r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10851
Expires: Thu, 22 Sep 2022 13:44:40 GMT
Date: Thu, 22 Sep 2022 10:43:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 804f8bbb7f556d51a5f52d5ebd5b6eef
922cd7e06df278615a04abb81d811d14596c8180
ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 10:13:57 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QGNZs9wRu6RPuYXkrBvO9zD_oNAcBvXmqpjDWU18hjWsrQZVFXw1Hw==
Age: 1792
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _nQ7IEHeHtcYrvKyGxD2k5OC2PnoBudFBpW3RzO7imhGyYscHE-F3g==
age: 22115
X-Firefox-Spdy: h2
mkkuei4kdsz.com/222/366.html
64.225.91.73200 OK 329 B URL HTTP/1.1 mkkuei4kdsz.com/222/366.html
IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /222/366.html HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 22 Sep 2022 10:43:49 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 10:43:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 10:43:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9287134
expires: Tue, 12 Sep 2023 10:43:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2Fahpi%2BDNrQby8VGHW%2FdhmgMvI%2Bt4ma1nQhK%2BkRUwdvZr8b%2BIUQo%2FRXLtyGCbKziZc9IJJwME4IMeWu3%2B0yS6X1YxnIcn4Kf%2FlmE3TGaC09THu9xnUyTxk%2B2zDWE3f6TQi7U2XjS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74ea711e3dbeb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8b05b53d3d89eede6540bf415e7ed451
f8bc028a4f715ded9cf899f72ea85b97378607ce
5b5fdc50372d870b82bcb49a8b0f5de26a0b0a58b90418615bfb3b1ed7062998
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5B5FDC50372D870B82BCB49A8B0F5DE26A0B0A58B90418615BFB3B1ED7062998"
Last-Modified: Tue, 20 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15618
Expires: Thu, 22 Sep 2022 15:04:08 GMT
Date: Thu, 22 Sep 2022 10:43:50 GMT
Connection: keep-alive
mkkuei4kdsz.com/favicon.ico
64.225.91.73200 OK 329 B URL HTTP/1.1 mkkuei4kdsz.com/favicon.ico
IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/222/366.html
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 22 Sep 2022 10:43:50 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 22 Sep 2022 10:03:22 GMT
Expires: Thu, 22 Sep 2022 10:59:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iymX7f_5YVxZZR1k2Q1Z8PEph03KT4i8huZAlxeQV7qumshC3HkDOA==
Age: 2428
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4569
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 10:43:50 GMT
Last-Modified: Thu, 22 Sep 2022 09:27:41 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
domaincntrol.com/?orighost=http://mkkuei4kdsz.com/222/366.html
104.26.11.61200 OK 28 B URL HTTP/2 domaincntrol.com/?orighost=http://mkkuei4kdsz.com/222/366.html
IP 104.26.11.61:0
File type ASCII text, with no line terminators
Hash 7aae16ed70d2e07943585bbb1cd02b55
3209123510c034e6e38ca45edf14307f1375a8f5
51bfb53a70df6adc48f0670be59a16a657ab5a2bafc176973a32d5c36a4fc5d3
GET /?orighost=http://mkkuei4kdsz.com/222/366.html HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 10:43:50 GMT
content-type: text/javascript;charset=UTF-8
content-length: 28
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8ntwlRmD9bnVi3YxrcCAKvS3Yi5Q4ysNuwDH%2FAxvPISlYyd8tWrxeJhAUVpOE1l%2BmmbPWHxF0wo5AIlTKxveL1B5sGgGtLD2%2BKju%2F%2Bp3z0BIvQIosXC80od8kTWYqp8w0Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ea711efe441c0a-OSL
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.200.107.47101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.200.107.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SLys20ZLwiuPkegmHb/CDw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XED0yQ0u0dl+eRsplZ3upV+lNRY=
ww2.mkkuei4kdsz.com/
64.190.63.136200 OK 1.2 kB IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (629)
Hash 921570824bf0a6e7cdcb9de1bf61f65f
e8e8f0d3b4ad7c18d999b7cf79f79b08a6814a2f
837081c030df39c61726f9aa94582b8c1d435c64a06c13da3211ff7872635fb5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 10:43:51 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_RlGSCujrTwIV09ewwdBk8PiCOXknsvjzonXp/BabLYsbM4wWv0k1teTkRJynKg7Y1QeTz1UsnxJZ/TvhfinDdA==
last-modified: Thu, 22 Sep 2022 10:43:50 GMT
x-cache-miss-from: parking-75468f7c47-8lf9s
server: NginX
content-encoding: gzip
img.sedoparking.com/images/js_preloader.gif
205.234.175.175200 OK 4.3 kB URL HTTP/1.1 img.sedoparking.com/images/js_preloader.gif
IP 205.234.175.175:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 10:43:51 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Thu, 29 Sep 2022 10:43:51 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: 62538c501a8664941accb33a70f3376a
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY2Mzg0MzQzMTdlMjBjOWIwZWQ1Yjc2YzY5YjUwZjQ1NGM4NjgzODJh&crc=e1a01ff2c84ca82ec78dd3ecafcb5abfde1a7668&cv=1
64.190.63.136200 OK 0 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY2Mzg0MzQzMTdlMjBjOWIwZWQ1Yjc2YzY5YjUwZjQ1NGM4NjgzODJh&crc=e1a01ff2c84ca82ec78dd3ecafcb5abfde1a7668&cv=1
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY2Mzg0MzQzMTdlMjBjOWIwZWQ1Yjc2YzY5YjUwZjQ1NGM4NjgzODJh&crc=e1a01ff2c84ca82ec78dd3ecafcb5abfde1a7668&cv=1 HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
HTTP/1.1 200 OK
date: Thu, 22 Sep 2022 10:43:51 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-cache-miss-from: parking-75468f7c47-v9czt
server: NginX
ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dp3kUTAgxs5E_0&v=YzU2NGNhNWQ4NWJiZjk5NDVlN2YwZDQ3NmMzMTMyZTUJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMyYzNjNjZlYjViZTguNjE0NjQzNjAJd3cyLm1ra3VlaTRrZHN6LmNvbTYzMmMzYzY2ZWI1ZWQ5LjA5MzM4NTQ4CTE2NjM4NDM0MzEJYWRfNjNfMA==&l=OAlhNDdiY2FiMmYzNGEzYWNkYWEyNWRhMDBjMTkwYTFlMQkwCTM1CTAJYTdjYTY5ODA4MTU2OGNkZGJjNzVlMTIwNzRlYWVkNjcJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjM4NDM0MzEJMC4wMDA1MjYJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
64.190.63.136302 Found 0 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dp3kUTAgxs5E_0&v=YzU2NGNhNWQ4NWJiZjk5NDVlN2YwZDQ3NmMzMTMyZTUJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMyYzNjNjZlYjViZTguNjE0NjQzNjAJd3cyLm1ra3VlaTRrZHN6LmNvbTYzMmMzYzY2ZWI1ZWQ5LjA5MzM4NTQ4CTE2NjM4NDM0MzEJYWRfNjNfMA==&l=OAlhNDdiY2FiMmYzNGEzYWNkYWEyNWRhMDBjMTkwYTFlMQkwCTM1CTAJYTdjYTY5ODA4MTU2OGNkZGJjNzVlMTIwNzRlYWVkNjcJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjM4NDM0MzEJMC4wMDA1MjYJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dp3kUTAgxs5E_0&v=YzU2NGNhNWQ4NWJiZjk5NDVlN2YwZDQ3NmMzMTMyZTUJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMyYzNjNjZlYjViZTguNjE0NjQzNjAJd3cyLm1ra3VlaTRrZHN6LmNvbTYzMmMzYzY2ZWI1ZWQ5LjA5MzM4NTQ4CTE2NjM4NDM0MzEJYWRfNjNfMA==&l=OAlhNDdiY2FiMmYzNGEzYWNkYWEyNWRhMDBjMTkwYTFlMQkwCTM1CTAJYTdjYTY5ODA4MTU2OGNkZGJjNzVlMTIwNzRlYWVkNjcJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjM4NDM0MzEJMC4wMDA1MjYJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Thu, 22 Sep 2022 10:43:51 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Thu, 22 Sep 2022 10:43:51 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dp3kUTAgxs5E_0&v=YzU2NGNhNWQ4NWJiZjk5NDVlN2YwZDQ3NmMzMTMyZTUJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMyYzNjNjZlYjViZTguNjE0NjQzNjAJd3cyLm1ra3VlaTRrZHN6LmNvbTYzMmMzYzY2ZWI1ZWQ5LjA5MzM4NTQ4CTE2NjM4NDM0MzEJYWRfNjNfMA==&l=OAlhNDdiY2FiMmYzNGEzYWNkYWEyNWRhMDBjMTkwYTFlMQkwCTM1CTAJYTdjYTY5ODA4MTU2OGNkZGJjNzVlMTIwNzRlYWVkNjcJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjM4NDM0MzEJMC4wMDA1MjYJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
x-cache-miss-from: parking-75468f7c47-8spg2
server: NginX
ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dp3kUTAgxs5E_0&v=YzU2NGNhNWQ4NWJiZjk5NDVlN2YwZDQ3NmMzMTMyZTUJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMyYzNjNjZlYjViZTguNjE0NjQzNjAJd3cyLm1ra3VlaTRrZHN6LmNvbTYzMmMzYzY2ZWI1ZWQ5LjA5MzM4NTQ4CTE2NjM4NDM0MzEJYWRfNjNfMA==&l=OAlhNDdiY2FiMmYzNGEzYWNkYWEyNWRhMDBjMTkwYTFlMQkwCTM1CTAJYTdjYTY5ODA4MTU2OGNkZGJjNzVlMTIwNzRlYWVkNjcJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjM4NDM0MzEJMC4wMDA1MjYJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
