r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2857be6f18459c7a4a7f00f6cd6076f1
570609086d72a9be57cde7bfefd25663c1035fba
bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F"
Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7396
Expires: Sun, 19 Mar 2023 09:04:24 GMT
Date: Sun, 19 Mar 2023 07:01:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3396075e8f2d9ceae3bd11f94111fed8
98ba4ccf6b0e38a91c69b76ac1dc07313773ed1d
e533d6bd6a8080facdff772bcbf359373dab2d5a6fe5eabe64f95e68a8cd23aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E533D6BD6A8080FACDFF772BCBF359373DAB2D5A6FE5EABE64F95E68A8CD23AA"
Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4521
Expires: Sun, 19 Mar 2023 08:16:29 GMT
Date: Sun, 19 Mar 2023 07:01:08 GMT
Connection: keep-alive
3x39.sextgem.com/index/__xtblog_entry/10549081-cewek-sange-ngangkang-di-kasur?q=dellassedio&__xtcomments_thread=3674427
54.36.158.42200 OK 7.5 kB URL HTTP/1.1 3x39.sextgem.com/index/__xtblog_entry/10549081-cewek-sange-ngangkang-di-kasur?q=dellassedio&__xtcomments_thread=3674427
IP 54.36.158.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3577), with CRLF, LF line terminators
Hash a74ecd05af3223878a8e4c3e9a4cfed2
9ce656234b598e2596d127753a05d4b7673e73f9
34c004a038dbb014d6bbd88d02e6f0708fb93a111cd60905611a96218936f0ed
GET /index/__xtblog_entry/10549081-cewek-sange-ngangkang-di-kasur?q=dellassedio&__xtcomments_thread=3674427 HTTP/1.1
Host: 3x39.sextgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:08 GMT
Vary: Host,Accept-Encoding
Set-Cookie: _xta_uid=133833a14d8c41ea3560335139b48559; expires=Tue, 18-Mar-2025 07:01:08 GMT; Max-Age=63072000; path=/; domain=.sextgem.com; httponly
_xta_vid=86165386e5d5d1c853543b0c164b9852-1679209268; expires=Sun, 19-Mar-2023 07:31:08 GMT; Max-Age=1800; path=/; domain=.sextgem.com; httponly
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Pragma: no-cache
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Content-Encoding: gzip
Content-Length: 7542
Connection: close
Content-Type: text/html; charset=utf-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eddc2a353d39e5ce5c30d7e90b3ed6a5
305e86e4b966344c135c50af9a6509ffd3a83e9e
bd775c38c2e11f1baedde5d92ab17ceaf4c2067f8ea996595a66801758a71813
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD775C38C2E11F1BAEDDE5D92AB17CEAF4C2067F8EA996595A66801758A71813"
Last-Modified: Fri, 17 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7854
Expires: Sun, 19 Mar 2023 09:12:02 GMT
Date: Sun, 19 Mar 2023 07:01:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 19 Mar 2023 06:27:02 GMT
content-type: application/json
age: 2046
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0Q/eXDCObVsp/lyQJWPYX/U9FLHpJ+CK4x2QBkDdl5fFfQAQrcG+2qQ9Ku61jLARwifPh7MVMrs=
x-amz-request-id: X9CE5XWHPMKM6C4A
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 19 Mar 2023 06:58:10 GMT
age: 178
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 07:01:08 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Allerta
142.250.74.106200 OK 268 B URL HTTP/1.1 fonts.googleapis.com/css?family=Allerta
IP 142.250.74.106:0
Hash b74f6bb2a291875d4c08852ea0b5b39b
8cb70b97699a9f85853e17cb3ca3dad30bed9547
f7abe6743b90f118ee4a1ec1dd5ec08fd1e2f1ce08e252eb3ee09021c587027a
GET /css?family=Allerta HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 19 Mar 2023 07:01:08 GMT
Date: Sun, 19 Mar 2023 07:01:08 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
cdn.popcash.net/pop.js
151.139.128.11200 OK 38 kB IP 151.139.128.11:0
File type ASCII text, with very long lines (65390)
Hash 98cfe0446b61a1f2a2df62468da0202c
156362703ec16548fe52ef46832fdad94d493463
903349d17d20a9010f59b6feed6519fda179cf5606bbde8abcd58db81525b527
Analyzer Verdict Alert fortinet Malware
GET /pop.js HTTP/1.1
Host: cdn.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:08 GMT
Content-Encoding: gzip
Content-Type: application/javascript
Last-Modified: Thu, 02 Mar 2023 10:45:34 GMT
Accept-Ranges: bytes
ETag: W/"64007e4e-1f3e1"
Cache-Control: max-age=2592000, public
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9rYuUP7atvh891%2FtI9NR%2Ff1zdqTkKtiARKT3HL4BBrKgJFwa%2B4GnuBMibawvKewa5SJaAMfWnsK2wfcqzEYqDKoHK1zXD2l%2FC9OIT8r662vjd6brignX5SC0msu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a5e0e344d3bfac4-OSL
Alt-Svc: h2=":443"; ma=60
Vary: Accept-Encoding
X-HW: 1679209268.cds018.sk1.h2,1679209268.cds216.sk1.c
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 38289
3x39.sextgem.com/xtgem_template.css?v=1425524391
54.36.158.42200 OK 3.6 kB URL HTTP/1.1 3x39.sextgem.com/xtgem_template.css?v=1425524391
IP 54.36.158.42:0
File type ASCII text, with CRLF line terminators
Hash 8a2b1bae634a7a7d3cec448e0c613833
db0079da090fae041489aa1d31bc7eb82b931c08
a670c684aeb167d7737b9982002432deaf9bd17ced6d6bf396242ce47e6d60d6
GET /xtgem_template.css?v=1425524391 HTTP/1.1
Host: 3x39.sextgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/index/__xtblog_entry/10549081-cewek-sange-ngangkang-di-kasur?q=dellassedio&__xtcomments_thread=3674427
Cookie: _xta_uid=133833a14d8c41ea3560335139b48559; _xta_vid=86165386e5d5d1c853543b0c164b9852-1679209268
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:08 GMT
Vary: Host,Accept-Encoding
Set-Cookie: _xta_uid=133833a14d8c41ea3560335139b48559; expires=Tue, 18-Mar-2025 07:01:08 GMT; Max-Age=63072000; path=/; domain=.sextgem.com; httponly
Content-Encoding: gzip
Content-Length: 3629
Connection: close
Content-Type: text/css;charset=UTF-8
u-on.eu/c.php?u=70103
163.172.215.201301 Moved Permanently 310 B IP 163.172.215.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 92c6fec1f351530bfd90c53630b6ac54
9daad52e555a164e70a287cc9622420305c7c89a
f200deca44d3401dd734aa4c89f6105c3bd1bd8363dd7ff334a260e62ff0922f
GET /c.php?u=70103 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 19 Mar 2023 07:01:08 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://u-on.eu/c.php?u=70103
