| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7e05c8461bd2dc5a149f71e2c465ea29 705983959c887e243cb55a8a1796757b579ee977 4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8331
Expires: Thu, 02 Feb 2023 05:37:36 GMT
Date: Thu, 02 Feb 2023 03:18:45 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe935ea42be4feaed61a824b0b903913e f966cfa80d65a805cb9d7c6a53b3340865d7c51a eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7265
Expires: Thu, 02 Feb 2023 05:19:50 GMT
Date: Thu, 02 Feb 2023 03:18:45 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashd06fd066caf4dfa1e21a722a5c468158 acb765577662906ae8e11242bed487ce1051db28 4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:18:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashdf4a6d84addba49571d9f6ae44c61a3f 28c8093de27e27645cf6dfd5ae93a62fc77b9be5 cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:18:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 02:36:03 GMT
content-type: application/json
age: 2562
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash9a76feabb767086ae0fa54e0ffbf763f 3655d78994a1e9838340669462728b67c8c12e54 bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2462
Expires: Thu, 02 Feb 2023 03:59:47 GMT
Date: Thu, 02 Feb 2023 03:18:45 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rlwG4cXAjZ7NLQcsJe5EphKaH+Mxt9/4MEdt/OC9jQgmJnnipNhnXcbS0Xj8tcEcP4FkLdkh7cQ=
x-amz-request-id: SCR7CJ973ZSFT4MY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 02:51:48 GMT
age: 1617
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:18:45 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 02:41:43 GMT
age: 2222
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| xxxtik.com/assets/fonts/Epilogue-Regular.ttf | 104.16.243.78 | 304 Not Modified | 0 B |
URL HTTP/2xxxtik.com/assets/fonts/Epilogue-Regular.ttf IP104.16.243.78:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/fonts/Epilogue-Regular.ttf HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/styles.c61175e2881f4b754112.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Wed, 01 Feb 2023 04:51:19 GMT
If-None-Match: W/"02986281c9b30ba0359d3873ce633b4b"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 02 Feb 2023 03:18:46 GMT
last-modified: Wed, 01 Feb 2023 04:51:19 GMT
x-rgw-object-type: Normal
etag: "02986281c9b30ba0359d3873ce633b4b"
x-amz-request-id: tx000000000000011da4305-0063d9f08a-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80652
server: cloudflare
cf-ray: 792fc80a0ecd0b51-OSL
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8913af0be619500295008bb91f506660 a7b8068ba9aa506205a295b24458c2616997a0d1 6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6627
Expires: Thu, 02 Feb 2023 05:09:13 GMT
Date: Thu, 02 Feb 2023 03:18:46 GMT
Connection: keep-alive
|
|
| godpvqnszo.com/solid.gif?z=1877814&abvar=2 | 62.122.171.6 | 200 OK | 43 B |
URL HTTP/2godpvqnszo.com/solid.gif?z=1877814&abvar=2 IP62.122.171.6:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /solid.gif?z=1877814&abvar=2 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xxxtik.com
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 54.184.50.153 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.184.50.153:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LIwcBLA67Pv4mqw8XDNSmg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NsxhrOgTnIbo6NMDjb3cGQNDD1s=
|
|
| xxxtik.com/assets/icons/porndude.png | 104.16.243.78 | 200 OK | 2.4 kB |
URL HTTP/2xxxtik.com/assets/icons/porndude.png IP104.16.243.78:0
File typePNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Hashabbfc76d055cdcc328045f3aa74e8a6e 6fc57c476e8b524aa244a57cfdea32b45401b43a da12d3951fbbeaae494541313ccf71787d64d36656f39b80d7d85573494f565c
GET /assets/icons/porndude.png HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: image/png
content-length: 2363
last-modified: Wed, 01 Feb 2023 04:51:20 GMT
x-rgw-object-type: Normal
etag: "abbfc76d055cdcc328045f3aa74e8a6e"
x-amz-request-id: tx000000000000011da4333-0063d9f08b-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80651
accept-ranges: bytes
server: cloudflare
cf-ray: 792fc80ccf660b51-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash89267bfebbee8d8ae356526180ac6176 26d590f246792206906721a06ebdc196a64c0d0e 9e414339f725b9c256b2a55ffb051403415396e94dfd4678b0cd83a4e043e982
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2351
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:18:46 GMT
Etag: "63da3b1f-116"
Last-Modified: Thu, 02 Feb 2023 02:39:37 GMT
Server: ECS (amb/6B7F)
X-Cache: HIT
Content-Length: 278
|
|
| anxioussituation.com/c-Dh9.6ob/2L5blvSMWGQW9RNEDQQ/zgOfTFkPx/Nzyp0L0xN/DtMQ5XOvTwEe4K | 188.72.219.35 | 200 OK | 26 kB |
URL HTTP/2anxioussituation.com/c-Dh9.6ob/2L5blvSMWGQW9RNEDQQ/zgOfTFkPx/Nzyp0L0xN/DtMQ5XOvTwEe4K IP188.72.219.35:0
