www.epamount.com/exc/rtb?utm_term=1483&email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ==
134.122.57.117302 Found 674 B URL User Request GET HTTP/1.1 www.epamount.com/exc/rtb?utm_term=1483&email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ==
IP 134.122.57.117:443
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerLet's Encrypt
Subjectepamount.com
Fingerprint63:3A:71:8D:7B:04:E7:55:09:74:B0:20:F5:07:7A:81:16:8C:6C:6E
ValidityTue, 11 Apr 2023 00:25:09 GMT - Mon, 10 Jul 2023 00:25:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62ee9d72b013c579753690f8d74cbe67
493608e046c0486022196fba60f9189b4503717f
6123c5581064e81914a04e2a11d56e4808b1866a76777071d6502cde679111d1
GET /exc/rtb?utm_term=1483&email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ== HTTP/1.1
Host: www.epamount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Sat, 13 May 2023 11:07:02 GMT
Location: https://www.Drs2ep.com/c/aa738cb33c5db899?utm_term=81483&email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ==
www.drs2ep.com/c/aa738cb33c5db899?utm_term=81483&email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ==
52.51.27.131302 Found 169 B URL User Request GET HTTP/2 www.drs2ep.com/c/aa738cb33c5db899?utm_term=81483&email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ==
IP 52.51.27.131:443
Certificate IssuerLet's Encrypt
Subject*.drs2ep.com
FingerprintA6:1B:70:CD:80:36:AB:88:A7:0A:9E:65:14:B2:DB:4F:57:E6:A1:07
ValiditySun, 16 Apr 2023 00:01:40 GMT - Sat, 15 Jul 2023 00:01:39 GMT
File type HTML document, ASCII text
Hash f9cecbff9e6d6b3bfe605db108630e9c
bf3a9a3b3d73702fcb68e4bb71c02635002ce703
b48432541895bf4d0de39ff24d7c6f0a7e622ee3bd9a2b082c2a89ec92b95eb3
GET /c/aa738cb33c5db899?utm_term=81483&email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ== HTTP/1.1
Host: www.drs2ep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Sat, 13 May 2023 11:07:02 GMT
content-type: text/html; charset=utf-8
content-length: 169
location: https://yppypl.abtrcker.com/c/e59cd792e60898e2?email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ%3D%3D&tid=njmfk645f6f560000b650&utm_term=81483
set-cookie: unique_id=645f6f56000df1a6; Path=/; Expires=Wed, 12 Jul 2023 11:07:02 GMT; Secure; SameSite=None
unique_id2=645f6f56000df98b; Path=/; Expires=Fri, 11 Aug 2023 11:07:02 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Sat, 13 May 2023 11:07:02 GMT; Secure; SameSite=None
tid=njmfk645f6f560000b650; Path=/; Expires=Sun, 16 Apr 2028 11:07:02 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
yppypl.abtrcker.com/c/e59cd792e60898e2?email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ%3D%3D&tid=njmfk645f6f560000b650&utm_term=81483
52.19.101.114302 Found 159 B URL User Request GET HTTP/2 yppypl.abtrcker.com/c/e59cd792e60898e2?email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ%3D%3D&tid=njmfk645f6f560000b650&utm_term=81483
IP 52.19.101.114:443
Certificate IssuerLet's Encrypt
Subject*.abtrcker.com
Fingerprint25:FC:FA:94:5B:46:F1:0B:5C:0B:7F:00:98:65:AB:79:74:05:6C:B8
ValidityThu, 16 Mar 2023 01:00:51 GMT - Wed, 14 Jun 2023 01:00:50 GMT
File type HTML document, ASCII text
Hash 3d1c57ef7d992069e4350b20cc61ca60
25eae48b62f901a1ce4ea0e9cc354f24ae9a4793
ae80f7255b998a9a1ba6da528f56c4d537df4483aa36aaca4d5db46525162063
GET /c/e59cd792e60898e2?email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ%3D%3D&tid=njmfk645f6f560000b650&utm_term=81483 HTTP/1.1
Host: yppypl.abtrcker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Sat, 13 May 2023 11:07:03 GMT
content-type: text/html; charset=utf-8
content-length: 159
location: https://pdtrcks.com/v1/redirect/7744?email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ%3D%3D&tid=dilzb645f6f5700068c65&utm_term=81483
set-cookie: unique_id=645f6f5700000b4e; Path=/; Expires=Wed, 12 Jul 2023 11:07:03 GMT; Secure; SameSite=None
unique_id2=645f6f570000143a; Path=/; Expires=Fri, 11 Aug 2023 11:07:03 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Sat, 13 May 2023 11:07:03 GMT; Secure; SameSite=None
tid=dilzb645f6f5700068c65; Path=/; Expires=Sun, 16 Apr 2028 11:07:03 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
rtbcpc.com/cpc?utm_term=&email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ%3D%3D
