detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Sat, 25 Mar 2023 11:35:00 GMT
Age: 36502
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
3x39.sextgem.com/index/__xtblog_entry/10549051-video-cewek-main-sama-kuda?genre=acaptiveaudience&__xtblog_block_id=1
54.36.158.42200 OK 9.3 kB URL HTTP/1.1 3x39.sextgem.com/index/__xtblog_entry/10549051-video-cewek-main-sama-kuda?genre=acaptiveaudience&__xtblog_block_id=1
IP 54.36.158.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3577), with CRLF, LF line terminators
Hash eeddbeb9b24926da615a6ed6d5485617
10c425b0530e64a21c23544261bcd26450c3e766
296b82e41e52e255552b6219102c1cfdf10465fdf716f51465b6d056e68d53ff
GET /index/__xtblog_entry/10549051-video-cewek-main-sama-kuda?genre=acaptiveaudience&__xtblog_block_id=1 HTTP/1.1
Host: 3x39.sextgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:22 GMT
Vary: Host,Accept-Encoding
Set-Cookie: _xta_uid=de867dfe1527a56fe3202e591fbf0a14; expires=Mon, 24-Mar-2025 21:43:23 GMT; Max-Age=63072000; path=/; domain=.sextgem.com; httponly
_xta_vid=44d60ee1e800e61e349032ed8bf2dcba-1679780603; expires=Sat, 25-Mar-2023 22:13:23 GMT; Max-Age=1800; path=/; domain=.sextgem.com; httponly
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Pragma: no-cache
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Content-Encoding: gzip
Content-Length: 9332
Connection: close
Content-Type: text/html; charset=utf-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a475ce0efcd7b2c4570c3bc3bf476c53
1688817e8e9a00fd79184658318f7321d628c801
c63e2181b3c4eeb9c8c1d49eb24b77e1171cbe1a04e79ec1061d1a31d42539a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C63E2181B3C4EEB9C8C1D49EB24B77E1171CBE1A04E79EC1061D1A31D42539A2"
Last-Modified: Sat, 25 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14034
Expires: Sun, 26 Mar 2023 01:37:17 GMT
Date: Sat, 25 Mar 2023 21:43:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17679
Expires: Sun, 26 Mar 2023 02:38:02 GMT
Date: Sat, 25 Mar 2023 21:43:23 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 48 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 4c9a115c14cd0ea46d83c6a11633ff04
147320aaf2c9d92bca1695d7986cd098be00f6a8
d71e14a03d056969367efe311face430cabb65816bc24a514125d9a191c2b224
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: y1fy_sPyZlocLPLmXcb7s4xH28WFc5HD8vXCwRJelJr8vXKEYokNlA==
content-encoding: gzip
via: 1.1 1f8eeeb66cf69eb3f901d42ffcb25050.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:34:14 GMT
content-type: application/json
vary: Accept-Encoding
content-length: 48444
age: 549
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7171
Expires: Sat, 25 Mar 2023 23:42:54 GMT
Date: Sat, 25 Mar 2023 21:43:23 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 21:43:23 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: n1ylU3klkd5uV4XvJTVSPVx9UxsHhUhnYyIGTqeEao4E8zzvU0U92xIHjLC+/kAyyVK4HFIce4c=
x-amz-request-id: HZRF153GN5J8VGGY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 21:27:43 GMT
age: 940
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Allerta
142.250.74.74200 OK 268 B URL HTTP/1.1 fonts.googleapis.com/css?family=Allerta
IP 142.250.74.74:0
Hash b74f6bb2a291875d4c08852ea0b5b39b
8cb70b97699a9f85853e17cb3ca3dad30bed9547
f7abe6743b90f118ee4a1ec1dd5ec08fd1e2f1ce08e252eb3ee09021c587027a
GET /css?family=Allerta HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 25 Mar 2023 21:43:23 GMT
Date: Sat, 25 Mar 2023 21:43:23 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19718
Expires: Sun, 26 Mar 2023 03:12:01 GMT
Date: Sat, 25 Mar 2023 21:43:23 GMT
Connection: keep-alive
cdn.popcash.net/pop.js
151.139.128.11200 OK 38 kB IP 151.139.128.11:0
File type ASCII text, with very long lines (65390)
Hash 98cfe0446b61a1f2a2df62468da0202c
156362703ec16548fe52ef46832fdad94d493463
903349d17d20a9010f59b6feed6519fda179cf5606bbde8abcd58db81525b527
Analyzer Verdict Alert fortinet Malware
GET /pop.js HTTP/1.1
Host: cdn.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:23 GMT
Content-Encoding: gzip
Content-Type: application/javascript
Last-Modified: Thu, 02 Mar 2023 10:45:34 GMT
Accept-Ranges: bytes
ETag: W/"64007e4e-1f3e1"
Cache-Control: max-age=2592000, public
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9rYuUP7atvh891%2FtI9NR%2Ff1zdqTkKtiARKT3HL4BBrKgJFwa%2B4GnuBMibawvKewa5SJaAMfWnsK2wfcqzEYqDKoHK1zXD2l%2FC9OIT8r662vjd6brignX5SC0msu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a5e0e344d3bfac4-OSL
Alt-Svc: h2=":443"; ma=60
Vary: Accept-Encoding
X-HW: 1679780603.cds212.sk1.h2,1679780603.cds216.sk1.c
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 38289
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 21:27:45 GMT
content-type: application/json
age: 938
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
3x39.sextgem.com/xtgem_template.css?v=1425524391
54.36.158.42200 OK 3.6 kB URL HTTP/1.1 3x39.sextgem.com/xtgem_template.css?v=1425524391
IP 54.36.158.42:0
File type ASCII text, with CRLF line terminators
Hash 8a2b1bae634a7a7d3cec448e0c613833
db0079da090fae041489aa1d31bc7eb82b931c08
a670c684aeb167d7737b9982002432deaf9bd17ced6d6bf396242ce47e6d60d6
GET /xtgem_template.css?v=1425524391 HTTP/1.1
Host: 3x39.sextgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/index/__xtblog_entry/10549051-video-cewek-main-sama-kuda?genre=acaptiveaudience&__xtblog_block_id=1
Cookie: _xta_uid=de867dfe1527a56fe3202e591fbf0a14; _xta_vid=44d60ee1e800e61e349032ed8bf2dcba-1679780603
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:23 GMT
Vary: Host,Accept-Encoding
Set-Cookie: _xta_uid=de867dfe1527a56fe3202e591fbf0a14; expires=Mon, 24-Mar-2025 21:43:23 GMT; Max-Age=63072000; path=/; domain=.sextgem.com; httponly
Content-Encoding: gzip
Content-Length: 3629
Connection: close
Content-Type: text/css;charset=UTF-8
sextgem.com/js/page_templates.js
141.94.172.213200 OK 600 B URL HTTP/1.1 sextgem.com/js/page_templates.js
IP 141.94.172.213:0
Hash 40399e3e5e1a172dd101d6aaf7611b85
dbf7f0961ceea4c42625b7b574dc5fe78b752b24
02208b6b15ad77f658951e1b2f02d657e59dae0335d742707e2d5b2b614520f4
GET /js/page_templates.js HTTP/1.1
Host: sextgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Cookie: _xta_uid=de867dfe1527a56fe3202e591fbf0a14; _xta_vid=44d60ee1e800e61e349032ed8bf2dcba-1679780603
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:23 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "5fb-59774aa04e000-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 24 Apr 2023 21:43:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 600
