azkcqs.com/rpe?a=1&s=1&act=17&src=2&p=1054030&st=1212506&wd=451919&d=shbzek.com&tpl=32&rnd=0.8178660202037498&sbid=122&sbid2=05demos
185.162.85.1 0 B URL azkcqs.com/rpe?a=1&s=1&act=17&src=2&p=1054030&st=1212506&wd=451919&d=shbzek.com&tpl=32&rnd=0.8178660202037498&sbid=122&sbid2=05demos
IP 185.162.85.1:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rpe?a=1&s=1&act=17&src=2&p=1054030&st=1212506&wd=451919&d=shbzek.com&tpl=32&rnd=0.8178660202037498&sbid=122&sbid2=05demos HTTP/1.1
Host: azkcqs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shbzek.com
DNT: 1
Connection: keep-alive
Referer: https://shbzek.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 15 May 2023 22:57:37 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2
shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTIxMjUwNiwid2lkIjo0NTE5MTksInNyYyI6Mn0=eyJ&si1=122&si2=05demos
185.56.234.205 12 kB URL shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTIxMjUwNiwid2lkIjo0NTE5MTksInNyYyI6Mn0=eyJ&si1=122&si2=05demos
IP 185.56.234.205:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (21571)
Hash b4140cddcee8ba4f6aae1c5ee0d9f592
8aa8d637edefa5d367137c926f3893cf3cba8edf
877f02f29decfb4335a4359b34a7440d4e09b158f8a1563e836e432954e9da16
GET /great?h=waWQiOjEwNTQwMzAsInNpZCI6MTIxMjUwNiwid2lkIjo0NTE5MTksInNyYyI6Mn0=eyJ&si1=122&si2=05demos HTTP/1.1
Host: shbzek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Mon, 15 May 2023 22:57:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: truniq=1; expires=Tue, 16-May-2023 22:57:36 GMT; Max-Age=86400; path=/; domain=shbzek.com
x-zone: eu3
content-encoding: gzip
X-Firefox-Spdy: h2
ecrwqu.com/cuclc?aid=1980345421355106617&t=1684191457&s=198
185.162.85.14 1.2 kB URL ecrwqu.com/cuclc?aid=1980345421355106617&t=1684191457&s=198
IP 185.162.85.14:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1185), with no line terminators
Hash 4cc8db2b7613695bf93c2e1eb5b34df9
a813334026f0a4d9fe68685022701fa8e8734d79
806342ad09d2b19303509bd26e8ffac0d902ea386557bd9ca30ebb65aec839c8
GET /cuclc?aid=1980345421355106617&t=1684191457&s=198 HTTP/1.1
Host: ecrwqu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://h3iyc.shbzek.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0
date: Mon, 15 May 2023 22:57:37 GMT
content-type: text/html; charset=utf-8
content-length: 1185
location: https://s.viiian.com/h/1524/m2aeuqm24v4vvrfvuovytlgjwktuk56pskpixcg5wb5hqgd2n57hyeduafrcpdf3yl2u4kquzm33su7mk2h7o7osgovms6xiohfo5rxmsd5pl7g2nsbesonaipay5hhflo2fn4nm37fdd4tqzo2kpplm2zxffyklmm4sf6skp2cua42tgzziqrswwnzxjgrqopzhxhe46vx44342u73gbn3os7dpd3saufidoteai65jtmxinpjhdwd2xbzux3scrwq4d2th2vuva6laob3ee2qhpfwxgzduincfgcscijagmsl4k52fwyh3jvqjk2ki2bnlartd3mzuzscbkzi7m53kw3hig6saq3deqxtnobrrc2yxrnbcbp2p5jzilrsf5bczxrlztvr6jat2qjivgkiagbmgg6lzavcfu4zjgavcoedhkmxd443ppjducvcwiqlry2ivfrpx73csjlawh46rxnfm4sswzzisd6ujpsjece6l3yfko4dp46qxfhsewkj2ln44rgy63c2xvja7yus6hewdi3lmlyja2rq5lqgceejjau3b6obmeykrqqz5ee4go42gcrrcsm33gqrbybk7araemsteizwb2lyygv3hqvkgljzhqz36ovdgmbt4mfzggziscqlfofi5biuu2623obohmkbgcibva43gmygw6r3vkm2syijffuibspk3czhrwpqgpzoxixbupb7fqfqlfawtk7bhca2qc5lbojrxkfkda5lewfy6mfevau2mmzrxg6cuifoxw63gpnjp5pgjtxa4jqm6xn2evmvgtkrfkigo4we62vytzhf75icbfc3phcxyvpe3fj53kyvxfzldzk5prw2wkj5wnxtajjrccfiddvygo6jngqjdovz3a42dqmycfiaueeiue4yripycgizwc6lyknbf27dgguts6q52gfsvu5fwwl55mzailb5hssfgxjtgnigwinsjxgqg6b67gws4jfvdmtkyatud4pgkepiaqzxgaszasuiopaaf6===?u=
X-Firefox-Spdy: h2
goto.trackpshgoto.win/15GTdk?camp=624246&site=1417801675501964&category=1560&cost=9.0E-4&external_id=cnv4320d379afbec4ecf789646d6ed9ef19
20.113.188.243 320 B URL goto.trackpshgoto.win/15GTdk?camp=624246&site=1417801675501964&category=1560&cost=9.0E-4&external_id=cnv4320d379afbec4ecf789646d6ed9ef19
IP 20.113.188.243:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (320), with no line terminators
Hash bce40d805f145f30ac46f50b9063acff
e448aba5aaaad77e00b4a2194ef8fec884612dad
