urlquery - report: 3x39.sextgem.com/index/__xtblog_entry/10549081-cewek-sange-ngangkang-di-kasur?q=dellassedio&__xtcomments

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
js.buzzcity.net (2)	569153	2012-10-15 09:40:23 UTC	2023-03-17 05:16:20 UTC	74.63.241.29
ww1.buzzcity.net (1)	0	2019-02-22 22:14:39 UTC	2023-03-12 15:55:46 UTC	199.59.243.223	Domain (buzzcity.net) ranked at: 562889
ocsp.r2m01.amazontrust.com (1)	0	2022-10-12 20:43:53 UTC	2023-03-18 10:40:46 UTC	54.230.80.227	Domain (amazontrust.com) ranked at: 581
sextgem.com (1)	576751	2012-09-29 16:20:56 UTC	2023-03-19 04:54:42 UTC	141.94.172.213
fonts.gstatic.com (1)	0	2014-04-02 10:51:04 UTC	2023-03-18 06:52:38 UTC	142.250.74.35	Domain (gstatic.com) ranked at: 540
4.bp.blogspot.com (1)	11215	2012-05-21 13:44:19 UTC	2023-03-18 11:58:08 UTC	142.250.74.161
enif.images.xtstatic.com (1)	0	2013-12-11 18:51:46 UTC	2023-03-18 17:57:42 UTC	141.94.172.213	Domain (xtstatic.com) ranked at: 493616
cif.images.xtstatic.com (1)	0	2013-12-16 04:47:45 UTC	2023-03-18 17:57:42 UTC	141.94.172.213	Domain (xtstatic.com) ranked at: 493616
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2023-03-18 04:10:05 UTC	35.82.212.76
4.adsco.re (2)	19179	2021-01-04 16:47:52 UTC	2023-03-18 10:11:30 UTC	162.252.214.5
pmo5czuevcno.s4.adsco.re (1)	0	No data	No data	185.200.116.90	Domain (adsco.re) ranked at: 8541
c.adsco.re (3)	16577	2017-11-29 18:42:15 UTC	2023-03-18 10:11:30 UTC	104.17.166.186
adsco.re (1)	8541	2017-04-03 03:11:30 UTC	2023-03-18 10:11:30 UTC	162.252.214.5
firefox.settings.services.mozilla.com (2)	867	2020-05-25 20:06:39 UTC	2023-03-18 04:09:44 UTC	35.241.9.150
ocsp2.globalsign.com (1)	1544	2012-05-21 07:12:19 UTC	2023-03-18 04:12:49 UTC	151.101.66.133
dcba.popcash.net (1)	99174	2018-01-31 15:18:32 UTC	2023-03-18 04:57:26 UTC	3.222.40.224
rules.quantcount.com (2)	877	2018-06-15 15:43:28 UTC	2023-03-18 04:34:45 UTC	54.230.111.33
xtgem.com (3)	168884	2012-05-22 12:48:00 UTC	2023-03-19 00:02:29 UTC	141.94.172.213
banquetunarmedgrater.com (1)	0	2022-08-04 15:12:50 UTC	2023-03-18 17:46:51 UTC	173.233.137.44	Unknown ranking
c1.popads.net (1)	168879	2013-05-23 15:07:44 UTC	2023-03-18 10:09:46 UTC	185.76.9.26
serve.popads.net (1)	135113	2012-05-26 08:10:30 UTC	2023-03-18 10:09:47 UTC	216.21.13.16
edge.quantserve.com (1)	11791	2012-05-20 19:10:14 UTC	2023-03-18 20:07:34 UTC	91.228.74.200
3x39.sextgem.com (3)	0	2012-12-08 19:21:07 UTC	2023-03-19 06:51:30 UTC	54.36.158.42	Domain (sextgem.com) ranked at: 576751
pl13048200.trustedcpmrevenue.com (1)	0	2022-09-03 14:49:25 UTC	2023-03-11 22:42:22 UTC	192.243.59.20	Domain (trustedcpmrevenue.com) ranked at: 22982
haywarn.com (1)	0	2023-02-24 14:30:07 UTC	2023-03-19 04:28:45 UTC	192.243.59.13	Unknown ranking
www.gravatar.com (1)	4072	2012-05-21 12:14:24 UTC	2023-03-18 17:21:24 UTC	192.0.73.2
simplewebanalysis.com (1)	0	2022-02-25 04:06:25 UTC	2023-03-18 10:43:26 UTC	52.59.156.99	Unknown ranking
pixel.quantserve.com (1)	417	2012-05-21 19:45:06 UTC	2023-03-18 04:34:45 UTC	91.228.74.208
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2023-03-18 04:09:44 UTC	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2023-03-18 04:09:44 UTC	34.117.237.239
edryc.pun.bz (1)	0	2014-11-23 14:21:58 UTC	2023-03-12 15:55:44 UTC	45.33.23.183	Unknown ranking
c.waplog.net (2)	0	2012-06-03 17:27:07 UTC	2023-03-17 05:56:12 UTC	69.16.231.57	Unknown ranking
pmo5czuevcno.n4.adsco.re (1)	0	No data	No data	38.132.109.186	Domain (adsco.re) ranked at: 8541
cdn.popcash.net (1)	109877	2012-12-16 03:00:03 UTC	2023-03-18 04:57:25 UTC	151.139.128.11
u-on.eu (10)	457211	2012-06-19 12:59:00 UTC	2023-03-16 17:00:37 UTC	163.172.215.201
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2023-03-18 04:09:29 UTC	34.120.237.76
ocsp.digicert.com (1)	86	2012-05-21 07:02:23 UTC	2023-03-18 05:50:01 UTC	192.229.221.95
6.adsco.re (2)	17812	2018-01-15 04:15:29 UTC	2023-03-18 17:33:42 UTC	104.17.167.186
pmo5czuevcno.l4.adsco.re (1)	0	No data	No data	185.200.118.90	Domain (adsco.re) ranked at: 8541
r3.o.lencr.org (12)	344	2020-12-02 08:52:13 UTC	2023-03-18 04:09:03 UTC	23.36.76.226
fonts.googleapis.com (1)	8877	2012-05-23 12:41:44 UTC	2023-03-18 04:49:44 UTC	142.250.74.106
ww7.waplog.net (1)	0	2021-02-23 12:24:07 UTC	2023-03-07 07:05:59 UTC	199.59.243.223	Unknown ranking
d39f23jfph0ylk.cloudfront.net (1)	0	2020-12-09 21:42:07 UTC	2023-03-18 16:00:10 UTC	54.230.245.213	Unknown ranking

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-19 07:01:12 UTC	1	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-03-19 07:01:12 UTC	1	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-03-19 07:01:12 UTC	1	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-03-19 07:01:12 UTC	1	Client IP	185.200.118.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-03-19 07:01:12 UTC	1	Client IP	38.132.109.186	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)
2023-03-19 07:01:12 UTC	1	Client IP	185.200.116.90	ET INFO Session Traversal Utilities for NAT (STUN Binding Request)

Scan Date	Severity	Indicator	Comment
2023-03-19	2	cdn.popcash.net/pop.js	Malware

Scan Date	Severity	Indicator	Comment
2023-03-19	2	haywarn.com	Sinkholed

Date	UQ / IDS / BL	URL	IP
2023-03-27 14:41:06 +0000	0 - 0 - 0	snapcams.wapsite.me	54.36.158.42
2023-03-26 06:06:01 +0000	0 - 0 - 2	snapcams.wapsite.me	54.36.158.42
2023-03-26 06:05:32 +0000	0 - 0 - 1	lsmodel.wapsite.me	54.36.158.42
2023-03-25 21:43:41 +0000	0 - 6 - 1	3x39.sextgem.com/index/__xtblog_entry/1054905 (...)	54.36.158.42
2023-03-24 22:57:36 +0000	0 - 7 - 1	3x39.sextgem.com/index/__xtblog_entry/1058048 (...)	54.36.158.42

Date	UQ / IDS / BL	URL	IP
2023-03-27 17:46:39 +0000	0 - 0 - 1	51.77.64.77/OceanofDMG.com/Macroplant_iExplor (...)	51.77.64.77
2023-03-27 17:44:39 +0000	0 - 2 - 0	s2-download.xyz/d3763695aee3a119/Adobe_Illust (...)	162.19.136.81
2023-03-27 17:41:42 +0000	0 - 1 - 0	update.gunboundlw.com/GbSet.exe.rar	15.235.105.105
2023-03-27 17:26:43 +0000	0 - 1 - 0	update.gunboundlw.com/GbSet.exe.rar	15.235.105.105
2023-03-27 17:10:01 +0000	0 - 1 - 0	update.gunboundlw.com/GbSet.exe.rar	15.235.105.105

Date	UQ / IDS / BL	URL	IP
2023-03-25 21:43:41 +0000	0 - 6 - 1	3x39.sextgem.com/index/__xtblog_entry/1054905 (...)	54.36.158.42
2023-03-24 22:57:36 +0000	0 - 7 - 1	3x39.sextgem.com/index/__xtblog_entry/1058048 (...)	54.36.158.42
2023-03-22 14:39:34 +0000	0 - 0 - 1	100x.sextgem.com/bokepindo3gpterbaru/Desis_Na (...)	54.36.158.42
2023-03-22 05:28:20 +0000	0 - 2 - 9	100x.sextgem.com/index.html?__xtblog_block_id (...)	54.36.158.42
2023-03-19 07:01:19 +0000	0 - 6 - 2	3x39.sextgem.com/index/__xtblog_entry/1054908 (...)	54.36.158.42

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F" Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7396 Expires: Sun, 19 Mar 2023 09:04:24 GMT Date: Sun, 19 Mar 2023 07:01:08 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2857be6f18459c7a4a7f00f6cd6076f1 Sha1: 570609086d72a9be57cde7bfefd25663c1035fba Sha256: bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: e533d6bd6a8080facdff772bcbf359373dab2d5a6fe5eabe64f95e68a8cd23aa 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E533D6BD6A8080FACDFF772BCBF359373DAB2D5A6FE5EABE64F95E68A8CD23AA" Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4521 Expires: Sun, 19 Mar 2023 08:16:29 GMT Date: Sun, 19 Mar 2023 07:01:08 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3396075e8f2d9ceae3bd11f94111fed8 Sha1: 98ba4ccf6b0e38a91c69b76ac1dc07313773ed1d Sha256: e533d6bd6a8080facdff772bcbf359373dab2d5a6fe5eabe64f95e68a8cd23aa
GET /index/__xtblog_entry/10549081-cewek-sange-ngangkang-di-kasur?q=dellassedio&__xtcomments_thread=3674427 HTTP/1.1 Host: 3x39.sextgem.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: 3x39.sextgem.com/index/__xtblog_entry/10549081-cewek-sa (...) FQDN: 3x39.sextgem.com IP: 54.36.158.42 HASH: 34c004a038dbb014d6bbd88d02e6f0708fb93a111cd60905611a96218936f0ed 54.36.158.42 HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Date: Sun, 19 Mar 2023 07:01:08 GMT Vary: Host,Accept-Encoding Set-Cookie: _xta_uid=133833a14d8c41ea3560335139b48559; expires=Tue, 18-Mar-2025 07:01:08 GMT; Max-Age=63072000; path=/; domain=.sextgem.com; httponly _xta_vid=86165386e5d5d1c853543b0c164b9852-1679209268; expires=Sun, 19-Mar-2023 07:31:08 GMT; Max-Age=1800; path=/; domain=.sextgem.com; httponly Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate Pragma: no-cache Expires: Wed, 17 Sep 1975 21:32:10 GMT Content-Encoding: gzip Content-Length: 7542 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3577), with CRLF, LF line terminators Size: 7542 Md5: a74ecd05af3223878a8e4c3e9a4cfed2 Sha1: 9ce656234b598e2596d127753a05d4b7673e73f9 Sha256: 34c004a038dbb014d6bbd88d02e6f0708fb93a111cd60905611a96218936f0ed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: bd775c38c2e11f1baedde5d92ab17ceaf4c2067f8ea996595a66801758a71813 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "BD775C38C2E11F1BAEDDE5D92AB17CEAF4C2067F8EA996595A66801758A71813" Last-Modified: Fri, 17 Mar 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7854 Expires: Sun, 19 Mar 2023 09:12:02 GMT Date: Sun, 19 Mar 2023 07:01:08 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: eddc2a353d39e5ce5c30d7e90b3ed6a5 Sha1: 305e86e4b966344c135c50af9a6509ffd3a83e9e Sha256: bd775c38c2e11f1baedde5d92ab17ceaf4c2067f8ea996595a66801758a71813
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 19 Mar 2023 06:27:02 GMT age: 2046 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: bc86ef2a0cee04915bc360f5821adc8f Sha1: 3658f9028cce204d38f7f48fcfaa2a8e4f54383a Sha256: aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: 0Q/eXDCObVsp/lyQJWPYX/U9FLHpJ+CK4x2QBkDdl5fFfQAQrcG+2qQ9Ku61jLARwifPh7MVMrs= x-amz-request-id: X9CE5XWHPMKM6C4A x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 19 Mar 2023 06:58:10 GMT age: 178 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: e7bace7c1e04d44012e37ddffe36e5d5 Sha1: 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 Sha256: 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sun, 19 Mar 2023 07:01:08 GMT content-length: 12 access-control-allow-credentials: true access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /css?family=Allerta HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: fonts.googleapis.com/css?family=Allerta FQDN: fonts.googleapis.com IP: 142.250.74.106 HASH: f7abe6743b90f118ee4a1ec1dd5ec08fd1e2f1ce08e252eb3ee09021c587027a 142.250.74.106 HTTP/1.1 200 OK Content-Type: text/css; charset=utf-8 Access-Control-Allow-Origin: * Timing-Allow-Origin: * Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin Expires: Sun, 19 Mar 2023 07:01:08 GMT Date: Sun, 19 Mar 2023 07:01:08 GMT Cache-Control: private, max-age=86400 Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin-allow-popups Content-Encoding: gzip Transfer-Encoding: chunked Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff --- Additional Info --- Magic: ASCII text Size: 268 Md5: b74f6bb2a291875d4c08852ea0b5b39b Sha1: 8cb70b97699a9f85853e17cb3ca3dad30bed9547 Sha256: f7abe6743b90f118ee4a1ec1dd5ec08fd1e2f1ce08e252eb3ee09021c587027a
GET /pop.js HTTP/1.1 Host: cdn.popcash.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: cdn.popcash.net/pop.js FQDN: cdn.popcash.net IP: 151.139.128.11 HASH: 903349d17d20a9010f59b6feed6519fda179cf5606bbde8abcd58db81525b527 151.139.128.11 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 19 Mar 2023 07:01:08 GMT Content-Encoding: gzip Last-Modified: Thu, 02 Mar 2023 10:45:34 GMT Accept-Ranges: bytes ETag: W/"64007e4e-1f3e1" Cache-Control: max-age=2592000, public CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9rYuUP7atvh891%2FtI9NR%2Ff1zdqTkKtiARKT3HL4BBrKgJFwa%2B4GnuBMibawvKewa5SJaAMfWnsK2wfcqzEYqDKoHK1zXD2l%2FC9OIT8r662vjd6brignX5SC0msu"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7a5e0e344d3bfac4-OSL Alt-Svc: h2=":443"; ma=60 Vary: Accept-Encoding X-HW: 1679209268.cds018.sk1.h2,1679209268.cds216.sk1.c Access-Control-Allow-Origin: * Connection: keep-alive Content-Length: 38289 --- Additional Info --- Magic: ASCII text, with very long lines (65390) Size: 38289 Md5: 98cfe0446b61a1f2a2df62468da0202c Sha1: 156362703ec16548fe52ef46832fdad94d493463 Sha256: 903349d17d20a9010f59b6feed6519fda179cf5606bbde8abcd58db81525b527 Alerts: Blocklists: - fortinet: Malware
GET /xtgem_template.css?v=1425524391 HTTP/1.1 Host: 3x39.sextgem.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/index/__xtblog_entry/10549081-cewek-sange-ngangkang-di-kasur?q=dellassedio&__xtcomments_thread=3674427 Cookie: _xta_uid=133833a14d8c41ea3560335139b48559; _xta_vid=86165386e5d5d1c853543b0c164b9852-1679209268	URL: 3x39.sextgem.com/xtgem_template.css?v=1425524391 FQDN: 3x39.sextgem.com IP: 54.36.158.42 HASH: a670c684aeb167d7737b9982002432deaf9bd17ced6d6bf396242ce47e6d60d6 54.36.158.42 HTTP/1.1 200 OK Content-Type: text/css;charset=UTF-8 Date: Sun, 19 Mar 2023 07:01:08 GMT Vary: Host,Accept-Encoding Set-Cookie: _xta_uid=133833a14d8c41ea3560335139b48559; expires=Tue, 18-Mar-2025 07:01:08 GMT; Max-Age=63072000; path=/; domain=.sextgem.com; httponly Content-Encoding: gzip Content-Length: 3629 Connection: close --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 3629 Md5: 8a2b1bae634a7a7d3cec448e0c613833 Sha1: db0079da090fae041489aa1d31bc7eb82b931c08 Sha256: a670c684aeb167d7737b9982002432deaf9bd17ced6d6bf396242ce47e6d60d6
GET /c.php?u=70103 HTTP/1.1 Host: u-on.eu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: u-on.eu/c.php?u=70103 FQDN: u-on.eu IP: 163.172.215.201 HASH: f200deca44d3401dd734aa4c89f6105c3bd1bd8363dd7ff334a260e62ff0922f 163.172.215.201 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=iso-8859-1 Date: Sun, 19 Mar 2023 07:01:08 GMT Server: Apache/2.4.29 (Ubuntu) Location: https://u-on.eu/c.php?u=70103 Content-Length: 310 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 310 Md5: 92c6fec1f351530bfd90c53630b6ac54 Sha1: 9daad52e555a164e70a287cc9622420305c7c89a Sha256: f200deca44d3401dd734aa4c89f6105c3bd1bd8363dd7ff334a260e62ff0922f
GET /c.php?u=73196 HTTP/1.1 Host: u-on.eu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: u-on.eu/c.php?u=73196 FQDN: u-on.eu IP: 163.172.215.201 HASH: 3f6d7d76eee4ea65138d605e953a979e0ba7b4fc7d3b41925462d73c8c9ec87d 163.172.215.201 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=iso-8859-1 Date: Sun, 19 Mar 2023 07:01:08 GMT Server: Apache/2.4.29 (Ubuntu) Location: https://u-on.eu/c.php?u=73196 Content-Length: 310 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 310 Md5: e3c179228be47134f82b0627b716d1fa Sha1: 8695c7241a19818d3e5f95e8a74dda012e77bf67 Sha256: 3f6d7d76eee4ea65138d605e953a979e0ba7b4fc7d3b41925462d73c8c9ec87d
GET /c.php?u=73203 HTTP/1.1 Host: u-on.eu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: u-on.eu/c.php?u=73203 FQDN: u-on.eu IP: 163.172.215.201 HASH: e4fc7504bcf3bce5ce11408e92c271ce368b8a04d7db9eece943ee393100d01e 163.172.215.201 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=iso-8859-1 Date: Sun, 19 Mar 2023 07:01:08 GMT Server: Apache/2.4.29 (Ubuntu) Location: https://u-on.eu/c.php?u=73203 Content-Length: 310 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 310 Md5: 29fea643f06a51d492d0def29bc6cb9f Sha1: 7bae4750a468279f8abc45a042972e0d16abc4bb Sha256: e4fc7504bcf3bce5ce11408e92c271ce368b8a04d7db9eece943ee393100d01e
GET /c.php?u=72767 HTTP/1.1 Host: u-on.eu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: u-on.eu/c.php?u=72767 FQDN: u-on.eu IP: 163.172.215.201 HASH: 06cd1b1ef516d3d1ffc17a40944caa25850fbedebdcdf62aec7520f061105785 163.172.215.201 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=iso-8859-1 Date: Sun, 19 Mar 2023 07:01:08 GMT Server: Apache/2.4.29 (Ubuntu) Location: https://u-on.eu/c.php?u=72767 Content-Length: 310 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 310 Md5: 3150ae9a2925d40efa3546a50cbdf06a Sha1: 2dcf79b3004798728f4fb642221ca2b076d72e77 Sha256: 06cd1b1ef516d3d1ffc17a40944caa25850fbedebdcdf62aec7520f061105785
GET /c.php?u=73195 HTTP/1.1 Host: u-on.eu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: u-on.eu/c.php?u=73195 FQDN: u-on.eu IP: 163.172.215.201 HASH: ac18b9e6d83f6f668fe99b95fff89f3c96fb251e5f5795f62517557eeef98715 163.172.215.201 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=iso-8859-1 Date: Sun, 19 Mar 2023 07:01:08 GMT Server: Apache/2.4.29 (Ubuntu) Location: https://u-on.eu/c.php?u=73195 Content-Length: 310 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 310 Md5: 15a3230c1bd4295cfcb73c2d0e70bb1a Sha1: 0c39beec6c39d1a258a62170aa1fd180b05355c4 Sha256: ac18b9e6d83f6f668fe99b95fff89f3c96fb251e5f5795f62517557eeef98715
GET /js/page_templates.js HTTP/1.1 Host: sextgem.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/ Cookie: _xta_uid=133833a14d8c41ea3560335139b48559; _xta_vid=86165386e5d5d1c853543b0c164b9852-1679209268	URL: sextgem.com/js/page_templates.js FQDN: sextgem.com IP: 141.94.172.213 HASH: 02208b6b15ad77f658951e1b2f02d657e59dae0335d742707e2d5b2b614520f4 141.94.172.213 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 19 Mar 2023 07:01:08 GMT Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT ETag: "5fb-59774aa04e000-gzip" Accept-Ranges: bytes Cache-Control: max-age=2592000 Expires: Tue, 18 Apr 2023 07:01:08 GMT Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 600 Connection: close --- Additional Info --- Magic: ASCII text Size: 600 Md5: 40399e3e5e1a172dd101d6aaf7611b85 Sha1: dbf7f0961ceea4c42625b7b574dc5fe78b752b24 Sha256: 02208b6b15ad77f658951e1b2f02d657e59dae0335d742707e2d5b2b614520f4
GET /images/xtvid/sunnyleonewap.jpg HTTP/1.1 Host: xtgem.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: xtgem.com/images/xtvid/sunnyleonewap.jpg FQDN: xtgem.com IP: 141.94.172.213 HASH: 04f14d4e1099434b5486bddb58c0a71ba246e2d2248718e84d7643537ad600d8 141.94.172.213 HTTP/1.1 200 OK Content-Type: image/jpeg Date: Sun, 19 Mar 2023 07:01:08 GMT Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT ETag: "1e0a-59774aa04e000" Accept-Ranges: bytes Content-Length: 7690 Cache-Control: max-age=2592000 Expires: Tue, 18 Apr 2023 07:01:08 GMT X-Ngz: 1 Connection: close --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x50, components 3\012- data Size: 7690 Md5: 8e0dddf6bcbe232ac643e4dd40de6101 Sha1: b958077b6d3871c2bd5088561235c8c825a3f72f Sha256: 04f14d4e1099434b5486bddb58c0a71ba246e2d2248718e84d7643537ad600d8
GET /s/allerta/v18/TwMO-IAHRlkbx940YnYXSA.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://3x39.sextgem.com Connection: keep-alive Referer: http://fonts.googleapis.com/	URL: fonts.gstatic.com/s/allerta/v18/TwMO-IAHRlkbx940YnYXSA.woff2 FQDN: fonts.gstatic.com IP: 142.250.74.35 HASH: ef4a4798ee810a9641529acd802d9b08b48623504b15d10fba88fc42dcb2d9f6 142.250.74.35 HTTP/1.1 200 OK Content-Type: font/woff2 Accept-Ranges: bytes Access-Control-Allow-Origin: * Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes" Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} Timing-Allow-Origin: * Content-Length: 7824 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Wed, 15 Mar 2023 15:59:29 GMT Expires: Thu, 14 Mar 2024 15:59:29 GMT Cache-Control: public, max-age=31536000 Last-Modified: Tue, 19 Apr 2022 18:20:16 GMT Age: 313299 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 7824, version 1.0\012- data Size: 7824 Md5: 0cd3b03c066851fd03e8e51a0bb713cd Sha1: ab90570fbff72d7d5070ef9629da2e31b506575a Sha256: ef4a4798ee810a9641529acd802d9b08b48623504b15d10fba88fc42dcb2d9f6
GET /-TZr4tNW0VM8/VR8pVUB0F6I/AAAAAAAABF4/OZi8EeMnzkU/s1600/300x250-1322162014.gif HTTP/1.1 Host: 4.bp.blogspot.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: 4.bp.blogspot.com/-TZr4tNW0VM8/VR8pVUB0F6I/AAAAAAAABF4/ (...) FQDN: 4.bp.blogspot.com IP: 142.250.74.161 HASH: 94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615 142.250.74.161 HTTP/1.1 404 Not Found Content-Type: image/png Access-Control-Allow-Origin: * Timing-Allow-Origin: * X-Content-Type-Options: nosniff Date: Sun, 19 Mar 2023 07:01:08 GMT Server: fife Content-Length: 832 X-XSS-Protection: 0 --- Additional Info --- Magic: PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data Size: 832 Md5: 596246739a83bb45e30e13437e0810d9 Sha1: 203d99f5cb1f2c816d6f9974cc5a73cf412892a6 Sha256: 94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /tp.gif HTTP/1.1 Host: enif.images.xtstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/ Upgrade-Insecure-Requests: 1	URL: enif.images.xtstatic.com/tp.gif FQDN: enif.images.xtstatic.com IP: 141.94.172.213 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 141.94.172.213 HTTP/1.1 200 OK Content-Type: image/gif Date: Sun, 19 Mar 2023 07:01:08 GMT Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT ETag: "2a-59774aa04e000" Accept-Ranges: bytes Content-Length: 42 Cache-Control: max-age=2592000 Expires: Tue, 18 Apr 2023 07:01:08 GMT Connection: close --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /tp.gif HTTP/1.1 Host: cif.images.xtstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/ Upgrade-Insecure-Requests: 1	URL: cif.images.xtstatic.com/tp.gif FQDN: cif.images.xtstatic.com IP: 141.94.172.213 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 141.94.172.213 HTTP/1.1 200 OK Content-Type: image/gif Date: Sun, 19 Mar 2023 07:01:08 GMT Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT ETag: "2a-59774aa04e000" Accept-Ranges: bytes Content-Length: 42 Cache-Control: max-age=2592000 Expires: Tue, 18 Apr 2023 07:01:08 GMT Connection: close --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /files/bokep-online-gratis.png HTTP/1.1 Host: edryc.pun.bz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: edryc.pun.bz/files/bokep-online-gratis.png FQDN: edryc.pun.bz IP: 45.33.23.183 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 45.33.23.183 HTTP/1.1 302 Found content-type: text/html; charset=utf-8 server: openresty/1.13.6.1 date: Sun, 19 Mar 2023 07:01:08 GMT content-length: 0 location: https://d39f23jfph0ylk.cloudfront.net/pun.bz.png vary: Accept-Language content-language: en connection: close --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 2341f8b5c8ec6dc1fa2689bd74e7524f40c1528dbfd8e390f4cea188db52512f 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "2341F8B5C8EC6DC1FA2689BD74E7524F40C1528DBFD8E390F4CEA188DB52512F" Last-Modified: Fri, 17 Mar 2023 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3441 Expires: Sun, 19 Mar 2023 07:58:29 GMT Date: Sun, 19 Mar 2023 07:01:08 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 745318ba3aa34b349d9ea67baeaad399 Sha1: 8e1800f71ac361f77b944b522a582ad134b64596 Sha256: 2341f8b5c8ec6dc1fa2689bd74e7524f40c1528dbfd8e390f4cea188db52512f
