porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
301 Moved Permanently 134 B URL HTTP/1.1 porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Fri, 07 Oct 2022 09:54:27 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://porn-adventures.com:443/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1273d41c84b2b39f78a8033130d00282
556757697b70e019ed502585fcc888e2403f3229
ee3c03cc0a659fbc43d34feaa79a8ad6627b9c525d675956cdb434c1590db89e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9202
Expires: Fri, 07 Oct 2022 12:27:49 GMT
Date: Fri, 07 Oct 2022 09:54:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tGabcarJkyFHUNn6PORNytLzefIvFrKCxtIuGo0V5zZkUi2B3ik4Gg==
Age: 151629
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5081
Expires: Fri, 07 Oct 2022 11:19:08 GMT
Date: Fri, 07 Oct 2022 09:54:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Hend4VkHosCLE3baD/FzezZ6TbZ/ABSxTBSIqznG3zc2e/QgAi4ldT43E0gCKH9X7h9r+d8fcjs=
x-amz-request-id: 4Z5369MW7G8Z77JZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 08:59:06 GMT
age: 3321
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 09:54:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 37e1768f064de2eba63e393433c5ef78
45884e2fbce7c7f09a481413cc4ef6645a567b1d
61a63213a71cabfd9eab9c2cbc657c4ca728372c4578cebe70d5001a997fe675
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 07 Oct 2022 09:54:27 GMT
Server: ECS (dcb/7EED)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Fifdp5MtSkuAuqBMMjizMIRf98mmNmwdqdYu4YOtnYa3EtV6p_4zFw==
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Fri, 07 Oct 2022 09:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 07 Oct 2022 10:05:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GLQvzhWf3rLGvJqOm5dey0Dh3BZn5FpUbpMCsxmEmXs8febpdaF_aw==
Age: 1486
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:54:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:54:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
200 OK 8.6 kB URL HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP
File type ASCII text, with very long lines (25088)
Hash 73069e532b7039778d3a7128c997c61a
c523bbf1ac7f4e612c8ade75434c42fbca885adc
b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 20:25:09 GMT
expires: Sat, 30 Sep 2023 20:25:09 GMT
cache-control: public, max-age=31536000
age: 566959
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
200 OK 10 kB URL HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP
File type ASCII text, with very long lines (35547)
Hash fa9987a23f5a9d865766e952511baa30
f2e620b99ee61a01671ba6a9e22ca75d58a1b52d
655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:29:50 GMT
expires: Tue, 03 Oct 2023 18:29:50 GMT
cache-control: public, max-age=31536000
age: 314678
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d6c404502c7987174a84d8f0a3efab23
fc3a3f6d63acab3f659fb3536b65fd8564ec8628
94b5693df873bd923ffbf31f576fff01d2628e5796af4c6b91306a743e27d19b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3891
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:54:28 GMT
Last-Modified: Fri, 07 Oct 2022 08:49:37 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:54:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
porn-adventures.com/smljackpotpurple/assets/images/logo-s8af.png
200 OK 15 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/logo-s8af.png
IP
File type PNG image data, 755 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash 531066ad49aede5b3dc1ec89fb1be952
87c79b74b86b9d6fee0060ae40b0cb2c037d0757
4ad29fd05be1209e88c0526e7679c008b3b655744bef8f1c73d9c7355d83685e
GET /smljackpotpurple/assets/images/logo-s8af.png HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: image/png
content-length: 15373
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:23 GMT
etag: "62aaf1db-3c0d"
expires: Sun, 06 Nov 2022 09:54:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/icons/sound-on-s8af.png
200 OK 5.1 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/icons/sound-on-s8af.png
IP
File type PNG image data, 110 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash abcfae4e12bd5b39f67af82fb1006e9e
1c0e8c7b910e749ca5e35ae4e09dddf1402802e7
2d1ec0bcfc06ec9046a7ed1bfb5a0399d48a4d9beaaa287f7a4c5e70e6954b03
GET /smljackpotpurple/assets/images/icons/sound-on-s8af.png HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: image/png
content-length: 5097
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:32 GMT
etag: "62aaf1e4-13e9"
expires: Sun, 06 Nov 2022 09:54:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/icons/sound-off-s8af.png
200 OK 12 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/icons/sound-off-s8af.png
IP
File type PNG image data, 110 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash a7f2c88cbdb10310f424f5fe1b11f14e
b7740b10817ec42a835df62ff89483ae78af0b6e
b745981776c9a0a926faa0f3fcd204257093efcca7738be3d8d5154f4a75d6cd
GET /smljackpotpurple/assets/images/icons/sound-off-s8af.png HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: image/png
content-length: 11883
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:32 GMT
etag: "62aaf1e4-2e6b"
expires: Sun, 06 Nov 2022 09:54:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 953ec0625660791d90145e9e2f909544
e57b7dcd4ef4de140ec388a6becc5f0273163e45
7388ce8da6f21e4fe60bbddef8b68a44b91966df4ef0862c7ebe7dd6482bdee5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140243
Date: Fri, 07 Oct 2022 09:54:28 GMT
Etag: "633f60ee-1d7"
Expires: Sun, 09 Oct 2022 00:51:51 GMT
Last-Modified: Thu, 06 Oct 2022 23:12:46 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1mnhu8R4dGBEGIQGgXem5sJBQ0lZ2XXkLiDBib3ai30R-qvhApdDlA==
Age: 5945
porn-adventures.com/smljackpotpurple/assets/scripts/url-params.js
200 OK 597 B URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/scripts/url-params.js
IP
Hash ce4ac1e78737679df2100868f66b020b
6d359535ccca076fee1b86c32cd79cedf8093b6c
bb891acc564034d109a509e4ddf0dfb8a73dbb6615b7e68333afa54bf8a49988
GET /smljackpotpurple/assets/scripts/url-params.js HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: application/javascript