Connection: close
Content-Type: application/javascript
u-on.eu/c.php?u=70103
163.172.215.201301 Moved Permanently 310 B IP 163.172.215.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 92c6fec1f351530bfd90c53630b6ac54
9daad52e555a164e70a287cc9622420305c7c89a
f200deca44d3401dd734aa4c89f6105c3bd1bd8363dd7ff334a260e62ff0922f
GET /c.php?u=70103 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 25 Mar 2023 21:43:23 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://u-on.eu/c.php?u=70103
Content-Length: 310
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
u-on.eu/c.php?u=72767
163.172.215.201301 Moved Permanently 310 B IP 163.172.215.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3150ae9a2925d40efa3546a50cbdf06a
2dcf79b3004798728f4fb642221ca2b076d72e77
06cd1b1ef516d3d1ffc17a40944caa25850fbedebdcdf62aec7520f061105785
GET /c.php?u=72767 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 25 Mar 2023 21:43:23 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://u-on.eu/c.php?u=72767
Content-Length: 310
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
u-on.eu/c.php?u=73195
163.172.215.201301 Moved Permanently 310 B IP 163.172.215.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 15a3230c1bd4295cfcb73c2d0e70bb1a
0c39beec6c39d1a258a62170aa1fd180b05355c4
ac18b9e6d83f6f668fe99b95fff89f3c96fb251e5f5795f62517557eeef98715
GET /c.php?u=73195 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 25 Mar 2023 21:43:23 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://u-on.eu/c.php?u=73195
Content-Length: 310
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
u-on.eu/c.php?u=73196
163.172.215.201301 Moved Permanently 310 B IP 163.172.215.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e3c179228be47134f82b0627b716d1fa
8695c7241a19818d3e5f95e8a74dda012e77bf67
3f6d7d76eee4ea65138d605e953a979e0ba7b4fc7d3b41925462d73c8c9ec87d
GET /c.php?u=73196 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 25 Mar 2023 21:43:23 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://u-on.eu/c.php?u=73196
Content-Length: 310
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
u-on.eu/c.php?u=73203
163.172.215.201301 Moved Permanently 310 B IP 163.172.215.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 29fea643f06a51d492d0def29bc6cb9f
7bae4750a468279f8abc45a042972e0d16abc4bb
e4fc7504bcf3bce5ce11408e92c271ce368b8a04d7db9eece943ee393100d01e
GET /c.php?u=73203 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 25 Mar 2023 21:43:23 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://u-on.eu/c.php?u=73203
Content-Length: 310
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Sat, 25 Mar 2023 11:35:00 GMT
Age: 36503
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
fonts.gstatic.com/s/allerta/v18/TwMO-IAHRlkbx940YnYXSA.woff2
142.250.74.3200 OK 7.8 kB URL HTTP/1.1 fonts.gstatic.com/s/allerta/v18/TwMO-IAHRlkbx940YnYXSA.woff2
IP 142.250.74.3:0
File type Web Open Font Format (Version 2), TrueType, length 7824, version 1.0\012- data
Hash 0cd3b03c066851fd03e8e51a0bb713cd
ab90570fbff72d7d5070ef9629da2e31b506575a
ef4a4798ee810a9641529acd802d9b08b48623504b15d10fba88fc42dcb2d9f6
GET /s/allerta/v18/TwMO-IAHRlkbx940YnYXSA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7824
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 24 Mar 2023 10:54:20 GMT
Expires: Sat, 23 Mar 2024 10:54:20 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 19 Apr 2022 18:20:16 GMT
Content-Type: font/woff2
Age: 125343
4.bp.blogspot.com/-TZr4tNW0VM8/VR8pVUB0F6I/AAAAAAAABF4/OZi8EeMnzkU/s1600/300x250-1322162014.gif
142.250.74.161404 Not Found 832 B URL HTTP/1.1 4.bp.blogspot.com/-TZr4tNW0VM8/VR8pVUB0F6I/AAAAAAAABF4/OZi8EeMnzkU/s1600/300x250-1322162014.gif
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /-TZr4tNW0VM8/VR8pVUB0F6I/AAAAAAAABF4/OZi8EeMnzkU/s1600/300x250-1322162014.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Sat, 25 Mar 2023 21:43:23 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
xtgem.com/images/xtvid/indiandesibhabi.png
141.94.172.213200 OK 21 kB URL HTTP/1.1 xtgem.com/images/xtvid/indiandesibhabi.png
IP 141.94.172.213:0
File type PNG image data, 320 x 50, 8-bit/color RGB, non-interlaced\012- data
Hash a7c6c2293d063cc2bb6bef8b932a3b42
96588c4605b82376b5aba115a982680ebed7c7d7
41c494a4a40022a2a77b68e98d21730715263b026744c1e30a2efb3a6f6d3ed6
GET /images/xtvid/indiandesibhabi.png HTTP/1.1
Host: xtgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:23 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "52ff-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 21247
Cache-Control: max-age=2592000
Expires: Mon, 24 Apr 2023 21:43:23 GMT
X-Ngz: 1
Connection: close
Content-Type: image/png
edryc.pun.bz/files/bokep-online-gratis.png
72.14.178.174302 Found 0 B URL HTTP/1.1 edryc.pun.bz/files/bokep-online-gratis.png
IP 72.14.178.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/bokep-online-gratis.png HTTP/1.1
Host: edryc.pun.bz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Sat, 25 Mar 2023 21:43:23 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://d39f23jfph0ylk.cloudfront.net/pun.bz.png
vary: Accept-Language
content-language: en
connection: close
js.buzzcity.net/bcads.js
69.162.95.2200 OK 484 B IP 69.162.95.2:0
ASN #46475 LIMESTONENETWORKS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (484), with no line terminators
Hash b216bdddd6a60757deee0bfb9c56cb07
fed0fbfb7b6515502296a51b6a6535f40fab7532
46186e83356975a1a50be8421d9655aadf02b3992c31e833f5a814ffbff0ade5
GET /bcads.js HTTP/1.1
Host: js.buzzcity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 484
content-type: text/html; charset=utf-8
date: Sat, 25 Mar 2023 21:43:23 GMT
server: nginx
set-cookie: sid=11568ade-cb56-11ed-9d01-f166cb12914f; path=/; domain=.buzzcity.net; expires=Fri, 13 Apr 2091 00:57:30 GMT; max-age=2147483647; HttpOnly
enif.images.xtstatic.com/tp.gif
141.94.172.213200 OK 42 B URL HTTP/1.1 enif.images.xtstatic.com/tp.gif
IP 141.94.172.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /tp.gif HTTP/1.1
Host: enif.images.xtstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:23 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "2a-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 42
Cache-Control: max-age=2592000
Expires: Mon, 24 Apr 2023 21:43:23 GMT
Connection: close
Content-Type: image/gif
cif.images.xtstatic.com/tp.gif