File typeUnicode text, UTF-8 text, with very long lines (5600) Hasheca6438dbd537fee027deda51e04f5c3 1a949a75ead0c0465be4817397b01c887fea071d 7aa5939890a4e800a34c09960dda8cf24b561b02e51ac1348a152ca56b6077fc
GET /c-Dh9.6ob/2L5blvSMWGQW9RNEDQQ/zgOfTFkPx/Nzyp0L0xN/DtMQ5XOvTwEe4K HTTP/1.1
Host: anxioussituation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: application/javascript
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: *
last-modified: Thu, 02 Feb 2023 03:18:46 GMT
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
set-cookie: kadSlcJ=eyJ0aW1lU3RhbXAiOjE2NzUyODMwNzgsInpvbmVzIjp7IjQxNjc3NDEiOls0MTY3NzQxLDEsMTY3NTI4MzA3OF0sIjQ0Mzk5MTciOls0NDM5OTE3LDEsMTY3NTMwNzkyNl19fQ==; max-age=1706843926; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
|
|
| limurol.com/ssp/req/1877814/?pb=4c43bae02cd1af3e6043a705f876f0fd1675315126&psp=Mx32RPy7rtgjVj0ztsuY4LBmedWQwk8ZUoNNwPYue-6WIBgEsDFV_C5Oqlp8F6ShdtQiGDbp31zof2X52NagdUBIfjUYAG-nQj_oxMd1aqXHXN0_1jTEAZ8MQRUViJ-POx4gsawthZg95eCaTCavnFCF4BOWNSxjlVNCTTFP_KEGNFoa2D3Qlb84mVlp7JTwBxsMXuSrZtj1tCwYXw9zFc3HEDi4ugtu4yNwjR77Vtl_7_G8UfqWF5f3JTsaz6NNMdwoZT3k-OqHq8fIgHPbjXIkLXWZ-lCL2y0qFQnLndLtmlDMO1E3XfPhT8qBNaYa367BZBGPwF3ejHjYIGIvySkZdzUAbb76ODfM2TV0SXD1asy-yZbDNkKt9FYAAK70-MMsFov_dnicBWRhf5iY04lxwlAlg8H8lDTZ96y9Fs3r0mUVgdyP5LKNHl8h9epPtlX_g8bJ_ec3ddzRO8slS1yxc3VyspE82m6boYVxWny9ry36kpya9xtDF6bjmWXv27GCsmWlmYRDJv8nzgdDyMtke30UqyD2xu8ri1IwR2LvB5PHHLTy2qMXN8YdUyD1Q87K1hORlh3JFQ87MQKn0O2pdrhrHVlLrQJdO0PQWGR2kw2mtrzXT7ZVwnu5oulR6L2IxSAdvaKe-PFOZI9y&cb=_cl37b1uifbp4tamjs8ndca&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 | 62.122.171.6 | 200 OK | 7 B |
URL HTTP/2limurol.com/ssp/req/1877814/?pb=4c43bae02cd1af3e6043a705f876f0fd1675315126&psp=Mx32RPy7rtgjVj0ztsuY4LBmedWQwk8ZUoNNwPYue-6WIBgEsDFV_C5Oqlp8F6ShdtQiGDbp31zof2X52NagdUBIfjUYAG-nQj_oxMd1aqXHXN0_1jTEAZ8MQRUViJ-POx4gsawthZg95eCaTCavnFCF4BOWNSxjlVNCTTFP_KEGNFoa2D3Qlb84mVlp7JTwBxsMXuSrZtj1tCwYXw9zFc3HEDi4ugtu4yNwjR77Vtl_7_G8UfqWF5f3JTsaz6NNMdwoZT3k-OqHq8fIgHPbjXIkLXWZ-lCL2y0qFQnLndLtmlDMO1E3XfPhT8qBNaYa367BZBGPwF3ejHjYIGIvySkZdzUAbb76ODfM2TV0SXD1asy-yZbDNkKt9FYAAK70-MMsFov_dnicBWRhf5iY04lxwlAlg8H8lDTZ96y9Fs3r0mUVgdyP5LKNHl8h9epPtlX_g8bJ_ec3ddzRO8slS1yxc3VyspE82m6boYVxWny9ry36kpya9xtDF6bjmWXv27GCsmWlmYRDJv8nzgdDyMtke30UqyD2xu8ri1IwR2LvB5PHHLTy2qMXN8YdUyD1Q87K1hORlh3JFQ87MQKn0O2pdrhrHVlLrQJdO0PQWGR2kw2mtrzXT7ZVwnu5oulR6L2IxSAdvaKe-PFOZI9y&cb=_cl37b1uifbp4tamjs8ndca&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 IP62.122.171.6:0
File typeASCII text, with no line terminators Hasha97eb6fbe6f13b601d5d48c0eba8baae 736efb938caf3d0edec406932ada889f1a4f2268 a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1877814/?pb=4c43bae02cd1af3e6043a705f876f0fd1675315126&psp=Mx32RPy7rtgjVj0ztsuY4LBmedWQwk8ZUoNNwPYue-6WIBgEsDFV_C5Oqlp8F6ShdtQiGDbp31zof2X52NagdUBIfjUYAG-nQj_oxMd1aqXHXN0_1jTEAZ8MQRUViJ-POx4gsawthZg95eCaTCavnFCF4BOWNSxjlVNCTTFP_KEGNFoa2D3Qlb84mVlp7JTwBxsMXuSrZtj1tCwYXw9zFc3HEDi4ugtu4yNwjR77Vtl_7_G8UfqWF5f3JTsaz6NNMdwoZT3k-OqHq8fIgHPbjXIkLXWZ-lCL2y0qFQnLndLtmlDMO1E3XfPhT8qBNaYa367BZBGPwF3ejHjYIGIvySkZdzUAbb76ODfM2TV0SXD1asy-yZbDNkKt9FYAAK70-MMsFov_dnicBWRhf5iY04lxwlAlg8H8lDTZ96y9Fs3r0mUVgdyP5LKNHl8h9epPtlX_g8bJ_ec3ddzRO8slS1yxc3VyspE82m6boYVxWny9ry36kpya9xtDF6bjmWXv27GCsmWlmYRDJv8nzgdDyMtke30UqyD2xu8ri1IwR2LvB5PHHLTy2qMXN8YdUyD1Q87K1hORlh3JFQ87MQKn0O2pdrhrHVlLrQJdO0PQWGR2kw2mtrzXT7ZVwnu5oulR6L2IxSAdvaKe-PFOZI9y&cb=_cl37b1uifbp4tamjs8ndca&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/
Cookie: UID=230201221828b1659c719c451c909c3cf375
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| api.xxxtik.com/util/ad | 104.16.243.78 | 204 No Content | 0 B |
IP104.16.243.78:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /util/ad HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://xxxtik.com/
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 03:18:46 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 204
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 792fc80e48ce1c16-OSL
X-Firefox-Spdy: h2
|
|
| limurol.com/ssp/req/1877814/?pb=4c43bae02cd1af3e6043a705f876f0fd1675315126&psp=Mx32RPy7rtgjVj0ztsuY4LBmedWQwk8ZUoNNwPYue-6WIBgEsDFV_C5Oqlp8F6ShdtQiGDbp31zof2X52NagdUBIfjUYAG-nQj_oxMd1aqXHXN0_1jTEAZ8MQRUViJ-POx4gsawthZg95eCaTCavnFCF4BOWNSxjlVNCTTFP_KEGNFoa2D3Qlb84mVlp7JTwBxsMXuSrZtj1tCwYXw9zFc3HEDi4ugtu4yNwjR77Vtl_7_G8UfqWF5f3JTsaz6NNMdwoZT3k-OqHq8fIgHPbjXIkLXWZ-lCL2y0qFQnLndLtmlDMO1E3XfPhT8qBNaYa367BZBGPwF3ejHjYIGIvySkZdzUAbb76ODfM2TV0SXD1asy-yZbDNkKt9FYAAK70-MMsFov_dnicBWRhf5iY04lxwlAlg8H8lDTZ96y9Fs3r0mUVgdyP5LKNHl8h9epPtlX_g8bJ_ec3ddzRO8slS1yxc3VyspE82m6boYVxWny9ry36kpya9xtDF6bjmWXv27GCsmWlmYRDJv8nzgdDyMtke30UqyD2xu8ri1IwR2LvB5PHHLTy2qMXN8YdUyD1Q87K1hORlh3JFQ87MQKn0O2pdrhrHVlLrQJdO0PQWGR2kw2mtrzXT7ZVwnu5oulR6L2IxSAdvaKe-PFOZI9y&cb=_cl37b1uifbp4tamjs8ndca&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 | 62.122.171.6 | 200 OK | 7 B |
