firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 03:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gJv2UuUr3Gze-B90NelFvChlVMefe-2dpNwnKv6AAhGgjfqRMgH1Lw==
Age: 662
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2493
Expires: Tue, 27 Sep 2022 04:08:05 GMT
Date: Tue, 27 Sep 2022 03:26:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1017811d25642601e984edc1676d118d
c177c4f7a897584bf91347fa4990c83d6bfd0321
f35bb3a8c877dd8d3c5920f3c917722f12b157aff398e2ec30fab51fa6caa2ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10694
Expires: Tue, 27 Sep 2022 06:24:46 GMT
Date: Tue, 27 Sep 2022 03:26:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ugFa1qD279WaFB985xedmLQTBfXvQ2pof9Co37Cd380B4p53X7Pg/9nK+kVTtg+BkCca0GB6SyQ=
x-amz-request-id: 3XQTAJJN3KY8Z5TJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Sep 2022 02:46:37 GMT
age: 2395
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 03:26:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
txxx.pics/xxx-download/varenyky-dumplings-rellenos-ruso-ucraniano-vareniki-pyrohy-polaco-pierogi-agria-reques%C3%B3n/
172.67.157.61200 OK 5.6 kB URL HTTP/1.1 txxx.pics/xxx-download/varenyky-dumplings-rellenos-ruso-ucraniano-vareniki-pyrohy-polaco-pierogi-agria-reques%C3%B3n/
IP 172.67.157.61:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1161), with CRLF, LF line terminators
Hash 9a23fac352736e8e0dd932d01c985645
c5bf8da0f180d8e00950d6b328617f1bc86fc5f6
6a8f40b4b6a30e1e8f01da720a719f36ffc476b27ccdeba43cd48ccc9e647f15
GET /xxx-download/varenyky-dumplings-rellenos-ruso-ucraniano-vareniki-pyrohy-polaco-pierogi-agria-reques%C3%B3n/ HTTP/1.1
Host: txxx.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:26:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OT5oW5xpSFkA35CiuXrB70UoHfNkdtMdMpIB6VeNhU8MmrdJcJhMorVxL%2F1eXaTuX2gyTAZF5xUpghBISG64%2FnXTa%2FLXg8FmHo6mFkFpay1iqb%2FmmPmWJmdqT%2FE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7511236c3d9f0b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
txxx.pics/css2/bootstrap.min.css
172.67.157.61200 OK 20 kB URL HTTP/1.1 txxx.pics/css2/bootstrap.min.css
IP 172.67.157.61:0
File type ASCII text, with very long lines (65371)
Hash 42d313958d98273a13c53f0d9ef7aaee
e3d8027a8eb50f6c48f24cbded81cfb4950fc7d8
5cfdcfe812901ddc28f58a2a28ae910b70e0e37eacfc8856114e0c046ff818a5
GET /css2/bootstrap.min.css HTTP/1.1
Host: txxx.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://txxx.pics/xxx-download/varenyky-dumplings-rellenos-ruso-ucraniano-vareniki-pyrohy-polaco-pierogi-agria-reques%C3%B3n/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:26:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 17:02:59 GMT
Vary: Accept-Encoding
ETag: W/"62f687c3-1deac"
Expires: Wed, 12 Oct 2022 07:57:10 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1279762
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9WB1wWMiggX0VRtRbWwd5swpWGMQVdgJOTBdAzSZdbmz%2BdQ7IY%2Bv5YK0h3WQqr5fpfNj7IOGAfEb6lfPQdHfQXkxnW41tV6jmolZUzbskFybDA6anvYIqEmOdA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7511236efea00b31-OSL
alt-svc: h2=":443"; ma=60
txxx.pics/css2/reset-wp.css
172.67.157.61200 OK 360 B URL HTTP/1.1 txxx.pics/css2/reset-wp.css
IP 172.67.157.61:0
File type ASCII text, with very long lines (955), with no line terminators
Hash 8f8480205222ee0fa6fd987668a7ef15
5bc955349605ae1259b5b9d631e072764af86adb
365ba894406d5b317f12a7c868545efa4db8567d3f2add19f639c32024cdaf65
GET /css2/reset-wp.css HTTP/1.1
Host: txxx.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://txxx.pics/xxx-download/varenyky-dumplings-rellenos-ruso-ucraniano-vareniki-pyrohy-polaco-pierogi-agria-reques%C3%B3n/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:26:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 17:03:00 GMT
Vary: Accept-Encoding
ETag: W/"62f687c4-3bb"
Expires: Wed, 12 Oct 2022 07:57:10 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1279762
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1jpQYX%2FWHBbAhzBg72WiLD8JXo2gb5k%2FdpIF63cb6918BpQjS0EtyONefWtBi%2Bzz1SH7LrlEo5HZLulXYCLh7jLkXrux9CP8Ajw29bH9%2B1nyS4cZa5XG5OjK78%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7511236efc03b500-OSL
alt-svc: h2=":443"; ma=60
txxx.pics/css2/dashicons.min.css
172.67.157.61200 OK 29 kB URL HTTP/1.1 txxx.pics/css2/dashicons.min.css
IP 172.67.157.61:0
File type ASCII text, with very long lines (46136), with no line terminators
Hash 5f555dd923c246db4e99954d231d4052
f3e9387d22c9cfb1b3c13247af4f58a7e2deecda
d783ef5c1d2a0dadf33bf49bb1138a9babae2f987b61d5efcce648a997c63423
GET /css2/dashicons.min.css HTTP/1.1
Host: txxx.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://txxx.pics/xxx-download/varenyky-dumplings-rellenos-ruso-ucraniano-vareniki-pyrohy-polaco-pierogi-agria-reques%C3%B3n/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:26:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 17:02:58 GMT
Vary: Accept-Encoding
ETag: W/"62f687c2-b438"
Expires: Wed, 12 Oct 2022 07:57:10 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1279762
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdHj3WVMin6EdvBFN%2Frzdzqwv6UZl394Pi%2F0H%2BBw6Xcl1BTR51xq1x7i%2BpVzxI5G7AHDOMkP%2FjvYJi7mD1Qot9L%2FRQieaJaRGTwWAcqks1kEL1P774AcbaGKgBk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7511236efb14b4f7-OSL
alt-svc: h2=":443"; ma=60
txxx.pics/css2/style.css
172.67.157.61200 OK 4.1 kB IP 172.67.157.61:0
Hash 4b1c3c488f0a103c9f201aca63945277
5f4421b895e4f24e88c86b54593b49205ee2ffd1
bb2fb5686609dd48bac6bf15da5f4fd9b1c8ce839bb286ca3ed0256bcdde0073
GET /css2/style.css HTTP/1.1
Host: txxx.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://txxx.pics/xxx-download/varenyky-dumplings-rellenos-ruso-ucraniano-vareniki-pyrohy-polaco-pierogi-agria-reques%C3%B3n/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:26:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 17:03:02 GMT
Vary: Accept-Encoding
ETag: W/"62f687c6-4313"
Expires: Wed, 12 Oct 2022 07:57:10 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1279762
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhTR2jv9TP%2B1yujXUEJq%2B4YLt14VDLyzxgzfN8um6y3BAZmln8S6cxdjmrzFnpQshRDhRycXA%2BvPdUmrPdhc7nBYso%2B9aBOpHc%2FuzeX5VY7%2BUJ9gI5b%2Bpyztbbs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7511236efe320b45-OSL
alt-svc: h2=":443"; ma=60
txxx.pics/css2/responsive.css
172.67.157.61200 OK 1.0 kB URL HTTP/1.1 txxx.pics/css2/responsive.css
IP 172.67.157.61:0
Hash 55fa142d4e1b726d143a6bff6c8b6530
0b333ebbb9f053a6b3f774c398813f2c3fc5ef9c
54ba218ddde5b7ea02ec7de7e9fdb1ec153df4123dd4dd457c8956b2fb285819
GET /css2/responsive.css HTTP/1.1
Host: txxx.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://txxx.pics/xxx-download/varenyky-dumplings-rellenos-ruso-ucraniano-vareniki-pyrohy-polaco-pierogi-agria-reques%C3%B3n/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:26:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 17:03:02 GMT
Vary: Accept-Encoding
ETag: W/"62f687c6-eea"
Expires: Wed, 12 Oct 2022 07:57:10 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1279762
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPEMeBkZ90VG68o7%2FsXpxinN6U7PQIWd%2BC6EJCl7uBd7EekA%2F5kxQrXLsTU8gKPzaUssCX%2BrvzQmMDBDJ18mjVoO%2BWoNMG1zeMlUzMiwfkHhkrrl%2Fe2Bk7C%2Bvqc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7511236f0f940b69-OSL
