%3D HTTP/1.1
Host: sandwichesinstinctive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Cookie: u_pl=17249046; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 27dcff1b8b3c5b8ba17110f6aef1cbd0
Strict-Transport-Security: max-age=0; includeSubdomains
sandwichesinstinctive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXkYFvfizCIKHQVAUlkl3z0zPjCuI2RgJxs26P%2BhBkOqqmkntVHc1Vd3Tk5yCC7LHQQTRU%2BebZIO6iOLZRTsLIgtK5paDAUE8ehEWDx6kx%2BDog%2B73fe97h%2B%2B9V%2B%2FvZifERUaPV97Q21IputRuuPXn3%2Fa88%2FV1GWfj%2BrgbvBu0ztfN6MVe0HBfqL8m2FAv%2Ba7nup7r1VelEX09XqpEyOR2z2v03EbLb3jtFsbm%2F9xmDix1wEcn5HFIPqvddc5CshJx9OWKsMNUJ%2BdejTJFU20w4gfX4mGs8xjRAvaNg358cNoNbY9W70DH%2B3O70KN%2FG0M5I873dxDGB6cmEY725j5DBREj5I8gH5UQqoSkJZi%2BAcmPCMA4Lm4gjm5d1CanW%2F%2BotFJnpHb%2FD8h8Rmo%2Fn0UcfbGs5Lh%2BRasslTq2GPcLyHEJOSiRZIdIt89A5odg6XuQ%2FEeydH8dcbS3YZWG5MV8dilLyH4JJSag1kFWfdJB1neQJQ4iflxnnud1XM6o2%2B0x1uQdEQbc9Win71HPDbrIWGVvgjSZgKkJmNlBYnYwlBOY7FvYzQKWO7DpjDhv7mDEC%2BSCILcEOSXIJUGeEuSjYp8r69viFlc2C73T7J%2FmZjHV6WCX7ut0IGKym5yQx6q9OA81n8RQHNfDVrvrB6LZF167x9rNsOW2ex3qNb027brtJqwsIO2Z%2Bajbckaefud3JNWtnv0JIT2EVYdg8lHQzAPNpx3fBd2ctroutuOvh%2FQ6taIRKj2wiU4bTEfgukCS1pBuObvqhDw1P9Nz330Ewe6R0wAzBRJT4Lq8SzBQN6eXdU72Luvckq82klRGcptWJ7yS0lQ8%2BNnrYivXhq%2Bt2Mmnr7BKqODtq8Km6zTmMh5Y8vmy5FyYVW2YIN%2Bs2bdEeCmzm8uZibNk%2FdKF1bUoMcJaqeMSVB5t%2FAkmZ%2BSBvz6Yv80nrm1AmhImKxBlC6dSl2DJDmyyqFlNYNSCh8kZ5FkxNX64KCpJoMSC07CA%2FQ8PF3jX3sTA%2BKDpDcRRgZEpMFIFqJrAZg9P08Tce%2FmHj6v4BKGqTUNlanuhMurDGTl34bf5fiv0S%2FX7FVYe1zvNpkuDXtvrdKjohC2%2F2w88TqnfCvwgoE2kdsZeeubq3wAAAP%2F%2FAQAA%2F%2F9rxc%2FSdQQAAA%3D%3D
200 OK 7 B URL HTTP/1.1 sandwichesinstinctive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXkYFvfizCIKHQVAUlkl3z0zPjCuI2RgJxs26P%2BhBkOqqmkntVHc1Vd3Tk5yCC7LHQQTRU%2BebZIO6iOLZRTsLIgtK5paDAUE8ehEWDx6kx%2BDog%2B73fe97h%2B%2B9V%2B%2FvZifERUaPV97Q21IputRuuPXn3%2Fa88%2FV1GWfj%2BrgbvBu0ztfN6MVe0HBfqL8m2FAv%2Ba7nup7r1VelEX09XqpEyOR2z2v03EbLb3jtFsbm%2F9xmDix1wEcn5HFIPqvddc5CshJx9OWKsMNUJ%2BdejTJFU20w4gfX4mGs8xjRAvaNg358cNoNbY9W70DH%2B3O70KN%2FG0M5I873dxDGB6cmEY725j5DBREj5I8gH5UQqoSkJZi%2BAcmPCMA4Lm4gjm5d1CanW%2F%2BotFJnpHb%2FD8h8Rmo%2Fn0UcfbGs5Lh%2BRasslTq2GPcLyHEJOSiRZIdIt89A5odg6XuQ%2FEeydH8dcbS3YZWG5MV8dilLyH4JJSag1kFWfdJB1neQJQ4iflxnnud1XM6o2%2B0x1uQdEQbc9Win71HPDbrIWGVvgjSZgKkJmNlBYnYwlBOY7FvYzQKWO7DpjDhv7mDEC%2BSCILcEOSXIJUGeEuSjYp8r69viFlc2C73T7J%2FmZjHV6WCX7ut0IGKym5yQx6q9OA81n8RQHNfDVrvrB6LZF167x9rNsOW2ex3qNb027brtJqwsIO2Z%2Bajbckaefud3JNWtnv0JIT2EVYdg8lHQzAPNpx3fBd2ctroutuOvh%2FQ6taIRKj2wiU4bTEfgukCS1pBuObvqhDw1P9Nz330Ewe6R0wAzBRJT4Lq8SzBQN6eXdU72Luvckq82klRGcptWJ7yS0lQ8%2BNnrYivXhq%2Bt2Mmnr7BKqODtq8Km6zTmMh5Y8vmy5FyYVW2YIN%2Bs2bdEeCmzm8uZibNk%2FdKF1bUoMcJaqeMSVB5t%2FAkmZ%2BSBvz6Yv80nrm1AmhImKxBlC6dSl2DJDmyyqFlNYNSCh8kZ5FkxNX64KCpJoMSC07CA%2FQ8PF3jX3sTA%2BKDpDcRRgZEpMFIFqJrAZg9P08Tce%2FmHj6v4BKGqTUNlanuhMurDGTl34bf5fiv0S%2FX7FVYe1zvNpkuDXtvrdKjohC2%2F2w88TqnfCvwgoE2kdsZeeubq3wAAAP%2F%2FAQAA%2F%2F9rxc%2FSdQQAAA%3D%