ab11aedc697f83a4f2c58658aa342f2774aa50a842c8d4845796e4f5812ba596
GET /15GTdk?camp=624246&site=1417801675501964&category=1560&cost=9.0E-4&external_id=cnv4320d379afbec4ecf789646d6ed9ef19 HTTP/1.1
Host: goto.trackpshgoto.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.23.0
Date: Mon, 15 May 2023 22:57:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 320
Connection: keep-alive
X-Powered-By: Express
Set-Cookie: 15GTdko=20230516011684191464522; domain=.goto.trackpshgoto.win; path=/;expires=Tue, 16 May 2023 22:57:38 GMT; httpOnly=true;SameSite=None; Secure;
_pc_lc_id=15GTdk; domain=.goto.trackpshgoto.win; path=/;expires=Tue, 16 May 2023 22:57:38 GMT; httpOnly=true;SameSite=None; Secure;
peerclickcid=5edf130ccc3728f6352fb37d9163fa96-42510-0516; domain=.goto.trackpshgoto.win; path=/;expires=Tue, 16 May 2023 22:57:38 GMT; httpOnly=true;SameSite=None; Secure;
_norg=1; domain=.goto.trackpshgoto.win; path=/;expires=Tue, 16 May 2023 22:57:38 GMT; httpOnly=true;SameSite=None; Secure;
Location: https://alvsx.cloudpsh.top/?pl=gX8SmuT53Uat0GJjeCpaXQ&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964
Vary: Accept
alvsx.cloudpsh.top/?pl=gX8SmuT53Uat0GJjeCpaXQ&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964
5.75.133.219 0 B URL alvsx.cloudpsh.top/?pl=gX8SmuT53Uat0GJjeCpaXQ&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964
IP 5.75.133.219:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=gX8SmuT53Uat0GJjeCpaXQ&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964 HTTP/1.1
Host: alvsx.cloudpsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Mon, 15 May 2023 22:57:38 GMT
content-length: 0
location: https://alvsx.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
set-cookie: gX8SmuT53Uat0GJjeCpaXQ=15; max-age=345600; path=/; samesite=lax
__pl=74670fd1-8911-4df9-b1ca-47f0c408aeef; expires=Thu, 15 May 2025 22:57:38 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
alvsx.crystalcrafter.top/adult-video/assets/video.gif
104.21.7.3 500 kB URL alvsx.crystalcrafter.top/adult-video/assets/video.gif
IP 104.21.7.3:0
File type GIF image data, version 89a, 320 x 180\012- data
Size 500 kB (500082 bytes)
Hash 2e59da03066a7854825901e0c1460b52
8d5aa04f252de7a85b8387051c1321338ac32d32
63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433
GET /adult-video/assets/video.gif HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:38 GMT
content-type: image/gif
content-length: 500082
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-7a172"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4439
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rgh51Th4cO%2Fchj7v%2FH2BdwuucLubDTCT9HnM25UvPLrM8NH0mg970gM8jbE3fJ%2BosQeF7K3wv4z%2BwLfSpcX3nWXGkN7eCbSQrHjH%2BokjYnzgRo3Ys3qfX5XKD397SM1m3L0k3eTw1HiuwOc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb2a58c20afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
alvsx.crystalcrafter.top/favicon.ico
104.21.7.3 0 B URL alvsx.crystalcrafter.top/favicon.ico
IP 104.21.7.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Mon, 15 May 2023 22:57:39 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 190
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nqndx8CziZlvZ6E4h0yosn8SKlk6JW5UCBl0rHg8oZ%2BiWyOUiGDHt2EMtg%2Bx8cc2RG71vf4mWFeYf6tHM9HO1WS6IleFrmXQFo6QBqAS5%2F1x3l7zebQ2NxApO5HCSd5NTT0ugnT1ih%2BC4AM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb2c29880afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f4fea5cf544471669f24229f47d96622
e21aa81232c02d605863b3193c4ce0d27eba07ec
216eb082f9386c239a730dfe8d0414192c3af67ccba8db2865a250d2e13ed7d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 15 May 2023 22:57:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/8.4.1/firebase-app.js
142.250.74.35 6.8 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-app.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (21158)
Hash e20da9cfaabf0b23d89c2335c06e2b03
b1af5616825acaba44bd714bd2685327abe896fd