alt-svc: h2=":443"; ma=60
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
104.17.25.14200 OK 17 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65317)
Hash be9aeb2a05f665e3606faf11c09b542f
5644d0bd4e12fdfb7235166d2883fc7acd0a2c5b
13ace8ab3d9e2cbaf3fe1768b9ba1fc5313a5541607b4c07121c0abbb7fadfae
GET /ajax/libs/font-awesome/6.1.1/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://txxx.pics
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 03:26:32 GMT
content-type: text/css; charset=utf-8
content-length: 17041
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "623a082a-4291"
last-modified: Tue, 22 Mar 2022 17:32:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1593875
expires: Sun, 17 Sep 2023 03:26:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7G7iWkmK6dmCBuvb8qZ%2BEM1YukcfKnhwy6%2Bilmubp4yppIXUbojYlxAy6rW1s7V20IDcudxv%2BGxdAIZ3R1T%2BrmrrIdtbj05T7Sg%2BfIOFiQYyz1ZpnMqPNvbmUD9ObcB6S7LvN6a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7511236f2c12b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
txxx.pics/css2/font-awesome.min.css
172.67.157.61200 OK 5.0 kB URL HTTP/1.1 txxx.pics/css2/font-awesome.min.css
IP 172.67.157.61:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1076), with CRLF, LF line terminators
Hash f778eb8a20847be912d73e4a640264dd
07b4ab8c2238afea8496df1c540d524a71c7f67b
6577a78f33b89cbb3dbe846b70bdb1b3084ae1b8a6a8779c60daef5e6ad054ab
GET /css2/font-awesome.min.css HTTP/1.1
Host: txxx.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://txxx.pics/css2/style.css
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:26:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1561
Last-Modified: Tue, 27 Sep 2022 03:00:31 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bwz1CUa9a4CRmCr6aQ%2FPZPSSOmcONckX8tbFtOA6P%2Bcnti0fxLh9MGy8%2Fa6FFF3RCRKUVtd1%2FC2AgGHGd28rhTIN%2FwFB8ur9T927lVcPYa3vwT2i01887uxYj4A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7511236f4b3ab4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:26:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
txxx.pics/logo.jpg
172.67.157.61200 OK 10 kB IP 172.67.157.61:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 279x117, components 3\012- data
Hash fc9b65bf9d2ead8c6ec76c4bc8183ea6
ee118358f0e6f859397cc17814c8439a9edd63f8
9068e64e2805aebd45fa2a491f604a1af855472c9e79f5df8ef96c44eca5ea35
GET /logo.jpg HTTP/1.1
Host: txxx.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://txxx.pics/xxx-download/varenyky-dumplings-rellenos-ruso-ucraniano-vareniki-pyrohy-polaco-pierogi-agria-reques%C3%B3n/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:26:32 GMT
Content-Type: image/jpeg
Content-Length: 10411
Connection: keep-alive
Last-Modified: Sat, 13 Aug 2022 06:20:56 GMT
ETag: "62f742c8-28ab"
Expires: Wed, 12 Oct 2022 07:57:10 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Age: 1279762
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMSaxWXru0vtr0NJsj3JnR%2Brfd3oBt1QgPyqnSOz6i4iLplLDm6MOMMaOqVRrCoc8hyW5Ongb3Nca1aIVW%2F6hkEMS%2B9ICGSq%2FS09h11I8z5EugSeGi10Dmi5HT0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7511236fcb74b4f7-OSL
alt-svc: h2=":443"; ma=60
tse1.mm.bing.net/th?id=OIP.0GebLL-OIWP21sjFcX8ShwHaLF&pid=15.1&w=230&h=150&c=1
204.79.197.200200 OK 4.9 kB URL HTTP/2 tse1.mm.bing.net/th?id=OIP.0GebLL-OIWP21sjFcX8ShwHaLF&pid=15.1&w=230&h=150&c=1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 230x150, components 3\012- data
Hash 00eae34e3b63456740cea9ac5b3315b1
aaff99f8982e0e02312b1227b64a0d673b569f18
bd48bcff9d0a65b78600a628ad2b5a9afecf2f772a86fe3cc6cfc191e7886d58
GET /th?id=OIP.0GebLL-OIWP21sjFcX8ShwHaLF&pid=15.1&w=230&h=150&c=1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://txxx.pics/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 4862
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0A52CA0EE4A14583AD86EE2BA60F441A Ref B: OSL30EDGE0318 Ref C: 2022-09-27T03:26:32Z
date: Tue, 27 Sep 2022 03:26:32 GMT
X-Firefox-Spdy: h2
tse4.mm.bing.net/th?id=OIP.jEunm55bsS-JNtS292q3IgHaFj&pid=15.1&w=230&h=150&c=1
204.79.197.200200 OK 6.8 kB URL HTTP/2 tse4.mm.bing.net/th?id=OIP.jEunm55bsS-JNtS292q3IgHaFj&pid=15.1&w=230&h=150&c=1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 230x150, components 3\012- data
Hash e23ffa068649b86be06be4572e5148c2
6bb550fc6699c858b08f3de74a277c2650f427e2
bf9376bc3f90b00ea5aa5c9faaffed7263815f569c052f94c92897f5e22deda5
GET /th?id=OIP.jEunm55bsS-JNtS292q3IgHaFj&pid=15.1&w=230&h=150&c=1 HTTP/1.1
Host: tse4.mm.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://txxx.pics/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 6834
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 50625E35E0CE46E0B4DC614AFFF245D4 Ref B: OSL30EDGE0522 Ref C: 2022-09-27T03:26:32Z
date: Tue, 27 Sep 2022 03:26:32 GMT
X-Firefox-Spdy: h2
tse3.mm.bing.net/th?id=OIP.HRcmwcARLu0Ecq-CFvjrCwHaFQ&pid=15.1&w=230&h=150&c=1
13.107.21.200200 OK 4.5 kB URL HTTP/2 tse3.mm.bing.net/th?id=OIP.HRcmwcARLu0Ecq-CFvjrCwHaFQ&pid=15.1&w=230&h=150&c=1
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 230x150, components 3\012- data
Hash 4a3b5f1c0ac2084a1a896adf056b964a
4afb98626696708b40289bef4dd8353f1324e37f
b1f849212db83d9b9ea67656ceedf4b468ba606289f71ab62d916a1350ba0c47
GET /th?id=OIP.HRcmwcARLu0Ecq-CFvjrCwHaFQ&pid=15.1&w=230&h=150&c=1 HTTP/1.1
Host: tse3.mm.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://txxx.pics/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 4496
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1ABEC45325D04D97B3B932ED8C185FBF Ref B: OSL30EDGE0306 Ref C: 2022-09-27T03:26:32Z
date: Tue, 27 Sep 2022 03:26:32 GMT
X-Firefox-Spdy: h2
tse2.mm.bing.net/th?id=OIP.YCaEKvWrOEbyRJC3zXpFCgHaJ4&pid=15.1&w=230&h=150&c=1
204.79.197.200200 OK 9.1 kB URL HTTP/2 tse2.mm.bing.net/th?id=OIP.YCaEKvWrOEbyRJC3zXpFCgHaJ4&pid=15.1&w=230&h=150&c=1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 230x150, components 3\012- data
Hash 699b30b5defe2a017cd94c238560a0b0
7a1fcdd06334694cbfcd7edc6f06da52178455ff
234e936631fc8046b2b354d43f91ef0dfb4f1e00ea4a474b24ea5d0d62ff2bd6
GET /th?id=OIP.YCaEKvWrOEbyRJC3zXpFCgHaJ4&pid=15.1&w=230&h=150&c=1 HTTP/1.1
Host: tse2.mm.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://txxx.pics/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 9060
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 75B9AC9BA1D442458A589028A0E54FAB Ref B: OSL30EDGE0318 Ref C: 2022-09-27T03:26:32Z
date: Tue, 27 Sep 2022 03:26:32 GMT
X-Firefox-Spdy: h2
tse2.mm.bing.net/th?id=OIP.KP2w9DmMfNMwHM501AeSuQHaEu&pid=15.1&w=230&h=150&c=1
204.79.197.200200 OK 8.2 kB URL HTTP/2 tse2.mm.bing.net/th?id=OIP.KP2w9DmMfNMwHM501AeSuQHaEu&pid=15.1&w=230&h=150&c=1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 230x150, components 3\012- data
Hash 95d90fe1dff812f02f2f1e6ede217832
90ce55f0fe6fbbf2a28d75275eb030d5aee27673
982819a6acaaa595a4aba6119beed308d9cd44717e9df3155cdc65465dbf3363
GET /th?id=OIP.KP2w9DmMfNMwHM501AeSuQHaEu&pid=15.1&w=230&h=150&c=1 HTTP/1.1
Host: tse2.mm.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://txxx.pics/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 8182