141.94.172.213200 OK 42 B URL HTTP/1.1 cif.images.xtstatic.com/tp.gif
IP 141.94.172.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /tp.gif HTTP/1.1
Host: cif.images.xtstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:23 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "2a-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 42
Cache-Control: max-age=2592000
Expires: Mon, 24 Apr 2023 21:43:23 GMT
Connection: close
Content-Type: image/gif
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 32b0f085010ef89c099d392ad7eea61e
446cbc1627e553d7abf4492960d339df351c77f3
e3d0b0cd6c82983efe587f38910502548ade21f685ba6e74b02fef7936236f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3D0B0CD6C82983EFE587F38910502548ADE21F685BA6E74B02FEF7936236F2D"
Last-Modified: Sat, 25 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1616
Expires: Sat, 25 Mar 2023 22:10:19 GMT
Date: Sat, 25 Mar 2023 21:43:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 32b0f085010ef89c099d392ad7eea61e
446cbc1627e553d7abf4492960d339df351c77f3
e3d0b0cd6c82983efe587f38910502548ade21f685ba6e74b02fef7936236f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3D0B0CD6C82983EFE587F38910502548ADE21F685BA6E74B02FEF7936236F2D"
Last-Modified: Sat, 25 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1616
Expires: Sat, 25 Mar 2023 22:10:19 GMT
Date: Sat, 25 Mar 2023 21:43:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 32b0f085010ef89c099d392ad7eea61e
446cbc1627e553d7abf4492960d339df351c77f3
e3d0b0cd6c82983efe587f38910502548ade21f685ba6e74b02fef7936236f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3D0B0CD6C82983EFE587F38910502548ADE21F685BA6E74B02FEF7936236F2D"
Last-Modified: Sat, 25 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1616
Expires: Sat, 25 Mar 2023 22:10:19 GMT
Date: Sat, 25 Mar 2023 21:43:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 32b0f085010ef89c099d392ad7eea61e
446cbc1627e553d7abf4492960d339df351c77f3
e3d0b0cd6c82983efe587f38910502548ade21f685ba6e74b02fef7936236f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3D0B0CD6C82983EFE587F38910502548ADE21F685BA6E74B02FEF7936236F2D"
Last-Modified: Sat, 25 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1616
Expires: Sat, 25 Mar 2023 22:10:19 GMT
Date: Sat, 25 Mar 2023 21:43:23 GMT
Connection: keep-alive
u-on.eu/c.php?u=73195
163.172.215.201200 OK 1.2 kB IP 163.172.215.201:0
File type PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ea1244ea92efe1cba1be1546f2752d2
d984bcf5f13c53a6962fa992049f1b67d9e22814
35118cbb72e84832e3b5912a60939c86e3b515b06239bee310ee8f19e0694bc3
GET /c.php?u=73195 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:23 GMT
Server: Apache/2.4.29 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 1214
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
u-on.eu/c.php?u=70103
163.172.215.201200 OK 1.2 kB IP 163.172.215.201:0
File type PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ea1244ea92efe1cba1be1546f2752d2
d984bcf5f13c53a6962fa992049f1b67d9e22814
35118cbb72e84832e3b5912a60939c86e3b515b06239bee310ee8f19e0694bc3
GET /c.php?u=70103 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:23 GMT
Server: Apache/2.4.29 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 1214
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
u-on.eu/c.php?u=73203
163.172.215.201200 OK 1.2 kB IP 163.172.215.201:0
File type PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ea1244ea92efe1cba1be1546f2752d2
d984bcf5f13c53a6962fa992049f1b67d9e22814
35118cbb72e84832e3b5912a60939c86e3b515b06239bee310ee8f19e0694bc3
GET /c.php?u=73203 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:23 GMT
Server: Apache/2.4.29 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 1214
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
u-on.eu/c.php?u=73196
163.172.215.201200 OK 1.2 kB IP 163.172.215.201:0
File type PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ea1244ea92efe1cba1be1546f2752d2
d984bcf5f13c53a6962fa992049f1b67d9e22814
35118cbb72e84832e3b5912a60939c86e3b515b06239bee310ee8f19e0694bc3
GET /c.php?u=73196 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:23 GMT
Server: Apache/2.4.29 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 1214
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
u-on.eu/c.php?u=72767
163.172.215.201200 OK 1.4 kB IP 163.172.215.201:0
File type PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash bd6e50d02e5b32e4abc5fa60b7102fea
8ef5cc815a68104af972f4dedeb5adca5fcec922
3a18f429f1b5ce852384339e84fc785e851223febde6af9ee7ba01a646a36db3
GET /c.php?u=72767 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:23 GMT
Server: Apache/2.4.29 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 1381
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 94726f881c99fa69c25c38e1ab5691ea
936e9231ed900b6a0593be49921b2cb46152afa1
f13df775a9d95fe72169fd48154540baab2dccc364e7fbe0d5bd237685509077
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 29 Mar 2023 19:14:46 GMT
ETag: "936e9231ed900b6a0593be49921b2cb46152afa1"
Last-Modified: Sat, 25 Mar 2023 19:14:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 138
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ada54468a16b517-OSL
xtgem.com/fonts/xtgem-icons.woff
141.94.172.213200 OK 5.4 kB URL HTTP/1.1 xtgem.com/fonts/xtgem-icons.woff
IP 141.94.172.213:0
File type Web Open Font Format, CFF, length 5424, version 1.0\012- data
Hash f0c3cafca1e480dc3123353e4fb92a6c
85152433616a878ba5f9aac8f45a66730a267c22
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086
GET /fonts/xtgem-icons.woff HTTP/1.1
Host: xtgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:23 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "1530-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 5424
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Connection: close
Content-Type: application/font-woff
dcba.popcash.net/znWaa3gu
3.222.40.224204 No Content 0 B URL HTTP/2 dcba.popcash.net/znWaa3gu
IP 3.222.40.224:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /znWaa3gu HTTP/1.1
Host: dcba.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 25 Mar 2023 21:43:24 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
X-Firefox-Spdy: h2
js.buzzcity.net/bcads.js
69.162.95.2200 OK 484 B IP 69.162.95.2:0
ASN #46475 LIMESTONENETWORKS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (484), with no line terminators
Hash 945ea0bdd027ff7b02eabc9b2af3e06d
d54626ad4b830f5ac7cd1ae72484d32ae1a89042
f27b4c9f370634e8ec867d8c9df86e54f7e92dc3319da9965aece6eb05a1f907
GET /bcads.js HTTP/1.1
Host: js.buzzcity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 484
content-type: text/html; charset=utf-8
date: Sat, 25 Mar 2023 21:43:23 GMT
server: nginx
set-cookie: sid=119f273a-cb56-11ed-bdca-f16601c930bc; path=/; domain=.buzzcity.net; expires=Fri, 13 Apr 2091 00:57:31 GMT; max-age=2147483647; HttpOnly
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 21:14:33 GMT
age: 1731
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2ba133f9d2e95f4e7c497a2b1e1c062b
134295af218f821b472e31131d9b1ab3a43d5a36
72d98199f58b00697b56fa4f482fa0016da2aef7369d76c97b35aba602a1f765
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72D98199F58B00697B56FA4F482FA0016DA2AEF7369D76C97B35ABA602A1F765"
Last-Modified: Sat, 25 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4063
Expires: Sat, 25 Mar 2023 22:51:07 GMT
Date: Sat, 25 Mar 2023 21:43:24 GMT
Connection: keep-alive
xtgem.com/images/close2.png?v=0.01
141.94.172.213200 OK 564 B URL HTTP/1.1 xtgem.com/images/close2.png?v=0.01
IP 141.94.172.213:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 865dce1b2a4002b9a85f75ea622f4000
f56c8218b5ca721a9e5a3daec742a6f38c33c075
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
GET /images/close2.png?v=0.01 HTTP/1.1
Host: xtgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:24 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "234-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 564
Cache-Control: max-age=2592000
Expires: Mon, 24 Apr 2023 21:43:24 GMT
X-Ngz: 1
Connection: close
Content-Type: image/png
xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC8zeDM5LnNleHRnZW0uY29tXC9pbmRleD9fX3h0YmxvZ19lbnRyeT0xMDU0OTA1MSZnZW5yZT1hY2FwdGl2ZWF1ZGllbmNlJl9feHRibG9nX2Jsb2NrX2lkPTEiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiIzeDM5LnNleHRnZW0uY29tIiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ==
141.94.172.213200 OK 2.9 kB URL HTTP/1.1 xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC8zeDM5LnNleHRnZW0uY29tXC9pbmRleD9fX3h0YmxvZ19lbnRyeT0xMDU0OTA1MSZnZW5yZT1hY2FwdGl2ZWF1ZGllbmNlJl9feHRibG9nX2Jsb2NrX2lkPTEiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiIzeDM5LnNleHRnZW0uY29tIiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ==
IP 141.94.172.213:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1054)
Hash 5b0402f237d10820b01ba71c1d789001
b8e59b30d7db7f9d76cbf2fb5420c3b03d3037f2
0dccb4eee01ed93df41605fe95eaebb2fd0e282bef8df1c51097d01d02b84a1a
GET /__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC8zeDM5LnNleHRnZW0uY29tXC9pbmRleD9fX3h0YmxvZ19lbnRyeT0xMDU0OTA1MSZnZW5yZT1hY2FwdGl2ZWF1ZGllbmNlJl9feHRibG9nX2Jsb2NrX2lkPTEiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiIzeDM5LnNleHRnZW0uY29tIiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ== HTTP/1.1
Host: xtgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:24 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: session=w5~7mhu016dq43rk7s9qb7pafrgl5; expires=Sun, 26-Mar-2023 21:43:24 GMT; Max-Age=86400; path=/; domain=.xtgem.com; httponly
__template=web; expires=Mon, 24-Apr-2023 21:43:24 GMT; Max-Age=2592000; path=/
__lang=us; expires=Mon, 24-Apr-2023 21:43:24 GMT; Max-Age=2592000; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2912
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 70300b32357c46f3448d567189b64cb3
6ba66a5cf63cdbfeaec59b936151cc812bac56df
5a2b4f9fc5ebaa8062058bf68eae75fc28e06c6ef6a0e79c3c761c1d92f81cb9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A2B4F9FC5EBAA8062058BF68EAE75FC28E06C6EF6A0E79C3C761C1D92F81CB9"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3452
Expires: Sat, 25 Mar 2023 22:40:56 GMT
Date: Sat, 25 Mar 2023 21:43:24 GMT
Connection: keep-alive
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 0db6fb87dafb47d9a108b0bbf985e309
f6bf689fa7dce900fc4badaf9fc593927545a383
6706b2a090fc1640c630af6af3c70e3f62259840f027539032c497f3d0194c84
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1400
Cache-Control: max-age=153312
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 21:43:24 GMT
Etag: "641f1964-1d7"
Expires: Mon, 27 Mar 2023 16:18:36 GMT
Last-Modified: Sat, 25 Mar 2023 15:55:16 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
c1.popads.net/pop.js
185.76.9.22200 OK 10 kB IP 185.76.9.22:0
ASN #60068 Datacamp Limited
File type HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Hash 9e5d642e5b4f079e61468259e23337a3
d98145c50a6b28c99fcc31ecdb8b00e564685e14
0085b0c78f7a6f8f7379871f778402efb6fe1160098fab2ebbab82c93a8e7248
GET /pop.js HTTP/1.1
Host: c1.popads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:24 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
Last-Modified: Tue, 14 Mar 2023 22:06:26 GMT
ETag: W/"6410efe2-82a9"
Access-Control-Allow-Origin: *
Server: CDN77-Turbo
X-77-NZT: AblMCRQ0nfv/7iAMAA
X-77-NZT-Ray: af5856304e6444f4fc6a1f649f1dbc21
X-Accel-Expires: @1680022542
X-Cache: HIT
X-Age: 794862
X-77-POP: stockholmSE
X-77-Cache: HIT
Content-Encoding: gzip
d39f23jfph0ylk.cloudfront.net/pun.bz.png
54.230.245.213200 OK 1.1 kB URL HTTP/2 d39f23jfph0ylk.cloudfront.net/pun.bz.png
IP 54.230.245.213:0
File type PNG image data, 151 x 49, 8-bit grayscale, non-interlaced\012- data
Hash 5605447d5b5425cfb5b845ad6b2b4287
52ec2abf74f302872bb90a6a289867517e6a495b
b112b4ab0824b2f85238c42d68e2cd346128253fc77237d2b5966804bca53bff
GET /pun.bz.png HTTP/1.1
Host: d39f23jfph0ylk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1084
date: Sat, 25 Mar 2023 21:42:58 GMT
last-modified: Wed, 28 Aug 2019 14:40:55 GMT
etag: "5605447d5b5425cfb5b845ad6b2b4287"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0WI3yiFOruph_fVO4eyZkSTg5XooR9wG5SKK1rkAf7f_zIQfH69VyQ==
age: 28
X-Firefox-Spdy: h2
edge.quantserve.com/quant.js
91.228.74.208200 OK 9.2 kB URL HTTP/1.1 edge.quantserve.com/quant.js
IP 91.228.74.208:0
File type ASCII text, with very long lines (22210)
Hash b43a18fbe6986dfc5626e06e8cb23b0f
cc3ee4e5bf5f9a57e04f87c9942329ca985e6833
86107dcf815f1af0107e9c9c07880ad83fb2e56e6949e8b552f788ef917b8f1b
GET /quant.js HTTP/1.1
Host: edge.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:25 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: private, max-age=604800
Content-Encoding: gzip
Etag: "qnbLQo87mD/KmvsyZTIxlQ=="
Expires: Sat, 01 Apr 2023 21:43:25 GMT
Vary: Accept-Encoding
3x39.sextgem.com/favicon.ico
54.36.158.42404 Not Found 0 B URL HTTP/1.0 3x39.sextgem.com/favicon.ico
IP 54.36.158.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 3x39.sextgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/index/__xtblog_entry/10549051-video-cewek-main-sama-kuda?genre=acaptiveaudience&__xtblog_block_id=1
Cookie: _xta_uid=de867dfe1527a56fe3202e591fbf0a14; _xta_vid=44d60ee1e800e61e349032ed8bf2dcba-1679780603
HTTP/1.0 404 Not Found
Date: Sat, 25 Mar 2023 21:43:25 GMT
Content-Length: 0
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
52.38.127.164101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.127.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: svMRmHtgt+w7OR+CDbcvYw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lw5WgHc8s02FMaheOUmqmc7yy4I=
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
54.148.4.3200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 54.148.4.3:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Sat, 25 Mar 2023 21:43:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
54.230.111.47301 Moved Permanently 167 B URL HTTP/1.1 rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
IP 54.230.111.47:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /rules-p-0cfM8Oh7M9bVQ.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sat, 25 Mar 2023 21:43:25 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
X-Cache: Redirect from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: n8O10Ho0YM7QIScmFf9-V3AagMswsWLhXx0va03-nZGGZ6CKeEWODg==
c.adsco.re/
104.17.166.186200 OK 30 kB IP 104.17.166.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (713)
Hash acbeff53621631b451e6295da1b516c2
8ec081db4be72380db55d21f2eac1b642031cf79
3a2cc66423bfe325f614261efe6564e8f288c3e1117a70c9bbf67b41c51f2795
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Tue, 25 Apr 2023 21:43:25 GMT
ETag: W/"cMPvpvd3jDHdlppiuYNttw=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 83238
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ada54525f170b3d-OSL
alt-svc: h2=":443"; ma=60
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:25 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://3x39.sextgem.com
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ada54526df0b521-OSL
alt-svc: h2=":443"; ma=60
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash a684f3b449a125d2285678a6be0172a9
f5ba7774839ee9f45e1f2a88d322d3c3cfcc971f
91945112515f30fe6017f31f87a483adb2040d8435fce14fe9c44e89cf433b2c
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: http://3x39.sextgem.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c636663c347d4344a34e8763d9113060
d0aa790282598167e104fd942b9250138dedb56f
0765b4d13b1214fd46e6f5d8ae6219e9b191944f5c4e2ad0ff754fc3a971bca5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0765B4D13B1214FD46E6F5D8AE6219E9B191944F5C4E2AD0FF754FC3A971BCA5"
Last-Modified: Fri, 24 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6727
Expires: Sat, 25 Mar 2023 23:35:32 GMT
Date: Sat, 25 Mar 2023 21:43:25 GMT
Connection: keep-alive
w0f8e6qukdqo.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 w0f8e6qukdqo.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: w0f8e6qukdqo.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:26 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221679759833860%22
35.241.9.150200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221679759833860%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (22067), with no line terminators
Hash f104577d933db2adffc8e8d7c36119bc
990dbbbeacdf28f2c172f62ba29fb0f0a6fb0b20
4ace8d29589fbe1e9cf7d2cf654a60d1c889784eb429d7ae079a6c8efb1fd9e8
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221679759833860%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 22067
via: 1.1 google
date: Sat, 25 Mar 2023 21:01:56 GMT
age: 2490
last-modified: Sat, 25 Mar 2023 15:57:13 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://c.adsco.re/
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:26 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ada54540d820b4d-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1679013443657&_since=%221666204638208%22
35.241.9.150200 OK 40 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1679013443657&_since=%221666204638208%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (40040), with no line terminators
Hash f32fd4e875d8bba50642b0e7fcd512ba
e575c1c7d1efdea175e1e1d92233500ff27278e0
861f723de31aa9ed36dbaab52724d925e924323770b6fbbd3db317e2b3297031
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1679013443657&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 40040
via: 1.1 google
date: Sat, 25 Mar 2023 21:28:18 GMT
age: 908
last-modified: Fri, 24 Mar 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash a684f3b449a125d2285678a6be0172a9
f5ba7774839ee9f45e1f2a88d322d3c3cfcc971f
91945112515f30fe6017f31f87a483adb2040d8435fce14fe9c44e89cf433b2c
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://c.adsco.re/
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
54.230.111.47200 OK 160 B URL HTTP/2 rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
IP 54.230.111.47:0
Hash 2440f0fe7f89d580c051f453f7cc5d22
2f90ae2004b7fb87b87d5d826699a799610358b8
01e8c64b761cce7a14c9a7f82d4fa2162138e5e6e556350df4730498ea6417bf
GET /rules-p-0cfM8Oh7M9bVQ.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 160
last-modified: Fri, 14 Oct 2022 00:42:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Sat, 25 Mar 2023 21:29:29 GMT
cache-control: max-age=3600
etag: "2440f0fe7f89d580c051f453f7cc5d22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZC0Uo8OwSIUtorL-8FIa7IoL51scX6aRCeOkC4eaPV9AAgu7OshghQ==
age: 964
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 79fHS9DyXy9C4VJhsdmVgELC0kzer/NwJDbpSmIKc/PBn+vVfw6THmsaGXSBwY1A2ILeimi+RbrNP9nCH+KLvg==
x-amz-request-id: YGNVTQTRAX7K9DVC
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 20:55:03 GMT
age: 2903
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2b1ca9c87cfd5d527b1afb481c99d7f
429344d7029e6613f977deff04149b4609da888f
5528848cd59fb2ae081bd0132b98d65475672c4a25c29b84ae11dc0004b857f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5528848CD59FB2AE081BD0132B98D65475672C4A25C29B84AE11DC0004B857F9"
Last-Modified: Fri, 24 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5653
Expires: Sat, 25 Mar 2023 23:17:39 GMT
Date: Sat, 25 Mar 2023 21:43:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 21:15:29 GMT
content-type: application/json
age: 1677
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13642
Expires: Sun, 26 Mar 2023 01:30:48 GMT
Date: Sat, 25 Mar 2023 21:43:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13642
Expires: Sun, 26 Mar 2023 01:30:48 GMT
Date: Sat, 25 Mar 2023 21:43:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11221
Expires: Sun, 26 Mar 2023 00:50:27 GMT
Date: Sat, 25 Mar 2023 21:43:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc1c384f603cae9f4f218db54a4b57c5
4307049de5993a6cb531fc2063eb0106fbd9f032
fd9fd3a6383f5099f0d9ad737bfb359980b3a3a44f2f869b8dbb947e3c86f2ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD9FD3A6383F5099F0D9AD737BFB359980B3A3A44F2F869B8DBB947E3C86F2EF"
Last-Modified: Sat, 25 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6462
Expires: Sat, 25 Mar 2023 23:31:08 GMT
Date: Sat, 25 Mar 2023 21:43:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5773974a7341690f006b052ad02c94db
1b11316c952e2195da1646dd94671669e7e3bc2b
a06b72138745500cacc919fea29536ebd4188a1c483f6123e3402458e299f16a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7800
x-amzn-requestid: bad99b1e-3923-4de9-8bea-4dd04e96f7cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTigfFGcIAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e179c-0826b92d4c4af16553503600;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 9AGLmjvUSTKIsYIWECOR8QwdF4PP1tP1TweUm0VYvxQ0qskqj3YuLA==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:43:53 GMT
age: 86373
etag: "1b11316c952e2195da1646dd94671669e7e3bc2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd191e3a122d6e31f81e6e9d434c58d6
aec88022970c93289434f8097e4a663da33e5271
1f00c901ef479637ec703d7924526a970cb13dd2635b2bbb68b285df9d98e011
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6185
x-amzn-requestid: 223de50b-9a7e-4ac7-9305-336658eec4ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiwYHoLoAMFXtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e1802-226bd8524ade75234053ff50;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:37:06 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Ye0ADORg1hFVLxcNVj-qS60tlfguOEtyTx_XFU4ooJOcDHqNsqV3kw==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:57:14 GMT
age: 85572
etag: "aec88022970c93289434f8097e4a663da33e5271"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73f9697594d173d623b331b5c35eab8d
6323f751f6b7517f062a0442480f672086ea02a1
116cb71658b31e87f19c390b242c684f6505cc8edf90b7fc934ac726fc7ddd18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8635
x-amzn-requestid: fc715b03-f48f-4300-b752-ab157a684f08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTihcETyIAMFhYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17a2-68f685ec0f50dae026ea3f64;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: i6dsVaC_gPijsRqh_EL5tZYZpjNEbQJvKIpPq501TIJZzcLUWeRz9w==
via: 1.1 ba490acb2ea716cd57876286ed686786.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:45:56 GMT
age: 86250
etag: "6323f751f6b7517f062a0442480f672086ea02a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b6f4d1-af89-4aaf-acec-609bb76366de.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b6f4d1-af89-4aaf-acec-609bb76366de.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70169fbc493bf12f91f072aa3a30ddde
4cd24b81bd6ade3ab5ff90fc88b0f7497e93391d
8b5fc3c8421d5696522231c3490a0853709897f5c9b645bd5e84398cf84089aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b6f4d1-af89-4aaf-acec-609bb76366de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12071
x-amzn-requestid: 02bb2a93-c0aa-4d43-aa99-759a0418bc20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTigfGHYoAMF8BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e179c-2258162e1901b5cd6e7144d3;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: n7Xm67vDO9_X3Xoe2HXJs4Y9dLE6cZgx16lmW7c3KHv-sOg7rZo9wg==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:47:23 GMT
age: 86163
etag: "4cd24b81bd6ade3ab5ff90fc88b0f7497e93391d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aecd210f66f83c73c3450d047ae7448a
d68861e96e12e8a3f293dbae8b687f05b6e15afb
22b69c41c56e5538d91f824d5dc2e63ab5563f99ae8e429c9166f4b397cacd0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5296
x-amzn-requestid: 11fdf0c8-244c-4cd5-bfa7-4c77d777174f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiuzEqkIAMFXOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17f8-5c241d63598dbf595b54ead5;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:36:56 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: b1KWFmKdRQ4DU0v5JmC7AJatpv2B5FAHKVWL7pFiyh13fqYDA5qydA==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:57:13 GMT
age: 85573
etag: "d68861e96e12e8a3f293dbae8b687f05b6e15afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: I3GuoZ4ZxAtz0sKe3wrW67aitLlCAbaZkiPw23fl0F3FoumJDEnXiQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 05:56:24 GMT
age: 56822
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c.waplog.net/562933.cnt
69.16.231.57302 Moved Temporarily 0 B IP 69.16.231.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /562933.cnt HTTP/1.1
Host: c.waplog.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 302 Moved Temporarily
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Cache-Control: no-cache
Content-Type: text/html; charset=UTF-8
Date: Sat, 25 Mar 2023 21:43:26 GMT
Location: http://ww12.waplog.net/562933.cnt
Pragma: no-cache
Connection: Keep-Alive
X-Powered-By: PHP/5.4.16
Content-Length: 0
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 0739c8db5140bd0d6747be60b6d1a7fa
129309a26adb5e3f0ac6dfe8cefec7fab0f12a2a
2bb9696da28b19da8cd2c60d37aa3298b330e475a37fcba36e4a7b031790ba93
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6274
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 21:43:26 GMT
Last-Modified: Sat, 25 Mar 2023 19:58:52 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
w0f8e6qukdqo.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 w0f8e6qukdqo.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: w0f8e6qukdqo.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:26 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
pixel.quantserve.com/pixel;r=1364594659;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2F3x39.sextgem.com%2Findex%2F__xtblog_entry%2F10549051-video-cewek-main-sama-kuda%3Fgenre%3Dacaptiveaudience%26__xtblog_block_id%3D1;uht=2;fpan=1;fpa=P0-1805259753-1679780619636;pbc=;ns=0;ce=1;qjs=1;qv=757f3135-20230316172511;cm=;gdpr=0;ref=;d=sextgem.com;dst=0;et=1679780620173;tzo=0;ogl=;ses=555d2d36-b03f-4e03-a342-87b6d46db541
91.228.74.206200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1364594659;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2F3x39.sextgem.com%2Findex%2F__xtblog_entry%2F10549051-video-cewek-main-sama-kuda%3Fgenre%3Dacaptiveaudience%26__xtblog_block_id%3D1;uht=2;fpan=1;fpa=P0-1805259753-1679780619636;pbc=;ns=0;ce=1;qjs=1;qv=757f3135-20230316172511;cm=;gdpr=0;ref=;d=sextgem.com;dst=0;et=1679780620173;tzo=0;ogl=;ses=555d2d36-b03f-4e03-a342-87b6d46db541
IP 91.228.74.206:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1364594659;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2F3x39.sextgem.com%2Findex%2F__xtblog_entry%2F10549051-video-cewek-main-sama-kuda%3Fgenre%3Dacaptiveaudience%26__xtblog_block_id%3D1;uht=2;fpan=1;fpa=P0-1805259753-1679780619636;pbc=;ns=0;ce=1;qjs=1;qv=757f3135-20230316172511;cm=;gdpr=0;ref=;d=sextgem.com;dst=0;et=1679780620173;tzo=0;ogl=;ses=555d2d36-b03f-4e03-a342-87b6d46db541 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Mar 2023 21:43:26 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=641f6afe-71160-8468b-fcc3f; expires=Wed, 24-Apr-2024 21:43:26 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
34.111.73.144200 OK 807 kB URL HTTP/2 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
IP 34.111.73.144:0
Size 807 kB (807180 bytes)
Hash 914be443bdfbe8a1c3ded61e1c114bd6
4fe7c5ff83f6a29e6699f4cebc17550891504661
41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857
GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 59G7qTJQiLuRHxxSkAS7i5JoVkPmSxvoUFSiSuMU5NDxXetcSPNyHZPUwj7u+afDVOleH+O6SLE=
x-amz-request-id: RWFC6R5QJM79BGGV
x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7
accept-ranges: bytes
server: AmazonS3
content-length: 807180
via: 1.1 google
date: Thu, 23 Mar 2023 11:49:19 GMT
age: 208447
last-modified: Tue, 10 Jan 2023 12:38:46 GMT
etag: "914be443bdfbe8a1c3ded61e1c114bd6"
content-type: application/octet-stream
cache-control: public,max-age=604800
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1677879347585&_since=%221643818378440%22
35.241.9.150200 OK 9.1 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1677879347585&_since=%221643818378440%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (9105), with no line terminators
Hash 3bf8b222f5f31c3ab484dbb4bf3c90bd
3a90ff55f82f7136aca51508621ff791c1c270bc
f08329d6b4438dc9bbf89b29a5b8537881bbd081000a90a66e031cd575fb5d9d
GET /v1/buckets/blocklists/collections/gfx/changeset?_expected=1677879347585&_since=%221643818378440%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 9105
via: 1.1 google
date: Sat, 25 Mar 2023 21:41:51 GMT
age: 95
last-modified: Sat, 18 Mar 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
adsco.re/p
162.252.214.5200 OK 412 B IP 162.252.214.5:0
File type ASCII text, with very long lines (487), with no line terminators
Hash e907b4fb81eab8b5b07eb18c99716359
f6ab56ef67b3565eb1597652f1882896ccdda9e1
f8b33b33e4a826b648b57c63d6ac59763d5b72f922288095e160c1c5aa49180e
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 1924
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: http://3x39.sextgem.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1679703984859&_since=%221666279968541%22
35.241.9.150200 OK 76 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1679703984859&_since=%221666279968541%22
IP 35.241.9.150:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d39137e637f752e7355c1cfc6f7f4e2c
79fe0468e80c6079f82b640079a87b151886c080
bfc4047f945a6488c46142ee3fda5e648e89b51926f44d7adfb77827c6bfbf94
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1679703984859&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 76104
via: 1.1 google
date: Sat, 25 Mar 2023 21:09:05 GMT
age: 2061
last-modified: Sat, 25 Mar 2023 00:26:24 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
35.241.9.150200 OK 2.4 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (2387), with no line terminators
Hash 377da5cb5955db6a3bbed6eaf61e789a
64f5e967b2d903ad2934ab11a8c567dbf282b025
60fe6df1f2d1e2e1727f1b8d44c1102f86558928b4df9cd7a92569d04f8724cf
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2387
via: 1.1 google
date: Sat, 25 Mar 2023 21:02:09 GMT
age: 2477
last-modified: Fri, 24 Mar 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 38abcbcccc02e90a0e12c234c7d3d783
b5236c42366d7fbe50d77a6f13e8868fe7ac0c1d
b9ff216b3eb3c31e9d06aca7f9dc557b95e7fd49fa8ab887211dfa46443060cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9FF216B3EB3C31E9D06ACA7F9DC557B95E7FD49FA8AB887211DFA46443060CC"
Last-Modified: Fri, 24 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12427
Expires: Sun, 26 Mar 2023 01:10:33 GMT
Date: Sat, 25 Mar 2023 21:43:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22
35.241.9.150200 OK 772 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (772), with no line terminators
Hash 1150fc438e642be5635e3234834367d9
a421eab9d39f0fefd6a1f2ecda9fc11ceddb646c
2b980c60a311dafdf93d9983c4ed8ac7dea9f7ff61329ffb1e1a24d0909f3d15
GET /v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 772
via: 1.1 google
date: Sat, 25 Mar 2023 21:35:50 GMT
age: 456
last-modified: Thu, 23 Mar 2023 19:33:52 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ww12.waplog.net/562933.cnt
75.2.81.221200 OK 5.6 kB URL HTTP/1.1 ww12.waplog.net/562933.cnt
IP 75.2.81.221:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1190)
Hash b60cd757558029801e00a7b7e17dc92c
cd8c19d6c9f910b2639888a10abd5a66093ec4c1
e25a7fd70f40032e6c3a6b5c2e5437d2578f78d5e2916260df1d944a280c8cf1
GET /562933.cnt HTTP/1.1
Host: ww12.waplog.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://3x39.sextgem.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_kV1wEMtnUeKC9/oEtyf7aIpSAsoNwe2Qbm9njoZdlo9XJS7Lx7VES5gOOoTGknWc9revMdWHOcfN4hvmzYsaKw==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Domain: waplog.net
X-Subdomain: ww12
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
35.241.9.150200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1506), with no line terminators
Hash 318c328ba16a767b6d94b0cbfc1a8b4d
40dfca34d6034f7bdeb27801f3b485e001699c38
6293349b31e326d2e8e4001e780554226b24584f981cc1325d70e48fbfa69ed0
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1506
via: 1.1 google
date: Sat, 25 Mar 2023 21:21:48 GMT
age: 1299
last-modified: Thu, 23 Mar 2023 16:36:48 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