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2
GET /firebasejs/8.4.1/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 May 2023 06:18:54 GMT
expires: Fri, 10 May 2024 06:18:54 GMT
cache-control: public, max-age=31536000
age: 405525
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f4fea5cf544471669f24229f47d96622
e21aa81232c02d605863b3193c4ce0d27eba07ec
216eb082f9386c239a730dfe8d0414192c3af67ccba8db2865a250d2e13ed7d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 15 May 2023 22:57:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
142.250.74.35 11 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (40976)
Hash a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 May 2023 00:16:42 GMT
expires: Thu, 09 May 2024 00:16:42 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 513657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.crystalcrafter.top/adult-video/assets/video.gif
104.21.7.3 500 kB URL a.crystalcrafter.top/adult-video/assets/video.gif
IP 104.21.7.3:0
File type GIF image data, version 89a, 320 x 180\012- data
Size 500 kB (500082 bytes)
Hash 2e59da03066a7854825901e0c1460b52
8d5aa04f252de7a85b8387051c1321338ac32d32
63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433
GET /adult-video/assets/video.gif HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:39 GMT
content-type: image/gif
content-length: 500082
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-7a172"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4439
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V98HSHf4XjhyDjgYQGpC4LsCV9wFS2A6aG7NEwhaElpyfjQ2sNUh3ej6oapSyp41oFN2oERFX1S%2Bu3RvS%2FgS9R0vIBeT3ag6dEApTWQl1Jzdwu8xyeRUPHEQtgvB1MQf0UfNE4Ppsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb2ffb9d0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/favicon.ico
104.21.7.3 0 B URL a.crystalcrafter.top/favicon.ico
IP 104.21.7.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Mon, 15 May 2023 22:57:40 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1665
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0dD0jdcFUgifNv7AfeMmWMQdjALLUiOv9bE8oTU3uWycmeSRw%2FS%2BgJC19zcYEwsMoNZA1ACtL1HsV11qKhcy6%2Fd8q1U9p86dcmFVdk%2FpigghHlxhSnCJ252rBAGhbU4XcUc5NLpiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb312c3e0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
104.21.7.3 12 kB URL a.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
IP 104.21.7.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2076), with CRLF line terminators
Hash aec10c280b563360924273b2a911e635
1905d806efc15be78c699590b1b9a2651bc2263c
ef053c01691e965b2c29ab2d0a15583b01c7e8c9be02ad9bbedd3a3d039766ea
GET /adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758 HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:39 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmNqCBiupwBbuIwzuUUEhnlAQ3qZ%2BhaAxY18EPHyTcZUpdrFphOhYAZ3MyV%2BJszl0c50syHUrDZ2xrO2jYrgkKW3lnqDjpjsTAeG03xrZ%2B9c1oO2NsbferfT0MoWrQR9Y1dLgO%2FXTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c7efb2f4b470afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
a.crystalcrafter.top/adult-video/assets/spinning-circles2.svg
104.21.7.3 11 kB URL a.crystalcrafter.top/adult-video/assets/spinning-circles2.svg
IP 104.21.7.3:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 14e6f9981fa27406176056df2451d27b
aa1b6fd6071391d0031bff2d74ae77347ec2fdb4
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f
GET /adult-video/assets/spinning-circles2.svg HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:39 GMT
content-type: image/svg+xml
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-1f7"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4439
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28hHjIIkaHP2NfQw1n1l3xOP3C0KKRbcbnX1yRjQAqymJH9%2BUCiGElKi5OdpucoZ8mG1H0BLw4En4XpzPO7u77Y38AD77BB8pAQcZ%2BUo4MKKQfAma4CSwi95Vz43zI1MbIqPXtokjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb2feb9b0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b.crystalcrafter.top/adult-video/assets/video.gif