URL HTTP/2limurol.com/ssp/req/1877814/?pb=4c43bae02cd1af3e6043a705f876f0fd1675315126&psp=Mx32RPy7rtgjVj0ztsuY4LBmedWQwk8ZUoNNwPYue-6WIBgEsDFV_C5Oqlp8F6ShdtQiGDbp31zof2X52NagdUBIfjUYAG-nQj_oxMd1aqXHXN0_1jTEAZ8MQRUViJ-POx4gsawthZg95eCaTCavnFCF4BOWNSxjlVNCTTFP_KEGNFoa2D3Qlb84mVlp7JTwBxsMXuSrZtj1tCwYXw9zFc3HEDi4ugtu4yNwjR77Vtl_7_G8UfqWF5f3JTsaz6NNMdwoZT3k-OqHq8fIgHPbjXIkLXWZ-lCL2y0qFQnLndLtmlDMO1E3XfPhT8qBNaYa367BZBGPwF3ejHjYIGIvySkZdzUAbb76ODfM2TV0SXD1asy-yZbDNkKt9FYAAK70-MMsFov_dnicBWRhf5iY04lxwlAlg8H8lDTZ96y9Fs3r0mUVgdyP5LKNHl8h9epPtlX_g8bJ_ec3ddzRO8slS1yxc3VyspE82m6boYVxWny9ry36kpya9xtDF6bjmWXv27GCsmWlmYRDJv8nzgdDyMtke30UqyD2xu8ri1IwR2LvB5PHHLTy2qMXN8YdUyD1Q87K1hORlh3JFQ87MQKn0O2pdrhrHVlLrQJdO0PQWGR2kw2mtrzXT7ZVwnu5oulR6L2IxSAdvaKe-PFOZI9y&cb=_cl37b1uifbp4tamjs8ndca&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 IP62.122.171.6:0
File typeASCII text, with no line terminators Hasha97eb6fbe6f13b601d5d48c0eba8baae 736efb938caf3d0edec406932ada889f1a4f2268 a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1877814/?pb=4c43bae02cd1af3e6043a705f876f0fd1675315126&psp=Mx32RPy7rtgjVj0ztsuY4LBmedWQwk8ZUoNNwPYue-6WIBgEsDFV_C5Oqlp8F6ShdtQiGDbp31zof2X52NagdUBIfjUYAG-nQj_oxMd1aqXHXN0_1jTEAZ8MQRUViJ-POx4gsawthZg95eCaTCavnFCF4BOWNSxjlVNCTTFP_KEGNFoa2D3Qlb84mVlp7JTwBxsMXuSrZtj1tCwYXw9zFc3HEDi4ugtu4yNwjR77Vtl_7_G8UfqWF5f3JTsaz6NNMdwoZT3k-OqHq8fIgHPbjXIkLXWZ-lCL2y0qFQnLndLtmlDMO1E3XfPhT8qBNaYa367BZBGPwF3ejHjYIGIvySkZdzUAbb76ODfM2TV0SXD1asy-yZbDNkKt9FYAAK70-MMsFov_dnicBWRhf5iY04lxwlAlg8H8lDTZ96y9Fs3r0mUVgdyP5LKNHl8h9epPtlX_g8bJ_ec3ddzRO8slS1yxc3VyspE82m6boYVxWny9ry36kpya9xtDF6bjmWXv27GCsmWlmYRDJv8nzgdDyMtke30UqyD2xu8ri1IwR2LvB5PHHLTy2qMXN8YdUyD1Q87K1hORlh3JFQ87MQKn0O2pdrhrHVlLrQJdO0PQWGR2kw2mtrzXT7ZVwnu5oulR6L2IxSAdvaKe-PFOZI9y&cb=_cl37b1uifbp4tamjs8ndca&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/
Cookie: UID=230201221828b1659c719c451c909c3cf375
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| api.xxxtik.com/user/by-username/sparklygirl22 | 104.16.243.78 | 204 No Content | 0 B |
URL HTTP/2api.xxxtik.com/user/by-username/sparklygirl22 IP104.16.243.78:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /user/by-username/sparklygirl22 HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://xxxtik.com/
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 03:18:46 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 204
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 792fc80ea8e01c16-OSL
X-Firefox-Spdy: h2
|
|
| api.xxxtik.com/tag/all | 104.16.243.78 | 204 No Content | 0 B |
IP104.16.243.78:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /tag/all HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://xxxtik.com/
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 03:18:46 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 204
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 792fc80ea8d91c16-OSL
X-Firefox-Spdy: h2
|
|
| api.xxxtik.com/user/explore | 104.16.243.78 | 204 No Content | 0 B |
URL HTTP/2api.xxxtik.com/user/explore IP104.16.243.78:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /user/explore HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://xxxtik.com/
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 03:18:46 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 204
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 792fc80ea8dc1c16-OSL
X-Firefox-Spdy: h2
|
|
| api.xxxtik.com/post/creator/sparklygirl22 | 104.16.243.78 | 204 No Content | 0 B |
URL HTTP/2api.xxxtik.com/post/creator/sparklygirl22 IP104.16.243.78:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /post/creator/sparklygirl22 HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://xxxtik.com/
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 03:18:46 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 204
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 792fc80eb8e11c16-OSL
X-Firefox-Spdy: h2
|
|
| api.xxxtik.com/util/ad | 104.16.243.78 | 200 OK | 28 B |
IP104.16.243.78:0
File typeJSON data\012- , ASCII text, with no line terminators Hash8c37ef1c638fa1b48be33a9f51b1f4ae 2841ab40832c49fbf03dc08aa20e7d72d6a9e09d e784d325f7754120121e1182df64aa767361e2621bb749c2a620fe740a28efa0
GET /util/ad HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Bearer null
Origin: https://xxxtik.com
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:47 GMT
content-type: application/json; charset=utf-8
content-length: 28
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1c-KEGrQIMsSfvwPcCKog59ctap4J0"
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 792fc80ea8db1c16-OSL
X-Firefox-Spdy: h2
|
|
| api.xxxtik.com/user/by-username/sparklygirl22 | 104.16.243.78 | 204 No Content | 0 B |