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DA5937CF0510460FAD398EB67720273F Ref B: OSL30EDGE0318 Ref C: 2022-09-27T03:26:32Z
date: Tue, 27 Sep 2022 03:26:32 GMT
X-Firefox-Spdy: h2
tse3.mm.bing.net/th?id=OIP.BaidGiKa2GNTMpezVne6eQHaFZ&pid=15.1&w=230&h=150&c=1
13.107.21.200200 OK 8.1 kB URL HTTP/2 tse3.mm.bing.net/th?id=OIP.BaidGiKa2GNTMpezVne6eQHaFZ&pid=15.1&w=230&h=150&c=1
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 230x150, components 3\012- data
Hash 1f82ee6c445e9c9d11e791dff46a1168
656ce8005214eb2a80d726b499eb1346fd5878ef
b6030e151bf290291fa1d297ea87202a451acbc48414bbba62a5a71cf58a80b7
GET /th?id=OIP.BaidGiKa2GNTMpezVne6eQHaFZ&pid=15.1&w=230&h=150&c=1 HTTP/1.1
Host: tse3.mm.bing.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://txxx.pics/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 8077
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5A48DB442D6849ABB44AC7E1B09A573E Ref B: OSL30EDGE0306 Ref C: 2022-09-27T03:26:32Z
date: Tue, 27 Sep 2022 03:26:32 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:26:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/webfonts/fa-brands-400.woff2
104.17.25.14200 OK 106 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/webfonts/fa-brands-400.woff2
IP 104.17.25.14:0
File type Web Open Font Format (Version 2), TrueType, length 105536, version 769.768\012- data
Size 106 kB (105536 bytes)
Hash cd2b4095e9ce66cde642c3502a4022d9
a280ecdddd14695fad22599301ab03adfe5224c0
404c746c8f7e3f9b7611a8f23d908c1a32a5c972236b9d89bb68b05d9bf4b905
GET /ajax/libs/font-awesome/6.1.1/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://txxx.pics
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 03:26:33 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 105536
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "623a082a-19c40"
last-modified: Tue, 22 Mar 2022 17:32:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7100212
expires: Sun, 17 Sep 2023 03:26:33 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZDvgAo8CoJPFIJhLezzO5aNhWz5LBslrQ1LWtriiZ3gjfadqXnL9WsNXQxBW6E%2FNHwWNFinOf6cEjC6uFz7PlTRTeQW0RgFdc9xAL%2FlrtTDA0leTGbC%2BuyNtFKSK5bALkJKyPn2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 751123708c7cb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 03:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 03:36:19 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: B-zj9aCTVJ0NUiBzdIAt3wOn4At8agb50oabWrbAfxcx7ynrja5-1Q==
Age: 947
lacquerreddeform.com/21/c5/0a/21c50a79f6967679b35e682d593894b4.js
192.243.61.227200 OK 13 kB URL HTTP/1.1 lacquerreddeform.com/21/c5/0a/21c50a79f6967679b35e682d593894b4.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37115), with no line terminators
Hash a964d6c7c3425f6912cb80d6258e7ffd
ea10ce15af0b94862529d148916f829acb420a7c
666cf301993a8970f9452787e6101717016a474b78b31916172850e04be435dd
GET /21/c5/0a/21c50a79f6967679b35e682d593894b4.js HTTP/1.1
Host: lacquerreddeform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://txxx.pics/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 27 Sep 2022 03:26:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5a8f7cd047ac7e6a37de806f04d3b628
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 336
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:26:33 GMT
Last-Modified: Tue, 27 Sep 2022 03:20:58 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
creepingbrings.com/sfp.js
104.21.234.232200 OK 28 kB URL HTTP/1.1 creepingbrings.com/sfp.js
IP 104.21.234.232:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://txxx.pics/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:26:33 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 45447549c5d5ff09b78c18a2ecc1780b
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Tue, 27 Sep 2022 03:26:33 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2ErCZgxppHa3x5agOxq06CdpoZpnxCQ9B6Vw92JjwLJmkKJivlGbHjAgT7lGaOtDj6n1FDdwVZltoANOTRSIgmVxA2voN1pqaXIS8%2FqU6xUMHqFkV9GyBoqyLXPnUcmNTUyUtk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751123731d9c8e27-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash ee09b6ab7cfd6fb00b3abacbba58e7bc
4903c09b843081d2e873e272515d2ac8751a0461
92828a32c13bba32c5986661a9570f69f67020c43f452302d7501f159905b731
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 03:26:33 GMT
Last-Modified: Tue, 27 Sep 2022 02:25:34 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HqrTnIhA923MKcr-L06P8cPPuNYGrG-ypl2bX4yuFNrAQVkzctCwmQ==
Age: 3659
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash 581c921e3a8e58fa0be93fe78b581066
86ba02615e7fed20e93d8ffe70ec2214bfb8e6a3
b0402cef4346ea15585b2b36559dfe64e10ec5683fc499e7516bd89051b61463
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://txxx.pics
Connection: keep-alive
Referer: http://txxx.pics/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 03:26:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://txxx.pics
access-control-allow-credentials: true
set-cookie: uid_id2=961b9062-f440-4c91-8fe1-c5626441081d:2:1; expires=Fri, 24 Sep 2032 03:26:33 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
txxx.pics/favicon.ico
172.67.157.61200 OK 686 B IP 172.67.157.61:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash d79b24662e10bc554f090a42e3c338cb
7de05abab0ca935f40d87e45340b4a995b4b0fb4
cd6da0e8cf8e7c466e4d5cc234543378f0fb2dcd21079ce061a55709444eee7a
GET /favicon.ico HTTP/1.1
Host: txxx.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://txxx.pics/xxx-download/varenyky-dumplings-rellenos-ruso-ucraniano-vareniki-pyrohy-polaco-pierogi-agria-reques%C3%B3n/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:26:33 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 12 Aug 2022 17:02:53 GMT
Vary: Accept-Encoding
ETag: W/"62f687bd-47e"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1559
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqtxFRjeG1oz4no%2BAWYeRLU2DVLXuqKrt0JI3lBDyhzOsqJWfJ%2BH6sOVhbkMEiw8fZxpYDMrZxK2nwytMup2NvAOXUitgLSL90IsRcXICsByDPc1Tr0NOYYVRVw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75112374af41b4f7-OSL
alt-svc: h2=":443"; ma=60
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 445157f77abb41a2a762ed003dc207b1
fe52d67b6447b11a573e989380b1c3a2a81ae7c3
806942edb03c881a551d2341255039284ed64f68d3f7f34675f748ca46f064dd
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:26:33 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sat, 01 Oct 2022 00:58:10 GMT
ETag: "fe52d67b6447b11a573e989380b1c3a2a81ae7c3"
Last-Modified: Tue, 27 Sep 2022 00:58:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1423
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751123752c8dfac8-OSL
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Hash 7a68c8644032413981e4ba5bc0d66c4a
2d46ca8055e8577ae7138140e34a6e633434973c
e0573e9a9cbfc3f00a921fa64c50270f5941a1ebb253ab70af2cc0dac45cb0d5
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://txxx.pics/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72341
date: Tue, 27 Sep 2022 03:26:33 GMT
access-control-allow-origin: *
etag: "632d6d03-11a95"
expires: Tue, 27 Sep 2022 04:26:33 GMT
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
txxx.pics/cdn-cgi/rum?