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 2341f8b5c8ec6dc1fa2689bd74e7524f40c1528dbfd8e390f4cea188db52512f 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "2341F8B5C8EC6DC1FA2689BD74E7524F40C1528DBFD8E390F4CEA188DB52512F" Last-Modified: Fri, 17 Mar 2023 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3441 Expires: Sun, 19 Mar 2023 07:58:29 GMT Date: Sun, 19 Mar 2023 07:01:08 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 745318ba3aa34b349d9ea67baeaad399 Sha1: 8e1800f71ac361f77b944b522a582ad134b64596 Sha256: 2341f8b5c8ec6dc1fa2689bd74e7524f40c1528dbfd8e390f4cea188db52512f
GET /c.php?u=72767 HTTP/1.1 Host: u-on.eu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://3x39.sextgem.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: u-on.eu/c.php?u=72767 FQDN: u-on.eu IP: 163.172.215.201 HASH: 3a18f429f1b5ce852384339e84fc785e851223febde6af9ee7ba01a646a36db3 163.172.215.201 HTTP/1.1 200 OK Content-Type: image/png Date: Sun, 19 Mar 2023 07:01:08 GMT Server: Apache/2.4.29 (Ubuntu) Cache-Control: no-cache, no-store, must-revalidate Content-Length: 1381 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data Size: 1381 Md5: bd6e50d02e5b32e4abc5fa60b7102fea Sha1: 8ef5cc815a68104af972f4dedeb5adca5fcec922 Sha256: 3a18f429f1b5ce852384339e84fc785e851223febde6af9ee7ba01a646a36db3
GET /c.php?u=73195 HTTP/1.1 Host: u-on.eu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://3x39.sextgem.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: u-on.eu/c.php?u=73195 FQDN: u-on.eu IP: 163.172.215.201 HASH: 35118cbb72e84832e3b5912a60939c86e3b515b06239bee310ee8f19e0694bc3 163.172.215.201 HTTP/1.1 200 OK Content-Type: image/png Date: Sun, 19 Mar 2023 07:01:08 GMT Server: Apache/2.4.29 (Ubuntu) Cache-Control: no-cache, no-store, must-revalidate Content-Length: 1214 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data Size: 1214 Md5: 1ea1244ea92efe1cba1be1546f2752d2 Sha1: d984bcf5f13c53a6962fa992049f1b67d9e22814 Sha256: 35118cbb72e84832e3b5912a60939c86e3b515b06239bee310ee8f19e0694bc3
GET /c.php?u=73203 HTTP/1.1 Host: u-on.eu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://3x39.sextgem.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: u-on.eu/c.php?u=73203 FQDN: u-on.eu IP: 163.172.215.201 HASH: 35118cbb72e84832e3b5912a60939c86e3b515b06239bee310ee8f19e0694bc3 163.172.215.201 HTTP/1.1 200 OK Content-Type: image/png Date: Sun, 19 Mar 2023 07:01:08 GMT Server: Apache/2.4.29 (Ubuntu) Cache-Control: no-cache, no-store, must-revalidate Content-Length: 1214 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data Size: 1214 Md5: 1ea1244ea92efe1cba1be1546f2752d2 Sha1: d984bcf5f13c53a6962fa992049f1b67d9e22814 Sha256: 35118cbb72e84832e3b5912a60939c86e3b515b06239bee310ee8f19e0694bc3
GET /c.php?u=73196 HTTP/1.1 Host: u-on.eu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://3x39.sextgem.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: u-on.eu/c.php?u=73196 FQDN: u-on.eu IP: 163.172.215.201 HASH: 35118cbb72e84832e3b5912a60939c86e3b515b06239bee310ee8f19e0694bc3 163.172.215.201 HTTP/1.1 200 OK Content-Type: image/png Date: Sun, 19 Mar 2023 07:01:08 GMT Server: Apache/2.4.29 (Ubuntu) Cache-Control: no-cache, no-store, must-revalidate Content-Length: 1214 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data Size: 1214 Md5: 1ea1244ea92efe1cba1be1546f2752d2 Sha1: d984bcf5f13c53a6962fa992049f1b67d9e22814 Sha256: 35118cbb72e84832e3b5912a60939c86e3b515b06239bee310ee8f19e0694bc3
POST /gsalphasha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp2.globalsign.com/gsalphasha2g2 FQDN: ocsp2.globalsign.com IP: 151.101.66.133 HASH: c4c3d650c6e81a799cc07f4880221cf2135c233696163f97a4b1e8144e851ca6 151.101.66.133 HTTP/1.1 200 OK Content-Type: application/ocsp-response Connection: keep-alive Content-Length: 1423 Server: nginx Expires: Thu, 23 Mar 2023 05:50:06 GMT ETag: "20633f91ca2fb3f3ada5ccbd111546cb73e6b9aa" Last-Modified: Sun, 19 Mar 2023 05:50:07 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 Via: 1.1 varnish, 1.1 varnish Accept-Ranges: bytes Date: Sun, 19 Mar 2023 07:01:09 GMT Age: 4262 X-Served-By: cache-qpg1266-QPG, cache-bma1669-BMA X-Cache: HIT, HIT X-Cache-Hits: 29, 1 X-Timer: S1679209269.000505,VS0,VE1 --- Additional Info --- Magic: data Size: 1423 Md5: 46ae95413e1bf218d905f7c5f41e80f1 Sha1: 20633f91ca2fb3f3ada5ccbd111546cb73e6b9aa Sha256: c4c3d650c6e81a799cc07f4880221cf2135c233696163f97a4b1e8144e851ca6
GET /c.php?u=70103 HTTP/1.1 Host: u-on.eu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://3x39.sextgem.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: u-on.eu/c.php?u=70103 FQDN: u-on.eu IP: 163.172.215.201 HASH: 35118cbb72e84832e3b5912a60939c86e3b515b06239bee310ee8f19e0694bc3 163.172.215.201 HTTP/1.1 200 OK Content-Type: image/png Date: Sun, 19 Mar 2023 07:01:08 GMT Server: Apache/2.4.29 (Ubuntu) Cache-Control: no-cache, no-store, must-revalidate Content-Length: 1214 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data Size: 1214 Md5: 1ea1244ea92efe1cba1be1546f2752d2 Sha1: d984bcf5f13c53a6962fa992049f1b67d9e22814 Sha256: 35118cbb72e84832e3b5912a60939c86e3b515b06239bee310ee8f19e0694bc3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Cache-Control, Content-Length, Retry-After, Content-Type, Expires, Alert, Pragma, ETag, Backoff, Last-Modified content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 19 Mar 2023 06:14:32 GMT age: 2797 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /znWaa3gu HTTP/1.1 Host: dcba.popcash.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://3x39.sextgem.com Connection: keep-alive Referer: http://3x39.sextgem.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: dcba.popcash.net/znWaa3gu FQDN: dcba.popcash.net IP: 3.222.40.224 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 3.222.40.224 HTTP/2 204 No Content date: Sun, 19 Mar 2023 07:01:09 GMT access-control-allow-origin: * cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 5db17bb0a40658845e03d8237a69458a0576d955006ee224930b0310179af9af 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5DB17BB0A40658845E03D8237A69458A0576D955006EE224930B0310179AF9AF" Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7449 Expires: Sun, 19 Mar 2023 09:05:18 GMT Date: Sun, 19 Mar 2023 07:01:09 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 0a4b141e90b0fb22cf6d10a6a4fd360d Sha1: 37b081be1a69edb97a7c562b71474f4d7405d94e Sha256: 5db17bb0a40658845e03d8237a69458a0576d955006ee224930b0310179af9af
GET /e2/68/30/e2683001b51a3e369fb2d16165c07e07.js HTTP/1.1 Host: pl13048200.trustedcpmrevenue.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: pl13048200.trustedcpmrevenue.com/e2/68/30/e2683001b51a3 (...) FQDN: pl13048200.trustedcpmrevenue.com IP: 192.243.59.20 HASH: fd545b0cf0f166bc547e9ade84b95326941637028d98f169864a949ba65a3d6a 192.243.59.20 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.17.9 Date: Sun, 19 Mar 2023 07:01:09 GMT Transfer-Encoding: chunked Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: 994a60e5f0dad834009d028908605ec2 Strict-Transport-Security: max-age=0; includeSubdomains Content-Encoding: gzip --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (60152), with no line terminators Size: 20720 Md5: 102d5fb58c6d09beba9571b30b0493bc Sha1: 22185fd7160a10a6415415f11bf3dc38890d8cf3 Sha256: fd545b0cf0f166bc547e9ade84b95326941637028d98f169864a949ba65a3d6a
GET /bcads.js HTTP/1.1 Host: js.buzzcity.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: js.buzzcity.net/bcads.js FQDN: js.buzzcity.net IP: 74.63.241.29 HASH: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47 74.63.241.29 HTTP/1.1 302 Found cache-control: max-age=0, private, must-revalidate connection: close content-length: 11 date: Sun, 19 Mar 2023 07:01:08 GMT location: http://ww1.buzzcity.net server: nginx set-cookie: sid=d3631e90-c623-11ed-8f92-dd7c3f736319; path=/; domain=.buzzcity.net; expires=Fri, 06 Apr 2091 10:15:16 GMT; max-age=2147483647; HttpOnly --- Additional Info --- Magic: ASCII text, with no line terminators Size: 11 Md5: 32682312d17c7cbf18e73594f5570319 Sha1: 60e22121bdd0bc71cdb2bae2a3aa577006b2eae9 Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 9ThXMZhx4GMGXVMZrTiIKg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.82.212.76 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.82.212.76 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: kNGg3mep+zVaLXz9mDmGVOY3GSY= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /562933.cnt HTTP/1.1 Host: c.waplog.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: c.waplog.net/562933.cnt FQDN: c.waplog.net IP: 69.16.231.57 HASH: 79fb4b9f1f10297efbeaf92a6142c42043219b081194e545e06fb2a49ffc73e4 69.16.231.57 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Sun, 19 Mar 2023 07:01:09 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 X-Powered-By: PHP/5.4.16 Cache-Control: no-cache Pragma: no-cache Content-Length: 2236 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (620) Size: 2236 Md5: 37bdee4ebe669f79611edfa1f380c04b Sha1: 6b374ca850150887356664e4da6bbdeded65b63f Sha256: 79fb4b9f1f10297efbeaf92a6142c42043219b081194e545e06fb2a49ffc73e4
GET / HTTP/1.1 Host: ww1.buzzcity.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://3x39.sextgem.com/ Connection: keep-alive	URL: ww1.buzzcity.net/ FQDN: ww1.buzzcity.net IP: 199.59.243.223 HASH: 1f725060d6f452489f63f5ad85cd0e3911226d5f83c029e9729fe0584540645a 199.59.243.223 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: openresty Date: Sun, 19 Mar 2023 07:01:09 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: parking_session=d8e3739e-af3d-3b48-1590-b479cb9b6b53; expires=Sun, 19-Mar-2023 07:16:09 GMT; Max-Age=900; path=/; HttpOnly X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_uRU+3NJPB/BeaGCOa/YI6uXcYwJdbATvKm90JMwBAfwpT3LBJ+rInsIhdiF/GnjK29KPZ5eSqYcraDiHGPEBMQ== Accept-CH: sec-ch-prefers-color-scheme Critical-CH: sec-ch-prefers-color-scheme Vary: sec-ch-prefers-color-scheme Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (907), with no line terminators Size: 713 Md5: b8856b053864bd5d67ded6ce3b7e4c67 Sha1: 2d7551f500b5a5d2609ddf8fd3985ff33f46e5d0 Sha256: 1f725060d6f452489f63f5ad85cd0e3911226d5f83c029e9729fe0584540645a
GET /bcads.js HTTP/1.1 Host: js.buzzcity.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: js.buzzcity.net/bcads.js FQDN: js.buzzcity.net IP: 74.63.241.29 HASH: e85173bbf32b0e5ffae4b8cbd83ea235c313c2736c59836e8fd476ea7dff2d98 74.63.241.29 HTTP/1.1 200 OK content-type: text/html; charset=utf-8 accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile cache-control: max-age=0, private, must-revalidate connection: close content-length: 484 date: Sun, 19 Mar 2023 07:01:09 GMT server: nginx set-cookie: sid=d4035bf8-c623-11ed-b35f-dd7c5f8d1f75; path=/; domain=.buzzcity.net; expires=Fri, 06 Apr 2091 10:15:17 GMT; max-age=2147483647; HttpOnly --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (484), with no line terminators Size: 484 Md5: f7222282eb2186a8ff6945c7890989a5 Sha1: 8c3e71f7ebc0880bc0e6c04545411ed72c05652f Sha256: e85173bbf32b0e5ffae4b8cbd83ea235c313c2736c59836e8fd476ea7dff2d98
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 04ae362e18804824ae4c88d32c025b4333203abd4c24163b7fa02915c15e8f17 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "04AE362E18804824AE4C88D32C025B4333203ABD4C24163B7FA02915C15E8F17" Last-Modified: Fri, 17 Mar 2023 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9000 Expires: Sun, 19 Mar 2023 09:31:10 GMT Date: Sun, 19 Mar 2023 07:01:10 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6b7e819b8bdad7597dbf364b82dd3426 Sha1: 740c371f5032c8b3d58f195c3832ebc56cdb8552 Sha256: 04ae362e18804824ae4c88d32c025b4333203abd4c24163b7fa02915c15e8f17
GET /images/close2.png?v=0.01 HTTP/1.1 Host: xtgem.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: xtgem.com/images/close2.png?v=0.01 FQDN: xtgem.com IP: 141.94.172.213 HASH: bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3 141.94.172.213 HTTP/1.1 200 OK Content-Type: image/png Date: Sun, 19 Mar 2023 07:01:10 GMT Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT ETag: "234-59774aa04e000" Accept-Ranges: bytes Content-Length: 564 Cache-Control: max-age=2592000 Expires: Tue, 18 Apr 2023 07:01:10 GMT X-Ngz: 1 Connection: close --- Additional Info --- Magic: PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data Size: 564 Md5: 865dce1b2a4002b9a85f75ea622f4000 Sha1: f56c8218b5ca721a9e5a3daec742a6f38c33c075 Sha256: bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
GET /562933.cnt HTTP/1.1 Host: c.waplog.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: c.waplog.net/562933.cnt FQDN: c.waplog.net IP: 69.16.231.57 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 69.16.231.57 HTTP/1.1 302 Moved Temporarily Content-Type: text/html; charset=UTF-8 Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 Cache-Control: no-cache Date: Sun, 19 Mar 2023 07:01:10 GMT Location: http://ww7.waplog.net/562933.cnt Pragma: no-cache Connection: Keep-Alive X-Powered-By: PHP/5.4.16 Content-Length: 0 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC8zeDM5LnNleHRnZW0uY29tXC9pbmRleD9fX3h0YmxvZ19lbnRyeT0xMDU0OTA4MSZxPWRlbGxhc3NlZGlvJl9feHRjb21tZW50c190aHJlYWQ9MzY3NDQyNyIsImxvZ2dlZF9pbiI6ZmFsc2UsImRvbWFpbiI6IjN4Mzkuc2V4dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19 HTTP/1.1 Host: xtgem.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://3x39.sextgem.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC8zeDM (...) FQDN: xtgem.com IP: 141.94.172.213 HASH: cccdc57def11748a729c04ec76951a0d8f3e5b0baf075d60c1c132b732a3c568 141.94.172.213 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Sun, 19 Mar 2023 07:01:10 GMT Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: session=w4~k2fe8tghkjivj575oqpuaa5mm3; expires=Mon, 20-Mar-2023 07:01:10 GMT; Max-Age=86400; path=/; domain=.xtgem.com; httponly __template=web; expires=Tue, 18-Apr-2023 07:01:10 GMT; Max-Age=2592000; path=/ __lang=us; expires=Tue, 18-Apr-2023 07:01:10 GMT; Max-Age=2592000; path=/ Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 2915 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1054) Size: 2915 Md5: da024b02728bd10dc675ae24730758c3 Sha1: e66c42044f987965db3e9a94b8af5bce976b8ed1 Sha256: cccdc57def11748a729c04ec76951a0d8f3e5b0baf075d60c1c132b732a3c568
GET /pixel/purst?dl=0&th=0&sc=0&rs=1168&rd=1168&fd=784&bv=22.10.v.9&tmpl=70 HTTP/1.1 Host: haywarn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: haywarn.com/pixel/purst?dl=0&th=0&sc=0&rs=1168&rd=1168& (...) FQDN: haywarn.com IP: 192.243.59.13 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 192.243.59.13 HTTP/1.1 200 OK Server: nginx/1.17.6 Date: Sun, 19 Mar 2023 07:01:10 GMT Content-Length: 0 Connection: keep-alive Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests Access-Control-Expose-Headers: Content-Length,Content-Range --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: ocsp.r2m01.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.r2m01.amazontrust.com/ FQDN: ocsp.r2m01.amazontrust.com IP: 54.230.80.227 HASH: 3f2231f0226f12e472b31d51797f3b384884c642547aea58195707a328a5a0b4 54.230.80.227 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=122804 Date: Sun, 19 Mar 2023 07:01:10 GMT Etag: "6415e759-1d7" Expires: Mon, 20 Mar 2023 17:07:54 GMT Last-Modified: Sat, 18 Mar 2023 16:31:21 GMT Server: ECAcc (bsa/EAE4) X-Cache: Miss from cloudfront Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: uyNQz40mr7PWAlYM0PWI3YAI-VBhxDwcXjyDLWsj5Jy0PdTQYv72VQ== Age: 2193 --- Additional Info --- Magic: data Size: 471 Md5: b213fe8814ddd2655182e70982199d4a Sha1: 1fa1b230752f475e9466a42cced40f529ab5ae03 Sha256: 3f2231f0226f12e472b31d51797f3b384884c642547aea58195707a328a5a0b4
GET /stats HTTP/1.1 Host: simplewebanalysis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://3x39.sextgem.com Connection: keep-alive Referer: http://3x39.sextgem.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: simplewebanalysis.com/stats FQDN: simplewebanalysis.com IP: 52.59.156.99 HASH: 31c1e86a4178d0ebab80f6a630552498202d134db4da54da0cc7b0623d48bebd 52.59.156.99 HTTP/2 200 OK content-type: text/html; charset=UTF-8 date: Sun, 19 Mar 2023 07:01:10 GMT content-length: 40 server: fasthttp access-control-allow-origin: http://3x39.sextgem.com access-control-allow-credentials: true set-cookie: uid_id2=5490759c-60dc-4577-979f-5b94c71c205e:3:1; expires=Wed, 16 Mar 2033 07:01:10 GMT; secure; SameSite=None X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 40 Md5: 19c05418951e1b6ba679aad65b48afd5 Sha1: 95aeca29db4c2b113c07a7bcbb380724c464ec1c Sha256: 31c1e86a4178d0ebab80f6a630552498202d134db4da54da0cc7b0623d48bebd
GET /advertisers.js HTTP/1.1 Host: banquetunarmedgrater.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: banquetunarmedgrater.com/advertisers.js FQDN: banquetunarmedgrater.com IP: 173.233.137.44 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 173.233.137.44 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.19.5 Date: Sun, 19 Mar 2023 07:01:10 GMT Content-Length: 0 Connection: keep-alive Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache X-Request-ID: 09d06f833e3fdb121f542c3ec7b9cfb7 Strict-Transport-Security: max-age=0; includeSubdomains --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F" Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3031 Expires: Sun, 19 Mar 2023 07:51:41 GMT Date: Sun, 19 Mar 2023 07:01:10 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 84762efcb2e1535ae49fca6c1523df33 Sha1: 93e7f138a491d4276a793c2e5b947195ae69a88c Sha256: 920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F" Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3031 Expires: Sun, 19 Mar 2023 07:51:41 GMT Date: Sun, 19 Mar 2023 07:01:10 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 84762efcb2e1535ae49fca6c1523df33 Sha1: 93e7f138a491d4276a793c2e5b947195ae69a88c Sha256: 920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa36f2b7f-235a-43c5-9302-84b1cc7fb382.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: ce00f0d0fee5cbf89b31106b2d696d04ba12d94f4edbd512a2dc1100ab0ef5d3 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7541 x-amzn-requestid: 00d990c9-d6de-4aea-8022-2d0df93ca184 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: B_wqWGezIAMF9kA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64162e41-5a9c056956af56fd1b81973e;Sampled=0 x-amzn-remapped-date: Sat, 18 Mar 2023 21:33:53 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: 3fszpXCJahkKI-ZoJ9CPbuPKGtcZthlk63bvo1887xrQxJjtR7fVdw== via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 8cb7de37a1655236518810d0aabb8656.cloudfront.net (CloudFront), 1.1 google date: Sat, 18 Mar 2023 21:45:47 GMT etag: "80d3672c8a1db24dedba20a8b04edbc67cff14f2" age: 33323 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7541 Md5: c54a5cee763815a2d2d335a0dc51bab6 Sha1: 80d3672c8a1db24dedba20a8b04edbc67cff14f2 Sha256: ce00f0d0fee5cbf89b31106b2d696d04ba12d94f4edbd512a2dc1100ab0ef5d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe42970c2-8007-4b4c-9f15-01cf4de37822.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 0c565b97125e28b8183baab26baf7c703e70f82fad13117c5780259e6d91a89d 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6219 x-amzn-requestid: 61b80920-2ba3-4688-80ee-848d68031908 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BwlmnG0KoAMFd0A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64101c90-17c159767df548c4672b7365;Sampled=0 x-amzn-remapped-date: Tue, 14 Mar 2023 07:04:48 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: ACswRkub0RlODaxJHJGsGkACkMQKk85qY3VxYPscNccAMYdpkQ9evA== via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 9adef5b1c5fc9ca80d6f4f8d19e103a2.cloudfront.net (CloudFront), 1.1 google date: Sat, 18 Mar 2023 07:50:48 GMT age: 83422 etag: "75dd9bdbaf7f19102036d27e69a011f4c37942a9" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6219 Md5: 7e58e6553fe8e5d936a911080cec36dc Sha1: 75dd9bdbaf7f19102036d27e69a011f4c37942a9 Sha256: 0c565b97125e28b8183baab26baf7c703e70f82fad13117c5780259e6d91a89d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10338 x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BvSgFGENoAMFuVw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0 x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: bka10YWXvoKBRkwgvJNMzm1SSv_J1USzdugO9lPduHxe2uYFYkXh4w== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google date: Sun, 19 Mar 2023 04:25:44 GMT age: 9326 etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10338 Md5: 78453ba98b72eff3879ef163b59c86ed Sha1: 80519bb3726ee1f9f211344cd433cefaed3a7f2e Sha256: 61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcfb36-e851-4e2f-808e-0b76e20afc12.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 2e45bd135ca6b37ea9e95478cd9a799b543f4f5078be19396064c18bf393e6c9 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12419 x-amzn-requestid: 9b7514f8-1dc0-4374-aca6-9bd214f0599c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: B_whwGibIAMFeCA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64162e0a-67986ae93b671d66133e3900;Sampled=0 x-amzn-remapped-date: Sat, 18 Mar 2023 21:32:58 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: Bax5qwrmmdDM_5h6pe1YYY-6hZLqmgMT5Dhs_k0lxf7UzwhuTI1_Sw== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google date: Sat, 18 Mar 2023 21:45:46 GMT etag: "6aa775a79d3312f3c0352613ad4d35b3952296d5" age: 33324 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12419 Md5: 3155ef27d75c441292f2de561d28abdf Sha1: 6aa775a79d3312f3c0352613ad4d35b3952296d5 Sha256: 2e45bd135ca6b37ea9e95478cd9a799b543f4f5078be19396064c18bf393e6c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96dd733b-2874-48a1-85ec-05ab6a9364a7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 290b7a6a1fd73951a0d1dfd57d5970efd537baaf25064b32b74302a4b9102c66 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3418 x-amzn-requestid: d9b8be8d-fdb0-47ef-92e0-f5e2fa3117ac x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: B5e81FTOIAMFvtw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6413ab85-35dc07ce51de362f4bb26b72;Sampled=0 x-amzn-remapped-date: Thu, 16 Mar 2023 23:51:33 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: SkLy6ApnQ_Gur98OPXaj5klwmyFJtjLE2kX_6CFdGgVb2qQO8_fNXA== via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 0ec9ddba08fcd99386924593dbdbd44a.cloudfront.net (CloudFront), 1.1 google date: Sat, 18 Mar 2023 22:12:17 GMT age: 31733 etag: "c9b72a8db035546ffe455d6ed8e9f2c7b58cf54e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3418 Md5: 668410033c3212f1ff54ccb1ea936bb5 Sha1: c9b72a8db035546ffe455d6ed8e9f2c7b58cf54e Sha256: 290b7a6a1fd73951a0d1dfd57d5970efd537baaf25064b32b74302a4b9102c66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ca6f680-5e4b-497f-aef4-6cca71cb98d5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: d8d1aa817b12b61d85115c0020fafd2c2e02a0277417e96fb995329ea3c7f01a 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11784 x-amzn-requestid: 29c7373c-4eb0-4374-8c4c-205285e23667 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: B_whwHM7oAMF_kw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64162e0a-0c30752b04757beb7ea417a7;Sampled=0 x-amzn-remapped-date: Sat, 18 Mar 2023 21:32:58 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: pPIURVGevjYlykVadfXACVKOnHw9BNb9udBL65Kl-z7I9AUWFDoOeQ== via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google date: Sat, 18 Mar 2023 22:01:44 GMT age: 32366 etag: "59d56060ea97e27de572e48eb907882f5767f427" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11784 Md5: 49b71c6b1d8a81d5c9e5281eec609c25 Sha1: 59d56060ea97e27de572e48eb907882f5767f427 Sha256: d8d1aa817b12b61d85115c0020fafd2c2e02a0277417e96fb995329ea3c7f01a
GET /avatar/b8dcb8b7313a08c6171335c598bc8738.jpg?s=16&d=mm HTTP/1.1 Host: www.gravatar.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: www.gravatar.com/avatar/b8dcb8b7313a08c6171335c598bc873 (...) FQDN: www.gravatar.com IP: 192.0.73.2 HASH: 07b220b403aa5a5a26a0142c29fe186aefb56ec846b47c588bbf22958cc4a905 192.0.73.2 HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Sun, 19 Mar 2023 07:01:10 GMT Content-Length: 787 Connection: keep-alive Last-Modified: Thu, 16 Sep 2010 22:53:29 GMT Link: <https://www.gravatar.com/avatar/b8dcb8b7313a08c6171335c598bc8738.jpg?s=16&d=mm>; rel="canonical" Access-Control-Allow-Origin: * Content-Disposition: inline; filename="b8dcb8b7313a08c6171335c598bc8738.png" Expires: Sun, 19 Mar 2023 07:06:10 GMT Cache-Control: max-age=300 X-nc: HIT arn 1 Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 16x16, components 3\012- data Size: 787 Md5: a45c6b0d3417ecf7526a242fc4bc2b14 Sha1: 9298cab03a54859d9bf7d9d4823830f57ad59439 Sha256: 07b220b403aa5a5a26a0142c29fe186aefb56ec846b47c588bbf22958cc4a905
GET /pop.js HTTP/1.1 Host: c1.popads.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: c1.popads.net/pop.js FQDN: c1.popads.net IP: 185.76.9.26 HASH: 0085b0c78f7a6f8f7379871f778402efb6fe1160098fab2ebbab82c93a8e7248 185.76.9.26 HTTP/1.1 200 OK Content-Type: application/javascript; charset=UTF-8 Date: Sun, 19 Mar 2023 07:01:10 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39" Last-Modified: Tue, 14 Mar 2023 22:06:26 GMT ETag: W/"6410efe2-82a9" Access-Control-Allow-Origin: * X-Accel-Expires: @1680022542 Server: CDN77-Turbo X-77-NZT: AblMCRTqVJv/KGkDAA X-77-NZT-Ray: af585630a27d08c236b316645b8b3830 X-Cache: HIT X-Age: 223528 X-77-POP: stockholmSE X-77-Cache: HIT Content-Encoding: gzip --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (1568), with CRLF line terminators Size: 10210 Md5: 9e5d642e5b4f079e61468259e23337a3 Sha1: d98145c50a6b28c99fcc31ecdb8b00e564685e14 Sha256: 0085b0c78f7a6f8f7379871f778402efb6fe1160098fab2ebbab82c93a8e7248
GET /562933.cnt HTTP/1.1 Host: ww7.waplog.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://3x39.sextgem.com/ Connection: keep-alive	URL: ww7.waplog.net/562933.cnt FQDN: ww7.waplog.net IP: 199.59.243.223 HASH: 5d39fa5bfe0bc5afa68abad8c4537b55642034a409f901f0ce9c37d77ddc4d7f 199.59.243.223 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: openresty Date: Sun, 19 Mar 2023 07:01:10 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: parking_session=4bb00f36-0359-cd63-a07a-28ba916814a2; expires=Sun, 19-Mar-2023 07:16:10 GMT; Max-Age=900; path=/; HttpOnly X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_fSrPSwW5erCCUaI4Ir3McQRbGkQoSH0M9Qra7K8Az8c+SWIuITiyWH+HgWUulZ+lmRAEZd/5CWFk7bu3L0szNQ== Accept-CH: sec-ch-prefers-color-scheme Critical-CH: sec-ch-prefers-color-scheme Vary: sec-ch-prefers-color-scheme Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (915), with no line terminators Size: 712 Md5: b3a634dce431d956b9e0f4ad26af004b Sha1: 1b69ef0c9778f71f1c4d61f505cff64cd67cc9f0 Sha256: 5d39fa5bfe0bc5afa68abad8c4537b55642034a409f901f0ce9c37d77ddc4d7f
GET /quant.js HTTP/1.1 Host: edge.quantserve.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: edge.quantserve.com/quant.js FQDN: edge.quantserve.com IP: 91.228.74.200 HASH: 86107dcf815f1af0107e9c9c07880ad83fb2e56e6949e8b552f788ef917b8f1b 91.228.74.200 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 19 Mar 2023 07:01:10 GMT Transfer-Encoding: chunked Connection: keep-alive Accept-Ranges: bytes Cache-Control: private, max-age=604800 Content-Encoding: gzip Etag: "qnbLQo87mD/KmvsyZTIxlQ==" Expires: Sun, 26 Mar 2023 07:01:10 GMT Vary: Accept-Encoding --- Additional Info --- Magic: ASCII text, with very long lines (22210) Size: 9158 Md5: b43a18fbe6986dfc5626e06e8cb23b0f Sha1: cc3ee4e5bf5f9a57e04f87c9942329ca985e6833 Sha256: 86107dcf815f1af0107e9c9c07880ad83fb2e56e6949e8b552f788ef917b8f1b
GET /pun.bz.png HTTP/1.1 Host: d39f23jfph0ylk.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://3x39.sextgem.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: d39f23jfph0ylk.cloudfront.net/pun.bz.png FQDN: d39f23jfph0ylk.cloudfront.net IP: 54.230.245.213 HASH: b112b4ab0824b2f85238c42d68e2cd346128253fc77237d2b5966804bca53bff 54.230.245.213 HTTP/2 200 OK content-type: image/png content-length: 1084 last-modified: Wed, 28 Aug 2019 14:40:55 GMT accept-ranges: bytes server: AmazonS3 date: Sun, 19 Mar 2023 02:22:33 GMT etag: "5605447d5b5425cfb5b845ad6b2b4287" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: Kf45iHrwMH_hX_pIjsla9QSA80196t8EZP_0NtZC9C84__MPu1W8_A== age: 16718 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 151 x 49, 8-bit grayscale, non-interlaced\012- data Size: 1084 Md5: 5605447d5b5425cfb5b845ad6b2b4287 Sha1: 52ec2abf74f302872bb90a6a289867517e6a495b Sha256: b112b4ab0824b2f85238c42d68e2cd346128253fc77237d2b5966804bca53bff
GET /rules-p-0cfM8Oh7M9bVQ.js HTTP/1.1 Host: rules.quantcount.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js FQDN: rules.quantcount.com IP: 54.230.111.33 HASH: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d 54.230.111.33 HTTP/1.1 301 Moved Permanently Content-Type: text/html Server: CloudFront Date: Sun, 19 Mar 2023 07:01:10 GMT Content-Length: 167 Connection: keep-alive Location: https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js X-Cache: Redirect from cloudfront Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: VtbRd-WiN1oNlhU2qha1FhhXFpg6rCJEKBQ-7YBrV5w0CI9iTMMfpw== --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 167 Md5: f5d40b7259645010f9a248858ad14178 Sha1: b3051d17a6ec8c9e166bf09a62b48261ab86957b Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /rules-p-0cfM8Oh7M9bVQ.js HTTP/1.1 Host: rules.quantcount.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://3x39.sextgem.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js FQDN: rules.quantcount.com IP: 54.230.111.33 HASH: 01e8c64b761cce7a14c9a7f82d4fa2162138e5e6e556350df4730498ea6417bf 54.230.111.33 HTTP/2 200 OK content-type: application/javascript content-length: 160 last-modified: Fri, 14 Oct 2022 00:42:04 GMT x-amz-server-side-encryption: AES256 accept-ranges: bytes server: AmazonS3 cross-origin-resource-policy: cross-origin access-control-allow-origin: * access-control-allow-methods: GET date: Sun, 19 Mar 2023 06:55:27 GMT cache-control: max-age=3600 etag: "2440f0fe7f89d580c051f453f7cc5d22" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: obud9gvZCJTF3rkpyH67NPb0J6gX9x0c89tCyCqOcPPpHuznszKnMw== age: 2081 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 160 Md5: 2440f0fe7f89d580c051f453f7cc5d22 Sha1: 2f90ae2004b7fb87b87d5d826699a799610358b8 Sha256: 01e8c64b761cce7a14c9a7f82d4fa2162138e5e6e556350df4730498ea6417bf
GET /favicon.ico HTTP/1.1 Host: 3x39.sextgem.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/index/__xtblog_entry/10549081-cewek-sange-ngangkang-di-kasur?q=dellassedio&__xtcomments_thread=3674427 Cookie: _xta_uid=133833a14d8c41ea3560335139b48559; _xta_vid=86165386e5d5d1c853543b0c164b9852-1679209268; dom3ic8zudi28v8lr6fgphwffqoz0j6c=5490759c-60dc-4577-979f-5b94c71c205e%3A3%3A1; ppu_main_e2683001b51a3e369fb2d16165c07e07=1	URL: 3x39.sextgem.com/favicon.ico FQDN: 3x39.sextgem.com IP: 54.36.158.42 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.36.158.42 HTTP/1.0 404 Not Found Content-Type: text/html; charset=UTF-8 Date: Sun, 19 Mar 2023 07:01:10 GMT Content-Length: 0 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 192.229.221.95 HASH: 21b0827f23d68296eb3e0bfd689496a60dc6e59962a0c1a4281823a17ce1681b 192.229.221.95 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4667 Cache-Control: max-age=127422 Date: Sun, 19 Mar 2023 07:01:10 GMT Etag: "6415efb9-1d7" Expires: Mon, 20 Mar 2023 18:24:52 GMT Last-Modified: Sat, 18 Mar 2023 17:07:05 GMT Server: ECAcc (ska/F73A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 1263815ed17b39fe126dae8ec858a460 Sha1: 3adcc6013e6fbb39373c927d95ce8e6242a2595e Sha256: 21b0827f23d68296eb3e0bfd689496a60dc6e59962a0c1a4281823a17ce1681b
GET /pixel;r=1328445930;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2F3x39.sextgem.com%2Findex%2F__xtblog_entry%2F10549081-cewek-sange-ngangkang-di-kasur%3Fq%3Ddellassedio%26__xtcomments_thread%3D3674427;uht=2;fpan=1;fpa=P0-1978130650-1679209272216;pbc=;ns=0;ce=1;qjs=1;qv=757f3135-20230316172511;cm=;gdpr=0;ref=;d=sextgem.com;dst=0;et=1679209272259;tzo=0;ogl=;ses=c5efceb0-8f8f-4e3a-962b-9a13e08dea81 HTTP/1.1 Host: pixel.quantserve.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://3x39.sextgem.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: pixel.quantserve.com/pixel;r=1328445930;rf=0;a=p-0cfM8O (...) FQDN: pixel.quantserve.com IP: 91.228.74.208 HASH: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 91.228.74.208 HTTP/2 200 OK content-type: image/gif date: Sun, 19 Mar 2023 07:01:11 GMT content-length: 35 cache-control: private, no-cache, no-store, proxy-revalidate expires: Fri, 04 Aug 1978 12:00:00 GMT p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" pragma: no-cache set-cookie: mc=6416b337-0520b-8197a-c318f; expires=Thu, 18-Apr-2024 07:01:11 GMT; path=/; domain=.quantserve.com X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 35 Md5: 55d25e9dc950d5db4d53a3b195c046c6 Sha1: 75e91ae3e549dab12ed1c9787ade9131aef1c981 Sha256: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET / HTTP/1.1 Host: c.adsco.re User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/ Upgrade-Insecure-Requests: 1	URL: c.adsco.re/ FQDN: c.adsco.re IP: 104.17.166.186 HASH: f162f77d197eba471d58c8f84847dd035305ae27fb941644bf975a36381016a5 104.17.166.186 HTTP/1.1 200 OK Content-Type: text/html Date: Sun, 19 Mar 2023 07:01:11 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: public, max-age=2678400 Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re") Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect Expires: Wed, 19 Apr 2023 07:01:11 GMT ETag: W/"cMPvpvd3jDHdlppiuYNttw==" Content-Encoding: gzip CF-Cache-Status: HIT Age: 2979216 Vary: Accept-Encoding Server: cloudflare CF-RAY: 7aa3d7b8deb5fabc-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (713) Size: 30419 Md5: f8ca7e648f2d24b1155dba01fdbf2cce Sha1: 3b41b6b7faa178a791d3aab73d8b8c07aa09d702 Sha256: f162f77d197eba471d58c8f84847dd035305ae27fb941644bf975a36381016a5
GET / HTTP/1.1 Host: 6.adsco.re User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Origin: http://3x39.sextgem.com Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: 6.adsco.re/ FQDN: 6.adsco.re IP: 104.17.167.186 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.17.167.186 HTTP/1.1 200 OK Content-Type: text/plain;charset=UTF-8 Date: Sun, 19 Mar 2023 07:01:11 GMT Content-Length: 0 Connection: keep-alive Access-Control-Allow-Origin: http://3x39.sextgem.com Cache-Control: private, max-age=10 Access-Control-Allow-Headers: Content-Type Access-Control-Allow-Methods: GET, HEAD, OPTIONS Access-Control-Max-Age: 2592000 Vary: Accept-Encoding Server: cloudflare CF-RAY: 7aa3d7b91bfa1bfa-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1 Host: 4.adsco.re User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Origin: http://3x39.sextgem.com Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: 4.adsco.re/ FQDN: 4.adsco.re IP: 162.252.214.5 HASH: 91945112515f30fe6017f31f87a483adb2040d8435fce14fe9c44e89cf433b2c 162.252.214.5 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Sun, 19 Mar 2023 07:01:11 GMT Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/7.4.34-dev Access-Control-Allow-Methods: GET, HEAD, OPTIONS Access-Control-Allow-Headers: Content-Type Access-Control-Allow-Origin: http://3x39.sextgem.com Access-Control-Max-Age: 2592000 Cache-Control: private, max-age=5 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with no line terminators Size: 62 Md5: a684f3b449a125d2285678a6be0172a9 Sha1: f5ba7774839ee9f45e1f2a88d322d3c3cfcc971f Sha256: 91945112515f30fe6017f31f87a483adb2040d8435fce14fe9c44e89cf433b2c
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 2072387c641577426765a397fda0aaa7163eaf30da15b7cf9c3c658d07b0a7a3 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "2072387C641577426765A397FDA0AAA7163EAF30DA15B7CF9C3C658D07B0A7A3" Last-Modified: Sat, 18 Mar 2023 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2782 Expires: Sun, 19 Mar 2023 07:47:33 GMT Date: Sun, 19 Mar 2023 07:01:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a3fd7a4e98eb1fff05b7734665df0a9d Sha1: 218d36670499aebd9389fbab10beff21e83a7be2 Sha256: 2072387c641577426765a397fda0aaa7163eaf30da15b7cf9c3c658d07b0a7a3
POST / HTTP/1.1 Host: pmo5czuevcno.l4.adsco.re User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 0 Origin: http://3x39.sextgem.com Connection: keep-alive Referer: http://3x39.sextgem.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: pmo5czuevcno.l4.adsco.re/ FQDN: pmo5czuevcno.l4.adsco.re IP: 185.200.118.90 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 185.200.118.90 HTTP/1.1 200 OK Content-Type: text/html Date: Sun, 19 Mar 2023 07:01:11 GMT Content-Length: 0 Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT Connection: close ETag: "5b60dfaf-0" Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Access-Control-Expose-Headers: Content-Length,Content-Range Accept-Ranges: bytes --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 2980760f27d7c78ed24ba8dba3477f45d42097c580b5e8f12cca310de7e017a2 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "2980760F27D7C78ED24BA8DBA3477F45D42097C580B5E8F12CCA310DE7E017A2" Last-Modified: Sat, 18 Mar 2023 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4073 Expires: Sun, 19 Mar 2023 08:09:04 GMT Date: Sun, 19 Mar 2023 07:01:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c00104269c5a4e115e1c05969e80f91b Sha1: 21249604889994ee62a796902f045cf425b8f6d1 Sha256: 2980760f27d7c78ed24ba8dba3477f45d42097c580b5e8f12cca310de7e017a2
GET / HTTP/1.1 Host: c.adsco.re User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://c.adsco.re/ If-None-Match: W/"cMPvpvd3jDHdlppiuYNttw=="	URL: c.adsco.re/ FQDN: c.adsco.re IP: 104.17.166.186 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.17.166.186 HTTP/1.1 304 Not Modified Date: Sun, 19 Mar 2023 07:01:11 GMT Connection: keep-alive Cache-Control: public, max-age=2678400 Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re") Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect Expires: Wed, 19 Apr 2023 07:01:11 GMT ETag: W/"cMPvpvd3jDHdlppiuYNttw==" CF-Cache-Status: HIT Age: 2979216 Vary: Accept-Encoding Server: cloudflare CF-RAY: 7aa3d7bb582cfabc-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1 Host: 6.adsco.re User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate X-Moz: prefetch Connection: keep-alive Referer: http://c.adsco.re/	URL: 6.adsco.re/ FQDN: 6.adsco.re IP: 104.17.167.186 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.17.167.186 HTTP/1.1 200 OK Content-Type: text/plain;charset=UTF-8 Date: Sun, 19 Mar 2023 07:01:11 GMT Content-Length: 0 Connection: keep-alive Access-Control-Allow-Origin: * Cache-Control: private, max-age=10 Access-Control-Allow-Headers: Content-Type Access-Control-Allow-Methods: GET, HEAD, OPTIONS Access-Control-Max-Age: 2592000 Vary: Accept-Encoding Server: cloudflare CF-RAY: 7aa3d7bb5ef7b51b-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1 Host: 4.adsco.re User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate X-Moz: prefetch Connection: keep-alive Referer: http://c.adsco.re/	URL: 4.adsco.re/ FQDN: 4.adsco.re IP: 162.252.214.5 HASH: 91945112515f30fe6017f31f87a483adb2040d8435fce14fe9c44e89cf433b2c 162.252.214.5 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Sun, 19 Mar 2023 07:01:11 GMT Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/7.4.34-dev Access-Control-Allow-Methods: GET, HEAD, OPTIONS Access-Control-Allow-Headers: Content-Type Access-Control-Allow-Origin: * Access-Control-Max-Age: 2592000 Cache-Control: private, max-age=5 Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with no line terminators Size: 62 Md5: a684f3b449a125d2285678a6be0172a9 Sha1: f5ba7774839ee9f45e1f2a88d322d3c3cfcc971f Sha256: 91945112515f30fe6017f31f87a483adb2040d8435fce14fe9c44e89cf433b2c
POST / HTTP/1.1 Host: pmo5czuevcno.n4.adsco.re User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 0 Origin: http://3x39.sextgem.com Connection: keep-alive Referer: http://3x39.sextgem.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: pmo5czuevcno.n4.adsco.re/ FQDN: pmo5czuevcno.n4.adsco.re IP: 38.132.109.186 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 38.132.109.186 HTTP/1.1 200 OK Content-Type: text/html Date: Sun, 19 Mar 2023 07:01:11 GMT Content-Length: 0 Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT Connection: close ETag: "5b5f2f9a-0" Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Access-Control-Expose-Headers: Content-Length,Content-Range Accept-Ranges: bytes --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /p HTTP/1.1 Host: adsco.re User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Length: 1965 Origin: http://3x39.sextgem.com Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: adsco.re/p FQDN: adsco.re IP: 162.252.214.5 HASH: 4b325437878edab400f462b948d447eaa6e4028ff3e42100153d8b42955ea3a7 162.252.214.5 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Sun, 19 Mar 2023 07:01:11 GMT Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/7.4.34-dev AS-P-1: OK lon123 AS-P-2: OK AS-P-3: OK Access-Control-Max-Age: 2592000 Cache-Control: no-transform Access-Control-Allow-Origin: http://3x39.sextgem.com Access-Control-Allow-Credentials: true Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (487), with no line terminators Size: 411 Md5: 404f5a3362e97cf40184170309e7723d Sha1: ff92fe99aed2eda97bd0c1e68fa2a2e2d6aec77c Sha256: 4b325437878edab400f462b948d447eaa6e4028ff3e42100153d8b42955ea3a7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0a24443d62a32e5aaaa3428fdf1b5ff91ae79f7f1c0956c6977e55eb78bd8749 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0A24443D62A32E5AAAA3428FDF1B5FF91AE79F7F1C0956C6977E55EB78BD8749" Last-Modified: Sat, 18 Mar 2023 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6241 Expires: Sun, 19 Mar 2023 08:45:13 GMT Date: Sun, 19 Mar 2023 07:01:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9c95e9c4d99f27c6227a2ce2f3e69b93 Sha1: 90cc0e0afdca39ff6c010653b1cfeca11a1d0939 Sha256: 0a24443d62a32e5aaaa3428fdf1b5ff91ae79f7f1c0956c6977e55eb78bd8749
GET /c?_=BQFiAAAAAAAACZUAAlqRfhkwTz4qb_Sz-indV-00UwmV6pAE4Wyf0RbXccLxi55GFic-mGrg9JiDWbMlDCmsnd84UBB5_O4FQFUspMiiBHIYorXY5zIDN1aAEzyWv0jfnLFOcaXDwlEj6NIcAZtZi8AR50guw2JCuE5PXM55DmB6jW_B3Vct0QzrT5oK8rmbWgAEVdU2NJtAZ0GaJFCavi0LoKpH_j7vfdqY3a7DxluMvAIbjdXZmDm0ZBUJxBdfE94TpdIqYjwzi1wwCSt6kJCILvlZ40sBINbxYsltAM0mK68CmRovIlw_cj-GwIzLNCQDiVQx1D_Hul31-20UN7zlnrBlJYm5SG-Nnk7G4-5pNyB_ZVHe5JThLa5vasxVIUqdaqhIyQu3yCTSNbuYxhasAWnSm3zAOCwh5Yq3nvZr7EiRNKPw7VjxW4RoVam3Gi2nOZEwbVtWjWMGeUp1zSzVWElVEytOUtqEHvE&v=4&siteId=369888&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0 HTTP/1.1 Host: serve.popads.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://3x39.sextgem.com/	URL: serve.popads.net/c?_=BQFiAAAAAAAACZUAAlqRfhkwTz4qb_Sz-i (...) FQDN: serve.popads.net IP: 216.21.13.16 HASH: 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5 216.21.13.16 HTTP/1.1 200 OK content-type: text/javascript;charset=UTF-8 Connection: Keep-Alive Keep-Alive: timeout=5, max=100 access-control-allow-origin: * asf: 9 popads-ec: ASB content-length: 44 date: Sun, 19 Mar 2023 07:01:12 GMT --- Additional Info --- Magic: ASCII text, with no line terminators Size: 44 Md5: d5f0a25e4d3522d56d48ce7bc3e518fb Sha1: 86794caff58f7fee6e684c2ba7195f970a8d6f4c Sha256: 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
POST / HTTP/1.1 Host: pmo5czuevcno.s4.adsco.re User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 0 Origin: http://3x39.sextgem.com Connection: keep-alive Referer: http://3x39.sextgem.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: pmo5czuevcno.s4.adsco.re/ FQDN: pmo5czuevcno.s4.adsco.re IP: 185.200.116.90 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 185.200.116.90 HTTP/1.1 200 OK Content-Type: text/html Date: Sun, 19 Mar 2023 07:01:12 GMT Content-Length: 0 Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT Connection: close ETag: "5b5f30d9-0" Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Access-Control-Expose-Headers: Content-Length,Content-Range Accept-Ranges: bytes --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1 Host: c.adsco.re User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://3x39.sextgem.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: c.adsco.re/ FQDN: c.adsco.re IP: 104.17.166.186 104.17.166.186 HTTP/2 200 OK content-type: text/html date: Sun, 19 Mar 2023 07:01:11 GMT cache-control: public, max-age=2678400 accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re") link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect expires: Wed, 19 Apr 2023 07:01:11 GMT etag: W/"cMPvpvd3jDHdlppiuYNttw==" cf-cache-status: HIT age: 197986 vary: Accept-Encoding server: cloudflare cf-ray: 7aa3d7b7d9c4b4f7-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F" 

