www.kossyderrickent.com/2022/08/blowjob-yacht-video-heavyweight.html
301 Moved Permanently 0 B URL HTTP/1.1 www.kossyderrickent.com/2022/08/blowjob-yacht-video-heavyweight.html
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2022/08/blowjob-yacht-video-heavyweight.html HTTP/1.1
Host: www.kossyderrickent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Sep 2022 23:17:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 02 Sep 2022 00:17:37 GMT
Location: https://www.kossyderrickent.com/2022/08/blowjob-yacht-video-heavyweight.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLi5xODDT%2BYCRbh%2B%2FqoXQjUFi7Dk211UsH5ox3PvKxfCv4mPnBatFTWdmwRWnV%2BPaAnnvcWk4NlCMvaSulGoFOKeX285q78MfpVv75l0nPD2gimGdwSS9cHG5q6U8aDMNP9TH8CL%2FqC4iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7441b86db96cb505-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 22:41:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tv6-9tT5O74L460E_Cp-5gLIyMUZ0C4ByMf6f78L3163VpYdao9Q6Q==
Age: 2168
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2988
Expires: Fri, 02 Sep 2022 00:07:25 GMT
Date: Thu, 01 Sep 2022 23:17:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VuV49EJwQRcFNCVGZt3QBJGMI4FY1mtiJwv5KHWfTXYHXqI3wjHjlg==
age: 79341
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 23:17:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 01 Sep 2022 22:57:05 GMT
Expires: Thu, 01 Sep 2022 23:03:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: imXp0pRruhQZrar7fJlUCFGBTgDPyMn7TJmkls5Kgh9aCGJ0RQrm6Q==
Age: 1233
ocsp.digicert.com/
200 OK 471 B IP
Hash 2eb022bbcb69557dc09477b624814e87
6030f2c630a01fbc027c887d31e696f84cc60c97
d7a508e276f0ca1b58b6af39720fb7ebb26fb38df50a159eb82d1d2542610b85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4330
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:38 GMT
Last-Modified: Thu, 01 Sep 2022 22:05:28 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 59bdc2e0a449c6388eb0c96da3586600
c61d2414961c4f05c9bcf400d6a1d9792fbe9093
2b3c911dddbf9fad01ea3232354ac2f0e6731541ab3a7e916ef09682dd43cf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9db2712076236e277a9606d4730106bf
e8ab1281fa273b228e737acaaacb986f9b2a2c2c
938cfe9830dd8ef41e6dff02cd2aa10d654fb7f5e7aa0b2bee317118e00de4da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9db2712076236e277a9606d4730106bf
e8ab1281fa273b228e737acaaacb986f9b2a2c2c
938cfe9830dd8ef41e6dff02cd2aa10d654fb7f5e7aa0b2bee317118e00de4da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 846401c7afd6f6d47ad72e731c1685dc
dbd5c7f876f91b80035c5de6160b05b17be021ef
59df3f4a2f3f4bdddd03f932781edc31bce072f539d643cc0fcd27be4631e5ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-QC30loAH8GI/YEeVyPkoEsI/AAAAAAAARN8/CyUz_kOzjL4-QCZQomuynmMJYYvm29CmwCK4BGAYYCw/s480/IMG_20210309_163427_703.png
200 OK 8.6 kB URL HTTP/2 2.bp.blogspot.com/-QC30loAH8GI/YEeVyPkoEsI/AAAAAAAARN8/CyUz_kOzjL4-QCZQomuynmMJYYvm29CmwCK4BGAYYCw/s480/IMG_20210309_163427_703.png
IP
File type PNG image data, 480 x 160, 8-bit/color RGBA, non-interlaced\012- data
Hash 1fe914a2fddcb6fd802b8a825b03dd6c
21884dc46e27f3fe46094f7b91fecf7f857f34f3
fde70591373c6b01d6f41692837071d328b878742f98f46c3257f07be966ee3d
GET /-QC30loAH8GI/YEeVyPkoEsI/AAAAAAAARN8/CyUz_kOzjL4-QCZQomuynmMJYYvm29CmwCK4BGAYYCw/s480/IMG_20210309_163427_703.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="IMG_20210309_163427_703.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 8625
x-xss-protection: 0
date: Thu, 01 Sep 2022 20:33:51 GMT
expires: Fri, 15 Apr 2022 21:51:08 GMT
cache-control: public, max-age=86400, no-transform
age: 9827
etag: "v44e0"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Aug 2022 08:13:03 GMT
expires: Sat, 26 Aug 2023 08:13:03 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 25 Aug 2022 15:53:50 GMT
content-type: text/css
age: 572675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.bp.blogspot.com/-zcPwXst7AiM/XcdrlYJJ1RI/AAAAAAAAA2A/5asIZ0DbQoQFiiMPdI0PEVnjWxOUkmbEwCK4BGAYYCw/s1600/Advertise.gif
200 OK 18 kB URL HTTP/2 4.bp.blogspot.com/-zcPwXst7AiM/XcdrlYJJ1RI/AAAAAAAAA2A/5asIZ0DbQoQFiiMPdI0PEVnjWxOUkmbEwCK4BGAYYCw/s1600/Advertise.gif
IP
File type GIF image data, version 87a, 280 x 186\012- data
Hash 3f417954e1123745d4b94dada91bbaad
2b8e2c3505005ebb6ce11ad3b74f821df5d15016
ee6b6b35e4f806595e0da96995f95f4c62a1c01967ef3745fbcfc9baf1814e26
GET /-zcPwXst7AiM/XcdrlYJJ1RI/AAAAAAAAA2A/5asIZ0DbQoQFiiMPdI0PEVnjWxOUkmbEwCK4BGAYYCw/s1600/Advertise.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Advertise.gif"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 17471
x-xss-protection: 0
date: Thu, 01 Sep 2022 20:33:51 GMT
expires: Tue, 08 Mar 2022 09:47:46 GMT
cache-control: public, max-age=86400, no-transform
age: 9827
etag: "v361"
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 846401c7afd6f6d47ad72e731c1685dc
dbd5c7f876f91b80035c5de6160b05b17be021ef
59df3f4a2f3f4bdddd03f932781edc31bce072f539d643cc0fcd27be4631e5ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img1.blogblog.com/img/icon18_email.gif
200 OK 164 B URL HTTP/2 img1.blogblog.com/img/icon18_email.gif
IP
File type GIF image data, version 89a, 18 x 13\012- data
Hash 36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
GET /img/icon18_email.gif HTTP/1.1
Host: img1.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Aug 2022 15:34:28 GMT
expires: Fri, 02 Sep 2022 15:34:28 GMT
cache-control: public, max-age=604800
last-modified: Thu, 25 Aug 2022 14:52:29 GMT
content-type: image/gif
age: 546190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 59bdc2e0a449c6388eb0c96da3586600
c61d2414961c4f05c9bcf400d6a1d9792fbe9093
2b3c911dddbf9fad01ea3232354ac2f0e6731541ab3a7e916ef09682dd43cf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-LeOd3ALR2xA/UbmVttsOBZI/AAAAAAAABZg/Qp8oxTLN_x4/s1600/bg.png
200 OK 2.9 kB URL HTTP/2 1.bp.blogspot.com/-LeOd3ALR2xA/UbmVttsOBZI/AAAAAAAABZg/Qp8oxTLN_x4/s1600/bg.png
IP
File type PNG image data, 99 x 99, 8-bit colormap, non-interlaced\012- data
Hash ab25e409f981e3379a25153a5f473b60
92011e07f37a15fd9302c23c081645c10bc16283
32df16fb278d8f2f3340202fda7810da07736103323da7ab658378c64f64af03
GET /-LeOd3ALR2xA/UbmVttsOBZI/AAAAAAAABZg/Qp8oxTLN_x4/s1600/bg.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="bg.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2891
x-xss-protection: 0
date: Thu, 01 Sep 2022 20:33:34 GMT
expires: Tue, 08 Mar 2022 08:57:17 GMT
cache-control: public, max-age=86400, no-transform
age: 9844
etag: "v599"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9db2712076236e277a9606d4730106bf
e8ab1281fa273b228e737acaaacb986f9b2a2c2c
938cfe9830dd8ef41e6dff02cd2aa10d654fb7f5e7aa0b2bee317118e00de4da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9db2712076236e277a9606d4730106bf
e8ab1281fa273b228e737acaaacb986f9b2a2c2c
938cfe9830dd8ef41e6dff02cd2aa10d654fb7f5e7aa0b2bee317118e00de4da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 846401c7afd6f6d47ad72e731c1685dc
dbd5c7f876f91b80035c5de6160b05b17be021ef
59df3f4a2f3f4bdddd03f932781edc31bce072f539d643cc0fcd27be4631e5ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 846401c7afd6f6d47ad72e731c1685dc
dbd5c7f876f91b80035c5de6160b05b17be021ef
59df3f4a2f3f4bdddd03f932781edc31bce072f539d643cc0fcd27be4631e5ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7040539fecb815b0cc84c15e3e2e99df
761de2d6da86cb1df6bb1fdd85ad71f75a825bb4
b1edf3547f6db4798d46a116924942acc48ad56da1fd61f9951acf93053a6578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UcZdhXkrhD9Y4zWJmA+D2g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: G3V4rTMEEtL2iU5bPUdq1XeM43o=
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 08:19:08 GMT
expires: Tue, 29 Aug 2023 08:19:08 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 313110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-150405982-1
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-150405982-1
IP
File type ASCII text, with very long lines (1615)
Hash 9987e10776f5d4b26ee37a0659a3d67a
170e45a40c1249d4b0949f628415efdb98d98b01
79d99cd4767b6107f80347e1a2344f47dcbd9274d64999379c3ae20ec2dfb53b
GET /gtag/js?id=UA-150405982-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Sep 2022 23:17:38 GMT
expires: Thu, 01 Sep 2022 23:17:38 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Sep 2022 22:36:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41917
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 18:53:20 GMT
expires: Tue, 29 Aug 2023 18:53:20 GMT
cache-control: public, max-age=31536000
age: 275058
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7040539fecb815b0cc84c15e3e2e99df
761de2d6da86cb1df6bb1fdd85ad71f75a825bb4
b1edf3547f6db4798d46a116924942acc48ad56da1fd61f9951acf93053a6578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 1.1 kB IP
File type gzip compressed data, from Unix\012- data
Hash 10596f482cc745a5b1f65c26d4b22189
cdc201af0712dda6a6feac90ddd7a456b16cb639
7e6dfa4bbfa39768430e34fc0ee4235b9f2fd3e98a61e1f84b3a80b494cdd1b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 280 B IP
Hash ad890c409495a553b12f8f400b05495b
86ac13bbb1cea9b59ba1011ea0e0f645ef71dd6c
e4deba23ac0c243f388079559781ab00c5b47f82ed62975ef5a3aea9fdc34c4c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5748
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:38 GMT
Last-Modified: Thu, 01 Sep 2022 21:41:51 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 21:14:35 GMT
expires: Tue, 29 Aug 2023 21:14:35 GMT
cache-control: public, max-age=31536000
age: 266583
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic%7COswald:300,400,700%7CShadows+Into+Light
200 OK 1.9 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic%7COswald:300,400,700%7CShadows+Into+Light
IP
File type ASCII text, with very long lines (2346)
Hash e908c571eabe99060392c1a5b7b78790
935f9fc941b5eaf45102265ad8e46839c73f4a7f
e2d9306104fe2c6c5e329ce0aab309ad327b0bc33e35fedb65f41825ce4cf961
GET /css?family=Open+Sans:400,400italic,700,700italic%7COswald:300,400,700%7CShadows+Into+Light HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Sep 2022 23:17:38 GMT
date: Thu, 01 Sep 2022 23:17:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 18:59:14 GMT
expires: Tue, 29 Aug 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 274704
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6f0d13621a550aa591f087c2945aa2c5
18b520f7f9a71966c115f664def155bcacc60096
cf7e40d37010a5aa8ab4cb3091bd665b7401fa42fac3b1de62ca7a48c6b89b4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5750c2d8ad348838b41b96ebb27b0b81
86526a56637555a0463df607b7b5cf565a439f27
5cbde2bd32be846c5afb1fce35b0f7de0c4aeec9de4213ddd118467ea70c3e62
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2188395133281322
200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2188395133281322
IP
File type ASCII text, with very long lines (2897)
Hash cc2ad089e64d272cafd046cc5c42ab1a
141609c4f129d1f3cc2373e6b5d9c0262d28e25e
d8da86c6709a196f9059e8049a53d4063d82334f32023adc9a2e34add4b8ef3e
GET /pagead/js/adsbygoogle.js?client=ca-pub-2188395133281322 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Thu, 01 Sep 2022 23:17:38 GMT
expires: Thu, 01 Sep 2022 23:17:38 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15627426818900069015
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57469
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6f0d13621a550aa591f087c2945aa2c5
18b520f7f9a71966c115f664def155bcacc60096
cf7e40d37010a5aa8ab4cb3091bd665b7401fa42fac3b1de62ca7a48c6b89b4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
scripts.cleverwebserver.com/ce548937d479b760d4d7c5d5568f02a0.js
200 OK 48 kB URL HTTP/2 scripts.cleverwebserver.com/ce548937d479b760d4d7c5d5568f02a0.js
IP
File type Unicode text, UTF-8 text, with very long lines (65455), with no line terminators
Hash 21ff6757affaea60b7e862caa7bf735b
5256d8a15b26d1f314eacdf327e08424ad310864
fa8529d86824101d4a6df22f1191214941905f6997574869cc2c6aa0bf9ba4a3
GET /ce548937d479b760d4d7c5d5568f02a0.js HTTP/1.1
Host: scripts.cleverwebserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:38 GMT
content-type: application/javascript
x-amz-id-2: sxVu4+9T52TCXw6V3gtZsVqvRG07eLGB309DH/RccqeaS43XaVltpXbXdUHeDjQQ1qWfHx1U3SE=
x-amz-request-id: P915BZCZ1FNFFRCA
last-modified: Wed, 31 Aug 2022 11:20:15 GMT
x-amz-version-id: sk1mRF9szwEsmjg.hvMRpnBNZ16QZFaU
etag: W/"adabd00c3a3b744ac869ecda76d1d796"
cf-cache-status: REVALIDATED
expires: Thu, 01 Sep 2022 23:47:38 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 7441b8759de4b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
core-call.production-eu-west-1.researchclever.com/?id=54027&c=NO&r=03&l=57&b=Firefox&os=Linux&mob=0&v=1.20.8&ref=aHR0cHM6Ly93d3cua29zc3lkZXJyaWNrZW50LmNvbS8yMDIyLzA4L2Jsb3dqb2IteWFjaHQtdmlkZW8taGVhdnl3ZWlnaHQuaHRtbA%3D%3D&ruri=&iv=-1&ctr=NO&sz=939
200 OK 43 B URL HTTP/2 core-call.production-eu-west-1.researchclever.com/?id=54027&c=NO&r=03&l=57&b=Firefox&os=Linux&mob=0&v=1.20.8&ref=aHR0cHM6Ly93d3cua29zc3lkZXJyaWNrZW50LmNvbS8yMDIyLzA4L2Jsb3dqb2IteWFjaHQtdmlkZW8taGVhdnl3ZWlnaHQuaHRtbA%3D%3D&ruri=&iv=-1&ctr=NO&sz=939
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /?id=54027&c=NO&r=03&l=57&b=Firefox&os=Linux&mob=0&v=1.20.8&ref=aHR0cHM6Ly93d3cua29zc3lkZXJyaWNrZW50LmNvbS8yMDIyLzA4L2Jsb3dqb2IteWFjaHQtdmlkZW8taGVhdnl3ZWlnaHQuaHRtbA%3D%3D&ruri=&iv=-1&ctr=NO&sz=939 HTTP/1.1
Host: core-call.production-eu-west-1.researchclever.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:39 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pukk9LUZ0WPAOsBDfr4nM48OtXf9NgAHbNEgVNg9EFfaeDOwgUBOCwclMNIjVVKp2twObCFoOjUWtAgG9G7SOC0N%2FBz7OouHoX2ZCyuc20UirRrswjAIC6fXehKWrSLkata%2BLLBquwHj2%2BWQQcvlYGZuZGdkC7pKln7DNJBjpVOKEqMv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7441b877a874fac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8257408fcb412c8f2671f7da0b42d751
4e904e013ffb119911b19114eb1993c4ffc74fd4
fb266729ee36ad1fe0a964047527361e900a3545bd531b3f5af008a5479e13ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB266729EE36AD1FE0A964047527361E900A3545BD531B3F5AF008A5479E13ED"
Last-Modified: Thu, 01 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10948
Expires: Fri, 02 Sep 2022 02:20:07 GMT
Date: Thu, 01 Sep 2022 23:17:39 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6611a729203a60c2980a5a631412c82b
6c7847069495c07f95aea23a3212372a3719f93b
76e1f502b17c27ab178ec6b9d683072498e5811d5ed944f11b268dcd71f7e2de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6611a729203a60c2980a5a631412c82b
6c7847069495c07f95aea23a3212372a3719f93b
76e1f502b17c27ab178ec6b9d683072498e5811d5ed944f11b268dcd71f7e2de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6611a729203a60c2980a5a631412c82b
6c7847069495c07f95aea23a3212372a3719f93b
76e1f502b17c27ab178ec6b9d683072498e5811d5ed944f11b268dcd71f7e2de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/-Q8OYMn-gaRU/Ywzyxw3SSRI/AAAAAAAAyzc/Lix7P6nQdIMoCKg4G8pWWWiUJPpgUmGxQCNcBGAsYHQ/w72-h72-p-k-no-nu/1661792963979302-0.png
200 OK 2.6 kB URL HTTP/2 lh3.googleusercontent.com/-Q8OYMn-gaRU/Ywzyxw3SSRI/AAAAAAAAyzc/Lix7P6nQdIMoCKg4G8pWWWiUJPpgUmGxQCNcBGAsYHQ/w72-h72-p-k-no-nu/1661792963979302-0.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 7e942289f7982c78436ccb5e206c4479
6da75a1bd559d1f36d68488f5e4cf67ddfe6fcf5
431324b6b308335cfc760b8b6a70c5708840074797274be5839814d0665cec40
GET /-Q8OYMn-gaRU/Ywzyxw3SSRI/AAAAAAAAyzc/Lix7P6nQdIMoCKg4G8pWWWiUJPpgUmGxQCNcBGAsYHQ/w72-h72-p-k-no-nu/1661792963979302-0.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1661792963979302-0.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2572
x-xss-protection: 0
date: Thu, 01 Sep 2022 20:50:25 GMT
expires: Tue, 30 Aug 2022 21:26:36 GMT
cache-control: public, max-age=86400, no-transform
age: 8834
etag: "vcb38"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-rCBOrFxME2M/Ywz5oGcjCyI/AAAAAAAAyzs/QMqT0eCBRic7shpa0NdD172Dn-ZrF26YACNcBGAsYHQ/w72-h72-p-k-no-nu/1661794716761713-0.png
200 OK 2.8 kB URL HTTP/2 lh3.googleusercontent.com/-rCBOrFxME2M/Ywz5oGcjCyI/AAAAAAAAyzs/QMqT0eCBRic7shpa0NdD172Dn-ZrF26YACNcBGAsYHQ/w72-h72-p-k-no-nu/1661794716761713-0.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 0624f8625075a93ffb587b94c737aa49
9678b9e2ae3a2a6e256b5a0cadd0bfae2ae27486
a4364ec424767935f08bfdcc224722114a336ea46015bb4e42047f39e27bf9bd
GET /-rCBOrFxME2M/Ywz5oGcjCyI/AAAAAAAAyzs/QMqT0eCBRic7shpa0NdD172Dn-ZrF26YACNcBGAsYHQ/w72-h72-p-k-no-nu/1661794716761713-0.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1661794716761713-0.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2821
x-xss-protection: 0
date: Thu, 01 Sep 2022 20:50:25 GMT
expires: Wed, 31 Aug 2022 07:40:05 GMT
cache-control: public, max-age=86400, no-transform
age: 8834
etag: "vcb3c"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-2gDWrsK_11k/YwiESBv-bpI/AAAAAAAAybc/WFMON28VbGkSrTqcdbLnJA3jYxaL7m6FwCNcBGAsYHQ/w72-h72-p-k-no-nu/1661502532321203-0.png
200 OK 2.0 kB URL HTTP/2 lh3.googleusercontent.com/-2gDWrsK_11k/YwiESBv-bpI/AAAAAAAAybc/WFMON28VbGkSrTqcdbLnJA3jYxaL7m6FwCNcBGAsYHQ/w72-h72-p-k-no-nu/1661502532321203-0.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 7357dd1426e7f016b313698090acfaa3
d7bececf233ae2ac90be5e34bd680edd5bd6fdec
3273d43d3c81dd6209ba47d602a81c69e00ba3bdd5e165f3e7156b6da0a7cebc
GET /-2gDWrsK_11k/YwiESBv-bpI/AAAAAAAAybc/WFMON28VbGkSrTqcdbLnJA3jYxaL7m6FwCNcBGAsYHQ/w72-h72-p-k-no-nu/1661502532321203-0.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1661502532321203-0.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1999
x-xss-protection: 0
date: Thu, 01 Sep 2022 20:50:25 GMT
expires: Sat, 27 Aug 2022 17:01:46 GMT
cache-control: public, max-age=86400, no-transform
age: 8834
etag: "vc9b9"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash f4f9dc502e2ff07dd351da7bbc20e323
739b6c8334472846232b84b99989be93dc1582d4
0852238945d340493f33e498b75a893d24681f2687fdc05349476faccf426efd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3723
Cache-Control: max-age=162198
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:39 GMT
Etag: "6311059e-1d7"
Expires: Sat, 03 Sep 2022 20:20:57 GMT
Last-Modified: Thu, 01 Sep 2022 19:18:54 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6611a729203a60c2980a5a631412c82b
6c7847069495c07f95aea23a3212372a3719f93b