URL HTTP/2api.xxxtik.com/user/by-username/sparklygirl22 IP104.16.243.78:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /user/by-username/sparklygirl22 HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://xxxtik.com/
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 03:18:47 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 204
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 792fc81189661c16-OSL
X-Firefox-Spdy: h2
|
|
| xxxtik.com/assets/icons/apple-icon-180.png | 104.16.243.78 | 200 OK | 7.2 kB |
URL HTTP/2xxxtik.com/assets/icons/apple-icon-180.png IP104.16.243.78:0
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data Hash5368473da77744b7bb51877003f576f5 8fe9f0317027936cc6ac7563cc5504298b7e293b 2dabb3d8333c64b8c6c5cfde229248f759d6292017caacd189dadcf92da8be08
GET /assets/icons/apple-icon-180.png HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Cookie: __PPU___PPU_SESSION_URL=%2F%40sparklygirl22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:47 GMT
content-type: image/png
content-length: 7187
last-modified: Wed, 01 Feb 2023 04:51:19 GMT
x-rgw-object-type: Normal
etag: "5368473da77744b7bb51877003f576f5"
x-amz-request-id: tx000000000000011da4e0f-0063d9f0cc-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 77633
accept-ranges: bytes
server: cloudflare
cf-ray: 792fc81328e80b51-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashde49044c9365e16fec3a6d361cb94728 2b7b69c16de6fda1ae5206f92fe781ee07bd182a 6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| xxxtik.com/favicon.ico | 104.16.243.78 | 200 OK | 3.4 kB |
IP104.16.243.78:0
File typeMS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data Hasha37e8a96481a42741d540125fb91c2ba b37ad5c445f209acd55b412b42a9bee0d8b6d3ac 3447b493e256a9c6fcc4f0d249b293e1ba4f14b84bde0d17556aff6bebb4c82e
GET /favicon.ico HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Cookie: __PPU___PPU_SESSION_URL=%2F%40sparklygirl22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:47 GMT
content-type: image/vnd.microsoft.icon
last-modified: Wed, 01 Feb 2023 04:51:20 GMT
x-rgw-object-type: Normal
etag: W/"29106370cf95f66f4650a10526790182"
x-amz-request-id: tx000000000000011da439b-0063d9f08c-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80651
server: cloudflare
cf-ray: 792fc81328ea0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashde49044c9365e16fec3a6d361cb94728 2b7b69c16de6fda1ae5206f92fe781ee07bd182a 6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| godpvqnszo.com/aas/r45d/vki/1877814/58741348.js | 62.122.171.6 | 200 OK | 30 kB |
URL HTTP/2godpvqnszo.com/aas/r45d/vki/1877814/58741348.js IP62.122.171.6:0
Hash4c4ca1f779ed4ba1619df1780e1c765e 05a32dc15894f86c316c361f79b4374ba295b14d d5b117e510641d4932f78e5cf0b5a316336f42ace01c1fb999acfed2872c02a3
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /aas/r45d/vki/1877814/58741348.js HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 12:24:53 GMT
vary: Accept-Encoding
etag: W/"63d90895-126ea"
x-js-ab1: var2
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| firebaseinstallations.googleapis.com/v1/projects/xxxtik/installations | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2firebaseinstallations.googleapis.com/v1/projects/xxxtik/installations IP142.250.74.106:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/projects/xxxtik/installations HTTP/1.1
Host: firebaseinstallations.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key
Referer: https://xxxtik.com/
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://xxxtik.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key
access-control-max-age: 3600
date: Thu, 02 Feb 2023 03:18:47 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| firebase.googleapis.com/v1alpha/projects/-/apps/1:560873874866:web:ba1c6ecca2355d7a4670ab/webConfig | 142.250.74.170 | 200 OK | 0 B |
URL HTTP/2firebase.googleapis.com/v1alpha/projects/-/apps/1:560873874866:web:ba1c6ecca2355d7a4670ab/webConfig IP142.250.74.170:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1alpha/projects/-/apps/1:560873874866:web:ba1c6ecca2355d7a4670ab/webConfig HTTP/1.1
Host: firebase.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-goog-api-key
Referer: https://xxxtik.com/
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://xxxtik.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: x-goog-api-key
access-control-max-age: 3600
date: Thu, 02 Feb 2023 03:18:47 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| firebase.googleapis.com/v1alpha/projects/-/apps/1:560873874866:web:ba1c6ecca2355d7a4670ab/webConfig | 142.250.74.170 | 200 OK | 198 B |
URL HTTP/2firebase.googleapis.com/v1alpha/projects/-/apps/1:560873874866:web:ba1c6ecca2355d7a4670ab/webConfig IP142.250.74.170:0