172.67.157.61200 OK 20 B IP 172.67.157.61:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /cdn-cgi/rum? HTTP/1.1
Host: txxx.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
content-type: application/json
Content-Length: 1266
Origin: http://txxx.pics
Connection: keep-alive
Referer: http://txxx.pics/xxx-download/varenyky-dumplings-rellenos-ruso-ucraniano-vareniki-pyrohy-polaco-pierogi-agria-reques%C3%B3n/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=961b9062-f440-4c91-8fe1-c5626441081d%3A2%3A1; sb_page_21c50a79f6967679b35e682d593894b4=1; sb_onpage_21c50a79f6967679b35e682d593894b4=1; sb_main_21c50a79f6967679b35e682d593894b4=1; sb_count_21c50a79f6967679b35e682d593894b4=1; _ym_uid=1664249192983405464; _ym_d=1664249192
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:26:34 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-origin: http://txxx.pics
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
Server: cloudflare
CF-RAY: 75112377a896b4f7-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e5972f9f6fc0be929a64913dea312cee
33349fdbac15f6ff221faec8544fcd12f89d2b72
e2e6e877fb44749adab6bf278a92c25f32d7212d12825246cd0110a2fce820bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2E6E877FB44749ADAB6BF278A92C25F32D7212D12825246CD0110A2FCE820BB"
Last-Modified: Mon, 26 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14741
Expires: Tue, 27 Sep 2022 07:32:15 GMT
Date: Tue, 27 Sep 2022 03:26:34 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=961b9062-f440-4c91-8fe1-c5626441081d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.29&b_frame=0&pk=21c50a79f6967679b35e682d593894b4&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=961b9062-f440-4c91-8fe1-c5626441081d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.29&b_frame=0&pk=21c50a79f6967679b35e682d593894b4&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=961b9062-f440-4c91-8fe1-c5626441081d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.29&b_frame=0&pk=21c50a79f6967679b35e682d593894b4&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://txxx.pics/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 27 Sep 2022 03:26:34 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 95ea2a34046b2395da89f50bf8f1fc15
Strict-Transport-Security: max-age=0; includeSubdomains
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://txxx.pics/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 27 Sep 2022 03:26:34 GMT
access-control-allow-origin: *
etag: "632d6d03-2b"
expires: Tue, 27 Sep 2022 04:26:34 GMT
accept-ranges: bytes
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/36462060?wmode=7&page-url=http%3A%2F%2Ftxxx.pics%2Fxxx-download%2Fvarenyky-dumplings-rellenos-ruso-ucraniano-vareniki-pyrohy-polaco-pierogi-agria-reques%25C3%25B3n%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A795%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1078405487485%3Ahid%3A1013473255%3Az%3A0%3Ai%3A20220927032632%3Aet%3A1664249192%3Ac%3A1%3Arn%3A143809650%3Arqn%3A1%3Au%3A1664249192983405464%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A40%2C1%2C317%2C1%2C-10%2C0%2C%2C754%2C2%2C%2C%2C%2C1182%3Ans%3A1664249190240%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664249192%3At%3AVarenyky%20Dumplings%20Rellenos%20Ruso%20Ucraniano%20Vareniki%20Pyrohy%20Polaco%20Pierogi%20Agria%20Reques%C3%B3n&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 426 B URL HTTP/2 mc.yandex.ru/watch/36462060?wmode=7&page-url=http%3A%2F%2Ftxxx.pics%2Fxxx-download%2Fvarenyky-dumplings-rellenos-ruso-ucraniano-vareniki-pyrohy-polaco-pierogi-agria-reques%25C3%25B3n%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A795%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1078405487485%3Ahid%3A1013473255%3Az%3A0%3Ai%3A20220927032632%3Aet%3A1664249192%3Ac%3A1%3Arn%3A143809650%3Arqn%3A1%3Au%3A1664249192983405464%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A40%2C1%2C317%2C1%2C-10%2C0%2C%2C754%2C2%2C%2C%2C%2C1182%3Ans%3A1664249190240%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664249192%3At%3AVarenyky%20Dumplings%20Rellenos%20Ruso%20Ucraniano%20Vareniki%20Pyrohy%20Polaco%20Pierogi%20Agria%20Reques%C3%B3n&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (426), with no line terminators
Hash ed4bc3548a728005a92af40ad945aeee
6c13bbf870bff76946b815ff887fcd9cbb243c85
8c82dc6d5cfba0fdd862664008d8551aa45889d516870acb246710bab7d96ba8
GET /watch/36462060?wmode=7&page-url=http%3A%2F%2Ftxxx.pics%2Fxxx-download%2Fvarenyky-dumplings-rellenos-ruso-ucraniano-vareniki-pyrohy-polaco-pierogi-agria-reques%25C3%25B3n%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A795%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1078405487485%3Ahid%3A1013473255%3Az%3A0%3Ai%3A20220927032632%3Aet%3A1664249192%3Ac%3A1%3Arn%3A143809650%3Arqn%3A1%3Au%3A1664249192983405464%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A40%2C1%2C317%2C1%2C-10%2C0%2C%2C754%2C2%2C%2C%2C%2C1182%3Ans%3A1664249190240%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664249192%3At%3AVarenyky%20Dumplings%20Rellenos%20Ruso%20Ucraniano%20Vareniki%20Pyrohy%20Polaco%20Pierogi%20Agria%20Reques%C3%B3n&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://txxx.pics
Connection: keep-alive
Referer: http://txxx.pics/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/36462060/1?wmode=7&page-url=http%3A%2F%2Ftxxx.pics%2Fxxx-download%2Fvarenyky-dumplings-rellenos-ruso-ucraniano-vareniki-pyrohy-polaco-pierogi-agria-reques%25C3%25B3n%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A795%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1078405487485%3Ahid%3A1013473255%3Az%3A0%3Ai%3A20220927032632%3Aet%3A1664249192%3Ac%3A1%3Arn%3A143809650%3Arqn%3A1%3Au%3A1664249192983405464%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A40%2C1%2C317%2C1%2C-10%2C0%2C%2C754%2C2%2C%2C%2C%2C1182%3Ans%3A1664249190240%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664249192%3At%3AVarenyky%20Dumplings%20Rellenos%20Ruso%20Ucraniano%20Vareniki%20Pyrohy%20Polaco%20Pierogi%20Agria%20Reques%C3%B3n&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Tue, 27 Sep 2022 03:26:34 GMT
access-control-allow-origin: http://txxx.pics
set-cookie: yandexuid=3862984071664249194; Expires=Wed, 27-Sep-2023 03:26:34 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3862984071664249194; Expires=Wed, 27-Sep-2023 03:26:34 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1670167331664249194; Path=/; SameSite=None; Secure
i=GHn0dxZJ/VwUj4KlCm13xiK2OUihjRpett9DSJPbjNIzVaIatIEtX8UAC1zzxi7yo9sCRDl/EbxY0Hw60MwJ1zNYnmQ=; Expires=Fri, 24-Sep-2032 03:26:33 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695785194.yrts.1664249194#1695785194.yrtsi.1664249194; Expires=Wed, 27-Sep-2023 03:26:34 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 27-Sep-2022 03:26:34 GMT