167.71.51.143302 Found 622 B URL User Request GET HTTP/1.1 rtbcpc.com/cpc?utm_term=&email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ%3D%3D
IP 167.71.51.143:443
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerLet's Encrypt
Subjectrtbcpc.com
FingerprintF1:00:4C:29:90:B2:48:8B:98:41:84:C1:D6:89:82:9A:AD:46:A0:8D
ValidityFri, 31 Mar 2023 16:05:17 GMT - Thu, 29 Jun 2023 16:05:16 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8ac513c726f0d1baae4a8fb81f757f90
93764a3a887635961bbdfa5275522e155cc45403
98b227f94a3cc4198aaac66a0ae23a18c4bbebbc35bbada8c74406441c04b685
GET /cpc?utm_term=&email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ%3D%3D HTTP/1.1
Host: rtbcpc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Sat, 13 May 2023 11:07:03 GMT
Location: http://s.elns4a.com/splash.php?idzone=4855662&el=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ==&sub=
s.elns4a.com/splash.php?idzone=4855662&el=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ==&sub=
95.211.229.248302 Found 0 B URL User Request GET HTTP/1.1 s.elns4a.com/splash.php?idzone=4855662&el=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ==&sub=
IP 95.211.229.248:80
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /splash.php?idzone=4855662&el=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ==&sub= HTTP/1.1
Host: s.elns4a.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 13 May 2023 11:07:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A66%3A%22e_e816ae8aae5d19e719aaa522e684a8936968f8c52427784c564cd18e6292ab01%22%3B%7D; expires=Mon, 12 May 2025 11:07:03 GMT; path=; domain=.elns4a.com;
c-tag=%7B%22tag-link%22%3A%22v3%7C%7CNOR%7C4855662%7C71097856%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7Ce_e816ae8aae5d19e719aaa522e684a8936968f8c52427784c564cd18e6292ab01%7C%7C0%7C%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C2%7Cok%22%7D; expires=Sun, 14 May 2023 11:07:03 GMT; path=/; domain=.exoclick.com;
Location: https://remparleyfaining.icu/594e66ac-092f-4967-86c9-8c053d5666ee?campid=4971720&varid=71097856&source=email-source.com&keyword=%&tags=&siteid=978686&zoneid=4855662&catid=508&country=NOR&format=&cost=0.01&tag=ooc4ASOptqqrrndZNLdZbVW6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSu3y3tmrz3tzz3q2mu3smuzzzqnn3rtpztuorurt4t1qnpnsstp1qrp12mt3rnunz0lmc6VznOldK6V0rpXSuldK6dwfYA-
X-Robots-Tag: noindex, follow
remparleyfaining.icu/594e66ac-092f-4967-86c9-8c053d5666ee?campid=4971720&varid=71097856&source=email-source.com&keyword=%&tags=&siteid=978686&zoneid=4855662&catid=508&country=NOR&format=&cost=0.01&tag=ooc4ASOptqqrrndZNLdZbVW6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSu3y3tmrz3tzz3q2mu3smuzzzqnn3rtpztuorurt4t1qnpnsstp1qrp12mt3rnunz0lmc6VznOldK6V0rpXSuldK6dwfYA-
18.195.123.247302 Found 0 B URL User Request GET HTTP/2 remparleyfaining.icu/594e66ac-092f-4967-86c9-8c053d5666ee?campid=4971720&varid=71097856&source=email-source.com&keyword=%&tags=&siteid=978686&zoneid=4855662&catid=508&country=NOR&format=&cost=0.01&tag=ooc4ASOptqqrrndZNLdZbVW6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSu3y3tmrz3tzz3q2mu3smuzzzqnn3rtpztuorurt4t1qnpnsstp1qrp12mt3rnunz0lmc6VznOldK6V0rpXSuldK6dwfYA-
IP 18.195.123.247:443
Certificate IssuerLet's Encrypt
Subjectremparleyfaining.icu
Fingerprint81:D1:27:B6:CC:4A:E0:B7:19:D4:A4:5A:08:27:83:5A:F0:05:7B:52
ValidityFri, 21 Apr 2023 07:02:07 GMT - Thu, 20 Jul 2023 07:02:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /594e66ac-092f-4967-86c9-8c053d5666ee?campid=4971720&varid=71097856&source=email-source.com&keyword=%&tags=&siteid=978686&zoneid=4855662&catid=508&country=NOR&format=&cost=0.01&tag=ooc4ASOptqqrrndZNLdZbVW6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSu3y3tmrz3tzz3q2mu3smuzzzqnn3rtpztuorurt4t1qnpnsstp1qrp12mt3rnunz0lmc6VznOldK6V0rpXSuldK6dwfYA- HTTP/1.1
Host: remparleyfaining.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Sat, 13 May 2023 11:07:03 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: http://pre.rask-sex.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cucmFzay1zZXguY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0xOTA2MQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=5&fllbck=2&vrnt=MTE%3D&utm_source=wvhbjsr8fiaanbmo2rj9ov3k
pragma: no-cache