76e1f502b17c27ab178ec6b9d683072498e5811d5ed944f11b268dcd71f7e2de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/-CT37OFKBVk0/Yw4ZkH3DZKI/AAAAAAAAy5A/ncIB3sNTFwAfb2LVL5qvEQodUqiUbGIcgCNcBGAsYHQ/w72-h72-p-k-no-nu/1661868423794076-0.png
200 OK 2.4 kB URL HTTP/2 lh3.googleusercontent.com/-CT37OFKBVk0/Yw4ZkH3DZKI/AAAAAAAAy5A/ncIB3sNTFwAfb2LVL5qvEQodUqiUbGIcgCNcBGAsYHQ/w72-h72-p-k-no-nu/1661868423794076-0.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash ecfe057e48b880fba49dc90765c45b1c
33c26ffad0306ac0bfb11cb306088ace46ba6d1f
9dcec561132ec83139595f37378d9f857117d027d0b469383cb387d495669498
GET /-CT37OFKBVk0/Yw4ZkH3DZKI/AAAAAAAAy5A/ncIB3sNTFwAfb2LVL5qvEQodUqiUbGIcgCNcBGAsYHQ/w72-h72-p-k-no-nu/1661868423794076-0.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1661868423794076-0.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2438
x-xss-protection: 0
date: Thu, 01 Sep 2022 19:33:58 GMT
expires: Fri, 02 Sep 2022 11:21:14 GMT
cache-control: public, max-age=86400, no-transform
age: 13421
etag: "vcb91"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Thu, 01 Sep 2022 22:41:12 GMT
expires: Fri, 02 Sep 2022 00:41:12 GMT
cache-control: public, max-age=7200
age: 2187
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-Yxvd3zTjWbQ/YliEPOWHVdI/AAAAAAAAmQY/oTEV0A_HbQoXOl2Y06XmqNBBM5ooRa6uwCNcBGAsYHQ/w72-h72-p-k-no-nu/1649968184392377-0.png
200 OK 4.7 kB URL HTTP/2 lh3.googleusercontent.com/-Yxvd3zTjWbQ/YliEPOWHVdI/AAAAAAAAmQY/oTEV0A_HbQoXOl2Y06XmqNBBM5ooRa6uwCNcBGAsYHQ/w72-h72-p-k-no-nu/1649968184392377-0.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash e496ba5787c1daeae4cc2149c1d701eb
5e56f0417af4545442a31f7a6ef37a9a125883fe
273aba5aebffbc62b8c29eddf18669a5a013f8b2c8d524cd8b3780537191fef9
GET /-Yxvd3zTjWbQ/YliEPOWHVdI/AAAAAAAAmQY/oTEV0A_HbQoXOl2Y06XmqNBBM5ooRa6uwCNcBGAsYHQ/w72-h72-p-k-no-nu/1649968184392377-0.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1649968184392377-0.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4680
x-xss-protection: 0
date: Thu, 01 Sep 2022 20:50:25 GMT
expires: Wed, 31 Aug 2022 03:30:28 GMT
cache-control: public, max-age=86400, no-transform
age: 8834
etag: "v9907"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-XIJMzcuwFpw/YmhfRxWWQdI/AAAAAAAAnHk/B8bLUF0pnBw74o4duO_yfDSZCz9E2UZBgCNcBGAsYHQ/w72-h72-p-k-no-nu/1651007166852674-0.png
200 OK 4.5 kB URL HTTP/2 lh3.googleusercontent.com/-XIJMzcuwFpw/YmhfRxWWQdI/AAAAAAAAnHk/B8bLUF0pnBw74o4duO_yfDSZCz9E2UZBgCNcBGAsYHQ/w72-h72-p-k-no-nu/1651007166852674-0.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash a0cd2d88594f3ba461eaa3bff58d5dd3
215e6e4b4ce89272d2205fb5ae90e1041926ea2c
683125f7e05e121fe2418e9610e86f5fc3db3c7d7084af4f4bc70d614a1de323
GET /-XIJMzcuwFpw/YmhfRxWWQdI/AAAAAAAAnHk/B8bLUF0pnBw74o4duO_yfDSZCz9E2UZBgCNcBGAsYHQ/w72-h72-p-k-no-nu/1651007166852674-0.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1651007166852674-0.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4504
x-xss-protection: 0
date: Thu, 01 Sep 2022 20:50:25 GMT
expires: Wed, 11 May 2022 15:46:36 GMT
cache-control: public, max-age=86400, no-transform
age: 8834
etag: "v9c7a"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-QC_b-eeCIOs/Ywz1eyY9oFI/AAAAAAAAyzk/N_JpK9gU2isnJgUwZeGLF0gHOGZE6fhRwCNcBGAsYHQ/w72-h72-p-k-no-nu/1661793656203029-0.png
200 OK 2.1 kB URL HTTP/2 lh3.googleusercontent.com/-QC_b-eeCIOs/Ywz1eyY9oFI/AAAAAAAAyzk/N_JpK9gU2isnJgUwZeGLF0gHOGZE6fhRwCNcBGAsYHQ/w72-h72-p-k-no-nu/1661793656203029-0.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash e76e52a933dd32b1072b772dbc37cac2
74fb917073575cafedf1b6e14f678d590fe6e251
c19d8710ae6417d04ebe5d3f45a944e99484b20c073ccbefa50a07b8bc55c9f6
GET /-QC_b-eeCIOs/Ywz1eyY9oFI/AAAAAAAAyzk/N_JpK9gU2isnJgUwZeGLF0gHOGZE6fhRwCNcBGAsYHQ/w72-h72-p-k-no-nu/1661793656203029-0.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1661793656203029-0.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2084
x-xss-protection: 0
date: Thu, 01 Sep 2022 23:17:39 GMT
expires: Tue, 30 Aug 2022 20:36:39 GMT
cache-control: public, max-age=86400, no-transform
etag: "vcb3a"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6611a729203a60c2980a5a631412c82b
6c7847069495c07f95aea23a3212372a3719f93b
76e1f502b17c27ab178ec6b9d683072498e5811d5ed944f11b268dcd71f7e2de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/-hmhmP9izJD8/Yw79k3rVPQI/AAAAAAAAy8o/31VKlH3ks0U4N2MvR6hyfHharS_iveoCwCNcBGAsYHQ/s1600/1661926799624238-0.png
200 OK 263 kB URL HTTP/2 lh3.googleusercontent.com/-hmhmP9izJD8/Yw79k3rVPQI/AAAAAAAAy8o/31VKlH3ks0U4N2MvR6hyfHharS_iveoCwCNcBGAsYHQ/s1600/1661926799624238-0.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1600x1067, components 3\012- data
Size 263 kB (263267 bytes)
Hash 6b0a4b54cf2f42bd0de2d22981be2cec
d128170238165411a4bf06bc8886ddde10414c99
07428c9b9bda6a1e8bdb00cad4b9f6fc143f27bead8091e92e6b3ca2c652e448
GET /-hmhmP9izJD8/Yw79k3rVPQI/AAAAAAAAy8o/31VKlH3ks0U4N2MvR6hyfHharS_iveoCwCNcBGAsYHQ/s1600/1661926799624238-0.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1661926799624238-0.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 263267
x-xss-protection: 0
date: Thu, 01 Sep 2022 19:43:47 GMT
expires: Thu, 01 Sep 2022 07:12:21 GMT
cache-control: public, max-age=86400, no-transform
age: 12832
etag: "vcbcb"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-l72qVZBGN5k/Ymje7v5KAiI/AAAAAAAAnHs/AJUMGn1tS1MMHByCvos7uhYt6TIVBVXPQCNcBGAsYHQ/w72-h72-p-k-no-nu/1651039847032233-0.png
200 OK 2.8 kB URL HTTP/2 lh3.googleusercontent.com/-l72qVZBGN5k/Ymje7v5KAiI/AAAAAAAAnHs/AJUMGn1tS1MMHByCvos7uhYt6TIVBVXPQCNcBGAsYHQ/w72-h72-p-k-no-nu/1651039847032233-0.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 435a9c573fedac14479e3b8850ec59f4
36e27fb61304811d65612918ee1682055488a829
edad3917be502209ebcf39601e23df542dd420cb57877ec5bc866ed1237ae9b1
GET /-l72qVZBGN5k/Ymje7v5KAiI/AAAAAAAAnHs/AJUMGn1tS1MMHByCvos7uhYt6TIVBVXPQCNcBGAsYHQ/w72-h72-p-k-no-nu/1651039847032233-0.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1651039847032233-0.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2794
x-xss-protection: 0
date: Thu, 01 Sep 2022 20:50:25 GMT
expires: Tue, 03 May 2022 06:38:17 GMT
cache-control: public, max-age=86400, no-transform
age: 8834
etag: "v9c7c"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-T4xYTfBaqb8/YmjjrG9SIcI/AAAAAAAAnH4/Iqv7bjD1psQACEiGk8CVbqwqCm-Go4X6QCNcBGAsYHQ/w72-h72-p-k-no-nu/1651041060776895-0.png
200 OK 3.2 kB URL HTTP/2 lh3.googleusercontent.com/-T4xYTfBaqb8/YmjjrG9SIcI/AAAAAAAAnH4/Iqv7bjD1psQACEiGk8CVbqwqCm-Go4X6QCNcBGAsYHQ/w72-h72-p-k-no-nu/1651041060776895-0.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 0cfb83d6ae9aa9fe6843c080586e858a
ecc5e62610a681c55d460ca8c76db507423c4916
7d553a3cde2aded39f139e8f370558bf3523d5733f3cc56d592b1611c9143fdc
GET /-T4xYTfBaqb8/YmjjrG9SIcI/AAAAAAAAnH4/Iqv7bjD1psQACEiGk8CVbqwqCm-Go4X6QCNcBGAsYHQ/w72-h72-p-k-no-nu/1651041060776895-0.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1651041060776895-0.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3231
x-xss-protection: 0
date: Thu, 01 Sep 2022 20:50:25 GMT
expires: Tue, 21 Jun 2022 07:27:13 GMT
cache-control: public, max-age=86400, no-transform
age: 8834
etag: "v9c80"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-TshoYyQPzpI/YhX1UElBjII/AAAAAAAAjxE/MyANH2IePbcVyb9PZO8CHd_5l9A4lyZSQCNcBGAsYHQ/w72-h72-p-k-no-nu/1645606119535103-0.png
200 OK 4.2 kB URL HTTP/2 lh3.googleusercontent.com/-TshoYyQPzpI/YhX1UElBjII/AAAAAAAAjxE/MyANH2IePbcVyb9PZO8CHd_5l9A4lyZSQCNcBGAsYHQ/w72-h72-p-k-no-nu/1645606119535103-0.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash c1eeda63a4502664fe499b56972fa2c1
7bc4bf3ffe5d29edd7a2b01e670ae3ba80db119f
0d0d225c020fbd017c7dddcc86993c372755d5d251efa47d1a2c78fd3e1f7bd9
GET /-TshoYyQPzpI/YhX1UElBjII/AAAAAAAAjxE/MyANH2IePbcVyb9PZO8CHd_5l9A4lyZSQCNcBGAsYHQ/w72-h72-p-k-no-nu/1645606119535103-0.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1645606119535103-0.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4165
x-xss-protection: 0
date: Thu, 01 Sep 2022 20:50:25 GMT
expires: Wed, 01 Jun 2022 01:01:17 GMT
cache-control: public, max-age=86400, no-transform
age: 8834
etag: "v8f13"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP
File type ASCII text, with very long lines (1961)
Hash cb1ba173fdd8d7c2f72e1b2ed98149f1
adbad8788f1e6cfd8682eb32879f4d01ba415b4d
be47d854a583ddd568d8199e87ca0d04900527fdfaad18b06b578df2996665c7
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 3fa9ad58b167e68bf7b7cbe0a0ef19d7
etag: "d3dbbe0f3d87943b8b9af6fdaf414bd9"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 01 Sep 2022 23:35:18 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: yxuhc/3Y18L3Lhsu2YFJ8Q==
x-fb-debug: ovtG8TevGD1R/MYLmsVCn06fSxlKO/sKB/fE2M3GlZ/Iuk0dy34Jjf0nN2EqULAtLiWIWJD2qV0jpF7HrNp1Gw==
content-length: 1687
x-fb-trip-id: 1904183273
date: Thu, 01 Sep 2022 23:17:39 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
runningangular.com/d0/72/1b/d0721bb0ce3e3cc9d2e21dc1f9bf3dce.js
200 OK 13 kB URL HTTP/1.1 runningangular.com/d0/72/1b/d0721bb0ce3e3cc9d2e21dc1f9bf3dce.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37121), with no line terminators
Hash 61c376361c97e6d97936a3a8820effba
6ad7cda446533f28b4faf7da08e0da1c46e2a5fb
0e8fe5e8353171b7272405d0f09434ad050b34c20f37e6e0ee7148d21d6f56a0
Analyzer Verdict Alert quad9 Sinkholed
GET /d0/72/1b/d0721bb0ce3e3cc9d2e21dc1f9bf3dce.js HTTP/1.1
Host: runningangular.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 23:17:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 960940c571bb65c0bcb3ec119cf50742
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6611a729203a60c2980a5a631412c82b
6c7847069495c07f95aea23a3212372a3719f93b
76e1f502b17c27ab178ec6b9d683072498e5811d5ed944f11b268dcd71f7e2de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
200 OK 5.1 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
IP
File type ASCII text, with very long lines (17660)
Hash abe1df98b6ab4644bd567e6669d0da03
27e3bf22ef08b7ca0090721ed31b4f921d278e7c
cd40ba7dbf63d67511c0fd56b7e5327dbedb43d15c439d79a8aacb6377059540
GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 5117
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-45f4"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7355921
expires: Tue, 22 Aug 2023 23:17:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMu%2Bw2hDp4Wxn%2BEJJklbgRjGKsoZYsz%2B6k79chJ8%2BdwV3HkTeQCdCByQ3jjew%2B403xpbfIVJvWocIlTUDoC4BDefXTP%2BkGKNNVPu%2BOS6zyxEJlc3JA2K0Ue%2FLI%2FIcv4bRKiw27BG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7441b87aebfeb4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash f4f9dc502e2ff07dd351da7bbc20e323
739b6c8334472846232b84b99989be93dc1582d4
0852238945d340493f33e498b75a893d24681f2687fdc05349476faccf426efd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3723
Cache-Control: max-age=162198
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:39 GMT
Etag: "6311059e-1d7"
Expires: Sat, 03 Sep 2022 20:20:57 GMT
Last-Modified: Thu, 01 Sep 2022 19:18:54 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html
200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 09a8bd805dba1307ae0bd76a0c9ca73d
bdc16e7610abae944da47ff3a0e5fea818241fb0
e3978f36e9c5f0b909ed64015db629e2c64b46e75d165c6d1d146fcb792cdbde
GET /pagead/html/r20220831/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4412
x-xss-protection: 0
date: Wed, 31 Aug 2022 23:39:48 GMT
expires: Wed, 14 Sep 2022 23:39:48 GMT
cache-control: public, max-age=1209600
etag: 8616628553774171045
content-type: text/html; charset=UTF-8
age: 85071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 24da99bbb6147610a3cb3ea7b826a240
5314c5d75d0cab943686cafea7dc6b4066871056
aff69a9dd0a19991fc9cafa62778c5b8382961f7ac0af625a9d714ce8721ff0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-REV7T27PYF>m=2oe8v0&_p=839553060&cid=962608920.1662074258&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662074258&sct=1&seg=0&dl=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&dt=BLOWJOB%20YACHT%20VIDEO%3A%20Heavyweight%20champion%2C%20Conor%20McGregor%2C%20leaks%20and%20shares%20cryptic%20sex%20video%20of%20him%20getting%20intimate%20head%20from%20a%20mysterious%20lady%20on%20a%20boat%20while%20listening%20to%20Rehab%20(Winter%20in%20Paris)%20by%20Brent%20Faiyaz&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-REV7T27PYF>m=2oe8v0&_p=839553060&cid=962608920.1662074258&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662074258&sct=1&seg=0&dl=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&dt=BLOWJOB%20YACHT%20VIDEO%3A%20Heavyweight%20champion%2C%20Conor%20McGregor%2C%20leaks%20and%20shares%20cryptic%20sex%20video%20of%20him%20getting%20intimate%20head%20from%20a%20mysterious%20lady%20on%20a%20boat%20while%20listening%20to%20Rehab%20(Winter%20in%20Paris)%20by%20Brent%20Faiyaz&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-REV7T27PYF>m=2oe8v0&_p=839553060&cid=962608920.1662074258&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662074258&sct=1&seg=0&dl=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&dt=BLOWJOB%20YACHT%20VIDEO%3A%20Heavyweight%20champion%2C%20Conor%20McGregor%2C%20leaks%20and%20shares%20cryptic%20sex%20video%20of%20him%20getting%20intimate%20head%20from%20a%20mysterious%20lady%20on%20a%20boat%20while%20listening%20to%20Rehab%20(Winter%20in%20Paris)%20by%20Brent%20Faiyaz&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.kossyderrickent.com
date: Thu, 01 Sep 2022 23:17:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 003e8a2cb35bb65683fccbf8bf7a9797
b26fbc7607825162686c7e164d51956addeb1a6c
a71ec1144878270f76c09c51967a1d24b7d82dd700e83216be1e814a74796403
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wrappers.geoedge.be/wrapper.html
200 OK 3.1 kB URL HTTP/2 wrappers.geoedge.be/wrapper.html
IP
File type HTML document, ASCII text, with very long lines (3120)
Hash 4a6c546fe449447f2a620613c0655458
9e018f64448f95d4a8c4418738a365fd2487a37e
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
GET /wrapper.html HTTP/1.1
Host: wrappers.geoedge.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 3121
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Mon, 12 Apr 2021 12:46:04 GMT
x-amz-version-id: gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Sep 2022 02:19:08 GMT
etag: "4a6c546fe449447f2a620613c0655458"
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -UayZd9qq7HBYTK9-_ltnann627XF0e2FUF1aFvc0k2M1RrqTEhq4Q==
age: 75538
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=7c5ff32a985f118d6d2af76196a9cf9d
200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=7c5ff32a985f118d6d2af76196a9cf9d
IP
File type ASCII text, with very long lines (13115)
Hash a0554d63004c208b5480f289d1983ba0
d152b3e96e9d05ea0058c29546f3ff5906755603
ab5ab22ba0f6520e146990d2ca486995874afd22134f6f346731adce5333ed9e
GET /en_US/sdk.js?hash=7c5ff32a985f118d6d2af76196a9cf9d HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 80ebddf41141958b02b76dfe71d19e28
etag: "f4ff6164c21ddcd3b73518b2b90c924c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Sep 2023 19:15:47 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: oFVNYwBMIItUgPKJ0Zg7oA==
x-fb-debug: xwuxj6y0SKCIv+h7Tan7pgoSWcyHtTkacXq0EG+QR3XXqDGMlgyZDWs8cvUM5n9sy6mAWvQqmc0DMlCS7VwkdQ==
priority: u=3,i
content-length: 86674
x-fb-trip-id: 1904183273
date: Thu, 01 Sep 2022 23:17:39 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7959
Expires: Fri, 02 Sep 2022 01:30:18 GMT
Date: Thu, 01 Sep 2022 23:17:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7959
Expires: Fri, 02 Sep 2022 01:30:18 GMT
Date: Thu, 01 Sep 2022 23:17:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0c1e7f6c9e17585905fdbe9ae4da50b
67192f5be476ac4dada66dc9fbe26469d62e2d78
21ca880b36bbb7791f8df2bf9830f11a960692123dd6dde5be42bda004dc428b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9642
x-amzn-requestid: 52c698d7-6419-4614-9c53-68a265266337
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjbEvgoAMFkKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-547a72850cce71da013383f5;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: I3pDTq3EeJJtzJFsAFaym7cV5nCrwFailDRzgA3QkAFOYj3xV43v2w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
etag: "67192f5be476ac4dada66dc9fbe26469d62e2d78"
content-type: image/jpeg
age: 6013
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9de9889-f1f6-417e-954b-af2056b62982.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9de9889-f1f6-417e-954b-af2056b62982.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e10519422b7ff91c72bcf2234cea36cf
63cff2232383d9d7f2371d1f60cf7923b629fc82
71a4bfc0031e0f6152c441f4bf413c6e953f38a587a95900f3a6c63beecafb4b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9de9889-f1f6-417e-954b-af2056b62982.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12204
x-amzn-requestid: 5293c66e-68d3-472a-a6d2-69f161262f26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMLDGK6oAMFTzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112713-66d01d9c2d12d55c465c5108;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:41:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cH0sSIFu5fSPywh8xnc0AHgD053jRBz3QLBSCk0IkcQwez-1M9hCJQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:54:18 GMT
age: 5001
etag: "63cff2232383d9d7f2371d1f60cf7923b629fc82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: n6DJbsUGTdXT42cNLTDq6Uz28H2SDhwq6drdKP4axAHsBz471X7r_g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
age: 6013
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdec8409-e401-4b73-bbb3-47aa626edd42.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdec8409-e401-4b73-bbb3-47aa626edd42.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37fee36d8fd409ea63dd4a26dee39510
6b00992edf40eb957e6900d592ebcb0c5e611944
a36b1bf6a3bedcb0d842b29538ce966ebb37e5c371d5dca74ee1634f29799065
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdec8409-e401-4b73-bbb3-47aa626edd42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9200