104.21.7.3 500 kB URL b.crystalcrafter.top/adult-video/assets/video.gif
IP 104.21.7.3:0
File type GIF image data, version 89a, 320 x 180\012- data
Size 500 kB (500082 bytes)
Hash 2e59da03066a7854825901e0c1460b52
8d5aa04f252de7a85b8387051c1321338ac32d32
63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433
GET /adult-video/assets/video.gif HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:40 GMT
content-type: image/gif
content-length: 500082
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-7a172"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1066
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMWhNke2Hb6354Jp4vlCnzZJc5zv%2BHHSUTB%2BLLndEgvEiQbeIx0hRxaC%2BU84kY63nv8VWDxE4PLhD83tJ%2FVEQ%2F5bZsNtgflzTWbl8OGDLbFPzMV5qt6M6yHbVnB6DTMaItx6%2FJ0tTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb331d2e0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
104.21.7.3 5.2 kB URL b.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
IP 104.21.7.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2076), with CRLF line terminators
Hash aec10c280b563360924273b2a911e635
1905d806efc15be78c699590b1b9a2651bc2263c
ef053c01691e965b2c29ab2d0a15583b01c7e8c9be02ad9bbedd3a3d039766ea
GET /adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758 HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:40 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRdfLDiWvFQFki3fp6a9VG8ieKj2ZmeMKW%2B6klCJzD5ryIxO1DwCY6ESdrKvNCnrgO4zpaWm54yeqMXwoGJV8CCkDyCOe9g4obYGZKWNNdIYcirpbj0lUHsjA1gOd4d8NojWwuwl8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c7efb327cdd0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
b.crystalcrafter.top/adult-video/assets/style.css
104.21.7.3 8.3 kB URL b.crystalcrafter.top/adult-video/assets/style.css
IP 104.21.7.3:0
File type ASCII text, with CRLF line terminators
Hash 4282caba1d544b2d6164f7a67fb9306c
1a043cc45756075f239d7ccd13999b7d16ac665d
dbe57e2d6acc8c6850ad81fbfb538593e4faa98d011e2867abcdfa094dbbaf86
GET /adult-video/assets/style.css HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:40 GMT
content-type: text/css
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-1eb1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ud6iOhdcIo7WGhaPJV0N%2B1s7AqRgwtKREDtjq43Tlg1ho7QbbAJjDKCsViU5us60%2BO17aWYy6jgtQT31R8Zj1e7A31ul9QC4lfQuY29VQVZlamtGJ23EKWIIRQ9ysUEr20pVNvQIBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb331d2b0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
142.250.74.35 11 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (40976)
Hash a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 May 2023 00:16:42 GMT
expires: Thu, 09 May 2024 00:16:42 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 513658
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
c.crystalcrafter.top/adult-video/assets/video.gif
104.21.7.3 500 kB URL c.crystalcrafter.top/adult-video/assets/video.gif
IP 104.21.7.3:0
File type GIF image data, version 89a, 320 x 180\012- data
Size 500 kB (500082 bytes)
Hash 2e59da03066a7854825901e0c1460b52
8d5aa04f252de7a85b8387051c1321338ac32d32
63412ff22ec2f712d6e82d34889a0a48948523dedd0bfce03bba69a19a9b4433
GET /adult-video/assets/video.gif HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:40 GMT
content-type: image/gif
content-length: 500082
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-7a172"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1062
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUqVfOjQerNC7adIeYVPc4YM8HGp09NGWtgiMzVb9%2FIXUCZ8PBep27LJAlfJCMnRmqTfpBvN%2FbJjbwI7YPfoo2yevrhAH0jNkXZQJrm0nxcARezYM22JNw9sqoaBxDiSkZacVOut9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb361e630afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.crystalcrafter.top/favicon.ico
104.21.7.3 0 B URL c.crystalcrafter.top/favicon.ico