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXkYFvfizCIKHQVAUlkl3z0zPjCuI2RgJxs26P%2BhBkOqqmkntVHc1Vd3Tk5yCC7LHQQTRU%2BebZIO6iOLZRTsLIgtK5paDAUE8ehEWDx6kx%2BDog%2B73fe97h%2B%2B9V%2B%2FvZifERUaPV97Q21IputRuuPXn3%2Fa88%2FV1GWfj%2BrgbvBu0ztfN6MVe0HBfqL8m2FAv%2Ba7nup7r1VelEX09XqpEyOR2z2v03EbLb3jtFsbm%2F9xmDix1wEcn5HFIPqvddc5CshJx9OWKsMNUJ%2BdejTJFU20w4gfX4mGs8xjRAvaNg358cNoNbY9W70DH%2B3O70KN%2FG0M5I873dxDGB6cmEY725j5DBREj5I8gH5UQqoSkJZi%2BAcmPCMA4Lm4gjm5d1CanW%2F%2BotFJnpHb%2FD8h8Rmo%2Fn0UcfbGs5Lh%2BRasslTq2GPcLyHEJOSiRZIdIt89A5odg6XuQ%2FEeydH8dcbS3YZWG5MV8dilLyH4JJSag1kFWfdJB1neQJQ4iflxnnud1XM6o2%2B0x1uQdEQbc9Win71HPDbrIWGVvgjSZgKkJmNlBYnYwlBOY7FvYzQKWO7DpjDhv7mDEC%2BSCILcEOSXIJUGeEuSjYp8r69viFlc2C73T7J%2FmZjHV6WCX7ut0IGKym5yQx6q9OA81n8RQHNfDVrvrB6LZF167x9rNsOW2ex3qNb027brtJqwsIO2Z%2Bajbckaefud3JNWtnv0JIT2EVYdg8lHQzAPNpx3fBd2ctroutuOvh%2FQ6taIRKj2wiU4bTEfgukCS1pBuObvqhDw1P9Nz330Ewe6R0wAzBRJT4Lq8SzBQN6eXdU72Luvckq82klRGcptWJ7yS0lQ8%2BNnrYivXhq%2Bt2Mmnr7BKqODtq8Km6zTmMh5Y8vmy5FyYVW2YIN%2Bs2bdEeCmzm8uZibNk%2FdKF1bUoMcJaqeMSVB5t%2FAkmZ%2BSBvz6Yv80nrm1AmhImKxBlC6dSl2DJDmyyqFlNYNSCh8kZ5FkxNX64KCpJoMSC07CA%2FQ8PF3jX3sTA%2BKDpDcRRgZEpMFIFqJrAZg9P08Tce%2FmHj6v4BKGqTUNlanuhMurDGTl34bf5fiv0S%2FX7FVYe1zvNpkuDXtvrdKjohC2%2F2w88TqnfCvwgoE2kdsZeeubq3wAAAP%2F%2FAQAA%2F%2F9rxc%2FSdQQAAA%3D%3D HTTP/1.1
Host: sandwichesinstinctive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Cookie: u_pl=17249046; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4a90cfebf00a4eaba1e77bc388168e43
Strict-Transport-Security: max-age=0; includeSubdomains
sandwichesinstinctive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSXWgcVRS%2BUxYFfVEpBcGHRVAUymZm%2F9cKYhojwdjUtqKIIPdvN7d7Z%2B5w78zOJk%2FBgvRxHwTRp8m3SYNaRPHZopOCSEHJvkUwIoiPggjFR5k1uHpg5nzf%2Bc7Dd8657%2B2mJ8RHSo9XXjXbSmu61Kr51WfeDIIL1XUVpePquNt%2Bp928ULWj53rtmv9s9WXJh2ap7ge%2BH%2FhBdVVZ2TfjpVKEim%2F3glrPrzXrtaDVxNj%2Bn7vUg6MexOiEPAYlZpW73lkoXiAKP1%2BRbpiY%2BPxLYappYixG4uD1aBiZLEK4gH3roR8dnHbDuKPVOzDR%2FtwuzOjfRqZmxPv2Dlh0cGoSbLQ398k0ZAQmHkY2KiB1AUULcHMDShwRgAtc2kAU3rpkbEa3%2FlFpqc5I5f6fUNmMVH46iyj8bFmrcfWq0WmiTOQw7udQ4wJqUCBOD5Fsn4HKDsGTd6HE92Tp%2FjqicG%2FDaQMl8vnsShVQ%2FQJaTkCdh7T8lIe07yGNPYTiuMqDIOj4glO%2F2%2BO8ITqStYUf0E4%2FoIHf7iLlpb0JkngCrifgdgex3cFQTWDTr%2BE2czjhwSUz4r22g5HIkUmCzBFklCBTBFlCkI3yfaFd3eW3hHYpC05z%2FTQ38qlJBrt03yQDGZHd%2BIQ8Wu7Fe7BxDkN5XGXNVrfelo2%2BDFo93mqwpt%2FqdWjQCFq067cacCqHcmfmo26rGXni7d8Rl7d66gcweginD8HVI6BpAJpNO3UfdHPa7PrYjr4c0uvUyRrTZuBik9S4CSFMjjipINnydvUJeXx%2BpvMXf4Pk98hpgNscsc1xXd0lGOib0ysmI3tXTObIFxtxokK1TcsTXk1oIh%2F45BW5lRkr1lbc5OMXeSmU8PY16ZJ1GgkVDRz5dFkJIe2qsVySr9bcG5JdTt3mcmqjNF6%2FfHF1LYytdE6ZqABVRxt%2FgasZqfz84%2FxtnnvrDyhbwKY5wnThVJkCPN6Bixc1ZwisXnAWe8jSfGrrbFHUikDLBacsh%2FsPZwu8625iYOugyQ1EYY6RzTHSOaiewKUPTZPY3nvhuw%2FL%2BAhMV6ZM28oe01a%2FP1%2FtjDz9zQcl%2BqX8%2FQqnjqsNX3SY7MsOk81Wsy%2B5YK0W83mfs4bodjkSN%2BPPP3ntbwAAAP%2F%2FAQAA%2F%2F%2FsLq7KdQQAAA%3D%3D