last-modified: Tue, 27-Sep-2022 03:26:34 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
dictatepantry.com/sbar.json?key=21c50a79f6967679b35e682d593894b4&uuid=961b9062-f440-4c91-8fe1-c5626441081d%3A2%3A1
192.243.59.13200 OK 3.5 kB URL HTTP/1.1 dictatepantry.com/sbar.json?key=21c50a79f6967679b35e682d593894b4&uuid=961b9062-f440-4c91-8fe1-c5626441081d%3A2%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6104), with no line terminators
Hash 8873777741edf6d0b80ff429a3dfac80
96148dc2ee5ad61037a507c14a786b3d63fa3dce
20337dcd8861aad6c72f579b68bc91b1b89a03ddd84279f16584021fec66a678
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=21c50a79f6967679b35e682d593894b4&uuid=961b9062-f440-4c91-8fe1-c5626441081d%3A2%3A1 HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://txxx.pics
Connection: keep-alive
Referer: http://txxx.pics/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 03:26:34 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://txxx.pics
Access-Control-Allow-Origin: http://txxx.pics
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17477847; expires=Wed, 28 Sep 2022 03:26:34 GMT; secure; SameSite=None
uid_id2=961b9062-f440-4c91-8fe1-c5626441081d:2:1; expires=Tue, 04 Oct 2022 03:26:34 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 28 Sep 2022 03:26:34 GMT; secure; SameSite=None
uncs=1; expires=Wed, 28 Sep 2022 03:26:34 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 28 Sep 2022 03:26:34 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 28 Sep 2022 03:26:34 GMT; secure; SameSite=None
slec21c50a79f6967679b35e682d593894b4=[3520334]; expires=Tue, 27 Sep 2022 03:26:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a9202faf4174a6b85048d85cd0f5cffc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e712a1b3e1549ba0d4ac1091623b6a6
d500207de1cd700c6abbf0c9f8a9f342ad1167a5
bb61bb31268ca1fd6524129cc104903d2d722254fae46a6b32f48fbe1874f48e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB61BB31268CA1FD6524129CC104903D2D722254FAE46A6B32F48FBE1874F48E"
Last-Modified: Sun, 25 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16456
Expires: Tue, 27 Sep 2022 08:00:50 GMT
Date: Tue, 27 Sep 2022 03:26:34 GMT
Connection: keep-alive
dictatepantry.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRitTtaD5qISUEFlDh4ScWe7e3p6ps1hMa4rwTUJiaIHQaqrqieVre5qq7qnJ3sKBiSg4MRf0Ptmk0VdNILgySizAcEVYcaD7MH9E8GcZSaLq9%2Fle1XvFbx63%2FfJZnlAXJR0f%2BVtvSGVokvtpts49b7nnWmsyawcNAbd8MMwONMw%2FVejsOmebrwp2Lpe8l3PdT3Xa6xKIxI9WJqRkPlO5DUjtxn4Ta8dYGD%2Bf7alA0sd8P4BeRqSTxfuOych2RhZendF2PVC56%2B8kZaKFtqgz7ffzdYzXWVIj2BiHCTZ9qEa2k5W70Fnt%2Bd2ofv%2FCmM5Jc4v9xBn24cmEfe35j5jBZEh5idQ9ccQagxJx2D6BiSfEIBxnL%2BALL1zXpuKXnvE0hk7JQsPH0BWU7Lw10lk6TdnlRw0LmtVFlJnFoOkhhyMIXtj5OUuio1jkNUuWPExJP%2BdLD1cQ5ZuXbBKQ%2FL9l6LQiyM39BeTIHAXAxZ5i91EeIusHfphEHhu1%2BPzgKQcQyZjKDEEtcdQWgeldFAmDsrcQcr3G8zzvI7LGXW7EWMt3hFxyF2PdhKPem7YRclmfxiiyIdgaghmriM317Eub02WI5jyZ9grNSx3YAuCPq9RCYLKElSUoJIEVUFQ9evbXFnf1ne4smXsHXb%2FsLfqkS56m%2FS2LnoiI5v5AXlqlp3zxN0%2FsS72G77H2i7tREkYhZ2wE8Wttgi7Pm9HrW4UxAGsrCHtMVDrYENOTjyLXE4eu4yY7sKqXTD5JGj5Amg16vgu6JVR0HWxke0MBgMlE9FkqozBdY28WEBxzdlUB%2BS5%2BfzaP5yHYHvLv536e%2Fz5B6fBTI3c1Lgq7xP01M3RJV2RrUu6suS7C3khU7lBZ7O9XNBCHP%2FqLXGt0oafW7HDL19jM2IGd94RtlijGZdZz5Kvz0rOhVnVhgny4zn7nogvlvbK2dJkZb528fXVc2luhLVSZ2NQObGfgckpeZzq%2BdI%2B%2F8ynkGYMU9ZIyz1yWJB6Fyy%2FDpsfubf6OIw60sS5g6qsR8aPjy6VnBL%2Fwa9QYm%2F52%2B9f%2FumjlS9A4xpW%2FOfhEd60N9EzL4IWN5ClNfqmRl%2FVoGoIWx4fFbnZW%2F6jNS%2FEyhnFyjhbsTLq1qN4rdxvdFotl4ZR2%2Bt0qOjEgd9NQo9T6gehH4a0hcJOmZ9e%2FQcAAP%2F%2FAQAA%2F%2F%2B8PH7NgwQAAA%3D%3D
192.243.59.13200 OK 7 B URL HTTP/1.1 dictatepantry.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRitTtaD5qISUEFlDh4ScWe7e3p6ps1hMa4rwTUJiaIHQaqrqieVre5qq7qnJ3sKBiSg4MRf0Ptmk0VdNILgySizAcEVYcaD7MH9E8GcZSaLq9%2Fle1XvFbx63%2FfJZnlAXJR0f%2BVtvSGVokvtpts49b7nnWmsyawcNAbd8MMwONMw%2FVejsOmebrwp2Lpe8l3PdT3Xa6xKIxI9WJqRkPlO5DUjtxn4Ta8dYGD%2Bf7alA0sd8P4BeRqSTxfuOych2RhZendF2PVC56%2B8kZaKFtqgz7ffzdYzXWVIj2BiHCTZ9qEa2k5W70Fnt%2Bd2ofv%2FCmM5Jc4v9xBn24cmEfe35j5jBZEh5idQ9ccQagxJx2D6BiSfEIBxnL%2BALL1zXpuKXnvE0hk7JQsPH0BWU7Lw10lk6TdnlRw0LmtVFlJnFoOkhhyMIXtj5OUuio1jkNUuWPExJP%2BdLD1cQ5ZuXbBKQ%2FL9l6LQiyM39BeTIHAXAxZ5i91EeIusHfphEHhu1%2BPzgKQcQyZjKDEEtcdQWgeldFAmDsrcQcr3G8zzvI7LGXW7EWMt3hFxyF2PdhKPem7YRclmfxiiyIdgaghmriM317Eub02WI5jyZ9grNSx3YAuCPq9RCYLKElSUoJIEVUFQ9evbXFnf1ne4smXsHXb%2FsLfqkS56m%2FS2LnoiI5v5AXlqlp3zxN0%2FsS72G77H2i7tREkYhZ2wE8Wttgi7Pm9HrW4UxAGsrCHtMVDrYENOTjyLXE4eu4yY7sKqXTD5JGj5Amg16vgu6JVR0HWxke0MBgMlE9FkqozBdY28WEBxzdlUB%2BS5%2BfzaP5yHYHvLv536e%2Fz5B6fBTI3c1Lgq7xP01M3RJV2RrUu6suS7C3khU7lBZ7O9XNBCHP%2FqLXGt0oafW7HDL19jM2IGd94RtlijGZdZz5Kvz0rOhVnVhgny4zn7nogvlvbK2dJkZb528fXVc2luhLVSZ2NQObGfgckpeZzq%2BdI%2B%2F8ynkGYMU9ZIyz1yWJB6Fyy%2FDpsfubf6OIw60sS5g6qsR8aPjy6VnBL%2Fwa9QYm%2F52%2B9f%2FumjlS9A4xpW%2FOfhEd60N9EzL4IWN5ClNfqmRl%2FVoGoIWx4fFbnZW%2F6jNS%2FEyhnFyjhbsTLq1qN4rdxvdFotl4ZR2%2Bt0qOjEgd9NQo9T6gehH4a0hcJOmZ9e%2FQcAAP%2F%2FAQAA%2F%2F%2B8PH7NgwQAAA%3D%3D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRitTtaD5qISUEFlDh4ScWe7e3p6ps1hMa4rwTUJiaIHQaqrqieVre5qq7qnJ3sKBiSg4MRf0Ptmk0VdNILgySizAcEVYcaD7MH9E8GcZSaLq9%2Fle1XvFbx63%2FfJZnlAXJR0f%2BVtvSGVokvtpts49b7nnWmsyawcNAbd8MMwONMw%2FVejsOmebrwp2Lpe8l3PdT3Xa6xKIxI9WJqRkPlO5DUjtxn4Ta8dYGD%2Bf7alA0sd8P4BeRqSTxfuOych2RhZendF2PVC56%2B8kZaKFtqgz7ffzdYzXWVIj2BiHCTZ9qEa2k5W70Fnt%2Bd2ofv%2FCmM5Jc4v9xBn24cmEfe35j5jBZEh5idQ9ccQagxJx2D6BiSfEIBxnL%2BALL1zXpuKXnvE0hk7JQsPH0BWU7Lw10lk6TdnlRw0LmtVFlJnFoOkhhyMIXtj5OUuio1jkNUuWPExJP%2BdLD1cQ5ZuXbBKQ%2FL9l6LQiyM39BeTIHAXAxZ5i91EeIusHfphEHhu1%2BPzgKQcQyZjKDEEtcdQWgeldFAmDsrcQcr3G8zzvI7LGXW7EWMt3hFxyF2PdhKPem7YRclmfxiiyIdgaghmriM317Eub02WI5jyZ9grNSx3YAuCPq9RCYLKElSUoJIEVUFQ9evbXFnf1ne4smXsHXb%2FsLfqkS56m%2FS2LnoiI5v5AXlqlp3zxN0%2FsS72G77H2i7tREkYhZ2wE8Wttgi7Pm9HrW4UxAGsrCHtMVDrYENOTjyLXE4eu4yY7sKqXTD5JGj5Amg16vgu6JVR0HWxke0MBgMlE9FkqozBdY28WEBxzdlUB%2BS5%2BfzaP5yHYHvLv536e%2Fz5B6fBTI3c1Lgq7xP01M3RJV2RrUu6suS7C3khU7lBZ7O9XNBCHP%2FqLXGt0oafW7HDL19jM2IGd94RtlijGZdZz5Kvz0rOhVnVhgny4zn7nogvlvbK2dJkZb528fXVc2luhLVSZ2NQObGfgckpeZzq%2BdI%2B%2F8ynkGYMU9ZIyz1yWJB6Fyy%2FDpsfubf6OIw60sS5g6qsR8aPjy6VnBL%2Fwa9QYm%2F52%2B9f%2FumjlS9A4xpW%2FOfhEd60N9EzL4IWN5ClNfqmRl%2FVoGoIWx4fFbnZW%2F6jNS%2FEyhnFyjhbsTLq1qN4rdxvdFotl4ZR2%2Bt0qOjEgd9NQo9T6gehH4a0hcJOmZ9e%2FQcAAP%2F%2FAQAA%2F%2F%2B8PH7NgwQAAA%3D%3D HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://txxx.pics/
Cookie: u_pl=17477847; uid_id2=961b9062-f440-4c91-8fe1-c5626441081d:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec21c50a79f6967679b35e682d593894b4=[3520334]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 03:26:34 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e02573a85259a244b7ebc9bceb56a2a9