set-cookie: 594e66ac-092f-4967-86c9-8c053d5666ee-v4=qGi88LkwjTXMmsvfwntGej5hxTzuQiHm58ceS_p4xz4; Max-Age=86400; Expires=Sun, 14-May-2023 11:07:03 GMT; Domain=remparleyfaining.icu; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=vVA1eHV5OIjebqFIa7QQwpeVBIpSQvVAlOXymUiOw2ZubJTdDBzwgh7L4l8oZ%2FWvz4U9mLzI%2FOvhh8eqI%2BrMmcMd9XUXI5x1YLauDdsvjI6m8b%2Bby9ebneebMYjwzRikzzvWAg24E20lfpIHrVFU9Q%3D%3D; Max-Age=31536000; Expires=Sun, 12-May-2024 11:07:03 GMT; Domain=remparleyfaining.icu; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
pre.rask-sex.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cucmFzay1zZXguY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0xOTA2MQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=5&fllbck=2&vrnt=MTE%3D&utm_source=wvhbjsr8fiaanbmo2rj9ov3k
52.17.44.102200 OK 16 kB URL User Request GET HTTP/1.1 pre.rask-sex.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cucmFzay1zZXguY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0xOTA2MQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=5&fllbck=2&vrnt=MTE%3D&utm_source=wvhbjsr8fiaanbmo2rj9ov3k
IP 52.17.44.102:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash b81dc6b7fa4c6625a2102f47ff1e749c
a07a3814a371e087e8ead28bee0cdf1d2d3970d6
a01a91e7d4737e47ce552308c55a7beb4dc98dd237377c36b7ffe78cbc170131
GET /campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cucmFzay1zZXguY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0xOTA2MQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=5&fllbck=2&vrnt=MTE%3D&utm_source=wvhbjsr8fiaanbmo2rj9ov3k HTTP/1.1
Host: pre.rask-sex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 May 2023 11:07:04 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.22.0
Set-Cookie: PHPSESSID=o2mt25m69cia10vh4etgbjk0so; path=/
Content-Length: 16229
Connection: keep-alive
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
142.250.74.170200 OK 33 kB URL GET HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP 142.250.74.170:80
Requested by http://pre.rask-sex.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cucmFzay1zZXguY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0xOTA2MQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=5&fllbck=2&vrnt=MTE%3D&utm_source=wvhbjsr8fiaanbmo2rj9ov3k
File type ASCII text, with very long lines (32072)
Hash e0e0559014b222245deb26b6ae8bd940
e2f3603e23711f6446f278a411d905623d65201e
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://pre.rask-sex.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 32954
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 11 May 2023 04:24:24 GMT
Expires: Fri, 10 May 2024 04:24:24 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 196960
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js
104.17.24.14200 OK 29 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js
IP 104.17.24.14:443
Requested by http://pre.rask-sex.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cucmFzay1zZXguY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0xOTA2MQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=5&fllbck=2&vrnt=MTE%3D&utm_source=wvhbjsr8fiaanbmo2rj9ov3k
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (32089)
Hash 397754ba49e9e0cf4e7c190da78dda05
ae49e56999d82802727455f0ba83b63acd90a22b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
GET /ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://pre.rask-sex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 11:07:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 29363
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-169d5"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2647066
expires: Thu, 02 May 2024 11:07:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LpKBCDJh8DHjYfHZKsrPXKUmBi3nKonk72iFrfB8Jg0o6syOuuBtA41zWvpjXwyOoWwtjg9N8FCJvWzwKhGpfXPIxpqo5Rltkl%2BVLcJst5rVXpKbdtNGlNikKA6WGU3rGLAKaOE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c6a6f899f240b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery.countdown/2.2.0/jquery.countdown.min.js
104.17.24.14200 OK 2.0 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.countdown/2.2.0/jquery.countdown.min.js
IP 104.17.24.14:443
Requested by http://pre.rask-sex.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cucmFzay1zZXguY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0xOTA2MQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=5&fllbck=2&vrnt=MTE%3D&utm_source=wvhbjsr8fiaanbmo2rj9ov3k
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (4136)
Hash 5d3ff3c3fbaa67cc639501f44eeb07be
bd66e4cd58de09c198e7abc77fa4c883955d189e
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
GET /ajax/libs/jquery.countdown/2.2.0/jquery.countdown.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://pre.rask-sex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 11:07:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 1985
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-14db"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6773441
expires: Thu, 02 May 2024 11:07:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFSB6SnOZX%2FHPdjI1A8gtJ6PybZTwiMsjdMoSGLpyg5krAS3HDGsgAHIGOEt0C0PCK9d73lsX4V3bfIu6PpufghuY0JrOjyRhvKEJpF1myhDEe7cAJjWnRgnLh5K5WFP%2B5190BCu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c6a6f89bf330b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 9be3fe14f68f6532597d14598507135b
60808c84e6454278fad41302a21f77b95c97e193
93e68f9214835f244c00eb7ba51a06c44a1c257b7d4c1a4c208c67d6a579d39b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 13 May 2023 11:07:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 9be3fe14f68f6532597d14598507135b
60808c84e6454278fad41302a21f77b95c97e193
93e68f9214835f244c00eb7ba51a06c44a1c257b7d4c1a4c208c67d6a579d39b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 13 May 2023 11:07:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 9be3fe14f68f6532597d14598507135b
60808c84e6454278fad41302a21f77b95c97e193
93e68f9214835f244c00eb7ba51a06c44a1c257b7d4c1a4c208c67d6a579d39b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 13 May 2023 11:07:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 9be3fe14f68f6532597d14598507135b
60808c84e6454278fad41302a21f77b95c97e193
93e68f9214835f244c00eb7ba51a06c44a1c257b7d4c1a4c208c67d6a579d39b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 13 May 2023 11:07:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pre.rask-sex.com/favicon.ico
52.17.44.102500 Internal Server Error 0 B URL GET HTTP/1.1 pre.rask-sex.com/favicon.ico
IP 52.17.44.102:80
Requested by http://pre.rask-sex.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cucmFzay1zZXguY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0xOTA2MQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=5&fllbck=2&vrnt=MTE%3D&utm_source=wvhbjsr8fiaanbmo2rj9ov3k
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: pre.rask-sex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://pre.rask-sex.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cucmFzay1zZXguY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0xOTA2MQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=5&fllbck=2&vrnt=MTE%3D&utm_source=wvhbjsr8fiaanbmo2rj9ov3k
Cookie: PHPSESSID=o2mt25m69cia10vh4etgbjk0so
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 500 Internal Server Error
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 May 2023 11:07:05 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.22.0
Set-Cookie: PHPSESSID=6iukou6lbh7lk42d6d8vda5hbr; path=/
Content-Length: 0
Connection: keep-alive
fonts.googleapis.com/css?family=Raleway:400,700
172.217.21.170200 OK 1.0 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Raleway:400,700
IP 172.217.21.170:443
Requested by http://pre.rask-sex.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cucmFzay1zZXguY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0xOTA2MQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=5&fllbck=2&vrnt=MTE%3D&utm_source=wvhbjsr8fiaanbmo2rj9ov3k
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type gzip compressed data, max compression\012- data
Hash 9861093ac9f3e173af4f5dcef412f2a4
f77e74cf3daebf818c49d063a7781972659e2dfc
0ef546861d7c9376a6ee1e9a4d40a65d38bd5e2e70e01d34e9b5329baba3fa13
GET /css?family=Raleway:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://pre.rask-sex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 13 May 2023 11:07:04 GMT
date: Sat, 13 May 2023 11:07:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
media.rask-sex.com/media/images/prelandingpage/prelander11/prelanding_adult_1.jpg
143.204.55.35200 OK 19 kB URL GET HTTP/2 media.rask-sex.com/media/images/prelandingpage/prelander11/prelanding_adult_1.jpg
IP 143.204.55.35:443
Requested by http://pre.rask-sex.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cucmFzay1zZXguY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0xOTA2MQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=5&fllbck=2&vrnt=MTE%3D&utm_source=wvhbjsr8fiaanbmo2rj9ov3k
Certificate IssuerAmazon
Subject*.rask-sex.com
Fingerprint44:C4:B5:9F:C8:1B:82:3A:A5:7B:73:A1:B0:7E:D0:E2:37:7B:A7:16
ValidityWed, 15 Feb 2023 00:00:00 GMT - Thu, 14 Mar 2024 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 316x360, components 3\012- data
Hash 7337cff90c72f7a30fbcce02c13e5aaf
c06d7c4e6671788f28c28aa7982a4a6734ba072c
13ba384e476ea88ffa792224d37b3b424fe8faeb10aa324b3050af7b77c89551
GET /media/images/prelandingpage/prelander11/prelanding_adult_1.jpg HTTP/1.1
Host: media.rask-sex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://pre.rask-sex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 18818
date: Sun, 16 Apr 2023 23:32:41 GMT
last-modified: Thu, 26 Apr 2018 12:45:07 GMT
etag: "7337cff90c72f7a30fbcce02c13e5aaf"
cache-control: max-age=3153600
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gMrCj96R83G-eZ9CQYuhEt__bLA0Ey3KuKbVEY9vTxSO57GZm6ozrA==
age: 2288065
vary: Origin
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js
104.18.11.207200 OK 37 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js
IP 104.18.11.207:443
Requested by http://pre.rask-sex.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cucmFzay1zZXguY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0xOTA2MQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=5&fllbck=2&vrnt=MTE%3D&utm_source=wvhbjsr8fiaanbmo2rj9ov3k
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (32003)
Hash c5b5b2fa19bd66ff23211d9f844e0131
791aa054a026bddc0de92bad6cf7a1c6e73713d5
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
GET /bootstrap/3.3.6/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pre.rask-sex.com
DNT: 1
Connection: keep-alive
Referer: http://pre.rask-sex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 11:07:04 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"c5b5b2fa19bd66ff23211d9f844e0131"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 08/20/2022 02:30:10
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 874
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: ee046d65e9255874ae0f0956e523a788
cdn-cache: HIT
cf-cache-status: HIT
age: 735401
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7c6a6f89af3ab503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
104.18.11.207200 OK 121 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
IP 104.18.11.207:443
Requested by http://pre.rask-sex.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cucmFzay1zZXguY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0xOTA2MQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=5&fllbck=2&vrnt=MTE%3D&utm_source=wvhbjsr8fiaanbmo2rj9ov3k
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65371)
Size 121 kB (121260 bytes)
Hash 2f624089c65f12185e79925bc5a7fc42
8eb176c70b9cfa6871b76d6dc98fb526e7e9b3de
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
GET /bootstrap/3.3.6/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pre.rask-sex.com
DNT: 1
Connection: keep-alive
Referer: http://pre.rask-sex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 11:07:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"2f624089c65f12185e79925bc5a7fc42"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 11/18/2022 06:18:39
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 755
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: fb1396ce4de79f171067b4bfe084d520
cdn-cache: HIT
cf-cache-status: HIT
age: 11829202
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7c6a6f897f12b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Monoton
172.217.21.170200 OK 390 B URL GET HTTP/2 fonts.googleapis.com/css?family=Monoton
IP 172.217.21.170:443