64.190.63.136302 Found 311 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dp3kUTAgxs5E_0&v=YzU2NGNhNWQ4NWJiZjk5NDVlN2YwZDQ3NmMzMTMyZTUJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMyYzNjNjZlYjViZTguNjE0NjQzNjAJd3cyLm1ra3VlaTRrZHN6LmNvbTYzMmMzYzY2ZWI1ZWQ5LjA5MzM4NTQ4CTE2NjM4NDM0MzEJYWRfNjNfMA==&l=OAlhNDdiY2FiMmYzNGEzYWNkYWEyNWRhMDBjMTkwYTFlMQkwCTM1CTAJYTdjYTY5ODA4MTU2OGNkZGJjNzVlMTIwNzRlYWVkNjcJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjM4NDM0MzEJMC4wMDA1MjYJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 982d2ef4a528e3ed46064b1e6277f0d8
cccb95fd74c3dac1c8149d3efd3c65e21b621746
cf93176ccedf84a528eb512473df79f924982476a2784f0fb768dddb619ad261
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dp3kUTAgxs5E_0&v=YzU2NGNhNWQ4NWJiZjk5NDVlN2YwZDQ3NmMzMTMyZTUJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMyYzNjNjZlYjViZTguNjE0NjQzNjAJd3cyLm1ra3VlaTRrZHN6LmNvbTYzMmMzYzY2ZWI1ZWQ5LjA5MzM4NTQ4CTE2NjM4NDM0MzEJYWRfNjNfMA==&l=OAlhNDdiY2FiMmYzNGEzYWNkYWEyNWRhMDBjMTkwYTFlMQkwCTM1CTAJYTdjYTY5ODA4MTU2OGNkZGJjNzVlMTIwNzRlYWVkNjcJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjM4NDM0MzEJMC4wMDA1MjYJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Thu, 22 Sep 2022 10:43:51 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Thu, 22 Sep 2022 10:43:51 GMT
location: http://xml.sedodna.com/click?i=p3kUTAgxs5E_0
x-cache-miss-from: parking-75468f7c47-v9czt
server: NginX
xml.sedodna.com/click?i=p3kUTAgxs5E_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml.sedodna.com/click?i=p3kUTAgxs5E_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=p3kUTAgxs5E_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://impactserving.com/Redirect.eng?MediaSegmentId=0&TempMediaId=cac33349-e981-4137-9deb-c126e12aefe8&dcid=3_ctx_1851b735-4663-41e1-b169-8b321ed0d15f&timeZoneOffset=&xml=1&feedId=1155
Pragma: no-cache
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2513
Expires: Thu, 22 Sep 2022 11:25:45 GMT
Date: Thu, 22 Sep 2022 10:43:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2513
Expires: Thu, 22 Sep 2022 11:25:45 GMT
Date: Thu, 22 Sep 2022 10:43:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2513
Expires: Thu, 22 Sep 2022 11:25:45 GMT
Date: Thu, 22 Sep 2022 10:43:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36673ded-0a09-4aa6-b4c8-c3e3be3b0e4a.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36673ded-0a09-4aa6-b4c8-c3e3be3b0e4a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b5c8545323317489392c1f56707078e
fcc0cdd72a5c97f13b0c59e5b39e06a6add18a9c
c79efda3b792026233b13c07a2c69e3dff0fdbccfb081c768ffc7e52aa744668
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36673ded-0a09-4aa6-b4c8-c3e3be3b0e4a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8058
x-amzn-requestid: 78d8a4f9-b85f-4055-a17e-90ccd231e462
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YshUOE7jIAMFm-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632815b4-7d0717045b5fd71d5a41ccdb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 07:09:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Y-EsbrGZSY3WtqlLDDm4MLHjqeLlrzjqCRsSt7r_jSXr0LswkHP_yQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 13:08:32 GMT
age: 77720
etag: "fcc0cdd72a5c97f13b0c59e5b39e06a6add18a9c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd80c0b0-1f50-41ad-b183-4804f10ef060.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd80c0b0-1f50-41ad-b183-4804f10ef060.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8bb6194dcfc32bf02932f4bbb1dcec0
8fa5650de8e274f8fc2fb96e13a4976e0fedb6c9
45d8af4c39b0bcacd2909b6deec2fc080a6a64936b53ebd7f6309381358bcaa9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd80c0b0-1f50-41ad-b183-4804f10ef060.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9877
x-amzn-requestid: 865f77de-c569-4938-9ae9-b79b11ae0804
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vF4oIAMF19w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-5111662b354f54bf3c2b77c9;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: epvqhKGy2mzjb3OLTsFvb1ruOFQBr0q-YpQDJYXpFhHiNgj9m8kktQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "8fa5650de8e274f8fc2fb96e13a4976e0fedb6c9"
content-type: image/jpeg
age: 47383
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Oem-Kw-aCUa2rA9B9-7CDYcZ-G968tFPnsrL5wJ9Dia43T5u6RDtg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
age: 47383
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62818de3c50f957b2e5680851a1768c9
80e48c9ae48c89598780736b089c98e22d58df9a
16f2c2d23e8641a3f297a175730343d11120a228c0fe846c0fdf1e39212c522c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8549
x-amzn-requestid: 6d44626b-16c6-4f19-ae52-d5350065b390
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwPHJJoAMFdfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84ce-46ebc35612eb7a4473b36189;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UoQTXSP0LgR4LwELp2Avm27hUekfO9TU9yfvNbIlmUtB-FrU9MGRbg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:19 GMT
age: 46533
etag: "80e48c9ae48c89598780736b089c98e22d58df9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4d98acc059a69d51165fb5e0c7430ea3
09bd3300d710c3212483159f8398b84cde09da26
6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gZ8I075ljJuPvMcsyyRU3m09P9z7mL3WNBiex99pwXtoWDzt_jWP0A==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:25:13 GMT
age: 44319
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dc9975a-1730-4f22-938b-16d00b675774.webp
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dc9975a-1730-4f22-938b-16d00b675774.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d19cac9573e6ead9bf47fafc522e65ad
804a11a71d93ce96d33d0c9eb97f200fd72295e9
27fe9a87f50dcd0ae95a7b4b1a867e4a93da6617c205e3b686c7b3ba781113ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dc9975a-1730-4f22-938b-16d00b675774.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6667
x-amzn-requestid: ca197085-d84f-4b18-bb3f-bdcbe1a09179
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzG6gFbVIAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab843-7ad0e6464190f55e4efd96e4;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:07:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GqmLDOdrcoQM7d5mLJP_kinvgPhpAfuSh9tgKykku1Tow0xHS1bArw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 07:08:26 GMT
age: 12926
etag: "804a11a71d93ce96d33d0c9eb97f200fd72295e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3fffd9e48fde13c9c79c435186b92070
5aa2b18a40a0c809e631c2deb8abfb61f560fb4a
fc25c2967d099c550fb30a42569daaa814c9a30fbc89b48b993c859cccf83960
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6087
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 10:43:52 GMT
Last-Modified: Thu, 22 Sep 2022 09:02:25 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3fffd9e48fde13c9c79c435186b92070
5aa2b18a40a0c809e631c2deb8abfb61f560fb4a
fc25c2967d099c550fb30a42569daaa814c9a30fbc89b48b993c859cccf83960
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6087
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 10:43:52 GMT
Last-Modified: Thu, 22 Sep 2022 09:02:25 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e4a61343d98c165a49e2b46e43383233
b6f03d6376edf7f1f4bc5846c3bd3bbb0f96552f
1bdc8f0adca5815d05190ef4d60f12420fc5f1fa5c6edffbc11d8b64c9ee28f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3815
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 10:43:52 GMT
Last-Modified: Thu, 22 Sep 2022 09:40:17 GMT
Server: ECS (amb/6B89)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e4a61343d98c165a49e2b46e43383233
b6f03d6376edf7f1f4bc5846c3bd3bbb0f96552f
1bdc8f0adca5815d05190ef4d60f12420fc5f1fa5c6edffbc11d8b64c9ee28f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3815
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 10:43:52 GMT
Last-Modified: Thu, 22 Sep 2022 09:40:17 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
gon.exrtbsrv.com/r.php?i=1375006687&p=p95473498&s=s3&c=V2U0cnlXRnhsWnhLQWhsVDc2dEdOUT09
172.66.43.179200 OK 1.4 kB URL HTTP/2 gon.exrtbsrv.com/r.php?i=1375006687&p=p95473498&s=s3&c=V2U0cnlXRnhsWnhLQWhsVDc2dEdOUT09
IP 172.66.43.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (379)
Hash 1ee44aaab32731b9652e23ece762945e
36c688eadbbf9aadd67f77bb9e2387cc99f66042
2a827d1c9fd5d9ee5b62ec243f6d16f1d27029668fd5d943286f05c257be5de2
GET /r.php?i=1375006687&p=p95473498&s=s3&c=V2U0cnlXRnhsWnhLQWhsVDc2dEdOUT09 HTTP/1.1
