Report - www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiAvZGj8PX8AhVzAzQIHSNgCI8QFnoECAoQAQ&url=xxxtik.com/@sparklygirl22&usg=AOvVaw3GJJOrjOLrM0v5WGNQggOO

Report Overview

Submitted URL
www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiAvZGj8PX8AhVzAzQIHSNgCI8QFnoECAoQAQ&url=xxxtik.com/@sparklygirl22&usg=AOvVaw3GJJOrjOLrM0v5WGNQggOO
IP
216.58.207.228
ASN
#15169 GOOGLE
Submitted
2023-02-02 03:18:56
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.76.226
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.184.50.153
firebase.googleapis.com	4897	2018-10-19T11:09:59Z	2023-03-13T07:32:25Z	1.1 kB	1.2 kB	142.250.74.170
firebaseinstallations.googleapis.com	529	2019-04-15T06:11:07Z	2023-03-13T08:33:06Z	1.1 kB	1.5 kB	142.250.74.106
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	390 B	68 kB	142.250.74.168
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.7 kB	5.6 kB	142.250.74.163
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	341 B	566 B	93.184.220.29
limurol.com	unknown	2022-07-12T15:53:17Z	2023-03-13T08:06:53Z	2.5 kB	1.7 kB	62.122.171.6
api.xxxtik.com	unknown	2021-02-25T16:26:45Z	2022-12-08T16:54:21Z	5.6 kB	17 kB	104.16.243.78
cdn.xxxtik.com	unknown	2022-12-22T10:39:52Z	2022-12-22T10:39:52Z	505 B	8.9 kB	169.150.247.36
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
xxxtik.com	196790	2021-01-31T09:18:49Z	2023-01-26T23:50:14Z	6.7 kB	23 kB	104.16.243.78
godpvqnszo.com	unknown	2022-09-19T18:32:45Z	2023-03-13T07:15:15Z	1.4 kB	33 kB	62.122.171.6
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	748 B	441 B	216.239.32.36
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
anxioussituation.com	unknown	2023-01-27T19:36:32Z	2023-02-05T01:11:51Z	415 B	27 kB	188.72.219.35
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	2.7 kB	47 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-01	medium	godpvqnszo.com	Sinkholed
2023-02-01	medium	godpvqnszo.com	Sinkholed
2023-02-01	medium	godpvqnszo.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	xxxtik.com/runtime-es2015.e4ad7f3a3379ae2e9984.js	3.9 kB	2023-03-13	2023-03-13
Pretty URL xxxtik.com/runtime-es2015.e4ad7f3a3379ae2e9984.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:40:22 Last Seen2023-03-13 14:40:22 Times Seen1 Hash c9eb29ea9e9dfcd4e2c101232d681474 427d3230795ea3c1392ecc9e8ce1db9f24f43164 7389c005f619afcd71e353cb45c454b745dba6e31af1ac31d1ec4e40371a06a0 Loading...

	xxxtik.com/main-es2015.8d66bf66fe2ba09b2ff6.js	1.3 MB	2023-03-13	2023-03-13
Pretty URL xxxtik.com/main-es2015.8d66bf66fe2ba09b2ff6.js IP 104.16.243.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:40:22 Last Seen2023-03-13 14:40:22 Times Seen1 Hash 5ed868c4c5ae52b30d4d5cde0e554f96 5d11aa76deaa75218dfd8567f787ff2d8745aa0e bed45a59dae0ad96d31f5d9dd9187dc5f45160d552473fb8ca2236bb642b0e52 Loading...

	godpvqnszo.com/aas/r45d/vki/1877814/58741348.js	75 kB	2023-03-13	2023-03-13
Pretty URL godpvqnszo.com/aas/r45d/vki/1877814/58741348.js IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:40:22 Last Seen2023-03-13 14:40:22 Times Seen1 Hash ff300c9494e74c2f3323daa5721b8ab6 679328830c8848e7fc698d3a5a86d7b3267a8456 23d2d6c856c4f56cfd7dcfe0dfcbe8cc142f4f6313cac5c1eb289efc73914425 Loading...

	xxxtik.com/polyfills-es2015.6a08dc48db5c67a09c90.js	37 kB	2023-03-11	2023-03-13
Pretty URL xxxtik.com/polyfills-es2015.6a08dc48db5c67a09c90.js IP 104.16.243.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:23:13 Last Seen2023-03-13 14:40:22 Times Seen1 Hash c8f0d497527ca84e1915e692c57ee8c3 6dffc11bf17435ef7e768f406e5d03f3bd03f421 6ac32ddbd9b5f92caa8e34f67cfb5ded4389a0966157561ef596d8f4635bb49c Loading...

	xxxtik.com/1-es2015.4557cde4a4aa99a7374b.js	5.7 kB	2023-03-13	2023-03-13
Pretty URL xxxtik.com/1-es2015.4557cde4a4aa99a7374b.js IP 104.16.243.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:40:22 Last Seen2023-03-13 14:40:22 Times Seen1 Hash 8e6fdbd4e0261183b2096fa989a4792d 2c7f54216e303e7aff646b3b295344a783cbf2a1 4088ad5d1f17d67c53a0b1a0534c910ae5c233722bfe5f2d8acfbe98089e799e Loading...

	anxioussituation.com/c-Dh9.6ob/2L5blvSMWGQW9RNEDQQ/zgOfTFkPx/Nzyp0L0xN/DtMQ5XOvTwEe4K	50 kB	2023-03-13	2023-03-13
Pretty URL anxioussituation.com/c-Dh9.6ob/2L5blvSMWGQW9RNEDQQ/zgOfTFkPx/Nzyp0L0xN/DtMQ5XOvTwEe4K IP 188.72.219.35 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:40:22 Last Seen2023-03-13 14:40:22 Times Seen1 Hash 45cc01a5da3ff933871ee78722b0c5c6 ccfc6e7b15d76581c93c663dd9bb57bb38979838 97cc126e401aa00e56e2e7703e560df3ff2a03ef16562c15472fc9f0611f9b4b Loading...

	www.googletagmanager.com/gtag/js?l=dataLayer&id=G-5QBTTR6TGX	182 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?l=dataLayer&id=G-5QBTTR6TGX IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:40:22 Last Seen2023-03-13 14:40:22 Times Seen1 Hash 9859b0d499409095d596fda6024793d6 6d609350b5acc7e8be4d63c553037ee8a8ecdb6e e48afa38b86d92d7ed9845fee31d365b9a1fc8c33cf793f6a3dbbb8bd5f0da74 Loading...