200 OK 7 B URL HTTP/1.1 sandwichesinstinctive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSXWgcVRS%2BUxYFfVEpBcGHRVAUymZm%2F9cKYhojwdjUtqKIIPdvN7d7Z%2B5w78zOJk%2FBgvRxHwTRp8m3SYNaRPHZopOCSEHJvkUwIoiPggjFR5k1uHpg5nzf%2Bc7Dd8657%2B2mJ8RHSo9XXjXbSmu61Kr51WfeDIIL1XUVpePquNt%2Bp928ULWj53rtmv9s9WXJh2ap7ge%2BH%2FhBdVVZ2TfjpVKEim%2F3glrPrzXrtaDVxNj%2Bn7vUg6MexOiEPAYlZpW73lkoXiAKP1%2BRbpiY%2BPxLYappYixG4uD1aBiZLEK4gH3roR8dnHbDuKPVOzDR%2FtwuzOjfRqZmxPv2Dlh0cGoSbLQ398k0ZAQmHkY2KiB1AUULcHMDShwRgAtc2kAU3rpkbEa3%2FlFpqc5I5f6fUNmMVH46iyj8bFmrcfWq0WmiTOQw7udQ4wJqUCBOD5Fsn4HKDsGTd6HE92Tp%2FjqicG%2FDaQMl8vnsShVQ%2FQJaTkCdh7T8lIe07yGNPYTiuMqDIOj4glO%2F2%2BO8ITqStYUf0E4%2FoIHf7iLlpb0JkngCrifgdgex3cFQTWDTr%2BE2czjhwSUz4r22g5HIkUmCzBFklCBTBFlCkI3yfaFd3eW3hHYpC05z%2FTQ38qlJBrt03yQDGZHd%2BIQ8Wu7Fe7BxDkN5XGXNVrfelo2%2BDFo93mqwpt%2FqdWjQCFq067cacCqHcmfmo26rGXni7d8Rl7d66gcweginD8HVI6BpAJpNO3UfdHPa7PrYjr4c0uvUyRrTZuBik9S4CSFMjjipINnydvUJeXx%2BpvMXf4Pk98hpgNscsc1xXd0lGOib0ysmI3tXTObIFxtxokK1TcsTXk1oIh%2F45BW5lRkr1lbc5OMXeSmU8PY16ZJ1GgkVDRz5dFkJIe2qsVySr9bcG5JdTt3mcmqjNF6%2FfHF1LYytdE6ZqABVRxt%2FgasZqfz84%2FxtnnvrDyhbwKY5wnThVJkCPN6Bixc1ZwisXnAWe8jSfGrrbFHUikDLBacsh%2FsPZwu8625iYOugyQ1EYY6RzTHSOaiewKUPTZPY3nvhuw%2FL%2BAhMV6ZM28oe01a%2FP1%2FtjDz9zQcl%2BqX8%2FQqnjqsNX3SY7MsOk81Wsy%2B5YK0W83mfs4bodjkSN%2BPPP3ntbwAAAP%2F%2FAQAA%2F%2F%2FsLq7KdQQAAA%3D%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSXWgcVRS%2BUxYFfVEpBcGHRVAUymZm%2F9cKYhojwdjUtqKIIPdvN7d7Z%2B5w78zOJk%2FBgvRxHwTRp8m3SYNaRPHZopOCSEHJvkUwIoiPggjFR5k1uHpg5nzf%2Bc7Dd8657%2B2mJ8RHSo9XXjXbSmu61Kr51WfeDIIL1XUVpePquNt%2Bp928ULWj53rtmv9s9WXJh2ap7ge%2BH%2FhBdVVZ2TfjpVKEim%2F3glrPrzXrtaDVxNj%2Bn7vUg6MexOiEPAYlZpW73lkoXiAKP1%2BRbpiY%2BPxLYappYixG4uD1aBiZLEK4gH3roR8dnHbDuKPVOzDR%2FtwuzOjfRqZmxPv2Dlh0cGoSbLQ398k0ZAQmHkY2KiB1AUULcHMDShwRgAtc2kAU3rpkbEa3%2FlFpqc5I5f6fUNmMVH46iyj8bFmrcfWq0WmiTOQw7udQ4wJqUCBOD5Fsn4HKDsGTd6HE92Tp%2FjqicG%2FDaQMl8vnsShVQ%2FQJaTkCdh7T8lIe07yGNPYTiuMqDIOj4glO%2F2%2BO8ITqStYUf0E4%2FoIHf7iLlpb0JkngCrifgdgex3cFQTWDTr%2BE2czjhwSUz4r22g5HIkUmCzBFklCBTBFlCkI3yfaFd3eW3hHYpC05z%2FTQ38qlJBrt03yQDGZHd%2BIQ8Wu7Fe7BxDkN5XGXNVrfelo2%2BDFo93mqwpt%2FqdWjQCFq067cacCqHcmfmo26rGXni7d8Rl7d66gcweginD8HVI6BpAJpNO3UfdHPa7PrYjr4c0uvUyRrTZuBik9S4CSFMjjipINnydvUJeXx%2BpvMXf4Pk98hpgNscsc1xXd0lGOib0ysmI3tXTObIFxtxokK1TcsTXk1oIh%2F45BW5lRkr1lbc5OMXeSmU8PY16ZJ1GgkVDRz5dFkJIe2qsVySr9bcG5JdTt3mcmqjNF6%2FfHF1LYytdE6ZqABVRxt%2FgasZqfz84%2FxtnnvrDyhbwKY5wnThVJkCPN6Bixc1ZwisXnAWe8jSfGrrbFHUikDLBacsh%2FsPZwu8625iYOugyQ1EYY6RzTHSOaiewKUPTZPY3nvhuw%2FL%2BAhMV6ZM28oe01a%2FP1%2FtjDz9zQcl%2BqX8%2FQqnjqsNX3SY7MsOk81Wsy%2B5YK0W83mfs4bodjkSN%2BPPP3ntbwAAAP%2F%2FAQAA%2F%2F%2FsLq7KdQQAAA%3D%3D HTTP/1.1
Host: sandwichesinstinctive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Cookie: u_pl=17249046; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 31c7fa9258baa750ee94531a21110062
Strict-Transport-Security: max-age=0; includeSubdomains