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8efccf4c61af35f8011cfb61e7f66ca
90987edc2453bcd66d8c89ed47c9882a846b22d6
973f1eaa5748b6c10ab41032e3a0dfd1f370ac6c25e819e54e81b8c3c4bd78a0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "973F1EAA5748B6C10AB41032E3A0DFD1F370AC6C25E819E54E81B8C3C4BD78A0"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17278
Expires: Tue, 27 Sep 2022 08:14:33 GMT
Date: Tue, 27 Sep 2022 03:26:35 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8efccf4c61af35f8011cfb61e7f66ca
90987edc2453bcd66d8c89ed47c9882a846b22d6
973f1eaa5748b6c10ab41032e3a0dfd1f370ac6c25e819e54e81b8c3c4bd78a0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "973F1EAA5748B6C10AB41032E3A0DFD1F370AC6C25E819E54E81B8C3C4BD78A0"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17278
Expires: Tue, 27 Sep 2022 08:14:33 GMT
Date: Tue, 27 Sep 2022 03:26:35 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8efccf4c61af35f8011cfb61e7f66ca
90987edc2453bcd66d8c89ed47c9882a846b22d6
973f1eaa5748b6c10ab41032e3a0dfd1f370ac6c25e819e54e81b8c3c4bd78a0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "973F1EAA5748B6C10AB41032E3A0DFD1F370AC6C25E819E54E81B8C3C4BD78A0"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17278
Expires: Tue, 27 Sep 2022 08:14:33 GMT
Date: Tue, 27 Sep 2022 03:26:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5365
Expires: Tue, 27 Sep 2022 04:56:00 GMT
Date: Tue, 27 Sep 2022 03:26:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5365
Expires: Tue, 27 Sep 2022 04:56:00 GMT
Date: Tue, 27 Sep 2022 03:26:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5365
Expires: Tue, 27 Sep 2022 04:56:00 GMT
Date: Tue, 27 Sep 2022 03:26:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5365
Expires: Tue, 27 Sep 2022 04:56:00 GMT
Date: Tue, 27 Sep 2022 03:26:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5365
Expires: Tue, 27 Sep 2022 04:56:00 GMT
Date: Tue, 27 Sep 2022 03:26:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash efaaa002eb6251769ea6dbf306ced3a1
9f99fa947a603fd6b10ff149e379cd04ad83d27a
238e0ca1aa29223416c34ef2dfcc6570c00e27a98991d91efc16e9bc4083c197
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4573
x-amzn-requestid: ff35a66a-caf2-4ff4-b850-01a584fc2aa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1B8FzLIAMFSPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296872-5b4a410a2827baf5598d58e7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:14:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NFjYOqhUeb3yyjMNWpoBNq_xcsX3wXvc3-rqJt4cGbJXY9Sxr5KpDA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 15:29:19 GMT
age: 43036
etag: "9f99fa947a603fd6b10ff149e379cd04ad83d27a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 20628
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b97879edd864c4f251a6668c8201095f
28938e97773ac1a51a529e85284d228239641f01
143cd15afadce309b970b525818be68c23fcb2322a66ac915d1dc7418968b6c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9304
x-amzn-requestid: d0045fdc-1e02-4039-9e0e-d3b8b255f205
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1-koF_eoAMFyHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bde1d-1cb029d169ec2b1651b2ac78;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 04:01:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7XXVE-hcLMoCU9jUDrgReSZMkPLz_GEAKoc_gR4Ai4hoCeZXfiC3tg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 05:28:34 GMT
age: 79081
etag: "28938e97773ac1a51a529e85284d228239641f01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 20237
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe29cee89-5693-407a-b182-e52f8fe5734f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe29cee89-5693-407a-b182-e52f8fe5734f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f0a1508f459d7774c0d63ff682532c0
03edfe254fa4f5c88bf9c8868edd9cdf07bf5d0d
eebf3b550e7a675a2231e97575e8be57e8d1216126a711cdef73ccbc5dd1e773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe29cee89-5693-407a-b182-e52f8fe5734f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11885
x-amzn-requestid: a8f6d57a-8bd3-42b9-80ba-695c5baac04b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YshLpHZPIAMFZiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328157d-4ef5eb306dde741502e46f24;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 07:08:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JSWNUGbYq_zNf2L2AwkLuPfnGUTsX6iqCB5ESRr3dX-0voDgtu4KnQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:59:27 GMT
age: 19628
etag: "03edfe254fa4f5c88bf9c8868edd9cdf07bf5d0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffffd9a36-7835-4249-a213-06720f62ce54.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffffd9a36-7835-4249-a213-06720f62ce54.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f9bc23ab347b5f2e2ec15d69f41f0cf0
a92af0438aa2b6637c0f69dabd0be00b3a43caf8
4382f21ee6727d4b4d21bd7d16b1821a57d9fec6c78dbf7e74bfdfbde51ec206
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffffd9a36-7835-4249-a213-06720f62ce54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4327
x-amzn-requestid: 59493149-3c46-42c6-96aa-92c945fb4c40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlA1HzioAMFzxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9e-5bd13d5719a119a25650f405;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nZuilN7CTsQ_XYx39le70nZKRzVBDyygmYdaHVmBnpi8teTUB1Faxw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 20237
etag: "a92af0438aa2b6637c0f69dabd0be00b3a43caf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d8542f50226a33e71caa7bebbaec1372
e7f8e939c8a5674d8452fcdb9dcfd42a1efd4c39
d77dbd82bee113d61e08f6cf2573a251f6583b09b19ae0e8bbac527c80273a12
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D77DBD82BEE113D61E08F6CF2573A251F6583B09B19AE0E8BBAC527C80273A12"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4212
Expires: Tue, 27 Sep 2022 04:36:47 GMT
Date: Tue, 27 Sep 2022 03:26:35 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8efccf4c61af35f8011cfb61e7f66ca
90987edc2453bcd66d8c89ed47c9882a846b22d6
973f1eaa5748b6c10ab41032e3a0dfd1f370ac6c25e819e54e81b8c3c4bd78a0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "973F1EAA5748B6C10AB41032E3A0DFD1F370AC6C25E819E54E81B8C3C4BD78A0"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17278
Expires: Tue, 27 Sep 2022 08:14:33 GMT
Date: Tue, 27 Sep 2022 03:26:35 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.10200 OK 660 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.10:0
Hash 55130bf120bd75a4bba7d678be617cdf
77b172c0cc1d15e60ab95edccf3ac1e640d16812