	xxxtik.com/636-es2015.c45292405eac6e6cdd4a.js	29 kB	2023-03-11	2023-03-13
Pretty URL xxxtik.com/636-es2015.c45292405eac6e6cdd4a.js IP 104.16.243.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:23:13 Last Seen2023-03-13 14:40:22 Times Seen1 Hash 68317f95773f02566ffc4d1bdac6dc79 ed36a8d8683416a87381461bcb6db5c12376e906 455dfa5c36cb7a20c61359a26aee4b257162dca9d316074e7037e66623122aa3 Loading...

	limurol.com/ssp/req/1877814/?pb=4c43bae02cd1af3e6043a705f876f0fd1675315126&psp=Mx32RPy7rtgjVj0ztsuY4LBmedWQwk8ZUoNNwPYue-6WIBgEsDFV_C5Oqlp8F6ShdtQiGDbp31zof2X52NagdUBIfjUYAG-nQj_oxMd1aqXHXN0_1jTEAZ8MQRUViJ-POx4gsawthZg95eCaTCavnFCF4BOWNSxjlVNCTTFP_KEGNFoa2D3Qlb84mVlp7JTwBxsMXuSrZtj1tCwYXw9zFc3HEDi4ugtu4yNwjR77Vtl_7_G8UfqWF5f3JTsaz6NNMdwoZT3k-OqHq8fIgHPbjXIkLXWZ-lCL2y0qFQnLndLtmlDMO1E3XfPhT8qBNaYa367BZBGPwF3ejHjYIGIvySkZdzUAbb76ODfM2TV0SXD1asy-yZbDNkKt9FYAAK70-MMsFov_dnicBWRhf5iY04lxwlAlg8H8lDTZ96y9Fs3r0mUVgdyP5LKNHl8h9epPtlX_g8bJ_ec3ddzRO8slS1yxc3VyspE82m6boYVxWny9ry36kpya9xtDF6bjmWXv27GCsmWlmYRDJv8nzgdDyMtke30UqyD2xu8ri1IwR2LvB5PHHLTy2qMXN8YdUyD1Q87K1hORlh3JFQ87MQKn0O2pdrhrHVlLrQJdO0PQWGR2kw2mtrzXT7ZVwnu5oulR6L2IxSAdvaKe-PFOZI9y&cb=_cl37b1uifbp4tamjs8ndca&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24	7 B	2023-03-07	2024-04-17
Pretty URL limurol.com/ssp/req/1877814/?pb=4c43bae02cd1af3e6043a705f876f0fd1675315126&psp=Mx32RPy7rtgjVj0ztsuY4LBmedWQwk8ZUoNNwPYue-6WIBgEsDFV_C5Oqlp8F6ShdtQiGDbp31zof2X52NagdUBIfjUYAG-nQj_oxMd1aqXHXN0_1jTEAZ8MQRUViJ-POx4gsawthZg95eCaTCavnFCF4BOWNSxjlVNCTTFP_KEGNFoa2D3Qlb84mVlp7JTwBxsMXuSrZtj1tCwYXw9zFc3HEDi4ugtu4yNwjR77Vtl_7_G8UfqWF5f3JTsaz6NNMdwoZT3k-OqHq8fIgHPbjXIkLXWZ-lCL2y0qFQnLndLtmlDMO1E3XfPhT8qBNaYa367BZBGPwF3ejHjYIGIvySkZdzUAbb76ODfM2TV0SXD1asy-yZbDNkKt9FYAAK70-MMsFov_dnicBWRhf5iY04lxwlAlg8H8lDTZ96y9Fs3r0mUVgdyP5LKNHl8h9epPtlX_g8bJ_ec3ddzRO8slS1yxc3VyspE82m6boYVxWny9ry36kpya9xtDF6bjmWXv27GCsmWlmYRDJv8nzgdDyMtke30UqyD2xu8ri1IwR2LvB5PHHLTy2qMXN8YdUyD1Q87K1hORlh3JFQ87MQKn0O2pdrhrHVlLrQJdO0PQWGR2kw2mtrzXT7ZVwnu5oulR6L2IxSAdvaKe-PFOZI9y&cb=_cl37b1uifbp4tamjs8ndca&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2024-04-17 16:44:22 Times Seen16320 Hash a97eb6fbe6f13b601d5d48c0eba8baae 736efb938caf3d0edec406932ada889f1a4f2268 a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821 Loading...

	www.glasyxabe.pro/baa089/d0a1ea8b6825.js	70 kB	2023-03-13	2023-03-13
Pretty URL www.glasyxabe.pro/baa089/d0a1ea8b6825.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:40:22 Last Seen2023-03-13 14:40:22 Times Seen1 Hash f35221d49497e40414027e583df9a1c0 d6cca4301f7be78dc502466c73fee2d7f97d9fa4 cdd167ca8627c217d60e533659ce453499dd13f45397277474f7d1044d8bd10e Loading...

	www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiAvZGj8PX8AhVzAzQIHSNgCI8QFnoECAoQAQ&url=https://xxxtik.com/@sparklygirl22&usg=AOvVaw3GJJOrjOLrM0v5WGNQggOO	926 B	2023-03-13	2023-03-13
Pretty URL www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiAvZGj8PX8AhVzAzQIHSNgCI8QFnoECAoQAQ&url=https://xxxtik.com/@sparklygirl22&usg=AOvVaw3GJJOrjOLrM0v5WGNQggOO IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:40:22 Last Seen2023-03-13 14:40:22 Times Seen1 Hash 27e2d2aa7ecf85bd57074c61138c7a38 914489ddb2cfff311e590e7ad954d9eb62e51c91 dcea58cd053ff734f39841b11481dcdc450c2e386597c8a59c68e2d4ec8d25d5 Loading...

	xxxtik.com/@sparklygirl22	7.9 kB	2023-03-13	2023-03-13
Pretty URL xxxtik.com/@sparklygirl22 IP 104.16.243.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:40:22 Last Seen2023-03-13 14:40:22 Times Seen1 Hash 27764b46f3b0b69d70ee6bb8a2082673 857c12c4da27ff2302cdabbefd6ca409fc038c8a 1ccbef878f9cbed52030508ab7ccb677896abf810eb272948343080ce885b9a9 Loading...

	xxxtik.com/common-es2015.4459eebe4ae06043c05e.js	13 kB	2023-03-13	2023-03-13
Pretty URL xxxtik.com/common-es2015.4459eebe4ae06043c05e.js IP 104.16.243.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:40:22 Last Seen2023-03-13 14:40:22 Times Seen1 Hash d8044e31e23aa6905d06971d4248d90b 3bc62a1acf012256ee969655f200c6ce16ab4303 03e59948d2a19f94b0ce6ab89996fb133f5a4d73abfbe22e2febc3e811883006 Loading...

	godpvqnszo.com/get/1877814?zoneid=1877814&jp=_cliktxf8lw8qxil7idhsjy&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2080117818837733	3.5 kB	2023-03-13	2023-03-13
Pretty URL godpvqnszo.com/get/1877814?zoneid=1877814&jp=_cliktxf8lw8qxil7idhsjy&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2080117818837733 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:40:22 Last Seen2023-03-13 14:40:22 Times Seen1 Hash ac9a788cbd09414cb04999e230f6df52 d29a0db8865cfa2896de917c42399d7dd651cbbd 8930b59ec097d328893165318fee1c046dc879e795c1becd8de603d6a79255dd Loading...