sandwichesinstinctive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSS2gkVRR9NbQKuvEzCIKLRlAUhk5V%2F9sRxEyMBONknA%2B6EOT9uvOmX9Ur3qvq6mQVHJBZNiKIriqnkwnqIIprB60MiAwo6V0WBgRx6UYYXLiQaoOtF6ruOffcxbn3vvd30xPiI6XHK2%2BYbaU1XWrV%2FOrzbwfB%2Beq6itJxddxtv9tunq%2Fa0Yu9ds1%2Fofqa5EOzVPcD3w%2F8oLqqrOyb8VIpQsW3e0Gt59ea9VrQamJs%2F89d6sFRD2J0Qh6HErPKXe8sFC8QhV%2BuSDdMTHzu1TDVNDEWI3FwLRpGJosQLmDfeuhHB6fdMO5o9Q5MtD%2B3CzP6t5GpGfG%2BvwMWHZyaBBvtzX0yDRmBiUeQjQpIXUDRAtzcgBJHBOACFzcQhbcuGpvRrX9UWqozUrn%2FB1Q2I5WfzyIKv1jWaly9YnSaKBM5jPs51LiAGhSI00Mk22egskPw5D0o8SNZur%2BOKNzbcNpAiXw%2Bu1IFVL%2BAlhNQ5yEtP%2BUh7XtIYw%2BhOK7yIAg6vuDU7%2FY4b4iOZG3hB7TTD2jgt7tIeWlvgiSegOsJuN1BbHcwVBPY9Fu4zRxOeHDJjHhv7mAkcmSSIHMEGSXIFEGWEGSjfF9oV3f5LaFdyoLTXD%2FNjXxqksEu3TfJQEZkNz4hj5V78R5qPImhPK6yZqtbb8tGXwatHm81WNNv9To0aAQt2vVbDTiVQ7kz81G31Yw8%2Fc7viMtbPfsTGD2E04fg6lHQNADNpp26D7o5bXZ9bEdfD%2Bl16mSNaTNwsUlq3IQQJkecVJBsebv6hDw1P9Nz330Eye%2BR0wC3OWKb47q6SzDQN6eXTUb2LpvMka824kSFapuWJ7yS0EQ%2B%2BNnrciszVqytuMmnr%2FBSKOHtq9Il6zQSKho48vmyEkLaVWO5JN%2Bsubcku5S6zeXURmm8funC6loYW%2BmcMlEBqo42%2FgRXM%2FLAXx%2FM3%2BYT1zagbAGb5gjThVNlCvB4By5e1JwhsHrBWXwGWZpPbZ0tiloRaLnglOVw%2F%2BFsgXfdTQxsHTS5gSjMMbI5RjoH1RO49OFpEtt7L%2F%2FwcRmfgOnKlGlb2WPa6g9n5NyF3%2Bb7LdEv5e9XOHVcbfiiw2Rfdphstpp9yQVrtZjP%2B5w1RLfLkbgZf%2BmZq38DAAD%2F%2FwEAAP%2F%2F6xEaOnUEAAA%3D
200 OK 7 B URL HTTP/1.1 sandwichesinstinctive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSS2gkVRR9NbQKuvEzCIKLRlAUhk5V%2F9sRxEyMBONknA%2B6EOT9uvOmX9Ur3qvq6mQVHJBZNiKIriqnkwnqIIprB60MiAwo6V0WBgRx6UYYXLiQaoOtF6ruOffcxbn3vvd30xPiI6XHK2%2BYbaU1XWrV%2FOrzbwfB%2Beq6itJxddxtv9tunq%2Fa0Yu9ds1%2Fofqa5EOzVPcD3w%2F8oLqqrOyb8VIpQsW3e0Gt59ea9VrQamJs%2F89d6sFRD2J0Qh6HErPKXe8sFC8QhV%2BuSDdMTHzu1TDVNDEWI3FwLRpGJosQLmDfeuhHB6fdMO5o9Q5MtD%2B3CzP6t5GpGfG%2BvwMWHZyaBBvtzX0yDRmBiUeQjQpIXUDRAtzcgBJHBOACFzcQhbcuGpvRrX9UWqozUrn%2FB1Q2I5WfzyIKv1jWaly9YnSaKBM5jPs51LiAGhSI00Mk22egskPw5D0o8SNZur%2BOKNzbcNpAiXw%2Bu1IFVL%2BAlhNQ5yEtP%2BUh7XtIYw%2BhOK7yIAg6vuDU7%2FY4b4iOZG3hB7TTD2jgt7tIeWlvgiSegOsJuN1BbHcwVBPY9Fu4zRxOeHDJjHhv7mAkcmSSIHMEGSXIFEGWEGSjfF9oV3f5LaFdyoLTXD%2FNjXxqksEu3TfJQEZkNz4hj5V78R5qPImhPK6yZqtbb8tGXwatHm81WNNv9To0aAQt2vVbDTiVQ7kz81G31Yw8%2Fc7viMtbPfsTGD2E04fg6lHQNADNpp26D7o5bXZ9bEdfD%2Bl16mSNaTNwsUlq3IQQJkecVJBsebv6hDw1P9Nz330Eye%2BR0wC3OWKb47q6SzDQN6eXTUb2LpvMka824kSFapuWJ7yS0EQ%2B%2BNnrciszVqytuMmnr%2FBSKOHtq9Il6zQSKho48vmyEkLaVWO5JN%2Bsubcku5S6zeXURmm8funC6loYW%2BmcMlEBqo42%2FgRXM%2FLAXx%2FM3%2BYT1zagbAGb5gjThVNlCvB4By5e1JwhsHrBWXwGWZpPbZ0tiloRaLnglOVw%2F%2BFsgXfdTQxsHTS5gSjMMbI5RjoH1RO49OFpEtt7L%2F%2FwcRmfgOnKlGlb2WPa6g9n5NyF3%2Bb7LdEv5e9XOHVcbfiiw2Rfdphstpp9yQVrtZjP%2B5w1RLfLkbgZf%2BmZq38DAAD%2F%2FwEAAP%2F%2F6xEaOnUEAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSS2gkVRR9NbQKuvEzCIKLRlAUhk5V%2F9sRxEyMBONknA%2B6EOT9uvOmX9Ur3qvq6mQVHJBZNiKIriqnkwnqIIprB60MiAwo6V0WBgRx6UYYXLiQaoOtF6ruOffcxbn3vvd30xPiI6XHK2%2BYbaU1XWrV%2FOrzbwfB%2Beq6itJxddxtv9tunq%2Fa0Yu9ds1%2Fofqa5EOzVPcD3w%2F8oLqqrOyb8VIpQsW3e0Gt59ea9VrQamJs%2F89d6sFRD2J0Qh6HErPKXe8sFC8QhV%2BuSDdMTHzu1TDVNDEWI3FwLRpGJosQLmDfeuhHB6fdMO5o9Q5MtD%2B3CzP6t5GpGfG%2BvwMWHZyaBBvtzX0yDRmBiUeQjQpIXUDRAtzcgBJHBOACFzcQhbcuGpvRrX9UWqozUrn%2FB1Q2I5WfzyIKv1jWaly9YnSaKBM5jPs51LiAGhSI00Mk22egskPw5D0o8SNZur%2BOKNzbcNpAiXw%2Bu1IFVL%2BAlhNQ5yEtP%2BUh7XtIYw%2BhOK7yIAg6vuDU7%2FY4b4iOZG3hB7TTD2jgt7tIeWlvgiSegOsJuN1BbHcwVBPY9Fu4zRxOeHDJjHhv7mAkcmSSIHMEGSXIFEGWEGSjfF9oV3f5LaFdyoLTXD%2FNjXxqksEu3TfJQEZkNz4hj5V78R5qPImhPK6yZqtbb8tGXwatHm81WNNv9To0aAQt2vVbDTiVQ7kz81G31Yw8%2Fc7viMtbPfsTGD2E04fg6lHQNADNpp26D7o5bXZ9bEdfD%2Bl16mSNaTNwsUlq3IQQJkecVJBsebv6hDw1P9Nz330Eye%2BR0wC3OWKb47q6SzDQN6eXTUb2LpvMka824kSFapuWJ7yS0EQ%2B%2BNnrciszVqytuMmnr%2FBSKOHtq9Il6zQSKho48vmyEkLaVWO5JN%2Bsubcku5S6zeXURmm8funC6loYW%2BmcMlEBqo42%2FgRXM%2FLAXx%2FM3%2BYT1zagbAGb5gjThVNlCvB4By5e1JwhsHrBWXwGWZpPbZ0tiloRaLnglOVw%2F%2BFsgXfdTQxsHTS5gSjMMbI5RjoH1RO49OFpEtt7L%2F%2FwcRmfgOnKlGlb2WPa6g9n5NyF3%2Bb7LdEv5e9XOHVcbfiiw2Rfdphstpp9yQVrtZjP%2B5w1RLfLkbgZf%2BmZq38DAAD%2F%2FwEAAP%2F%2F6xEaOnUEAAA%3D HTTP/1.1
Host: sandwichesinstinctive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Cookie: u_pl=17249046; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 12:08:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 45cd0dd072896efe3ac06efb726accb4
Strict-Transport-Security: max-age=0; includeSubdomains
precedentadministrator.com/watch.140537060457.js?key=d8fcb2d3f20008691f03775f642ee8c4&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 precedentadministrator.com/watch.140537060457.js?key=d8fcb2d3f20008691f03775f642ee8c4&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.140537060457.js?key=d8fcb2d3f20008691f03775f642ee8c4&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1 HTTP/1.1
Host: precedentadministrator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kajase.blogspot.com
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 12:08:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kajase.blogspot.com
Access-Control-Allow-Origin: https://kajase.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://precedentadministrator.com/watch.140537060457.js?key=d8fcb2d3f20008691f03775f642ee8c4&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=f5701936f4d95241d960d5aadb10cf9843aee6e5ce12298345dccbccf15eb1141c2d53729e9be45d00f0a2d96124599b3e7e0fba4d3317de1416af2e0ab1cd9e363a2cbce2980135b64ab21fbc5850a2dd120fcf5cf756161ca63f16986db960&pst=1664885393&rmtc=t
Set-Cookie: u_pl=17249028; expires=Wed, 05 Oct 2022 12:08:53 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI0OTAyOCwiayI6ImQ4ZmNiMmQzZjIwMDA4NjkxZjAzNzc1ZjY0MmVlOGM0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODU4Nzk4LCJwaWQiOjc1MjE1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI2LCJwdCI6NCwicGsiOiJqamNrNHdrejgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8va2FqYXNlLmJsb2dzcG90LmNvbS8ifX0.8fY7_GdsHStbsvZVPJUXbesEg-T_Wjs1vuKkRSueWhs; expires=Tue, 04 Oct 2022 12:09:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cb5b6d92a35251fac9975d65e54afca2
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 6.5 kB IP
ASN #20940 Akamai International B.V.