Requested by http://pre.rask-sex.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cucmFzay1zZXguY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0xOTA2MQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=5&fllbck=2&vrnt=MTE%3D&utm_source=wvhbjsr8fiaanbmo2rj9ov3k
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (398), with no line terminators
Hash 7435e91d602f18f609f407043afca6bc
d568d77726aef43155850f8c533428f478f2269f
dbbf8e122efe82b4711e1a191944345ad74b512e3feb5d3c6d3acab93ac70762
GET /css?family=Monoton HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://pre.rask-sex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 13 May 2023 11:07:04 GMT
date: Sat, 13 May 2023 11:07:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,700
172.217.21.170200 OK 4.3 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:300,700
IP 172.217.21.170:443
Requested by http://pre.rask-sex.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cucmFzay1zZXguY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0xOTA2MQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=5&fllbck=2&vrnt=MTE%3D&utm_source=wvhbjsr8fiaanbmo2rj9ov3k
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (4372), with no line terminators
Hash 69fcbffd19e726159f389148945c7d92
56107354dd144c12dfb5e571013b48994fa8fb44
caa41ac564100904f7f66ae014513a264db6fc466b71ebba7c0df253f54e0bca
GET /css?family=Roboto:300,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://pre.rask-sex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 13 May 2023 11:07:04 GMT
date: Sat, 13 May 2023 11:07:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pdtrcks.com/v1/redirect/7744?email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ%3D%3D&tid=dilzb645f6f5700068c65&utm_term=81483
188.114.96.1301 Moved Permanently 16 kB URL User Request GET HTTP/2 pdtrcks.com/v1/redirect/7744?email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ%3D%3D&tid=dilzb645f6f5700068c65&utm_term=81483
IP 188.114.96.1:443
Certificate IssuerGoogle Trust Services LLC
Subject*.pdtrcks.com
FingerprintD4:59:5D:9C:50:5B:12:1F:3A:6A:91:DC:62:11:7F:5A:1D:A9:21:94
ValiditySun, 26 Mar 2023 04:00:27 GMT - Sat, 24 Jun 2023 04:00:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/redirect/7744?email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ%3D%3D&tid=dilzb645f6f5700068c65&utm_term=81483 HTTP/1.1
Host: pdtrcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Sat, 13 May 2023 11:07:03 GMT
content-type: text/html; charset=utf-8
location: https://rtbcpc.com/cpc?utm_term=&email_encoded=aXNvY2lhc0BwYWxtZXR0bzU3LmNvbQ%3D%3D
x-powered-by: lb-ads-display/3.0.0
x-environment: prod
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Accept
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvc51Ak3gxq7nejd4rO%2FKtV9vSDIxUpBfmSlT%2BiO7gu85LLJnTItN%2B3MP1biIZZJvViWc%2Bb%2FIy2SV1%2FrziCoP4pICH3MfKgxm7%2ByqENeKO%2FwhFnUHGEAKRrSUl0E%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c6a6f81d8a40b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap-theme.min.css
104.18.11.207200 OK 23 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap-theme.min.css
IP 104.18.11.207:443
Requested by http://pre.rask-sex.com/campaign?clr=I2ZmZmZmZg%3D%3D&bckgrnd=Izg2MGMxNQ%3D%3D&cmpgnrl=aHR0cHM6Ly93d3cucmFzay1zZXguY29tL2NhbXBhaWduP3V0bV9jYW1wYWlnbj0xOTA2MQ%3D%3D&nch=YWR1bHQ%3D&dnch=Mw%3D%3D&lngg=5&fllbck=2&vrnt=MTE%3D&utm_source=wvhbjsr8fiaanbmo2rj9ov3k
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (23192)
Hash 46d96593303e4c8666f497bb7602c999
bcb96e31a2b8fed5575995fa0c58293e64972116
a3c6ccd19e5c16faefbef429d042458b82c80af040f450b1ee208dba88d5b0df
GET /bootstrap/3.3.6/css/bootstrap-theme.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pre.rask-sex.com
DNT: 1
Connection: keep-alive
Referer: http://pre.rask-sex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 11:07:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"46d96593303e4c8666f497bb7602c999"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 10/05/2022 02:47:52
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 860
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2bd974bf8e0e1de33fc13a8ea898f25e
cdn-cache: HIT
cf-cache-status: HIT
age: 12794934
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7c6a6f898f1fb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2