x-amzn-requestid: 5a10ba85-af61-4f8d-a293-38d8c028fb9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTWaEzIIAMF_zQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c65c2-17f7c0552179175c3400a90d;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:07:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XpYmO0TCEjKO8Hne0Yj_xW4u-mWo6csij2GD0m9GYAY-m7Ryfcg2HQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 08:43:28 GMT
age: 52451
etag: "6b00992edf40eb957e6900d592ebcb0c5e611944"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd29a2d-3498-41a7-af26-6104f50c81c8.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd29a2d-3498-41a7-af26-6104f50c81c8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25983224daee47c629690b65e7db685b
6f144e4e28ba6dfb56860b187a224cfbc23b50bb
2ada67937844f22cf524d39cf034ae5e49dd892c4b2e70af31cec62c747e3762
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd29a2d-3498-41a7-af26-6104f50c81c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10015
x-amzn-requestid: 28b44607-90c3-42b0-9a47-5ffd4f670347
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLlfGBqIAMFWqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112622-38788fd737d1b6a35acc1fee;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ewn6Zur0bM9apclbO-0bIZV6NbnBIGAxuUtPQZBq-2f-SERyxA_w3Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:51 GMT
etag: "6f144e4e28ba6dfb56860b187a224cfbc23b50bb"
content-type: image/jpeg
age: 5988
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46f649a4-e4bd-4029-a6eb-fb8b7b66d943.jpeg
200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46f649a4-e4bd-4029-a6eb-fb8b7b66d943.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1594505ac80a2d787d918c39c8ddc7d1
9df71dbf1cfc4501fe364875aec931b1d4cf966b
eadc0f6f8ffb5337db910ddc8e73040a9d000c8af3f61ff57e901e5a45f9d9c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46f649a4-e4bd-4029-a6eb-fb8b7b66d943.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3283
x-amzn-requestid: 8567846c-e747-40ce-9129-72714bb0ef33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMBqF5CIAMFnzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126d7-2726b25630a7935048414ad9;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nX9drLFEO1J-Kb2E5t2qrr3pkpyxlL5KTqvKLKhycFLeYUV0ns7UcA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:10:09 GMT
age: 4050
etag: "9df71dbf1cfc4501fe364875aec931b1d4cf966b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d2b796aa033eba4a9997440c704b7275
de102987f0fa9e65d80cf0f3b250f78e3956431d
bd941f283ab06f7fc92e08b1b01a443f2bd7da9d6b2488277374563a098e450a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3704
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:40 GMT
Last-Modified: Thu, 01 Sep 2022 22:15:56 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-150405982-1&cid=962608920.1662074258&jid=557324871&gjid=989083612&_gid=1664034599.1662074259&_u=YADAAUABAAAAAC~&z=2088449994
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-150405982-1&cid=962608920.1662074258&jid=557324871&gjid=989083612&_gid=1664034599.1662074259&_u=YADAAUABAAAAAC~&z=2088449994
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-150405982-1&cid=962608920.1662074258&jid=557324871&gjid=989083612&_gid=1664034599.1662074259&_u=YADAAUABAAAAAC~&z=2088449994 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.kossyderrickent.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 01 Sep 2022 23:17:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.kossyderrickent.com
200 OK 48 kB URL HTTP/2 quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.kossyderrickent.com
IP
Hash 52394993e61ac8483d501659b624064a
0a5976cc1aca14a38efbadea31d18dc1648e4093
8a0226dfed2124593eba859782a7fb3f07fcd4f5d8ad98b570108d6d348256f1
GET /tcfv2/cmp2.js?referer=www.kossyderrickent.com HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
last-modified: Tue, 02 Aug 2022 14:10:55 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-qc-ineu: True
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Thu, 01 Sep 2022 23:17:01 GMT
cache-control: max-age=3600
etag: W/"805f78a1dab7fe51dfcd464bfbbbcf04"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SNJLKq0G1DbCuEAVCF3s3pvvOrUEpLlxB-oon9h2kh8SKYUioVfI4Q==
age: 45
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
200 OK 10 kB URL HTTP/2 secure.quantserve.com/quant.js
IP
Hash 438990ecf5ea46174c954da72a067375
da44118c797b189cae642017b466bb19ba6a4b71
d455098632fc63d4a1fe6bf9ded6a7a85c7e92551aa92314a65ac0f5f68d7d62
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:40 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "TFjIU174W8I7nbu1DVEZpA=="
expires: Thu, 08 Sep 2022 23:17:40 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 1.1 kB IP
Hash acb2209f8ed83d2ce437e7fd9e7a1998
53efba9eab21e0cd3edd9a2f98bcf890efdc460e
7bd5f3b94b17f7986246f8ea49320dae8eebfa68b9fe420302e4e313128751ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 77dcbad667fa753223ab404f9e5efc2e
8aa7da6ed9b77d478e9205e41c8b6fe0a973ae70
0a59d091c042b60cb2193e33754db4e8c2fd7c8e4abd5150a72db06cdc661a94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 67921e2bd7c620bdd4db5ed1e73d3146
1deaa030ab490c63f94bde4c7ada5e2f849fb506
7fcee2496cdc63c9779941621d9e61acd006910947ccb6c7e98f383b0bf4574c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 77dcbad667fa753223ab404f9e5efc2e
8aa7da6ed9b77d478e9205e41c8b6fe0a973ae70
0a59d091c042b60cb2193e33754db4e8c2fd7c8e4abd5150a72db06cdc661a94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
200 OK 42 kB URL HTTP/2 cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65512), with no line terminators
Hash 481b0ee69d056ed62d2ae62ef00d1280
dcadb2a74b945d7f48b48bc6e98852fb13e07c5b
1edafa9a8150cf0927f8f154d9f70460ae5af52f92636a550912d4b88314fee4
GET /GVL-v2/vendor-list-trimmed-v1.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Thu, 01 Sep 2022 03:00:41 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Thu, 01 Sep 2022 03:00:31 GMT
etag: W/"935df8e032214d535073ea34e7fad004"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Dii1zVY5Xfpkh2937CQnPj2We2MZITJsZmxaTkB4M3lf93CD4G1DNw==
age: 73020
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/google-atp-list.json
200 OK 37 kB URL HTTP/2 cmp.quantcast.com/tcfv2/google-atp-list.json
IP
Hash 5af2219809dbafe976e700abf3208c10
ed8f3fc8d48acce82f8f63add90b20a87cefe64e
ff66823e1d04cfb84926920e2f2937f6521daeb79aab90f03c55b50f34441a93
GET /tcfv2/google-atp-list.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Thu, 01 Sep 2022 03:03:41 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Thu, 01 Sep 2022 03:03:36 GMT
etag: W/"483e3c223f50692e326e740a4b72be5b"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: y9HwtDaYeg4pFza7Sn66giOuwP9lGuOLJiTKvPyVzErOJV_RpgtgrQ==
age: 72839
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-150405982-1&cid=962608920.1662074258&jid=1731367950&_u=IADAAEAAAAAAAC~&z=764581614
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-150405982-1&cid=962608920.1662074258&jid=1731367950&_u=IADAAEAAAAAAAC~&z=764581614
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-150405982-1&cid=962608920.1662074258&jid=1731367950&_u=IADAAEAAAAAAAC~&z=764581614 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 23:17:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-150405982-1&cid=962608920.1662074258&jid=1731367950&_u=IADAAEAAAAAAAC~&z=764581614
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-150405982-1&cid=962608920.1662074258&jid=1731367950&_u=IADAAEAAAAAAAC~&z=764581614
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-150405982-1&cid=962608920.1662074258&jid=1731367950&_u=IADAAEAAAAAAAC~&z=764581614 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 23:17:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 77dcbad667fa753223ab404f9e5efc2e
8aa7da6ed9b77d478e9205e41c8b6fe0a973ae70
0a59d091c042b60cb2193e33754db4e8c2fd7c8e4abd5150a72db06cdc661a94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dc076b754adaddcb000f3f987b6c5df2
01e9b40591692b8b2a6a94729e9481c7e600d248
9dbf2e71e1cbad91a71154b729e8ef496eda7544828a8bfd4f64e6dd70c4f64d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22cJsduNRegvC-s%22%2C%22domain%22%3A%22www.kossyderrickent.com%22%2C%22publisher%22%3A%22www.kossyderrickent.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.43%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22wh2sDAnpZVUEmFj0Fq9uFw%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1662074259771%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-74dr1lts6ld3r32xw2z8%22%7D
200 OK 2 B URL HTTP/2 audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22cJsduNRegvC-s%22%2C%22domain%22%3A%22www.kossyderrickent.com%22%2C%22publisher%22%3A%22www.kossyderrickent.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.43%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22wh2sDAnpZVUEmFj0Fq9uFw%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1662074259771%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-74dr1lts6ld3r32xw2z8%22%7D
IP
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /?log=%7B%22accountId%22%3A%22cJsduNRegvC-s%22%2C%22domain%22%3A%22www.kossyderrickent.com%22%2C%22publisher%22%3A%22www.kossyderrickent.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.43%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22wh2sDAnpZVUEmFj0Fq9uFw%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1662074259771%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-74dr1lts6ld3r32xw2z8%22%7D HTTP/1.1
Host: audit-tcfv2.cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:40 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 344d7b1dbb5a0ee11f638a0e43419479
2cc35592e4f96332a889de7cbdd543ba6f8928fa
0ae80e4996e45704150c5eb75b91b3fbed8f8943b94fc54cf936443e24b7fbba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0AE80E4996E45704150C5EB75B91B3FBED8F8943B94FC54CF936443E24B7FBBA"
Last-Modified: Wed, 31 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2976
Expires: Fri, 02 Sep 2022 00:07:16 GMT
Date: Thu, 01 Sep 2022 23:17:40 GMT
Connection: keep-alive
www.effectivedisplayformats.com/2e023d41034d8a99bfd2808771c96ed0/invoke.js
200 OK 9.8 kB URL HTTP/1.1 www.effectivedisplayformats.com/2e023d41034d8a99bfd2808771c96ed0/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (27004), with no line terminators
Hash 1dc784f7918e5b07c9be21be20415762
5cdb0ce96d24938a02531d45b2f0999890ab2722
061e0dfa5b738cb304c77f73688221d47f0f6d652ee049513f681358b5e1aa81
Analyzer Verdict Alert quad9 Sinkholed
GET /2e023d41034d8a99bfd2808771c96ed0/invoke.js HTTP/1.1
Host: www.effectivedisplayformats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 23:17:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9e967e44258fc30def5b439a5eda89a0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
translate.googleapis.com/translate_static/css/translateelement.css
200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 23:03:46 GMT
expires: Fri, 02 Sep 2022 00:03:46 GMT
cache-control: public, max-age=3600
age: 835
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash b019ba472c2b1d5491e5e72c150878a2
e7e764d18764fcbf7a6d6440d740d3cbd916468e
4076ef6e1b3d631468ed0e3a567dfa4c1c4de437852eada1cc658b3640cdad69
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 01 Sep 2022 23:17:41 GMT
Last-Modified: Thu, 01 Sep 2022 21:58:24 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0W6kVeKKwDac262BWjWDQTaPPyrD3ZVyZgxWbJ87MwxcgW1Nj6l65w==
Age: 4757
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 8378147b79c48717869deecb1cff8e0f
2d0fe429a53fd99b3258d28239d05fd66cc2c0cf
abfcb94d80b4ee482a339ea48f8ba139803ce5cb5095fe7467680bf3ef90951e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:41 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.kossyderrickent.com
access-control-allow-credentials: true
set-cookie: uid_id2=459cd32b-0428-4bcf-837d-b55e7f4841e0:1:1; expires=Sun, 29 Aug 2032 23:17:41 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 20f0e48ee1ba43a4fba4c87f1411722f
ce0ff86e31dc6b8db2f7e88dd4fc1514ad51457f
05ef71f114f11f844d97701a99963974025d24f2cb9113d4a4a81fd591ae2681
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05EF71F114F11F844D97701A99963974025D24F2CB9113D4A4A81FD591AE2681"
Last-Modified: Thu, 01 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3272
Expires: Fri, 02 Sep 2022 00:12:13 GMT
Date: Thu, 01 Sep 2022 23:17:41 GMT
Connection: keep-alive
www.effectivedisplayformats.com/2e023d41034d8a99bfd2808771c96ed0/invoke.js
200 OK 9.8 kB URL HTTP/1.1 www.effectivedisplayformats.com/2e023d41034d8a99bfd2808771c96ed0/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26994), with no line terminators
Hash 4619abcdccc1574920416eb4de76ea07
0d8109669360121082708e950b770ab6db0b8cd1
efbd8f56f442a1e1285c8c7ad66d71de9444226d1a8216f24773f8148ea1ca1a
Analyzer Verdict Alert quad9 Sinkholed
GET /2e023d41034d8a99bfd2808771c96ed0/invoke.js HTTP/1.1
Host: www.effectivedisplayformats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 23:17:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4a2387cb369b1c160142fe1256c316a9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
limitationvolleyballdejected.com/watch.1406582996038.js?key=2e023d41034d8a99bfd2808771c96ed0&kw=%5B%22blowjob%22%2C%22yacht%22%2C%22video%22%2C%22heavyweight%22%2C%22champion%22%2C%22conor%22%2C%22mcgregor%22%2C%22leaks%22%2C%22and%22%2C%22shares%22%2C%22cryptic%22%2C%22sex%22%2C%22video%22%2C%22of%22%2C%22him%22%2C%22getting%22%2C%22intimate%22%2C%22head%22%2C%22from%22%2C%22a%22%2C%22mysterious%22%2C%22lady%22%2C%22on%22%2C%22a%22%2C%22boat%22%2C%22while%22%2C%22listening%22%2C%22to%22%2C%22rehab%22%2C%22winter%22%2C%22in%22%2C%22paris%22%2C%22by%22%2C%22brent%22%2C%22faiyaz%22%5D&refer=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&tz=0&dev=r&res=12.31&uuid=459cd32b-0428-4bcf-837d-b55e7f4841e0%3A1%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 limitationvolleyballdejected.com/watch.1406582996038.js?key=2e023d41034d8a99bfd2808771c96ed0&kw=%5B%22blowjob%22%2C%22yacht%22%2C%22video%22%2C%22heavyweight%22%2C%22champion%22%2C%22conor%22%2C%22mcgregor%22%2C%22leaks%22%2C%22and%22%2C%22shares%22%2C%22cryptic%22%2C%22sex%22%2C%22video%22%2C%22of%22%2C%22him%22%2C%22getting%22%2C%22intimate%22%2C%22head%22%2C%22from%22%2C%22a%22%2C%22mysterious%22%2C%22lady%22%2C%22on%22%2C%22a%22%2C%22boat%22%2C%22while%22%2C%22listening%22%2C%22to%22%2C%22rehab%22%2C%22winter%22%2C%22in%22%2C%22paris%22%2C%22by%22%2C%22brent%22%2C%22faiyaz%22%5D&refer=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&tz=0&dev=r&res=12.31&uuid=459cd32b-0428-4bcf-837d-b55e7f4841e0%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1406582996038.js?key=2e023d41034d8a99bfd2808771c96ed0&kw=%5B%22blowjob%22%2C%22yacht%22%2C%22video%22%2C%22heavyweight%22%2C%22champion%22%2C%22conor%22%2C%22mcgregor%22%2C%22leaks%22%2C%22and%22%2C%22shares%22%2C%22cryptic%22%2C%22sex%22%2C%22video%22%2C%22of%22%2C%22him%22%2C%22getting%22%2C%22intimate%22%2C%22head%22%2C%22from%22%2C%22a%22%2C%22mysterious%22%2C%22lady%22%2C%22on%22%2C%22a%22%2C%22boat%22%2C%22while%22%2C%22listening%22%2C%22to%22%2C%22rehab%22%2C%22winter%22%2C%22in%22%2C%22paris%22%2C%22by%22%2C%22brent%22%2C%22faiyaz%22%5D&refer=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&tz=0&dev=r&res=12.31&uuid=459cd32b-0428-4bcf-837d-b55e7f4841e0%3A1%3A1 HTTP/1.1
Host: limitationvolleyballdejected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Thu, 01 Sep 2022 23:17:41 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.kossyderrickent.com
Access-Control-Allow-Origin: https://www.kossyderrickent.com
Access-Control-Allow-Credentials: true
Location: https://limitationvolleyballdejected.com/watch.1406582996038.js?key=2e023d41034d8a99bfd2808771c96ed0&kw=%5B%22blowjob%22%2C%22yacht%22%2C%22video%22%2C%22heavyweight%22%2C%22champion%22%2C%22conor%22%2C%22mcgregor%22%2C%22leaks%22%2C%22and%22%2C%22shares%22%2C%22cryptic%22%2C%22sex%22%2C%22video%22%2C%22of%22%2C%22him%22%2C%22getting%22%2C%22intimate%22%2C%22head%22%2C%22from%22%2C%22a%22%2C%22mysterious%22%2C%22lady%22%2C%22on%22%2C%22a%22%2C%22boat%22%2C%22while%22%2C%22listening%22%2C%22to%22%2C%22rehab%22%2C%22winter%22%2C%22in%22%2C%22paris%22%2C%22by%22%2C%22brent%22%2C%22faiyaz%22%5D&refer=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&tz=0&dev=r&res=12.31&uuid=459cd32b-0428-4bcf-837d-b55e7f4841e0%3A1%3A1&shu=add158a2f3517e8fe9efc6f8116824984ae8bcb3d3b666d01908203bf131c7bde9c95b4a02d1bc685f278a1e81ae8688e5f2f1a891621680d7d58aca6f1d7a9322488a6801b5344e4b3f3267b50c5bb5c5bc081e&pst=1662074321&rmtc=t
Set-Cookie: u_pl=17118902; expires=Fri, 02 Sep 2022 23:17:41 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzExODkwMiwiayI6IjJlMDIzZDQxMDM0ZDhhOTliZmQyODA4NzcxYzk2ZWQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzc4MjIzLCJwaWQiOjIyOTc3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJwd3k5cTEyZSIsImNwa3MiOnsgIjI4IjoiOGFhZWY1ZDIyOWMxMWFmMzQ2MjAxMmU2ZDIyM2IxYmQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5rb3NzeWRlcnJpY2tlbnQuY29tLzIwMjIvMDgvYmxvd2pvYi15YWNodC12aWRlby1oZWF2eXdlaWdodC5odG1sIn19.7_-zs-AEqjMizwdFqH3P6Hr5WIBwriK8T_Omk1bxYCk; expires=Thu, 01 Sep 2022 23:18:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8c2df79877ce504fc515ecc01009fd7d
Strict-Transport-Security: max-age=0; includeSubdomains
limitationvolleyballdejected.com/8a/ae/f5/8aaef5d229c11af3462012e6d223b1bd.js
200 OK 29 kB URL HTTP/1.1 limitationvolleyballdejected.com/8a/ae/f5/8aaef5d229c11af3462012e6d223b1bd.js
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash ccff6bd093ee668310b9558c35a2cd10
4db78375346479b6c266e3c25f3926ee6813656f
e27d45dc7db2705cfec19800ddc82cc6519c983a1181df40a14c9cec60383819
Analyzer Verdict Alert quad9 Sinkholed
GET /8a/ae/f5/8aaef5d229c11af3462012e6d223b1bd.js HTTP/1.1
Host: limitationvolleyballdejected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Sep 2022 23:17:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 843be096bf52cb6f0134605bb9bbae32
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