File typeJSON data\012- , ASCII text Hashb4f9a034e0eb9701d87f5d90187194dc 9b52bc612108e4056a7fb0cfda273b80f48ab767 3612a7282a71a285c2aae99ff2dfd9c57661fcf595b74f1c873a33f6ae2eff8f
GET /v1alpha/projects/-/apps/1:560873874866:web:ba1c6ecca2355d7a4670ab/webConfig HTTP/1.1
Host: firebase.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xxxtik.com/
x-goog-api-key: AIzaSyAm9k1Y1GRbET-w1Z9joYMp63x1EHwZ5fY
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 02 Feb 2023 03:18:47 GMT
server: ESF
cache-control: private
content-length: 198
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://xxxtik.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashde49044c9365e16fec3a6d361cb94728 2b7b69c16de6fda1ae5206f92fe781ee07bd182a 6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashde49044c9365e16fec3a6d361cb94728 2b7b69c16de6fda1ae5206f92fe781ee07bd182a 6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12291
Expires: Thu, 02 Feb 2023 06:43:38 GMT
Date: Thu, 02 Feb 2023 03:18:47 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12291
Expires: Thu, 02 Feb 2023 06:43:38 GMT
Date: Thu, 02 Feb 2023 03:18:47 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd719402de0cd695e55dab2767247da49 f12f4795987a284820f6785ec16b5032b9861d79 98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12291
Expires: Thu, 02 Feb 2023 06:43:38 GMT
Date: Thu, 02 Feb 2023 03:18:47 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg | 34.120.237.76 | 200 OK | 9.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6790e3bf4d10b1ffba32a22dc588c640 cdae35517dfea800134393a1095f44462bc428a5 4f4132588ee7337fff24da64b89e43b277c4ef0a2646acfba37aea08fc0f4256
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9416
x-amzn-requestid: acc48967-4cc1-4bfd-bc33-7bcefd8e6547
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGjqIAMFa2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-1d1cd4de0a30760e792d32e5;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tO6GOuwj9So6Itm9ug-EQgF5iJ3NPidhS8OY4LpBvq0XftWTqGcOHA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:16 GMT
age: 19291
etag: "cdae35517dfea800134393a1095f44462bc428a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg | 34.120.237.76 | 200 OK | 9.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdf4a4906103a8f409c066b1cded71384 22847e3926db3e3d5f6b529297a4abe8b377c3a6 84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 18400
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg | 34.120.237.76 | 200 OK | 8.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash604c573da6f79effa2a81e711c14ad9e 322a3a510ca73e124d78e31b49d676ec891a6762 8d2b897fe4251106be9183fa2a6a3b0918cd1f4dcc5f814aa88a630a77b4045c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: 774cebdf-b2bf-4a98-9d2b-e2abd4bd1a2b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BG-hoAMFTSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-234163873ca67e934d684a1d;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uv7tRovOGAr5hGDOcMmPoh29VHlsX4bvWxjRLCXV1Bpg9l0dOBJxFA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:15:49 GMT
age: 18178
etag: "322a3a510ca73e124d78e31b49d676ec891a6762"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg | 34.120.237.76 | 200 OK | 9.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3366ef4f8733cb9c89a5c88f63a0a441 7da46843b6d885f38a4759a08e6c899906ab7b97 7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 02:29:58 GMT
age: 2929
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| api.xxxtik.com/util/meta | 104.16.243.78 | 200 OK | 5.8 kB |
IP104.16.243.78:0
File typeJSON data\012- , ASCII text, with no line terminators Hash43c0082a5d9219db6d3dd505b74e1023 815f7118955a6c6db2113fe159b3488a2a2987f1 4950e4a0da194a89bf12df96f19175adaa2d84619ae18b40003438c89b9d10c8
GET /util/meta HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xxxtik.com/
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
etag: W/"124-IXdAReNEVhK8Nib0a13GnMBJKj4"
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 792fc80d58a31c16-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg | 34.120.237.76 | 200 OK | 5.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7c823f1d6bf1c50d58eb263b85e6e37c a7b74d11494fb3254df907e5cc1eead070d84617 b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 17992
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hash2751084b42dd111d0a7f28241a77201b 680a9ac2f4cf451c9a8449c4df3587595ed9cc4c 1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagmanager.com/gtag/js?l=dataLayer&id=G-5QBTTR6TGX | 142.250.74.168 | 200 OK | 67 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?l=dataLayer&id=G-5QBTTR6TGX IP142.250.74.168:0
File typeASCII text, with very long lines (3974) Hash167e1e835a6eb67101cb531ecf6730f5 19c2f859b80165b95baf3528e4af13646138f40a d59654d3ec87620e9f8ef4d992ed8b51422e447511ac0b59112a4eeb83b624cb
GET /gtag/js?l=dataLayer&id=G-5QBTTR6TGX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 03:18:47 GMT
expires: Thu, 02 Feb 2023 03:18:47 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67237
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hash2751084b42dd111d0a7f28241a77201b 680a9ac2f4cf451c9a8449c4df3587595ed9cc4c 1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firebaseinstallations.googleapis.com/v1/projects/xxxtik/installations | 142.250.74.106 | 200 OK | 486 B |
URL HTTP/2firebaseinstallations.googleapis.com/v1/projects/xxxtik/installations IP142.250.74.106:0
File typeJSON data\012- , ASCII text, with very long lines (328) Hash1f23e3f34a3dfe01755f810dfdd395c8 157c1e8fe10485da07ba633d21836dc4c2ba6fc0 dd1e3ef2eb817c57646c3cec15333f58e46bae63743ec2abab391d5f332d0666
POST /v1/projects/xxxtik/installations HTTP/1.1
Host: firebaseinstallations.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xxxtik.com/
content-type: application/json
x-goog-api-key: AIzaSyAm9k1Y1GRbET-w1Z9joYMp63x1EHwZ5fY
Origin: https://xxxtik.com
Content-Length: 131
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 02 Feb 2023 03:18:47 GMT
server: ESF
cache-control: private
content-length: 486
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://xxxtik.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-5QBTTR6TGX>m=2oe1u0&_p=936692006&_fid=f5cX2qV0-KRD9tNK_NObHa&cid=2044748645.1675307952&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675307952&sct=1&seg=0&dl=https%3A%2F%2Fxxxtik.com%2F%40sparklygirl22&dr=https%3A%2F%2Fwww.google.com%2F&dt=%40sparklygirl22%20%7C%20xxxtik&en=page_view&_fv=2&_nsi=1&_ss=1&_ee=1&ep.origin=firebase | 216.239.32.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-5QBTTR6TGX>m=2oe1u0&_p=936692006&_fid=f5cX2qV0-KRD9tNK_NObHa&cid=2044748645.1675307952&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675307952&sct=1&seg=0&dl=https%3A%2F%2Fxxxtik.com%2F%40sparklygirl22&dr=https%3A%2F%2Fwww.google.com%2F&dt=%40sparklygirl22%20%7C%20xxxtik&en=page_view&_fv=2&_nsi=1&_ss=1&_ee=1&ep.origin=firebase IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-5QBTTR6TGX>m=2oe1u0&_p=936692006&_fid=f5cX2qV0-KRD9tNK_NObHa&cid=2044748645.1675307952&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675307952&sct=1&seg=0&dl=https%3A%2F%2Fxxxtik.com%2F%40sparklygirl22&dr=https%3A%2F%2Fwww.google.com%2F&dt=%40sparklygirl22%20%7C%20xxxtik&en=page_view&_fv=2&_nsi=1&_ss=1&_ee=1&ep.origin=firebase HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xxxtik.com
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://xxxtik.com
date: Thu, 02 Feb 2023 03:18:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash75571aaa31250a8d79dfb63e402e2fb7 c8825bb891f602dd47c31f8cddb74faa5af7fff1 36f969bea53fb2ff698e6377b74ffb60967e686fd8e889ac9f0a05f5032599f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36F969BEA53FB2FF698E6377B74FFB60967E686FD8E889AC9F0A05F5032599F8"
Last-Modified: Tue, 31 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1270
Expires: Thu, 02 Feb 2023 03:40:00 GMT
Date: Thu, 02 Feb 2023 03:18:50 GMT
Connection: keep-alive
|
|
| api.xxxtik.com/user/by-username/sparklygirl22 | 104.16.243.78 | 200 OK | 720 B |
URL HTTP/2api.xxxtik.com/user/by-username/sparklygirl22 IP104.16.243.78:0
File typeJSON data\012- , ASCII text, with very long lines (315), with no line terminators Hashd08f1135b4acbdf5cfede3bd14e0632b a19536bf1d10078e13b27056b32a15332bbfc038 0ce6a483142c7ba342635b685a4e75225f2df4fc4e8772d84867b2f7efdb5a7c
GET /user/by-username/sparklygirl22 HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Bearer null
Origin: https://xxxtik.com
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:48 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
etag: W/"13b-LGsUPM9OJWPrJHe8UcRnei/emes"
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 792fc811d9711c16-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| api.xxxtik.com/post/creator/sparklygirl22 | 104.16.243.78 | 200 OK | 4.7 kB |
URL HTTP/2api.xxxtik.com/post/creator/sparklygirl22 IP104.16.243.78:0
File typeJSON data\012- , ASCII text, with very long lines (2488), with no line terminators Hash9f63f84ed297fd0a8a6c090fd1da0d21 d16d13747945be72c7bdc7e7bb97f364dca5c596 7901f26d5f97dd22fd40b805e453490f0a21b4367d73b638bc71140ceae065f2
GET /post/creator/sparklygirl22 HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Bearer null
Origin: https://xxxtik.com
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:50 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
etag: W/"9b8-Ld3xIKEyep0if/mIHlwRsK+mt7o"