                                        
                                            
Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=7396 

                                        
                                            
Expires: Sun, 19 Mar 2023 09:04:24 GMT 

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:08 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    2857be6f18459c7a4a7f00f6cd6076f1

                                                Sha1:   570609086d72a9be57cde7bfefd25663c1035fba

                                                Sha256: bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f

                                        
                                            GET /index/__xtblog_entry/10549081-cewek-sange-ngangkang-di-kasur?q=dellassedio&__xtcomments_thread=3674427 HTTP/1.1 

                                        
                                            
Host: 3x39.sextgem.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         54.36.158.42

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=utf-8

                                        

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:08 GMT 

                                        
                                            
Vary: Host,Accept-Encoding 

                                        
                                            
Set-Cookie: _xta_uid=133833a14d8c41ea3560335139b48559; expires=Tue, 18-Mar-2025 07:01:08 GMT; Max-Age=63072000; path=/; domain=.sextgem.com; httponly
_xta_vid=86165386e5d5d1c853543b0c164b9852-1679209268; expires=Sun, 19-Mar-2023 07:31:08 GMT; Max-Age=1800; path=/; domain=.sextgem.com; httponly 

                                        
                                            
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Expires: Wed, 17 Sep 1975 21:32:10 GMT 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Content-Length: 7542 

                                        
                                            
Connection: close 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3577), with CRLF, LF line terminators

                                                Size:   7542

                                                Md5:    a74ecd05af3223878a8e4c3e9a4cfed2

                                                Sha1:   9ce656234b598e2596d127753a05d4b7673e73f9

                                                Sha256: 34c004a038dbb014d6bbd88d02e6f0708fb93a111cd60905611a96218936f0ed

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         35.241.9.150

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Sun, 19 Mar 2023 06:27:02 GMT 

                                        
                                            
age: 2046 

                                        
                                            
cache-control: max-age=3600,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    bc86ef2a0cee04915bc360f5821adc8f

                                                Sha1:   3658f9028cce204d38f7f48fcfaa2a8e4f54383a

                                                Sha256: aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 19 Mar 2023 07:01:08 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-expose-headers: content-type 

                                        
                                            
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            GET /c.php?u=70103 HTTP/1.1 

                                        
                                            
Host: u-on.eu

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/

                                         163.172.215.201

                                        
                                            HTTP/1.1 301 Moved Permanently 

                                        
                                            
Content-Type: text/html; charset=iso-8859-1

                                        

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:08 GMT 

                                        
                                            
Server: Apache/2.4.29 (Ubuntu) 

                                        
                                            
Location: https://u-on.eu/c.php?u=70103 

                                        
                                            
Content-Length: 310 

                                        
                                            
Keep-Alive: timeout=5, max=100 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   310

                                                Md5:    92c6fec1f351530bfd90c53630b6ac54

                                                Sha1:   9daad52e555a164e70a287cc9622420305c7c89a

                                                Sha256: f200deca44d3401dd734aa4c89f6105c3bd1bd8363dd7ff334a260e62ff0922f

                                        
                                            GET /c.php?u=73203 HTTP/1.1 

                                        
                                            
Host: u-on.eu

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/

                                         163.172.215.201

                                        
                                            HTTP/1.1 301 Moved Permanently 

                                        
                                            
Content-Type: text/html; charset=iso-8859-1

                                        

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:08 GMT 

                                        
                                            
Server: Apache/2.4.29 (Ubuntu) 

                                        
                                            
Location: https://u-on.eu/c.php?u=73203 

                                        
                                            
Content-Length: 310 

                                        
                                            
Keep-Alive: timeout=5, max=100 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   310

                                                Md5:    29fea643f06a51d492d0def29bc6cb9f

                                                Sha1:   7bae4750a468279f8abc45a042972e0d16abc4bb

                                                Sha256: e4fc7504bcf3bce5ce11408e92c271ce368b8a04d7db9eece943ee393100d01e

                                        
                                            GET /c.php?u=73195 HTTP/1.1 

                                        
                                            
Host: u-on.eu

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/

                                         163.172.215.201

                                        
                                            HTTP/1.1 301 Moved Permanently 

                                        
                                            
Content-Type: text/html; charset=iso-8859-1

                                        

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:08 GMT 

                                        
                                            
Server: Apache/2.4.29 (Ubuntu) 

                                        
                                            
Location: https://u-on.eu/c.php?u=73195 

                                        
                                            
Content-Length: 310 

                                        
                                            
Keep-Alive: timeout=5, max=100 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   310

                                                Md5:    15a3230c1bd4295cfcb73c2d0e70bb1a

                                                Sha1:   0c39beec6c39d1a258a62170aa1fd180b05355c4

                                                Sha256: ac18b9e6d83f6f668fe99b95fff89f3c96fb251e5f5795f62517557eeef98715

                                        
                                            GET /images/xtvid/sunnyleonewap.jpg HTTP/1.1 

                                        
                                            
Host: xtgem.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/

                                         141.94.172.213

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/jpeg

                                        

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:08 GMT 

                                        
                                            
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT 

                                        
                                            
ETag: "1e0a-59774aa04e000" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Content-Length: 7690 

                                        
                                            
Cache-Control: max-age=2592000 

                                        
                                            
Expires: Tue, 18 Apr 2023 07:01:08 GMT 

                                        
                                            
X-Ngz: 1 

                                        
                                            
Connection: close 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x50, components 3\012- data

                                                Size:   7690

                                                Md5:    8e0dddf6bcbe232ac643e4dd40de6101

                                                Sha1:   b958077b6d3871c2bd5088561235c8c825a3f72f

                                                Sha256: 04f14d4e1099434b5486bddb58c0a71ba246e2d2248718e84d7643537ad600d8

                                        
                                            GET /-TZr4tNW0VM8/VR8pVUB0F6I/AAAAAAAABF4/OZi8EeMnzkU/s1600/300x250-1322162014.gif HTTP/1.1 

                                        
                                            
Host: 4.bp.blogspot.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/

                                         142.250.74.161

                                        
                                            HTTP/1.1 404 Not Found 

                                        
                                            
Content-Type: image/png

                                        

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Timing-Allow-Origin: * 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:08 GMT 

                                        
                                            
Server: fife 

                                        
                                            
Content-Length: 832 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data

                                                Size:   832

                                                Md5:    596246739a83bb45e30e13437e0810d9

                                                Sha1:   203d99f5cb1f2c816d6f9974cc5a73cf412892a6

                                                Sha256: 94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615

                                        
                                            GET /tp.gif HTTP/1.1 

                                        
                                            
Host: cif.images.xtstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         141.94.172.213

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/gif

                                        

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:08 GMT 

                                        
                                            
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT 

                                        
                                            
ETag: "2a-59774aa04e000" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Content-Length: 42 

                                        
                                            
Cache-Control: max-age=2592000 

                                        
                                            
Expires: Tue, 18 Apr 2023 07:01:08 GMT 

                                        
                                            
Connection: close 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   42

                                                Md5:    d89746888da2d9510b64a9f031eaecd5

                                                Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a

                                                Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "2341F8B5C8EC6DC1FA2689BD74E7524F40C1528DBFD8E390F4CEA188DB52512F" 

                                        
                                            
Last-Modified: Fri, 17 Mar 2023 23:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3441 

                                        
                                            
Expires: Sun, 19 Mar 2023 07:58:29 GMT 

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:08 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    745318ba3aa34b349d9ea67baeaad399

                                                Sha1:   8e1800f71ac361f77b944b522a582ad134b64596

                                                Sha256: 2341f8b5c8ec6dc1fa2689bd74e7524f40c1528dbfd8e390f4cea188db52512f

                                        
                                            GET /c.php?u=72767 HTTP/1.1 

                                        
                                            
Host: u-on.eu

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: http://3x39.sextgem.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         163.172.215.201

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/png

                                        

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:08 GMT 

                                        
                                            
Server: Apache/2.4.29 (Ubuntu) 

                                        
                                            
Cache-Control: no-cache, no-store, must-revalidate 

                                        
                                            
Content-Length: 1381 

                                        
                                            
Keep-Alive: timeout=5, max=100 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   1381

                                                Md5:    bd6e50d02e5b32e4abc5fa60b7102fea

                                                Sha1:   8ef5cc815a68104af972f4dedeb5adca5fcec922

                                                Sha256: 3a18f429f1b5ce852384339e84fc785e851223febde6af9ee7ba01a646a36db3

                                        
                                            GET /c.php?u=73203 HTTP/1.1 

                                        
                                            
Host: u-on.eu

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: http://3x39.sextgem.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         163.172.215.201

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/png

                                        

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:08 GMT 

                                        
                                            
Server: Apache/2.4.29 (Ubuntu) 

                                        
                                            
Cache-Control: no-cache, no-store, must-revalidate 

                                        
                                            
Content-Length: 1214 

                                        
                                            
Keep-Alive: timeout=5, max=100 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   1214

                                                Md5:    1ea1244ea92efe1cba1be1546f2752d2

                                                Sha1:   d984bcf5f13c53a6962fa992049f1b67d9e22814

                                                Sha256: 35118cbb72e84832e3b5912a60939c86e3b515b06239bee310ee8f19e0694bc3

                                        
                                            POST /gsalphasha2g2 HTTP/1.1 

                                        
                                            
Host: ocsp2.globalsign.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 79 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         151.101.66.133

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Connection: keep-alive 

                                        
                                            
Content-Length: 1423 

                                        
                                            
Server: nginx 

                                        
                                            
Expires: Thu, 23 Mar 2023 05:50:06 GMT 

                                        
                                            
ETag: "20633f91ca2fb3f3ada5ccbd111546cb73e6b9aa" 

                                        
                                            
Last-Modified: Sun, 19 Mar 2023 05:50:07 GMT 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 

                                        
                                            
Via: 1.1 varnish, 1.1 varnish 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:09 GMT 

                                        
                                            
Age: 4262 

                                        
                                            
X-Served-By: cache-qpg1266-QPG, cache-bma1669-BMA 

                                        
                                            
X-Cache: HIT, HIT 

                                        
                                            
X-Cache-Hits: 29, 1 

                                        
                                            
X-Timer: S1679209269.000505,VS0,VE1 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1423

                                                Md5:    46ae95413e1bf218d905f7c5f41e80f1

                                                Sha1:   20633f91ca2fb3f3ada5ccbd111546cb73e6b9aa

                                                Sha256: c4c3d650c6e81a799cc07f4880221cf2135c233696163f97a4b1e8144e851ca6

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         35.241.9.150

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Cache-Control, Content-Length, Retry-After, Content-Type, Expires, Alert, Pragma, ETag, Backoff, Last-Modified 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Sun, 19 Mar 2023 06:14:32 GMT 