262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 27 Sep 2022 03:26:35 GMT
Date: Tue, 27 Sep 2022 03:26:35 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
cdn.cloudimagesb.com/si/a3/5e/dd/a35eddb8fcac26f73d0c87873d6db11e/1658144724.jpg
45.133.44.10200 OK 17 kB URL HTTP/2 cdn.cloudimagesb.com/si/a3/5e/dd/a35eddb8fcac26f73d0c87873d6db11e/1658144724.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 809ffd9e1f1ac876ab9fd0dea65e9e3a
4ac08c834e987fffe8659e65ddca741c0c4ca76c
a4a3b8a6d269923e312691d560f9522a3c57e5b4f350e0cb20a5ff1b654ea2b6
GET /si/a3/5e/dd/a35eddb8fcac26f73d0c87873d6db11e/1658144724.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 03:26:35 GMT
content-type: image/jpeg
content-length: 16863
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:45:32 GMT
etag: "62d547dc-41df"
expires: Thu, 29 Sep 2022 03:26:35 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
dictatepantry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5d%2F1e%2F66%2F5d1e6654b79f5bf053b789353432e45e%2F1613739250.html&l=1274&fd=115
192.243.59.13200 OK 0 B URL HTTP/1.1 dictatepantry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5d%2F1e%2F66%2F5d1e6654b79f5bf053b789353432e45e%2F1613739250.html&l=1274&fd=115
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5d%2F1e%2F66%2F5d1e6654b79f5bf053b789353432e45e%2F1613739250.html&l=1274&fd=115 HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://txxx.pics/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 03:26:35 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
dictatepantry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fanimate.css&l=79245&fd=353
192.243.59.13200 OK 0 B URL HTTP/1.1 dictatepantry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fanimate.css&l=79245&fd=353
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fanimate.css&l=79245&fd=353 HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://txxx.pics/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 03:26:35 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://txxx.pics
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 21 Sep 2022 20:15:52 GMT
Expires: Thu, 21 Sep 2023 20:15:52 GMT
Cache-Control: public, max-age=31536000
Age: 457843
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://txxx.pics
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 21 Sep 2022 20:15:52 GMT
Expires: Thu, 21 Sep 2023 20:15:52 GMT
Cache-Control: public, max-age=31536000
Age: 457843
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
dictatepantry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=348
192.243.59.13200 OK 0 B URL HTTP/1.1 dictatepantry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=348
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fjs%2Fscript.js&l=444&fd=348 HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://txxx.pics/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 03:26:35 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
dictatepantry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fstyle.css&l=6334&fd=369
192.243.59.13200 OK 0 B URL HTTP/1.1 dictatepantry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fstyle.css&l=6334&fd=369
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Fwhatsapp%2Fcss%2Fstyle.css&l=6334&fd=369 HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://txxx.pics/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 03:26:35 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
dictatepantry.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTtaD5qISUEFlDh4ScXe7e3p6ps1hMa4rwTUJiaIHQepXbypb3dVWdU9P9hQMSEDBjX9B75tNgho0guDJKLMBwRVhxoPswf0ngjnLTBZXv8v3qt4rePW%2B75Otap%2F4qOje8ttmQ2lNFzsLfuvE%2B0FwqrWq8mrQGvTiD%2BPoVMv2X03iBf9k603J181i6Ae%2BH%2FhBa0VZmZrB4pSEKu4kwULiL0ThQtCJMLD%2FP7vKg6MeRH%2BfPA0lJnP3veNQfIQ8u7ss3XppilfeyCpNS2PRF7ffzddzU%2BfIDmFqPaT57QM1jBuv3IPJb87swvT%2FFTI1Id4v98Dy2wcmwfrbM59MQ%2BZg4hjq%2FghSj6DoCNxcgxJjAnCBs%2BeQZ7fOGlvTK49YOmUnZO7hA6h6Qub%2BOo48%2B%2Ba0VoPWRaOrUpncYZA2UIMR1NoIRbWDcuMIVL0DXn4MJX4niw9XkWfb55w2UGLvpSQOWOLH4XwaRf58xJNgvpfKYJ534jCOosDvBWIWkFIjqHQELTdB3RFUzkOlPFSph6rwkIm9Fg%2BCoOsLTv1ewnlbdCWLhR%2FQbhrQwI97qPj0D5soi01wvQlur6KwV7GuboyXEtjqZ7hLDZzw4EqCvmhQS4LaEdSUoFYEdUlQ95ubQrvQNbeEdhULDnp40NvN0JRrW%2FSmKddkTraKffLUNDvvibt%2FYl3utcKAd3zaTdI4ibtxN2Htjox7oegk7V4SsQhONVDuCKjzsKHGx55FocaPXQSjO3B6B1w9CVq9AFoPu6EPemkY9Xxs5HcGg4FWqVzgumIQpkFRzqG84m3pffLcbH6dH85C8t2l3078Pfr8g5PgtkFhG1xW9wnW9PXhBVOT7QumduS7c0WpMrVBp7O9WNJSHv3qLXmlNlacWXabX77Gp8QU3nlHunKV5kLla458fVoJIe2KsVySH8%2B49yQ7X7lLpyubV8Xq%2BddXzmSFlc4pk49A1dh9Bq4m5HFqZkv7%2FDOfQtkRbNUgq3bJQUGZHfDiKlxx6N6Zo7D6UMMKD3XVDG3IDi%2B1mpDwwa%2FQcnfp2%2B9f%2Fumj5S9AWQMn%2F%2FPwEG%2B561izL4KW15BnDfq2QV83oHoTrjo6LAu7u%2FRHe1Zg2hsybb1tpq2%2B8Shep%2FZabV90mUxll8moE6WSC9bpMJ%2BnnLVFr8dRugkPs8v%2FAAAA%2F%2F8BAAD%2F%2FzzoqyWDBAAA
192.243.59.13200 OK 7 B URL HTTP/1.1 dictatepantry.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTtaD5qISUEFlDh4ScXe7e3p6ps1hMa4rwTUJiaIHQepXbypb3dVWdU9P9hQMSEDBjX9B75tNgho0guDJKLMBwRVhxoPswf0ngjnLTBZXv8v3qt4rePW%2B75Otap%2F4qOje8ttmQ2lNFzsLfuvE%2B0FwqrWq8mrQGvTiD%2BPoVMv2X03iBf9k603J181i6Ae%2BH%2FhBa0VZmZrB4pSEKu4kwULiL0ThQtCJMLD%2FP7vKg6MeRH%2BfPA0lJnP3veNQfIQ8u7ss3XppilfeyCpNS2PRF7ffzddzU%2BfIDmFqPaT57QM1jBuv3IPJb87swvT%2FFTI1Id4v98Dy2wcmwfrbM59MQ%2BZg4hjq%2FghSj6DoCNxcgxJjAnCBs%2BeQZ7fOGlvTK49YOmUnZO7hA6h6Qub%2BOo48%2B%2Ba0VoPWRaOrUpncYZA2UIMR1NoIRbWDcuMIVL0DXn4MJX4niw9XkWfb55w2UGLvpSQOWOLH4XwaRf58xJNgvpfKYJ534jCOosDvBWIWkFIjqHQELTdB3RFUzkOlPFSph6rwkIm9Fg%2BCoOsLTv1ewnlbdCWLhR%2FQbhrQwI97qPj0D5soi01wvQlur6KwV7GuboyXEtjqZ7hLDZzw4EqCvmhQS4LaEdSUoFYEdUlQ95ubQrvQNbeEdhULDnp40NvN0JRrW%2FSmKddkTraKffLUNDvvibt%2FYl3utcKAd3zaTdI4ibtxN2Htjox7oegk7V4SsQhONVDuCKjzsKHGx55FocaPXQSjO3B6B1w9CVq9AFoPu6EPemkY9Xxs5HcGg4FWqVzgumIQpkFRzqG84m3pffLcbH6dH85C8t2l3078Pfr8g5PgtkFhG1xW9wnW9PXhBVOT7QumduS7c0WpMrVBp7O9WNJSHv3qLXmlNlacWXabX77Gp8QU3nlHunKV5kLla458fVoJIe2KsVySH8%2B49yQ7X7lLpyubV8Xq%2BddXzmSFlc4pk49A1dh9Bq4m5HFqZkv7%2FDOfQtkRbNUgq3bJQUGZHfDiKlxx6N6Zo7D6UMMKD3XVDG3IDi%2B1mpDwwa%2FQcnfp2%2B9f%2Fumj5S9AWQMn%2F%2FPwEG%2B561izL4KW15BnDfq2QV83oHoTrjo6LAu7u%2FRHe1Zg2hsybb1tpq2%2B8Shep%2FZabV90mUxll8moE6WSC9bpMJ%2BnnLVFr8dRugkPs8v%2FAAAA%2F%2F8BAAD%2F%2FzzoqyWDBAAA