HTTP Transactions (67)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8331
Expires: Thu, 02 Feb 2023 05:37:36 GMT
Date: Thu, 02 Feb 2023 03:18:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7265
Expires: Thu, 02 Feb 2023 05:19:50 GMT
Date: Thu, 02 Feb 2023 03:18:45 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:18:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:18:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 02:36:03 GMT
content-type: application/json
age: 2562
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2462
Expires: Thu, 02 Feb 2023 03:59:47 GMT
Date: Thu, 02 Feb 2023 03:18:45 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: rlwG4cXAjZ7NLQcsJe5EphKaH+Mxt9/4MEdt/OC9jQgmJnnipNhnXcbS0Xj8tcEcP4FkLdkh7cQ=
x-amz-request-id: SCR7CJ973ZSFT4MY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 02:51:48 GMT
age: 1617
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:18:45 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 02:41:43 GMT
age: 2222
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

xxxtik.com/assets/fonts/Epilogue-Regular.ttf

104.16.243.78

304 Not Modified

0 B

URL HTTP/2
xxxtik.com/assets/fonts/Epilogue-Regular.ttf
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/fonts/Epilogue-Regular.ttf HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/styles.c61175e2881f4b754112.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Wed, 01 Feb 2023 04:51:19 GMT
If-None-Match: W/"02986281c9b30ba0359d3873ce633b4b"
TE: trailers

HTTP/2 304 Not Modified
date: Thu, 02 Feb 2023 03:18:46 GMT
last-modified: Wed, 01 Feb 2023 04:51:19 GMT
x-rgw-object-type: Normal
etag: "02986281c9b30ba0359d3873ce633b4b"
x-amz-request-id: tx000000000000011da4305-0063d9f08a-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80652
server: cloudflare
cf-ray: 792fc80a0ecd0b51-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6627
Expires: Thu, 02 Feb 2023 05:09:13 GMT
Date: Thu, 02 Feb 2023 03:18:46 GMT
Connection: keep-alive

godpvqnszo.com/solid.gif?z=1877814&abvar=2

62.122.171.6

200 OK

43 B

URL HTTP/2
godpvqnszo.com/solid.gif?z=1877814&abvar=2
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /solid.gif?z=1877814&abvar=2 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xxxtik.com
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.184.50.153

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.184.50.153:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LIwcBLA67Pv4mqw8XDNSmg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NsxhrOgTnIbo6NMDjb3cGQNDD1s=

xxxtik.com/assets/icons/porndude.png

104.16.243.78

200 OK

2.4 kB

URL HTTP/2
xxxtik.com/assets/icons/porndude.png
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
2.4 kB (2363 bytes)
Hash
abbfc76d055cdcc328045f3aa74e8a6e
6fc57c476e8b524aa244a57cfdea32b45401b43a
da12d3951fbbeaae494541313ccf71787d64d36656f39b80d7d85573494f565c

HTTP Headers

GET /assets/icons/porndude.png HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: image/png
content-length: 2363
last-modified: Wed, 01 Feb 2023 04:51:20 GMT
x-rgw-object-type: Normal
etag: "abbfc76d055cdcc328045f3aa74e8a6e"
x-amz-request-id: tx000000000000011da4333-0063d9f08b-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80651
accept-ranges: bytes
server: cloudflare
cf-ray: 792fc80ccf660b51-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
89267bfebbee8d8ae356526180ac6176
26d590f246792206906721a06ebdc196a64c0d0e
9e414339f725b9c256b2a55ffb051403415396e94dfd4678b0cd83a4e043e982

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2351
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:18:46 GMT
Etag: "63da3b1f-116"
Last-Modified: Thu, 02 Feb 2023 02:39:37 GMT
Server: ECS (amb/6B7F)
X-Cache: HIT
Content-Length: 278

anxioussituation.com/c-Dh9.6ob/2L5blvSMWGQW9RNEDQQ/zgOfTFkPx/Nzyp0L0xN/DtMQ5XOvTwEe4K

188.72.219.35

200 OK

26 kB

URL HTTP/2
anxioussituation.com/c-Dh9.6ob/2L5blvSMWGQW9RNEDQQ/zgOfTFkPx/Nzyp0L0xN/DtMQ5XOvTwEe4K
IP
188.72.219.35:0
ASN
#35415 Webzilla B.V.

File type
Unicode text, UTF-8 text, with very long lines (5600)
Size
26 kB (26196 bytes)
Hash
eca6438dbd537fee027deda51e04f5c3
1a949a75ead0c0465be4817397b01c887fea071d
7aa5939890a4e800a34c09960dda8cf24b561b02e51ac1348a152ca56b6077fc

HTTP Headers

GET /c-Dh9.6ob/2L5blvSMWGQW9RNEDQQ/zgOfTFkPx/Nzyp0L0xN/DtMQ5XOvTwEe4K HTTP/1.1
Host: anxioussituation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: application/javascript
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: *
last-modified: Thu, 02 Feb 2023 03:18:46 GMT
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
set-cookie: kadSlcJ=eyJ0aW1lU3RhbXAiOjE2NzUyODMwNzgsInpvbmVzIjp7IjQxNjc3NDEiOls0MTY3NzQxLDEsMTY3NTI4MzA3OF0sIjQ0Mzk5MTciOls0NDM5OTE3LDEsMTY3NTMwNzkyNl19fQ==; max-age=1706843926; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

limurol.com/ssp/req/1877814/?pb=4c43bae02cd1af3e6043a705f876f0fd1675315126&psp=Mx32RPy7rtgjVj0ztsuY4LBmedWQwk8ZUoNNwPYue-6WIBgEsDFV_C5Oqlp8F6ShdtQiGDbp31zof2X52NagdUBIfjUYAG-nQj_oxMd1aqXHXN0_1jTEAZ8MQRUViJ-POx4gsawthZg95eCaTCavnFCF4BOWNSxjlVNCTTFP_KEGNFoa2D3Qlb84mVlp7JTwBxsMXuSrZtj1tCwYXw9zFc3HEDi4ugtu4yNwjR77Vtl_7_G8UfqWF5f3JTsaz6NNMdwoZT3k-OqHq8fIgHPbjXIkLXWZ-lCL2y0qFQnLndLtmlDMO1E3XfPhT8qBNaYa367BZBGPwF3ejHjYIGIvySkZdzUAbb76ODfM2TV0SXD1asy-yZbDNkKt9FYAAK70-MMsFov_dnicBWRhf5iY04lxwlAlg8H8lDTZ96y9Fs3r0mUVgdyP5LKNHl8h9epPtlX_g8bJ_ec3ddzRO8slS1yxc3VyspE82m6boYVxWny9ry36kpya9xtDF6bjmWXv27GCsmWlmYRDJv8nzgdDyMtke30UqyD2xu8ri1IwR2LvB5PHHLTy2qMXN8YdUyD1Q87K1hORlh3JFQ87MQKn0O2pdrhrHVlLrQJdO0PQWGR2kw2mtrzXT7ZVwnu5oulR6L2IxSAdvaKe-PFOZI9y&cb=_cl37b1uifbp4tamjs8ndca&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24