Host: gon.exrtbsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impactserving.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 10:43:52 GMT
content-type: text/html;charset=UTF-8
x-powered-by: PHP/8.0.20
expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
cache-control: no-cache, must-revalidate
x-frame-options: DENY
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
set-cookie: go=1375006687DZDp95473498PZPs3; expires=Wed, 21-Dec-2022 10:43:52 GMT; Max-Age=7776000; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=me26onuJjPx0707b%2F8MLoeOG0S4Lc1L%2BXI273%2B%2FAFZOc5kB8zckf50ySM8ef4XCMZV0TO2ZIVtk%2FEfLyShCJJhGxEEVoVgQGnoUh1o0984StiJuLmroYZ7Wu7ige9j4NNdw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ea712c7893b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 126ffb2c90595c0231c703b383c87eef
169fa7190e3e98a712dc73e10245ab4a26d2557f
0e565eecf0c84a96644d296f3f39bf36bfec13a38ef674155e5a566a51a933e9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3064
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 10:43:52 GMT
Last-Modified: Thu, 22 Sep 2022 09:52:48 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash ee8d096438222058f9f0a5e829c498a0
4e5f418152977f6d2457f3b6f0b2704db5ead46d
ed6784b81739b1dd2fb94e3aabd9402edcee424143180d8f32fe37910de37d60
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 22 Sep 2022 10:43:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 21 Sep 2022 21:09:50 GMT
Expires: Thu, 22 Sep 2022 21:09:50 GMT
ETag: "4e5f418152977f6d2457f3b6f0b2704db5ead46d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.ixxx.com/templates/ixxx/css/app.css?c4835cc8
167.71.71.84200 OK 52 kB URL HTTP/2 www.ixxx.com/templates/ixxx/css/app.css?c4835cc8
IP 167.71.71.84:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (64856)
Hash ed43815b5a61d1415debe6b2c3c734dc
e1859c916ed2b6dc0b0ae4a2df5ec1f0095f365f
1931adc9577eb0c561c7aea8f905bdbc323724b3633c46e54e8d4e1716b515c8
GET /templates/ixxx/css/app.css?c4835cc8 HTTP/1.1
Host: www.ixxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/?t=150042&utm_source=porngrand.com
Connection: keep-alive
Cookie: session=xkOqfZyPhbjpeGYEdFTGUfJUuvzzbvOA; ta=6%3BWyJodHRwczpcL1wvcG9ybmdyYW5kLmNvbVwvIiwxNTAwNDIsMCwxNTAwNDIsIjIwMjItMDktMjIiLCJwb3JuZ3JhbmQuY29tIixmYWxzZSxmYWxzZV0%3D%7Cb829918c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 10:36:43 GMT
content-type: text/css
last-modified: Tue, 20 Sep 2022 10:20:23 GMT
etag: W/"632993e7-41894"
content-encoding: gzip
cache-control: public, max-age=86400, smaxage=3600
vary: Accept-Encoding
age: 429
accept-ranges: bytes
content-length: 51641
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
www.ixxx.com/js/analytics
167.71.71.84200 OK 371 B URL HTTP/2 www.ixxx.com/js/analytics
IP 167.71.71.84:0
ASN #14061 DIGITALOCEAN-ASN
Hash 40c4ca1b8a58830f80cbf0d04e735279
887085ef06aee2da21ffabc0612dfa9d27039f05
1ea7d018c306880bd6ad5009779a6526ea79dbacbd54153c65cf428f82e78fc7
GET /js/analytics HTTP/1.1
Host: www.ixxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/?t=150042&utm_source=porngrand.com
Connection: keep-alive
Cookie: session=xkOqfZyPhbjpeGYEdFTGUfJUuvzzbvOA; ta=6%3BWyJodHRwczpcL1wvcG9ybmdyYW5kLmNvbVwvIiwxNTAwNDIsMCwxNTAwNDIsIjIwMjItMDktMjIiLCJwb3JuZ3JhbmQuY29tIixmYWxzZSxmYWxzZV0%3D%7Cb829918c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600, no-transform, public, s-maxage=3600
date: Thu, 22 Sep 2022 10:03:43 GMT
x-content-type-options: nosniff
referrer-policy: origin, strict-origin-when-cross-origin
content-security-policy: default-src 'self'; connect-src *.g.doubleclick.net 'self' *.google-analytics.com https://*.google-analytics.com *.analytics.google.com https://*.analytics.google.com; font-src 'self' https://fonts.gstatic.com; frame-src 'none'; img-src 'self' data: *.ttcache.com https://*.ttcache.com *.google-analytics.com https://*.google-analytics.com *.analytics.google.com https://*.analytics.google.com optimize.google.com https://optimize.google.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com https://*.google-analytics.com *.analytics.google.com https://www.googletagmanager.com www.googleoptimize.com https://www.googleoptimize.com optimize.google.com https://optimize.google.com; style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com
x-content-security-policy: default-src 'self'; connect-src *.g.doubleclick.net 'self' *.google-analytics.com https://*.google-analytics.com *.analytics.google.com https://*.analytics.google.com; font-src 'self' https://fonts.gstatic.com; frame-src 'none'; img-src 'self' data: *.ttcache.com https://*.ttcache.com *.google-analytics.com https://*.google-analytics.com *.analytics.google.com https://*.analytics.google.com optimize.google.com https://optimize.google.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com https://*.google-analytics.com *.analytics.google.com https://www.googletagmanager.com www.googleoptimize.com https://www.googleoptimize.com optimize.google.com https://optimize.google.com; style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com
x-xss-protection: 1; mode=block
content-encoding: gzip
vary: Accept-Encoding
age: 2409
accept-ranges: bytes
content-length: 371
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
www.ixxx.com/templates/ixxx/js/app.js?005e21db
167.71.71.84200 OK 145 kB URL HTTP/2 www.ixxx.com/templates/ixxx/js/app.js?005e21db
IP 167.71.71.84:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (57552), with LF, NEL line terminators
Size 145 kB (145262 bytes)
Hash fe4ea51b2af0a70b7e8279145ca61c6f
1aca745ee52683ee8aba7b8a4d9953e1643860e7
686b9bbc241a372c9b52d7eea32fdd2d083c83e56dbcbd07c4eacccc4effb65c
GET /templates/ixxx/js/app.js?005e21db HTTP/1.1
Host: www.ixxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/?t=150042&utm_source=porngrand.com
Connection: keep-alive
Cookie: session=xkOqfZyPhbjpeGYEdFTGUfJUuvzzbvOA; ta=6%3BWyJodHRwczpcL1wvcG9ybmdyYW5kLmNvbVwvIiwxNTAwNDIsMCwxNTAwNDIsIjIwMjItMDktMjIiLCJwb3JuZ3JhbmQuY29tIixmYWxzZSxmYWxzZV0%3D%7Cb829918c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 10:16:15 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 10:20:33 GMT
etag: W/"632993f1-61a99"
content-encoding: gzip
cache-control: public, max-age=86400, smaxage=3600
vary: Accept-Encoding
age: 1657
accept-ranges: bytes
content-length: 145262
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
www.ixxx.com/templates/ixxx/images/logo.svg?402003a7
167.71.71.84200 OK 520 B URL HTTP/2 www.ixxx.com/templates/ixxx/images/logo.svg?402003a7
IP 167.71.71.84:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1040)
Hash df2e70368813b2e34b364edb899b13b8
00c1cd324d90f179c8cf83af46dbe5e6d45e88cb
049dae7607595b9a3f96ea83460ac63894a1f8a246ebaefe28ae108a59a94c41
GET /templates/ixxx/images/logo.svg?402003a7 HTTP/1.1
Host: www.ixxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/?t=150042&utm_source=porngrand.com
Connection: keep-alive
Cookie: session=xkOqfZyPhbjpeGYEdFTGUfJUuvzzbvOA; ta=6%3BWyJodHRwczpcL1wvcG9ybmdyYW5kLmNvbVwvIiwxNTAwNDIsMCwxNTAwNDIsIjIwMjItMDktMjIiLCJwb3JuZ3JhbmQuY29tIixmYWxzZSxmYWxzZV0%3D%7Cb829918c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 10:18:32 GMT
content-type: image/svg+xml
last-modified: Tue, 20 Sep 2022 10:20:23 GMT
cache-control: public, max-age=86400, smaxage=3600
etag: W/"632993e7-5b1"
content-encoding: gzip
vary: Accept-Encoding
age: 1520
accept-ranges: bytes
content-length: 520
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
c1.ttcache.com/thumbnail/cD2Lp0i6aBj/288x162/thumber.php
81.171.5.120200 OK 15 kB URL HTTP/2 c1.ttcache.com/thumbnail/cD2Lp0i6aBj/288x162/thumber.php
IP 81.171.5.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 288x162, components 3\012- data
Hash c607759d0ea5d91ec881cbe63b81136d
35db642d716f01d3dbad2533c5e9cc7bab64ede7
4c6034228dc8b635f5a57fb9380880daade0a722c32de2804b97a3946f9286d5
GET /thumbnail/cD2Lp0i6aBj/288x162/thumber.php HTTP/1.1
Host: c1.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 15106
cache-control: public, s-maxage=14400
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c4.ttcache.com/thumbnail/JPfts8f9BpP/288x162/9.jpg
178.162.128.2200 OK 12 kB URL HTTP/2 c4.ttcache.com/thumbnail/JPfts8f9BpP/288x162/9.jpg