Content-Length: 310
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
u-on.eu/c.php?u=73196
163.172.215.201301 Moved Permanently 310 B IP 163.172.215.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e3c179228be47134f82b0627b716d1fa
8695c7241a19818d3e5f95e8a74dda012e77bf67
3f6d7d76eee4ea65138d605e953a979e0ba7b4fc7d3b41925462d73c8c9ec87d
GET /c.php?u=73196 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 19 Mar 2023 07:01:08 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://u-on.eu/c.php?u=73196
Content-Length: 310
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
u-on.eu/c.php?u=73203
163.172.215.201301 Moved Permanently 310 B IP 163.172.215.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 29fea643f06a51d492d0def29bc6cb9f
7bae4750a468279f8abc45a042972e0d16abc4bb
e4fc7504bcf3bce5ce11408e92c271ce368b8a04d7db9eece943ee393100d01e
GET /c.php?u=73203 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 19 Mar 2023 07:01:08 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://u-on.eu/c.php?u=73203
Content-Length: 310
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
u-on.eu/c.php?u=72767
163.172.215.201301 Moved Permanently 310 B IP 163.172.215.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3150ae9a2925d40efa3546a50cbdf06a
2dcf79b3004798728f4fb642221ca2b076d72e77
06cd1b1ef516d3d1ffc17a40944caa25850fbedebdcdf62aec7520f061105785
GET /c.php?u=72767 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 19 Mar 2023 07:01:08 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://u-on.eu/c.php?u=72767
Content-Length: 310
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
u-on.eu/c.php?u=73195
163.172.215.201301 Moved Permanently 310 B IP 163.172.215.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 15a3230c1bd4295cfcb73c2d0e70bb1a
0c39beec6c39d1a258a62170aa1fd180b05355c4
ac18b9e6d83f6f668fe99b95fff89f3c96fb251e5f5795f62517557eeef98715
GET /c.php?u=73195 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 19 Mar 2023 07:01:08 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://u-on.eu/c.php?u=73195
Content-Length: 310
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
sextgem.com/js/page_templates.js
141.94.172.213200 OK 600 B URL HTTP/1.1 sextgem.com/js/page_templates.js
IP 141.94.172.213:0
Hash 40399e3e5e1a172dd101d6aaf7611b85
dbf7f0961ceea4c42625b7b574dc5fe78b752b24
02208b6b15ad77f658951e1b2f02d657e59dae0335d742707e2d5b2b614520f4
GET /js/page_templates.js HTTP/1.1
Host: sextgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Cookie: _xta_uid=133833a14d8c41ea3560335139b48559; _xta_vid=86165386e5d5d1c853543b0c164b9852-1679209268
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:08 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "5fb-59774aa04e000-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 18 Apr 2023 07:01:08 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 600
Connection: close
Content-Type: application/javascript
xtgem.com/images/xtvid/sunnyleonewap.jpg
141.94.172.213200 OK 7.7 kB URL HTTP/1.1 xtgem.com/images/xtvid/sunnyleonewap.jpg
IP 141.94.172.213:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x50, components 3\012- data
Hash 8e0dddf6bcbe232ac643e4dd40de6101
b958077b6d3871c2bd5088561235c8c825a3f72f
04f14d4e1099434b5486bddb58c0a71ba246e2d2248718e84d7643537ad600d8
GET /images/xtvid/sunnyleonewap.jpg HTTP/1.1
Host: xtgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:08 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "1e0a-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 7690
Cache-Control: max-age=2592000
Expires: Tue, 18 Apr 2023 07:01:08 GMT
X-Ngz: 1
Connection: close
Content-Type: image/jpeg
fonts.gstatic.com/s/allerta/v18/TwMO-IAHRlkbx940YnYXSA.woff2
142.250.74.35200 OK 7.8 kB URL HTTP/1.1 fonts.gstatic.com/s/allerta/v18/TwMO-IAHRlkbx940YnYXSA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7824, version 1.0\012- data
Hash 0cd3b03c066851fd03e8e51a0bb713cd
ab90570fbff72d7d5070ef9629da2e31b506575a
ef4a4798ee810a9641529acd802d9b08b48623504b15d10fba88fc42dcb2d9f6
GET /s/allerta/v18/TwMO-IAHRlkbx940YnYXSA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7824
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 15 Mar 2023 15:59:29 GMT
Expires: Thu, 14 Mar 2024 15:59:29 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 19 Apr 2022 18:20:16 GMT
Content-Type: font/woff2
Age: 313299
4.bp.blogspot.com/-TZr4tNW0VM8/VR8pVUB0F6I/AAAAAAAABF4/OZi8EeMnzkU/s1600/300x250-1322162014.gif
142.250.74.161404 Not Found 832 B URL HTTP/1.1 4.bp.blogspot.com/-TZr4tNW0VM8/VR8pVUB0F6I/AAAAAAAABF4/OZi8EeMnzkU/s1600/300x250-1322162014.gif
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /-TZr4tNW0VM8/VR8pVUB0F6I/AAAAAAAABF4/OZi8EeMnzkU/s1600/300x250-1322162014.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Sun, 19 Mar 2023 07:01:08 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
enif.images.xtstatic.com/tp.gif
141.94.172.213200 OK 42 B URL HTTP/1.1 enif.images.xtstatic.com/tp.gif
IP 141.94.172.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /tp.gif HTTP/1.1
Host: enif.images.xtstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:08 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "2a-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 42
Cache-Control: max-age=2592000
Expires: Tue, 18 Apr 2023 07:01:08 GMT
Connection: close
Content-Type: image/gif
cif.images.xtstatic.com/tp.gif
141.94.172.213200 OK 42 B URL HTTP/1.1 cif.images.xtstatic.com/tp.gif
IP 141.94.172.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /tp.gif HTTP/1.1
Host: cif.images.xtstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:08 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "2a-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 42