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 792fc80f08f71c16-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdn.xxxtik.com/production/media/0312/_9Q1cExd/thumbnail.webp | 169.150.247.36 | 200 OK | 8.0 kB |
URL HTTP/2cdn.xxxtik.com/production/media/0312/_9Q1cExd/thumbnail.webp IP169.150.247.36:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 202x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash63a06ea819d6a739f7da9085ecbf4f39 64a931ab7a44dea7296bb3df5c7b7bbaacd19281 c483e9db292e169b7732dd009287e26f5045f67aad31ba1dc81b7dce2e9846a3
GET /production/media/0312/_9Q1cExd/thumbnail.webp HTTP/1.1
Host: cdn.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/
Cookie: _ga_5QBTTR6TGX=GS1.1.1675307952.1.0.1675307952.0.0.0; _ga=GA1.1.2044748645.1675307952
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:50 GMT
content-type: application/octet-stream
content-length: 8042
server: BunnyCDN-DE1-1079
cdn-pullzone: 1094868
cdn-uid: 85fbd6a2-84ee-44f0-b614-79f36ab7f7a3
cdn-requestcountrycode: NO
cache-control: max-age=86400
last-modified: Sun, 04 Dec 2022 02:18:50 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000000000000b0f1c8e6-0063d5c4d6-7acffed3-fra1b
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1674953929.dop206.fr8.shc,1674953942.dop206.fr8.t,1674953942.cds231.fr8.pr
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 01/29/2023 00:59:02
cdn-edgestorageid: 1081
cdn-status: 200
cdn-requestid: e3c9ba270a9975392185386f64ca193f
cdn-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| xxxtik.com/assets/fonts/Epilogue-Regular.ttf | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2xxxtik.com/assets/fonts/Epilogue-Regular.ttf IP104.16.243.78:0
GET /assets/fonts/Epilogue-Regular.ttf HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: font/ttf
last-modified: Wed, 01 Feb 2023 04:51:19 GMT
x-rgw-object-type: Normal
etag: W/"02986281c9b30ba0359d3873ce633b4b"
x-amz-request-id: tx000000000000011da4305-0063d9f08a-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80652
server: cloudflare
cf-ray: 792fc809debf0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| xxxtik.com/polyfills-es2015.6a08dc48db5c67a09c90.js | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2xxxtik.com/polyfills-es2015.6a08dc48db5c67a09c90.js IP104.16.243.78:0
GET /polyfills-es2015.6a08dc48db5c67a09c90.js HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 Feb 2023 04:51:20 GMT
x-rgw-object-type: Normal
etag: W/"c8f0d497527ca84e1915e692c57ee8c3"
x-amz-request-id: tx000000000000011da4f18-0063d9f0d4-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80578
server: cloudflare
cf-ray: 792fc809ceb90b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| godpvqnszo.com/get/1877814?zoneid=1877814&jp=_cliktxf8lw8qxil7idhsjy&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2080117818837733 | 62.122.171.6 | 200 OK | 0 B |
URL HTTP/2godpvqnszo.com/get/1877814?zoneid=1877814&jp=_cliktxf8lw8qxil7idhsjy&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2080117818837733 IP62.122.171.6:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /get/1877814?zoneid=1877814&jp=_cliktxf8lw8qxil7idhsjy&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2080117818837733 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=230201221879462ae3675e4c4b89f526cf53; Path=/; Expires=Fri, 02 Feb 2024 03:18:46 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| xxxtik.com/styles.c61175e2881f4b754112.css | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2xxxtik.com/styles.c61175e2881f4b754112.css IP104.16.243.78:0
GET /styles.c61175e2881f4b754112.css HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 01 Feb 2023 04:51:20 GMT
x-rgw-object-type: Normal
etag: W/"4944d2eb3580e06ced39ea24a67e75df"
x-amz-request-id: tx000000000000011da4324-0063d9f08a-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80652
server: cloudflare
cf-ray: 792fc809cebc0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| xxxtik.com/common-es2015.4459eebe4ae06043c05e.js | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2xxxtik.com/common-es2015.4459eebe4ae06043c05e.js IP104.16.243.78:0
GET /common-es2015.4459eebe4ae06043c05e.js HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 Feb 2023 04:51:20 GMT
x-rgw-object-type: Normal
etag: W/"d8044e31e23aa6905d06971d4248d90b"
x-amz-request-id: tx000000000000011da4535-0063d9f096-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80640
server: cloudflare
cf-ray: 792fc80c3f4d0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| xxxtik.com/1-es2015.4557cde4a4aa99a7374b.js | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2xxxtik.com/1-es2015.4557cde4a4aa99a7374b.js IP104.16.243.78:0
GET /1-es2015.4557cde4a4aa99a7374b.js HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 Feb 2023 04:51:19 GMT
x-rgw-object-type: Normal
etag: W/"8e6fdbd4e0261183b2096fa989a4792d"