                                        
                                            
age: 2797 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
cache-control: max-age=3600,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "5DB17BB0A40658845E03D8237A69458A0576D955006EE224930B0310179AF9AF" 

                                        
                                            
Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=7449 

                                        
                                            
Expires: Sun, 19 Mar 2023 09:05:18 GMT 

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:09 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    0a4b141e90b0fb22cf6d10a6a4fd360d

                                                Sha1:   37b081be1a69edb97a7c562b71474f4d7405d94e

                                                Sha256: 5db17bb0a40658845e03d8237a69458a0576d955006ee224930b0310179af9af

                                        
                                            GET /bcads.js HTTP/1.1 

                                        
                                            
Host: js.buzzcity.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/

                                         74.63.241.29

                                        
                                            HTTP/1.1 302 Found

                                        

                                        
                                            
cache-control: max-age=0, private, must-revalidate 

                                        
                                            
connection: close 

                                        
                                            
content-length: 11 

                                        
                                            
date: Sun, 19 Mar 2023 07:01:08 GMT 

                                        
                                            
location: http://ww1.buzzcity.net 

                                        
                                            
server: nginx 

                                        
                                            
set-cookie: sid=d3631e90-c623-11ed-8f92-dd7c3f736319; path=/; domain=.buzzcity.net; expires=Fri, 06 Apr 2091 10:15:16 GMT; max-age=2147483647; HttpOnly 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with no line terminators

                                                Size:   11

                                                Md5:    32682312d17c7cbf18e73594f5570319

                                                Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9

                                                Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

                                        
                                            GET /562933.cnt HTTP/1.1 

                                        
                                            
Host: c.waplog.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/

                                         69.16.231.57

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:09 GMT 

                                        
                                            
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 

                                        
                                            
X-Powered-By: PHP/5.4.16 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Content-Length: 2236 

                                        
                                            
Keep-Alive: timeout=5, max=100 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (620)

                                                Size:   2236

                                                Md5:    37bdee4ebe669f79611edfa1f380c04b

                                                Sha1:   6b374ca850150887356664e4da6bbdeded65b63f

                                                Sha256: 79fb4b9f1f10297efbeaf92a6142c42043219b081194e545e06fb2a49ffc73e4

                                        
                                            GET /bcads.js HTTP/1.1 

                                        
                                            
Host: js.buzzcity.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/

                                         74.63.241.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
content-type: text/html; charset=utf-8

                                        

                                        
                                            
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile 

                                        
                                            
cache-control: max-age=0, private, must-revalidate 

                                        
                                            
connection: close 

                                        
                                            
content-length: 484 

                                        
                                            
date: Sun, 19 Mar 2023 07:01:09 GMT 

                                        
                                            
server: nginx 

                                        
                                            
set-cookie: sid=d4035bf8-c623-11ed-b35f-dd7c5f8d1f75; path=/; domain=.buzzcity.net; expires=Fri, 06 Apr 2091 10:15:17 GMT; max-age=2147483647; HttpOnly 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (484), with no line terminators

                                                Size:   484

                                                Md5:    f7222282eb2186a8ff6945c7890989a5

                                                Sha1:   8c3e71f7ebc0880bc0e6c04545411ed72c05652f

                                                Sha256: e85173bbf32b0e5ffae4b8cbd83ea235c313c2736c59836e8fd476ea7dff2d98

                                        
                                            GET /images/close2.png?v=0.01 HTTP/1.1 

                                        
                                            
Host: xtgem.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/

                                         141.94.172.213

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/png

                                        

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:10 GMT 

                                        
                                            
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT 

                                        
                                            
ETag: "234-59774aa04e000" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Content-Length: 564 

                                        
                                            
Cache-Control: max-age=2592000 

                                        
                                            
Expires: Tue, 18 Apr 2023 07:01:10 GMT 

                                        
                                            
X-Ngz: 1 

                                        
                                            
Connection: close 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data

                                                Size:   564

                                                Md5:    865dce1b2a4002b9a85f75ea622f4000

                                                Sha1:   f56c8218b5ca721a9e5a3daec742a6f38c33c075

                                                Sha256: bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

                                        
                                            GET /__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC8zeDM5LnNleHRnZW0uY29tXC9pbmRleD9fX3h0YmxvZ19lbnRyeT0xMDU0OTA4MSZxPWRlbGxhc3NlZGlvJl9feHRjb21tZW50c190aHJlYWQ9MzY3NDQyNyIsImxvZ2dlZF9pbiI6ZmFsc2UsImRvbWFpbiI6IjN4Mzkuc2V4dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19 HTTP/1.1 

                                        
                                            
Host: xtgem.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         141.94.172.213

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:10 GMT 

                                        
                                            
Expires: Thu, 19 Nov 1981 08:52:00 GMT 

                                        
                                            
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Set-Cookie: session=w4~k2fe8tghkjivj575oqpuaa5mm3; expires=Mon, 20-Mar-2023 07:01:10 GMT; Max-Age=86400; path=/; domain=.xtgem.com; httponly
__template=web; expires=Tue, 18-Apr-2023 07:01:10 GMT; Max-Age=2592000; path=/
__lang=us; expires=Tue, 18-Apr-2023 07:01:10 GMT; Max-Age=2592000; path=/ 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Content-Length: 2915 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1054)

                                                Size:   2915

                                                Md5:    da024b02728bd10dc675ae24730758c3

                                                Sha1:   e66c42044f987965db3e9a94b8af5bce976b8ed1

                                                Sha256: cccdc57def11748a729c04ec76951a0d8f3e5b0baf075d60c1c132b732a3c568

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.r2m01.amazontrust.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         54.230.80.227

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: max-age=122804 

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:10 GMT 

                                        
                                            
Etag: "6415e759-1d7" 

                                        
                                            
Expires: Mon, 20 Mar 2023 17:07:54 GMT 

                                        
                                            
Last-Modified: Sat, 18 Mar 2023 16:31:21 GMT 

                                        
                                            
Server: ECAcc (bsa/EAE4) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-P1 

                                        
                                            
X-Amz-Cf-Id: uyNQz40mr7PWAlYM0PWI3YAI-VBhxDwcXjyDLWsj5Jy0PdTQYv72VQ== 

                                        
                                            
Age: 2193 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    b213fe8814ddd2655182e70982199d4a

                                                Sha1:   1fa1b230752f475e9466a42cced40f529ab5ae03

                                                Sha256: 3f2231f0226f12e472b31d51797f3b384884c642547aea58195707a328a5a0b4

                                        
                                            GET /advertisers.js HTTP/1.1 

                                        
                                            
Host: banquetunarmedgrater.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/

                                         173.233.137.44

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Server: nginx/1.19.5 

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:10 GMT 

                                        
                                            
Content-Length: 0 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Expires: Thu, 01 Jan 1970 00:00:01 GMT 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
X-Request-ID: 09d06f833e3fdb121f542c3ec7b9cfb7 

                                        
                                            
Strict-Transport-Security: max-age=0; includeSubdomains 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F" 

                                        
                                            
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3031 

                                        
                                            
Expires: Sun, 19 Mar 2023 07:51:41 GMT 

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:10 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    84762efcb2e1535ae49fca6c1523df33

                                                Sha1:   93e7f138a491d4276a793c2e5b947195ae69a88c

                                                Sha256: 920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe42970c2-8007-4b4c-9f15-01cf4de37822.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6219 

                                        
                                            
x-amzn-requestid: 61b80920-2ba3-4688-80ee-848d68031908 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: BwlmnG0KoAMFd0A= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-64101c90-17c159767df548c4672b7365;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 14 Mar 2023 07:04:48 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C3 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: ACswRkub0RlODaxJHJGsGkACkMQKk85qY3VxYPscNccAMYdpkQ9evA== 

                                        
                                            
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 9adef5b1c5fc9ca80d6f4f8d19e103a2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 18 Mar 2023 07:50:48 GMT 

                                        
                                            
age: 83422 

                                        
                                            
etag: "75dd9bdbaf7f19102036d27e69a011f4c37942a9" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6219

                                                Md5:    7e58e6553fe8e5d936a911080cec36dc

                                                Sha1:   75dd9bdbaf7f19102036d27e69a011f4c37942a9

                                                Sha256: 0c565b97125e28b8183baab26baf7c703e70f82fad13117c5780259e6d91a89d

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcfb36-e851-4e2f-808e-0b76e20afc12.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 12419 

                                        
                                            
x-amzn-requestid: 9b7514f8-1dc0-4374-aca6-9bd214f0599c 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: B_whwGibIAMFeCA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-64162e0a-67986ae93b671d66133e3900;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 18 Mar 2023 21:32:58 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C3 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: Bax5qwrmmdDM_5h6pe1YYY-6hZLqmgMT5Dhs_k0lxf7UzwhuTI1_Sw== 

                                        
                                            
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 18 Mar 2023 21:45:46 GMT 

                                        
                                            
etag: "6aa775a79d3312f3c0352613ad4d35b3952296d5" 

                                        
                                            
age: 33324 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   12419

                                                Md5:    3155ef27d75c441292f2de561d28abdf

                                                Sha1:   6aa775a79d3312f3c0352613ad4d35b3952296d5

                                                Sha256: 2e45bd135ca6b37ea9e95478cd9a799b543f4f5078be19396064c18bf393e6c9

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ca6f680-5e4b-497f-aef4-6cca71cb98d5.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 11784 

                                        
                                            
x-amzn-requestid: 29c7373c-4eb0-4374-8c4c-205285e23667 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: B_whwHM7oAMF_kw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-64162e0a-0c30752b04757beb7ea417a7;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 18 Mar 2023 21:32:58 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C3 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: pPIURVGevjYlykVadfXACVKOnHw9BNb9udBL65Kl-z7I9AUWFDoOeQ== 

                                        
                                            
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 18 Mar 2023 22:01:44 GMT 

                                        
                                            
age: 32366 

                                        
                                            
etag: "59d56060ea97e27de572e48eb907882f5767f427" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   11784

                                                Md5:    49b71c6b1d8a81d5c9e5281eec609c25

                                                Sha1:   59d56060ea97e27de572e48eb907882f5767f427

                                                Sha256: d8d1aa817b12b61d85115c0020fafd2c2e02a0277417e96fb995329ea3c7f01a

                                        
                                            GET /pop.js HTTP/1.1 

                                        
                                            
Host: c1.popads.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/

                                         185.76.9.26

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript; charset=UTF-8

                                        

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:10 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39" 

                                        
                                            
Last-Modified: Tue, 14 Mar 2023 22:06:26 GMT 

                                        
                                            
ETag: W/"6410efe2-82a9" 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
X-Accel-Expires: @1680022542 

                                        
                                            
Server: CDN77-Turbo 

                                        
                                            
X-77-NZT: AblMCRTqVJv/KGkDAA 

                                        
                                            
X-77-NZT-Ray: af585630a27d08c236b316645b8b3830 

                                        
                                            
X-Cache: HIT 

                                        
                                            
X-Age: 223528 

                                        
                                            
X-77-POP: stockholmSE 

                                        
                                            
X-77-Cache: HIT 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document, ASCII text, with very long lines (1568), with CRLF line terminators

                                                Size:   10210

                                                Md5:    9e5d642e5b4f079e61468259e23337a3

                                                Sha1:   d98145c50a6b28c99fcc31ecdb8b00e564685e14

                                                Sha256: 0085b0c78f7a6f8f7379871f778402efb6fe1160098fab2ebbab82c93a8e7248

                                        
                                            GET /quant.js HTTP/1.1 

                                        
                                            
Host: edge.quantserve.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/

                                         91.228.74.200

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:10 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: private, max-age=604800 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Etag: "qnbLQo87mD/KmvsyZTIxlQ==" 

                                        
                                            
Expires: Sun, 26 Mar 2023 07:01:10 GMT 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (22210)

                                                Size:   9158

                                                Md5:    b43a18fbe6986dfc5626e06e8cb23b0f

                                                Sha1:   cc3ee4e5bf5f9a57e04f87c9942329ca985e6833

                                                Sha256: 86107dcf815f1af0107e9c9c07880ad83fb2e56e6949e8b552f788ef917b8f1b

                                        
                                            GET /rules-p-0cfM8Oh7M9bVQ.js HTTP/1.1 

                                        
                                            
Host: rules.quantcount.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/

                                         54.230.111.33

                                        
                                            HTTP/1.1 301 Moved Permanently 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Server: CloudFront 

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:10 GMT 

                                        
                                            
Content-Length: 167 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Location: https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js 

                                        
                                            
X-Cache: Redirect from cloudfront 

                                        
                                            
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-P1 

                                        
                                            
X-Amz-Cf-Id: VtbRd-WiN1oNlhU2qha1FhhXFpg6rCJEKBQ-7YBrV5w0CI9iTMMfpw== 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

                                                Size:   167

                                                Md5:    f5d40b7259645010f9a248858ad14178

                                                Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b

                                                Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: 3x39.sextgem.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/index/__xtblog_entry/10549081-cewek-sange-ngangkang-di-kasur?q=dellassedio&__xtcomments_thread=3674427 

                                        
                                            
Cookie: _xta_uid=133833a14d8c41ea3560335139b48559; _xta_vid=86165386e5d5d1c853543b0c164b9852-1679209268; dom3ic8zudi28v8lr6fgphwffqoz0j6c=5490759c-60dc-4577-979f-5b94c71c205e%3A3%3A1; ppu_main_e2683001b51a3e369fb2d16165c07e07=1

                                         54.36.158.42

                                        
                                            HTTP/1.0 404 Not Found 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:10 GMT 

                                        
                                            
Content-Length: 0 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /pixel;r=1328445930;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2F3x39.sextgem.com%2Findex%2F__xtblog_entry%2F10549081-cewek-sange-ngangkang-di-kasur%3Fq%3Ddellassedio%26__xtcomments_thread%3D3674427;uht=2;fpan=1;fpa=P0-1978130650-1679209272216;pbc=;ns=0;ce=1;qjs=1;qv=757f3135-20230316172511;cm=;gdpr=0;ref=;d=sextgem.com;dst=0;et=1679209272259;tzo=0;ogl=;ses=c5efceb0-8f8f-4e3a-962b-9a13e08dea81 HTTP/1.1 

                                        
                                            
Host: pixel.quantserve.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         91.228.74.208

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
date: Sun, 19 Mar 2023 07:01:11 GMT 

                                        
                                            
content-length: 35 

                                        
                                            
cache-control: private, no-cache, no-store, proxy-revalidate 

                                        
                                            
expires: Fri, 04 Aug 1978 12:00:00 GMT 

                                        
                                            
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" 

                                        
                                            
pragma: no-cache 

                                        
                                            
set-cookie: mc=6416b337-0520b-8197a-c318f; expires=Thu, 18-Apr-2024 07:01:11 GMT; path=/; domain=.quantserve.com 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   35