62.122.171.6

200 OK

7 B

URL HTTP/2
limurol.com/ssp/req/1877814/?pb=4c43bae02cd1af3e6043a705f876f0fd1675315126&psp=Mx32RPy7rtgjVj0ztsuY4LBmedWQwk8ZUoNNwPYue-6WIBgEsDFV_C5Oqlp8F6ShdtQiGDbp31zof2X52NagdUBIfjUYAG-nQj_oxMd1aqXHXN0_1jTEAZ8MQRUViJ-POx4gsawthZg95eCaTCavnFCF4BOWNSxjlVNCTTFP_KEGNFoa2D3Qlb84mVlp7JTwBxsMXuSrZtj1tCwYXw9zFc3HEDi4ugtu4yNwjR77Vtl_7_G8UfqWF5f3JTsaz6NNMdwoZT3k-OqHq8fIgHPbjXIkLXWZ-lCL2y0qFQnLndLtmlDMO1E3XfPhT8qBNaYa367BZBGPwF3ejHjYIGIvySkZdzUAbb76ODfM2TV0SXD1asy-yZbDNkKt9FYAAK70-MMsFov_dnicBWRhf5iY04lxwlAlg8H8lDTZ96y9Fs3r0mUVgdyP5LKNHl8h9epPtlX_g8bJ_ec3ddzRO8slS1yxc3VyspE82m6boYVxWny9ry36kpya9xtDF6bjmWXv27GCsmWlmYRDJv8nzgdDyMtke30UqyD2xu8ri1IwR2LvB5PHHLTy2qMXN8YdUyD1Q87K1hORlh3JFQ87MQKn0O2pdrhrHVlLrQJdO0PQWGR2kw2mtrzXT7ZVwnu5oulR6L2IxSAdvaKe-PFOZI9y&cb=_cl37b1uifbp4tamjs8ndca&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

HTTP Headers

GET /ssp/req/1877814/?pb=4c43bae02cd1af3e6043a705f876f0fd1675315126&psp=Mx32RPy7rtgjVj0ztsuY4LBmedWQwk8ZUoNNwPYue-6WIBgEsDFV_C5Oqlp8F6ShdtQiGDbp31zof2X52NagdUBIfjUYAG-nQj_oxMd1aqXHXN0_1jTEAZ8MQRUViJ-POx4gsawthZg95eCaTCavnFCF4BOWNSxjlVNCTTFP_KEGNFoa2D3Qlb84mVlp7JTwBxsMXuSrZtj1tCwYXw9zFc3HEDi4ugtu4yNwjR77Vtl_7_G8UfqWF5f3JTsaz6NNMdwoZT3k-OqHq8fIgHPbjXIkLXWZ-lCL2y0qFQnLndLtmlDMO1E3XfPhT8qBNaYa367BZBGPwF3ejHjYIGIvySkZdzUAbb76ODfM2TV0SXD1asy-yZbDNkKt9FYAAK70-MMsFov_dnicBWRhf5iY04lxwlAlg8H8lDTZ96y9Fs3r0mUVgdyP5LKNHl8h9epPtlX_g8bJ_ec3ddzRO8slS1yxc3VyspE82m6boYVxWny9ry36kpya9xtDF6bjmWXv27GCsmWlmYRDJv8nzgdDyMtke30UqyD2xu8ri1IwR2LvB5PHHLTy2qMXN8YdUyD1Q87K1hORlh3JFQ87MQKn0O2pdrhrHVlLrQJdO0PQWGR2kw2mtrzXT7ZVwnu5oulR6L2IxSAdvaKe-PFOZI9y&cb=_cl37b1uifbp4tamjs8ndca&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/
Cookie: UID=230201221828b1659c719c451c909c3cf375
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

api.xxxtik.com/util/ad

104.16.243.78

204 No Content

0 B

URL HTTP/2
api.xxxtik.com/util/ad
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /util/ad HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://xxxtik.com/
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 204 No Content
date: Thu, 02 Feb 2023 03:18:46 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 204
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 792fc80e48ce1c16-OSL
X-Firefox-Spdy: h2

62.122.171.6

200 OK

7 B

URL HTTP/2
limurol.com/ssp/req/1877814/?pb=4c43bae02cd1af3e6043a705f876f0fd1675315126&psp=Mx32RPy7rtgjVj0ztsuY4LBmedWQwk8ZUoNNwPYue-6WIBgEsDFV_C5Oqlp8F6ShdtQiGDbp31zof2X52NagdUBIfjUYAG-nQj_oxMd1aqXHXN0_1jTEAZ8MQRUViJ-POx4gsawthZg95eCaTCavnFCF4BOWNSxjlVNCTTFP_KEGNFoa2D3Qlb84mVlp7JTwBxsMXuSrZtj1tCwYXw9zFc3HEDi4ugtu4yNwjR77Vtl_7_G8UfqWF5f3JTsaz6NNMdwoZT3k-OqHq8fIgHPbjXIkLXWZ-lCL2y0qFQnLndLtmlDMO1E3XfPhT8qBNaYa367BZBGPwF3ejHjYIGIvySkZdzUAbb76ODfM2TV0SXD1asy-yZbDNkKt9FYAAK70-MMsFov_dnicBWRhf5iY04lxwlAlg8H8lDTZ96y9Fs3r0mUVgdyP5LKNHl8h9epPtlX_g8bJ_ec3ddzRO8slS1yxc3VyspE82m6boYVxWny9ry36kpya9xtDF6bjmWXv27GCsmWlmYRDJv8nzgdDyMtke30UqyD2xu8ri1IwR2LvB5PHHLTy2qMXN8YdUyD1Q87K1hORlh3JFQ87MQKn0O2pdrhrHVlLrQJdO0PQWGR2kw2mtrzXT7ZVwnu5oulR6L2IxSAdvaKe-PFOZI9y&cb=_cl37b1uifbp4tamjs8ndca&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