content-length: 597
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:28 GMT
etag: "62aaf1e0-255"
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/scripts/backoffer.js
200 OK 430 B URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/scripts/backoffer.js
IP
File type ASCII text, with very long lines (430), with no line terminators
Hash 6d5aa83d23ce0b9f72d3b87d000d8fae
034fb8768eb58ffc0b5849e2c162989741a6cbec
89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800
GET /smljackpotpurple/assets/scripts/backoffer.js HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: application/javascript
content-length: 430
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:25 GMT
etag: "62aaf1dd-1ae"
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/items/1-mob-s8af.jpg
200 OK 22 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/items/1-mob-s8af.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 313x200, components 3\012- data
Hash a933ae0a9dfb4c00864bf88f3ee969d9
9332c1fbc7700e7167dfc61cb01a9d665945fe1c
23384fb3c00228852f856f77545526c9b88fa8589ed46bc2d6c1d2da99b1a2b8
GET /smljackpotpurple/assets/images/items/1-mob-s8af.jpg HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: image/jpeg
content-length: 22188
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:32 GMT
etag: "62aaf1e4-56ac"
expires: Sun, 06 Nov 2022 09:54:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: c+EVAB/GvEStr46o3JdziA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tMLZ8DlsJv7NbB9rloZjx9OAc6I=
porn-adventures.com/smljackpotpurple/assets/images/items/2-mob-s8af.jpg
200 OK 22 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/items/2-mob-s8af.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 315x201, components 3\012- data
Hash dabbcc02bdcc7dc3d0cc44fce8429d8e
572069654e46cd9af0062a385e8381b4a3529e18
ef66374aa8934fbd598d00a3e2d9ea31d797716926f755e69f40141c7131d88a
GET /smljackpotpurple/assets/images/items/2-mob-s8af.jpg HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: image/jpeg
content-length: 21628
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:33 GMT
etag: "62aaf1e5-547c"
expires: Sun, 06 Nov 2022 09:54:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/items/5-s8af.jpg
200 OK 30 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/items/5-s8af.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 501x308, components 3\012- data
Hash beba00fc1be95cc998ae1df559467ec4
d9b27310ff959d51b3988089a31fbcd04c470c49
287300e8438eb015dc6ae624d18186e60142515f2d9122f4dfa81d282bac7d7a
GET /smljackpotpurple/assets/images/items/5-s8af.jpg HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: image/jpeg
content-length: 29579
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:35 GMT
etag: "62aaf1e7-738b"
expires: Sun, 06 Nov 2022 09:54:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/items/3-mob-s8af.jpg
200 OK 19 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/items/3-mob-s8af.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 315x201, components 3\012- data
Hash 897f47ae2a8a1c970090b0e54165ebe1
01dbd6cf3c7253f84d119a730b01b7d8d8933fbc
6108f2d057fffdf1702ca20999ddb54369c471072c9658bc48ae3282f286ddf1
GET /smljackpotpurple/assets/images/items/3-mob-s8af.jpg HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: image/jpeg
content-length: 19325
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:34 GMT
etag: "62aaf1e6-4b7d"
expires: Sun, 06 Nov 2022 09:54:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/items/1-s8af.jpg
200 OK 75 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/items/1-s8af.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x365, components 3\012- data
Hash bb1e70a4c74414fdae67e9750b77d6d2
2214f137c761c448a15137f79105425d0abc6e94
209e681a2a9e0332fcb1df980a814221bf571c77a9d075f5b74abc588c79c5f7
GET /smljackpotpurple/assets/images/items/1-s8af.jpg HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: image/jpeg
content-length: 75038
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:33 GMT
etag: "62aaf1e5-1251e"
expires: Sun, 06 Nov 2022 09:54:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/items/2-s8af.jpg
200 OK 64 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/items/2-s8af.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 746x364, components 3\012- data
Hash 87dd2050196f393d174847a108a8ca44
0244b0bdae5538f5e67d3e9ba25b8799cf0bd05a
f8531ec37146857f288097740afa695e9ad932bf3043b3c331dc3fbcf5064849
GET /smljackpotpurple/assets/images/items/2-s8af.jpg HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: image/jpeg
content-length: 64230
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:34 GMT
etag: "62aaf1e6-fae6"
expires: Sun, 06 Nov 2022 09:54:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/items/4-s8af.jpg
200 OK 60 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/items/4-s8af.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x375, components 3\012- data
Hash bcc468f5628ec81b5ffa64b35ced7960
f2d885a7684fcfc6d781599c0c335252cfae3ce3
25a16e8297f8fd5f92e71bd1985335727120484e95b14ff57fa1599b017b4a65
GET /smljackpotpurple/assets/images/items/4-s8af.jpg HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: image/jpeg
content-length: 59924
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:35 GMT
etag: "62aaf1e7-ea14"
expires: Sun, 06 Nov 2022 09:54:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/items/3-s8af.jpg
200 OK 52 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/items/3-s8af.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 748x371, components 3\012- data
Hash ea9184447132f7a7ca130b6cdd884aa7
1650311c7d15c231f7343d89f962d952e4e1d159
01670e2c0e055d4a52d7369d0be4ac477abc7763e5dfb33cfcb97f69f7503aff
GET /smljackpotpurple/assets/images/items/3-s8af.jpg HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: image/jpeg
content-length: 51890
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:34 GMT
etag: "62aaf1e6-cab2"
expires: Sun, 06 Nov 2022 09:54:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/images/icons/check-on-s8af.png