IP 178.162.128.2:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 6bdd4aa51f84a8aaa8b323abfc190556
03c29c46ccdbd3c739439b040a8e0ec8a2a9af43
375b108d0d1cb0413ad0f6ed9b5bf778ceda6add8665c77046936e7a02aea4f7
GET /thumbnail/JPfts8f9BpP/288x162/9.jpg HTTP/1.1
Host: c4.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 12181
cache-control: public, s-maxage=14400, max-age=31536000
etag: "62125287-307c"
last-modified: Sun, 20 Feb 2022 14:39:03 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c1.ttcache.com/thumbnail/4ZXp2JIiBaT/288x162/2.jpg
81.171.5.120200 OK 20 kB URL HTTP/2 c1.ttcache.com/thumbnail/4ZXp2JIiBaT/288x162/2.jpg
IP 81.171.5.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x180, components 3\012- data
Hash fca804c3a617ec787c58e7c96103be40
bfa2a4345de57f1bda010f8a286b97ed44719227
5320e707eff33d0e54bc65cedc2b9526c3245f30697a40e8b5d87e5a3ee7dede
GET /thumbnail/4ZXp2JIiBaT/288x162/2.jpg HTTP/1.1
Host: c1.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 20531
cache-control: public, s-maxage=14400, max-age=7776000
last-modified: Sun, 06 Feb 2022 09:40:02 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c3.ttcache.com/thumbnail/IFp7WZs23ps/288x162/6.jpg
95.211.254.216200 OK 11 kB URL HTTP/2 c3.ttcache.com/thumbnail/IFp7WZs23ps/288x162/6.jpg
IP 95.211.254.216:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 70fd316a8e0e709116266c2915e05330
b91958bab960340066435316bdb20502faeb03f5
da2b7a06feab9fd1b76ca53e0dcf2be4428e02f926317577b22f504d0ef627d4
GET /thumbnail/IFp7WZs23ps/288x162/6.jpg HTTP/1.1
Host: c3.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 10995
cache-control: public, s-maxage=14400, max-age=604800
etag: "6327ac66-2af3"
last-modified: Sun, 18 Sep 2022 23:40:22 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c1.ttcache.com/thumbnail/Wiits715gPx/288x162/203349_00000104.jpg
81.171.5.120200 OK 10 kB URL HTTP/2 c1.ttcache.com/thumbnail/Wiits715gPx/288x162/203349_00000104.jpg
IP 81.171.5.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 288x162, components 3\012- data
Hash fe71bed5c2cc26721978ec72d265fdfd
efbbb795b28268b377a628f87e31339d734cef92
20a79bd285c39b1cbbd323b2b454e9418816825902e8b2978cc939b0009b0af0
GET /thumbnail/Wiits715gPx/288x162/203349_00000104.jpg HTTP/1.1
Host: c1.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 10267
cache-control: public, s-maxage=14400, max-age=2592000
last-modified: Mon, 29 Aug 2016 10:49:14 GMT-05:00
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c4.ttcache.com/thumbnail/uUNLz2gm2E8/288x162/2.jpg
178.162.128.2200 OK 15 kB URL HTTP/2 c4.ttcache.com/thumbnail/uUNLz2gm2E8/288x162/2.jpg
IP 178.162.128.2:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 240x180, components 3\012- data
Hash 0e4a73ccfd36bbf99ed0b6e7682839d2
c4c347034883942e5153b9da99030dfb5724e270
13e2960502fd41c7105dcb5056643d288c74864c4788be224ef2f64f3cf2e1de
GET /thumbnail/uUNLz2gm2E8/288x162/2.jpg HTTP/1.1
Host: c4.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 15000
cache-control: public, s-maxage=14400, max-age=7776000
last-modified: Sun, 21 Jun 2015 03:36:07 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c4.ttcache.com/thumbnail/qNu5U1gegNc/288x162/1.jpg
178.162.128.2200 OK 18 kB URL HTTP/2 c4.ttcache.com/thumbnail/qNu5U1gegNc/288x162/1.jpg
IP 178.162.128.2:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 288x162, components 3\012- data
Hash d09471ef854b6f2ab47e51ea91116512
90c4a1a8a3285a95f06b0cbbd6436f9e607d386d
19dfeaa83337d85224972d78d3ce979d4256ee8e30672c064de2c4f6c92651d1
GET /thumbnail/qNu5U1gegNc/288x162/1.jpg HTTP/1.1
Host: c4.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 18285
cache-control: public, s-maxage=14400, max-age=7776000
etag: "6320a528-476d"
last-modified: Tue, 13 Sep 2022 15:43:36 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
www.ixxx.com/?t=150042&utm_source=porngrand.com
167.71.71.84200 OK 104 kB URL HTTP/2 www.ixxx.com/?t=150042&utm_source=porngrand.com
IP 167.71.71.84:0
ASN #14061 DIGITALOCEAN-ASN
Size 104 kB (103452 bytes)
Hash 49129070a80a23de40d8776c55fee556
0a8fcb13cb512d7926088968b3c2d7fc7214231d
1a26b4a4a1dcd5e77819c8c3b2be08ae17891cb38ad02c88334d0f86c1a0caf4
GET /?t=150042&utm_source=porngrand.com HTTP/1.1
Host: www.ixxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://porngrand.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-control: max-age=60, no-transform, public, s-maxage=3600
date: Thu, 22 Sep 2022 10:43:53 GMT
x-content-type-options: nosniff
referrer-policy: origin, strict-origin-when-cross-origin
content-security-policy: default-src 'self'; connect-src *.g.doubleclick.net 'self' *.google-analytics.com https://*.google-analytics.com *.analytics.google.com https://*.analytics.google.com; font-src 'self' https://fonts.gstatic.com; frame-src 'none'; img-src 'self' data: *.ttcache.com https://*.ttcache.com *.google-analytics.com https://*.google-analytics.com *.analytics.google.com https://*.analytics.google.com optimize.google.com https://optimize.google.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com https://*.google-analytics.com *.analytics.google.com https://www.googletagmanager.com www.googleoptimize.com https://www.googleoptimize.com optimize.google.com https://optimize.google.com; style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com
x-content-security-policy: default-src 'self'; connect-src *.g.doubleclick.net 'self' *.google-analytics.com https://*.google-analytics.com *.analytics.google.com https://*.analytics.google.com; font-src 'self' https://fonts.gstatic.com; frame-src 'none'; img-src 'self' data: *.ttcache.com https://*.ttcache.com *.google-analytics.com https://*.google-analytics.com *.analytics.google.com https://*.analytics.google.com optimize.google.com https://optimize.google.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com https://*.google-analytics.com *.analytics.google.com https://www.googletagmanager.com www.googleoptimize.com https://www.googleoptimize.com optimize.google.com https://optimize.google.com; style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com
x-xss-protection: 1; mode=block
set-cookie: session=xkOqfZyPhbjpeGYEdFTGUfJUuvzzbvOA; path=/; secure; httponly; samesite=lax
ta=6%3BWyJodHRwczpcL1wvcG9ybmdyYW5kLmNvbVwvIiwxNTAwNDIsMCwxNTAwNDIsIjIwMjItMDktMjIiLCJwb3JuZ3JhbmQuY29tIixmYWxzZSxmYWxzZV0%3D%7Cb829918c; expires=Fri, 22-Sep-2023 10:43:53 GMT; Max-Age=31536000; path=/; secure; httponly; samesite=lax
content-encoding: gzip
vary: Accept-Encoding
age: 0
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
p.1ts14.top/pu.php?ck=1&partnersCode=e21ea9f6&bu=https%3A%2F%2Fgon.exrtbsrv.com%2Fr.php%3Fback%3Dtsu%26p=p95473498%26s=s3%26i=1375006687%26c=NW9vR3ZDcVZIZElzVkdHazBmWFFQZz09&sprice=1.4
104.21.33.107302 Found 16 kB URL HTTP/2 p.1ts14.top/pu.php?ck=1&partnersCode=e21ea9f6&bu=https%3A%2F%2Fgon.exrtbsrv.com%2Fr.php%3Fback%3Dtsu%26p=p95473498%26s=s3%26i=1375006687%26c=NW9vR3ZDcVZIZElzVkdHazBmWFFQZz09&sprice=1.4
IP 104.21.33.107:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 230x138, components 3\012- data
Hash 5bdddc8a63750d61940f6853278eea07
388aab98129aa326152fc5e9e422a528f22436f2
a5db22d116a534543e99469aae470a214689caa7f3646ea942b7d31eb36c6534
GET /pu.php?ck=1&partnersCode=e21ea9f6&bu=https%3A%2F%2Fgon.exrtbsrv.com%2Fr.php%3Fback%3Dtsu%26p=p95473498%26s=s3%26i=1375006687%26c=NW9vR3ZDcVZIZElzVkdHazBmWFFQZz09&sprice=1.4 HTTP/1.1
Host: p.1ts14.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://porngrand.com/
Connection: keep-alive
Cookie: pu=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 22 Sep 2022 10:43:52 GMT
content-type: text/html;charset=UTF-8
location: https://www.ixxx.com/?t=150042&utm_source=porngrand.com
pragma: no-cache
cache-control: no-cache, must-revalidate
expires: Sun, 1 Jan 2012 00:00:01 GMT
set-cookie: u=NENBTnyCXo6VnWx5hLS7ipeiqKmo4rvE%2BMbWCtsS8O77AQUIQEchHikvMj0%2FREtQVWNfb2s%3D; expires=Fri, 22-Sep-2023 10:43:52 GMT; Max-Age=31536000; path=/; domain=.1ts14.top
c=NENAS1FUX2FmbXJ3hYKRjZGZnaWpsbW9wcnN1dnh5e3x%2Bf0FCREVHiEpLTU5QUVNUVldZWlxdX2BiY2VmaE%3D; expires=Fri, 22-Sep-2023 10:43:52 GMT; Max-Age=31536000; path=/; domain=.1ts14.top