limitationvolleyballdejected.com/watch.1406582996038.js?key=2e023d41034d8a99bfd2808771c96ed0&kw=%5B%22blowjob%22%2C%22yacht%22%2C%22video%22%2C%22heavyweight%22%2C%22champion%22%2C%22conor%22%2C%22mcgregor%22%2C%22leaks%22%2C%22and%22%2C%22shares%22%2C%22cryptic%22%2C%22sex%22%2C%22video%22%2C%22of%22%2C%22him%22%2C%22getting%22%2C%22intimate%22%2C%22head%22%2C%22from%22%2C%22a%22%2C%22mysterious%22%2C%22lady%22%2C%22on%22%2C%22a%22%2C%22boat%22%2C%22while%22%2C%22listening%22%2C%22to%22%2C%22rehab%22%2C%22winter%22%2C%22in%22%2C%22paris%22%2C%22by%22%2C%22brent%22%2C%22faiyaz%22%5D&refer=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&tz=0&dev=r&res=12.31&uuid=459cd32b-0428-4bcf-837d-b55e7f4841e0%3A1%3A1&shu=add158a2f3517e8fe9efc6f8116824984ae8bcb3d3b666d01908203bf131c7bde9c95b4a02d1bc685f278a1e81ae8688e5f2f1a891621680d7d58aca6f1d7a9322488a6801b5344e4b3f3267b50c5bb5c5bc081e&pst=1662074321&rmtc=t
200 OK 2.1 kB URL HTTP/1.1 limitationvolleyballdejected.com/watch.1406582996038.js?key=2e023d41034d8a99bfd2808771c96ed0&kw=%5B%22blowjob%22%2C%22yacht%22%2C%22video%22%2C%22heavyweight%22%2C%22champion%22%2C%22conor%22%2C%22mcgregor%22%2C%22leaks%22%2C%22and%22%2C%22shares%22%2C%22cryptic%22%2C%22sex%22%2C%22video%22%2C%22of%22%2C%22him%22%2C%22getting%22%2C%22intimate%22%2C%22head%22%2C%22from%22%2C%22a%22%2C%22mysterious%22%2C%22lady%22%2C%22on%22%2C%22a%22%2C%22boat%22%2C%22while%22%2C%22listening%22%2C%22to%22%2C%22rehab%22%2C%22winter%22%2C%22in%22%2C%22paris%22%2C%22by%22%2C%22brent%22%2C%22faiyaz%22%5D&refer=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&tz=0&dev=r&res=12.31&uuid=459cd32b-0428-4bcf-837d-b55e7f4841e0%3A1%3A1&shu=add158a2f3517e8fe9efc6f8116824984ae8bcb3d3b666d01908203bf131c7bde9c95b4a02d1bc685f278a1e81ae8688e5f2f1a891621680d7d58aca6f1d7a9322488a6801b5344e4b3f3267b50c5bb5c5bc081e&pst=1662074321&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2640)
Hash 8cf20a37a66a6ab5765239168abdaab3
b442beaa4edbd4366733fdd650dff0eb26b2b159
486999ec71b7da327c4f680573087c55c9f9dc2c8c7c528471d5472919c305c6
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1406582996038.js?key=2e023d41034d8a99bfd2808771c96ed0&kw=%5B%22blowjob%22%2C%22yacht%22%2C%22video%22%2C%22heavyweight%22%2C%22champion%22%2C%22conor%22%2C%22mcgregor%22%2C%22leaks%22%2C%22and%22%2C%22shares%22%2C%22cryptic%22%2C%22sex%22%2C%22video%22%2C%22of%22%2C%22him%22%2C%22getting%22%2C%22intimate%22%2C%22head%22%2C%22from%22%2C%22a%22%2C%22mysterious%22%2C%22lady%22%2C%22on%22%2C%22a%22%2C%22boat%22%2C%22while%22%2C%22listening%22%2C%22to%22%2C%22rehab%22%2C%22winter%22%2C%22in%22%2C%22paris%22%2C%22by%22%2C%22brent%22%2C%22faiyaz%22%5D&refer=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&tz=0&dev=r&res=12.31&uuid=459cd32b-0428-4bcf-837d-b55e7f4841e0%3A1%3A1&shu=add158a2f3517e8fe9efc6f8116824984ae8bcb3d3b666d01908203bf131c7bde9c95b4a02d1bc685f278a1e81ae8688e5f2f1a891621680d7d58aca6f1d7a9322488a6801b5344e4b3f3267b50c5bb5c5bc081e&pst=1662074321&rmtc=t HTTP/1.1
Host: limitationvolleyballdejected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Referer: https://www.kossyderrickent.com/
Connection: keep-alive
Cookie: u_pl=17118902; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzExODkwMiwiayI6IjJlMDIzZDQxMDM0ZDhhOTliZmQyODA4NzcxYzk2ZWQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzc4MjIzLCJwaWQiOjIyOTc3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJwd3k5cTEyZSIsImNwa3MiOnsgIjI4IjoiOGFhZWY1ZDIyOWMxMWFmMzQ2MjAxMmU2ZDIyM2IxYmQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5rb3NzeWRlcnJpY2tlbnQuY29tLzIwMjIvMDgvYmxvd2pvYi15YWNodC12aWRlby1oZWF2eXdlaWdodC5odG1sIn19.7_-zs-AEqjMizwdFqH3P6Hr5WIBwriK8T_Omk1bxYCk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Sep 2022 23:17:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.kossyderrickent.com
Access-Control-Allow-Origin: https://www.kossyderrickent.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=459cd32b-0428-4bcf-837d-b55e7f4841e0:1:1; expires=Thu, 08 Sep 2022 23:17:41 GMT; secure; SameSite=None
iprc3ffc9e0c2c52e339b75be8aa806d9521=3569806; expires=Fri, 02 Sep 2022 03:17:41 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 02 Sep 2022 23:17:41 GMT; secure; SameSite=None
uncs=1; expires=Fri, 02 Sep 2022 23:17:41 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 02 Sep 2022 23:17:41 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 02 Sep 2022 23:17:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bf5f7fc13367006f427e5d3e73226b42
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 797848c645dcc323aa01a1cc28a1376c
df8dfbb74c047699a37ac0d12d307ede104bbf72
6943eb9fbf099441d20214c206365026c24380abb84c633eca2a78fd8a9f3d25
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6943EB9FBF099441D20214C206365026C24380ABB84C633ECA2A78FD8A9F3D25"
Last-Modified: Wed, 31 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5499
Expires: Fri, 02 Sep 2022 00:49:20 GMT
Date: Thu, 01 Sep 2022 23:17:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e6799ec5d1e029ffcd9f2d6d0208da6c
2348fe3566b5a70b62c6a8e3fe4c704c55de9e88
e125a40e1091498074e3e1a0858a3893674be95ac13d34d1470dad55d8596546
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E125A40E1091498074E3E1A0858A3893674BE95AC13D34D1470DAD55D8596546"
Last-Modified: Tue, 30 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5411
Expires: Fri, 02 Sep 2022 00:47:52 GMT
Date: Thu, 01 Sep 2022 23:17:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 44f5b82c370258db6b5e292381511843
d0753817b1ca79ca8fa4d15b58acabb7bf2bbfc1
a3b28fba3beddb8b9041f48c3fa062913ea5bb82fb3a6c7a3b76ea874d8f0112
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B28FBA3BEDDB8B9041F48C3FA062913EA5BB82FB3A6C7A3B76EA874D8F0112"
Last-Modified: Tue, 30 Aug 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5980
Expires: Fri, 02 Sep 2022 00:57:21 GMT
Date: Thu, 01 Sep 2022 23:17:41 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 797848c645dcc323aa01a1cc28a1376c
df8dfbb74c047699a37ac0d12d307ede104bbf72
6943eb9fbf099441d20214c206365026c24380abb84c633eca2a78fd8a9f3d25
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6943EB9FBF099441D20214C206365026C24380ABB84C633ECA2A78FD8A9F3D25"
Last-Modified: Wed, 31 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5498
Expires: Fri, 02 Sep 2022 00:49:20 GMT
Date: Thu, 01 Sep 2022 23:17:42 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
200 OK 144 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:41 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Sat, 03 Sep 2022 23:17:41 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
speechfountaindigestion.com/watch.879317838279.js?key=2e023d41034d8a99bfd2808771c96ed0&kw=%5B%22blowjob%22%2C%22yacht%22%2C%22video%22%2C%22heavyweight%22%2C%22champion%22%2C%22conor%22%2C%22mcgregor%22%2C%22leaks%22%2C%22and%22%2C%22shares%22%2C%22cryptic%22%2C%22sex%22%2C%22video%22%2C%22of%22%2C%22him%22%2C%22getting%22%2C%22intimate%22%2C%22head%22%2C%22from%22%2C%22a%22%2C%22mysterious%22%2C%22lady%22%2C%22on%22%2C%22a%22%2C%22boat%22%2C%22while%22%2C%22listening%22%2C%22to%22%2C%22rehab%22%2C%22winter%22%2C%22in%22%2C%22paris%22%2C%22by%22%2C%22brent%22%2C%22faiyaz%22%5D&refer=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&tz=0&dev=r&res=12.31&uuid=459cd32b-0428-4bcf-837d-b55e7f4841e0%3A1%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 speechfountaindigestion.com/watch.879317838279.js?key=2e023d41034d8a99bfd2808771c96ed0&kw=%5B%22blowjob%22%2C%22yacht%22%2C%22video%22%2C%22heavyweight%22%2C%22champion%22%2C%22conor%22%2C%22mcgregor%22%2C%22leaks%22%2C%22and%22%2C%22shares%22%2C%22cryptic%22%2C%22sex%22%2C%22video%22%2C%22of%22%2C%22him%22%2C%22getting%22%2C%22intimate%22%2C%22head%22%2C%22from%22%2C%22a%22%2C%22mysterious%22%2C%22lady%22%2C%22on%22%2C%22a%22%2C%22boat%22%2C%22while%22%2C%22listening%22%2C%22to%22%2C%22rehab%22%2C%22winter%22%2C%22in%22%2C%22paris%22%2C%22by%22%2C%22brent%22%2C%22faiyaz%22%5D&refer=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&tz=0&dev=r&res=12.31&uuid=459cd32b-0428-4bcf-837d-b55e7f4841e0%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.879317838279.js?key=2e023d41034d8a99bfd2808771c96ed0&kw=%5B%22blowjob%22%2C%22yacht%22%2C%22video%22%2C%22heavyweight%22%2C%22champion%22%2C%22conor%22%2C%22mcgregor%22%2C%22leaks%22%2C%22and%22%2C%22shares%22%2C%22cryptic%22%2C%22sex%22%2C%22video%22%2C%22of%22%2C%22him%22%2C%22getting%22%2C%22intimate%22%2C%22head%22%2C%22from%22%2C%22a%22%2C%22mysterious%22%2C%22lady%22%2C%22on%22%2C%22a%22%2C%22boat%22%2C%22while%22%2C%22listening%22%2C%22to%22%2C%22rehab%22%2C%22winter%22%2C%22in%22%2C%22paris%22%2C%22by%22%2C%22brent%22%2C%22faiyaz%22%5D&refer=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&tz=0&dev=r&res=12.31&uuid=459cd32b-0428-4bcf-837d-b55e7f4841e0%3A1%3A1 HTTP/1.1
Host: speechfountaindigestion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 23:17:42 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.kossyderrickent.com
Access-Control-Allow-Origin: https://www.kossyderrickent.com
Access-Control-Allow-Credentials: true
Location: https://speechfountaindigestion.com/watch.879317838279.js?key=2e023d41034d8a99bfd2808771c96ed0&kw=%5B%22blowjob%22%2C%22yacht%22%2C%22video%22%2C%22heavyweight%22%2C%22champion%22%2C%22conor%22%2C%22mcgregor%22%2C%22leaks%22%2C%22and%22%2C%22shares%22%2C%22cryptic%22%2C%22sex%22%2C%22video%22%2C%22of%22%2C%22him%22%2C%22getting%22%2C%22intimate%22%2C%22head%22%2C%22from%22%2C%22a%22%2C%22mysterious%22%2C%22lady%22%2C%22on%22%2C%22a%22%2C%22boat%22%2C%22while%22%2C%22listening%22%2C%22to%22%2C%22rehab%22%2C%22winter%22%2C%22in%22%2C%22paris%22%2C%22by%22%2C%22brent%22%2C%22faiyaz%22%5D&refer=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&tz=0&dev=r&res=12.31&uuid=459cd32b-0428-4bcf-837d-b55e7f4841e0%3A1%3A1&shu=9df5082e1d98ea9e29d5e72628191ab612ba3411d82677728d974c0097e7f576b0bc79233a3a6b90984c586f5fc6b5a2c40a087ded80ff7e082c8cfecbb1fdd727271f99e9d2bb4d51d0eb416983a5c17c3094&pst=1662074322&rmtc=t
Set-Cookie: u_pl=17118902; expires=Fri, 02 Sep 2022 23:17:42 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzExODkwMiwiayI6IjJlMDIzZDQxMDM0ZDhhOTliZmQyODA4NzcxYzk2ZWQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzc4MjIzLCJwaWQiOjIyOTc3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJwd3k5cTEyZSIsImNwa3MiOnsgIjI4IjoiOGFhZWY1ZDIyOWMxMWFmMzQ2MjAxMmU2ZDIyM2IxYmQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5rb3NzeWRlcnJpY2tlbnQuY29tLzIwMjIvMDgvYmxvd2pvYi15YWNodC12aWRlby1oZWF2eXdlaWdodC5odG1sIn19.7_-zs-AEqjMizwdFqH3P6Hr5WIBwriK8T_Omk1bxYCk; expires=Thu, 01 Sep 2022 23:18:42 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e74dcfed2724563f2ddb81a97ff1681b
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 997b8d5c5a7abba6f910b618c0ce8d72
add30237796798ac9f3d3fc8c55ecfebdbd3becc
1a89876432a88ab9a1768ed58c4e1e2c1a4820612d6ae439bd2056f318786d58
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A89876432A88AB9A1768ED58C4E1E2C1A4820612D6AE439BD2056F318786D58"
Last-Modified: Wed, 31 Aug 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10898
Expires: Fri, 02 Sep 2022 02:19:20 GMT
Date: Thu, 01 Sep 2022 23:17:42 GMT
Connection: keep-alive
speechfountaindigestion.com/8a/ae/f5/8aaef5d229c11af3462012e6d223b1bd.js
200 OK 29 kB URL HTTP/1.1 speechfountaindigestion.com/8a/ae/f5/8aaef5d229c11af3462012e6d223b1bd.js
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 3d488383491b3a2eb5f2acfbb848b020
5dc050bfab621105f4460979d204019cb9f78e89
5e98466da60e6085c1be3da2efda2475fb4989affe29a1801e93aed41db20a28
Analyzer Verdict Alert quad9 Sinkholed
GET /8a/ae/f5/8aaef5d229c11af3462012e6d223b1bd.js HTTP/1.1
Host: speechfountaindigestion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 23:17:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e2e820fa16faff50acc2b5a2a6b1bf21
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
speechfountaindigestion.com/watch.879317838279.js?key=2e023d41034d8a99bfd2808771c96ed0&kw=%5B%22blowjob%22%2C%22yacht%22%2C%22video%22%2C%22heavyweight%22%2C%22champion%22%2C%22conor%22%2C%22mcgregor%22%2C%22leaks%22%2C%22and%22%2C%22shares%22%2C%22cryptic%22%2C%22sex%22%2C%22video%22%2C%22of%22%2C%22him%22%2C%22getting%22%2C%22intimate%22%2C%22head%22%2C%22from%22%2C%22a%22%2C%22mysterious%22%2C%22lady%22%2C%22on%22%2C%22a%22%2C%22boat%22%2C%22while%22%2C%22listening%22%2C%22to%22%2C%22rehab%22%2C%22winter%22%2C%22in%22%2C%22paris%22%2C%22by%22%2C%22brent%22%2C%22faiyaz%22%5D&refer=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&tz=0&dev=r&res=12.31&uuid=459cd32b-0428-4bcf-837d-b55e7f4841e0%3A1%3A1&shu=9df5082e1d98ea9e29d5e72628191ab612ba3411d82677728d974c0097e7f576b0bc79233a3a6b90984c586f5fc6b5a2c40a087ded80ff7e082c8cfecbb1fdd727271f99e9d2bb4d51d0eb416983a5c17c3094&pst=1662074322&rmtc=t
200 OK 2.0 kB URL HTTP/1.1 speechfountaindigestion.com/watch.879317838279.js?key=2e023d41034d8a99bfd2808771c96ed0&kw=%5B%22blowjob%22%2C%22yacht%22%2C%22video%22%2C%22heavyweight%22%2C%22champion%22%2C%22conor%22%2C%22mcgregor%22%2C%22leaks%22%2C%22and%22%2C%22shares%22%2C%22cryptic%22%2C%22sex%22%2C%22video%22%2C%22of%22%2C%22him%22%2C%22getting%22%2C%22intimate%22%2C%22head%22%2C%22from%22%2C%22a%22%2C%22mysterious%22%2C%22lady%22%2C%22on%22%2C%22a%22%2C%22boat%22%2C%22while%22%2C%22listening%22%2C%22to%22%2C%22rehab%22%2C%22winter%22%2C%22in%22%2C%22paris%22%2C%22by%22%2C%22brent%22%2C%22faiyaz%22%5D&refer=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&tz=0&dev=r&res=12.31&uuid=459cd32b-0428-4bcf-837d-b55e7f4841e0%3A1%3A1&shu=9df5082e1d98ea9e29d5e72628191ab612ba3411d82677728d974c0097e7f576b0bc79233a3a6b90984c586f5fc6b5a2c40a087ded80ff7e082c8cfecbb1fdd727271f99e9d2bb4d51d0eb416983a5c17c3094&pst=1662074322&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2465)
Hash 96bc6fd961859f44483f63668d6f3b0c
bb00be50d8f927c9c6e95aac48b4832ab48573c4
c0a6b3f2ee67037bd9c05ff5a284dca9bbaa2b22ef8f87ede035022d8ff2a49c
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.879317838279.js?key=2e023d41034d8a99bfd2808771c96ed0&kw=%5B%22blowjob%22%2C%22yacht%22%2C%22video%22%2C%22heavyweight%22%2C%22champion%22%2C%22conor%22%2C%22mcgregor%22%2C%22leaks%22%2C%22and%22%2C%22shares%22%2C%22cryptic%22%2C%22sex%22%2C%22video%22%2C%22of%22%2C%22him%22%2C%22getting%22%2C%22intimate%22%2C%22head%22%2C%22from%22%2C%22a%22%2C%22mysterious%22%2C%22lady%22%2C%22on%22%2C%22a%22%2C%22boat%22%2C%22while%22%2C%22listening%22%2C%22to%22%2C%22rehab%22%2C%22winter%22%2C%22in%22%2C%22paris%22%2C%22by%22%2C%22brent%22%2C%22faiyaz%22%5D&refer=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&tz=0&dev=r&res=12.31&uuid=459cd32b-0428-4bcf-837d-b55e7f4841e0%3A1%3A1&shu=9df5082e1d98ea9e29d5e72628191ab612ba3411d82677728d974c0097e7f576b0bc79233a3a6b90984c586f5fc6b5a2c40a087ded80ff7e082c8cfecbb1fdd727271f99e9d2bb4d51d0eb416983a5c17c3094&pst=1662074322&rmtc=t HTTP/1.1
Host: speechfountaindigestion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Referer: https://www.kossyderrickent.com/
Connection: keep-alive
Cookie: u_pl=17118902; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzExODkwMiwiayI6IjJlMDIzZDQxMDM0ZDhhOTliZmQyODA4NzcxYzk2ZWQwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzc4MjIzLCJwaWQiOjIyOTc3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJwd3k5cTEyZSIsImNwa3MiOnsgIjI4IjoiOGFhZWY1ZDIyOWMxMWFmMzQ2MjAxMmU2ZDIyM2IxYmQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5rb3NzeWRlcnJpY2tlbnQuY29tLzIwMjIvMDgvYmxvd2pvYi15YWNodC12aWRlby1oZWF2eXdlaWdodC5odG1sIn19.7_-zs-AEqjMizwdFqH3P6Hr5WIBwriK8T_Omk1bxYCk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 23:17:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.kossyderrickent.com
Access-Control-Allow-Origin: https://www.kossyderrickent.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=459cd32b-0428-4bcf-837d-b55e7f4841e0:1:1; expires=Thu, 08 Sep 2022 23:17:42 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 02 Sep 2022 23:17:42 GMT; secure; SameSite=None
uncs=1; expires=Fri, 02 Sep 2022 23:17:42 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 02 Sep 2022 23:17:42 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 02 Sep 2022 23:17:42 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 225a0dcd0e64e3dcb59efeefd7ef4504
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/0f/19/1c/0f191c5d3acdb94fc619fe49f3e35e6d/1627915929.png
200 OK 111 kB URL HTTP/2 cdn.cloudimagesb.com/cti/0f/19/1c/0f191c5d3acdb94fc619fe49f3e35e6d/1627915929.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGB, non-interlaced\012- data
Size 111 kB (111206 bytes)
Hash 07ff58dd4e527aa139b3ca4bc2d86d12
68f4fec46190913399a1ee165eb17ceee6901ac3
39af4877d1d9b2f78a9ca4c0060438a7cf2ddd271c3581910600b6999728dc77
GET /cti/0f/19/1c/0f191c5d3acdb94fc619fe49f3e35e6d/1627915929.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:42 GMT
content-type: image/png
content-length: 111206
server: nginx/1.17.6
last-modified: Mon, 02 Aug 2021 14:52:19 GMT
etag: "610806a3-1b266"
expires: Sat, 03 Sep 2022 23:17:42 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
virginyoungestrust.com/pixel/purst?dl=0&th=0&sc=0&rs=4251&rd=4251&fd=783&bv=22.8.v.2&tmpl=136
200 OK 0 B URL HTTP/1.1 virginyoungestrust.com/pixel/purst?dl=0&th=0&sc=0&rs=4251&rd=4251&fd=783&bv=22.8.v.2&tmpl=136
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=4251&rd=4251&fd=783&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: virginyoungestrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Sep 2022 23:17:42 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611a1440d2789d85045d288c3b355761
c8d29e8375e23ff8e5adc9db276ad1324edb4e7d
818267551f891f0eb37f331b5c30527b773db320671b21569c8384e71b957edd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "818267551F891F0EB37F331B5C30527B773DB320671B21569C8384E71B957EDD"
Last-Modified: Thu, 01 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7720
Expires: Fri, 02 Sep 2022 01:26:22 GMT
Date: Thu, 01 Sep 2022 23:17:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8988cd1418012ccffc3e13fd8cde2e25
d727ee202af2f919f95faa7f18b86c660dd7f975
2b1176a1e9f36d78e2f59790cfe030803c56a6d8d6baa64ef72e0553b161d5d7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2B1176A1E9F36D78E2F59790CFE030803C56A6D8D6BAA64EF72E0553B161D5D7"
Last-Modified: Tue, 30 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16134
Expires: Fri, 02 Sep 2022 03:46:36 GMT
Date: Thu, 01 Sep 2022 23:17:42 GMT
Connection: keep-alive
banquetunarmedgrater.com/advertisers.js
200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 01 Sep 2022 23:17:42 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 96a1f710564fd683e4b89056bf74a273
Strict-Transport-Security: max-age=0; includeSubdomains
banquetunarmedgrater.com/advertisers.js
200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 01 Sep 2022 23:17:42 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0ecb96a055ea214f5d5b92200bacd1df
Strict-Transport-Security: max-age=0; includeSubdomains
obituaryfuneral.com/sbar.json?key=d0721bb0ce3e3cc9d2e21dc1f9bf3dce&uuid=459cd32b-0428-4bcf-837d-b55e7f4841e0%3A1%3A1
200 OK 4.2 kB URL HTTP/1.1 obituaryfuneral.com/sbar.json?key=d0721bb0ce3e3cc9d2e21dc1f9bf3dce&uuid=459cd32b-0428-4bcf-837d-b55e7f4841e0%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5817), with no line terminators
Hash af2c8f6d4d14e5377e93b869d62c7a91
18c942e7ebaaa2494d446fa481baf6889a45c8d1
03ffbd455c5b6838ce616b393d9e5c23f02b77dfc12121545a6ad0dc8e5701ce
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=d0721bb0ce3e3cc9d2e21dc1f9bf3dce&uuid=459cd32b-0428-4bcf-837d-b55e7f4841e0%3A1%3A1 HTTP/1.1
Host: obituaryfuneral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 23:17:42 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.kossyderrickent.com
Access-Control-Allow-Origin: https://www.kossyderrickent.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15684518; expires=Fri, 02 Sep 2022 23:17:42 GMT; secure; SameSite=None
uid_id2=459cd32b-0428-4bcf-837d-b55e7f4841e0:1:1; expires=Thu, 08 Sep 2022 23:17:42 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 02 Sep 2022 23:17:42 GMT; secure; SameSite=None
uncs=1; expires=Fri, 02 Sep 2022 23:17:42 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 02 Sep 2022 23:17:42 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 02 Sep 2022 23:17:42 GMT; secure; SameSite=None
slecd0721bb0ce3e3cc9d2e21dc1f9bf3dce=[3396716]; expires=Thu, 01 Sep 2022 23:17:47 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 96cc8dac7ca29af4e2ccbca1532d8f00
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c34d2b5870b5732c9b127c57ba9d4abd
a978de33fac7b046c495dde986a453115f8bd6c1
820694a2fc6fc10e4cb44e4d6ee990a3fdd22bdd52f9a20b6093a1d9fa028143
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "820694A2FC6FC10E4CB44E4D6EE990A3FDD22BDD52F9A20B6093A1D9FA028143"
Last-Modified: Wed, 31 Aug 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10686
Expires: Fri, 02 Sep 2022 02:15:48 GMT
Date: Thu, 01 Sep 2022 23:17:42 GMT
Connection: keep-alive
obituaryfuneral.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuzi78fuApIR4UlTl4UHBn%2B2M%2BDRKMcSW4%2BTBR9Kb11ZNyqruaqu7p2b0YDUiOk4vn3mc2CdGgEb0aZDaQw4Kwo5cB3X9BRMjJg8xkcfSF4n2fep7D8z5Vn%2B8Uh8RHQWdnz5ttpTVdb9b92ksfBMGp2qZKi2Ft2Gl92GqcqtnBq91W3X%2B59pbkfbMe%2BoHvB35Q21BWxma4PiehsnvdoN71642wHjQbGNr%2FYld4cNSDGBySE1BiuvrQOwnFJ0iT%2B2el6%2Bcme%2BXNpNA0NxYDcee9tJ%2BaMkWyHGPrIU7vHKlh3MHGA5j01sIuzOAfIVNT4j16AJbeOTIJNthd%2BGQaMgUTT6EcTCD1BIpOwM11KHFAAC5w4SLS5PYFY0u69YSlc3ZKVh%2F%2FCVVOyepvJ5EmX5%2FRali7YnSRK5M6DOMKajiB6k2QFXvIt49BlXvg%2BWdQ4iey%2FngTabJ70WkDJWYvNppdLqKQrfmNsLPWYDxe60RtscaaTdmOG51GIP1FQEpNoOIJtByBOg%2FF%2FCgPReyhyDwkYlbjQRC0fcGp3%2BlyHom2ZC3hB7QdBzTwWx0UfL7DCHk2AtcjcHsNmb2Gvrp50DwBW%2FwId7WCEytw%2BZR473yCgahQSoLSEZSUoFQEZU5QDqpbQrvQVbeFdgULjnp41KNqbPLeDr1l8p5MyU52SI4v8vv9ym305awm%2FHYYMOZzGcmI864IZRgIHsRdFkeCSzhVQblji2231ZQ8%2Fb9vkKkpWfl0BEb34PQeuHoOtHgetBy3Qx%2F06rjR8bGdftc3zm0Jaa3ifZnmdW4SCFMhy1eRb3k7%2BpA8s7AT%2FaIh%2Bf7pj9j56R93%2FwK3FTJb4WP1kKCnb4wvm5LsXjalI99ezHKVqG06f%2BorOc3lypdvy63SWHHurBvdfZ3Pifl4713p8k2aCpX2HPnqjBJC2g1juSQ%2FnHPvS3apcFfPFDYtss1Lb2ycSzIrnVMmnYCqKSGP9sHVlPz%2F%2B9niFz%2F7630oO4EtKiTFPjkqKLMHnl2Dy5b%2BnVmB1UsNyzyURTW2IVteakWg5RJTVsH9C7PlvONuoGdfAM2vI00qDGyFga5A9QiuWBnnmd0%2F%2FXO0KDDtjZm23i7TVt98Eq5Ts1o7inza6jaDdpvKNmuEnbgVCErDRitstWiE3E358de%2B%2BBsAAP%2F%2FAQAA%2F%2F9NzJVUkAQAAA%3D%3D
200 OK 7 B URL HTTP/1.1 obituaryfuneral.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuzi78fuApIR4UlTl4UHBn%2B2M%2BDRKMcSW4%2BTBR9Kb11ZNyqruaqu7p2b0YDUiOk4vn3mc2CdGgEb0aZDaQw4Kwo5cB3X9BRMjJg8xkcfSF4n2fep7D8z5Vn%2B8Uh8RHQWdnz5ttpTVdb9b92ksfBMGp2qZKi2Ft2Gl92GqcqtnBq91W3X%2B59pbkfbMe%2BoHvB35Q21BWxma4PiehsnvdoN71642wHjQbGNr%2FYld4cNSDGBySE1BiuvrQOwnFJ0iT%2B2el6%2Bcme%2BXNpNA0NxYDcee9tJ%2BaMkWyHGPrIU7vHKlh3MHGA5j01sIuzOAfIVNT4j16AJbeOTIJNthd%2BGQaMgUTT6EcTCD1BIpOwM11KHFAAC5w4SLS5PYFY0u69YSlc3ZKVh%2F%2FCVVOyepvJ5EmX5%2FRali7YnSRK5M6DOMKajiB6k2QFXvIt49BlXvg%2BWdQ4iey%2FngTabJ70WkDJWYvNppdLqKQrfmNsLPWYDxe60RtscaaTdmOG51GIP1FQEpNoOIJtByBOg%2FF%2FCgPReyhyDwkYlbjQRC0fcGp3%2BlyHom2ZC3hB7QdBzTwWx0UfL7DCHk2AtcjcHsNmb2Gvrp50DwBW%2FwId7WCEytw%2BZR473yCgahQSoLSEZSUoFQEZU5QDqpbQrvQVbeFdgULjnp41KNqbPLeDr1l8p5MyU52SI4v8vv9ym305awm%2FHYYMOZzGcmI864IZRgIHsRdFkeCSzhVQblji2231ZQ8%2Fb9vkKkpWfl0BEb34PQeuHoOtHgetBy3Qx%2F06rjR8bGdftc3zm0Jaa3ifZnmdW4SCFMhy1eRb3k7%2BpA8s7AT%2FaIh%2Bf7pj9j56R93%2FwK3FTJb4WP1kKCnb4wvm5LsXjalI99ezHKVqG06f%2BorOc3lypdvy63SWHHurBvdfZ3Pifl4713p8k2aCpX2HPnqjBJC2g1juSQ%2FnHPvS3apcFfPFDYtss1Lb2ycSzIrnVMmnYCqKSGP9sHVlPz%2F%2B9niFz%2F7630oO4EtKiTFPjkqKLMHnl2Dy5b%2BnVmB1UsNyzyURTW2IVteakWg5RJTVsH9C7PlvONuoGdfAM2vI00qDGyFga5A9QiuWBnnmd0%2F%2FXO0KDDtjZm23i7TVt98Eq5Ts1o7inza6jaDdpvKNmuEnbgVCErDRitstWiE3E358de%2B%2BBsAAP%2F%2FAQAA%2F%2F9NzJVUkAQAAA%3D%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuzi78fuApIR4UlTl4UHBn%2B2M%2BDRKMcSW4%2BTBR9Kb11ZNyqruaqu7p2b0YDUiOk4vn3mc2CdGgEb0aZDaQw4Kwo5cB3X9BRMjJg8xkcfSF4n2fep7D8z5Vn%2B8Uh8RHQWdnz5ttpTVdb9b92ksfBMGp2qZKi2Ft2Gl92GqcqtnBq91W3X%2B59pbkfbMe%2BoHvB35Q21BWxma4PiehsnvdoN71642wHjQbGNr%2FYld4cNSDGBySE1BiuvrQOwnFJ0iT%2B2el6%2Bcme%2BXNpNA0NxYDcee9tJ%2BaMkWyHGPrIU7vHKlh3MHGA5j01sIuzOAfIVNT4j16AJbeOTIJNthd%2BGQaMgUTT6EcTCD1BIpOwM11KHFAAC5w4SLS5PYFY0u69YSlc3ZKVh%2F%2FCVVOyepvJ5EmX5%2FRali7YnSRK5M6DOMKajiB6k2QFXvIt49BlXvg%2BWdQ4iey%2FngTabJ70WkDJWYvNppdLqKQrfmNsLPWYDxe60RtscaaTdmOG51GIP1FQEpNoOIJtByBOg%2FF%2FCgPReyhyDwkYlbjQRC0fcGp3%2BlyHom2ZC3hB7QdBzTwWx0UfL7DCHk2AtcjcHsNmb2Gvrp50DwBW%2FwId7WCEytw%2BZR473yCgahQSoLSEZSUoFQEZU5QDqpbQrvQVbeFdgULjnp41KNqbPLeDr1l8p5MyU52SI4v8vv9ym305awm%2FHYYMOZzGcmI864IZRgIHsRdFkeCSzhVQblji2231ZQ8%2Fb9vkKkpWfl0BEb34PQeuHoOtHgetBy3Qx%2F06rjR8bGdftc3zm0Jaa3ifZnmdW4SCFMhy1eRb3k7%2BpA8s7AT%2FaIh%2Bf7pj9j56R93%2FwK3FTJb4WP1kKCnb4wvm5LsXjalI99ezHKVqG06f%2BorOc3lypdvy63SWHHurBvdfZ3Pifl4713p8k2aCpX2HPnqjBJC2g1juSQ%2FnHPvS3apcFfPFDYtss1Lb2ycSzIrnVMmnYCqKSGP9sHVlPz%2F%2B9niFz%2F7630oO4EtKiTFPjkqKLMHnl2Dy5b%2BnVmB1UsNyzyURTW2IVteakWg5RJTVsH9C7PlvONuoGdfAM2vI00qDGyFga5A9QiuWBnnmd0%2F%2FXO0KDDtjZm23i7TVt98Eq5Ts1o7inza6jaDdpvKNmuEnbgVCErDRitstWiE3E358de%2B%2BBsAAP%2F%2FAQAA%2F%2F9NzJVUkAQAAA%3D%3D HTTP/1.1
Host: obituaryfuneral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Cookie: u_pl=15684518; uid_id2=459cd32b-0428-4bcf-837d-b55e7f4841e0:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd0721bb0ce3e3cc9d2e21dc1f9bf3dce=[3396716]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 23:17:42 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 27bfd651ad9951c5d46edc330f142304
Strict-Transport-Security: max-age=0; includeSubdomains
reasonablelandmark.com/pixel/purst?dl=0&th=0&sc=0&rs=4251&rd=4251&fd=783&bv=22.8.v.2&tmpl=136
200 OK 0 B URL HTTP/1.1 reasonablelandmark.com/pixel/purst?dl=0&th=0&sc=0&rs=4251&rd=4251&fd=783&bv=22.8.v.2&tmpl=136
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=4251&rd=4251&fd=783&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: reasonablelandmark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 01 Sep 2022 23:17:42 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
kossyderrickent.disqus.com/blogger_item.js
302 Found 23 kB URL HTTP/1.1 kossyderrickent.disqus.com/blogger_item.js
IP
Hash ccc5548a45b5cb3a1a9fd7b50e69b251
defa1b24c33a1a9767ab2ce66f693743107ad948
a3556eb82a8a104d4e68be34d5def19ea36643800e8c3731b3a04a213becf5af
GET /blogger_item.js HTTP/1.1
Host: kossyderrickent.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Connection: close
Content-Length: 0
Server: Varnish
Location: https://a.disquscdn.com/blogger_item.js
Cache-Control: public, max-age=3600
Date: Thu, 01 Sep 2022 23:17:43 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
kossyderrickent.disqus.com/blogger_index.js
302 Found 0 B URL HTTP/1.1 kossyderrickent.disqus.com/blogger_index.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /blogger_index.js HTTP/1.1
Host: kossyderrickent.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Connection: close
Content-Length: 0
Server: Varnish
Location: https://a.disquscdn.com/blogger_index.js
Cache-Control: public, max-age=3600
Date: Thu, 01 Sep 2022 23:17:43 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/index.html
200 OK 425 B URL HTTP/2 cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/index.html
IP
File type HTML document text\012- HTML document, ASCII text
Hash d6c1752a54d7daed6dbbf843ef6eac9d
34d61981c6d8f3026d3fa07fb9af3a0d77a55e49
73fed888f4e6c9e4d521891d5a925b3a018d8a4ff8500d66074cc189c27899e4
GET /sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:43 GMT
content-type: text/html
last-modified: Tue, 01 Feb 2022 10:33:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8WiEOIWB8lVpZgoWiCNKDKonksw%2BODrXWaZJ2qgY%2F4XFNNPmm1SfhZYCSSl5R5gTGX%2BiyMFBEOGM2o1CyvBzss3EE6TQUrCgccAy%2FYdkHofCsVViYxl02jXv%2FP1PBzRuVRJCBs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7441b88e5ad1b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 4c0c3b533df38be7bdfbd8b8246b48c2
8fa1977230e302c4d0df2482eb22d9202a7cf961
2f505285bbf066d84efdc1df659265354728ecf67077f7544bd586b19d9b38ad
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2F505285BBF066D84EFDC1DF659265354728ECF67077F7544BD586B19D9B38AD"
Last-Modified: Wed, 31 Aug 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13543
Expires: Fri, 02 Sep 2022 03:03:26 GMT
Date: Thu, 01 Sep 2022 23:17:43 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 4c0c3b533df38be7bdfbd8b8246b48c2
8fa1977230e302c4d0df2482eb22d9202a7cf961
2f505285bbf066d84efdc1df659265354728ecf67077f7544bd586b19d9b38ad
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2F505285BBF066D84EFDC1DF659265354728ECF67077F7544BD586B19D9B38AD"
Last-Modified: Wed, 31 Aug 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13543
Expires: Fri, 02 Sep 2022 03:03:26 GMT
Date: Thu, 01 Sep 2022 23:17:43 GMT
Connection: keep-alive
a.disquscdn.com/blogger_index.js
200 OK 1.3 kB URL HTTP/2 a.disquscdn.com/blogger_index.js
IP
Hash 87b72c97486279c5c677a3c492545542
16e197ace0883b9f284b7683ddd34091c40cf9d0
e3fff474fed7b7bbc1a1ec81d6a9389563ec2b683497676a50d73a9b3519d516
GET /blogger_index.js HTTP/1.1
Host: a.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kossyderrickent.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 09 Aug 2022 03:23:42 GMT
cache-control: max-age=300, public
etag: "60395f01-542"
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 1YGAX3BLWdJp1hd7oAcc_nt__seRsyFSBDjnOWiu_Xe6t40z7RsXRQ==
date: Thu, 01 Sep 2022 23:17:43 GMT
age: 182
strict-transport-security: max-age=300; includeSubdomains
content-length: 1346
X-Firefox-Spdy: h2
a.disquscdn.com/blogger_item.js
200 OK 364 B URL HTTP/2 a.disquscdn.com/blogger_item.js
IP
Hash 353e5d13a8699583f39014fb0aa1e6c7
4667874670a313990c1f049a911c055f6b88e012
6210825d39368a3da2fa12be3e1537d2f3e6b128c937b607d138ec5119c1af6f
GET /blogger_item.js HTTP/1.1
Host: a.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kossyderrickent.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 26 Aug 2022 12:54:48 GMT
cache-control: max-age=300, public
etag: "60395f01-16c"
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: HeDUPJ0xmTPnlhrVDK1_F0aQWXIhudrcFrKt_ay_9P5CMtiq4tNLng==
date: Thu, 01 Sep 2022 23:17:43 GMT
age: 53
strict-transport-security: max-age=300; includeSubdomains
content-length: 364
X-Firefox-Spdy: h2
obituaryfuneral.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Findex.html&l=1559&fd=561
200 OK 0 B URL HTTP/1.1 obituaryfuneral.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Findex.html&l=1559&fd=561
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Findex.html&l=1559&fd=561 HTTP/1.1
Host: obituaryfuneral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Cookie: u_pl=15684518; uid_id2=459cd32b-0428-4bcf-837d-b55e7f4841e0:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd0721bb0ce3e3cc9d2e21dc1f9bf3dce=[3396716]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 23:17:43 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/img/1.jpg
200 OK 22 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/img/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x292, components 3\012- data
Hash e1f754e6014f2a7636aa19acdf37eaa7
72ded7fb65560b2702630d5208386654f294e8e9
8b9e400d61eb3c28929db8209c3136b14e2112d6eb8b4f504b74f6cca67b50fe
GET /sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/img/1.jpg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:43 GMT
content-type: image/jpeg
content-length: 21845
last-modified: Wed, 03 Aug 2022 08:33:45 GMT
etag: "62ea32e9-5555"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2553177
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biPMOj03RRDlYzJlw62Eukeli%2F7xObO04Dy54dVWeTtwP45%2BpWqpCWJQwIsZKdvqLfjDBnX8ZPAQKTnf1ZYD6KlmBgEjTaebaFCwtQ9IfDNmZpzm6k0pPV%2ByjGjp9J%2B05C4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7441b892de270b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 4c0c3b533df38be7bdfbd8b8246b48c2
8fa1977230e302c4d0df2482eb22d9202a7cf961
2f505285bbf066d84efdc1df659265354728ecf67077f7544bd586b19d9b38ad
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2F505285BBF066D84EFDC1DF659265354728ECF67077F7544BD586B19D9B38AD"
Last-Modified: Wed, 31 Aug 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13543
Expires: Fri, 02 Sep 2022 03:03:26 GMT
Date: Thu, 01 Sep 2022 23:17:43 GMT
Connection: keep-alive
obituaryfuneral.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Fcss%2Fstyle.css&l=3637&fd=148
200 OK 0 B URL HTTP/1.1 obituaryfuneral.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Fcss%2Fstyle.css&l=3637&fd=148
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Fcss%2Fstyle.css&l=3637&fd=148 HTTP/1.1
Host: obituaryfuneral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Cookie: u_pl=15684518; uid_id2=459cd32b-0428-4bcf-837d-b55e7f4841e0:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd0721bb0ce3e3cc9d2e21dc1f9bf3dce=[3396716]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 23:17:43 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
obituaryfuneral.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Fjs%2Fscript.js&l=386&fd=146
200 OK 0 B URL HTTP/1.1 obituaryfuneral.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Fjs%2Fscript.js&l=386&fd=146
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Fjs%2Fscript.js&l=386&fd=146 HTTP/1.1
Host: obituaryfuneral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Cookie: u_pl=15684518; uid_id2=459cd32b-0428-4bcf-837d-b55e7f4841e0:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd0721bb0ce3e3cc9d2e21dc1f9bf3dce=[3396716]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 23:17:43 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/css/style.css
200 OK 1.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/css/style.css
IP
Hash 20710b5df582884b3779bc24c1977cdd
58e7736a6a076efdf1e4d7a9fea88bfe4ace2fa7
49592242422c4a7f3bd1d57f6818aaa9c7ae5e236f13fc01939ab9abc3cd74b5
GET /sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:43 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 15:54:46 GMT
etag: W/"61f80646-e35"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 29743
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiTt28UwDdw47s%2BQG%2Biatlrmep5wM1TEtnDuDZTMKMYol7mT4d%2BW0CqMtmTnjsME4OUuK6aEO0OWw0tCRhxaKMZgmBAeKT5ycvKjyss7Bzex5NkE3nj31EyKFOxhLpc04P0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7441b892de240b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kossyderrickent.disqus.com/count.js
200 OK 871 B URL HTTP/1.1 kossyderrickent.disqus.com/count.js
IP
File type ASCII text, with very long lines (528)
Hash a487039f9b553cb4f6928743872234e9
b3d835075d1983a8c2fe716285d173fcc3708f9c
364f622ba24e063adcee84f132da53c6e6071745f04a00d10937663deb24b822
GET /count.js HTTP/1.1
Host: kossyderrickent.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 871
Content-Type: application/javascript; charset=utf-8
Server: nginx
Last-Modified: Thu, 18 Aug 2022 15:40:56 GMT
ETag: "62fe5d88-367"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: DFW55-C3
X-Amz-Cf-Id: WuzaqdUfh6KEDWSuGUiE2Y9N7g2tYEMAcU0KAq7yldBu12lqPO-Cqg==
Cache-Control: public, max-age=300
Date: Thu, 01 Sep 2022 23:17:43 GMT
Age: 128
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 99815
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 99815
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
obituaryfuneral.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Fcss%2Fanimate.css&l=79245&fd=412
200 OK 0 B URL HTTP/1.1 obituaryfuneral.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Fcss%2Fanimate.css&l=79245&fd=412
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fmessage_redcircle2%2F3%2Fcss%2Fanimate.css&l=79245&fd=412 HTTP/1.1
Host: obituaryfuneral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Cookie: u_pl=15684518; uid_id2=459cd32b-0428-4bcf-837d-b55e7f4841e0:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd0721bb0ce3e3cc9d2e21dc1f9bf3dce=[3396716]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 23:17:43 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
kossyderrickent.disqus.com/embed.js
200 OK 25 kB URL HTTP/1.1 kossyderrickent.disqus.com/embed.js
IP
File type ASCII text, with very long lines (32091)
Hash 8f40ac783df936c736b7e0d1fb15ab84
98105669bde74e06269884b50ffffbf6d145b303
3c66d15b9d8983d8e665e29e5d8359c4b9818cc3a54461e7ac52e7599d36583a
GET /embed.js HTTP/1.1
Host: kossyderrickent.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 25435
Server: openresty
Content-Type: application/javascript; charset=utf-8
X-Service: router
Content-Encoding: gzip
Date: Thu, 01 Sep 2022 23:17:44 GMT
Age: 0
Vary: Accept-Encoding
Cache-Control: private, max-age=60
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
obituaryfuneral.com/pixel/sbs?c=1
200 OK 34 kB URL HTTP/1.1 obituaryfuneral.com/pixel/sbs?c=1
IP
ASN #39572 DataWeb Global Group B.V.
Hash 8675d36313fdd0132b5b66d28bb744bb
d47a9387d927a7d62ea5211cd77633058ba4c84e
a5a224527e33064a6efa5a116e599803efa162cb27db4bdf13723da5cc7f75a7
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: obituaryfuneral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Cookie: u_pl=15684518; uid_id2=459cd32b-0428-4bcf-837d-b55e7f4841e0:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd0721bb0ce3e3cc9d2e21dc1f9bf3dce=[3396716]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 23:17:44 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
obituaryfuneral.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3gR%2BP%2FC0y3pQVObgQcFMuucjM%2BMiizFGgtnNulH0pvXVk3Kqu5qq7ulJLkYXZI%2BzF8%2BdZ%2FLB6qIrenWRycIeAkJGLwOaf0FE2JMHmdng6AvF%2Bz71PIfnfao%2B38vOiI%2BMjleumR2lNV2sl%2F3SSx8EwZXSuoqzXqnXXPpwqXalZLuvtpbK%2FsultyTvmMWKH%2Fh%2B4AelVWVlaHqLExIqudcKyi2%2FXKuUg3oNPftf7DIPjnoQ3TNyCUqM5h96l6H4EHF0f0W6TmqSV96MMk1TY9EVR%2B%2FFndjkMaLZGFoPYXx0roZxp6sPYOKDqV2Y7j9CpkbEe%2FQALD46NwnW3Z%2F6ZBoyBhNPIe8OIfUQig7BzS0ocUoALnB9A3F0eN3YnG4%2FYemEHZH5x39C5SMy%2F9tlxNHXy1r1SptGZ6kysUMvLKB6Q6j2EEl2jHTnAlR%2BDJ5%2BBiV%2BIouP1xFH%2BxtOGygxfrFWb3FRrbAFv1ZpLtQYDxea1YZYYPW6bIS1Zi2Q%2FjQgpYZQ4RBa9kGdh2xylIcs9JAlHiIxLvEgCBq%2B4NRvtjivioZkS8IPaCMMaOAvNZHxyQ59pEkfXPfB7S4Su4uOunNavwSb%2FQi3VcCJObh0RLx3PkFXFMglQe4IckqQK4I8Jci7xYHQruKKQ6FdxoLzXjnv1WJg0vYePTBpW8ZkLzkjF6f5%2Fb55iI4cl4TfqASM%2BVxWZZXzlqjISiB4ELZYWBVcwqkCyl2YbrujRuTp%2F32DRI3I3Kd9MHoMp4%2FB1XOg2fOg%2BaBR8UG3BrWmj534u45xbltIaxXvyDgtcxNBmAJJOo9029vTZ%2BSZqZ3qLxqSn1z9iF0b%2FXH3L3BbILEFPlYPCdr69uCmycn%2BTZM78u1GkqpI7dDJU2%2BmNJVzX74tt3NjxdqK6999nU%2BIyXjvXenSdRoLFbcd%2BWpZCSHtqrFckh%2FW3PuS3cjc1nJm4yxZv%2FHG6lqUWOmcMvEQVI0IeXQCrkbk%2F9%2BPp7%2F42V%2FvQ9khbFYgyk7IeUGZY%2FBkFy6Z%2BXdmDlbPNCzxkGfFwFbY7FIrAi1nmLIC7l%2BYzeY9dxtt%2BwJoegtxVKBrC3R1Aar7cNncIE3sydWfq9MC096AaevtM231nSfhOjUuVX3RYDKUDSZr9VoouWD1OvN5yFlVNJscqRvxi6998TcAAAD%2F%2FwEAAP%2F%2FzRhAvJAEAAA%3D
200 OK 7 B URL HTTP/1.1 obituaryfuneral.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3gR%2BP%2FC0y3pQVObgQcFMuucjM%2BMiizFGgtnNulH0pvXVk3Kqu5qq7ulJLkYXZI%2BzF8%2BdZ%2FLB6qIrenWRycIeAkJGLwOaf0FE2JMHmdng6AvF%2Bz71PIfnfao%2B38vOiI%2BMjleumR2lNV2sl%2F3SSx8EwZXSuoqzXqnXXPpwqXalZLuvtpbK%2FsultyTvmMWKH%2Fh%2B4AelVWVlaHqLExIqudcKyi2%2FXKuUg3oNPftf7DIPjnoQ3TNyCUqM5h96l6H4EHF0f0W6TmqSV96MMk1TY9EVR%2B%2FFndjkMaLZGFoPYXx0roZxp6sPYOKDqV2Y7j9CpkbEe%2FQALD46NwnW3Z%2F6ZBoyBhNPIe8OIfUQig7BzS0ocUoALnB9A3F0eN3YnG4%2FYemEHZH5x39C5SMy%2F9tlxNHXy1r1SptGZ6kysUMvLKB6Q6j2EEl2jHTnAlR%2BDJ5%2BBiV%2BIouP1xFH%2BxtOGygxfrFWb3FRrbAFv1ZpLtQYDxea1YZYYPW6bIS1Zi2Q%2FjQgpYZQ4RBa9kGdh2xylIcs9JAlHiIxLvEgCBq%2B4NRvtjivioZkS8IPaCMMaOAvNZHxyQ59pEkfXPfB7S4Su4uOunNavwSb%2FQi3VcCJObh0RLx3PkFXFMglQe4IckqQK4I8Jci7xYHQruKKQ6FdxoLzXjnv1WJg0vYePTBpW8ZkLzkjF6f5%2Fb55iI4cl4TfqASM%2BVxWZZXzlqjISiB4ELZYWBVcwqkCyl2YbrujRuTp%2F32DRI3I3Kd9MHoMp4%2FB1XOg2fOg%2BaBR8UG3BrWmj534u45xbltIaxXvyDgtcxNBmAJJOo9029vTZ%2BSZqZ3qLxqSn1z9iF0b%2FXH3L3BbILEFPlYPCdr69uCmycn%2BTZM78u1GkqpI7dDJU2%2BmNJVzX74tt3NjxdqK6999nU%2BIyXjvXenSdRoLFbcd%2BWpZCSHtqrFckh%2FW3PuS3cjc1nJm4yxZv%2FHG6lqUWOmcMvEQVI0IeXQCrkbk%2F9%2BPp7%2F42V%2FvQ9khbFYgyk7IeUGZY%2FBkFy6Z%2BXdmDlbPNCzxkGfFwFbY7FIrAi1nmLIC7l%2BYzeY9dxtt%2BwJoegtxVKBrC3R1Aar7cNncIE3sydWfq9MC096AaevtM231nSfhOjUuVX3RYDKUDSZr9VoouWD1OvN5yFlVNJscqRvxi6998TcAAAD%2F%2FwEAAP%2F%2FzRhAvJAEAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3gR%2BP%2FC0y3pQVObgQcFMuucjM%2BMiizFGgtnNulH0pvXVk3Kqu5qq7ulJLkYXZI%2BzF8%2BdZ%2FLB6qIrenWRycIeAkJGLwOaf0FE2JMHmdng6AvF%2Bz71PIfnfao%2B38vOiI%2BMjleumR2lNV2sl%2F3SSx8EwZXSuoqzXqnXXPpwqXalZLuvtpbK%2FsultyTvmMWKH%2Fh%2B4AelVWVlaHqLExIqudcKyi2%2FXKuUg3oNPftf7DIPjnoQ3TNyCUqM5h96l6H4EHF0f0W6TmqSV96MMk1TY9EVR%2B%2FFndjkMaLZGFoPYXx0roZxp6sPYOKDqV2Y7j9CpkbEe%2FQALD46NwnW3Z%2F6ZBoyBhNPIe8OIfUQig7BzS0ocUoALnB9A3F0eN3YnG4%2FYemEHZH5x39C5SMy%2F9tlxNHXy1r1SptGZ6kysUMvLKB6Q6j2EEl2jHTnAlR%2BDJ5%2BBiV%2BIouP1xFH%2BxtOGygxfrFWb3FRrbAFv1ZpLtQYDxea1YZYYPW6bIS1Zi2Q%2FjQgpYZQ4RBa9kGdh2xylIcs9JAlHiIxLvEgCBq%2B4NRvtjivioZkS8IPaCMMaOAvNZHxyQ59pEkfXPfB7S4Su4uOunNavwSb%2FQi3VcCJObh0RLx3PkFXFMglQe4IckqQK4I8Jci7xYHQruKKQ6FdxoLzXjnv1WJg0vYePTBpW8ZkLzkjF6f5%2Fb55iI4cl4TfqASM%2BVxWZZXzlqjISiB4ELZYWBVcwqkCyl2YbrujRuTp%2F32DRI3I3Kd9MHoMp4%2FB1XOg2fOg%2BaBR8UG3BrWmj534u45xbltIaxXvyDgtcxNBmAJJOo9029vTZ%2BSZqZ3qLxqSn1z9iF0b%2FXH3L3BbILEFPlYPCdr69uCmycn%2BTZM78u1GkqpI7dDJU2%2BmNJVzX74tt3NjxdqK6999nU%2BIyXjvXenSdRoLFbcd%2BWpZCSHtqrFckh%2FW3PuS3cjc1nJm4yxZv%2FHG6lqUWOmcMvEQVI0IeXQCrkbk%2F9%2BPp7%2F42V%2FvQ9khbFYgyk7IeUGZY%2FBkFy6Z%2BXdmDlbPNCzxkGfFwFbY7FIrAi1nmLIC7l%2BYzeY9dxtt%2BwJoegtxVKBrC3R1Aar7cNncIE3sydWfq9MC096AaevtM231nSfhOjUuVX3RYDKUDSZr9VoouWD1OvN5yFlVNJscqRvxi6998TcAAAD%2F%2FwEAAP%2F%2FzRhAvJAEAAA%3D HTTP/1.1
Host: obituaryfuneral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Cookie: u_pl=15684518; uid_id2=459cd32b-0428-4bcf-837d-b55e7f4841e0:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd0721bb0ce3e3cc9d2e21dc1f9bf3dce=[3396716]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 01 Sep 2022 23:17:44 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 12239db54824efef784a04e29e17d05f
Strict-Transport-Security: max-age=0; includeSubdomains
kossyderrickent.disqus.com/count-data.js?2=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html
200 OK 314 B URL HTTP/1.1 kossyderrickent.disqus.com/count-data.js?2=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html
IP
Hash cfbb294fccf8869fe88d41c623259365
a53146bceec0183150cf6d556a114f8d9be9450f
3aadedadf0f4f06f3447e01d29be6c3e0a52e29a049a44c279322d93ba8b26b1
GET /count-data.js?2=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html HTTP/1.1
Host: kossyderrickent.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 314
Server: nginx
Content-Type: application/javascript; charset=UTF-8
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=600
Date: Thu, 01 Sep 2022 23:17:44 GMT
Age: 1029
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
200 OK 68 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash c486343ee4c10598f90221bcd11429b2
2cb8a96e1902c35bfb0de435976d4825988453aa
57d80318fc1f90d0132ad5a686e9b76d0976496c3df1ec993082c321024f5113
GET /AdServer/js/pwt/161673/7165/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 10:48:20 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: application/javascript
content-length: 68097
cache-control: max-age=110589
expires: Sat, 03 Sep 2022 06:00:53 GMT
date: Thu, 01 Sep 2022 23:17:44 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b4e422675f5c5f2dbaf41bf16672b884
81e1e47456e2f60aeab7810850c3fe2e97f462a0
fbd11cfbd187789c7a14592bab5c5279b6f4c08b28aa61ff1aa502efdd69f05b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBD11CFBD187789C7A14592BAB5C5279B6F4C08B28AA61FF1AA502EFDD69F05B"
Last-Modified: Wed, 31 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10607
Expires: Fri, 02 Sep 2022 02:14:31 GMT
Date: Thu, 01 Sep 2022 23:17:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b4e422675f5c5f2dbaf41bf16672b884
81e1e47456e2f60aeab7810850c3fe2e97f462a0
fbd11cfbd187789c7a14592bab5c5279b6f4c08b28aa61ff1aa502efdd69f05b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBD11CFBD187789C7A14592BAB5C5279B6F4C08B28AA61FF1AA502EFDD69F05B"
Last-Modified: Wed, 31 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10607
Expires: Fri, 02 Sep 2022 02:14:31 GMT
Date: Thu, 01 Sep 2022 23:17:44 GMT
Connection: keep-alive
s-img.adskeeper.com/g/13785548/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzE3NTY4NS82NzU1YzVjZDg3OGUzZDYxMjJlNmIyMGI1ZTU1MTlkZi5qcGc.webp?v=1662074263-cmJk2DrXZn_HTP4BGGm1vIW1WK0LMgIFFbYpRpV1Aug
200 OK 15 kB URL HTTP/2 s-img.adskeeper.com/g/13785548/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzE3NTY4NS82NzU1YzVjZDg3OGUzZDYxMjJlNmIyMGI1ZTU1MTlkZi5qcGc.webp?v=1662074263-cmJk2DrXZn_HTP4BGGm1vIW1WK0LMgIFFbYpRpV1Aug
IP
ASN #199524 G-Core Labs S.A.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 808369dc4420049f4667d1d037485201
a89f2127252c51db3b2f06fa02b9a37be221758c
9f92e5289bd54aba43fdcbe31029b5c0806df6bbef676e080633a125ea407d0d
GET /g/13785548/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzE3NTY4NS82NzU1YzVjZDg3OGUzZDYxMjJlNmIyMGI1ZTU1MTlkZi5qcGc.webp?v=1662074263-cmJk2DrXZn_HTP4BGGm1vIW1WK0LMgIFFbYpRpV1Aug HTTP/1.1
Host: s-img.adskeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 23:17:44 GMT
content-type: image/webp
content-length: 15058
x-mg-request-uuid: 1e39871c-ba40-4f47-91ae-a53c7587c204
access-control-allow-origin: *
last-modified: Fri, 12 Aug 2022 17:43:34 GMT
cache-control: immutable, max-age=31536000
cache: HIT
x-cached-since: 2022-08-12T18:04:43+00:00
x-id: sto5-up-gc14
accept-ranges: bytes
X-Firefox-Spdy: h2
s-img.adskeeper.com/g/13404800/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF81MjgseV80NTYvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDYvMTAxOTI0LzhhMGMzMzg1ZGY2YTY5ZDIxZjA2MzNlMWU4ZDIxYjA4LmpwZWc.webp?v=1662074263-xwmE4a6HnYFJf6fx3IwrF9W6AnpSSXBrFGJJz55du8c
200 OK 46 kB URL HTTP/2 s-img.adskeeper.com/g/13404800/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF81MjgseV80NTYvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDYvMTAxOTI0LzhhMGMzMzg1ZGY2YTY5ZDIxZjA2MzNlMWU4ZDIxYjA4LmpwZWc.webp?v=1662074263-xwmE4a6HnYFJf6fx3IwrF9W6AnpSSXBrFGJJz55du8c
IP
ASN #199524 G-Core Labs S.A.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x328, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bf14d7fd5717e8c76bb96237eac97651
121e3fdf3a0c5ce328a0aab94d87eacc08514603
45d5d2d64eed33b07e041b19dd695fdeadb4025ec4fbe8a5ba2b7caceca3455c
GET /g/13404800/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF81MjgseV80NTYvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDYvMTAxOTI0LzhhMGMzMzg1ZGY2YTY5ZDIxZjA2MzNlMWU4ZDIxYjA4LmpwZWc.webp?v=1662074263-xwmE4a6HnYFJf6fx3IwrF9W6AnpSSXBrFGJJz55du8c HTTP/1.1
Host: s-img.adskeeper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 23:17:44 GMT
content-type: image/webp
content-length: 45792
x-mg-request-uuid: 8b4322c9-ceb0-46c0-b9ee-61d08f5d3cee
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
last-modified: Fri, 01 Jul 2022 07:14:14 GMT
cache: HIT
x-cached-since: 2022-07-22T14:03:03+00:00
x-id: sto5-up-gc13
accept-ranges: bytes
X-Firefox-Spdy: h2
referrer.disqus.com/juggler/event.gif?imp=1ssno79133tq1n&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=kossyderrickent&zone=thread&version=0837a7fb2afa86b68e4ee5098ec9905b&page_url=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough§ion=default&verb=call&adjective=1&forum_id=6730673
200 OK 43 B URL HTTP/1.1 referrer.disqus.com/juggler/event.gif?imp=1ssno79133tq1n&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=kossyderrickent&zone=thread&version=0837a7fb2afa86b68e4ee5098ec9905b&page_url=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough§ion=default&verb=call&adjective=1&forum_id=6730673
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/event.gif?imp=1ssno79133tq1n&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=kossyderrickent&zone=thread&version=0837a7fb2afa86b68e4ee5098ec9905b&page_url=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough§ion=default&verb=call&adjective=1&forum_id=6730673 HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Thu, 01 Sep 2022 23:17:44 GMT
Cross-Origin-Resource-Policy: cross-origin
disqus.com/embed/comments/?base=default&f=kossyderrickent&t_u=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&t_d=%0ABLOWJOB%20YACHT%20VIDEO%3A%20Heavyweight%20champion%2C%20Conor%20McGregor%2C%20leaks%20and%20shares%20cryptic%20sex%20video%20of%20him%20getting%20intimate%20head%20from%20a%20mysterious%20lady%20on%20a%20boat%20while%20listening%20to%20Rehab%20(Winter%20in%20Paris)%20by%20Brent%20Faiyaz%0A&t_t=%0ABLOWJOB%20YACHT%20VIDEO%3A%20Heavyweight%20champion%2C%20Conor%20McGregor%2C%20leaks%20and%20shares%20cryptic%20sex%20video%20of%20him%20getting%20intimate%20head%20from%20a%20mysterious%20lady%20on%20a%20boat%20while%20listening%20to%20Rehab%20(Winter%20in%20Paris)%20by%20Brent%20Faiyaz%0A&s_o=default
200 OK 2.9 kB URL HTTP/1.1 disqus.com/embed/comments/?base=default&f=kossyderrickent&t_u=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&t_d=%0ABLOWJOB%20YACHT%20VIDEO%3A%20Heavyweight%20champion%2C%20Conor%20McGregor%2C%20leaks%20and%20shares%20cryptic%20sex%20video%20of%20him%20getting%20intimate%20head%20from%20a%20mysterious%20lady%20on%20a%20boat%20while%20listening%20to%20Rehab%20(Winter%20in%20Paris)%20by%20Brent%20Faiyaz%0A&t_t=%0ABLOWJOB%20YACHT%20VIDEO%3A%20Heavyweight%20champion%2C%20Conor%20McGregor%2C%20leaks%20and%20shares%20cryptic%20sex%20video%20of%20him%20getting%20intimate%20head%20from%20a%20mysterious%20lady%20on%20a%20boat%20while%20listening%20to%20Rehab%20(Winter%20in%20Paris)%20by%20Brent%20Faiyaz%0A&s_o=default
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2866)
Hash 982cd74b7de9140a1db9de3f35a7017e
8589e54c2fa8d703e3525dd7a765837668b47e73
7ce21b67d2d944d343e012059ecb7690a49e990c4b6a91f092c0b47e05363371
GET /embed/comments/?base=default&f=kossyderrickent&t_u=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&t_d=%0ABLOWJOB%20YACHT%20VIDEO%3A%20Heavyweight%20champion%2C%20Conor%20McGregor%2C%20leaks%20and%20shares%20cryptic%20sex%20video%20of%20him%20getting%20intimate%20head%20from%20a%20mysterious%20lady%20on%20a%20boat%20while%20listening%20to%20Rehab%20(Winter%20in%20Paris)%20by%20Brent%20Faiyaz%0A&t_t=%0ABLOWJOB%20YACHT%20VIDEO%3A%20Heavyweight%20champion%2C%20Conor%20McGregor%2C%20leaks%20and%20shares%20cryptic%20sex%20video%20of%20him%20getting%20intimate%20head%20from%20a%20mysterious%20lady%20on%20a%20boat%20while%20listening%20to%20Rehab%20(Winter%20in%20Paris)%20by%20Brent%20Faiyaz%0A&s_o=default HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2890
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Wed, 31 Aug 2022 06:21:25 GMT
ETag: W/"lounge:view:9332034679.5a5cb7fd8c92fd5789ac72b4ea2e4578.2"
Referrer-Policy: no-referrer-when-downgrade
Content-Encoding: gzip
Date: Thu, 01 Sep 2022 23:17:44 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=kossyderrickent&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23000000&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&disqus_version=current
200 OK 9.5 kB URL HTTP/1.1 tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=kossyderrickent&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23000000&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&disqus_version=current
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (777)
Hash 28b42a7351922860f5674875317126b9
ec16b64bf6da45104b18ae2efe3ecdf9376ebb6d
66c7de1c02f6ba868ef977049a6771e31a0338c840c848da47c8a7758a3825e2
GET /ads-iframe/taboola/?position=top&shortname=kossyderrickent&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23000000&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&disqus_version=current HTTP/1.1
Host: tempest.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 9452
Server: openresty
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Content-Encoding: gzip
Date: Thu, 01 Sep 2022 23:17:44 GMT
Age: 0
Vary: Accept-Encoding,
Cross-Origin-Resource-Policy: cross-origin
c.disquscdn.com/next/embed/lounge.load.0837a7fb2afa86b68e4ee5098ec9905b.js
200 OK 494 B URL HTTP/2 c.disquscdn.com/next/embed/lounge.load.0837a7fb2afa86b68e4ee5098ec9905b.js
IP
File type ASCII text, with very long lines (958), with no line terminators
Hash d525c599081cc243ee1606c485acac49
70d711b8925a504b1ec5050750c3fc3f6ea54b72
7cc1470688587ef371098cef3ca14d6d0a4a7edebf5f548b8a7534d843724a2e
GET /next/embed/lounge.load.0837a7fb2afa86b68e4ee5098ec9905b.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://disqus.com
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 494
date: Tue, 30 Aug 2022 18:28:42 GMT
server: nginx
last-modified: Tue, 30 Aug 2022 17:50:38 GMT
etag: "630e4dee-1ee"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 30 Aug 2023 18:28:42 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: p-gft8Sx-d_xkPu9SE5bAbQqEu_2kbY-1C_hH5gyCcJxW9igU_185g==
age: 190142
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
200 OK 95 kB URL HTTP/2 c.disquscdn.com/next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js
IP
File type ASCII text, with very long lines (32023)
Hash 7b99df04cc3984222b4f02f738de9fa4
f3eefe01e2f39579ceaca4927de1177711e01544
c64b6a193db830888df222e8c3d1d0c964cb9700e2ed62796e02dbe49a39d8ec
GET /next/embed/common.bundle.33bc87b2c4f9324203cc85b7dd1d0492.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 94755
date: Mon, 25 Jul 2022 05:21:29 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
etag: "62da91ee-17223"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:29 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tGZANhpr8R9AsIYU5iX0AJM6cjWsQEct5peCeh7dmEaj0Mn1oksLIQ==
age: 3347775
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
200 OK 58 kB URL HTTP/2 cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
IP
File type ASCII text, with very long lines (60704)
Hash 2fe5743b4e27677f305331bf551fb83c
9c0eb6257e8d2bff70a69ff7f09b8ddffaff9986
9592b909fdf17daa6306ee964a92ed08ad1400186d1bc01a1fac0102c0e9d529
GET /libtrc/disqus-widget-safetylevel20longtail09/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KFmNJAadd1Cie/f4XlOqKBi7t6//lnKsZMODu2YmXpmfqjo2OKmQrX+Z7fgXJytey8NYeUyoEZw=
x-amz-request-id: EBSWYYZXXD0CYC34
last-modified: Thu, 01 Sep 2022 16:08:45 GMT
etag: "e1f6d458aca3c398afdcb9ff38dd7c11"
x-amz-version-id: U6yWTflE3RQ3OSy7ier7l_tLOEf7xjbc
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Thu, 01 Sep 2022 23:17:44 GMT
via: 1.1 varnish
age: 25734
x-served-by: cache-bma1649-BMA
x-cache: HIT
x-cache-hits: 303
x-timer: S1662074265.602873,VS0,VE0
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 82
content-length: 57650
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/styles/lounge.4ceaf0673822a0def820ebdc38d84415.css
200 OK 26 kB URL HTTP/2 c.disquscdn.com/next/embed/styles/lounge.4ceaf0673822a0def820ebdc38d84415.css
IP
File type ASCII text, with very long lines (65469)
Hash 562dca2947880c34049caa25b608163e
2d3400232c34275d53746a9ac01d9d37c20c020b
723cbb9fb0d3a0a5eb8305be7f896893e3bf6ab03a0578adda3e77535452bfee
GET /next/embed/styles/lounge.4ceaf0673822a0def820ebdc38d84415.css HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 26448
date: Tue, 30 Aug 2022 18:28:42 GMT
server: nginx
last-modified: Tue, 30 Aug 2022 17:50:39 GMT
etag: "630e4def-6750"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 30 Aug 2023 18:28:42 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RD6TEyczdcd3Xcpa4-y5xANEtJ1VlK0z0MdoRNA-HgxGyHd4pvYw9g==
age: 190142
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 344ca75761cc066b996a7f0044e71598
5159df2aaee91665397844da3b33ceb7f9dcd06a
5eab7682a64edc36a570a8c0fcbd6ecf9c0201ea5a15b24c904c5fa9281ef486
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4507
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:44 GMT
Last-Modified: Thu, 01 Sep 2022 22:02:37 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
c.disquscdn.com/next/embed/lounge.bundle.8d28276e15f31af0eebfd934278922d1.js
200 OK 125 kB URL HTTP/2 c.disquscdn.com/next/embed/lounge.bundle.8d28276e15f31af0eebfd934278922d1.js
IP
File type ASCII text, with very long lines (32035)
Size 125 kB (124861 bytes)
Hash b7529fb4e99080bdade176536dcd2f34
3003c5866b66518508c0e92ef84e6b6765108c48
f370600c6bb9219ce054ea20b074baf379d2a0c97378e0462848f61215d300e1
GET /next/embed/lounge.bundle.8d28276e15f31af0eebfd934278922d1.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 124861
date: Tue, 30 Aug 2022 18:28:42 GMT
server: nginx
last-modified: Tue, 30 Aug 2022 17:50:39 GMT
etag: "630e4def-1e7bd"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 30 Aug 2023 18:28:42 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Jk4aeV22zLRzwBhKhzjqDTVgHo9BeOsyOzmlrymQvRMrVDTrBRw5hw==
age: 190142
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 344ca75761cc066b996a7f0044e71598
5159df2aaee91665397844da3b33ceb7f9dcd06a
5eab7682a64edc36a570a8c0fcbd6ecf9c0201ea5a15b24c904c5fa9281ef486
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4507
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:44 GMT
Last-Modified: Thu, 01 Sep 2022 22:02:37 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
disqus.com/next/config.js
200 OK 16 kB URL HTTP/1.1 disqus.com/next/config.js
IP
File type ASCII text, with very long lines (16127), with no line terminators
Hash 78165d31560c2bf4064ae71dafff3993
69ce30957f04e499b2335677864aefbdd59f84da
75408f16c4d5d7fc6a5e2efa1968549638331d1eb0552dd6437b8999062f7f9e
GET /next/config.js HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=kossyderrickent&t_u=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&t_d=%0ABLOWJOB%20YACHT%20VIDEO%3A%20Heavyweight%20champion%2C%20Conor%20McGregor%2C%20leaks%20and%20shares%20cryptic%20sex%20video%20of%20him%20getting%20intimate%20head%20from%20a%20mysterious%20lady%20on%20a%20boat%20while%20listening%20to%20Rehab%20(Winter%20in%20Paris)%20by%20Brent%20Faiyaz%0A&t_t=%0ABLOWJOB%20YACHT%20VIDEO%3A%20Heavyweight%20champion%2C%20Conor%20McGregor%2C%20leaks%20and%20shares%20cryptic%20sex%20video%20of%20him%20getting%20intimate%20head%20from%20a%20mysterious%20lady%20on%20a%20boat%20while%20listening%20to%20Rehab%20(Winter%20in%20Paris)%20by%20Brent%20Faiyaz%0A&s_o=default
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 16127
Server: nginx
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Thu, 01 Sep 2022 23:17:44 GMT
Age: 8
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 88613b115e94c783f061407941871641
1742ce48a757778b47989ee9a00b41976636061a
6a1980103d630a663f31f8bc208c506d4b8f08d2662cd1fdaefd1e5350db3c19
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 01 Sep 2022 23:17:44 GMT
Last-Modified: Thu, 01 Sep 2022 21:52:07 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -WFEcND_nJvSRATge5PDFkupX71WxcoXs4PbpB8XU2Hd-EgYXWG71g==
Age: 5137
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.kossyderrickent.com%2F&domain=www.kossyderrickent.com&cw=1&lsw=1
200 OK 144 kB URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.kossyderrickent.com%2F&domain=www.kossyderrickent.com&cw=1&lsw=1
IP
Size 144 kB (144046 bytes)
Hash d34aced369c51cffd0d2ca9608aec9a4
e788f078ba2f7de082ff9df78ec9e4e6b9442db4
8be600350a0373b0d502b956d8831727e617d170a90b122a7fe8eeb37c7c4bce
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.kossyderrickent.com%2F&domain=www.kossyderrickent.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:43 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://www.kossyderrickent.com
server-processing-duration-in-ticks: 492282
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
sb.scorecardresearch.com/beacon.js
200 OK 1.9 kB URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP
File type ASCII text, with very long lines (3936)
Hash ccbe1595614949962ea0f4c9ec84e783
65525e8918223db782724d28fce74efb513a0fb0
f422f26d9197a10abf1a13a13a87a5fcc4b98ad57aae11fadfddf2df02b591f5
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 01 Sep 2022 01:05:57 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RY06h70sgwjW3q8tOC_9x_kc1n9CYBqOR5okYlxDapH0y5EIXU-G6g==
age: 79908
X-Firefox-Spdy: h2
a.disquscdn.com/1660573036/images/noavatar92.png
200 OK 1.6 kB URL HTTP/2 a.disquscdn.com/1660573036/images/noavatar92.png
IP
File type PNG image data, 92 x 92, 8-bit/color RGB, non-interlaced\012- data
Hash 675fb4b91ca717db030507f2d84bcfdf
c8728df74487f907230358a1b08ae1a1b25f9ed4
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
GET /1660573036/images/noavatar92.png HTTP/1.1
Host: a.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
server: nginx
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
etag: "60395f01-66c"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 14 Sep 2022 20:00:35 GMT
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: HaTRxAJkog3XAeeKuj4PvA9gd6AXdsmDT7VUmAnH8MIcd6_hyBWkag==
date: Thu, 01 Sep 2022 23:17:44 GMT
age: 1480629
strict-transport-security: max-age=300; includeSubdomains
content-length: 1644
X-Firefox-Spdy: h2
disqus.com/api/3.0/forums/details?forum=kossyderrickent&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
200 OK 3.1 kB URL HTTP/1.1 disqus.com/api/3.0/forums/details?forum=kossyderrickent&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP
File type JSON data\012- , ASCII text, with very long lines (3128), with no line terminators
Hash 84459ae1d9c7afd9eaf6eb4a280974bb
0abcbeb478d72ba616101ee73d5a2a442be291b2
a9f6181aa21c14b88851eca96e17288be62c34efb6c7a013ff6cfab1bd557947
GET /api/3.0/forums/details?forum=kossyderrickent&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=kossyderrickent&t_u=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&t_d=%0ABLOWJOB%20YACHT%20VIDEO%3A%20Heavyweight%20champion%2C%20Conor%20McGregor%2C%20leaks%20and%20shares%20cryptic%20sex%20video%20of%20him%20getting%20intimate%20head%20from%20a%20mysterious%20lady%20on%20a%20boat%20while%20listening%20to%20Rehab%20(Winter%20in%20Paris)%20by%20Brent%20Faiyaz%0A&t_t=%0ABLOWJOB%20YACHT%20VIDEO%3A%20Heavyweight%20champion%2C%20Conor%20McGregor%2C%20leaks%20and%20shares%20cryptic%20sex%20video%20of%20him%20getting%20intimate%20head%20from%20a%20mysterious%20lady%20on%20a%20boat%20while%20listening%20to%20Rehab%20(Winter%20in%20Paris)%20by%20Brent%20Faiyaz%0A&s_o=default
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3128
Server: nginx
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Thu, 01 Sep 2022 23:17:44 GMT
Age: 0
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
200 OK 13 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (13079), with no line terminators
Hash 4da5413f5086c5755b46094b813dbfcd
87669f231ce245cdd9b7d80ebf8194e2ae62e7b1
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
GET /next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.4ceaf0673822a0def820ebdc38d84415.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 13079
date: Mon, 25 Jul 2022 05:21:30 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:55 GMT
etag: "62da91ef-3317"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _XCgr28Qa1Itimk2UwBkFH_jnFRMproqNSY-V8ceNMy1NYdVQzDcFw==
age: 3347775
X-Firefox-Spdy: h2
reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.kossyderrickent.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22kossyderrickent%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=false&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=6730673&source_url=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&organization_id=4480660&taboola_publisher_name=disqus-widget-safetylevel20longtail09&experiment=network_default&mode=thumbnails-a&position=top&shortname=kossyderrickent&referrer_url=https%3A%2F%2Fwww.kossyderrickent.com%2F&canonical_url=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&1662074263789
403 Forbidden 3.0 kB URL HTTP/2 reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.kossyderrickent.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22kossyderrickent%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=false&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=6730673&source_url=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&organization_id=4480660&taboola_publisher_name=disqus-widget-safetylevel20longtail09&experiment=network_default&mode=thumbnails-a&position=top&shortname=kossyderrickent&referrer_url=https%3A%2F%2Fwww.kossyderrickent.com%2F&canonical_url=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&1662074263789
IP
Hash 1de0362729a01288d07cf5e2ee896693
47df87a57c62c737f27ce3a4e4c95a0f51cba8ec
0dd409320abd4b7611e6497091e9fd52105bb71a454e3c9a9f81f419014d278e
GET /_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.kossyderrickent.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22kossyderrickent%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=false&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=6730673&source_url=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&organization_id=4480660&taboola_publisher_name=disqus-widget-safetylevel20longtail09&experiment=network_default&mode=thumbnails-a&position=top&shortname=kossyderrickent&referrer_url=https%3A%2F%2Fwww.kossyderrickent.com%2F&canonical_url=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&1662074263789 HTTP/1.1
Host: reporting.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Thu, 01 Sep 2022 23:17:44 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
200 OK 1.8 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
IP
File type PNG image data, 172 x 81, 8-bit colormap, non-interlaced\012- data
Hash ad630a07080a45451f139a7487853ff8
c2673d7404fc947fab20eed21416f9656149018d
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
GET /next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.4ceaf0673822a0def820ebdc38d84415.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1763
date: Mon, 25 Jul 2022 05:21:30 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:55 GMT
etag: "62da91ef-6e3"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OaMbSNoYcipsunivuogVxOdOCsYwwHL-k62EQm-yGAlCIoDpkDuE_A==
age: 3347775
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
200 OK 7.9 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Hash 4cc7a703d2fdfe684151ff8ac24d45f1
046adee74e5ce76db11491906a21c09399391571
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
GET /next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://disqus.com
Connection: keep-alive
Referer: https://c.disquscdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 7900
date: Mon, 25 Jul 2022 05:21:30 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
etag: "62da91ee-1edc"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 64HMAjgXBtnvjfWSiELjio0vbwpQIfnnawO4MZFLij9G_3K7Epk91w==
age: 3347775
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
200 OK 27 kB URL HTTP/2 c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
IP
File type ASCII text, with very long lines (32024)
Hash 0c2785ae737e4a3a6baf270c42954aaa
ba03fa7243d6e4f184c3f2f05f733f5f40b96cc3
75310b8dcb511e824684c40202fb6edb67136e7b747e2d42c71a628bce42c2f2
GET /next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 26578
date: Mon, 25 Jul 2022 05:21:30 GMT
server: nginx
last-modified: Fri, 22 Jul 2022 12:02:54 GMT
etag: "62da91ee-67d2"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 05:21:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7o8HMskOYh-_08FIewzDH2M0rVsWwEYXWmsQXlarCtyjJzBK-If8AQ==
age: 3347775
X-Firefox-Spdy: h2
disqus.com/api/3.0/threadReactions/loadReactions?thread=9332034679&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
200 OK 1.3 kB URL HTTP/1.1 disqus.com/api/3.0/threadReactions/loadReactions?thread=9332034679&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP
File type JSON data\012- , ASCII text, with very long lines (1341), with no line terminators
Hash 053eebb51cb2b2de63d756254422dead
5424184886fc3db79df0de60bb323546761363e9
795900ff689145af3fcc09b2aac8a5bd474406e46ea8c6ff8767abcaaa1fd1e9
GET /api/3.0/threadReactions/loadReactions?thread=9332034679&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=kossyderrickent&t_u=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&t_d=%0ABLOWJOB%20YACHT%20VIDEO%3A%20Heavyweight%20champion%2C%20Conor%20McGregor%2C%20leaks%20and%20shares%20cryptic%20sex%20video%20of%20him%20getting%20intimate%20head%20from%20a%20mysterious%20lady%20on%20a%20boat%20while%20listening%20to%20Rehab%20(Winter%20in%20Paris)%20by%20Brent%20Faiyaz%0A&t_t=%0ABLOWJOB%20YACHT%20VIDEO%3A%20Heavyweight%20champion%2C%20Conor%20McGregor%2C%20leaks%20and%20shares%20cryptic%20sex%20video%20of%20him%20getting%20intimate%20head%20from%20a%20mysterious%20lady%20on%20a%20boat%20while%20listening%20to%20Rehab%20(Winter%20in%20Paris)%20by%20Brent%20Faiyaz%0A&s_o=default
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1341
Server: nginx
Content-Type: application/json
Cache-Control: stale-while-revalidate=30, max-age=60
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Thu, 01 Sep 2022 23:17:45 GMT
Age: 0
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
addresseepaper.com/sfp.js
200 OK 32 kB URL HTTP/2 addresseepaper.com/sfp.js
IP
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash ab4dcd4b84dc0a3cd0db55b1466eb765
e26d405e233e92b9b55c1afc124b6cf1c38ba42c
5cea3746113f6d68ceb4e1d13cb61a0fe65a829425008d724c41f0d553bae74e
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:41 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: d7ab20d976427385dbc5d6ff73f08724
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 01 Sep 2022 23:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpoqcA53mZDIn2egBnCwaDDU4NcniZ8CAm4fb28XHEVhGUm%2F%2BF3r9y8qjAfQyt641sD8bdWNSRTXmDHjQ%2ByJrtDDx0H5P1KEdK4rf5SdNhv7I%2FlGhmv6QPsOQn8bD5u7%2BDd1mnA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7441b8889c1e8883-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/upvote-512x512.png
200 OK 8.2 kB URL HTTP/2 c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/upvote-512x512.png
IP
File type PNG image data, 512 x 512, 4-bit colormap, non-interlaced\012- data
Hash 89ff513465e139d86c4a052f02d6dccf
781461f90f66ca20682e27f9062eabb4acfac039
ddc6aec4144b67f0a2a12d687f3c4b8a9faf7c445847d0e25dcb5bd1a9ba9018
GET /next/current/publisher-admin/assets/img/emoji/upvote-512x512.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 8170
server: nginx
last-modified: Tue, 30 Aug 2022 17:50:39 GMT
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Thu, 01 Sep 2022 23:14:07 GMT
expires: Thu, 01 Sep 2022 23:19:06 GMT
cache-control: max-age=300, public
etag: "630e4def-1fea"
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0hE9e3xw1dopMAszx5zvH1YJ1pBJGBhkZz6JUf6wEVQbz9QNn7GBXQ==
age: 219
X-Firefox-Spdy: h2
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/funny-512x512.png
200 OK 13 kB URL HTTP/2 c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/funny-512x512.png
IP
Hash e258f6f3e8d9b76957b9351e2390d6a0
d2c437fa10d23011a631ab3c0c817c28f46312a7
52c63735ef5a4a7c831d21f9e17fd40bad0594845469c4afaaee4cdfc768a07a
GET /next/current/publisher-admin/assets/img/emoji/funny-512x512.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 8883
server: nginx
last-modified: Tue, 30 Aug 2022 17:50:39 GMT
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Thu, 01 Sep 2022 23:14:28 GMT
expires: Thu, 01 Sep 2022 23:19:20 GMT
cache-control: max-age=300, public
etag: "630e4def-22b3"
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _0MfL9WUiczWQR1twDvyfEytnGqVVhjigUiXGHK4izq8Sa5bx0tilA==
age: 205
X-Firefox-Spdy: h2
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/love-512x512.png
200 OK 12 kB URL HTTP/2 c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/love-512x512.png
IP
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 11d71f65e58bb5c9afb8534ba31c6f75
f6eda383c77467a03c7d8420e632f1a52840323d
e422b07ca1550e55cd90a518e910fd3cfb4d9337ea6092357f9761aa77ac9e33
GET /next/current/publisher-admin/assets/img/emoji/love-512x512.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 11910
server: nginx
last-modified: Tue, 30 Aug 2022 17:50:39 GMT
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Thu, 01 Sep 2022 23:16:54 GMT
expires: Thu, 01 Sep 2022 23:21:25 GMT
cache-control: max-age=300, public
etag: "630e4def-2e86"
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uPaJMco8zLWcRCxUIgpDXoL2A5rsvtjNNmEU7jJqIyT5HJRIclgwdQ==
age: 80
X-Firefox-Spdy: h2
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/surprised-512x512.png
200 OK 7.3 kB URL HTTP/2 c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/surprised-512x512.png
IP
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 13431b9bca0ec3070b4277d7162d0755
7b2f254ac0fdf367c35f4c8dd4b14de44aedde52
4e14ce1bd0d4433eee84cbb16196a7a051126f07af888ef7f9d252120f32f907
GET /next/current/publisher-admin/assets/img/emoji/surprised-512x512.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7308
server: nginx
last-modified: Tue, 30 Aug 2022 17:50:39 GMT
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Thu, 01 Sep 2022 23:15:57 GMT
expires: Thu, 01 Sep 2022 23:20:36 GMT
cache-control: max-age=300, public
etag: "630e4def-1c8c"
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: b7NhiU8CsWWyU_IV1CMmaBThFLszhOoEXbgN84fJPYj1XZ16Xkp4Yw==
age: 129
X-Firefox-Spdy: h2
referrer.disqus.com/juggler/stat.gif?event=cmp.present
200 OK 43 B URL HTTP/1.1 referrer.disqus.com/juggler/stat.gif?event=cmp.present
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/stat.gif?event=cmp.present HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Thu, 01 Sep 2022 23:17:45 GMT
Cross-Origin-Resource-Policy: cross-origin
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/sad-512x512.png
200 OK 9.0 kB URL HTTP/2 c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/sad-512x512.png
IP
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash e84a77b79c9a1423d57ef6cf7f6bb2d9
5877e999ab7ac53cce47c2de47311cb203834a0c
11c401a81e32b086bea3798c033009907b429fb601411da6ffc266b78184898a
GET /next/current/publisher-admin/assets/img/emoji/sad-512x512.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 8986
server: nginx
last-modified: Tue, 30 Aug 2022 17:50:39 GMT
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Thu, 01 Sep 2022 23:14:02 GMT
expires: Thu, 01 Sep 2022 23:18:58 GMT
cache-control: max-age=300, public
etag: "630e4def-231a"
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kQRd7sQlv6m69K-q1Iu-L6C9TedJMvW4rFdQXUPNeDuMaIJV1Zwa2g==
age: 227
X-Firefox-Spdy: h2
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/angry-512x512.png
200 OK 21 kB URL HTTP/2 c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/angry-512x512.png
IP
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash b45cab9606431ca5a8bf31869d1a6961
6e8a52f738ef316270abc1a3ee10be6531432d62
db865c8f3642f3485829c0ee0008fe04a32cc66af70867b39f60395a7fed3984
GET /next/current/publisher-admin/assets/img/emoji/angry-512x512.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 20675
server: nginx
last-modified: Tue, 30 Aug 2022 17:50:39 GMT
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
accept-ranges: bytes
date: Thu, 01 Sep 2022 23:16:54 GMT
expires: Thu, 01 Sep 2022 23:21:25 GMT
cache-control: max-age=300, public
etag: "630e4def-50c3"
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: f5PD3Mt_QnSEmdm7oQpHHLVsuleJ07eguATr6J-gdNPGBpwfmOxtcQ==
age: 80
X-Firefox-Spdy: h2
referrer.disqus.com/juggler/stat.gif?event=cmp.no_consent
200 OK 43 B URL HTTP/1.1 referrer.disqus.com/juggler/stat.gif?event=cmp.no_consent
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/stat.gif?event=cmp.no_consent HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Thu, 01 Sep 2022 23:17:45 GMT
Cross-Origin-Resource-Policy: cross-origin
trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/2/debug?tim=23%3A17%3A44.421&type=usage&msg=rtus&llvl=2&id=6465&cv=20220901-10-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/2/debug?tim=23%3A17%3A44.421&type=usage&msg=rtus&llvl=2&id=6465&cv=20220901-10-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /disqus-widget-safetylevel20longtail09/log/2/debug?tim=23%3A17%3A44.421&type=usage&msg=rtus&llvl=2&id=6465&cv=20220901-10-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 01 Sep 2022 23:17:45 GMT
x-fastly-to-nlb-rtt: 22745
access-control-allow-credentials: true
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://www.kossyderrickent.com/
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:44 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://www.kossyderrickent.com
server-processing-duration-in-ticks: 430701
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://www.kossyderrickent.com/
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:44 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://www.kossyderrickent.com
server-processing-duration-in-ticks: 377998
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=407&event=init_embed&thread=9332034679&forum=kossyderrickent&forum_id=6730673&imp=1ssno79133tq1n&thread_slug=blowjob_yacht_video_heavyweight_champion_conor_mcgregor_leaks_and_shares_cryptic_sex_video_of_him_ge&user_type=anon&referrer=https%3A%2F%2Fwww.kossyderrickent.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true
200 OK 43 B URL HTTP/1.1 referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=407&event=init_embed&thread=9332034679&forum=kossyderrickent&forum_id=6730673&imp=1ssno79133tq1n&thread_slug=blowjob_yacht_video_heavyweight_champion_conor_mcgregor_leaks_and_shares_cryptic_sex_video_of_him_ge&user_type=anon&referrer=https%3A%2F%2Fwww.kossyderrickent.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/event.gif?abe=0&embed_hidden=0&load_time=407&event=init_embed&thread=9332034679&forum=kossyderrickent&forum_id=6730673&imp=1ssno79133tq1n&thread_slug=blowjob_yacht_video_heavyweight_champion_conor_mcgregor_leaks_and_shares_cryptic_sex_video_of_him_ge&user_type=anon&referrer=https%3A%2F%2Fwww.kossyderrickent.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=kossyderrickent&t_u=https%3A%2F%2Fwww.kossyderrickent.com%2F2022%2F08%2Fblowjob-yacht-video-heavyweight.html&t_d=%0ABLOWJOB%20YACHT%20VIDEO%3A%20Heavyweight%20champion%2C%20Conor%20McGregor%2C%20leaks%20and%20shares%20cryptic%20sex%20video%20of%20him%20getting%20intimate%20head%20from%20a%20mysterious%20lady%20on%20a%20boat%20while%20listening%20to%20Rehab%20(Winter%20in%20Paris)%20by%20Brent%20Faiyaz%0A&t_t=%0ABLOWJOB%20YACHT%20VIDEO%3A%20Heavyweight%20champion%2C%20Conor%20McGregor%2C%20leaks%20and%20shares%20cryptic%20sex%20video%20of%20him%20getting%20intimate%20head%20from%20a%20mysterious%20lady%20on%20a%20boat%20while%20listening%20to%20Rehab%20(Winter%20in%20Paris)%20by%20Brent%20Faiyaz%0A&s_o=default
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Thu, 01 Sep 2022 23:17:45 GMT
Cross-Origin-Resource-Policy: cross-origin
ocsp.digicert.com/
200 OK 312 B IP
Hash 158cc6ae7fcb59278bccce8ff50fa740
a6c4b7bd0e6967b1122e06104498a48a96963e1b
fca006f2a91b9dcb97789404143d9a3062ac0f3c436d4bfc2fc61897531df141
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3558
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:45 GMT
Last-Modified: Thu, 01 Sep 2022 22:18:27 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 312
realtime.services.disqus.com/ws/2/thread/9332034679?
101 Switching Protocols 0 B URL HTTP/1.1 realtime.services.disqus.com/ws/2/thread/9332034679?
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/2/thread/9332034679? HTTP/1.1
Host: realtime.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://disqus.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7OHPS/D3a3p7vHOx+0yh1A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Thu, 01 Sep 2022 23:17:45 GMT
Content-Length: 0
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://disqus.com
Sec-WebSocket-Accept: AXbuVVpQZr7zWOibdJZJgJYAvdw=
Upgrade: websocket
X-Served-By: realtime-5
X-Cache: MISS
X-Cache-Hits: 0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
ocsp.digicert.com/
200 OK 312 B IP
Hash 158cc6ae7fcb59278bccce8ff50fa740
a6c4b7bd0e6967b1122e06104498a48a96963e1b
fca006f2a91b9dcb97789404143d9a3062ac0f3c436d4bfc2fc61897531df141
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3790
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 23:17:45 GMT
Last-Modified: Thu, 01 Sep 2022 22:14:35 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 312
ocsp.comodoca4.com/
200 OK 283 B IP
Hash fd07f02b16f4db6e6e1700815e318a3a
b5a72f3894d48b539aeca33ec2ce9fd072e9ac75
9ed3df930d9b75175d4103f1b091ac0ad24bd01209f55fee80a7886ee7e50de2
POST / HTTP/1.1
Host: ocsp.comodoca4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 23:17:45 GMT
Content-Type: application/ocsp-response
Content-Length: 283
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 12:47:11 GMT
Expires: Tue, 06 Sep 2022 12:47:10 GMT
Etag: "b5a72f3894d48b539aeca33ec2ce9fd072e9ac75"
Cache-Control: max-age=393564,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7441b89e0e2f0b02-OSL
csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1
200 OK 43 B URL HTTP/2 csm.nl.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1 HTTP/1.1
Host: csm.nl.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:44 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.viglink.com/images/pixel.gif?ch=1&rn=2.458249489305652
200 OK 43 B URL HTTP/2 cdn.viglink.com/images/pixel.gif?ch=1&rn=2.458249489305652
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /images/pixel.gif?ch=1&rn=2.458249489305652 HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:45 GMT
content-type: image/gif
content-length: 43
x-amz-id-2: 9/IvErEY22tX4ULfeOpcwqHi8mHdiTNKhfXoUKN0roNG9pzTaiSmoLJTr0lztCcSl1VPXSGb0pg=
x-amz-request-id: D8NBHA8SGYQB6X08
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
etag: "221d8352905f2c38b3cb2bd191d630b0"
cache-control: max-age=15, must-revalidate
cf-cache-status: HIT
age: 11
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7441b89f6ef20b65-OSL
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 8.8 kB URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
Hash 42b4707e05c19cc4f07c4553b3649ec3
adb32605275596546971a2174235b624a0870a87
ca7fd193da5a252715397824cc25c80bf9652ffa1516ab528c40fe6c8ab97953
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kossyderrickent.com/
x-crto-bundle: cLUGUF9CR3lJVURaVmxaWnlqQ2VmREV2eDdNYjVoQmRGVUl5WFBMbXdJWTJWOWZVNSUyQkNUZXB3bzBzTkJkMWFiR2tDWWtkRUFSVVRKeWk0c1BKRTEzMzRJNDVXWFZSJTJCbUJRSWkwc0JqU2VudzBxdENyaFJKb2JuRmlIVlRsWEphaVpUNVU
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:45 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://www.kossyderrickent.com
server-processing-duration-in-ticks: 707959
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.comodoca4.com/
200 OK 283 B IP
Hash fd07f02b16f4db6e6e1700815e318a3a
b5a72f3894d48b539aeca33ec2ce9fd072e9ac75
9ed3df930d9b75175d4103f1b091ac0ad24bd01209f55fee80a7886ee7e50de2
POST / HTTP/1.1
Host: ocsp.comodoca4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 23:17:45 GMT
Content-Type: application/ocsp-response
Content-Length: 283
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 12:47:11 GMT
Expires: Tue, 06 Sep 2022 12:47:10 GMT
Etag: "b5a72f3894d48b539aeca33ec2ce9fd072e9ac75"
Cache-Control: max-age=393564,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7441b89df9bc0b06-OSL
cdn.viglink.com/images/pixel.gif?ch=2&rn=2.458249489305652
200 OK 43 B URL HTTP/2 cdn.viglink.com/images/pixel.gif?ch=2&rn=2.458249489305652
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /images/pixel.gif?ch=2&rn=2.458249489305652 HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:45 GMT
content-type: image/gif
content-length: 43
x-amz-id-2: 9/IvErEY22tX4ULfeOpcwqHi8mHdiTNKhfXoUKN0roNG9pzTaiSmoLJTr0lztCcSl1VPXSGb0pg=
x-amz-request-id: D8NBHA8SGYQB6X08
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
etag: "221d8352905f2c38b3cb2bd191d630b0"
cache-control: max-age=15, must-revalidate
cf-cache-status: HIT
age: 11
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7441b89f9f230b65-OSL
X-Firefox-Spdy: h2
links.services.disqus.com/api/ping
200 OK 316 B URL HTTP/1.1 links.services.disqus.com/api/ping
IP
File type ASCII text, with very long lines (316), with no line terminators
Hash b147c6a0b52e17808afe61b70b3518c7
2fa0d9d63a5a9a9f6c499d1310260a99b9b09e00
30b18baca2c48d728bcf71c0eba1f18c9fbcb1816d2ef11d4cd3b8528b868805
POST /api/ping HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 187
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 316
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.kossyderrickent.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Thu, 01 Sep 2022 23:17:45 GMT
Set-Cookie: vglnk.Agent.p=71ce943643d83761a89077372da14265; Expires=Fri, 01 Sep 2023 23:17:45 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Fri, 01 Sep 2023 23:17:45 GMT; path=/
links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
200 OK 43 B URL HTTP/1.1 links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Cache-Control: no-cache, no-store
Content-Type: image/gif;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Thu, 01 Sep 2022 23:17:45 GMT
Set-Cookie: vglnk.Agent.p=e1a4eccf8a57f54d199c6eec192720be; Expires=Fri, 01 Sep 2023 23:17:45 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Fri, 01 Sep 2023 23:17:45 GMT; path=/
links.services.disqus.com/api/domains
200 OK 58 B URL HTTP/1.1 links.services.disqus.com/api/domains
IP
File type ASCII text, with no line terminators
Hash 0e3e55b4cc3ac062a8984f0c1cd28a0f
e18971b952c8c0f8a5453e1b4c66e276301697bb
d9d672ed1b05f52ec7b5a9180cf06d29733e973d2bdc4a30854d9e3ef6184687
POST /api/domains HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 478
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 58
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.kossyderrickent.com
Cache-Control: no-cache, no-store
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Date: Thu, 01 Sep 2022 23:17:45 GMT
Set-Cookie: vglnk.Agent.p=5e41c9f8cf95f4e63b79373f5af8f280; Expires=Fri, 01 Sep 2023 23:17:45 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Fri, 01 Sep 2023 23:17:45 GMT; path=/
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Sep 2022 23:17:38 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+884; expires=Sat, 31-Aug-2024 23:17:38 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d3u598arehftfk.cloudfront.net/prebid_hb_401_618.js
200 OK 0 B URL HTTP/2 d3u598arehftfk.cloudfront.net/prebid_hb_401_618.js
IP
GET /prebid_hb_401_618.js HTTP/1.1
Host: d3u598arehftfk.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Aug 2022 05:08:21 GMT
last-modified: Mon, 04 Jul 2022 10:35:51 GMT
etag: W/"38e488628e6019fc7d416ccb0594e22e"
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2fyTfQ9vXFSJX956dJgMgToO6JSNCOJoqXMpgI6zX6DZhZWT0x-_ng==
age: 1534159
X-Firefox-Spdy: h2
cmp.quantcast.com/choice/cJsduNRegvC-s/www.kossyderrickent.com/choice.js
200 OK 0 B URL HTTP/2 cmp.quantcast.com/choice/cJsduNRegvC-s/www.kossyderrickent.com/choice.js
IP
GET /choice/cJsduNRegvC-s/www.kossyderrickent.com/choice.js HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 15 Jul 2022 08:00:46 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: br
date: Thu, 01 Sep 2022 23:17:39 GMT
cache-control: max-age=900
etag: W/"2b8d6fd5dba408fbdda15a23faf735c8"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: v7QifJWPMR45mb1myb7IUlMy2X3Jwp_Oq9Wc7BA5pvBzXoI0BUnNdw==
age: 41
X-Firefox-Spdy: h2
test.cmp.quantcast.com/GVL-v2/cmp-list.json
200 OK 0 B URL HTTP/2 test.cmp.quantcast.com/GVL-v2/cmp-list.json
IP
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Thu, 01 Sep 2022 19:53:47 GMT
last-modified: Thu, 01 Sep 2022 19:53:41 GMT
etag: W/"6956b949229e4f70c6801a6ba073ae1e"
x-amz-server-side-encryption: AES256
x-amz-version-id: Lllx62DXfVTD9E1CkB1a.CddGj0tfpD4
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mn8KxWy8iadLLFK1w0RmaeL1klrz9jqLvtFAAWE43ga0eYT72qICWA==
age: 12234
X-Firefox-Spdy: h2
hbagency.it/cdn/tcf2_cmp.js
200 OK 0 B URL HTTP/2 hbagency.it/cdn/tcf2_cmp.js
IP
GET /cdn/tcf2_cmp.js HTTP/1.1
Host: hbagency.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:39 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=3974
etag: W/"f86-5e2925c0d3c64"
last-modified: Wed, 29 Jun 2022 08:58:41 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4681
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wG0kDDfKsSYlGwiGb4fTmfutptENpi6EeS8CqBpChwXTxusINyTf1cApv3%2BIZW7qdY6mjGCb%2F7m0H4HLpI%2BNiC%2FlanWNt99S0VHZQpX7tiBlOq8020c9e18OQt8yIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7441b87b0ee4b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hbagency.it/cdn/prebid_6_24.js
200 OK 0 B URL HTTP/2 hbagency.it/cdn/prebid_6_24.js
IP
GET /cdn/prebid_6_24.js HTTP/1.1
Host: hbagency.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:39 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=438477
etag: W/"6b0cd-5dee108fc17cf"
last-modified: Fri, 13 May 2022 09:09:43 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5754
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEZeg9I0MylP4HmqUwn%2Bgvaoo7hSimwbYtYftGz6JRITE5K4DssLfSD%2BpZSrpzjhkSWxxqESr9sVpczvoUuxpwqsEYGc6oUcAb4pzn9CoagO1gPAY%2BRQXQqP49fWhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7441b87b1eedb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:41 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ebb6e07604548bf1047d780d2ada4e5b
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 01 Sep 2022 23:17:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5I5qcwP20pZ4DzIdebxpEc4o8rSqvco4%2BPjLgb4q95pu7eV3lYelnJW0R0YopfkwMI73Bgg%2Fud50PXvSKmh%2BR9M2sdivwk%2BvteWP4fMtFB22zWmMvoRdVJyYwa87ntlKd90FtAE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7441b886ec2c76f9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/43/cmp2ui-en.js
200 OK 0 B URL HTTP/2 cmp.quantcast.com/tcfv2/43/cmp2ui-en.js
IP
GET /tcfv2/43/cmp2ui-en.js HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
last-modified: Tue, 02 Aug 2022 14:10:37 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
cache-control: max-age=172800
date: Wed, 31 Aug 2022 03:14:19 GMT
etag: W/"cdd513c37d4fc734e0fb03e5d9e813a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4boOyCmNJ4_LIolsI42I14n_8trX8Ba3NaUXzwmOftyGWp3YWUPkYQ==
age: 158602
X-Firefox-Spdy: h2
www.kossyderrickent.com/2022/08/blowjob-yacht-video-heavyweight.html
200 OK 0 B URL HTTP/2 www.kossyderrickent.com/2022/08/blowjob-yacht-video-heavyweight.html
IP
GET /2022/08/blowjob-yacht-video-heavyweight.html HTTP/1.1
Host: www.kossyderrickent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:38 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 01 Sep 2022 23:17:38 GMT
cache-control: private, max-age=0
last-modified: Thu, 01 Sep 2022 23:08:20 GMT
x-robots-tag: all
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihiTBITInCb%2BDXhAL0V7RnAK2JTEplA5Y7gKRUA2YQ7mZ1LnCMLn8N38rOx1UViqmCcp1AP4s1%2BiY%2Ft%2BKMl9Qx4Dz7YE%2BzP%2BuCdoSAyu03TsZm%2Frssz6%2B4vY3CvH31CywA6wohTrAYDOcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7441b86f6c8ffabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ui.cleverwebserver.com/
200 OK 0 B IP
GET / HTTP/1.1
Host: ui.cleverwebserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:39 GMT
content-type: application/javascript
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7441b8770ee7b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
csync.smilewanted.com/
200 OK 0 B IP
GET / HTTP/1.1
Host: csync.smilewanted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:39 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7441b87aeafc0b69-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.pbstck.com/index-monitoring-643eac5.js
200 OK 0 B URL HTTP/2 cdn.pbstck.com/index-monitoring-643eac5.js
IP
GET /index-monitoring-643eac5.js HTTP/1.1
Host: cdn.pbstck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:39 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdvFL7O0A8CCHFZMfii9S2G2MYpszjNU-N4hE3Nkw4AyrkWLxcI5mUdAM8ykzQ_1kjrqp6b2xptESroW5e6yXiaIX0Iw5pQB
x-goog-generation: 1661868423669503
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 51301
x-goog-hash: crc32c=lSsCTw==, md5=QrFnm/sCQiyeeMvXRjXH1w==
x-goog-storage-class: STANDARD
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Tue, 06 Sep 2022 14:33:46 GMT
cache-control: public, max-age=604800, immutable
last-modified: Tue, 30 Aug 2022 14:07:03 GMT
etag: W/"42b1679bfb02422c9e78cbd74635c7d7"
age: 202390
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 7441b87b7d82b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.smilewanted.com/js/decode_consent/decode_consent.js
200 OK 0 B URL HTTP/2 static.smilewanted.com/js/decode_consent/decode_consent.js
IP
GET /js/decode_consent/decode_consent.js HTTP/1.1
Host: static.smilewanted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:39 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
etag: W/"607873db-c1ce"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33830
vary: Accept-Encoding
server: cloudflare
cf-ray: 7441b87c3b9b0b69-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/css/animate.css
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/css/animate.css
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:43 GMT
content-type: text/css
last-modified: Tue, 17 Aug 2021 13:04:04 GMT
etag: W/"611bb3c4-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWGZqGuDxLsAfyxhizCmXrzJbYvgu%2FhMOQlDtpOpY4PHH9yrZvDjA1pacQ2rCm0U7Ng5cfUny%2F%2BXCVOylzKcgMeJOvv6je0%2F2bvy8syJHkzCLBmJixQuEyDHUbsDlMfZcBw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7441b892ce1f0b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adskeeper.co.uk/images/adskeeper_svg.svg
200 OK 0 B URL HTTP/2 cdn.adskeeper.co.uk/images/adskeeper_svg.svg
IP
GET /images/adskeeper_svg.svg HTTP/1.1
Host: cdn.adskeeper.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:43 GMT
content-type: image/svg+xml
x-amz-id-2: 9+wK7//B9wiKymVhwJBS49yIWsknA1BYnHtl2rpiLd1F4bVgMRR1xL0U37+qHDuhswdKTk5XkFw=
x-amz-request-id: P23ZACW8NK08CPPP
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
x-amz-version-id: null
cf-cache-status: HIT
age: 2468
expires: Fri, 02 Sep 2022 03:17:43 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 7441b89519270afe-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/id5-api.js
200 OK 0 B URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:44 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: ZUddLZ7O1OXf5c7mbsWs7TcoRwu0BI4ksS03RiIChmRO18bIYMRt5FOdSTEoWZMKdnrBtFadaeE=
x-amz-request-id: 5NBR7FENRJFAM1VR
last-modified: Wed, 31 Aug 2022 11:00:45 GMT
etag: W/"b17c28d6fd88a6b12feea5c52e9a7485"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 1230
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7441b8973d0ab518-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:38 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 7518506
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7441b8736ad8b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
services.brid.tv/player/build/brid.outstream.min.js
200 OK 0 B URL HTTP/2 services.brid.tv/player/build/brid.outstream.min.js
IP
GET /player/build/brid.outstream.min.js HTTP/1.1
Host: services.brid.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 24 Aug 2022 08:02:19 GMT
server: AmazonS3
content-encoding: br
date: Thu, 01 Sep 2022 23:01:46 GMT
cache-control: max-age=1200, public
etag: W/"3b85ca0afb52c4ecbfe8e3b473f25774"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -t6lFzQzV0xtDKHwwTgdhLRTQrb8bGEMra3XTPy8pcAvoFk06JjHvw==
age: 956
X-Firefox-Spdy: h2
boot.pbstck.com/v1/tag/8d4dc378-5ecf-468f-9ecc-fb4a7da774d1
200 OK 0 B URL HTTP/2 boot.pbstck.com/v1/tag/8d4dc378-5ecf-468f-9ecc-fb4a7da774d1
IP
GET /v1/tag/8d4dc378-5ecf-468f-9ecc-fb4a7da774d1 HTTP/1.1
Host: boot.pbstck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:39 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7441b87aef60b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/js/script.js
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/js/script.js
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/message_redcircle2/3/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:43 GMT
content-type: application/javascript
last-modified: Tue, 17 Aug 2021 13:04:06 GMT
etag: W/"611bb3c6-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 29743
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EM1SIPR8fyAFTHuWgnuxctVPJLCmnb7w2okAP%2Fg3yhvH54TRba6k80N3iBnwBzndALWRosiDSV%2Bm3YUReZDa46ZzrjcRv%2FJ%2FqX2Br7GZQLp3zExyix3T01fjrwDQIQij0PA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7441b892de290b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
content.zeotap.com/sdk/idp.min.js
200 OK 0 B URL HTTP/2 content.zeotap.com/sdk/idp.min.js
IP
GET /sdk/idp.min.js HTTP/1.1
Host: content.zeotap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.kossyderrickent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:44 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdviCACMYcvEBxGeF20KWNYK-cxq4nhgDNqHL7CSyWMlkZfwM63M4rIQYbBuDLyUw8w6dk9BbypX0dhIviA-Bss4OIyCNMMu
x-goog-generation: 1645001943546675
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 56329
x-goog-hash: crc32c=ezzPYw==, md5=qxo0a7EWC8pYwVGgerhYKw==
x-goog-storage-class: STANDARD
vary: Origin, Accept-Encoding
age: 2485
last-modified: Wed, 16 Feb 2022 08:59:03 GMT
etag: W/"ab1a346bb1160bca58c151a07ab8582b"
cache-control: public,max-age=3600
cf-cache-status: HIT
server: cloudflare
cf-ray: 7441b898189db506-OSL
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kossyderrickent.com/
x-crto-bundle: cLUGUF9CR3lJVURaVmxaWnlqQ2VmREV2eDdNYjVoQmRGVUl5WFBMbXdJWTJWOWZVNSUyQkNUZXB3bzBzTkJkMWFiR2tDWWtkRUFSVVRKeWk0c1BKRTEzMzRJNDVXWFZSJTJCbUJRSWkwc0JqU2VudzBxdENyaFJKb2JuRmlIVlRsWEphaVpUNVU
Origin: https://www.kossyderrickent.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 23:17:45 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://www.kossyderrickent.com
server-processing-duration-in-ticks: 284444
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
172.67.172.198
18.192.162.188
151.101.84.134
104.21.234.254
23.36.76.226
93.184.220.29
92.223.97.97
178.250.2.146
141.226.228.48