HTTP Headers

GET /ssp/req/1877814/?pb=4c43bae02cd1af3e6043a705f876f0fd1675315126&psp=Mx32RPy7rtgjVj0ztsuY4LBmedWQwk8ZUoNNwPYue-6WIBgEsDFV_C5Oqlp8F6ShdtQiGDbp31zof2X52NagdUBIfjUYAG-nQj_oxMd1aqXHXN0_1jTEAZ8MQRUViJ-POx4gsawthZg95eCaTCavnFCF4BOWNSxjlVNCTTFP_KEGNFoa2D3Qlb84mVlp7JTwBxsMXuSrZtj1tCwYXw9zFc3HEDi4ugtu4yNwjR77Vtl_7_G8UfqWF5f3JTsaz6NNMdwoZT3k-OqHq8fIgHPbjXIkLXWZ-lCL2y0qFQnLndLtmlDMO1E3XfPhT8qBNaYa367BZBGPwF3ejHjYIGIvySkZdzUAbb76ODfM2TV0SXD1asy-yZbDNkKt9FYAAK70-MMsFov_dnicBWRhf5iY04lxwlAlg8H8lDTZ96y9Fs3r0mUVgdyP5LKNHl8h9epPtlX_g8bJ_ec3ddzRO8slS1yxc3VyspE82m6boYVxWny9ry36kpya9xtDF6bjmWXv27GCsmWlmYRDJv8nzgdDyMtke30UqyD2xu8ri1IwR2LvB5PHHLTy2qMXN8YdUyD1Q87K1hORlh3JFQ87MQKn0O2pdrhrHVlLrQJdO0PQWGR2kw2mtrzXT7ZVwnu5oulR6L2IxSAdvaKe-PFOZI9y&cb=_cl37b1uifbp4tamjs8ndca&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/
Cookie: UID=230201221828b1659c719c451c909c3cf375
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

api.xxxtik.com/user/by-username/sparklygirl22

104.16.243.78

204 No Content

0 B

URL HTTP/2
api.xxxtik.com/user/by-username/sparklygirl22
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /user/by-username/sparklygirl22 HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://xxxtik.com/
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 204 No Content
date: Thu, 02 Feb 2023 03:18:46 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 204
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 792fc80ea8e01c16-OSL
X-Firefox-Spdy: h2

api.xxxtik.com/tag/all

104.16.243.78

204 No Content

0 B

URL HTTP/2
api.xxxtik.com/tag/all
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /tag/all HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://xxxtik.com/
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 204 No Content
date: Thu, 02 Feb 2023 03:18:46 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 204
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 792fc80ea8d91c16-OSL
X-Firefox-Spdy: h2

api.xxxtik.com/user/explore

104.16.243.78

204 No Content

0 B

URL HTTP/2
api.xxxtik.com/user/explore
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /user/explore HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://xxxtik.com/
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 204 No Content
date: Thu, 02 Feb 2023 03:18:46 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 204
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 792fc80ea8dc1c16-OSL
X-Firefox-Spdy: h2

api.xxxtik.com/post/creator/sparklygirl22

104.16.243.78

204 No Content

0 B

URL HTTP/2
api.xxxtik.com/post/creator/sparklygirl22
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /post/creator/sparklygirl22 HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://xxxtik.com/
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 204 No Content
date: Thu, 02 Feb 2023 03:18:46 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 204
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 792fc80eb8e11c16-OSL
X-Firefox-Spdy: h2

api.xxxtik.com/util/ad

104.16.243.78

200 OK

28 B

URL HTTP/2
api.xxxtik.com/util/ad
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
28 B (28 bytes)
Hash
8c37ef1c638fa1b48be33a9f51b1f4ae
2841ab40832c49fbf03dc08aa20e7d72d6a9e09d
e784d325f7754120121e1182df64aa767361e2621bb749c2a620fe740a28efa0

HTTP Headers

GET /util/ad HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Bearer null
Origin: https://xxxtik.com
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:47 GMT
content-type: application/json; charset=utf-8
content-length: 28
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1c-KEGrQIMsSfvwPcCKog59ctap4J0"
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 792fc80ea8db1c16-OSL
X-Firefox-Spdy: h2

api.xxxtik.com/user/by-username/sparklygirl22

104.16.243.78

204 No Content

0 B

URL HTTP/2
api.xxxtik.com/user/by-username/sparklygirl22
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /user/by-username/sparklygirl22 HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://xxxtik.com/
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 204 No Content
date: Thu, 02 Feb 2023 03:18:47 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 204
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 792fc81189661c16-OSL
X-Firefox-Spdy: h2

xxxtik.com/assets/icons/apple-icon-180.png

104.16.243.78

200 OK

7.2 kB

URL HTTP/2
xxxtik.com/assets/icons/apple-icon-180.png
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
7.2 kB (7187 bytes)
Hash
5368473da77744b7bb51877003f576f5
8fe9f0317027936cc6ac7563cc5504298b7e293b
2dabb3d8333c64b8c6c5cfde229248f759d6292017caacd189dadcf92da8be08

HTTP Headers

GET /assets/icons/apple-icon-180.png HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Cookie: __PPU___PPU_SESSION_URL=%2F%40sparklygirl22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:47 GMT
content-type: image/png
content-length: 7187
last-modified: Wed, 01 Feb 2023 04:51:19 GMT
x-rgw-object-type: Normal
etag: "5368473da77744b7bb51877003f576f5"
x-amz-request-id: tx000000000000011da4e0f-0063d9f0cc-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 77633
accept-ranges: bytes
server: cloudflare
cf-ray: 792fc81328e80b51-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

xxxtik.com/favicon.ico

104.16.243.78

200 OK

3.4 kB

URL HTTP/2
xxxtik.com/favicon.ico
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
3.4 kB (3398 bytes)
Hash
a37e8a96481a42741d540125fb91c2ba
b37ad5c445f209acd55b412b42a9bee0d8b6d3ac
3447b493e256a9c6fcc4f0d249b293e1ba4f14b84bde0d17556aff6bebb4c82e