puq=a%3A1%3A%7Bi%3A89049%3Bs%3A12%3A%221663843432%3A1%22%3B%7D; expires=Fri, 23-Sep-2022 10:43:52 GMT; Max-Age=86400; path=/; domain=p.1ts14.top
accept-ch: Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJoyE7BsdT3pO433rp1vyoYr5Dsi8ATydb7hm%2FJZYZ29feTQk2g8zWSEyf2s13FapHQKUm4YrVqyiTmUvsl2LVZSytcQN9EbY5WsOtNdxoiBqvfoWdyJLAsysV5KHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ea712fad9fb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.ixxx.com/templates/ixxx/fonts/fa-regular-400.woff2
167.71.71.84200 OK 11 kB URL HTTP/2 www.ixxx.com/templates/ixxx/fonts/fa-regular-400.woff2
IP 167.71.71.84:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 11364, version 769.768\012- data
Hash e513cc0cd472e0c3bf21df138c90e5c6
5e613e198f423154b8f94fb310c0ea5fb7193aca
7691a753507fdfef2bf6e6a28e44212c135dc218f360d87e09911f2ee6cda411
GET /templates/ixxx/fonts/fa-regular-400.woff2 HTTP/1.1
Host: www.ixxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.ixxx.com/templates/ixxx/css/app.css?c4835cc8
Cookie: session=xkOqfZyPhbjpeGYEdFTGUfJUuvzzbvOA; ta=6%3BWyJodHRwczpcL1wvcG9ybmdyYW5kLmNvbVwvIiwxNTAwNDIsMCwxNTAwNDIsIjIwMjItMDktMjIiLCJwb3JuZ3JhbmQuY29tIixmYWxzZSxmYWxzZV0%3D%7Cb829918c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 10:15:18 GMT
content-type: font/woff2
last-modified: Tue, 20 Sep 2022 10:20:23 GMT
cache-control: public, max-age=86400, smaxage=3600
etag: W/"632993e7-2c64"
vary: Accept-Encoding
age: 1714
accept-ranges: bytes
content-length: 11364
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
c2.ttcache.com/thumbnail/IKo872REqJZ/288x162/3.jpg
212.7.207.39200 OK 23 kB URL HTTP/2 c2.ttcache.com/thumbnail/IKo872REqJZ/288x162/3.jpg
IP 212.7.207.39:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x180, components 3\012- data
Hash a04f23f0783318890118d2eba210de06
4cebb998617f215ba69db327cd8918344c9a010d
e0be014a3cfbd695c1953b2365bdf0e26f164044492b48e2fce0e6a77e234819
GET /thumbnail/IKo872REqJZ/288x162/3.jpg HTTP/1.1
Host: c2.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 23106
cache-control: public, s-maxage=14400, max-age=7776000
last-modified: Sun, 21 Aug 2022 12:02:02 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c1.ttcache.com/thumbnail/WpmHMGyZS7v/288x162/35020378d51572bff062a6bace8fbb82.26.jpg
81.171.5.120200 OK 13 kB URL HTTP/2 c1.ttcache.com/thumbnail/WpmHMGyZS7v/288x162/35020378d51572bff062a6bace8fbb82.26.jpg
IP 81.171.5.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", progressive, precision 8, 352x198, components 3\012- data
Hash b81de6c0f913b5e77de8875e785ddf49
b50977cc159d060889ab68a1b55e62b16e7f6035
9cd844c0883d3c85cc8e17f4788411421ec752b41fbfb1b4cde8217c06e5d26a
GET /thumbnail/WpmHMGyZS7v/288x162/35020378d51572bff062a6bace8fbb82.26.jpg HTTP/1.1
Host: c1.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 12748
cache-control: public, s-maxage=14400, max-age=10368000
last-modified: Mon, 16 May 2022 23:01:45 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c4.ttcache.com/thumbnail/FH1pdQKI7wk/288x162/captura_66299_1024.jpg
178.162.128.2200 OK 9.8 kB URL HTTP/2 c4.ttcache.com/thumbnail/FH1pdQKI7wk/288x162/captura_66299_1024.jpg
IP 178.162.128.2:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 288x216, components 3\012- data
Hash baefa350e7fe2416818a76564b677907
907119eb21c694b5bf61dbca9aac64250bf560f7
ec14c0389ffe38874088de1b1ca666c3579d977eb613ede00f7e79151d353056
GET /thumbnail/FH1pdQKI7wk/288x162/captura_66299_1024.jpg HTTP/1.1
Host: c4.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 9845
cache-control: public, s-maxage=14400, max-age=604800
last-modified: Mon, 10 Feb 2020 09:42:18 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
www.ixxx.com/templates/ixxx/images/apple-touch-icon.png?c6b42b19
167.71.71.84200 OK 1.9 kB URL HTTP/2 www.ixxx.com/templates/ixxx/images/apple-touch-icon.png?c6b42b19
IP 167.71.71.84:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Hash 7401d3c397df8b3dac6bf9b1b9516ede
d395c21b8089f8126995bcce9d32f40a31dd08d2
2de0f7feb587d2e5d43f96a6abd0c134e8e138c7798eca83e3c35fff3320ca27
GET /templates/ixxx/images/apple-touch-icon.png?c6b42b19 HTTP/1.1
Host: www.ixxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/?t=150042&utm_source=porngrand.com
Connection: keep-alive
Cookie: session=xkOqfZyPhbjpeGYEdFTGUfJUuvzzbvOA; ta=6%3BWyJodHRwczpcL1wvcG9ybmdyYW5kLmNvbVwvIiwxNTAwNDIsMCwxNTAwNDIsIjIwMjItMDktMjIiLCJwb3JuZ3JhbmQuY29tIixmYWxzZSxmYWxzZV0%3D%7Cb829918c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 09:48:06 GMT
content-type: image/png
last-modified: Tue, 20 Sep 2022 10:20:33 GMT
cache-control: public, max-age=86400, smaxage=3600
etag: W/"632993f1-777"
content-encoding: gzip
vary: Accept-Encoding
age: 3346
accept-ranges: bytes
content-length: 1934
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
www.ixxx.com/templates/ixxx/images/favicon-16x16.png?0271af3e
167.71.71.84200 OK 478 B URL HTTP/2 www.ixxx.com/templates/ixxx/images/favicon-16x16.png?0271af3e
IP 167.71.71.84:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 22f9b2b461ef1d91cad20ff408ac7be1
369358304cf24c3841bc2036122d8e34e88ca2ce
bbdbede0b1773d2caa3a283e08083114224569c5c300a23efb5368c1aa78268f
GET /templates/ixxx/images/favicon-16x16.png?0271af3e HTTP/1.1
Host: www.ixxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/?t=150042&utm_source=porngrand.com
Connection: keep-alive
Cookie: session=xkOqfZyPhbjpeGYEdFTGUfJUuvzzbvOA; ta=6%3BWyJodHRwczpcL1wvcG9ybmdyYW5kLmNvbVwvIiwxNTAwNDIsMCwxNTAwNDIsIjIwMjItMDktMjIiLCJwb3JuZ3JhbmQuY29tIixmYWxzZSxmYWxzZV0%3D%7Cb829918c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 10:00:11 GMT
content-type: image/png
last-modified: Tue, 20 Sep 2022 10:20:23 GMT
cache-control: public, max-age=86400, smaxage=3600
etag: W/"632993e7-1e5"
content-encoding: gzip
vary: Accept-Encoding
age: 2621
accept-ranges: bytes
content-length: 478
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 10:43:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c1.ttcache.com/thumbnail/db8XHCOYprU/288x162/950d97df3388d2fb14e8c998c8f19178v2.mp4-7.jpg
81.171.5.120200 OK 9.6 kB URL HTTP/2 c1.ttcache.com/thumbnail/db8XHCOYprU/288x162/950d97df3388d2fb14e8c998c8f19178v2.mp4-7.jpg
IP 81.171.5.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 112x99, segment length 16, comment: "Lavc56.13.100", baseline, precision 8, 220x140, components 3\012- data
Hash e1c6fb3ff3c26b075e11453d3f0da3eb
4856153a66c000ff7199f8a698765e5b6e5b46f8
ab4dd0c55e4f5597290afb67aaa3a3c66f50abcc6c82141086d1a55f8005e9bb
GET /thumbnail/db8XHCOYprU/288x162/950d97df3388d2fb14e8c998c8f19178v2.mp4-7.jpg HTTP/1.1
Host: c1.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 9644
cache-control: public, s-maxage=14400, max-age=10538984
etag: W/"43fca7ab7-25ac-5c7b9b076b4c0"
last-modified: Thu, 22 Jul 2021 17:33:47 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c2.ttcache.com/thumbnail/NL2HJ4HlBAw/288x162/0005-Smb.jpg
212.7.207.39200 OK 15 kB URL HTTP/2 c2.ttcache.com/thumbnail/NL2HJ4HlBAw/288x162/0005-Smb.jpg
IP 212.7.207.39:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 288x162, components 3\012- data
Hash 002eaf56f9e53171e82c1317b6464aac
c21504a840c2736d566f1c5775a55e457bbdca40
80bf519d8700af568e2a2387c6aabd9e314f7186acfeb4d01776f6d9bbf69fe2
GET /thumbnail/NL2HJ4HlBAw/288x162/0005-Smb.jpg HTTP/1.1
Host: c2.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 15416
cache-control: public, s-maxage=14400, max-age=2592000
etag: "6018208f-22d67"
last-modified: Mon, 01 Feb 2021 15:38:55 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c3.ttcache.com/thumbnail/CLXJGgd6V8W/288x162/1.jpg
95.211.254.216200 OK 20 kB URL HTTP/2 c3.ttcache.com/thumbnail/CLXJGgd6V8W/288x162/1.jpg
IP 95.211.254.216:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 240x180, components 3\012- data
Hash a320aaf3b3444472a0d62ff3acddca50
7f8aeb2bf14b73d724e323856e54c110789fe86e
d1ea1b91c1a5aa002bb35dd8cac991a731dbd3f93d65f16d7079e5f7427cf92e
GET /thumbnail/CLXJGgd6V8W/288x162/1.jpg HTTP/1.1
Host: c3.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 20149
cache-control: public, s-maxage=14400, max-age=7776000
last-modified: Sun, 24 Apr 2016 23:48:04 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c1.ttcache.com/thumbnail/8z6vxH52HUP/288x162/1.jpg