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTtaD5qISUEFlDh4ScXe7e3p6ps1hMa4rwTUJiaIHQepXbypb3dVWdU9P9hQMSEDBjX9B75tNgho0guDJKLMBwRVhxoPswf0ngjnLTBZXv8v3qt4rePW%2B75Otap%2F4qOje8ttmQ2lNFzsLfuvE%2B0FwqrWq8mrQGvTiD%2BPoVMv2X03iBf9k603J181i6Ae%2BH%2FhBa0VZmZrB4pSEKu4kwULiL0ThQtCJMLD%2FP7vKg6MeRH%2BfPA0lJnP3veNQfIQ8u7ss3XppilfeyCpNS2PRF7ffzddzU%2BfIDmFqPaT57QM1jBuv3IPJb87swvT%2FFTI1Id4v98Dy2wcmwfrbM59MQ%2BZg4hjq%2FghSj6DoCNxcgxJjAnCBs%2BeQZ7fOGlvTK49YOmUnZO7hA6h6Qub%2BOo48%2B%2Ba0VoPWRaOrUpncYZA2UIMR1NoIRbWDcuMIVL0DXn4MJX4niw9XkWfb55w2UGLvpSQOWOLH4XwaRf58xJNgvpfKYJ534jCOosDvBWIWkFIjqHQELTdB3RFUzkOlPFSph6rwkIm9Fg%2BCoOsLTv1ewnlbdCWLhR%2FQbhrQwI97qPj0D5soi01wvQlur6KwV7GuboyXEtjqZ7hLDZzw4EqCvmhQS4LaEdSUoFYEdUlQ95ubQrvQNbeEdhULDnp40NvN0JRrW%2FSmKddkTraKffLUNDvvibt%2FYl3utcKAd3zaTdI4ibtxN2Htjox7oegk7V4SsQhONVDuCKjzsKHGx55FocaPXQSjO3B6B1w9CVq9AFoPu6EPemkY9Xxs5HcGg4FWqVzgumIQpkFRzqG84m3pffLcbH6dH85C8t2l3078Pfr8g5PgtkFhG1xW9wnW9PXhBVOT7QumduS7c0WpMrVBp7O9WNJSHv3qLXmlNlacWXabX77Gp8QU3nlHunKV5kLla458fVoJIe2KsVySH8%2B49yQ7X7lLpyubV8Xq%2BddXzmSFlc4pk49A1dh9Bq4m5HFqZkv7%2FDOfQtkRbNUgq3bJQUGZHfDiKlxx6N6Zo7D6UMMKD3XVDG3IDi%2B1mpDwwa%2FQcnfp2%2B9f%2Fumj5S9AWQMn%2F%2FPwEG%2B561izL4KW15BnDfq2QV83oHoTrjo6LAu7u%2FRHe1Zg2hsybb1tpq2%2B8Shep%2FZabV90mUxll8moE6WSC9bpMJ%2BnnLVFr8dRugkPs8v%2FAAAA%2F%2F8BAAD%2F%2FzzoqyWDBAAA HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://txxx.pics/
Cookie: u_pl=17477847; uid_id2=961b9062-f440-4c91-8fe1-c5626441081d:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec21c50a79f6967679b35e682d593894b4=[3520334]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 03:26:35 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 74ea7b80c5d7510d934525918a89eba4
Strict-Transport-Security: max-age=0; includeSubdomains
dictatepantry.com/pixel/sbs?c=1
192.243.59.13200 OK 0 B URL HTTP/1.1 dictatepantry.com/pixel/sbs?c=1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://txxx.pics/
Cookie: u_pl=17477847; uid_id2=961b9062-f440-4c91-8fe1-c5626441081d:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec21c50a79f6967679b35e682d593894b4=[3520334]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 27 Sep 2022 03:26:35 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
txxx.pics/cdn-cgi/rum?
172.67.157.61200 OK 20 B IP 172.67.157.61:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /cdn-cgi/rum? HTTP/1.1
Host: txxx.pics
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Content-Length: 697
Origin: http://txxx.pics
Connection: keep-alive
Referer: http://txxx.pics/xxx-download/varenyky-dumplings-rellenos-ruso-ucraniano-vareniki-pyrohy-polaco-pierogi-agria-reques%C3%B3n/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=961b9062-f440-4c91-8fe1-c5626441081d%3A2%3A1; sb_page_21c50a79f6967679b35e682d593894b4=1; sb_onpage_21c50a79f6967679b35e682d593894b4=1; sb_main_21c50a79f6967679b35e682d593894b4=1; sb_count_21c50a79f6967679b35e682d593894b4=1; _ym_uid=1664249192983405464; _ym_d=1664249192; _ym_isad=2; pbpr0tpuw4isk85t8yg3jb2lj5vqf=dictatepantry.com
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:26:41 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-origin: http://txxx.pics
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
Server: cloudflare
CF-RAY: 751123a48e26b4f7-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Encoding: gzip
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
104.18.47.230200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP 104.18.47.230:0
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://txxx.pics
Connection: keep-alive
Referer: http://txxx.pics/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 03:26:32 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7511236f391db4ff-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/img/close.svg
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/img/close.svg
IP 172.64.200.2:0
GET /sb/ssp/utility/social-media/whatsapp/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 03:26:35 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:19:43 GMT
etag: W/"60254b0f-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4728113
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjpBR2EKk2tqIRCMY2j1z2VC1nOSivSYBUPctdBx55j63rOeZ9EbjlEM9ehwJGppPTOlZqjJe%2FNVImrUFLNHUU2%2BIazLbfChF9t3xHJJoAq4Ko5Lc%2FpE1pA%2Fsz9W6P0I5%2Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7511237d6ca00079-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/js/script.js
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/js/script.js
IP 172.64.200.2:0
GET /sb/ssp/utility/social-media/whatsapp/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://txxx.pics
Connection: keep-alive
Referer: http://txxx.pics/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 03:26:35 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhaV9lVyFsT5CbHJtMS7JfH%2F3KKKP0zXPMJDs7VQtJQ4RDVWSRKRcwk8pLnbM6rL7HJdjqK66gy08YuN73Jum2csOAomxQ6Ax6AG3BnmjReVlCv5Wp8rdGW%2F%2Bg9Yf3pXUXA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7511237d6c9e0079-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Black+Ops+One&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Black+Ops+One&display=swap
IP 142.250.74.10:0
GET /css2?family=Black+Ops+One&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://txxx.pics/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 03:26:32 GMT
date: Tue, 27 Sep 2022 03:26:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/5d/1e/66/5d1e6654b79f5bf053b789353432e45e/1613739250.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://txxx.pics
Connection: keep-alive
Referer: http://txxx.pics/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 03:26:34 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 12:54:16 GMT
etag: W/"602fb4f8-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 27 Sep 2022 04:26:34 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/animate.css
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/animate.css
IP 172.64.200.2:0
GET /sb/ssp/utility/social-media/whatsapp/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://txxx.pics
Connection: keep-alive
Referer: http://txxx.pics/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 03:26:35 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyUswe6%2BNFqJpAD%2BmM7%2BDEWPKoYDx32N%2BBF3TosxntDT2E4xUcPrPVq%2BzIWwhz2Yi3s2q0xb8b7ziUBi81hGU0eduyBRFT8Z2Sj%2B3IzNVX%2F6a0uF%2B%2FupSO2YBHZJ%2Fba650g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7511237d4c930079-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/style.css
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/whatsapp/css/style.css
IP 172.64.200.2:0
GET /sb/ssp/utility/social-media/whatsapp/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://txxx.pics
Connection: keep-alive
Referer: http://txxx.pics/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 03:26:35 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:30:40 GMT
etag: W/"6128daf0-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kW3Q54ZCuairFUKsZmtJlOPTDXUsoijXs5czDJBWDceb8S5gBeA3J6iMzmwdOV7VWTXJtCHNFiTkVHNeesBFeThLYsvp0QljO9Wme22EVZlw2HG1PgES8VGRL5dBiT9GdZA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7511237d7ca10079-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2