Hash 95c377b188abd33ce39dd6a126dea97b
573cd88e26813a0b176c7e85b717878406332a91
2194678bfbe1a1ab89615a3a67f08e872f0f9cd396608e167e989ee1ee8ac794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C377861EE40EA7B3AA43B03867F9ABB11746E9FE1CACD37039899A717EB4695"
Last-Modified: Tue, 04 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19420
Expires: Tue, 04 Oct 2022 17:32:33 GMT
Date: Tue, 04 Oct 2022 12:08:53 GMT
Connection: keep-alive
precedentadministrator.com/watch.140537060457.js?key=d8fcb2d3f20008691f03775f642ee8c4&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=f5701936f4d95241d960d5aadb10cf9843aee6e5ce12298345dccbccf15eb1141c2d53729e9be45d00f0a2d96124599b3e7e0fba4d3317de1416af2e0ab1cd9e363a2cbce2980135b64ab21fbc5850a2dd120fcf5cf756161ca63f16986db960&pst=1664885393&rmtc=t
200 OK 2.0 kB URL HTTP/1.1 precedentadministrator.com/watch.140537060457.js?key=d8fcb2d3f20008691f03775f642ee8c4&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=f5701936f4d95241d960d5aadb10cf9843aee6e5ce12298345dccbccf15eb1141c2d53729e9be45d00f0a2d96124599b3e7e0fba4d3317de1416af2e0ab1cd9e363a2cbce2980135b64ab21fbc5850a2dd120fcf5cf756161ca63f16986db960&pst=1664885393&rmtc=t
IP
File type HTML document, ASCII text, with very long lines (2498)
Hash d2d0bdb1acbe6133b23dc2b8ce609b5c
eacc10f2155f7aebeadd9e4f9f6d3b724376e7f8
d5b182fddfe3d7cbbb46fc099200984e401768b9f83ab80356cc2c9d2639e503
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.140537060457.js?key=d8fcb2d3f20008691f03775f642ee8c4&kw=%5B%22new%22%2C%22porn%22%2C%22video%22%2C%22hd%22%2C%22i%22%2C%22new%22%2C%22sex%22%2C%22video%22%2C%22hd%22%5D&refer=https%3A%2F%2Fkajase.blogspot.com%2F&tz=0&dev=r&res=12.31&uuid=19ea2262-bef8-4cb4-b401-2a29443b692f%3A3%3A1&shu=f5701936f4d95241d960d5aadb10cf9843aee6e5ce12298345dccbccf15eb1141c2d53729e9be45d00f0a2d96124599b3e7e0fba4d3317de1416af2e0ab1cd9e363a2cbce2980135b64ab21fbc5850a2dd120fcf5cf756161ca63f16986db960&pst=1664885393&rmtc=t HTTP/1.1
Host: precedentadministrator.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kajase.blogspot.com
Referer: https://kajase.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17249028; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI0OTAyOCwiayI6ImQ4ZmNiMmQzZjIwMDA4NjkxZjAzNzc1ZjY0MmVlOGM0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODU4Nzk4LCJwaWQiOjc1MjE1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjI2LCJwdCI6NCwicGsiOiJqamNrNHdrejgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8va2FqYXNlLmJsb2dzcG90LmNvbS8ifX0.8fY7_GdsHStbsvZVPJUXbesEg-T_Wjs1vuKkRSueWhs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 12:08:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kajase.blogspot.com
Access-Control-Allow-Origin: https://kajase.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=19ea2262-bef8-4cb4-b401-2a29443b692f:3:1; expires=Tue, 11 Oct 2022 12:08:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 05 Oct 2022 12:08:53 GMT; secure; SameSite=None
uncs=1; expires=Wed, 05 Oct 2022 12:08:53 GMT; secure; SameSite=None
pdhtkv26=true; expires=Wed, 05 Oct 2022 12:08:53 GMT; secure; SameSite=None
uncs26=1; expires=Wed, 05 Oct 2022 12:08:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 60650b17fbbb98a93c28343d634fc1dc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.youx.xxx/videos/embed/178108
200 OK 1.5 kB URL HTTP/2 www.youx.xxx/videos/embed/178108
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1691)
Hash be2904fdcb8a4d2c94451cc7313a5cd3
c056234692d592ccf0fa91e034ee44b526baa60f
edfa7f765dace7e4900cc61f59eb8a6778974961d745643e2e9e38e27aa789de
GET /videos/embed/178108 HTTP/1.1
Host: www.youx.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=f2aed9d96c5312590871bec691a75129; path=/; domain=.youx.xxx; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lU1Ta3RCNakwXJJOM6t51ihdWbRlbsx7GSLSxvybYbKqJMf6tTwDAs4DXWBVhx%2BLWINJ9i5SvaUNKF9JFAh4mi%2BJQILFHMLQNcvbwMmpXTonshKzJkupOqYRgOpyBHs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dce2a49cb8895-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/99/35/d4/9935d4c8e01b802a5ca2501050ec07df/1663166290.png
200 OK 18 kB URL HTTP/2 cdn.cloudimagesb.com/cti/99/35/d4/9935d4c8e01b802a5ca2501050ec07df/1663166290.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 032097920221f2f3dfd1d90330c150af
38d7e2e3cc6487b8693c05718c9e3f5c69c8cbd1
335c9ff6bc0e02aa39aa3fea96e3eefa7977cb4fa841b7ae97093224253cb5f3
GET /cti/99/35/d4/9935d4c8e01b802a5ca2501050ec07df/1663166290.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:53 GMT
content-type: image/png
content-length: 18018
server: nginx/1.17.6
last-modified: Wed, 14 Sep 2022 14:38:18 GMT
etag: "6321e75a-4662"
expires: Thu, 06 Oct 2022 12:08:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/22/f1/a7/22f1a70770bba024f23893a45c6f27e3/1663166142.png