81.171.5.120200 OK 15 kB URL HTTP/2 c1.ttcache.com/thumbnail/8z6vxH52HUP/288x162/1.jpg
IP 81.171.5.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 240x180, components 3\012- data
Hash 9eb65f5256c56ce1f4abab5725ccfccb
06e82bd1a98731b551ccdcc835e85fcb4d8070ac
973043386b632549bc830c77f0fb7de0c324e6672c004af6334114a4c7d79295
GET /thumbnail/8z6vxH52HUP/288x162/1.jpg HTTP/1.1
Host: c1.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 15138
cache-control: public, s-maxage=14400, max-age=7776000
last-modified: Sat, 12 Dec 2015 17:26:10 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c2.ttcache.com/thumbnail/41kJsbXL8ui/288x162/3.jpg
212.7.207.39200 OK 12 kB URL HTTP/2 c2.ttcache.com/thumbnail/41kJsbXL8ui/288x162/3.jpg
IP 212.7.207.39:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x180, components 3\012- data
Hash 9d4cb5d6f9c0aa7f7f3c70ce16626ac2
3100c3f71bba89dda1f7fef901f8b7be9cc5d6e7
f448a4b3df550dd9fcdc4a246e2dea1e4e42a967dfcbb7be8c3a02ff5cbdb7c1
GET /thumbnail/41kJsbXL8ui/288x162/3.jpg HTTP/1.1
Host: c2.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 11905
cache-control: public, s-maxage=14400, max-age=7776000
last-modified: Thu, 12 May 2022 14:56:02 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c4.ttcache.com/thumbnail/9s9KP6FpufQ/288x162/3.jpg
178.162.128.2200 OK 18 kB URL HTTP/2 c4.ttcache.com/thumbnail/9s9KP6FpufQ/288x162/3.jpg
IP 178.162.128.2:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x180, components 3\012- data
Hash 438b4e11f93cc690a3b39fc25ac5ce9d
f8b3f2888e318a02f01453e41ab201988a4984a0
9447ab94defd30a2a5cf6c058a1cba6b596bed8eee0355630fe0add52dd7b564
GET /thumbnail/9s9KP6FpufQ/288x162/3.jpg HTTP/1.1
Host: c4.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 17738
cache-control: public, s-maxage=14400, max-age=7776000
last-modified: Sun, 28 Aug 2022 12:02:02 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c4.ttcache.com/thumbnail/MuqUUHIyNef/288x162/1.jpg
178.162.128.2200 OK 19 kB URL HTTP/2 c4.ttcache.com/thumbnail/MuqUUHIyNef/288x162/1.jpg
IP 178.162.128.2:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 240x180, components 3\012- data
Hash e39fe693c06de5046ef5e35f3ebfcef9
b7259bd1da43b3b7c82d2be4d3ba59c979dbef15
7db44caf8fa42f87da645bcf4ef1428b7dae8a5a9da7f193230753a8e41ebcde
GET /thumbnail/MuqUUHIyNef/288x162/1.jpg HTTP/1.1
Host: c4.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 18887
cache-control: public, s-maxage=14400, max-age=7776000
last-modified: Thu, 30 Jun 2016 19:30:10 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c1.ttcache.com/thumbnail/wxQjhkgrewx/288x162/113220.jpg
81.171.5.120200 OK 10 kB URL HTTP/2 c1.ttcache.com/thumbnail/wxQjhkgrewx/288x162/113220.jpg
IP 81.171.5.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 288x162, components 3\012- data
Hash d3de784ebd7137c3400ee1a874af267a
35d6f7fec8eb8356ff6c46b51becf84863bd6f61
73f193e736dd2b894a3b664b836da304629dfb2d3bf6303897f2c2d3011d988d
GET /thumbnail/wxQjhkgrewx/288x162/113220.jpg HTTP/1.1
Host: c1.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 10096
cache-control: public, s-maxage=14400, max-age=31536000
etag: "631a0b9e-2770"
last-modified: Thu, 08 Sep 2022 15:34:54 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c2.ttcache.com/thumbnail/CI1MPwJ1DAI/288x162/1.jpg
212.7.207.39200 OK 23 kB URL HTTP/2 c2.ttcache.com/thumbnail/CI1MPwJ1DAI/288x162/1.jpg
IP 212.7.207.39:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 240x180, components 3\012- data
Hash 5f1676ec24d34ff3a37f1ff0c1adbfd2
d373c91c34ebd9e7a64816d4347d6183b3d9321b
980ca2d14203323ed0e42ff6c132d1dca9efcf866f95196db01aaba8415e13aa
GET /thumbnail/CI1MPwJ1DAI/288x162/1.jpg HTTP/1.1
Host: c2.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 23115
cache-control: public, s-maxage=14400, max-age=7776000
last-modified: Sat, 10 Oct 2015 12:20:07 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Thu, 22 Sep 2022 10:41:09 GMT
expires: Thu, 22 Sep 2022 12:41:09 GMT
cache-control: public, max-age=7200
age: 164
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c2.ttcache.com/thumbnail/FMuQodBMTIH/288x162/4.jpg
212.7.207.39200 OK 11 kB URL HTTP/2 c2.ttcache.com/thumbnail/FMuQodBMTIH/288x162/4.jpg
IP 212.7.207.39:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x225, components 3\012- data
Hash 63fdbd251bf219b8e82723aae9a344b9
1a4486a09243bc741359c671666da8fe2e8d8566
0dde5050b451af2c9292fc1c3b64901e6837afd28423a7c4b2d36e971d23db3b
GET /thumbnail/FMuQodBMTIH/288x162/4.jpg HTTP/1.1
Host: c2.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 11252
cache-control: public, s-maxage=14400, max-age=7776000
last-modified: Fri, 23 Jul 2021 01:53:06 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c1.ttcache.com/thumbnail/m6BU04NxOnL/288x162/8add93a5211bef85a51930e4f547f288.30.jpg
81.171.5.120200 OK 11 kB URL HTTP/2 c1.ttcache.com/thumbnail/m6BU04NxOnL/288x162/8add93a5211bef85a51930e4f547f288.30.jpg
IP 81.171.5.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", progressive, precision 8, 352x198, components 3\012- data
Hash 073da58f0b2293922712831ebbb81295
9a3dd4046ece7c5ee8ede303626c41e7aba35dc8
a8968cccd8661644734a16506ff54118b53bb658138d07e05bbdbbf9fd8e0897
GET /thumbnail/m6BU04NxOnL/288x162/8add93a5211bef85a51930e4f547f288.30.jpg HTTP/1.1
Host: c1.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 10991
cache-control: public, s-maxage=14400, max-age=10368000
last-modified: Sat, 17 Sep 2022 09:51:29 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c1.ttcache.com/thumbnail/ZWAcqKVF36l/288x162/1280x720.207.jpg
81.171.5.120200 OK 13 kB URL HTTP/2 c1.ttcache.com/thumbnail/ZWAcqKVF36l/288x162/1280x720.207.jpg
IP 81.171.5.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, baseline, precision 8, 320x180, components 3\012- data
Hash bfc1f2c1b2eac317aeacbb193ddb5202
c6d0c683d8ea22696d9db2889e9ec5b7de02340b
13585cb2d6568fb2f0439514c948a271dcde77ac9bb443d0598d6c85503e5b17
GET /thumbnail/ZWAcqKVF36l/288x162/1280x720.207.jpg HTTP/1.1
Host: c1.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 12755
cache-control: public, s-maxage=14400, max-age=604800
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c1.ttcache.com/thumbnail/BMt9akxf0Pd/288x162/1.jpg
81.171.5.120200 OK 16 kB URL HTTP/2 c1.ttcache.com/thumbnail/BMt9akxf0Pd/288x162/1.jpg
IP 81.171.5.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 240x180, components 3\012- data
Hash 71bf62fb38e661ef9c924d5d5606ea9b
9f495741d0c216c389ffb00a83b4e0cc573768ea
bd4f8684cb332cb92f8321176f8b33a3d6d0d39acfcc45f2ff19560a7906d225
GET /thumbnail/BMt9akxf0Pd/288x162/1.jpg HTTP/1.1
Host: c1.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 16248
cache-control: public, s-maxage=14400, max-age=7776000
last-modified: Mon, 20 Jul 2015 08:58:05 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c3.ttcache.com/thumbnail/47ZBB3fPJot/288x162/1.jpg
95.211.254.216200 OK 26 kB URL HTTP/2 c3.ttcache.com/thumbnail/47ZBB3fPJot/288x162/1.jpg
IP 95.211.254.216:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 240x180, components 3\012- data
Hash d9b58535413e840e93caccb20fd74738
784da68ba5eef6e54119ae4df9218a51f64f9a74
1cce1dcd5cebea26f11e616ee7c89d02b058895428c1d168842161298ce49e3c
GET /thumbnail/47ZBB3fPJot/288x162/1.jpg HTTP/1.1
Host: c3.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 26014
cache-control: public, s-maxage=14400, max-age=7776000
last-modified: Fri, 05 Dec 2014 13:28:10 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c2.ttcache.com/thumbnail/RdDyxJFTaC7/288x162/captura_46409_1024.jpg
212.7.207.39200 OK 11 kB URL HTTP/2 c2.ttcache.com/thumbnail/RdDyxJFTaC7/288x162/captura_46409_1024.jpg
IP 212.7.207.39:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 288x216, components 3\012- data
Hash 9510cead791913442e76cb6060848261
ff547990169c3a2d477abd01d25025da007f998a
089cd1502fbf2852b6aa22f89b188884b95d1942eab5730399e553b3efa27548
GET /thumbnail/RdDyxJFTaC7/288x162/captura_46409_1024.jpg HTTP/1.1
Host: c2.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 11346
cache-control: public, s-maxage=14400, max-age=604800
last-modified: Wed, 03 Oct 2018 12:55:03 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