IP 104.21.7.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Mon, 15 May 2023 22:57:40 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3061
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCX92J6fB02e5BPaXb614PkcCQGOiw%2Baz3wrkYL7RoJ8O8iITbNWgP7gto4J1kDhbEZSrYBadh%2FTR0B39gBYXQglzqhVFfzNfjGus5JqeLS2ERrLIlnW%2BWPOUpulPKjU4XQApfYgLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb372edd0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.crystalcrafter.top/adult-video/assets/style.css
104.21.7.3 17 kB URL c.crystalcrafter.top/adult-video/assets/style.css
IP 104.21.7.3:0
File type ASCII text, with CRLF line terminators
Hash 4282caba1d544b2d6164f7a67fb9306c
1a043cc45756075f239d7ccd13999b7d16ac665d
dbe57e2d6acc8c6850ad81fbfb538593e4faa98d011e2867abcdfa094dbbaf86
GET /adult-video/assets/style.css HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:40 GMT
content-type: text/css
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-1eb1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1065
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgNnzpLDEtSdvQYwokAI422yGBx%2BXQLxpVjq8LsulQ9G%2FMg535Mu5jiCDAIkUS0E2yKo4aNUDR8GKQVRh7TRJukwzSZbDWOBJgfwTAdUduacNqjMuO%2FuXUYzJ5FmQRjeAo9Zh9NGpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb361e610afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
142.250.74.35 11 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (40976)
Hash a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 May 2023 00:16:42 GMT
expires: Thu, 09 May 2024 00:16:42 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 513659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
d.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
104.21.7.3 505 kB URL d.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
IP 104.21.7.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2076), with CRLF line terminators
Size 505 kB (505262 bytes)
Hash aec10c280b563360924273b2a911e635
1905d806efc15be78c699590b1b9a2651bc2263c
ef053c01691e965b2c29ab2d0a15583b01c7e8c9be02ad9bbedd3a3d039766ea
GET /adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758 HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:41 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNVowoMcI5VIQpAx3OEDbnrQh47%2FJ5a%2B1iIholL8R5JEYT1XbIqNBntL7Xpqqmgzm08PpcMRbMFc%2Bj5Dt13%2FmSe3LRSKdPBfYSEgNSvgNyLUoJQl6mF9c%2FdITbCCn3yQ0yC%2FICRsgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c7efb386f640afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
104.21.7.3 8.1 kB URL c.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
IP 104.21.7.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2076), with CRLF line terminators
Hash aec10c280b563360924273b2a911e635
1905d806efc15be78c699590b1b9a2651bc2263c
ef053c01691e965b2c29ab2d0a15583b01c7e8c9be02ad9bbedd3a3d039766ea
GET /adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758 HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:40 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxMvl3yyOPp7FC5gHYfuihfxMl6gzN5gfHKOcFY4EysIgSvBomBYj3HSAwaqPD3JqR2b5dGGLTBgH%2FpsEAIeyetJKtJtX6OxrY9BTlP9qI5d0oVGf98alNHIdDThQNaeBgVkSYVfRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c7efb356e1c0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.gstatic.com/firebasejs/8.4.1/firebase-app.js
142.250.74.35 6.8 kB URL www.gstatic.com/firebasejs/8.4.1/firebase-app.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (21158)
Hash e20da9cfaabf0b23d89c2335c06e2b03
b1af5616825acaba44bd714bd2685327abe896fd
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2
GET /firebasejs/8.4.1/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 May 2023 06:18:54 GMT
expires: Fri, 10 May 2024 06:18:54 GMT
cache-control: public, max-age=31536000
age: 405527
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&appspot=
172.67.169.207 19 kB URL js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&appspot=
IP 172.67.169.207:0