Cache-Control: max-age=2592000
Expires: Tue, 18 Apr 2023 07:01:08 GMT
Connection: close
Content-Type: image/gif
edryc.pun.bz/files/bokep-online-gratis.png
45.33.23.183302 Found 0 B URL HTTP/1.1 edryc.pun.bz/files/bokep-online-gratis.png
IP 45.33.23.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/bokep-online-gratis.png HTTP/1.1
Host: edryc.pun.bz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Sun, 19 Mar 2023 07:01:08 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://d39f23jfph0ylk.cloudfront.net/pun.bz.png
vary: Accept-Language
content-language: en
connection: close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 745318ba3aa34b349d9ea67baeaad399
8e1800f71ac361f77b944b522a582ad134b64596
2341f8b5c8ec6dc1fa2689bd74e7524f40c1528dbfd8e390f4cea188db52512f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2341F8B5C8EC6DC1FA2689BD74E7524F40C1528DBFD8E390F4CEA188DB52512F"
Last-Modified: Fri, 17 Mar 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3441
Expires: Sun, 19 Mar 2023 07:58:29 GMT
Date: Sun, 19 Mar 2023 07:01:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 745318ba3aa34b349d9ea67baeaad399
8e1800f71ac361f77b944b522a582ad134b64596
2341f8b5c8ec6dc1fa2689bd74e7524f40c1528dbfd8e390f4cea188db52512f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2341F8B5C8EC6DC1FA2689BD74E7524F40C1528DBFD8E390F4CEA188DB52512F"
Last-Modified: Fri, 17 Mar 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3441
Expires: Sun, 19 Mar 2023 07:58:29 GMT
Date: Sun, 19 Mar 2023 07:01:08 GMT
Connection: keep-alive
u-on.eu/c.php?u=72767
163.172.215.201200 OK 1.4 kB IP 163.172.215.201:0
File type PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash bd6e50d02e5b32e4abc5fa60b7102fea
8ef5cc815a68104af972f4dedeb5adca5fcec922
3a18f429f1b5ce852384339e84fc785e851223febde6af9ee7ba01a646a36db3
GET /c.php?u=72767 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:08 GMT
Server: Apache/2.4.29 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 1381
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
u-on.eu/c.php?u=73195
163.172.215.201200 OK 1.2 kB IP 163.172.215.201:0
File type PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ea1244ea92efe1cba1be1546f2752d2
d984bcf5f13c53a6962fa992049f1b67d9e22814
35118cbb72e84832e3b5912a60939c86e3b515b06239bee310ee8f19e0694bc3
GET /c.php?u=73195 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:08 GMT
Server: Apache/2.4.29 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 1214
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
u-on.eu/c.php?u=73203
163.172.215.201200 OK 1.2 kB IP 163.172.215.201:0
File type PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ea1244ea92efe1cba1be1546f2752d2
d984bcf5f13c53a6962fa992049f1b67d9e22814
35118cbb72e84832e3b5912a60939c86e3b515b06239bee310ee8f19e0694bc3
GET /c.php?u=73203 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:08 GMT
Server: Apache/2.4.29 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 1214
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
u-on.eu/c.php?u=73196
163.172.215.201200 OK 1.2 kB IP 163.172.215.201:0
File type PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ea1244ea92efe1cba1be1546f2752d2
d984bcf5f13c53a6962fa992049f1b67d9e22814
35118cbb72e84832e3b5912a60939c86e3b515b06239bee310ee8f19e0694bc3
GET /c.php?u=73196 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:08 GMT
Server: Apache/2.4.29 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 1214
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
ocsp2.globalsign.com/gsalphasha2g2
151.101.66.133200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.66.133:0
Hash 46ae95413e1bf218d905f7c5f41e80f1
20633f91ca2fb3f3ada5ccbd111546cb73e6b9aa
c4c3d650c6e81a799cc07f4880221cf2135c233696163f97a4b1e8144e851ca6
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 23 Mar 2023 05:50:06 GMT
ETag: "20633f91ca2fb3f3ada5ccbd111546cb73e6b9aa"
Last-Modified: Sun, 19 Mar 2023 05:50:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 19 Mar 2023 07:01:09 GMT
Age: 4262
X-Served-By: cache-qpg1266-QPG, cache-bma1669-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 29, 1
X-Timer: S1679209269.000505,VS0,VE1
u-on.eu/c.php?u=70103
163.172.215.201200 OK 1.2 kB IP 163.172.215.201:0
File type PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ea1244ea92efe1cba1be1546f2752d2
d984bcf5f13c53a6962fa992049f1b67d9e22814
35118cbb72e84832e3b5912a60939c86e3b515b06239bee310ee8f19e0694bc3
GET /c.php?u=70103 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:08 GMT
Server: Apache/2.4.29 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 1214
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Retry-After, Content-Type, Expires, Alert, Pragma, ETag, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 19 Mar 2023 06:14:32 GMT
age: 2797
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
dcba.popcash.net/znWaa3gu
3.222.40.224204 No Content 0 B URL HTTP/2 dcba.popcash.net/znWaa3gu
IP 3.222.40.224:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /znWaa3gu HTTP/1.1
Host: dcba.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 19 Mar 2023 07:01:09 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a4b141e90b0fb22cf6d10a6a4fd360d
37b081be1a69edb97a7c562b71474f4d7405d94e
5db17bb0a40658845e03d8237a69458a0576d955006ee224930b0310179af9af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5DB17BB0A40658845E03D8237A69458A0576D955006EE224930B0310179AF9AF"
Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7449
Expires: Sun, 19 Mar 2023 09:05:18 GMT
Date: Sun, 19 Mar 2023 07:01:09 GMT
Connection: keep-alive
pl13048200.trustedcpmrevenue.com/e2/68/30/e2683001b51a3e369fb2d16165c07e07.js
192.243.59.20200 OK 21 kB URL HTTP/1.1 pl13048200.trustedcpmrevenue.com/e2/68/30/e2683001b51a3e369fb2d16165c07e07.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60152), with no line terminators
Hash 102d5fb58c6d09beba9571b30b0493bc
22185fd7160a10a6415415f11bf3dc38890d8cf3
fd545b0cf0f166bc547e9ade84b95326941637028d98f169864a949ba65a3d6a
GET /e2/68/30/e2683001b51a3e369fb2d16165c07e07.js HTTP/1.1
Host: pl13048200.trustedcpmrevenue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 19 Mar 2023 07:01:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 994a60e5f0dad834009d028908605ec2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
js.buzzcity.net/bcads.js
74.63.241.29302 Found 11 B IP 74.63.241.29:0
ASN #46475 LIMESTONENETWORKS
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /bcads.js HTTP/1.1
Host: js.buzzcity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 19 Mar 2023 07:01:08 GMT
location: http://ww1.buzzcity.net
server: nginx
set-cookie: sid=d3631e90-c623-11ed-8f92-dd7c3f736319; path=/; domain=.buzzcity.net; expires=Fri, 06 Apr 2091 10:15:16 GMT; max-age=2147483647; HttpOnly
push.services.mozilla.com/
35.82.212.76101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.212.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9ThXMZhx4GMGXVMZrTiIKg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kNGg3mep+zVaLXz9mDmGVOY3GSY=
c.waplog.net/562933.cnt
69.16.231.57200 OK 2.2 kB IP 69.16.231.57:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (620)
Hash 37bdee4ebe669f79611edfa1f380c04b
6b374ca850150887356664e4da6bbdeded65b63f
79fb4b9f1f10297efbeaf92a6142c42043219b081194e545e06fb2a49ffc73e4
GET /562933.cnt HTTP/1.1
Host: c.waplog.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:09 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 2236
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ww1.buzzcity.net/
199.59.243.223200 OK 713 B IP 199.59.243.223:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (907), with no line terminators
Hash b8856b053864bd5d67ded6ce3b7e4c67
2d7551f500b5a5d2609ddf8fd3985ff33f46e5d0
1f725060d6f452489f63f5ad85cd0e3911226d5f83c029e9729fe0584540645a
GET / HTTP/1.1
Host: ww1.buzzcity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://3x39.sextgem.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 19 Mar 2023 07:01:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=d8e3739e-af3d-3b48-1590-b479cb9b6b53; expires=Sun, 19-Mar-2023 07:16:09 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_uRU+3NJPB/BeaGCOa/YI6uXcYwJdbATvKm90JMwBAfwpT3LBJ+rInsIhdiF/GnjK29KPZ5eSqYcraDiHGPEBMQ==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
js.buzzcity.net/bcads.js
74.63.241.29200 OK 484 B IP 74.63.241.29:0
ASN #46475 LIMESTONENETWORKS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (484), with no line terminators
Hash f7222282eb2186a8ff6945c7890989a5
8c3e71f7ebc0880bc0e6c04545411ed72c05652f
e85173bbf32b0e5ffae4b8cbd83ea235c313c2736c59836e8fd476ea7dff2d98
GET /bcads.js HTTP/1.1
Host: js.buzzcity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 484
content-type: text/html; charset=utf-8
date: Sun, 19 Mar 2023 07:01:09 GMT
server: nginx
set-cookie: sid=d4035bf8-c623-11ed-b35f-dd7c5f8d1f75; path=/; domain=.buzzcity.net; expires=Fri, 06 Apr 2091 10:15:17 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b7e819b8bdad7597dbf364b82dd3426
740c371f5032c8b3d58f195c3832ebc56cdb8552
04ae362e18804824ae4c88d32c025b4333203abd4c24163b7fa02915c15e8f17
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04AE362E18804824AE4C88D32C025B4333203ABD4C24163B7FA02915C15E8F17"
Last-Modified: Fri, 17 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9000
Expires: Sun, 19 Mar 2023 09:31:10 GMT
Date: Sun, 19 Mar 2023 07:01:10 GMT
Connection: keep-alive
xtgem.com/images/close2.png?v=0.01
141.94.172.213200 OK 564 B URL HTTP/1.1 xtgem.com/images/close2.png?v=0.01
IP 141.94.172.213:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 865dce1b2a4002b9a85f75ea622f4000
f56c8218b5ca721a9e5a3daec742a6f38c33c075
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
GET /images/close2.png?v=0.01 HTTP/1.1
Host: xtgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:10 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "234-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 564
Cache-Control: max-age=2592000
Expires: Tue, 18 Apr 2023 07:01:10 GMT
X-Ngz: 1
Connection: close
Content-Type: image/png
c.waplog.net/562933.cnt
69.16.231.57302 Moved Temporarily 0 B IP 69.16.231.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /562933.cnt HTTP/1.1
Host: c.waplog.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 302 Moved Temporarily
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Cache-Control: no-cache
Content-Type: text/html; charset=UTF-8
Date: Sun, 19 Mar 2023 07:01:10 GMT
Location: http://ww7.waplog.net/562933.cnt
Pragma: no-cache
Connection: Keep-Alive
X-Powered-By: PHP/5.4.16
Content-Length: 0
xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC8zeDM5LnNleHRnZW0uY29tXC9pbmRleD9fX3h0YmxvZ19lbnRyeT0xMDU0OTA4MSZxPWRlbGxhc3NlZGlvJl9feHRjb21tZW50c190aHJlYWQ9MzY3NDQyNyIsImxvZ2dlZF9pbiI6ZmFsc2UsImRvbWFpbiI6IjN4Mzkuc2V4dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19
141.94.172.213200 OK 2.9 kB URL HTTP/1.1 xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC8zeDM5LnNleHRnZW0uY29tXC9pbmRleD9fX3h0YmxvZ19lbnRyeT0xMDU0OTA4MSZxPWRlbGxhc3NlZGlvJl9feHRjb21tZW50c190aHJlYWQ9MzY3NDQyNyIsImxvZ2dlZF9pbiI6ZmFsc2UsImRvbWFpbiI6IjN4Mzkuc2V4dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19
IP 141.94.172.213:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1054)
Hash da024b02728bd10dc675ae24730758c3
e66c42044f987965db3e9a94b8af5bce976b8ed1
cccdc57def11748a729c04ec76951a0d8f3e5b0baf075d60c1c132b732a3c568
GET /__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC8zeDM5LnNleHRnZW0uY29tXC9pbmRleD9fX3h0YmxvZ19lbnRyeT0xMDU0OTA4MSZxPWRlbGxhc3NlZGlvJl9feHRjb21tZW50c190aHJlYWQ9MzY3NDQyNyIsImxvZ2dlZF9pbiI6ZmFsc2UsImRvbWFpbiI6IjN4Mzkuc2V4dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19 HTTP/1.1