impactserving.com/Redirect.eng?MediaSegmentId=0&TempMediaId=cac33349-e981-4137-9deb-c126e12aefe8&dcid=3_ctx_1851b735-4663-41e1-b169-8b321ed0d15f&timeZoneOffset=&xml=1&feedId=1155
104.19.161.92200 OK 26 kB URL HTTP/2 impactserving.com/Redirect.eng?MediaSegmentId=0&TempMediaId=cac33349-e981-4137-9deb-c126e12aefe8&dcid=3_ctx_1851b735-4663-41e1-b169-8b321ed0d15f&timeZoneOffset=&xml=1&feedId=1155
IP 104.19.161.92:0
Hash b0c0c642ac2cbac13b92ed0913d1136a
1f27f3b616e4b306e6b32993490aeead9bcd35a0
402f96865ac8b2bb5acc91abb371a0c58c78ca5023a143687a0707c7792937a6
GET /Redirect.eng?MediaSegmentId=0&TempMediaId=cac33349-e981-4137-9deb-c126e12aefe8&dcid=3_ctx_1851b735-4663-41e1-b169-8b321ed0d15f&timeZoneOffset=&xml=1&feedId=1155 HTTP/1.1
Host: impactserving.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 10:43:52 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
INF_DFL8=false; path=/; SameSite=None; secure
IUID=dfbac8ca-a77f-4ad7-a46e-5ae6a9b9bec1; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure
ISSH=661C3F; path=/; SameSite=None; secure
VMI=5618bf2d-bbea-46b3-8b52-91bcecac9bd5; path=/; SameSite=None; secure
IPLH=#{"50517":[{"SId":"661C3F","D":"22/9/22T3:43:52"}]}; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
IPLH_Q=#[50517]; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
CHN=#[]; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Thu, 22-Sep-2022 14:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH=#{}; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH_Q=#[]; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
IZH=#{"25800":[{"SId":"661C3F","D":"22/9/22T3:43:52"}]}; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
IZH_Q=#[25800]; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH=#{}; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH_Q=#[]; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
IMH=#{}; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
IMH_Q=#[]; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{}; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[]; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH=#{"7241":[{"SId":"661C3F","D":"22/9/22T3:43:52"}]}; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH_Q=#[7241]; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
ICH=#{"15709":[{"SId":"661C3F","D":"22/9/22T3:43:52"}]}; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
ICH_Q=#[15709]; expires=Wed, 22-Sep-2032 10:43:52 GMT; path=/; SameSite=None; secure; HttpOnly
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74ea7129ec660b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c4.ttcache.com/thumbnail/0G4WGha4Oo0/288x162/2.jpg
178.162.128.2200 OK 9.7 kB URL HTTP/2 c4.ttcache.com/thumbnail/0G4WGha4Oo0/288x162/2.jpg
IP 178.162.128.2:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash d2906b724412bbd8a72d38627d2669c5
fe8ee88e37dfcaf02bb76265ef75bce4d0dc2c5c
7982b25039613b224a42820b52839838dc0cf3300916f8f0e03def68a5a8b17a
GET /thumbnail/0G4WGha4Oo0/288x162/2.jpg HTTP/1.1
Host: c4.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 9679
cache-control: public, s-maxage=14400, max-age=31536000
etag: "625ac89b-260f"
last-modified: Sat, 16 Apr 2022 13:46:03 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c3.ttcache.com/thumbnail/1JBdceFXBwE/288x162/3.jpg
95.211.254.216200 OK 12 kB URL HTTP/2 c3.ttcache.com/thumbnail/1JBdceFXBwE/288x162/3.jpg
IP 95.211.254.216:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 16f2221fdf8a88ead5e881ead9f16e65
9c147dc5efc3325834496f9fc7a189aa72a8a23c
df9171279fa8189faad48b7af8f34ef6ec07d7eca65598467c6552ea5dd8a77b
GET /thumbnail/1JBdceFXBwE/288x162/3.jpg HTTP/1.1
Host: c3.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 11966
cache-control: public, s-maxage=14400, max-age=31536000
etag: "631f1ace-2fe2"
last-modified: Mon, 12 Sep 2022 11:41:02 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c2.ttcache.com/thumbnail/H8BOSYAN5XR/288x162/0240-UeQ.jpg
212.7.207.39200 OK 8.4 kB URL HTTP/2 c2.ttcache.com/thumbnail/H8BOSYAN5XR/288x162/0240-UeQ.jpg
IP 212.7.207.39:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 288x162, components 3\012- data
Hash 337e870a956bfa255e90447852f41417
0a34fdb24f5207211463c555094d88e6d4e51b8f
e69821246b18534f9eee729323931eec60304490698196dd20ffa3d726f09f68
GET /thumbnail/H8BOSYAN5XR/288x162/0240-UeQ.jpg HTTP/1.1
Host: c2.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 8420
cache-control: public, s-maxage=14400, max-age=2592000
etag: "61f430a9-587fe"
last-modified: Fri, 28 Jan 2022 18:06:33 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c1.ttcache.com/thumbnail/f5pKXLByBIn/288x162/1.jpg
81.171.5.120200 OK 11 kB URL HTTP/2 c1.ttcache.com/thumbnail/f5pKXLByBIn/288x162/1.jpg
IP 81.171.5.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 240x180, components 3\012- data
Hash b7ef158d0e92a93b14551a979b822e0f
979b527b10e01c7280b1cef0528594b37a8063ad
4be64ac961ebc1bee4e020ddba0127efd33dd762dcd064573309081c994ff285
GET /thumbnail/f5pKXLByBIn/288x162/1.jpg HTTP/1.1
Host: c1.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 10693
cache-control: public, s-maxage=14400, max-age=7776000
last-modified: Tue, 01 Nov 2016 11:32:06 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c4.ttcache.com/thumbnail/zsH0niuYiYN/288x162/1.jpg
178.162.128.2200 OK 22 kB URL HTTP/2 c4.ttcache.com/thumbnail/zsH0niuYiYN/288x162/1.jpg
IP 178.162.128.2:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 240x180, components 3\012- data
Hash a09d814abf722e3df4cfd10e3fb225fc
8cd9491b00e6383dd56d3977b2d2c579a3de3199
fb0797281f3c5c21b1a9aa1f101e6837661506e8e8898cba36e51e373c35fc63
GET /thumbnail/zsH0niuYiYN/288x162/1.jpg HTTP/1.1
Host: c4.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 22059
cache-control: public, s-maxage=14400, max-age=7776000
last-modified: Mon, 02 Feb 2015 02:00:17 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c3.ttcache.com/thumbnail/SVU1g2cXTcI/288x162/6300432a8fce59.62923214.mp4-3.jpg
95.211.254.216200 OK 8.4 kB URL HTTP/2 c3.ttcache.com/thumbnail/SVU1g2cXTcI/288x162/6300432a8fce59.62923214.mp4-3.jpg
IP 95.211.254.216:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 278x170, components 3\012- data
Hash 3bd53d77b1043d404be5f0c1d019fc90
317ce9f088295398a749e5c2632a8c5ed0196852
5537a4ad1f5b63156bfbfed394398a266c7044854bf2c5837dc9ade35089f867
GET /thumbnail/SVU1g2cXTcI/288x162/6300432a8fce59.62923214.mp4-3.jpg HTTP/1.1
Host: c3.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 8360
cache-control: public, s-maxage=14400, max-age=14400
etag: "20d6-5e6f69a22f427"
last-modified: Wed, 24 Aug 2022 06:15:05 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c2.ttcache.com/thumbnail/zTLWGN0FvC6/288x162/265021_320x180.jpg
212.7.207.39200 OK 18 kB URL HTTP/2 c2.ttcache.com/thumbnail/zTLWGN0FvC6/288x162/265021_320x180.jpg
IP 212.7.207.39:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 320x180, components 3\012- data
Hash 842aa14ea85a04e992d85e4a88d6a7a1
9562b67a3febea197f78f072ffd6dc24748f4835
b8616f1f9b963501648a66a475447043926c400edcbc7239ee1cc122f30d527b
GET /thumbnail/zTLWGN0FvC6/288x162/265021_320x180.jpg HTTP/1.1
Host: c2.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 17530
cache-control: public, s-maxage=14400
etag: "447a-5dbff585be40c"
last-modified: Wed, 06 Apr 2022 17:03:49 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c1.ttcache.com/thumbnail/dF3JqsE6S9M/288x162/1.jpg
81.171.5.120200 OK 17 kB URL HTTP/2 c1.ttcache.com/thumbnail/dF3JqsE6S9M/288x162/1.jpg
IP 81.171.5.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 240x180, components 3\012- data
Hash 2e9d4af44180184e97eb6681ffa5c576
898940a93f78ccc1aba81dd8782bfd5b03b335f4
932babc813af3862647823f9b1d105632d410ab135e82895a9dea8b53e471277
GET /thumbnail/dF3JqsE6S9M/288x162/1.jpg HTTP/1.1
Host: c1.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 16882
cache-control: public, s-maxage=14400, max-age=7776000
last-modified: Thu, 27 Aug 2015 01:35:09 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c4.ttcache.com/thumbnail/5wmGUsvho86/288x162/5.jpg
178.162.128.2200 OK 16 kB URL HTTP/2 c4.ttcache.com/thumbnail/5wmGUsvho86/288x162/5.jpg
IP 178.162.128.2:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x180, components 3\012- data