File type Unicode text, UTF-8 text, with very long lines (23357), with no line terminators
Hash 42e7a7722cf95b2c6e6c8d7a328288fe
d36d8c1a8a7e6d35ad38944bf05c2ad196c81a68
0601db7a2100537587d0a65805d2f21cdc0a75a69f268abc7c83665ad860e594
GET /ps/ps.js?edg=true&fullscreen=true&pl=true&id=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&appspot= HTTP/1.1
Host: js.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/
Cookie: __psu=89f936e0-6753-4092-bcf5-06fa2cc9ab80
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:41 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0MDg%2F6QZCcEUqnneU1dU6PiRoypiRcdlwL7OFm7lL9uRZhely2oJXeVRWZi3PMo2RhPt95F%2FSMYGML%2F6YlAkx7LNWGc4yMfUaxBoucmMN%2BvfKZmb2uWiFW25yO9vlRzNtvQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb396f57b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.highcpmrevenuenetwork.com/n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f
173.233.137.60200 OK 115 B URL User Request GET HTTP/1.1 www.highcpmrevenuenetwork.com/n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f
IP 173.233.137.60:443
Certificate IssuerLet's Encrypt
Subjecthighcpmrevenuenetwork.com
Fingerprint4A:B9:EF:7A:95:F5:EB:F1:0F:44:6B:99:79:4A:95:32:BE:12:C7:AB
ValiditySat, 22 Apr 2023 06:23:55 GMT - Fri, 21 Jul 2023 06:23:54 GMT
File type ASCII text, with no line terminators
Hash 16579cc322e9e105427ecfa57890ef69
8bb47ec30cf894ab49032d7271a45f0c778baa05
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590
Analyzer Verdict Alert quad9 Sinkholed
GET /n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f HTTP/1.1
Host: www.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 15 May 2023 22:57:41 GMT
Content-Type: text/html
Content-Length: 115
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17984642; expires=Tue, 16 May 2023 22:57:41 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: eca483d749736426ed04bf073c3799c4
Strict-Transport-Security: max-age=0; includeSubdomains
d.crystalcrafter.top/adult-video/assets/trls.js
104.21.7.3 2.9 kB URL d.crystalcrafter.top/adult-video/assets/trls.js
IP 104.21.7.3:0
File type Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Hash 4bf00604db1b3695385cfd297af0ef46
6d6652fcbefb4a5ea4fba578a2532c7e1b16e2c6
7e023b60f8f33a43f89f344e37ea814c93e69e82bb4ddb90b5b0467d9d82ac05
GET /adult-video/assets/trls.js HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/adult-video/?pl=gX8SmuT53Uat0GJjeCpaXQ&sm=adult-video&click_id=5edf130ccc3728f6352fb37d9163fa96-42510-0516&sub_id=1417801675501964&hash=i7DA1xnjVlussdo69BRX5Q&exp=1684191758
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 15 May 2023 22:57:41 GMT
content-type: application/javascript
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-1da4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1062
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwOOtgOlIlYEVIDyaefZ1rb%2F77g4FNmsjywwlkQPBse4EJcMHNYj4lw6JyLRGywt770rQFw8QL6Ar3cc1LUoa2Gonwi2GohxeFx8xdhFDDTxhBV8yQFe4m1pAs4d%2FZVtaVyIqGjSqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c7efb38ffab0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.highcpmrevenuenetwork.com/favicon.ico
173.233.137.60200 OK 0 B URL GET HTTP/1.1 www.highcpmrevenuenetwork.com/favicon.ico
IP 173.233.137.60:443
Requested by https://www.highcpmrevenuenetwork.com/n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f
Certificate IssuerLet's Encrypt
Subjecthighcpmrevenuenetwork.com
Fingerprint4A:B9:EF:7A:95:F5:EB:F1:0F:44:6B:99:79:4A:95:32:BE:12:C7:AB
ValiditySat, 22 Apr 2023 06:23:55 GMT - Fri, 21 Jul 2023 06:23:54 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.highcpmrevenuenetwork.com/n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f
Cookie: u_pl=17984642
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 15 May 2023 22:57:42 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b81c93a0d2a47d9a5a468fe1e16c34a4
Strict-Transport-Security: max-age=0; includeSubdomains