200 OK 30 kB URL HTTP/2 cdn.cloudimagesb.com/cti/22/f1/a7/22f1a70770bba024f23893a45c6f27e3/1663166142.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 160 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash bf5dfdf7b7860d47fce49e5a02fb62b9
0ca0237d75af56cc1e0252bb18afa7d6b2fa8c86
a880eec3a53b95c83e8eb547b0fa3e41c6b401e57fbdff1f44c756ec9c2a04b5
GET /cti/22/f1/a7/22f1a70770bba024f23893a45c6f27e3/1663166142.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:53 GMT
content-type: image/png
content-length: 30337
server: nginx/1.17.6
last-modified: Wed, 14 Sep 2022 14:35:50 GMT
etag: "6321e6c6-7681"
expires: Thu, 06 Oct 2022 12:08:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/c2/32/b3/c232b3e4524deb01952d81710da81554/1658915602.png
200 OK 112 kB URL HTTP/2 cdn.cloudimagesb.com/cti/c2/32/b3/c232b3e4524deb01952d81710da81554/1658915602.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size 112 kB (112168 bytes)
Hash c45241b13549342de998e8518b0430f8
4520fd975fc212eb0e8d67981697b04787280f6a
12d50ef4939929d2f45254e0a404bda1f11fb2509599a9a7cb5e601e9c8f66b6
GET /cti/c2/32/b3/c232b3e4524deb01952d81710da81554/1658915602.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:53 GMT
content-type: image/png
content-length: 112168
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 09:53:30 GMT
etag: "62e10b1a-1b628"
expires: Thu, 06 Oct 2022 12:08:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/52/52/3c/52523c9de74744c0aa2cb8785f7fc942/1663153145.png
200 OK 32 kB URL HTTP/2 cdn.cloudimagesb.com/cti/52/52/3c/52523c9de74744c0aa2cb8785f7fc942/1663153145.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 320 x 50, 8-bit/color RGB, non-interlaced\012- data
Hash a4f80de72ecb0dfef867e137d0ea23da
48b6a5df87d3c7e97c2235e5a7c09159d38a6d34
2c0469e6e885043f042c36b7f05935f25ec816f35d679d85ef3038a551cc1356
GET /cti/52/52/3c/52523c9de74744c0aa2cb8785f7fc942/1663153145.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:53 GMT
content-type: image/png
content-length: 31460
server: nginx/1.17.6
last-modified: Wed, 14 Sep 2022 10:59:12 GMT
etag: "6321b400-7ae4"
expires: Thu, 06 Oct 2022 12:08:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4bd610954d1cad0675c2010a63e9c018
bd7e8708e02d74c5d7534a48221c9314530917f6
3b51bf349c5fc0841b5ee253093aa1dfabb8271f84bbb0eee07836dec331c1cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B51BF349C5FC0841B5EE253093AA1DFABB8271F84BBB0EEE07836DEC331C1CD"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6945
Expires: Tue, 04 Oct 2022 14:04:39 GMT
Date: Tue, 04 Oct 2022 12:08:54 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=19ea2262-bef8-4cb4-b401-2a29443b692f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=62c7a3e77b1b7b82bf319a886a611821&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=19ea2262-bef8-4cb4-b401-2a29443b692f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=62c7a3e77b1b7b82bf319a886a611821&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=19ea2262-bef8-4cb4-b401-2a29443b692f&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=62c7a3e77b1b7b82bf319a886a611821&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=12 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 04 Oct 2022 12:08:54 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2835b047adbf7c2843cf7658b5cf786e
Strict-Transport-Security: max-age=0; includeSubdomains
www.pornalin.com/embed/17961
200 OK 0 B URL HTTP/2 www.pornalin.com/embed/17961
IP
GET /embed/17961 HTTP/1.1
Host: www.pornalin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=vp7aoh00c4dnsfoc3cffld0j9purmd6f; path=/; domain=.pornalin.com; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlRWEojja5c9oA7yLLBTT2oKvjinve4V5FK8fxtA82J0ysltSNp9eyvv7nBgvJJGM7kjQvHV3Qixo%2FVgj3%2BrG01zGEeN0QrIzcPr18HSTn1ibAcBe0CyfGknIM4APPHJuH%2Fc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dce2a4d81769d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xxxdessert.com/tube/player/kt_player.js?v=5.4.0
200 OK 0 B URL HTTP/2 xxxdessert.com/tube/player/kt_player.js?v=5.4.0
IP
GET /tube/player/kt_player.js?v=5.4.0 HTTP/1.1
Host: xxxdessert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxdessert.com/tube/embed/144416
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:51 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=164382
etag: W/"60e6f2d1-2821e"
last-modified: Thu, 08 Jul 2021 12:42:57 GMT
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SndKvtPw6HiPjCSTHCwyKEU1n0pV%2FPu%2F5jmFnT0DrTOAyu0Ob%2BKz6XJXoGrk0HK%2BLXRTvwIrHJXhMDMdn6acDjGDJ3bk2AcNIpx3NvOQlUCM%2FJC2xKWBBe8k6lmpGkrVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dce2b6a2f7306-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png
200 OK 0 B URL HTTP/2 cdn.cloudimagesb.com/cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png
IP
ASN #39572 DataWeb Global Group B.V.