Host: xtgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:10 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: session=w4~k2fe8tghkjivj575oqpuaa5mm3; expires=Mon, 20-Mar-2023 07:01:10 GMT; Max-Age=86400; path=/; domain=.xtgem.com; httponly
__template=web; expires=Tue, 18-Apr-2023 07:01:10 GMT; Max-Age=2592000; path=/
__lang=us; expires=Tue, 18-Apr-2023 07:01:10 GMT; Max-Age=2592000; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2915
Content-Type: text/html; charset=UTF-8
haywarn.com/pixel/purst?dl=0&th=0&sc=0&rs=1168&rd=1168&fd=784&bv=22.10.v.9&tmpl=70
192.243.59.13200 OK 0 B URL HTTP/1.1 haywarn.com/pixel/purst?dl=0&th=0&sc=0&rs=1168&rd=1168&fd=784&bv=22.10.v.9&tmpl=70
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1168&rd=1168&fd=784&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: haywarn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 19 Mar 2023 07:01:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash b213fe8814ddd2655182e70982199d4a
1fa1b230752f475e9466a42cced40f529ab5ae03
3f2231f0226f12e472b31d51797f3b384884c642547aea58195707a328a5a0b4
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122804
Date: Sun, 19 Mar 2023 07:01:10 GMT
Etag: "6415e759-1d7"
Expires: Mon, 20 Mar 2023 17:07:54 GMT
Last-Modified: Sat, 18 Mar 2023 16:31:21 GMT
Server: ECAcc (bsa/EAE4)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uyNQz40mr7PWAlYM0PWI3YAI-VBhxDwcXjyDLWsj5Jy0PdTQYv72VQ==
Age: 2193
simplewebanalysis.com/stats
52.59.156.99200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.59.156.99:0
File type ASCII text, with no line terminators
Hash 19c05418951e1b6ba679aad65b48afd5
95aeca29db4c2b113c07a7bcbb380724c464ec1c
31c1e86a4178d0ebab80f6a630552498202d134db4da54da0cc7b0623d48bebd
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 19 Mar 2023 07:01:10 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://3x39.sextgem.com
access-control-allow-credentials: true
set-cookie: uid_id2=5490759c-60dc-4577-979f-5b94c71c205e:3:1; expires=Wed, 16 Mar 2033 07:01:10 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
173.233.137.44200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 19 Mar 2023 07:01:10 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 09d06f833e3fdb121f542c3ec7b9cfb7
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3031
Expires: Sun, 19 Mar 2023 07:51:41 GMT
Date: Sun, 19 Mar 2023 07:01:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3031
Expires: Sun, 19 Mar 2023 07:51:41 GMT
Date: Sun, 19 Mar 2023 07:01:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa36f2b7f-235a-43c5-9302-84b1cc7fb382.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa36f2b7f-235a-43c5-9302-84b1cc7fb382.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c54a5cee763815a2d2d335a0dc51bab6
80d3672c8a1db24dedba20a8b04edbc67cff14f2
ce00f0d0fee5cbf89b31106b2d696d04ba12d94f4edbd512a2dc1100ab0ef5d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa36f2b7f-235a-43c5-9302-84b1cc7fb382.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7541
x-amzn-requestid: 00d990c9-d6de-4aea-8022-2d0df93ca184
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_wqWGezIAMF9kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e41-5a9c056956af56fd1b81973e;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:33:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 3fszpXCJahkKI-ZoJ9CPbuPKGtcZthlk63bvo1887xrQxJjtR7fVdw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 8cb7de37a1655236518810d0aabb8656.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 21:45:47 GMT
etag: "80d3672c8a1db24dedba20a8b04edbc67cff14f2"
content-type: image/jpeg
age: 33323
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe42970c2-8007-4b4c-9f15-01cf4de37822.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe42970c2-8007-4b4c-9f15-01cf4de37822.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e58e6553fe8e5d936a911080cec36dc
75dd9bdbaf7f19102036d27e69a011f4c37942a9
0c565b97125e28b8183baab26baf7c703e70f82fad13117c5780259e6d91a89d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe42970c2-8007-4b4c-9f15-01cf4de37822.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6219
x-amzn-requestid: 61b80920-2ba3-4688-80ee-848d68031908
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BwlmnG0KoAMFd0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64101c90-17c159767df548c4672b7365;Sampled=0
x-amzn-remapped-date: Tue, 14 Mar 2023 07:04:48 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ACswRkub0RlODaxJHJGsGkACkMQKk85qY3VxYPscNccAMYdpkQ9evA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 9adef5b1c5fc9ca80d6f4f8d19e103a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 07:50:48 GMT
age: 83422
etag: "75dd9bdbaf7f19102036d27e69a011f4c37942a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: bka10YWXvoKBRkwgvJNMzm1SSv_J1USzdugO9lPduHxe2uYFYkXh4w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 04:25:44 GMT
age: 9326
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcfb36-e851-4e2f-808e-0b76e20afc12.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcfb36-e851-4e2f-808e-0b76e20afc12.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3155ef27d75c441292f2de561d28abdf
6aa775a79d3312f3c0352613ad4d35b3952296d5
2e45bd135ca6b37ea9e95478cd9a799b543f4f5078be19396064c18bf393e6c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcfb36-e851-4e2f-808e-0b76e20afc12.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12419
x-amzn-requestid: 9b7514f8-1dc0-4374-aca6-9bd214f0599c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_whwGibIAMFeCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e0a-67986ae93b671d66133e3900;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:32:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: Bax5qwrmmdDM_5h6pe1YYY-6hZLqmgMT5Dhs_k0lxf7UzwhuTI1_Sw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 21:45:46 GMT
etag: "6aa775a79d3312f3c0352613ad4d35b3952296d5"
content-type: image/jpeg
age: 33324
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96dd733b-2874-48a1-85ec-05ab6a9364a7.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96dd733b-2874-48a1-85ec-05ab6a9364a7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 668410033c3212f1ff54ccb1ea936bb5
c9b72a8db035546ffe455d6ed8e9f2c7b58cf54e
290b7a6a1fd73951a0d1dfd57d5970efd537baaf25064b32b74302a4b9102c66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96dd733b-2874-48a1-85ec-05ab6a9364a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3418
x-amzn-requestid: d9b8be8d-fdb0-47ef-92e0-f5e2fa3117ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B5e81FTOIAMFvtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6413ab85-35dc07ce51de362f4bb26b72;Sampled=0
x-amzn-remapped-date: Thu, 16 Mar 2023 23:51:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: SkLy6ApnQ_Gur98OPXaj5klwmyFJtjLE2kX_6CFdGgVb2qQO8_fNXA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 0ec9ddba08fcd99386924593dbdbd44a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 22:12:17 GMT
age: 31733
etag: "c9b72a8db035546ffe455d6ed8e9f2c7b58cf54e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ca6f680-5e4b-497f-aef4-6cca71cb98d5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ca6f680-5e4b-497f-aef4-6cca71cb98d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49b71c6b1d8a81d5c9e5281eec609c25
59d56060ea97e27de572e48eb907882f5767f427
d8d1aa817b12b61d85115c0020fafd2c2e02a0277417e96fb995329ea3c7f01a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ca6f680-5e4b-497f-aef4-6cca71cb98d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11784
x-amzn-requestid: 29c7373c-4eb0-4374-8c4c-205285e23667
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_whwHM7oAMF_kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e0a-0c30752b04757beb7ea417a7;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:32:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: pPIURVGevjYlykVadfXACVKOnHw9BNb9udBL65Kl-z7I9AUWFDoOeQ==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 22:01:44 GMT
age: 32366
etag: "59d56060ea97e27de572e48eb907882f5767f427"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.gravatar.com/avatar/b8dcb8b7313a08c6171335c598bc8738.jpg?s=16&d=mm
192.0.73.2200 OK 787 B URL HTTP/1.1 www.gravatar.com/avatar/b8dcb8b7313a08c6171335c598bc8738.jpg?s=16&d=mm
IP 192.0.73.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 16x16, components 3\012- data
Hash a45c6b0d3417ecf7526a242fc4bc2b14
9298cab03a54859d9bf7d9d4823830f57ad59439
07b220b403aa5a5a26a0142c29fe186aefb56ec846b47c588bbf22958cc4a905
GET /avatar/b8dcb8b7313a08c6171335c598bc8738.jpg?s=16&d=mm HTTP/1.1
Host: www.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Mar 2023 07:01:10 GMT
Content-Type: image/jpeg
Content-Length: 787
Connection: keep-alive
Last-Modified: Thu, 16 Sep 2010 22:53:29 GMT
Link: <https://www.gravatar.com/avatar/b8dcb8b7313a08c6171335c598bc8738.jpg?s=16&d=mm>; rel="canonical"
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="b8dcb8b7313a08c6171335c598bc8738.png"
Expires: Sun, 19 Mar 2023 07:06:10 GMT
Cache-Control: max-age=300
X-nc: HIT arn 1
Accept-Ranges: bytes
c1.popads.net/pop.js
185.76.9.26200 OK 10 kB IP 185.76.9.26:0
ASN #60068 Datacamp Limited
File type HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Hash 9e5d642e5b4f079e61468259e23337a3
d98145c50a6b28c99fcc31ecdb8b00e564685e14
0085b0c78f7a6f8f7379871f778402efb6fe1160098fab2ebbab82c93a8e7248
GET /pop.js HTTP/1.1
Host: c1.popads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:10 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
Last-Modified: Tue, 14 Mar 2023 22:06:26 GMT
ETag: W/"6410efe2-82a9"
Access-Control-Allow-Origin: *
X-Accel-Expires: @1680022542
Server: CDN77-Turbo
X-77-NZT: AblMCRTqVJv/KGkDAA
X-77-NZT-Ray: af585630a27d08c236b316645b8b3830
X-Cache: HIT
X-Age: 223528
X-77-POP: stockholmSE
X-77-Cache: HIT
Content-Encoding: gzip
ww7.waplog.net/562933.cnt
199.59.243.223200 OK 712 B URL HTTP/1.1 ww7.waplog.net/562933.cnt
IP 199.59.243.223:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (915), with no line terminators
Hash b3a634dce431d956b9e0f4ad26af004b
1b69ef0c9778f71f1c4d61f505cff64cd67cc9f0
5d39fa5bfe0bc5afa68abad8c4537b55642034a409f901f0ce9c37d77ddc4d7f
GET /562933.cnt HTTP/1.1
Host: ww7.waplog.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://3x39.sextgem.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 19 Mar 2023 07:01:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=4bb00f36-0359-cd63-a07a-28ba916814a2; expires=Sun, 19-Mar-2023 07:16:10 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_fSrPSwW5erCCUaI4Ir3McQRbGkQoSH0M9Qra7K8Az8c+SWIuITiyWH+HgWUulZ+lmRAEZd/5CWFk7bu3L0szNQ==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
edge.quantserve.com/quant.js
91.228.74.200200 OK 9.2 kB URL HTTP/1.1 edge.quantserve.com/quant.js
IP 91.228.74.200:0
File type ASCII text, with very long lines (22210)
Hash b43a18fbe6986dfc5626e06e8cb23b0f
cc3ee4e5bf5f9a57e04f87c9942329ca985e6833
86107dcf815f1af0107e9c9c07880ad83fb2e56e6949e8b552f788ef917b8f1b
GET /quant.js HTTP/1.1
Host: edge.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: private, max-age=604800
Content-Encoding: gzip
Etag: "qnbLQo87mD/KmvsyZTIxlQ=="
Expires: Sun, 26 Mar 2023 07:01:10 GMT
Vary: Accept-Encoding
d39f23jfph0ylk.cloudfront.net/pun.bz.png
54.230.245.213200 OK 1.1 kB URL HTTP/2 d39f23jfph0ylk.cloudfront.net/pun.bz.png
IP 54.230.245.213:0
File type PNG image data, 151 x 49, 8-bit grayscale, non-interlaced\012- data
Hash 5605447d5b5425cfb5b845ad6b2b4287