x-amz-request-id: tx000000000000011da4d04-0063d9f0c7-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80591
server: cloudflare
cf-ray: 792fc80c3f4f0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| api.xxxtik.com/tag/all | 104.16.243.78 | 200 OK | 0 B |
IP104.16.243.78:0
GET /tag/all HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Bearer null
Origin: https://xxxtik.com
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:47 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
etag: W/"6861f-b2ANPvEQEPRSfpeZuwyg+bClpRc"
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 792fc80f08f51c16-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| xxxtik.com/@sparklygirl22 | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2xxxtik.com/@sparklygirl22 IP104.16.243.78:0
GET /@sparklygirl22 HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:45 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 01 Feb 2023 04:51:20 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000000000000120700df-0063db2b95-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 404
cf-cache-status: MISS
server: cloudflare
cf-ray: 792fc8070e030b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| xxxtik.com/assets/images/loading.svg | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2xxxtik.com/assets/images/loading.svg IP104.16.243.78:0
GET /assets/images/loading.svg HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: image/svg+xml
last-modified: Wed, 01 Feb 2023 04:51:20 GMT
x-rgw-object-type: Normal
etag: W/"37cbaacdfe18fe4346c8c951c59e8542"
x-amz-request-id: tx000000000000011da4301-0063d9f08a-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80652
server: cloudflare
cf-ray: 792fc809ceb70b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| xxxtik.com/assets/fonts/Epilogue-ExtraBold.ttf | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2xxxtik.com/assets/fonts/Epilogue-ExtraBold.ttf IP104.16.243.78:0
GET /assets/fonts/Epilogue-ExtraBold.ttf HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/styles.c61175e2881f4b754112.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: font/ttf
last-modified: Wed, 01 Feb 2023 04:51:19 GMT
x-rgw-object-type: Normal
etag: W/"59324237cca6756fd31c478be041dccc"
x-amz-request-id: tx000000000000011da4342-0063d9f08b-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80651
server: cloudflare
cf-ray: 792fc80d3f7c0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| xxxtik.com/assets/fonts/Epilogue-SemiBold.ttf | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2xxxtik.com/assets/fonts/Epilogue-SemiBold.ttf IP104.16.243.78:0
GET /assets/fonts/Epilogue-SemiBold.ttf HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/styles.c61175e2881f4b754112.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: font/ttf
last-modified: Wed, 01 Feb 2023 04:51:19 GMT
x-rgw-object-type: Normal
etag: W/"c2c56f65f995086461bf162a701abae5"
x-amz-request-id: tx000000000000011da4345-0063d9f08b-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80651
server: cloudflare
cf-ray: 792fc80d4f810b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| api.xxxtik.com/user/explore | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2api.xxxtik.com/user/explore IP104.16.243.78:0
GET /user/explore HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Bearer null
Origin: https://xxxtik.com
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:47 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1df15-ee03KB2WyU/h1N5k2aYX7sDcEvU"
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 792fc80f08f61c16-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| xxxtik.com/main-es2015.8d66bf66fe2ba09b2ff6.js | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2xxxtik.com/main-es2015.8d66bf66fe2ba09b2ff6.js IP104.16.243.78:0
GET /main-es2015.8d66bf66fe2ba09b2ff6.js HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 Feb 2023 04:51:20 GMT
x-rgw-object-type: Normal
etag: W/"5ed868c4c5ae52b30d4d5cde0e554f96"
x-amz-request-id: tx000000000000011da1f24-0063d9eff0-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80579
server: cloudflare
cf-ray: 792fc809ceba0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| xxxtik.com/636-es2015.c45292405eac6e6cdd4a.js | 104.16.243.78 | 200 OK | 0 B |
URL HTTP/2xxxtik.com/636-es2015.c45292405eac6e6cdd4a.js IP104.16.243.78:0
GET /636-es2015.c45292405eac6e6cdd4a.js HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 Feb 2023 04:51:19 GMT
x-rgw-object-type: Normal
etag: W/"68317f95773f02566ffc4d1bdac6dc79"
x-amz-request-id: tx000000000000011da4336-0063d9f08b-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80651
server: cloudflare
cf-ray: 792fc80c0f400b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|