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Cookie: __PPU___PPU_SESSION_URL=%2F%40sparklygirl22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:47 GMT
content-type: image/vnd.microsoft.icon
last-modified: Wed, 01 Feb 2023 04:51:20 GMT
x-rgw-object-type: Normal
etag: W/"29106370cf95f66f4650a10526790182"
x-amz-request-id: tx000000000000011da439b-0063d9f08c-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80651
server: cloudflare
cf-ray: 792fc81328ea0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

godpvqnszo.com/aas/r45d/vki/1877814/58741348.js

62.122.171.6

200 OK

30 kB

URL HTTP/2
godpvqnszo.com/aas/r45d/vki/1877814/58741348.js
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
data
Size
30 kB (29895 bytes)
Hash
4c4ca1f779ed4ba1619df1780e1c765e
05a32dc15894f86c316c361f79b4374ba295b14d
d5b117e510641d4932f78e5cf0b5a316336f42ace01c1fb999acfed2872c02a3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /aas/r45d/vki/1877814/58741348.js HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 12:24:53 GMT
vary: Accept-Encoding
etag: W/"63d90895-126ea"
x-js-ab1: var2
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

firebaseinstallations.googleapis.com/v1/projects/xxxtik/installations

142.250.74.106

200 OK

0 B

URL HTTP/2
firebaseinstallations.googleapis.com/v1/projects/xxxtik/installations
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v1/projects/xxxtik/installations HTTP/1.1
Host: firebaseinstallations.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key
Referer: https://xxxtik.com/
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://xxxtik.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key
access-control-max-age: 3600
date: Thu, 02 Feb 2023 03:18:47 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

firebase.googleapis.com/v1alpha/projects/-/apps/1:560873874866:web:ba1c6ecca2355d7a4670ab/webConfig

142.250.74.170

200 OK

0 B

URL HTTP/2
firebase.googleapis.com/v1alpha/projects/-/apps/1:560873874866:web:ba1c6ecca2355d7a4670ab/webConfig
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v1alpha/projects/-/apps/1:560873874866:web:ba1c6ecca2355d7a4670ab/webConfig HTTP/1.1
Host: firebase.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-goog-api-key
Referer: https://xxxtik.com/
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://xxxtik.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: x-goog-api-key
access-control-max-age: 3600
date: Thu, 02 Feb 2023 03:18:47 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

firebase.googleapis.com/v1alpha/projects/-/apps/1:560873874866:web:ba1c6ecca2355d7a4670ab/webConfig

142.250.74.170

200 OK

198 B

URL HTTP/2
firebase.googleapis.com/v1alpha/projects/-/apps/1:560873874866:web:ba1c6ecca2355d7a4670ab/webConfig
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text
Size
198 B (198 bytes)
Hash
b4f9a034e0eb9701d87f5d90187194dc
9b52bc612108e4056a7fb0cfda273b80f48ab767
3612a7282a71a285c2aae99ff2dfd9c57661fcf595b74f1c873a33f6ae2eff8f

HTTP Headers

GET /v1alpha/projects/-/apps/1:560873874866:web:ba1c6ecca2355d7a4670ab/webConfig HTTP/1.1
Host: firebase.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xxxtik.com/
x-goog-api-key: AIzaSyAm9k1Y1GRbET-w1Z9joYMp63x1EHwZ5fY
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 02 Feb 2023 03:18:47 GMT
server: ESF
cache-control: private
content-length: 198
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://xxxtik.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12291
Expires: Thu, 02 Feb 2023 06:43:38 GMT
Date: Thu, 02 Feb 2023 03:18:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12291
Expires: Thu, 02 Feb 2023 06:43:38 GMT
Date: Thu, 02 Feb 2023 03:18:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12291
Expires: Thu, 02 Feb 2023 06:43:38 GMT
Date: Thu, 02 Feb 2023 03:18:47 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9416 bytes)
Hash
6790e3bf4d10b1ffba32a22dc588c640
cdae35517dfea800134393a1095f44462bc428a5
4f4132588ee7337fff24da64b89e43b277c4ef0a2646acfba37aea08fc0f4256

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9416
x-amzn-requestid: acc48967-4cc1-4bfd-bc33-7bcefd8e6547
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGjqIAMFa2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-1d1cd4de0a30760e792d32e5;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tO6GOuwj9So6Itm9ug-EQgF5iJ3NPidhS8OY4LpBvq0XftWTqGcOHA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:16 GMT
age: 19291
etag: "cdae35517dfea800134393a1095f44462bc428a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9221 bytes)
Hash
df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 18400
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7960 bytes)
Hash
604c573da6f79effa2a81e711c14ad9e
322a3a510ca73e124d78e31b49d676ec891a6762
8d2b897fe4251106be9183fa2a6a3b0918cd1f4dcc5f814aa88a630a77b4045c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: 774cebdf-b2bf-4a98-9d2b-e2abd4bd1a2b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BG-hoAMFTSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-234163873ca67e934d684a1d;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uv7tRovOGAr5hGDOcMmPoh29VHlsX4bvWxjRLCXV1Bpg9l0dOBJxFA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:15:49 GMT
age: 18178
etag: "322a3a510ca73e124d78e31b49d676ec891a6762"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 02:29:58 GMT
age: 2929
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

api.xxxtik.com/util/meta

104.16.243.78

200 OK

5.8 kB

URL HTTP/2
api.xxxtik.com/util/meta
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
5.8 kB (5804 bytes)
Hash
43c0082a5d9219db6d3dd505b74e1023
815f7118955a6c6db2113fe159b3488a2a2987f1
4950e4a0da194a89bf12df96f19175adaa2d84619ae18b40003438c89b9d10c8

HTTP Headers

GET /util/meta HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xxxtik.com/
Origin: https://xxxtik.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
etag: W/"124-IXdAReNEVhK8Nib0a13GnMBJKj4"
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 792fc80d58a31c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5356 bytes)
Hash
7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 17992
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?l=dataLayer&id=G-5QBTTR6TGX

142.250.74.168

200 OK

67 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?l=dataLayer&id=G-5QBTTR6TGX
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3974)
Size
67 kB (67237 bytes)
Hash
167e1e835a6eb67101cb531ecf6730f5
19c2f859b80165b95baf3528e4af13646138f40a
d59654d3ec87620e9f8ef4d992ed8b51422e447511ac0b59112a4eeb83b624cb

HTTP Headers

GET /gtag/js?l=dataLayer&id=G-5QBTTR6TGX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 03:18:47 GMT
expires: Thu, 02 Feb 2023 03:18:47 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67237
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:18:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firebaseinstallations.googleapis.com/v1/projects/xxxtik/installations

142.250.74.106

200 OK

486 B

URL HTTP/2
firebaseinstallations.googleapis.com/v1/projects/xxxtik/installations
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (328)
Size
486 B (486 bytes)
Hash
1f23e3f34a3dfe01755f810dfdd395c8
157c1e8fe10485da07ba633d21836dc4c2ba6fc0
dd1e3ef2eb817c57646c3cec15333f58e46bae63743ec2abab391d5f332d0666

HTTP Headers

POST /v1/projects/xxxtik/installations HTTP/1.1
Host: firebaseinstallations.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xxxtik.com/
content-type: application/json
x-goog-api-key: AIzaSyAm9k1Y1GRbET-w1Z9joYMp63x1EHwZ5fY
Origin: https://xxxtik.com
Content-Length: 131
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 02 Feb 2023 03:18:47 GMT
server: ESF
cache-control: private
content-length: 486
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://xxxtik.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-5QBTTR6TGX&gtm=2oe1u0&_p=936692006&_fid=f5cX2qV0-KRD9tNK_NObHa&cid=2044748645.1675307952&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675307952&sct=1&seg=0&dl=https%3A%2F%2Fxxxtik.com%2F%40sparklygirl22&dr=https%3A%2F%2Fwww.google.com%2F&dt=%40sparklygirl22%20%7C%20xxxtik&en=page_view&_fv=2&_nsi=1&_ss=1&_ee=1&ep.origin=firebase