35.241.9.150200 OK 935 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (935), with no line terminators
Hash 9122f99473d982e0cf08d156d80fa431
0c58a6dc78b365762e6cce14075639d4b5e12b15
5a12e97c12a31b264b4ff70f17bf92ed19aff7cd04029d71d913a37593e3d600
GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 935
via: 1.1 google
date: Sat, 25 Mar 2023 21:02:29 GMT
age: 2458
last-modified: Thu, 23 Mar 2023 16:36:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22
35.241.9.150200 OK 25 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (25354), with no line terminators
Hash 92ef0b8c859dbf1a8eb36743ed5d280a
a1524882fcfc9db519841b42276d34e9f6f7dfb1
915ba6d82d28de9d983a184d875d1ba56955dbefb1bbde72e867b334634e56be
GET /v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 25354
via: 1.1 google
date: Sat, 25 Mar 2023 20:55:48 GMT
age: 2859
last-modified: Thu, 23 Mar 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
serve.popads.net/c?_=BQFiAAAAAAAACZUAAu60nJ1OuX2vV_E6ztNQgecDtFEbXKqhy75bDf4-W4EBdY4gHhJtfppo1fld-rozjHsSs1TO0I4bGM2y8eqf5envTrE6VPC-NYTIPVs0PpUAAPbvXhYsyEq9Ab-EopiHQvud3EcUBJh-Or5bFdaUdUbzZ7IG3FbRtHgF3m1A8xLLbDoJ80y7YMiV4d6wj0uWYM7d3hVEhb8Wwy3QoIjIlju-9rgDOqOcnSdusH3gokjU61OLmghmVyQTYIw2jTJ71Ly8zp5wVzYrsWPqmATVcLTX-u0pXj3TFPp3uKoBAvPi7fkOmHi7d4ri70alNkRR_MfDHhwd2PvRQ_F6OHOZCP7jB2r1WDRcmjNVbnFdiWn9L7rhNJz_1bj_aXT5c37SWi5uLX_SP-4CaRuBNnbFotEL3tbEt2Ag3VwmOD-ddRnCDsj1fvEPXnNWRoQ3jWYJ76egBsmB4TLCbiXCdgauqCc&v=4&siteId=369888&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0
216.21.13.17200 OK 44 B URL HTTP/1.1 serve.popads.net/c?_=BQFiAAAAAAAACZUAAu60nJ1OuX2vV_E6ztNQgecDtFEbXKqhy75bDf4-W4EBdY4gHhJtfppo1fld-rozjHsSs1TO0I4bGM2y8eqf5envTrE6VPC-NYTIPVs0PpUAAPbvXhYsyEq9Ab-EopiHQvud3EcUBJh-Or5bFdaUdUbzZ7IG3FbRtHgF3m1A8xLLbDoJ80y7YMiV4d6wj0uWYM7d3hVEhb8Wwy3QoIjIlju-9rgDOqOcnSdusH3gokjU61OLmghmVyQTYIw2jTJ71Ly8zp5wVzYrsWPqmATVcLTX-u0pXj3TFPp3uKoBAvPi7fkOmHi7d4ri70alNkRR_MfDHhwd2PvRQ_F6OHOZCP7jB2r1WDRcmjNVbnFdiWn9L7rhNJz_1bj_aXT5c37SWi5uLX_SP-4CaRuBNnbFotEL3tbEt2Ag3VwmOD-ddRnCDsj1fvEPXnNWRoQ3jWYJ76egBsmB4TLCbiXCdgauqCc&v=4&siteId=369888&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0
IP 216.21.13.17:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /c?_=BQFiAAAAAAAACZUAAu60nJ1OuX2vV_E6ztNQgecDtFEbXKqhy75bDf4-W4EBdY4gHhJtfppo1fld-rozjHsSs1TO0I4bGM2y8eqf5envTrE6VPC-NYTIPVs0PpUAAPbvXhYsyEq9Ab-EopiHQvud3EcUBJh-Or5bFdaUdUbzZ7IG3FbRtHgF3m1A8xLLbDoJ80y7YMiV4d6wj0uWYM7d3hVEhb8Wwy3QoIjIlju-9rgDOqOcnSdusH3gokjU61OLmghmVyQTYIw2jTJ71Ly8zp5wVzYrsWPqmATVcLTX-u0pXj3TFPp3uKoBAvPi7fkOmHi7d4ri70alNkRR_MfDHhwd2PvRQ_F6OHOZCP7jB2r1WDRcmjNVbnFdiWn9L7rhNJz_1bj_aXT5c37SWi5uLX_SP-4CaRuBNnbFotEL3tbEt2Ag3VwmOD-ddRnCDsj1fvEPXnNWRoQ3jWYJ76egBsmB4TLCbiXCdgauqCc&v=4&siteId=369888&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: serve.popads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sat, 25 Mar 2023 21:43:27 GMT
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1679529664549&_since=%221666483264567%22
35.241.9.150200 OK 64 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1679529664549&_since=%221666483264567%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (64316), with no line terminators
Hash c5737c392fec8ab9e2820ec996875a7a
543c7af7c9e3a0165cbaff7162202b485af617da
9e5bdc355682998dee839d109d215bd7858720013b90ef3281235ed6c852b8e1
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1679529664549&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 64316
via: 1.1 google
date: Sat, 25 Mar 2023 21:09:06 GMT
age: 2061
last-modified: Thu, 23 Mar 2023 00:01:04 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22
35.241.9.150200 OK 7.0 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (6983), with no line terminators
Hash 259c63666839343d666a293de9e3d7b3
2eb4f6399be8ec867b36714423e06929b8a04213
8f4521fb02b3f081367469a39f6d5dca0a14c8bcc8e66f3e374adf6d0ecabeba
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 6983
via: 1.1 google
date: Sat, 25 Mar 2023 21:41:38 GMT
age: 109
last-modified: Tue, 21 Mar 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
w0f8e6qukdqo.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 w0f8e6qukdqo.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: w0f8e6qukdqo.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 21:43:27 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22
35.241.9.150200 OK 1.6 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1647), with no line terminators
Hash b6a9d93923579c92355cde6a0247ebe4
5aacc09f19d3fda30e47c55995b19d22e77d6764
ff32dcc803a931b38db625bbf50f169860022bdebb652ea949ddf1f8659c34c6
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1647
via: 1.1 google
date: Sat, 25 Mar 2023 21:37:00 GMT
age: 387
last-modified: Tue, 21 Mar 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
35.241.9.150200 OK 682 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Hash 1e047b83920b53efa84372fbf1a81bee
e2404b9c4d03d1c58e71884919a54c2f9a3dedfd
7e9d0acd7bc581de92f53a81423bd582b348c3c871a02cd7b26229313d5e6013
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 682
via: 1.1 google
date: Sat, 25 Mar 2023 21:38:33 GMT
age: 294
last-modified: Sat, 25 Mar 2023 16:36:56 GMT
etag: "1679762216708"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
35.241.9.150200 OK 1.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1251), with no line terminators
Hash 544e218878f656b4373563a094716a70
ae8f7f0929f1f4cf0b28eb0a2b5943e148ca61a9
532f508ccf0e693debde8f684a0fd170c3296dfad6f1bb27c672c37af6c3e7a7
GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1251
via: 1.1 google
date: Sat, 25 Mar 2023 20:45:07 GMT
age: 3500
last-modified: Sat, 25 Mar 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
35.241.9.150200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1742), with no line terminators
Hash c6ffeaa329fe3d4b15ca88fc8d960a12
f3f1fbe76d66e7d72122d56efa5d47a660c758b3
0f4df13e808c9a2caa24aa9c2419b0b14f9a79514f32bedf2addb947dd285608
GET /v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1742
via: 1.1 google
date: Sat, 25 Mar 2023 21:07:42 GMT
age: 2145
last-modified: Sat, 25 Mar 2023 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Mar 2023 21:43:25 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Tue, 25 Apr 2023 21:43:25 GMT
etag: W/"cMPvpvd3jDHdlppiuYNttw=="
cf-cache-status: HIT
age: 83242
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ada545129b8b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2