52ec2abf74f302872bb90a6a289867517e6a495b
b112b4ab0824b2f85238c42d68e2cd346128253fc77237d2b5966804bca53bff
GET /pun.bz.png HTTP/1.1
Host: d39f23jfph0ylk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1084
last-modified: Wed, 28 Aug 2019 14:40:55 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 19 Mar 2023 02:22:33 GMT
etag: "5605447d5b5425cfb5b845ad6b2b4287"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Kf45iHrwMH_hX_pIjsla9QSA80196t8EZP_0NtZC9C84__MPu1W8_A==
age: 16718
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
54.230.111.33301 Moved Permanently 167 B URL HTTP/1.1 rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
IP 54.230.111.33:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /rules-p-0cfM8Oh7M9bVQ.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sun, 19 Mar 2023 07:01:10 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
X-Cache: Redirect from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VtbRd-WiN1oNlhU2qha1FhhXFpg6rCJEKBQ-7YBrV5w0CI9iTMMfpw==
rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
54.230.111.33200 OK 160 B URL HTTP/2 rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
IP 54.230.111.33:0
Hash 2440f0fe7f89d580c051f453f7cc5d22
2f90ae2004b7fb87b87d5d826699a799610358b8
01e8c64b761cce7a14c9a7f82d4fa2162138e5e6e556350df4730498ea6417bf
GET /rules-p-0cfM8Oh7M9bVQ.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 160
last-modified: Fri, 14 Oct 2022 00:42:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Sun, 19 Mar 2023 06:55:27 GMT
cache-control: max-age=3600
etag: "2440f0fe7f89d580c051f453f7cc5d22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: obud9gvZCJTF3rkpyH67NPb0J6gX9x0c89tCyCqOcPPpHuznszKnMw==
age: 2081
X-Firefox-Spdy: h2
3x39.sextgem.com/favicon.ico
54.36.158.42404 Not Found 0 B URL HTTP/1.0 3x39.sextgem.com/favicon.ico
IP 54.36.158.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 3x39.sextgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/index/__xtblog_entry/10549081-cewek-sange-ngangkang-di-kasur?q=dellassedio&__xtcomments_thread=3674427
Cookie: _xta_uid=133833a14d8c41ea3560335139b48559; _xta_vid=86165386e5d5d1c853543b0c164b9852-1679209268; dom3ic8zudi28v8lr6fgphwffqoz0j6c=5490759c-60dc-4577-979f-5b94c71c205e%3A3%3A1; ppu_main_e2683001b51a3e369fb2d16165c07e07=1
HTTP/1.0 404 Not Found
Date: Sun, 19 Mar 2023 07:01:10 GMT
Content-Length: 0
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 1263815ed17b39fe126dae8ec858a460
3adcc6013e6fbb39373c927d95ce8e6242a2595e
21b0827f23d68296eb3e0bfd689496a60dc6e59962a0c1a4281823a17ce1681b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4667
Cache-Control: max-age=127422
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 07:01:10 GMT
Etag: "6415efb9-1d7"
Expires: Mon, 20 Mar 2023 18:24:52 GMT
Last-Modified: Sat, 18 Mar 2023 17:07:05 GMT
Server: ECAcc (ska/F73A)
X-Cache: HIT
Content-Length: 471
pixel.quantserve.com/pixel;r=1328445930;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2F3x39.sextgem.com%2Findex%2F__xtblog_entry%2F10549081-cewek-sange-ngangkang-di-kasur%3Fq%3Ddellassedio%26__xtcomments_thread%3D3674427;uht=2;fpan=1;fpa=P0-1978130650-1679209272216;pbc=;ns=0;ce=1;qjs=1;qv=757f3135-20230316172511;cm=;gdpr=0;ref=;d=sextgem.com;dst=0;et=1679209272259;tzo=0;ogl=;ses=c5efceb0-8f8f-4e3a-962b-9a13e08dea81
91.228.74.208200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1328445930;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2F3x39.sextgem.com%2Findex%2F__xtblog_entry%2F10549081-cewek-sange-ngangkang-di-kasur%3Fq%3Ddellassedio%26__xtcomments_thread%3D3674427;uht=2;fpan=1;fpa=P0-1978130650-1679209272216;pbc=;ns=0;ce=1;qjs=1;qv=757f3135-20230316172511;cm=;gdpr=0;ref=;d=sextgem.com;dst=0;et=1679209272259;tzo=0;ogl=;ses=c5efceb0-8f8f-4e3a-962b-9a13e08dea81
IP 91.228.74.208:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1328445930;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2F3x39.sextgem.com%2Findex%2F__xtblog_entry%2F10549081-cewek-sange-ngangkang-di-kasur%3Fq%3Ddellassedio%26__xtcomments_thread%3D3674427;uht=2;fpan=1;fpa=P0-1978130650-1679209272216;pbc=;ns=0;ce=1;qjs=1;qv=757f3135-20230316172511;cm=;gdpr=0;ref=;d=sextgem.com;dst=0;et=1679209272259;tzo=0;ogl=;ses=c5efceb0-8f8f-4e3a-962b-9a13e08dea81 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 19 Mar 2023 07:01:11 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=6416b337-0520b-8197a-c318f; expires=Thu, 18-Apr-2024 07:01:11 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186200 OK 30 kB IP 104.17.166.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (713)
Hash f8ca7e648f2d24b1155dba01fdbf2cce
3b41b6b7faa178a791d3aab73d8b8c07aa09d702
f162f77d197eba471d58c8f84847dd035305ae27fb941644bf975a36381016a5
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Wed, 19 Apr 2023 07:01:11 GMT
ETag: W/"cMPvpvd3jDHdlppiuYNttw=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 2979216
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aa3d7b8deb5fabc-OSL
alt-svc: h2=":443"; ma=60
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:11 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://3x39.sextgem.com
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aa3d7b91bfa1bfa-OSL
alt-svc: h2=":443"; ma=60
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash a684f3b449a125d2285678a6be0172a9
f5ba7774839ee9f45e1f2a88d322d3c3cfcc971f
91945112515f30fe6017f31f87a483adb2040d8435fce14fe9c44e89cf433b2c
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.34-dev
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: http://3x39.sextgem.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a3fd7a4e98eb1fff05b7734665df0a9d
218d36670499aebd9389fbab10beff21e83a7be2
2072387c641577426765a397fda0aaa7163eaf30da15b7cf9c3c658d07b0a7a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2072387C641577426765A397FDA0AAA7163EAF30DA15B7CF9C3C658D07B0A7A3"