Hash 420b24499bf8aa56bfad4437f35e46f7
a638216640d7e34e3740be314ec9675cbbfdf94e
7a1164cad625d6d67df45d43477a30ea3a6747eb54b646e7661dc0a0dfa13160
GET /thumbnail/5wmGUsvho86/288x162/5.jpg HTTP/1.1
Host: c4.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 15615
cache-control: public, s-maxage=14400, max-age=7776000
last-modified: Fri, 16 Apr 2021 18:04:04 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c1.ttcache.com/thumbnail/NcJtHxz3NOa/288x162/108568.jpg
81.171.5.120200 OK 11 kB URL HTTP/2 c1.ttcache.com/thumbnail/NcJtHxz3NOa/288x162/108568.jpg
IP 81.171.5.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 288x162, components 3\012- data
Hash f414989881ec4dcb2d9108cc3c3b82b3
3153c4b3dbae823a33cbe18738e52c19e77c9d25
3387b9f78d1cd96b5f180e80a84d068765baa82c28b72cbe9331a9bf8ca5c9e6
GET /thumbnail/NcJtHxz3NOa/288x162/108568.jpg HTTP/1.1
Host: c1.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 11026
cache-control: public, s-maxage=14400, max-age=31536000
etag: "6325ceef-2b12"
last-modified: Sat, 17 Sep 2022 13:43:11 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c4.ttcache.com/thumbnail/wr4LJEgYk59/288x162/1.jpg
178.162.128.2200 OK 12 kB URL HTTP/2 c4.ttcache.com/thumbnail/wr4LJEgYk59/288x162/1.jpg
IP 178.162.128.2:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash 796ac285ba2e1e4793d6f81cb926054a
5c32929c67a94eeec396053aab8b7326629d4251
8998f7ac9ee71ce3f785b2f130432317582f36f56e426786f81ffeda26ba2be8
GET /thumbnail/wr4LJEgYk59/288x162/1.jpg HTTP/1.1
Host: c4.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 11512
cache-control: public, s-maxage=14400, max-age=31536000
etag: "61745fe9-2db2"
last-modified: Sat, 23 Oct 2021 19:18:01 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c1.ttcache.com/thumbnail/GaDqH5yH8bz/288x162/1.jpg
81.171.5.120200 OK 18 kB URL HTTP/2 c1.ttcache.com/thumbnail/GaDqH5yH8bz/288x162/1.jpg
IP 81.171.5.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 240x180, components 3\012- data
Hash cf0dcb1c00a1664fd08ef67ac97ba364
515bad5e5326b588532610b0ade7857d53b11b32
9b96f390e2dc06db4ea801f11349eaada1493214366dcff9f5d3310413a9a889
GET /thumbnail/GaDqH5yH8bz/288x162/1.jpg HTTP/1.1
Host: c1.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 17856
cache-control: public, s-maxage=14400, max-age=7776000
last-modified: Mon, 20 Apr 2015 15:53:04 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c4.ttcache.com/thumbnail/QkH8vDXXOY8/288x162/468.jpg
178.162.128.2200 OK 69 kB URL HTTP/2 c4.ttcache.com/thumbnail/QkH8vDXXOY8/288x162/468.jpg
IP 178.162.128.2:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], baseline, precision 8, 288x162, components 3\012- data
Hash a562e5e7d9ecba58ee1b089e1d05b1f3
bda114d7623afd7b95d7445cc6ffbbaff901cfe7
6992eb2b1170a86d4d26638a60738db6e5cfaf6c9ad177c0bf2b06348b4bc883
GET /thumbnail/QkH8vDXXOY8/288x162/468.jpg HTTP/1.1
Host: c4.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 68761
cache-control: public, s-maxage=14400, max-age=31536000
etag: "631c23de-10c99"
last-modified: Sat, 10 Sep 2022 05:42:54 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
c1.ttcache.com/thumbnail/TX0BrK1RIYY/288x162/5_240.jpg
81.171.5.120200 OK 16 kB URL HTTP/2 c1.ttcache.com/thumbnail/TX0BrK1RIYY/288x162/5_240.jpg
IP 81.171.5.120:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.134.100", baseline, precision 8, 427x240, components 3\012- data
Hash 0e8d08e54cc2180bef53d920ed0cac77
1b50c199e8076c9cd9463d56e60adf9f3443670c
e9e9a1a09e8027b7e40c704e8d5ce8ebf5cb552c86bb2ca543a6e1b615da6a58
GET /thumbnail/TX0BrK1RIYY/288x162/5_240.jpg HTTP/1.1
Host: c1.ttcache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 22 Sep 2022 10:43:53 GMT
content-type: image/jpeg
content-length: 15703
cache-control: public, s-maxage=14400, max-age=315360000
etag: "6311f6ea-3d57"
last-modified: Fri, 02 Sep 2022 12:28:26 GMT
strict-transport-security: max-age=15768000
rating: RTA-5042-1996-1400-1577-RTA
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 10:43:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ixxx.com/set-splash-page-accepted
167.71.71.84200 OK 0 B URL HTTP/2 www.ixxx.com/set-splash-page-accepted
IP 167.71.71.84:0
ASN #14061 DIGITALOCEAN-ASN
POST /set-splash-page-accepted HTTP/1.1
Host: www.ixxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ixxx.com/?t=150042&utm_source=porngrand.com
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 45
Origin: https://www.ixxx.com
Connection: keep-alive
Cookie: session=xkOqfZyPhbjpeGYEdFTGUfJUuvzzbvOA; ta=6%3BWyJodHRwczpcL1wvcG9ybmdyYW5kLmNvbVwvIiwxNTAwNDIsMCwxNTAwNDIsIjIwMjItMDktMjIiLCJwb3JuZ3JhbmQuY29tIixmYWxzZSxmYWxzZV0%3D%7Cb829918c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-control: max-age=60, no-transform, public, s-maxage=3600
date: Thu, 22 Sep 2022 10:43:53 GMT
x-content-type-options: nosniff
referrer-policy: origin, strict-origin-when-cross-origin
content-security-policy: default-src 'self'; connect-src *.g.doubleclick.net 'self' *.google-analytics.com https://*.google-analytics.com *.analytics.google.com https://*.analytics.google.com; font-src 'self' https://fonts.gstatic.com; frame-src 'none'; img-src 'self' data: *.ttcache.com https://*.ttcache.com *.google-analytics.com https://*.google-analytics.com *.analytics.google.com https://*.analytics.google.com optimize.google.com https://optimize.google.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com https://*.google-analytics.com *.analytics.google.com https://www.googletagmanager.com www.googleoptimize.com https://www.googleoptimize.com optimize.google.com https://optimize.google.com; style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com
x-content-security-policy: default-src 'self'; connect-src *.g.doubleclick.net 'self' *.google-analytics.com https://*.google-analytics.com *.analytics.google.com https://*.analytics.google.com; font-src 'self' https://fonts.gstatic.com; frame-src 'none'; img-src 'self' data: *.ttcache.com https://*.ttcache.com *.google-analytics.com https://*.google-analytics.com *.analytics.google.com https://*.analytics.google.com optimize.google.com https://optimize.google.com; media-src 'none'; object-src 'none'; script-src 'self' *.google-analytics.com https://*.google-analytics.com *.analytics.google.com https://www.googletagmanager.com www.googleoptimize.com https://www.googleoptimize.com optimize.google.com https://optimize.google.com; style-src 'self' 'unsafe-inline' https://optimize.google.com https://fonts.googleapis.com
x-xss-protection: 1; mode=block
set-cookie: splashPageAccepted=1; path=/; secure; samesite=lax
content-encoding: gzip
vary: Accept-Encoding
age: 0
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
p.1ts14.top/pu.php?partnersCode=e21ea9f6&bu=https%3A%2F%2Fgon.exrtbsrv.com%2Fr.php%3Fback%3Dtsu%26p=p95473498%26s=s3%26i=1375006687%26c=NW9vR3ZDcVZIZElzVkdHazBmWFFQZz09&sprice=1.4
104.21.33.107302 Found 0 B URL HTTP/2 p.1ts14.top/pu.php?partnersCode=e21ea9f6&bu=https%3A%2F%2Fgon.exrtbsrv.com%2Fr.php%3Fback%3Dtsu%26p=p95473498%26s=s3%26i=1375006687%26c=NW9vR3ZDcVZIZElzVkdHazBmWFFQZz09&sprice=1.4
IP 104.21.33.107:0
GET /pu.php?partnersCode=e21ea9f6&bu=https%3A%2F%2Fgon.exrtbsrv.com%2Fr.php%3Fback%3Dtsu%26p=p95473498%26s=s3%26i=1375006687%26c=NW9vR3ZDcVZIZElzVkdHazBmWFFQZz09&sprice=1.4 HTTP/1.1
Host: p.1ts14.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://porngrand.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 22 Sep 2022 10:43:52 GMT
content-type: text/html;charset=UTF-8
pragma: no-cache
cache-control: no-cache, must-revalidate
expires: Sun, 1 Jan 2012 00:00:01 GMT
set-cookie: pu=1; expires=Fri, 23-Sep-2022 10:43:52 GMT; Max-Age=86400; path=/; domain=p.1ts14.top
location: /pu.php?ck=1&partnersCode=e21ea9f6&bu=https%3A%2F%2Fgon.exrtbsrv.com%2Fr.php%3Fback%3Dtsu%26p=p95473498%26s=s3%26i=1375006687%26c=NW9vR3ZDcVZIZElzVkdHazBmWFFQZz09&sprice=1.4
accept-ch: Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJS6EdylgUkbnMtpswQFo%2Fyqj8xERZOxtxLPaYaN6vzeyxId4lr51oC3Tc5k%2BFokKDaHsrMMDqJ%2F109WEoST4XklKzf5vOQUwlcLS3FKBm9KHDaZoraychjiJZ94qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ea712f2d13b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2