GET /cti/bb/16/b7/bb16b71b76fc43a6abd135721b32a822/1658915518.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:52 GMT
content-type: image/png
content-length: 145012
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 09:52:06 GMT
etag: "62e10ac6-23674"
expires: Thu, 06 Oct 2022 12:08:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/46/10/bb/4610bb0e416463bcb8c0f2734436c856/1663334658.png
200 OK 0 B URL HTTP/2 cdn.cloudimagesb.com/cti/46/10/bb/4610bb0e416463bcb8c0f2734436c856/1663334658.png
IP
ASN #39572 DataWeb Global Group B.V.
GET /cti/46/10/bb/4610bb0e416463bcb8c0f2734436c856/1663334658.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:53 GMT
content-type: image/png
content-length: 52855
server: nginx/1.17.6
last-modified: Fri, 16 Sep 2022 13:24:26 GMT
etag: "6324790a-ce77"
expires: Thu, 06 Oct 2022 12:08:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.youx.xxx/videos/embed/178136
200 OK 0 B URL HTTP/2 www.youx.xxx/videos/embed/178136
IP
GET /videos/embed/178136 HTTP/1.1
Host: www.youx.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=fe140a022d13f1d2c743744d696853a1; path=/; domain=.youx.xxx; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbeGLOChRc%2B26B58tQ%2FqKHouPR4Rnu3NAt3%2Bhi9b3ErczRGcnPqd2QF%2FAvu8YWauO7vHcy4Y13F9qpq7WWpxFhG0%2FxQVMOLwOiZWkzkMGWAhm7vkv%2FnuVql%2Ff60aMPs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dce2a6a0e8895-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xxxdessert.com/tube/embed/144252
200 OK 0 B URL HTTP/2 xxxdessert.com/tube/embed/144252
IP
GET /tube/embed/144252 HTTP/1.1
Host: xxxdessert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=0uppnkoit92faq2booihki7c8fb1hofp; path=/; domain=.xxxdessert.com; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwglGOeLE%2Ft3BLCAdgLadZvDLDy59sHxwOy08bv344Ic328dJiavW9UPCtsfm%2B96f1U%2BPLbbjbIMMViCl1%2B%2FTgMHabNKEr7PbeHS%2F2I8lCYqF5cJPniOTKLNya9WRQ5syQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dce2a589b7306-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.pornalin.com/player/kt_player.js?v=5.4.0
200 OK 0 B URL HTTP/2 www.pornalin.com/player/kt_player.js?v=5.4.0
IP
GET /player/kt_player.js?v=5.4.0 HTTP/1.1
Host: www.pornalin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pornalin.com/embed/17966
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:51 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=164382
etag: W/"61083bec-2821e"
last-modified: Mon, 02 Aug 2021 18:39:40 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4909
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BWZF0G7%2Fca1drv7rlSdAB7iw34XSsxWUojzF90asCR6Q5G1qkRN1NNYPCUlpY21%2FwTXKIxg7bALXGtMu6soxXemfDa62ttOvRneIp8vazcowTUYUbpQn86K3E1lbG1KPP0s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dce2c79b6769d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:52 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 94bd9ddd1c51302c07fbdecd1056158f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 04 Oct 2022 12:08:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49cgBaEParOQMY6hjaE4psicwCYUmYPwa1iaTvdrzC%2BK8L%2B7YqKn%2F1dROrKZM6oWCoOT782KLo%2Ffhjdb07VIQ7ZhM9NQOePvSTxxQIN2uyjrU0fTZKXisoYMkTRrSbCprPTGTgE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754dce30a95a06c1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youx.xxx/videos/embed/178220
200 OK 0 B URL HTTP/2 www.youx.xxx/videos/embed/178220
IP
GET /videos/embed/178220 HTTP/1.1
Host: www.youx.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=859ff9de91ef23daf906d62094e45f41; path=/; domain=.youx.xxx; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUIlzqrSYKsIPwGeKB2ZTmVTToOASdG86dx%2F8Usruu1bShGi9FECsWzwvO4vLTTrEyMZ8Oz5vks%2FZfdMeqZUwA1jZInPnL5jQFAX0lPs3hBiK5%2BidSv2cHPglHEHoLA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dce2a49c08895-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youx.xxx/videos/embed/178103
200 OK 0 B URL HTTP/2 www.youx.xxx/videos/embed/178103
IP
GET /videos/embed/178103 HTTP/1.1
Host: www.youx.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=890f72864a43b5618c3fac0e27646884; path=/; domain=.youx.xxx; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUwBpP40jpJ%2FaxatqdfmuORwVHrKsf0LPt1dhKLl8Hb7ZrRRZmgLhDjEC3nrVDcDTl3HzCiQdB39zr9abe5A%2BrWJrG%2FqOu%2FwakJ6aLkr2DQX9Nk9R59tJSuGECtdn9o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dce2a59e08895-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youx.xxx/videos/embed/178669
200 OK 0 B URL HTTP/2 www.youx.xxx/videos/embed/178669
IP
GET /videos/embed/178669 HTTP/1.1
Host: www.youx.xxx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kajase.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 12:08:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=27b217ba62dbf0548100ef91a20401e3; path=/; domain=.youx.xxx; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BFhqlzYTRzZWl8WNvzV1iVYoi2jV3c%2BE8JbYq8B65aiFDb9Pt%2BVmConwt8Wrwuttcm6XkNWZ10E0XhmtYl8M3ESOS1bH%2Bu5vONG%2F5LGL5HNXNj7xEgQUIg9tvL%2FXlI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dce2a49cc8895-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
142.250.74.161
185.73.223.1
104.21.235.74
23.36.76.226
52.29.95.124