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-5QBTTR6TGX&gtm=2oe1u0&_p=936692006&_fid=f5cX2qV0-KRD9tNK_NObHa&cid=2044748645.1675307952&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675307952&sct=1&seg=0&dl=https%3A%2F%2Fxxxtik.com%2F%40sparklygirl22&dr=https%3A%2F%2Fwww.google.com%2F&dt=%40sparklygirl22%20%7C%20xxxtik&en=page_view&_fv=2&_nsi=1&_ss=1&_ee=1&ep.origin=firebase
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-5QBTTR6TGX&gtm=2oe1u0&_p=936692006&_fid=f5cX2qV0-KRD9tNK_NObHa&cid=2044748645.1675307952&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675307952&sct=1&seg=0&dl=https%3A%2F%2Fxxxtik.com%2F%40sparklygirl22&dr=https%3A%2F%2Fwww.google.com%2F&dt=%40sparklygirl22%20%7C%20xxxtik&en=page_view&_fv=2&_nsi=1&_ss=1&_ee=1&ep.origin=firebase HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xxxtik.com
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://xxxtik.com
date: Thu, 02 Feb 2023 03:18:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
75571aaa31250a8d79dfb63e402e2fb7
c8825bb891f602dd47c31f8cddb74faa5af7fff1
36f969bea53fb2ff698e6377b74ffb60967e686fd8e889ac9f0a05f5032599f8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36F969BEA53FB2FF698E6377B74FFB60967E686FD8E889AC9F0A05F5032599F8"
Last-Modified: Tue, 31 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1270
Expires: Thu, 02 Feb 2023 03:40:00 GMT
Date: Thu, 02 Feb 2023 03:18:50 GMT
Connection: keep-alive

api.xxxtik.com/user/by-username/sparklygirl22

104.16.243.78

200 OK

720 B

URL HTTP/2
api.xxxtik.com/user/by-username/sparklygirl22
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (315), with no line terminators
Size
720 B (720 bytes)
Hash
d08f1135b4acbdf5cfede3bd14e0632b
a19536bf1d10078e13b27056b32a15332bbfc038
0ce6a483142c7ba342635b685a4e75225f2df4fc4e8772d84867b2f7efdb5a7c

HTTP Headers

GET /user/by-username/sparklygirl22 HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Bearer null
Origin: https://xxxtik.com
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:48 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
etag: W/"13b-LGsUPM9OJWPrJHe8UcRnei/emes"
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 792fc811d9711c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

api.xxxtik.com/post/creator/sparklygirl22

104.16.243.78

200 OK

4.7 kB

URL HTTP/2
api.xxxtik.com/post/creator/sparklygirl22
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (2488), with no line terminators
Size
4.7 kB (4715 bytes)
Hash
9f63f84ed297fd0a8a6c090fd1da0d21
d16d13747945be72c7bdc7e7bb97f364dca5c596
7901f26d5f97dd22fd40b805e453490f0a21b4367d73b638bc71140ceae065f2

HTTP Headers

GET /post/creator/sparklygirl22 HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Bearer null
Origin: https://xxxtik.com
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:50 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
etag: W/"9b8-Ld3xIKEyep0if/mIHlwRsK+mt7o"
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 792fc80f08f71c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.xxxtik.com/production/media/0312/_9Q1cExd/thumbnail.webp

169.150.247.36

200 OK

8.0 kB

URL HTTP/2
cdn.xxxtik.com/production/media/0312/_9Q1cExd/thumbnail.webp
IP
169.150.247.36:0
ASN
#0

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 202x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.0 kB (8042 bytes)
Hash
63a06ea819d6a739f7da9085ecbf4f39
64a931ab7a44dea7296bb3df5c7b7bbaacd19281
c483e9db292e169b7732dd009287e26f5045f67aad31ba1dc81b7dce2e9846a3

HTTP Headers

GET /production/media/0312/_9Q1cExd/thumbnail.webp HTTP/1.1
Host: cdn.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/
Cookie: _ga_5QBTTR6TGX=GS1.1.1675307952.1.0.1675307952.0.0.0; _ga=GA1.1.2044748645.1675307952
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:50 GMT
content-type: application/octet-stream
content-length: 8042
server: BunnyCDN-DE1-1079
cdn-pullzone: 1094868
cdn-uid: 85fbd6a2-84ee-44f0-b614-79f36ab7f7a3
cdn-requestcountrycode: NO
cache-control: max-age=86400
last-modified: Sun, 04 Dec 2022 02:18:50 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000000000000b0f1c8e6-0063d5c4d6-7acffed3-fra1b
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1674953929.dop206.fr8.shc,1674953942.dop206.fr8.t,1674953942.cds231.fr8.pr
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 01/29/2023 00:59:02
cdn-edgestorageid: 1081
cdn-status: 200
cdn-requestid: e3c9ba270a9975392185386f64ca193f
cdn-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

xxxtik.com/assets/fonts/Epilogue-Regular.ttf

104.16.243.78

200 OK

0 B

URL HTTP/2
xxxtik.com/assets/fonts/Epilogue-Regular.ttf
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/fonts/Epilogue-Regular.ttf HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: font/ttf
last-modified: Wed, 01 Feb 2023 04:51:19 GMT
x-rgw-object-type: Normal
etag: W/"02986281c9b30ba0359d3873ce633b4b"
x-amz-request-id: tx000000000000011da4305-0063d9f08a-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80652
server: cloudflare
cf-ray: 792fc809debf0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

xxxtik.com/polyfills-es2015.6a08dc48db5c67a09c90.js

104.16.243.78

200 OK

0 B

URL HTTP/2
xxxtik.com/polyfills-es2015.6a08dc48db5c67a09c90.js
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /polyfills-es2015.6a08dc48db5c67a09c90.js HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 Feb 2023 04:51:20 GMT
x-rgw-object-type: Normal
etag: W/"c8f0d497527ca84e1915e692c57ee8c3"
x-amz-request-id: tx000000000000011da4f18-0063d9f0d4-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80578
server: cloudflare
cf-ray: 792fc809ceb90b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

godpvqnszo.com/get/1877814?zoneid=1877814&jp=_cliktxf8lw8qxil7idhsjy&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2080117818837733