200 OK 1.1 kB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/images/icons/check-on-s8af.png
IP
File type PNG image data, 41 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e3efa3af1fed66b2ed62a85d50b053b
01dcb31d7cc9a6a2944bbb02730b702fe50f6610
119ad81304823e8196464d766c36d7263788d44eb7d0f974ccae8f4827a833c8
GET /smljackpotpurple/assets/images/icons/check-on-s8af.png HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/assets/styles/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: image/png
content-length: 1064
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:32 GMT
etag: "62aaf1e4-428"
expires: Sun, 06 Nov 2022 09:54:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 915fec0e40b41281d384abb97f54824e
d06897bd47c134b073693cc094c5d893df4d961e
5c96842a9725c309e64b17789589eef27f272c9685fa7b638e3b1d3b6bb37e43
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 07 Oct 2022 09:54:28 GMT
Last-Modified: Fri, 07 Oct 2022 09:13:32 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GQih8cAhPF8EOqycPGMfgCWqJ-QWra1G4DAaK64IhvhWq46CXmTcOA==
Age: 2456
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 456e38809cab2df41e195ca2e7272dc1
d94dfdec46acda5c4d7e9aa8fca253696bc25f3d
779428da4622fa7922b89d5320d97533ac2a9df5bd21c096ac4644eb31795799
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 07 Oct 2022 09:54:29 GMT
Last-Modified: Fri, 07 Oct 2022 08:22:32 GMT
Server: ECS (dcb/7F37)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ph-WIt1XTA-Pn-L2VkPvLtB6lbAb6IIcEMfeu0l9B-LQtE9N37xs9Q==
Age: 5517
porn-adventures.com/smljackpotpurple/assets/audio/music.mp3
206 Partial Content 4.7 MB URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/audio/music.mp3
IP
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, Stereo\012- data
Size 4.7 MB (4738447 bytes)
Hash f0f3fede74d179210e780d0329635af5
9f795cb6cd0e468a10fd25b76533d2a3156607ae
6c9c084d95b2cbd4b6e6bbf23abd348a63e723f3062abc98b155051c63d4b889
GET /smljackpotpurple/assets/audio/music.mp3 HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: audio/mpeg
content-length: 4738447
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:24 GMT
etag: "62aaf1dc-484d8f"
content-range: bytes 0-4738446/4738447
X-Firefox-Spdy: h2
porn-adventures.com/favicon.ico
404 Not Found 162 B URL HTTP/2 porn-adventures.com/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
GET /favicon.ico HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: text/html
content-length: 162
server: nginx
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3455
Expires: Fri, 07 Oct 2022 10:52:04 GMT
Date: Fri, 07 Oct 2022 09:54:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3455
Expires: Fri, 07 Oct 2022 10:52:04 GMT
Date: Fri, 07 Oct 2022 09:54:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3455
Expires: Fri, 07 Oct 2022 10:52:04 GMT
Date: Fri, 07 Oct 2022 09:54:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3455
Expires: Fri, 07 Oct 2022 10:52:04 GMT
Date: Fri, 07 Oct 2022 09:54:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: a9tOPCySPRdXpvJf239ycM7_3PJS7GcITvM52Sxic_FwYr_-n2XQHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
age: 43811
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f216d30-b6e9-4471-9b6f-86095d60e4b7.jpeg
200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f216d30-b6e9-4471-9b6f-86095d60e4b7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b10a2c23d975a25e56610bef9644086f
8a67a3f5b1b3a4cf8009e7ed005d3a35fba26710
175ee7cf5908324bce2b244ee9e4a1c93139bb6813fb61d4423509161f4b8961
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f216d30-b6e9-4471-9b6f-86095d60e4b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4396
x-amzn-requestid: 0dd4fb48-52fd-4a26-b40b-0f6b263bffa4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmi-dGSpoAMF87Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b8f-75df75ca36fbf230397bdcb2;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:41:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: oq9kqcwMBmUPgTcNwGBSl6rC0ljOHXh5hfpNDL-J3HfVwA5duzaMSg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:01:47 GMT
etag: "8a67a3f5b1b3a4cf8009e7ed005d3a35fba26710"
content-type: image/jpeg
age: 42762
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F622cb832-8fef-4fe9-9445-c157aaf29d57.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F622cb832-8fef-4fe9-9445-c157aaf29d57.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a3a09d5d16b53ee4490d882ed48c0075
ce9546b225787f1c765be9bbef42f585c83a10d3
ac27484dba78ee6657f5aa791999d4958ccdfba8e67a011f4ab4034fa235a26f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F622cb832-8fef-4fe9-9445-c157aaf29d57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6847
x-amzn-requestid: 9af16d4c-106c-4e8d-912b-e6f4fa44daa6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZkjcNHkAIAMFsDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e7f81-35fc285b7639a1a879d89f00;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 07:10:57 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 4d5W1LjWo-F3wimuYTXZo_pEZ8vIyXPZub9qQGHa5dmOGU_RBXlArw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 45d6a557ecb29942f314e3dd736d817a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 07:20:03 GMT
age: 9266
etag: "ce9546b225787f1c765be9bbef42f585c83a10d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ecd6748-5460-43cc-84b5-f33deb7cf126.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ecd6748-5460-43cc-84b5-f33deb7cf126.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6fb155a5d0fa0cebfa4cd03606f1f48c
c44cac382e2f2eb2b6ce35da6dfb37747d436d60
ca79a1bcc80f4e6fece82a0efb71a6c9af2b0b3d67b8f8c010a7f02ded6d2cfa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ecd6748-5460-43cc-84b5-f33deb7cf126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6900
x-amzn-requestid: 6d8885f4-d244-4ec7-9c2b-68d86983a30d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZQmngFsHoAMFxqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63368496-0926524f3c50d16160c2665e;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 05:54:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tkthNH6rXeqKef_h28M-jt9y0nekibDG6Fv9aPemZhrE9cpWarS_Xw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 11:01:24 GMT
age: 82385
etag: "c44cac382e2f2eb2b6ce35da6dfb37747d436d60"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f3ec27-4efa-459e-a0bf-ae28f5d2dd3d.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f3ec27-4efa-459e-a0bf-ae28f5d2dd3d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faa74f37d774e88f35e8d28397e066dc
6864ffbbeba98f1afdcc89c6588a21868bd33b4c
1c2f63843f2699f1c7a1df149d048dcc265387cbac9e6e9ca89ee7487a166ed8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79f3ec27-4efa-459e-a0bf-ae28f5d2dd3d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8239
x-amzn-requestid: 82d6eec9-0b0a-4342-9805-da201179818c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zd9izGiRIAMF_rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633bdc78-4a82b86b2d75b9127b12415b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 07:10:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dPytojC5jiRdAnvyDmVnb_iGDU7IEwLUnVLYsM4z7d-M_dIKgkvIrA==
via: 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 07:35:23 GMT
age: 8346
etag: "6864ffbbeba98f1afdcc89c6588a21868bd33b4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F925ee025-58b0-436d-8cda-192ec7c44c33.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F925ee025-58b0-436d-8cda-192ec7c44c33.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae567a6922213a56f35ddc5d5cc1d0f1
fc49df76e8625d8542b0634bfcf12b8d6cda445c
135f25c0350ad26235447cdfba53a45e5d0f9f4c07a6c1e66dd2ed4a4a487f86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F925ee025-58b0-436d-8cda-192ec7c44c33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9995
x-amzn-requestid: 46d789c8-c830-4003-a752-472ee853a14b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi-GRZIAMFzag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-5d69f864308ea18c0440203e;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: i1F72tYrdjpymITjLWOWsfF_d-uZp_aXH-TWvE491s7IOtJZArpOqA==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 27fe6f224e0cfa3f3a446471ee256e56.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
age: 43811
etag: "fc49df76e8625d8542b0634bfcf12b8d6cda445c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash a4e251d4fe3ef22398920eafe21ec2a8
1e2382ab2152e0f54d0de00ab5baec6754df79c9
27990b9038e9c2e742909e1122fa362b4e172f08b78754ef85a07929b8562ab6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 07 Oct 2022 09:54:29 GMT
Last-Modified: Fri, 07 Oct 2022 08:38:50 GMT
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: weHpRBTZEPHf89gyJT23y6myT08Ze0DpmKP49DCuddjVnC_gghbvxw==
Age: 4540
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 64317a0540bbf06a1f184763137d3535
9ed117d365fc190d6972066ce6e56ba2843f634e
aee071162f803e19fa2445bdd462ed9a234ca46d0d274f12e4b9e9b332c3bcd9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEE071162F803E19FA2445BDD462ED9A234CA46D0D274F12E4B9E9B332C3BCD9"
Last-Modified: Fri, 07 Oct 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6788
Expires: Fri, 07 Oct 2022 11:47:38 GMT
Date: Fri, 07 Oct 2022 09:54:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fd84b250aff97e0ced14c8a6e1c05bfc
8fcca405a9eccbf46b004216d4cfd7b9788fb40a
aae60fa1173bee4e11bb52bfb12133e3975be8a4337e709df68500100095275d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAE60FA1173BEE4E11BB52BFB12133E3975BE8A4337E709DF68500100095275D"
Last-Modified: Thu, 06 Oct 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17237
Expires: Fri, 07 Oct 2022 14:41:48 GMT
Date: Fri, 07 Oct 2022 09:54:31 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:54:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:54:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
200 OK 9.8 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
IP
File type ASCII text, with very long lines (32033)
Hash 432ca07a1a844dbb27f9e0ab0d468be5
7fdaf858d702f84536a515c675b4028ce2eb0cfa
12732099d21835fabf83a93eec52f7cf1847cd64a0572d18917b2e13b06d5cf0
GET /ajax/bootstrap/3.3.7/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wfbabfn.com
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 6769016
cache-control: public,max-age=31536000
content-type: application/javascript
date: Fri, 07 Oct 2022 09:54:31 GMT
etag: "80bdc1e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:59 GMT
server: ECAcc (ska/F6C5)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9839
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
200 OK 20 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
IP
File type ASCII text, with very long lines (65371)
Hash 7e2bb6028f0b19917a1a2d1944fc72b1
e1837fc75ee2ddd24c6e1df6b309ea212b57e681
cc6093bd7162882fd34252fb5d3e8e7d07247e3b70fad894320bf2a960abeda5
GET /ajax/bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 9863207
cache-control: public,max-age=31536000
content-type: text/css
date: Fri, 07 Oct 2022 09:54:31 GMT
etag: "0e914f2cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:10:18 GMT
server: ECAcc (ska/F740)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19629
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:54:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wfbabfn.com
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 15:53:22 GMT
expires: Wed, 04 Oct 2023 15:53:22 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 237669
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
qcklgn.com/signup/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47297-110104.{subid}.{clickID}
302 Found 7.2 kB URL HTTP/2 qcklgn.com/signup/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47297-110104.{subid}.{clickID}
IP
File type gzip compressed data, from Unix\012- data
Hash 710c884f5c6635501825497fb8d1295a
f10358a63ae7857fac02cbf488ea45096e191206
57a20b7e3985fe4b1ed0d4b3b6089778635ee2f788612fb8fb78f4e1c74e0596
GET /signup/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47297-110104.{subid}.{clickID} HTTP/1.1
Host: qcklgn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://porn-adventures.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 07 Oct 2022 09:54:30 GMT
content-type: text/html; charset=UTF-8
location: https://wfbabfn.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47297-110104.%7Bsubid%7D.%7BclickID%7D&epcCID=B7E764dbD5A9KfZbW775GcZ8gdsfIcO7N&rtid=0911467741
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=0f53c4aa720bf5e73f48bbb35dada037; path=/; secure; SameSite=None
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 13644335
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: 43b236dd70c5758c8a9b88f2aad419bb
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:54:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 09:54:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wfbabfn.com/common_tpls/images/icons/email.png
200 OK 1.3 kB URL HTTP/2 wfbabfn.com/common_tpls/images/icons/email.png
IP
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash a86d99b9176d82a211cfa29b2f0b353f
62947ddfd87e3a21869818885e4bfa4e55ad0c11
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/images/icons/email.png HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47297-110104.%7Bsubid%7D.%7BclickID%7D&epcCID=B7E764dbD5A9KfZbW775GcZ8gdsfIcO7N&rtid=0911467741
Cookie: PHPSESSID=5a3b89b791246d0d677bbdc3eebbabb3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:31 GMT
content-type: image/png
content-length: 1254
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-4e6"
section-io-cache-id: 341a29e54a2ed4391fe8f7c627b4d5f8
x-varnish: 14123864 12964492
age: 17103
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: a79288f1a9a38d756c158b8d664f2291
X-Firefox-Spdy: h2
wfbabfn.com/common_tpls/images/icons/password.png
200 OK 1.5 kB URL HTTP/2 wfbabfn.com/common_tpls/images/icons/password.png
IP
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash 6f100f1cdbdce928118ffa4c9293ca5b
6b1a3593e792d4c00187d60560dd03fb42df1156
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/images/icons/password.png HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47297-110104.%7Bsubid%7D.%7BclickID%7D&epcCID=B7E764dbD5A9KfZbW775GcZ8gdsfIcO7N&rtid=0911467741
Cookie: PHPSESSID=5a3b89b791246d0d677bbdc3eebbabb3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:31 GMT
content-type: image/png
content-length: 1452
last-modified: Tue, 22 Aug 2017 16:34:59 GMT
etag: "599c5d33-5ac"
section-io-cache-id: 1f1a5f99763776c65cde4197197b37fd
x-varnish: 13644351 13273544
age: 17103
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: d178bf2ba7e1265cfca7ceebd36090df
X-Firefox-Spdy: h2
wfbabfn.com/common_tpls/images/icons/fname.png
200 OK 1.6 kB URL HTTP/2 wfbabfn.com/common_tpls/images/icons/fname.png
IP
File type PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c846870756544f39604e671d4111b9d
304938c74246e228fa82d8ca40201c3db6098074
d43abf8c5665519a3fe3f7e90298fc17b62e06d8ada1b90a44ea9985a62abb4d
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/images/icons/fname.png HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47297-110104.%7Bsubid%7D.%7BclickID%7D&epcCID=B7E764dbD5A9KfZbW775GcZ8gdsfIcO7N&rtid=0911467741
Cookie: PHPSESSID=5a3b89b791246d0d677bbdc3eebbabb3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:31 GMT
content-type: image/png
content-length: 1649
last-modified: Tue, 28 Nov 2017 20:52:02 GMT
etag: "5a1dcc72-671"
section-io-cache-id: 61b54568c219b29eff88f7adff3a55e9
x-varnish: 14123865 10869488
age: 17116
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 485091e2b23cce904725f56e9eb02d45
X-Firefox-Spdy: h2
wfbabfn.com/common_tpls/images/icons/address.png
200 OK 1.2 kB URL HTTP/2 wfbabfn.com/common_tpls/images/icons/address.png
IP
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash b579e9868402d708e54e1a980166c444
1c58e2890b934c0b1ab057f3ac28bedd2a082d19
67756f8b542c7823bcdba421219c3b8e1ee472748d8c3463534f667271356dfb
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/images/icons/address.png HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47297-110104.%7Bsubid%7D.%7BclickID%7D&epcCID=B7E764dbD5A9KfZbW775GcZ8gdsfIcO7N&rtid=0911467741
Cookie: PHPSESSID=5a3b89b791246d0d677bbdc3eebbabb3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:31 GMT
content-type: image/png
content-length: 1167
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-48f"
section-io-cache-id: fcd6d700c3049a388d107e505bffacd2
x-varnish: 13644352 5531387
age: 17114
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 2ad6639979e544b1d0f2cde688ac4dde
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
200 OK 2.6 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
IP
File type ASCII text, with very long lines (27832)
Hash eaaabd3f60063923cd5333eb1d7a20a1
0da69706105e28896a1f6eeaa91d5bec1b82f7f1
f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70
GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wfbabfn.com/
Origin: https://wfbabfn.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:31 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 316259
accept-ranges: bytes
server: cloudflare
cf-ray: 7565c1856c7afab4-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
200 OK 4.2 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
IP
File type ASCII text, with very long lines (26366)
Hash 7fd743485fa194e25e2a207bff6c258a
97c999d752b95ee1ed6271a29aa58109dc17281e
dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wfbabfn.com/
Origin: https://wfbabfn.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:31 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 316259
accept-ranges: bytes
server: cloudflare
cf-ray: 7565c1856c79fab4-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
200 OK 54 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
IP
File type ASCII text, with very long lines (65397)
Hash dc9270247a97f75913a5d8934c24de03
ed9b0fa01b552571f99d529ed355b2ba91cfc48d
847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8
GET /releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wfbabfn.com/
Origin: https://wfbabfn.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:31 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 316259
accept-ranges: bytes
server: cloudflare
cf-ray: 7565c1856c77fab4-OSL
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 0c82d9938dfd6c25d2e7f06fec2af501
cf8d2f861e0ddfa353eaf4951a6d497396ce471c
dced2f8d23b290c14fb8a2f747134e5a99b2a897b431b016809495757ae89461
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 09:54:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 11 Oct 2022 06:39:08 GMT
ETag: "cf8d2f861e0ddfa353eaf4951a6d497396ce471c"
Last-Modified: Fri, 07 Oct 2022 06:39:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1854
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7565c1857f3b0b55-OSL
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.0.woff2
200 OK 23 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.0.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23316, version 331.-31196\012- data
Hash e0e8f01313f5061924cb318b031d706e
8ddfde7f46123a327ec627acf520741b1f016eb9
78f2234a60cbe6920db07df9663c0b035d9a602d8f7b82e174fc9e0f5bf89ad0
GET /releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.0.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wfbabfn.com
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:32 GMT
content-type: font/woff2
content-length: 23316
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae35c-5b14"
last-modified: Wed, 04 Aug 2021 18:58:36 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 314176
accept-ranges: bytes
server: cloudflare
cf-ray: 7565c1879dcdfab4-OSL
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Oct 2022 09:54:32 GMT
via: 1.1 varnish
x-served-by: cache-bma1667-BMA
x-cache: HIT
x-cache-hits: 339
x-timer: S1665136472.263805,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wfbabfn.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 21:48:50 GMT
expires: Thu, 05 Oct 2023 21:48:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
age: 129942
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/mulish/v3/1Ptyg83HX_SGhgqO0yLcmjzUAuWexc1RwaA.ttf
200 OK 42 kB URL HTTP/2 fonts.gstatic.com/s/mulish/v3/1Ptyg83HX_SGhgqO0yLcmjzUAuWexc1RwaA.ttf
IP
File type TrueType Font data, 18 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2011 The Mulish Project Authors (github.com/googlefonts/mulish)Mulish LightRegular2.10\012- data
Hash 8befc3aee189c7cb3fb9d0efdb657256
f2053c67ec447d9cf645a8cb635f99bf17a84958
13dc393f90dc2feb20567822ef7ffd6b45b02f57849096806076bda5569b3ae0
GET /s/mulish/v3/1Ptyg83HX_SGhgqO0yLcmjzUAuWexc1RwaA.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wfbabfn.com
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 41723
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 04:43:08 GMT
expires: Tue, 03 Oct 2023 04:43:08 GMT
cache-control: public, max-age=31536000
age: 364284
last-modified: Thu, 21 Jan 2021 05:38:47 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/mulish/v3/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNRwaA.ttf
200 OK 42 kB URL HTTP/2 fonts.gstatic.com/s/mulish/v3/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNRwaA.ttf
IP
File type TrueType Font data, 18 tables, 1st "GDEF", 12 names, Microsoft, language 0x409, Copyright 2011 The Mulish Project Authors (github.com/googlefonts/mulish)MulishRegular2.100;NONE\012- data
Hash 140e4c19f32bf9be05e539e9288726ec
4f9819fd553e9bf97a4f7f614c38c639e994e451
cdfd700cc4d106344778b96165d2d7dd86e05feac184660d5ec49fcfd81948bd
GET /s/mulish/v3/1Ptyg83HX_SGhgqO0yLcmjzUAuWexZNRwaA.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wfbabfn.com
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 41867
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 11:14:27 GMT
expires: Thu, 05 Oct 2023 11:14:27 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Jan 2021 21:08:26 GMT
content-type: font/ttf
age: 168005
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/mulish/v3/1Ptyg83HX_SGhgqO0yLcmjzUAuWexXRWwaA.ttf
200 OK 42 kB URL HTTP/2 fonts.gstatic.com/s/mulish/v3/1Ptyg83HX_SGhgqO0yLcmjzUAuWexXRWwaA.ttf
IP
File type TrueType Font data, 18 tables, 1st "GDEF", 12 names, Microsoft, language 0x409, Copyright 2011 The Mulish Project Authors (github.com/googlefonts/mulish)MulishBold2.100;NONE;Mu\012- data
Hash 9f883a328891bb8ccb6b976b63f42aca
57879c0320c9dd3de779b21c308c21f2572d34a2
1d447afef436b7b2d0be166b5871c807fc0fec0ae8b9e2a88fbc7bd44cca4af9
GET /s/mulish/v3/1Ptyg83HX_SGhgqO0yLcmjzUAuWexXRWwaA.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wfbabfn.com
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 41999
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 00:32:51 GMT
expires: Wed, 04 Oct 2023 00:32:51 GMT
cache-control: public, max-age=31536000
age: 292901
last-modified: Thu, 21 Jan 2021 06:26:30 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
wfbabfn.com/acct/trk/?rtid=0911467741
200 OK 21 B URL HTTP/2 wfbabfn.com/acct/trk/?rtid=0911467741
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 7bc0c0792b119b611b26badd2d36c989
8056ed766e11f45484e62cea490dd3adc07146dc
2a8d0da0ef0203c620cf2fb249678fb2ba3d0daf70f85e1deb0fa73bcefabb47
Analyzer Verdict Alert quad9 Sinkholed
GET /acct/trk/?rtid=0911467741 HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwUCVFRWCBAJV1dSDwkPVV0=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNTUyNTAiLCJhcCI6IjExMDMwNzg4NDIiLCJpZCI6IjU5NDIxOWQyYzExNDIyMWUiLCJ0ciI6Ijg0ODg3ZDc2NTQzNWQwZjA2YTQ0Zjg5YzBkZDY5MTU4IiwidGkiOjE2NjUxMzY0NzIyNTd9fQ==
traceparent: 00-84887d765435d0f06a44f89c0dd69158-594219d2c114221e-01
tracestate: 3355250@nr=0-1-3355250-1103078842-594219d2c114221e----1665136472257
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://wfbabfn.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47297-110104.%7Bsubid%7D.%7BclickID%7D&epcCID=B7E764dbD5A9KfZbW775GcZ8gdsfIcO7N&rtid=0911467741
Cookie: PHPSESSID=5a3b89b791246d0d677bbdc3eebbabb3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:32 GMT
content-type: text/json;charset=UTF-8
content-length: 21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 13539059
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: 17e5b07af7ea5e838b7632acb2570aad
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=3732&ck=1&ref=https://wfbabfn.com/acct/epc69181/add/&ap=91&be=3113&fe=3574&dc=3571&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1665136468621,%22n%22:0,%22f%22:2323,%22dn%22:2325,%22dne%22:2329,%22c%22:2329,%22s%22:2440,%22ce%22:2658,%22rq%22:2659,%22rp%22:2999,%22rpe%22:2999,%22dl%22:3003,%22di%22:3554,%22ds%22:3570,%22de%22:3573,%22dc%22:3573,%22l%22:3573,%22le%22:3576%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=3732&ck=1&ref=https://wfbabfn.com/acct/epc69181/add/&ap=91&be=3113&fe=3574&dc=3571&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1665136468621,%22n%22:0,%22f%22:2323,%22dn%22:2325,%22dne%22:2329,%22c%22:2329,%22s%22:2440,%22ce%22:2658,%22rq%22:2659,%22rp%22:2999,%22rpe%22:2999,%22dl%22:3003,%22di%22:3554,%22ds%22:3570,%22de%22:3573,%22dc%22:3573,%22l%22:3573,%22le%22:3576%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
IP
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=3732&ck=1&ref=https://wfbabfn.com/acct/epc69181/add/&ap=91&be=3113&fe=3574&dc=3571&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1665136468621,%22n%22:0,%22f%22:2323,%22dn%22:2325,%22dne%22:2329,%22c%22:2329,%22s%22:2440,%22ce%22:2658,%22rq%22:2659,%22rp%22:2999,%22rpe%22:2999,%22dl%22:3003,%22di%22:3554,%22ds%22:3570,%22de%22:3573,%22dc%22:3573,%22l%22:3573,%22le%22:3576%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 09:54:32 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7565c1890cbdb4f1-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=6316c8695f6c6a08; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4019&ck=1&ref=https://wfbabfn.com/acct/epc69181/add/
200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4019&ck=1&ref=https://wfbabfn.com/acct/epc69181/add/
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4019&ck=1&ref=https://wfbabfn.com/acct/epc69181/add/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 683
Origin: https://wfbabfn.com
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 09:54:32 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 7565c18a1dbfb4f1-OSL
Access-Control-Allow-Origin: https://wfbabfn.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
porn-adventures.com/smljackpotpurple/assets/scripts/ua-parser.min.js
200 OK 0 B URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/scripts/ua-parser.min.js
IP
GET /smljackpotpurple/assets/scripts/ua-parser.min.js HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: application/javascript
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:28 GMT
vary: Accept-Encoding
etag: W/"62aaf1e0-4bb3"
content-encoding: gzip
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/scripts/jquery.min.js
200 OK 0 B URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/scripts/jquery.min.js
IP
GET /smljackpotpurple/assets/scripts/jquery.min.js HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: application/javascript
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:26 GMT
vary: Accept-Encoding
etag: W/"62aaf1de-15851"
content-encoding: gzip
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/styles/reset.css
200 OK 0 B URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/styles/reset.css
IP
GET /smljackpotpurple/assets/styles/reset.css HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/assets/styles/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: text/css
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:29 GMT
vary: Accept-Encoding
etag: W/"62aaf1e1-61c"
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins:wght@300;400;600&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:wght@300;400;600&display=swap
IP
GET /css2?family=Poppins:wght@300;400;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 07 Oct 2022 09:54:31 GMT
date: Fri, 07 Oct 2022 09:54:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
wfbabfn.com/common_tpls/js/form_support.js?v=1003202201
200 OK 0 B URL HTTP/2 wfbabfn.com/common_tpls/js/form_support.js?v=1003202201
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/js/form_support.js?v=1003202201 HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47297-110104.%7Bsubid%7D.%7BclickID%7D&epcCID=B7E764dbD5A9KfZbW775GcZ8gdsfIcO7N&rtid=0911467741
Cookie: PHPSESSID=5a3b89b791246d0d677bbdc3eebbabb3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 03 Oct 2022 16:43:12 GMT
etag: W/"633b1120-6a5"
section-io-cache-id: b8d801edf5db3779fb441d6dbd555968
x-varnish: 14123863 12964488
age: 17104
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 64c6923d6d962fb90d0177a6ac7c6a3f
X-Firefox-Spdy: h2
porn-adventures.com/pushjs/1.0.0/subscriber.js
200 OK 0 B URL HTTP/2 porn-adventures.com/pushjs/1.0.0/subscriber.js
IP
GET /pushjs/1.0.0/subscriber.js HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: application/javascript
server: nginx
last-modified: Wed, 27 Apr 2022 09:23:15 GMT
vary: Accept-Encoding
etag: W/"62690b83-385c"
content-encoding: gzip
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/scripts/functions.js
200 OK 0 B URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/scripts/functions.js
IP
GET /smljackpotpurple/assets/scripts/functions.js HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: application/javascript
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:25 GMT
vary: Accept-Encoding
etag: W/"62aaf1dd-90b"
content-encoding: gzip
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/scripts/trls.js
200 OK 0 B URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/scripts/trls.js
IP
GET /smljackpotpurple/assets/scripts/trls.js HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: application/javascript
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:28 GMT
vary: Accept-Encoding
etag: W/"62aaf1e0-c303"
content-encoding: gzip
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/media/video.mp4
206 Partial Content 0 B URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/media/video.mp4
IP
GET /smljackpotpurple/assets/media/video.mp4 HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: video/mp4
content-length: 5848902
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:27 GMT
etag: "62aaf1df-593f46"
expires: Sun, 06 Nov 2022 09:54:28 GMT
cache-control: max-age=2592000
content-range: bytes 0-5848901/5848902
X-Firefox-Spdy: h2
kit.fontawesome.com/b314bdf1b3.js
200 OK 0 B URL HTTP/2 kit.fontawesome.com/b314bdf1b3.js
IP
GET /b314bdf1b3.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wfbabfn.com
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:31 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FxqhKa90IuBdyA4HK1dh
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7565c184ac0cfab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
200 OK 0 B URL HTTP/2 porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
IP
GET /smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:27 GMT
content-type: text/html
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:22 GMT
vary: Accept-Encoding
etag: W/"62aaf1da-28d6"
expires: Sun, 06 Nov 2022 09:54:27 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
porn-adventures.com/smljackpotpurple/assets/styles/style.css
200 OK 0 B URL HTTP/2 porn-adventures.com/smljackpotpurple/assets/styles/style.css
IP
GET /smljackpotpurple/assets/styles/style.css HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: text/css
server: nginx
last-modified: Thu, 16 Jun 2022 09:03:29 GMT
vary: Accept-Encoding
etag: W/"62aaf1e1-2528"
content-encoding: gzip
X-Firefox-Spdy: h2
porn-adventures.com/pushjs/1.0.0/config/lang-config.js
200 OK 0 B URL HTTP/2 porn-adventures.com/pushjs/1.0.0/config/lang-config.js
IP
GET /pushjs/1.0.0/config/lang-config.js HTTP/1.1
Host: porn-adventures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/smljackpotpurple/?subid=&clickID=yofpv633ff7490005c65e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: application/javascript
server: nginx
last-modified: Wed, 27 Apr 2022 09:23:16 GMT
vary: Accept-Encoding
etag: W/"62690b84-23c2"
content-encoding: gzip
X-Firefox-Spdy: h2
wfbabfn.com/common_tpls/js/iframeResizer.contentWindow.min.js
200 OK 0 B URL HTTP/2 wfbabfn.com/common_tpls/js/iframeResizer.contentWindow.min.js
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47297-110104.%7Bsubid%7D.%7BclickID%7D&epcCID=B7E764dbD5A9KfZbW775GcZ8gdsfIcO7N&rtid=0911467741
Cookie: PHPSESSID=5a3b89b791246d0d677bbdc3eebbabb3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:06:03 GMT
etag: W/"56b368db-3445"
section-io-cache-id: 4f2c8bdd2d81e6d70524f7f93d076384
x-varnish: 14123866 5531400
age: 17103
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 51b1008370bb2939bac346c7b43f31e0
X-Firefox-Spdy: h2
statisticresearch.com/user-segments/?pid=TH
200 OK 0 B URL HTTP/2 statisticresearch.com/user-segments/?pid=TH
IP
GET /user-segments/?pid=TH HTTP/1.1
Host: statisticresearch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
server: nginx
X-Firefox-Spdy: h2
geoip.enlistsecureup.com/?v=1
200 OK 0 B URL HTTP/2 geoip.enlistsecureup.com/?v=1
IP
ASN #54994 QUANTILNETWORKS
GET /?v=1 HTTP/1.1
Host: geoip.enlistsecureup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:32 GMT
content-type: application/javascript
server: waf/4.31.19-2.el6
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-via: 1.1 PS-SJC-011UH181:6 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:15 (Cdn Cache Server V2.0)
x-ws-request-id: 633ff757_PSdgflkfFRA1vg90_35001-43524
set-cookie: HMF_CI=e26670c22ac881078de02b2ac32aa2d0949b1285570ea3153c08c6ee9ffea0322c7f60db4a999d229e000a4daa2005588acf4aa422a1021f25a8e5a0557bc4a9cb; Expires=Sun, 06-Nov-22 09:54:32 GMT; Path=/
X-Firefox-Spdy: h2
wfbabfn.com/common_tpls/js/validate_form_v2.js?jsv=26
200 OK 0 B URL HTTP/2 wfbabfn.com/common_tpls/js/validate_form_v2.js?jsv=26
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/js/validate_form_v2.js?jsv=26 HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47297-110104.%7Bsubid%7D.%7BclickID%7D&epcCID=B7E764dbD5A9KfZbW775GcZ8gdsfIcO7N&rtid=0911467741
Cookie: PHPSESSID=5a3b89b791246d0d677bbdc3eebbabb3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 04 Oct 2022 17:00:19 GMT
etag: W/"633c66a3-5feb"
section-io-cache-id: efa054b104cb7ce330daa3c7451646db
x-varnish: 13644350 12930963
age: 17118
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 788dc8219270f89d615237fafa13d6b9
X-Firefox-Spdy: h2
daailynews.com/pushjs/1.0.0/utils.js
200 OK 0 B URL HTTP/2 daailynews.com/pushjs/1.0.0/utils.js
IP
GET /pushjs/1.0.0/utils.js HTTP/1.1
Host: daailynews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porn-adventures.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:28 GMT
content-type: application/javascript
server: nginx
last-modified: Wed, 16 Sep 2020 11:36:15 GMT
vary: Accept-Encoding
etag: W/"5f61f8af-20f2"
content-encoding: gzip
X-Firefox-Spdy: h2
wfbabfn.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47297-110104.%7Bsubid%7D.%7BclickID%7D&epcCID=B7E764dbD5A9KfZbW775GcZ8gdsfIcO7N&rtid=0911467741
200 OK 0 B URL HTTP/2 wfbabfn.com/acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47297-110104.%7Bsubid%7D.%7BclickID%7D&epcCID=B7E764dbD5A9KfZbW775GcZ8gdsfIcO7N&rtid=0911467741
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /acct/epc69181/add/?epcVIP=63.1066.g101fl&email=&password=&firstname=&lastname=&zip=&act=epc69181.47297-110104.%7Bsubid%7D.%7BclickID%7D&epcCID=B7E764dbD5A9KfZbW775GcZ8gdsfIcO7N&rtid=0911467741 HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://porn-adventures.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 09:54:31 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=5a3b89b791246d0d677bbdc3eebbabb3; path=/; secure; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 14123859
age: 0
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Miss
section-io-id: 806857b0e01cd2d9e420e7dd2db90d34
X-Firefox-Spdy: h2
50.17.223.200
104.18.23.52
23.36.77.32
93.184.220.29
151.101.86.137
163.171.128.172