Last-Modified: Sat, 18 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2782
Expires: Sun, 19 Mar 2023 07:47:33 GMT
Date: Sun, 19 Mar 2023 07:01:11 GMT
Connection: keep-alive
pmo5czuevcno.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 pmo5czuevcno.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: pmo5czuevcno.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:11 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c00104269c5a4e115e1c05969e80f91b
21249604889994ee62a796902f045cf425b8f6d1
2980760f27d7c78ed24ba8dba3477f45d42097c580b5e8f12cca310de7e017a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2980760F27D7C78ED24BA8DBA3477F45D42097C580B5E8F12CCA310DE7E017A2"
Last-Modified: Sat, 18 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4073
Expires: Sun, 19 Mar 2023 08:09:04 GMT
Date: Sun, 19 Mar 2023 07:01:11 GMT
Connection: keep-alive
c.adsco.re/
104.17.166.186304 Not Modified 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c.adsco.re/
If-None-Match: W/"cMPvpvd3jDHdlppiuYNttw=="
HTTP/1.1 304 Not Modified
Date: Sun, 19 Mar 2023 07:01:11 GMT
Connection: keep-alive
Cache-Control: public, max-age=2678400
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Wed, 19 Apr 2023 07:01:11 GMT
ETag: W/"cMPvpvd3jDHdlppiuYNttw=="
CF-Cache-Status: HIT
Age: 2979216
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aa3d7bb582cfabc-OSL
alt-svc: h2=":443"; ma=60
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://c.adsco.re/
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:11 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aa3d7bb5ef7b51b-OSL
alt-svc: h2=":443"; ma=60
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash a684f3b449a125d2285678a6be0172a9
f5ba7774839ee9f45e1f2a88d322d3c3cfcc971f
91945112515f30fe6017f31f87a483adb2040d8435fce14fe9c44e89cf433b2c
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://c.adsco.re/
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.34-dev
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
pmo5czuevcno.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 pmo5czuevcno.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: pmo5czuevcno.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:11 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
adsco.re/p
162.252.214.5200 OK 411 B IP 162.252.214.5:0
File type ASCII text, with very long lines (487), with no line terminators
Hash 404f5a3362e97cf40184170309e7723d
ff92fe99aed2eda97bd0c1e68fa2a2e2d6aec77c
4b325437878edab400f462b948d447eaa6e4028ff3e42100153d8b42955ea3a7
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 1965
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.34-dev
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: http://3x39.sextgem.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9c95e9c4d99f27c6227a2ce2f3e69b93
90cc0e0afdca39ff6c010653b1cfeca11a1d0939
0a24443d62a32e5aaaa3428fdf1b5ff91ae79f7f1c0956c6977e55eb78bd8749
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A24443D62A32E5AAAA3428FDF1B5FF91AE79F7F1C0956C6977E55EB78BD8749"
Last-Modified: Sat, 18 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6241
Expires: Sun, 19 Mar 2023 08:45:13 GMT
Date: Sun, 19 Mar 2023 07:01:12 GMT
Connection: keep-alive
serve.popads.net/c?_=BQFiAAAAAAAACZUAAlqRfhkwTz4qb_Sz-indV-00UwmV6pAE4Wyf0RbXccLxi55GFic-mGrg9JiDWbMlDCmsnd84UBB5_O4FQFUspMiiBHIYorXY5zIDN1aAEzyWv0jfnLFOcaXDwlEj6NIcAZtZi8AR50guw2JCuE5PXM55DmB6jW_B3Vct0QzrT5oK8rmbWgAEVdU2NJtAZ0GaJFCavi0LoKpH_j7vfdqY3a7DxluMvAIbjdXZmDm0ZBUJxBdfE94TpdIqYjwzi1wwCSt6kJCILvlZ40sBINbxYsltAM0mK68CmRovIlw_cj-GwIzLNCQDiVQx1D_Hul31-20UN7zlnrBlJYm5SG-Nnk7G4-5pNyB_ZVHe5JThLa5vasxVIUqdaqhIyQu3yCTSNbuYxhasAWnSm3zAOCwh5Yq3nvZr7EiRNKPw7VjxW4RoVam3Gi2nOZEwbVtWjWMGeUp1zSzVWElVEytOUtqEHvE&v=4&siteId=369888&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0
216.21.13.16200 OK 44 B URL HTTP/1.1 serve.popads.net/c?_=BQFiAAAAAAAACZUAAlqRfhkwTz4qb_Sz-indV-00UwmV6pAE4Wyf0RbXccLxi55GFic-mGrg9JiDWbMlDCmsnd84UBB5_O4FQFUspMiiBHIYorXY5zIDN1aAEzyWv0jfnLFOcaXDwlEj6NIcAZtZi8AR50guw2JCuE5PXM55DmB6jW_B3Vct0QzrT5oK8rmbWgAEVdU2NJtAZ0GaJFCavi0LoKpH_j7vfdqY3a7DxluMvAIbjdXZmDm0ZBUJxBdfE94TpdIqYjwzi1wwCSt6kJCILvlZ40sBINbxYsltAM0mK68CmRovIlw_cj-GwIzLNCQDiVQx1D_Hul31-20UN7zlnrBlJYm5SG-Nnk7G4-5pNyB_ZVHe5JThLa5vasxVIUqdaqhIyQu3yCTSNbuYxhasAWnSm3zAOCwh5Yq3nvZr7EiRNKPw7VjxW4RoVam3Gi2nOZEwbVtWjWMGeUp1zSzVWElVEytOUtqEHvE&v=4&siteId=369888&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0
IP 216.21.13.16:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /c?_=BQFiAAAAAAAACZUAAlqRfhkwTz4qb_Sz-indV-00UwmV6pAE4Wyf0RbXccLxi55GFic-mGrg9JiDWbMlDCmsnd84UBB5_O4FQFUspMiiBHIYorXY5zIDN1aAEzyWv0jfnLFOcaXDwlEj6NIcAZtZi8AR50guw2JCuE5PXM55DmB6jW_B3Vct0QzrT5oK8rmbWgAEVdU2NJtAZ0GaJFCavi0LoKpH_j7vfdqY3a7DxluMvAIbjdXZmDm0ZBUJxBdfE94TpdIqYjwzi1wwCSt6kJCILvlZ40sBINbxYsltAM0mK68CmRovIlw_cj-GwIzLNCQDiVQx1D_Hul31-20UN7zlnrBlJYm5SG-Nnk7G4-5pNyB_ZVHe5JThLa5vasxVIUqdaqhIyQu3yCTSNbuYxhasAWnSm3zAOCwh5Yq3nvZr7EiRNKPw7VjxW4RoVam3Gi2nOZEwbVtWjWMGeUp1zSzVWElVEytOUtqEHvE&v=4&siteId=369888&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: serve.popads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sun, 19 Mar 2023 07:01:12 GMT
pmo5czuevcno.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 pmo5czuevcno.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: pmo5czuevcno.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 07:01:12 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
c.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 19 Mar 2023 07:01:11 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 19 Apr 2023 07:01:11 GMT
etag: W/"cMPvpvd3jDHdlppiuYNttw=="
cf-cache-status: HIT
age: 197986
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aa3d7b7d9c4b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2