                                                Md5:    55d25e9dc950d5db4d53a3b195c046c6

                                                Sha1:   75e91ae3e549dab12ed1c9787ade9131aef1c981

                                                Sha256: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: 6.adsco.re

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Origin: http://3x39.sextgem.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/

                                         104.17.167.186

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/plain;charset=UTF-8

                                        

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:11 GMT 

                                        
                                            
Content-Length: 0 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: http://3x39.sextgem.com 

                                        
                                            
Cache-Control: private, max-age=10 

                                        
                                            
Access-Control-Allow-Headers: Content-Type 

                                        
                                            
Access-Control-Allow-Methods: GET, HEAD, OPTIONS 

                                        
                                            
Access-Control-Max-Age: 2592000 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 7aa3d7b91bfa1bfa-OSL 

                                        
                                            
alt-svc: h2=":443"; ma=60 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "2072387C641577426765A397FDA0AAA7163EAF30DA15B7CF9C3C658D07B0A7A3" 

                                        
                                            
Last-Modified: Sat, 18 Mar 2023 22:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=2782 

                                        
                                            
Expires: Sun, 19 Mar 2023 07:47:33 GMT 

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:11 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    a3fd7a4e98eb1fff05b7734665df0a9d

                                                Sha1:   218d36670499aebd9389fbab10beff21e83a7be2

                                                Sha256: 2072387c641577426765a397fda0aaa7163eaf30da15b7cf9c3c658d07b0a7a3

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "2980760F27D7C78ED24BA8DBA3477F45D42097C580B5E8F12CCA310DE7E017A2" 

                                        
                                            
Last-Modified: Sat, 18 Mar 2023 22:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4073 

                                        
                                            
Expires: Sun, 19 Mar 2023 08:09:04 GMT 

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:11 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    c00104269c5a4e115e1c05969e80f91b

                                                Sha1:   21249604889994ee62a796902f045cf425b8f6d1

                                                Sha256: 2980760f27d7c78ed24ba8dba3477f45d42097c580b5e8f12cca310de7e017a2

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: 6.adsco.re

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
X-Moz: prefetch 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://c.adsco.re/

                                         104.17.167.186

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/plain;charset=UTF-8

                                        

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:11 GMT 

                                        
                                            
Content-Length: 0 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Cache-Control: private, max-age=10 

                                        
                                            
Access-Control-Allow-Headers: Content-Type 

                                        
                                            
Access-Control-Allow-Methods: GET, HEAD, OPTIONS 

                                        
                                            
Access-Control-Max-Age: 2592000 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 7aa3d7bb5ef7b51b-OSL 

                                        
                                            
alt-svc: h2=":443"; ma=60 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: pmo5czuevcno.n4.adsco.re

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain;charset=UTF-8 

                                        
                                            
Content-Length: 0 

                                        
                                            
Origin: http://3x39.sextgem.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         38.132.109.186

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:11 GMT 

                                        
                                            
Content-Length: 0 

                                        
                                            
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT 

                                        
                                            
Connection: close 

                                        
                                            
ETag: "5b5f2f9a-0" 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Allow-Methods: GET, POST, OPTIONS 

                                        
                                            
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range 

                                        
                                            
Access-Control-Expose-Headers: Content-Length,Content-Range 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0A24443D62A32E5AAAA3428FDF1B5FF91AE79F7F1C0956C6977E55EB78BD8749" 

                                        
                                            
Last-Modified: Sat, 18 Mar 2023 22:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=6241 

                                        
                                            
Expires: Sun, 19 Mar 2023 08:45:13 GMT 

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:12 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    9c95e9c4d99f27c6227a2ce2f3e69b93

                                                Sha1:   90cc0e0afdca39ff6c010653b1cfeca11a1d0939

                                                Sha256: 0a24443d62a32e5aaaa3428fdf1b5ff91ae79f7f1c0956c6977e55eb78bd8749

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: pmo5czuevcno.s4.adsco.re

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain;charset=UTF-8 

                                        
                                            
Content-Length: 0 

                                        
                                            
Origin: http://3x39.sextgem.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://3x39.sextgem.com/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         185.200.116.90

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Date: Sun, 19 Mar 2023 07:01:12 GMT 

                                        
                                            
Content-Length: 0 

                                        
                                            
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT 

                                        
                                            
Connection: close 

                                        
                                            
ETag: "5b5f30d9-0" 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Allow-Methods: GET, POST, OPTIONS 

                                        
                                            
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range 

                                        
                                            
Access-Control-Expose-Headers: Content-Length,Content-Range 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

URL	3x39.sextgem.com/index/__xtblog_entry/10549081-cewek-sange-ngangkang-di-kasur?q=dellassedio&__xtcomments_thread=3674427
IP	54.36.158.42 (France)
ASN	#16276 OVH SAS
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2023-03-19 07:01:19 UTC
Status	Loading report..
IDS alerts	6
Blocklist alert	2
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (43)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 54.36.158.42

Last 5 reports on ASN: OVH SAS

Last 5 reports on domain: sextgem.com

No other reports with similar screenshot

JavaScript

Executed Scripts (26)

Executed Evals (142)

#1 JavaScript::Eval (size: 11) - SHA256: 2c6631ee0cabea9afb499cec860aab5fcf40ed956651a0b0ea7b3411e1a31cd9

#2 JavaScript::Eval (size: 19) - SHA256: 63fd63a33ca43f07ce872672d604657ec0fbfbe24bec43f4b322c0f7a1c2ce25

#3 JavaScript::Eval (size: 34) - SHA256: 3db042ba8dbf234b0ba7ed8b47e5c8cb58b267af983635a41652258f1e282c0c

#4 JavaScript::Eval (size: 24) - SHA256: a097c9a52546fb53f0340afda7f34b4e47b836e551135e5ad0b5339ebb314a30

#5 JavaScript::Eval (size: 25) - SHA256: 329a9b85817fb7d3bb2492cbcb23f12b14cf9abd181473b838250e3b745fab50

#6 JavaScript::Eval (size: 28) - SHA256: ef184af14e9e4c14bc286dcbd2a00161c209ce5cf6f9e30c4e7de6d929e9aa4d

#7 JavaScript::Eval (size: 4) - SHA256: 1bbd174404efbce95f1af489ef93f4aa0f4d55718f24c3504682216afa7b7fb1

#8 JavaScript::Eval (size: 18) - SHA256: 17720ad70d18a072962c7509a9e8f79d6227be2728fb0e89dafb5a1edbc19f40

#9 JavaScript::Eval (size: 52) - SHA256: b218e02bbc9cda846447b2e8fff62bc41f7f5b0e12ad8adfc05380f8df3288a4

#10 JavaScript::Eval (size: 17) - SHA256: c66ced51cafdeb3a9e3544b0b2e7de4c955a4cd347c4d7b5d74f36923df5a7bd

#11 JavaScript::Eval (size: 23) - SHA256: 76fae4cd7853897c738cd23148b2ebab825379d6ba153e245965183cc3304082

#12 JavaScript::Eval (size: 18) - SHA256: 318e5db431b7c9515f38ae97da21d7c4e75ec281aea96271c0d0f4e22b35df92

#13 JavaScript::Eval (size: 6) - SHA256: 44ff7b02c80d38b26dd6aa31d9470aed81b32e10331a3c994fb1a9945fd847ba

#14 JavaScript::Eval (size: 30) - SHA256: c2ea2223b59cfea384b15228f4cdc0f7337d4909e20e97e2fa42648ef8ecf610

#15 JavaScript::Eval (size: 25) - SHA256: cfab5312f1cfff1e8162225ab27453306ff627f512bcf18225c0a305ca093e1c

#16 JavaScript::Eval (size: 17) - SHA256: f8b516a2a0538b8599ab0452be3f3aa473cf3b0c510275d0a30565cefd564701

#17 JavaScript::Eval (size: 34) - SHA256: 9e0e45f2f824eefaed5af40bcadf2c0ce7943df52cda4c3d67ddb03583418dab

#18 JavaScript::Eval (size: 36) - SHA256: 951bc13086d06d7a02e9c1e56696df1982e9775bd071f7d6d97df719ff445a03

#19 JavaScript::Eval (size: 22) - SHA256: c49e342522959187d587f89ed7dde961d8df29cec6b02dce869f4aa1ac3ef254

#20 JavaScript::Eval (size: 37) - SHA256: 6530649612f535f1adde48ecf8b5de0677e9b5d77db12eb3dfd90b79b363559e

#21 JavaScript::Eval (size: 22) - SHA256: b19d05a8d492320ab4db4d74ea0e9e90374bed47a18e805f8018ebb00af0c23c

#22 JavaScript::Eval (size: 46) - SHA256: b1101545a9bed4591a67166c932701b5ec44cb1976bb9df3d584fa2ab8ba8245

#23 JavaScript::Eval (size: 12) - SHA256: 5191a526bd66a118a4a51956503fdcf4555cc92b48b9a426d04a7af25d3980e1

#24 JavaScript::Eval (size: 24) - SHA256: 6b5c93eab3b74dadfbe0f6c5949ab9f1ec8f012df8f49495664b96b51881ed85

#25 JavaScript::Eval (size: 108) - SHA256: 8eab171b0d256cf386d222b71fbf5380f2051b67452dbd83f41401a6216a789c

#26 JavaScript::Eval (size: 19) - SHA256: 9b078b8e24e4655c21a5876570daac97f2ddc241bfdb259644582b6a7a60930b

#27 JavaScript::Eval (size: 17) - SHA256: b4a3a83fe09d48db0c0b4416fefb19af5f9e069c12d2af8793a18f159574bb79

#28 JavaScript::Eval (size: 23) - SHA256: 2ef7ca07ed70c4ffbc59b1d3fa8df8cd2be1bfc66d1604246926066c9f44fd0c

#29 JavaScript::Eval (size: 19) - SHA256: b37d024d71bdbd575b951acfa9a59a5e84dc2f9d7c89748081ccb862ff3c9033

#30 JavaScript::Eval (size: 16) - SHA256: d6b5ca1760fc8b29e007efc9c8d2cf7e8a2395825f6f77dada95483fc3171bdf

#31 JavaScript::Eval (size: 29) - SHA256: 95b2bbef556b3dc3b807638cb7b08274af9b8998def0c82d81e3a1517100d68f

#32 JavaScript::Eval (size: 24) - SHA256: 89e4c05e12e12f5bdf85a4fb89bad572dd85256091add09fdb9c6e42e703e2bb

#33 JavaScript::Eval (size: 25) - SHA256: 02665a4c106fc96e71ef5a17511cf353ec3f5cccb82ec9fce719b23967728897

#34 JavaScript::Eval (size: 16) - SHA256: cd74e6a3b779a514972758fa195725f40176261af18fbcd246e5f401a3ecf849

#35 JavaScript::Eval (size: 17) - SHA256: c03ab22471edc55763f012b82b8d32f981b31ca921a55cc4a663b8bd953b96e7

#36 JavaScript::Eval (size: 20) - SHA256: 6b612f597a0ed972ce30182713c197e510528ac68ff1711b560641d5f47afefa

#37 JavaScript::Eval (size: 22) - SHA256: 526c9d85cebcd21526a3b7ffdb87a9c2b6229e00b0bf210634abf6c84e0ad143

#38 JavaScript::Eval (size: 48) - SHA256: e7678fa8be4ae3ca69e517858903bb107391f9de7ae346a75288b81b57630269

#39 JavaScript::Eval (size: 18) - SHA256: 0200f755a2c13b9335fe39b3a88f696c334e518e8407780c4731d8e6be966c4e

#40 JavaScript::Eval (size: 10) - SHA256: f73e4e03067983dd5196907f86c9020b174651f1bd0b5d291b217dc927ff068f

#41 JavaScript::Eval (size: 24) - SHA256: 15eb7e222abfc64660d0f94c04053839498df20ea9ac9a13a201701a56ce3bf6

#42 JavaScript::Eval (size: 18) - SHA256: c1fcce173bd0b08415367c934d5db7c4ed130c7f83a485c91682873bff2954ee

#43 JavaScript::Eval (size: 30) - SHA256: 55ef02d9591328210e59a68fcd1945791f4d0f70cdc7cd3999eb4ba175adbafb

#44 JavaScript::Eval (size: 13) - SHA256: 32c6c6c6d07bb5224356b89b5de1adc4c02b1f7b2f464830005443afc6624e85

#45 JavaScript::Eval (size: 17) - SHA256: d204422e9d49293ab422bfabae9607635876cb30f77215f133603bac691f6f4b

#46 JavaScript::Eval (size: 34) - SHA256: de98f45cade0178e1fd1a8257ab99e8431b3d5b35a393217e74ad6caa4efed60

#47 JavaScript::Eval (size: 26) - SHA256: e495f8780d35a18d80e09be6211760313cd30ac601a5c7478f9ddf4ebf8536ba

#48 JavaScript::Eval (size: 25) - SHA256: 0098b3fb5f82abbebff8c293e42863b93e210b01f0032c4147fe1457f5b48a93

#49 JavaScript::Eval (size: 41) - SHA256: af18ee7d06fe2ee2da28af260ea0c78923664ecbc220f3ce395c50b1822dab7a

#50 JavaScript::Eval (size: 12) - SHA256: 27f88609267c27a6f4e778dcb686f1f2fdf0f4f7cd29ad34826b916266ae45a8

#51 JavaScript::Eval (size: 50) - SHA256: 203d92af34680f7fe84b0047f738fae4e2d401f5d28af8d70f067dc77f5acb6a

#52 JavaScript::Eval (size: 12) - SHA256: bc1a6bd7f4ddbcd78987ea609d4595bdf2422cb1be9e85af5d6c199f62000d6c

#53 JavaScript::Eval (size: 32) - SHA256: 90190e51d410f9862884d5984262f9e1b8e46dd1010b50f1c22c9ef3fa1565fc

#54 JavaScript::Eval (size: 17) - SHA256: 9094a3d888951e5671f4b6dce42ef291cd071cb196d8761fef42c010ecf5b142

#55 JavaScript::Eval (size: 17) - SHA256: e5ee82e31ec94cc385b3637227b4435f0547b3d0a4aa60cdda1d8fada4779df3

#56 JavaScript::Eval (size: 17) - SHA256: 13e19bbb45d0bb1d1915240763b5bca4ddef99d01edd749954115168c7842c9c

#57 JavaScript::Eval (size: 15) - SHA256: de7f7b137340e1d218833d7afef73ea711325f139a4428eed317ca0374f67c91

#58 JavaScript::Eval (size: 24) - SHA256: 893fe12669f916947d99616b788aa245f8b45c5b8b34544df4114a6a789217ab

#59 JavaScript::Eval (size: 19) - SHA256: c26c62a09a687d08a3ef9d9a960c5ae2ad47fecc853b4fb0380d71586d260a1b

Network Intrusion Detection Systems