62.122.171.6

200 OK

0 B

URL HTTP/2
godpvqnszo.com/get/1877814?zoneid=1877814&jp=_cliktxf8lw8qxil7idhsjy&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2080117818837733
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /get/1877814?zoneid=1877814&jp=_cliktxf8lw8qxil7idhsjy&nojs=0&ix=0&abvar=2&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2080117818837733 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=230201221879462ae3675e4c4b89f526cf53; Path=/; Expires=Fri, 02 Feb 2024 03:18:46 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

xxxtik.com/styles.c61175e2881f4b754112.css

104.16.243.78

200 OK

0 B

URL HTTP/2
xxxtik.com/styles.c61175e2881f4b754112.css
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /styles.c61175e2881f4b754112.css HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 01 Feb 2023 04:51:20 GMT
x-rgw-object-type: Normal
etag: W/"4944d2eb3580e06ced39ea24a67e75df"
x-amz-request-id: tx000000000000011da4324-0063d9f08a-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80652
server: cloudflare
cf-ray: 792fc809cebc0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

xxxtik.com/common-es2015.4459eebe4ae06043c05e.js

104.16.243.78

200 OK

0 B

URL HTTP/2
xxxtik.com/common-es2015.4459eebe4ae06043c05e.js
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /common-es2015.4459eebe4ae06043c05e.js HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 Feb 2023 04:51:20 GMT
x-rgw-object-type: Normal
etag: W/"d8044e31e23aa6905d06971d4248d90b"
x-amz-request-id: tx000000000000011da4535-0063d9f096-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80640
server: cloudflare
cf-ray: 792fc80c3f4d0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

xxxtik.com/1-es2015.4557cde4a4aa99a7374b.js

104.16.243.78

200 OK

0 B

URL HTTP/2
xxxtik.com/1-es2015.4557cde4a4aa99a7374b.js
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1-es2015.4557cde4a4aa99a7374b.js HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 Feb 2023 04:51:19 GMT
x-rgw-object-type: Normal
etag: W/"8e6fdbd4e0261183b2096fa989a4792d"
x-amz-request-id: tx000000000000011da4d04-0063d9f0c7-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80591
server: cloudflare
cf-ray: 792fc80c3f4f0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

api.xxxtik.com/tag/all

104.16.243.78

200 OK

0 B

URL HTTP/2
api.xxxtik.com/tag/all
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag/all HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Bearer null
Origin: https://xxxtik.com
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:47 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
etag: W/"6861f-b2ANPvEQEPRSfpeZuwyg+bClpRc"
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 792fc80f08f51c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

xxxtik.com/@sparklygirl22

104.16.243.78

200 OK

0 B

URL HTTP/2
xxxtik.com/@sparklygirl22
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /@sparklygirl22 HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:45 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 01 Feb 2023 04:51:20 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx0000000000000120700df-0063db2b95-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 404
cf-cache-status: MISS
server: cloudflare
cf-ray: 792fc8070e030b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

xxxtik.com/assets/images/loading.svg

104.16.243.78

200 OK

0 B

URL HTTP/2
xxxtik.com/assets/images/loading.svg
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/images/loading.svg HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: image/svg+xml
last-modified: Wed, 01 Feb 2023 04:51:20 GMT
x-rgw-object-type: Normal
etag: W/"37cbaacdfe18fe4346c8c951c59e8542"
x-amz-request-id: tx000000000000011da4301-0063d9f08a-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80652
server: cloudflare
cf-ray: 792fc809ceb70b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

xxxtik.com/assets/fonts/Epilogue-ExtraBold.ttf

104.16.243.78

200 OK

0 B

URL HTTP/2
xxxtik.com/assets/fonts/Epilogue-ExtraBold.ttf
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/fonts/Epilogue-ExtraBold.ttf HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/styles.c61175e2881f4b754112.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: font/ttf
last-modified: Wed, 01 Feb 2023 04:51:19 GMT
x-rgw-object-type: Normal
etag: W/"59324237cca6756fd31c478be041dccc"
x-amz-request-id: tx000000000000011da4342-0063d9f08b-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80651
server: cloudflare
cf-ray: 792fc80d3f7c0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

xxxtik.com/assets/fonts/Epilogue-SemiBold.ttf

104.16.243.78

200 OK

0 B

URL HTTP/2
xxxtik.com/assets/fonts/Epilogue-SemiBold.ttf
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/fonts/Epilogue-SemiBold.ttf HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/styles.c61175e2881f4b754112.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: font/ttf
last-modified: Wed, 01 Feb 2023 04:51:19 GMT
x-rgw-object-type: Normal
etag: W/"c2c56f65f995086461bf162a701abae5"
x-amz-request-id: tx000000000000011da4345-0063d9f08b-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80651
server: cloudflare
cf-ray: 792fc80d4f810b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

api.xxxtik.com/user/explore

104.16.243.78

200 OK

0 B

URL HTTP/2
api.xxxtik.com/user/explore
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /user/explore HTTP/1.1
Host: api.xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Bearer null
Origin: https://xxxtik.com
Connection: keep-alive
Referer: https://xxxtik.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:47 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1df15-ee03KB2WyU/h1N5k2aYX7sDcEvU"
x-do-app-origin: 4abf1627-e6ab-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 792fc80f08f61c16-OSL
content-encoding: br
X-Firefox-Spdy: h2

xxxtik.com/main-es2015.8d66bf66fe2ba09b2ff6.js

104.16.243.78

200 OK

0 B

URL HTTP/2
xxxtik.com/main-es2015.8d66bf66fe2ba09b2ff6.js
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /main-es2015.8d66bf66fe2ba09b2ff6.js HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 Feb 2023 04:51:20 GMT
x-rgw-object-type: Normal
etag: W/"5ed868c4c5ae52b30d4d5cde0e554f96"
x-amz-request-id: tx000000000000011da1f24-0063d9eff0-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80579
server: cloudflare
cf-ray: 792fc809ceba0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

xxxtik.com/636-es2015.c45292405eac6e6cdd4a.js

104.16.243.78

200 OK

0 B

URL HTTP/2
xxxtik.com/636-es2015.c45292405eac6e6cdd4a.js
IP
104.16.243.78:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /636-es2015.c45292405eac6e6cdd4a.js HTTP/1.1
Host: xxxtik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xxxtik.com/@sparklygirl22
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:18:46 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 Feb 2023 04:51:19 GMT
x-rgw-object-type: Normal
etag: W/"68317f95773f02566ffc4d1bdac6dc79"
x-amz-request-id: tx000000000000011da4336-0063d9f08b-5c92220d-fra1b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: 21d6262b-e6ae-11ec-b1dc-0c42a19a82a7
x-do-static-catchall-document: index.html
x-do-orig-status: 200
cf-cache-status: HIT
age: 80651
server: cloudflare
cf-ray: 792fc80c0f400b51-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML