3x39.sextgem.com/index/__xtblog_entry/10580485-foto-toket-montok-tanpa-bh-duo-srigala?__xtblog_block_id=1&page=1&q=Apa
54.36.158.42200 OK 9.2 kB URL HTTP/1.1 3x39.sextgem.com/index/__xtblog_entry/10580485-foto-toket-montok-tanpa-bh-duo-srigala?__xtblog_block_id=1&page=1&q=Apa
IP 54.36.158.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3577), with CRLF, LF line terminators
Hash 5ff1aadb579c0649c2cb5591681e421b
6523674f0a1271c1914c8dd72e8ba3515edac6ad
d6a94a3757b29d790551bc59001b4d6e7cac90a3a00239d649d2647125882a04
GET /index/__xtblog_entry/10580485-foto-toket-montok-tanpa-bh-duo-srigala?__xtblog_block_id=1&page=1&q=Apa HTTP/1.1
Host: 3x39.sextgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:24 GMT
Vary: Host,Accept-Encoding
Set-Cookie: _xta_uid=99c370e43caf6bdf937326230910c1d4; expires=Sun, 23-Mar-2025 22:57:24 GMT; Max-Age=63072000; path=/; domain=.sextgem.com; httponly
_xta_vid=e47d8c50f3f4eb7600e4ffef91821804-1679698644; expires=Fri, 24-Mar-2023 23:27:24 GMT; Max-Age=1800; path=/; domain=.sextgem.com; httponly
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Pragma: no-cache
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Content-Encoding: gzip
Content-Length: 9159
Connection: close
Content-Type: text/html; charset=utf-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 13f90146df1d559743af6df15c29b77b
6dd24f60629c39f857e3c996084f4d515cf3f8d0
ea5975be17b9cd29c8770939eb5d63ce43c1c44ce9a3a4d04e1e79cd69b30d1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA5975BE17B9CD29C8770939EB5D63CE43C1C44CE9A3A4D04E1E79CD69B30D1C"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17121
Expires: Sat, 25 Mar 2023 03:42:45 GMT
Date: Fri, 24 Mar 2023 22:57:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4301
Expires: Sat, 25 Mar 2023 00:09:05 GMT
Date: Fri, 24 Mar 2023 22:57:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 24 Mar 2023 22:15:18 GMT
content-type: application/json
age: 2527
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dc2752d83fbed82852248898a132467a
b27a6b4af2e07663a58cafb641513f7224c7a7c3
ea7838393d83805a7b8a2b01bd09e4423617c4da285b983a11e9ba36266810d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA7838393D83805A7B8A2B01BD09E4423617C4DA285B983A11E9BA36266810D5"
Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11503
Expires: Sat, 25 Mar 2023 02:09:08 GMT
Date: Fri, 24 Mar 2023 22:57:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ozVXwN8I/wCJwTwYH4AQtqQuJuAVaXirLd63pbsMGLSGqtab2BfNRKoIKhhejZayN6xmAmHD3yM=
x-amz-request-id: 1HFC3QZ9YXJ7V6JH
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 24 Mar 2023 22:54:41 GMT
age: 164
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 22:57:25 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Allerta
216.58.207.202200 OK 268 B URL HTTP/1.1 fonts.googleapis.com/css?family=Allerta
IP 216.58.207.202:0
Hash b74f6bb2a291875d4c08852ea0b5b39b
8cb70b97699a9f85853e17cb3ca3dad30bed9547
f7abe6743b90f118ee4a1ec1dd5ec08fd1e2f1ce08e252eb3ee09021c587027a
GET /css?family=Allerta HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 24 Mar 2023 22:57:25 GMT
Date: Fri, 24 Mar 2023 22:57:25 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
cdn.popcash.net/pop.js
151.139.128.11200 OK 38 kB IP 151.139.128.11:0
File type ASCII text, with very long lines (65390)
Hash 98cfe0446b61a1f2a2df62468da0202c
156362703ec16548fe52ef46832fdad94d493463
903349d17d20a9010f59b6feed6519fda179cf5606bbde8abcd58db81525b527
Analyzer Verdict Alert fortinet Malware
GET /pop.js HTTP/1.1
Host: cdn.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:25 GMT
Content-Encoding: gzip
Content-Type: application/javascript
Last-Modified: Thu, 02 Mar 2023 10:45:34 GMT
Accept-Ranges: bytes
ETag: W/"64007e4e-1f3e1"
Cache-Control: max-age=2592000, public
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9rYuUP7atvh891%2FtI9NR%2Ff1zdqTkKtiARKT3HL4BBrKgJFwa%2B4GnuBMibawvKewa5SJaAMfWnsK2wfcqzEYqDKoHK1zXD2l%2FC9OIT8r662vjd6brignX5SC0msu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a5e0e344d3bfac4-OSL
Alt-Svc: h2=":443"; ma=60
Vary: Accept-Encoding
X-HW: 1679698645.cds238.sk1.h2,1679698645.cds216.sk1.c
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 38289
3x39.sextgem.com/xtgem_template.css?v=1425524391
54.36.158.42200 OK 3.6 kB URL HTTP/1.1 3x39.sextgem.com/xtgem_template.css?v=1425524391
IP 54.36.158.42:0
File type ASCII text, with CRLF line terminators
Hash 8a2b1bae634a7a7d3cec448e0c613833
db0079da090fae041489aa1d31bc7eb82b931c08
a670c684aeb167d7737b9982002432deaf9bd17ced6d6bf396242ce47e6d60d6
GET /xtgem_template.css?v=1425524391 HTTP/1.1
Host: 3x39.sextgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/index/__xtblog_entry/10580485-foto-toket-montok-tanpa-bh-duo-srigala?__xtblog_block_id=1&page=1&q=Apa
Cookie: _xta_uid=99c370e43caf6bdf937326230910c1d4; _xta_vid=e47d8c50f3f4eb7600e4ffef91821804-1679698644
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:25 GMT
Vary: Host,Accept-Encoding
Set-Cookie: _xta_uid=99c370e43caf6bdf937326230910c1d4; expires=Sun, 23-Mar-2025 22:57:25 GMT; Max-Age=63072000; path=/; domain=.sextgem.com; httponly
Content-Encoding: gzip
Content-Length: 3629
Connection: close
Content-Type: text/css;charset=UTF-8
tsiwqtng8huauw30n.com/t/9/fret/meow4/1255387/brt.js
62.122.171.6200 OK 29 kB URL HTTP/1.1 tsiwqtng8huauw30n.com/t/9/fret/meow4/1255387/brt.js
IP 62.122.171.6:0
File type ASCII text, with very long lines (64960)
Hash dbe4f47a185464b340ddc5448fc1b880
1179f22a1e521646581a323a44b521b714f0c87b
3f2e51c60675d91527ef4b49791646a876408f3bcd69459f5bdf683ea10e8587
GET /t/9/fret/meow4/1255387/brt.js HTTP/1.1
Host: tsiwqtng8huauw30n.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 22:57:25 GMT
Content-Type: application/javascript
Last-Modified: Wed, 22 Mar 2023 14:10:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"641b0c47-123f5"
X-JS-AB1: current
Timing-Allow-Origin: *
Accept-CH: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
Content-Encoding: gzip
u-on.eu/c.php?u=73196
163.172.215.201301 Moved Permanently 310 B IP 163.172.215.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e3c179228be47134f82b0627b716d1fa
8695c7241a19818d3e5f95e8a74dda012e77bf67
3f6d7d76eee4ea65138d605e953a979e0ba7b4fc7d3b41925462d73c8c9ec87d
GET /c.php?u=73196 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 24 Mar 2023 22:57:25 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://u-on.eu/c.php?u=73196
Content-Length: 310
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
sextgem.com/js/page_templates.js
141.94.172.213200 OK 600 B URL HTTP/1.1 sextgem.com/js/page_templates.js
IP 141.94.172.213:0
Hash 40399e3e5e1a172dd101d6aaf7611b85
dbf7f0961ceea4c42625b7b574dc5fe78b752b24
02208b6b15ad77f658951e1b2f02d657e59dae0335d742707e2d5b2b614520f4
GET /js/page_templates.js HTTP/1.1
Host: sextgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Cookie: _xta_uid=99c370e43caf6bdf937326230910c1d4; _xta_vid=e47d8c50f3f4eb7600e4ffef91821804-1679698644
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:25 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "5fb-59774aa04e000-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sun, 23 Apr 2023 22:57:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 600
Connection: close
Content-Type: application/javascript
u-on.eu/c.php?u=73195
163.172.215.201301 Moved Permanently 310 B IP 163.172.215.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 15a3230c1bd4295cfcb73c2d0e70bb1a
0c39beec6c39d1a258a62170aa1fd180b05355c4
ac18b9e6d83f6f668fe99b95fff89f3c96fb251e5f5795f62517557eeef98715
GET /c.php?u=73195 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 24 Mar 2023 22:57:25 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://u-on.eu/c.php?u=73195
Content-Length: 310
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
u-on.eu/c.php?u=70103
163.172.215.201301 Moved Permanently 310 B IP 163.172.215.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 92c6fec1f351530bfd90c53630b6ac54
9daad52e555a164e70a287cc9622420305c7c89a
f200deca44d3401dd734aa4c89f6105c3bd1bd8363dd7ff334a260e62ff0922f
GET /c.php?u=70103 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 24 Mar 2023 22:57:25 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://u-on.eu/c.php?u=70103
Content-Length: 310
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
u-on.eu/c.php?u=72767
163.172.215.201301 Moved Permanently 310 B IP 163.172.215.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3150ae9a2925d40efa3546a50cbdf06a
2dcf79b3004798728f4fb642221ca2b076d72e77
06cd1b1ef516d3d1ffc17a40944caa25850fbedebdcdf62aec7520f061105785
GET /c.php?u=72767 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 24 Mar 2023 22:57:25 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://u-on.eu/c.php?u=72767
Content-Length: 310
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
u-on.eu/c.php?u=73203
163.172.215.201301 Moved Permanently 310 B IP 163.172.215.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 29fea643f06a51d492d0def29bc6cb9f
7bae4750a468279f8abc45a042972e0d16abc4bb
e4fc7504bcf3bce5ce11408e92c271ce368b8a04d7db9eece943ee393100d01e
GET /c.php?u=73203 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 24 Mar 2023 22:57:25 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://u-on.eu/c.php?u=73203
Content-Length: 310
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
fonts.gstatic.com/s/allerta/v18/TwMO-IAHRlkbx940YnYXSA.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/1.1 fonts.gstatic.com/s/allerta/v18/TwMO-IAHRlkbx940YnYXSA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7824, version 1.0\012- data
Hash 0cd3b03c066851fd03e8e51a0bb713cd
ab90570fbff72d7d5070ef9629da2e31b506575a
ef4a4798ee810a9641529acd802d9b08b48623504b15d10fba88fc42dcb2d9f6
GET /s/allerta/v18/TwMO-IAHRlkbx940YnYXSA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7824
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 24 Mar 2023 10:54:20 GMT
Expires: Sat, 23 Mar 2024 10:54:20 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 19 Apr 2022 18:20:16 GMT
Content-Type: font/woff2
Age: 43385
xtgem.com/images/xtvid/indiandesibhabi.png
141.94.172.213200 OK 21 kB URL HTTP/1.1 xtgem.com/images/xtvid/indiandesibhabi.png
IP 141.94.172.213:0
File type PNG image data, 320 x 50, 8-bit/color RGB, non-interlaced\012- data
Hash a7c6c2293d063cc2bb6bef8b932a3b42
96588c4605b82376b5aba115a982680ebed7c7d7
41c494a4a40022a2a77b68e98d21730715263b026744c1e30a2efb3a6f6d3ed6
GET /images/xtvid/indiandesibhabi.png HTTP/1.1
Host: xtgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:25 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "52ff-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 21247
Cache-Control: max-age=2592000
Expires: Sun, 23 Apr 2023 22:57:25 GMT
X-Ngz: 1
Connection: close
Content-Type: image/png
4.bp.blogspot.com/-TZr4tNW0VM8/VR8pVUB0F6I/AAAAAAAABF4/OZi8EeMnzkU/s1600/300x250-1322162014.gif
142.250.74.161404 Not Found 832 B URL HTTP/1.1 4.bp.blogspot.com/-TZr4tNW0VM8/VR8pVUB0F6I/AAAAAAAABF4/OZi8EeMnzkU/s1600/300x250-1322162014.gif
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /-TZr4tNW0VM8/VR8pVUB0F6I/AAAAAAAABF4/OZi8EeMnzkU/s1600/300x250-1322162014.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Fri, 24 Mar 2023 22:57:25 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
cif.images.xtstatic.com/tp.gif
141.94.172.213200 OK 42 B URL HTTP/1.1 cif.images.xtstatic.com/tp.gif
IP 141.94.172.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /tp.gif HTTP/1.1
Host: cif.images.xtstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:25 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "2a-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 42
Cache-Control: max-age=2592000
Expires: Sun, 23 Apr 2023 22:57:25 GMT
Connection: close
Content-Type: image/gif
enif.images.xtstatic.com/tp.gif
141.94.172.213200 OK 42 B URL HTTP/1.1 enif.images.xtstatic.com/tp.gif
IP 141.94.172.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /tp.gif HTTP/1.1
Host: enif.images.xtstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:25 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "2a-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 42
Cache-Control: max-age=2592000
Expires: Sun, 23 Apr 2023 22:57:25 GMT
Connection: close
Content-Type: image/gif
edryc.pun.bz/files/bokep-online-gratis.png
45.56.79.23302 Found 0 B URL HTTP/1.1 edryc.pun.bz/files/bokep-online-gratis.png
IP 45.56.79.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/bokep-online-gratis.png HTTP/1.1
Host: edryc.pun.bz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Fri, 24 Mar 2023 22:57:25 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://d39f23jfph0ylk.cloudfront.net/pun.bz.png
vary: Accept-Language
content-language: en
connection: close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4f21a50959999280526e05d7e8869da4
36ea759b1a1614ac91e0b31d956e1d800d17fec6
870e6081f1356a87cdcf15724afe8c7b14353146ea33d6c00201a3eb9e65daff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "870E6081F1356A87CDCF15724AFE8C7B14353146EA33D6C00201A3EB9E65DAFF"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10125
Expires: Sat, 25 Mar 2023 01:46:10 GMT
Date: Fri, 24 Mar 2023 22:57:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4f21a50959999280526e05d7e8869da4
36ea759b1a1614ac91e0b31d956e1d800d17fec6
870e6081f1356a87cdcf15724afe8c7b14353146ea33d6c00201a3eb9e65daff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "870E6081F1356A87CDCF15724AFE8C7B14353146EA33D6C00201A3EB9E65DAFF"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10142
Expires: Sat, 25 Mar 2023 01:46:27 GMT
Date: Fri, 24 Mar 2023 22:57:25 GMT
Connection: keep-alive
u-on.eu/c.php?u=72767
163.172.215.201200 OK 1.4 kB IP 163.172.215.201:0
File type PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash e298d07ebfa44003cb0bf362b68ad62f
d51a235161c62a1b545f9f538eaeae4e68fa2031
19f3c390967543598f0b2b3c67edfa64b9a78f4bcb7a5ac84a1b57751fc00ff8
GET /c.php?u=72767 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:25 GMT
Server: Apache/2.4.29 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 1361
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
u-on.eu/c.php?u=73195
163.172.215.201200 OK 1.2 kB IP 163.172.215.201:0
File type PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash e2e53604a9f7f6fda2f35b29314d5863
f1f54a502b3eba5c74a9aa0a134aff3fe6522164
d33481bc712fb5e19431ebbe73fbd864e17b6cc5a13725658b57b746569b69ac
GET /c.php?u=73195 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:25 GMT
Server: Apache/2.4.29 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 1221
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4f21a50959999280526e05d7e8869da4
36ea759b1a1614ac91e0b31d956e1d800d17fec6
870e6081f1356a87cdcf15724afe8c7b14353146ea33d6c00201a3eb9e65daff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "870E6081F1356A87CDCF15724AFE8C7B14353146EA33D6C00201A3EB9E65DAFF"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16061
Expires: Sat, 25 Mar 2023 03:25:06 GMT
Date: Fri, 24 Mar 2023 22:57:25 GMT
Connection: keep-alive
u-on.eu/c.php?u=73196
163.172.215.201200 OK 1.2 kB IP 163.172.215.201:0
File type PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash e2e53604a9f7f6fda2f35b29314d5863
f1f54a502b3eba5c74a9aa0a134aff3fe6522164
d33481bc712fb5e19431ebbe73fbd864e17b6cc5a13725658b57b746569b69ac
GET /c.php?u=73196 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:25 GMT
Server: Apache/2.4.29 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 1221
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4f21a50959999280526e05d7e8869da4
36ea759b1a1614ac91e0b31d956e1d800d17fec6
870e6081f1356a87cdcf15724afe8c7b14353146ea33d6c00201a3eb9e65daff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "870E6081F1356A87CDCF15724AFE8C7B14353146EA33D6C00201A3EB9E65DAFF"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16131
Expires: Sat, 25 Mar 2023 03:26:16 GMT
Date: Fri, 24 Mar 2023 22:57:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4f21a50959999280526e05d7e8869da4
36ea759b1a1614ac91e0b31d956e1d800d17fec6
870e6081f1356a87cdcf15724afe8c7b14353146ea33d6c00201a3eb9e65daff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "870E6081F1356A87CDCF15724AFE8C7B14353146EA33D6C00201A3EB9E65DAFF"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16058
Expires: Sat, 25 Mar 2023 03:25:03 GMT
Date: Fri, 24 Mar 2023 22:57:25 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 67ff66c5c69cdc68538c293b384b7ffc
8ed6ccb20d4abacbca2b5036410483efc42afc0f
3189523fcd71acf9a951eb132b7ce50bf46a9fbacaaf9fce17d531c99cc62927
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 28 Mar 2023 22:00:54 GMT
ETag: "8ed6ccb20d4abacbca2b5036410483efc42afc0f"
Last-Modified: Fri, 24 Mar 2023 22:00:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1584
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ad2835768e0b4f9-OSL
u-on.eu/c.php?u=70103
163.172.215.201200 OK 1.2 kB IP 163.172.215.201:0
File type PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash e2e53604a9f7f6fda2f35b29314d5863
f1f54a502b3eba5c74a9aa0a134aff3fe6522164
d33481bc712fb5e19431ebbe73fbd864e17b6cc5a13725658b57b746569b69ac
GET /c.php?u=70103 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:25 GMT
Server: Apache/2.4.29 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 1221
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
u-on.eu/c.php?u=73203
163.172.215.201200 OK 1.2 kB IP 163.172.215.201:0
File type PNG image data, 88 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash e2e53604a9f7f6fda2f35b29314d5863
f1f54a502b3eba5c74a9aa0a134aff3fe6522164
d33481bc712fb5e19431ebbe73fbd864e17b6cc5a13725658b57b746569b69ac
GET /c.php?u=73203 HTTP/1.1
Host: u-on.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:25 GMT
Server: Apache/2.4.29 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 1221
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 24 Mar 2023 22:14:33 GMT
age: 2572
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
dcba.popcash.net/znWaa3gu
34.195.57.98204 No Content 0 B URL HTTP/2 dcba.popcash.net/znWaa3gu
IP 34.195.57.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /znWaa3gu HTTP/1.1
Host: dcba.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 24 Mar 2023 22:57:25 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 70300b32357c46f3448d567189b64cb3
6ba66a5cf63cdbfeaec59b936151cc812bac56df
5a2b4f9fc5ebaa8062058bf68eae75fc28e06c6ef6a0e79c3c761c1d92f81cb9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A2B4F9FC5EBAA8062058BF68EAE75FC28E06C6EF6A0E79C3C761C1D92F81CB9"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15268
Expires: Sat, 25 Mar 2023 03:11:53 GMT
Date: Fri, 24 Mar 2023 22:57:25 GMT
Connection: keep-alive
js.buzzcity.net/bcads.js
74.63.241.30200 OK 484 B IP 74.63.241.30:0
ASN #46475 LIMESTONENETWORKS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (484), with no line terminators
Hash 75e95e63bd67057f57be9b54ec3fe3e5
7ba52527cb645be47d395dfa228598c0c6d3e921
013934663ae83573b13a9d4c0f2be651b62f60e3ef4404ee00ee662e4a608c79
GET /bcads.js HTTP/1.1
Host: js.buzzcity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 484
content-type: text/html; charset=utf-8
date: Fri, 24 Mar 2023 22:57:25 GMT
server: nginx
set-cookie: sid=3ec453c6-ca97-11ed-8f91-c857c1736093; path=/; domain=.buzzcity.net; expires=Thu, 12 Apr 2091 02:11:33 GMT; max-age=2147483647; HttpOnly
3x39.sextgem.com/blog_images/Duo-srigala-bugil.jpg
54.36.158.42200 OK 3.1 MB URL HTTP/1.1 3x39.sextgem.com/blog_images/Duo-srigala-bugil.jpg
IP 54.36.158.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=8, datetime=2015:04:11 09:43:01, height=2499, software=Pixlr, orientation=upper-left, width=2499], baseline, precision 8, 2499x2499, components 3\012- data
Size 3.1 MB (3136650 bytes)
Hash 31655462a94e5253bde4a002671be410
56ab0b5a4e7e74bdc310c6779d9a92fac2834905
1c109e44fc387087b2e4aa0e275ea81d8024414ed48b7e87d94a8905532f118d
GET /blog_images/Duo-srigala-bugil.jpg HTTP/1.1
Host: 3x39.sextgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/index/__xtblog_entry/10580485-foto-toket-montok-tanpa-bh-duo-srigala?__xtblog_block_id=1&page=1&q=Apa
Cookie: _xta_uid=99c370e43caf6bdf937326230910c1d4; _xta_vid=e47d8c50f3f4eb7600e4ffef91821804-1679698644
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:25 GMT
Set-Cookie: _xta_uid=99c370e43caf6bdf937326230910c1d4; expires=Sun, 23-Mar-2025 22:57:25 GMT; Max-Age=63072000; path=/; domain=.sextgem.com; httponly
Cache-Control: max-age=2592000
Expires: Sun, 23 Apr 2023 22:57:25 GMT
X-Ngz: 1
Last-Modified: Sat, 11 Apr 2015 02:49:46 GMT
ETag: "2fdc8a-51369ef030680"
Content-Length: 3136650
Connection: close
Content-Type: image/jpeg
push.services.mozilla.com/
44.238.132.194101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.132.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: djnHhrsZbLQQbL4p+pAkzw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AAYPcY6ly0gs2vNYWNmm/2OptU4=
xtgem.com/fonts/xtgem-icons.woff
141.94.172.213200 OK 5.4 kB URL HTTP/1.1 xtgem.com/fonts/xtgem-icons.woff
IP 141.94.172.213:0
File type Web Open Font Format, CFF, length 5424, version 1.0\012- data
Hash f0c3cafca1e480dc3123353e4fb92a6c
85152433616a878ba5f9aac8f45a66730a267c22
665d6e99d2f45ec11e045322517b1f31a40452bee7462e78bb4550398f6e1086
GET /fonts/xtgem-icons.woff HTTP/1.1
Host: xtgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:26 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "1530-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 5424
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Connection: close
Content-Type: application/font-woff
c.waplog.net/562933.cnt
69.16.231.57200 OK 2.2 kB IP 69.16.231.57:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (622)
Hash a9812ec7ab9acb37ef5ab177f3662f85
9bddb911f9b0105ffcd2bf812db1f58f1e7b6bdc
3e703ffc1c0019b1a80e04749173bfff7884f922f11d1fd4cab8f1218bbd2dce
GET /562933.cnt HTTP/1.1
Host: c.waplog.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:25 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 2242
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
js.buzzcity.net/bcads.js
74.63.241.30200 OK 484 B IP 74.63.241.30:0
ASN #46475 LIMESTONENETWORKS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (484), with no line terminators
Hash 4aeb4ffa89e4fad08a0e5e7a2d62ad36
43ffe7356a23d6ce65783e72c2265c5d04c22025
02b56b78be280b4e070acfffd2de59de31ee16020f2648961bcd8921cfe5f466
GET /bcads.js HTTP/1.1
Host: js.buzzcity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 484
content-type: text/html; charset=utf-8
date: Fri, 24 Mar 2023 22:57:25 GMT
server: nginx
set-cookie: sid=3ef49cc0-ca97-11ed-955f-c8570d5de9cf; path=/; domain=.buzzcity.net; expires=Thu, 12 Apr 2091 02:11:33 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a784165dc6f3c16b73e08c3c3839de5d
52801ac34be9937375d9f9c9d35126d2e58171c3
acf4e01a90c3f49ec82814de0d4d5261ba618858c06588bf2f2bc08939bda177
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ACF4E01A90C3F49EC82814DE0D4D5261BA618858C06588BF2F2BC08939BDA177"
Last-Modified: Wed, 22 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6824
Expires: Sat, 25 Mar 2023 00:51:10 GMT
Date: Fri, 24 Mar 2023 22:57:26 GMT
Connection: keep-alive
xtgem.com/images/close2.png?v=0.01
141.94.172.213200 OK 564 B URL HTTP/1.1 xtgem.com/images/close2.png?v=0.01
IP 141.94.172.213:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 865dce1b2a4002b9a85f75ea622f4000
f56c8218b5ca721a9e5a3daec742a6f38c33c075
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
GET /images/close2.png?v=0.01 HTTP/1.1
Host: xtgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:26 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "234-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 564
Cache-Control: max-age=2592000
Expires: Sun, 23 Apr 2023 22:57:26 GMT
X-Ngz: 1
Connection: close
Content-Type: image/png
xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC8zeDM5LnNleHRnZW0uY29tXC9pbmRleD9fX3h0YmxvZ19lbnRyeT0xMDU4MDQ4NSZfX3h0YmxvZ19ibG9ja19pZD0xJnBhZ2U9MSZxPUFwYSIsImxvZ2dlZF9pbiI6ZmFsc2UsImRvbWFpbiI6IjN4Mzkuc2V4dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19
141.94.172.213200 OK 2.9 kB URL HTTP/1.1 xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC8zeDM5LnNleHRnZW0uY29tXC9pbmRleD9fX3h0YmxvZ19lbnRyeT0xMDU4MDQ4NSZfX3h0YmxvZ19ibG9ja19pZD0xJnBhZ2U9MSZxPUFwYSIsImxvZ2dlZF9pbiI6ZmFsc2UsImRvbWFpbiI6IjN4Mzkuc2V4dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19
IP 141.94.172.213:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (998)
Hash 32408e0c67084606750bff5f76a8dbca
c79cac485f78592b7b4209525d59ec6f6ade12b5
f890b24e965671686700e6a8f76111999982632c1264d3054061b44dbbbfe180
GET /__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC8zeDM5LnNleHRnZW0uY29tXC9pbmRleD9fX3h0YmxvZ19lbnRyeT0xMDU4MDQ4NSZfX3h0YmxvZ19ibG9ja19pZD0xJnBhZ2U9MSZxPUFwYSIsImxvZ2dlZF9pbiI6ZmFsc2UsImRvbWFpbiI6IjN4Mzkuc2V4dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19 HTTP/1.1
Host: xtgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:26 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: session=w5~un9cnfuchj2clpn6283okbdl32; expires=Sat, 25-Mar-2023 22:57:26 GMT; Max-Age=86400; path=/; domain=.xtgem.com; httponly
__template=web; expires=Sun, 23-Apr-2023 22:57:26 GMT; Max-Age=2592000; path=/
__lang=us; expires=Sun, 23-Apr-2023 22:57:26 GMT; Max-Age=2592000; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2894
Content-Type: text/html; charset=UTF-8
ocsp.buypass.com/
23.36.76.200200 OK 1.7 kB IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Hash fe65da14f05f3dfd6cf86551c222cec7
b1d95519b1d178d76040dfd0bf31a27f104a7d0c
2aad0ed0c674d3a7cef8685f779b38a587bc9b1aea1e27d4e7967ac04dde3e83
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 6d84303e-b022-4537-aa64-27a23a8dac06
Content-Length: 1701
Date: Fri, 24 Mar 2023 22:57:26 GMT
Connection: keep-alive
ocsp.buypass.com/
23.36.76.200200 OK 1.7 kB IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Hash fe65da14f05f3dfd6cf86551c222cec7
b1d95519b1d178d76040dfd0bf31a27f104a7d0c
2aad0ed0c674d3a7cef8685f779b38a587bc9b1aea1e27d4e7967ac04dde3e83
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 15b4adfd-00ee-4228-9569-954bb8f2b5ef
Content-Length: 1701
Date: Fri, 24 Mar 2023 22:57:26 GMT
Connection: keep-alive
tsiwqtng8huauw30n.com/solid.gif?z=1255387&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 tsiwqtng8huauw30n.com/solid.gif?z=1255387&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1255387&abvar=0 HTTP/1.1
Host: tsiwqtng8huauw30n.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 22:57:26 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.buypass.com/
23.36.76.200200 OK 1.7 kB IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Hash 35c81270bbf116907209ae6193f66696
e11b71769383f2c3b386ce55f6bf0324c8f49018
6253b92989f95c83234274c57ea989ea0d14f9b6230687ef8a0d4f7b6b2b54ac
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 6b6518b3-31a6-4e14-8180-4b4925171019
Content-Length: 1701
Date: Fri, 24 Mar 2023 22:57:26 GMT
Connection: keep-alive
c.waplog.net/562933.cnt
69.16.231.57302 Moved Temporarily 0 B IP 69.16.231.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /562933.cnt HTTP/1.1
Host: c.waplog.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 302 Moved Temporarily
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Cache-Control: no-cache
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Mar 2023 22:57:26 GMT
Location: http://ww12.waplog.net/562933.cnt
Pragma: no-cache
Connection: Keep-Alive
X-Powered-By: PHP/5.4.16
Content-Length: 0
ocsp.buypass.com/
23.36.76.200200 OK 1.7 kB IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Hash 89cda56c752dd6d80134cb4d5263cd7f
2501ce8e0d98e63cb7b560733b90cfee37d3a253
747cbd56ef4db7ba61f23f8e0fc587d6e56598d496278a4ca7562308eca7262c
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: c8c37de8-54ef-487e-9515-b492c12b585d
Content-Length: 1701
Date: Fri, 24 Mar 2023 22:57:26 GMT
Connection: keep-alive
tslomhfys.com/solid.gif?z=1549892&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 tslomhfys.com/solid.gif?z=1549892&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1549892&abvar=0 HTTP/1.1
Host: tslomhfys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 22:57:26 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ww12.waplog.net/562933.cnt
75.2.81.221200 OK 5.7 kB URL HTTP/1.1 ww12.waplog.net/562933.cnt
IP 75.2.81.221:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1184)
Hash 014cd08162f255fa0e03f7689d09efd3
cde7280a181f51e5176e06b5687687696a66078f
eb09e992c530a6eaa62cb2bac21fd89f9b366434595420a6181c9515952160ff
GET /562933.cnt HTTP/1.1
Host: ww12.waplog.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://3x39.sextgem.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_kV1wEMtnUeKC9/oEtyf7aIpSAsoNwe2Qbm9njoZdlo9XJS7Lx7VES5gOOoTGknWc9revMdWHOcfN4hvmzYsaKw==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Domain: waplog.net
X-Subdomain: ww12
Content-Encoding: gzip
cdn.pncloudfl.com/pn/630/a45/83a/630a4583aa798597b20ac88a68b90f1bc6f139cc.jpg
104.22.58.221200 OK 36 kB URL HTTP/2 cdn.pncloudfl.com/pn/630/a45/83a/630a4583aa798597b20ac88a68b90f1bc6f139cc.jpg
IP 104.22.58.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash be2b89a0488bf68873a1a2ad3bc5a567
3882fc720492964824bd89dffd02133b48e756be
1257256d4c3974690b13aa43da8939b7e2cfefec64b5c6a45d5f1ebeab521e2c
GET /pn/630/a45/83a/630a4583aa798597b20ac88a68b90f1bc6f139cc.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 22:57:27 GMT
content-type: image/webp
content-length: 35984
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=64109
content-disposition: inline; filename="630a4583aa798597b20ac88a68b90f1bc6f139cc.webp"
etag: b44e2253eea5a74a96a1be61a63db8d7
expires: Sat, 25 Mar 2023 20:32:37 GMT
last-modified: Wed, 08 Feb 2023 02:36:41 GMT
vary: Accept
x-openstack-request-id: tx4f9d269c39a042e2a0382-006412678f
x-proxy-cache: HIT
x-timestamp: 1675823800.10103
x-trans-id: tx4f9d269c39a042e2a0382-006412678f
cf-cache-status: HIT
age: 95090
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 7ad283607dee0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xxccdshj.com//i/npage/1737978/code.js
62.122.171.6200 OK 93 kB URL HTTP/2 xxccdshj.com//i/npage/1737978/code.js
IP 62.122.171.6:0
Hash f09eabb7d924574bbd2dcb4edcabb7eb
e52c4a2d91370d5613b9db150e8c288e0afc02e1
457424dca660eb0fe6fb26121221e1e35b75d461d511881cd266f40611daba0d
GET //i/npage/1737978/code.js HTTP/1.1
Host: xxccdshj.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 22:57:26 GMT
content-type: application/javascript
last-modified: Wed, 22 Mar 2023 14:10:15 GMT
vary: Accept-Encoding
etag: W/"641b0c47-344b3"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.pncloudfl.com/pn/56b/a42/3bc/56ba423bcacf05767ef7de043ed317f576e84ee2.png
104.22.58.221200 OK 43 kB URL HTTP/2 cdn.pncloudfl.com/pn/56b/a42/3bc/56ba423bcacf05767ef7de043ed317f576e84ee2.png
IP 104.22.58.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3e1c3d6737455035df23e1dd8c628159
ff5c77c8792281620a4793b43f38f1fdcc6f1c0a
eacb5c75d830f937a643288a9bb5ef5076c072ab6a2c5c4b3a9280ac8b0e0689
GET /pn/56b/a42/3bc/56ba423bcacf05767ef7de043ed317f576e84ee2.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 22:57:27 GMT
content-type: image/webp
content-length: 42896
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=55940
content-disposition: inline; filename="56ba423bcacf05767ef7de043ed317f576e84ee2.webp"
etag: b1f706760c0795f113260650d8b23f19
expires: Sat, 25 Mar 2023 20:22:25 GMT
last-modified: Wed, 13 Oct 2021 17:28:50 GMT
vary: Accept
x-openstack-request-id: tx9efe245160574944a0d40-0061b07698
x-proxy-cache: HIT
x-timestamp: 1634146129.98710
x-trans-id: tx9efe245160574944a0d40-0061b07698
cf-cache-status: HIT
age: 95702
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 7ad283607dfa0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c1.popads.net/pop.js
185.76.9.18200 OK 10 kB IP 185.76.9.18:0
ASN #60068 Datacamp Limited
File type HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Hash 9e5d642e5b4f079e61468259e23337a3
d98145c50a6b28c99fcc31ecdb8b00e564685e14
0085b0c78f7a6f8f7379871f778402efb6fe1160098fab2ebbab82c93a8e7248
GET /pop.js HTTP/1.1
Host: c1.popads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:27 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
alt-svc: quic="185.76.9.13:443"; ma=2592000; v="44,43,39"
Last-Modified: Tue, 14 Mar 2023 22:06:26 GMT
ETag: W/"6410efe2-82a9"
Access-Control-Allow-Origin: *
Server: CDN77-Turbo
X-77-NZT: AblMCQ0er7j/n+AKAA
X-77-NZT-Ray: c0a4cc2815d8b001d72a1e64de59b308
X-Accel-Expires: @1680022584
X-Cache: HIT
X-Age: 712863
X-77-POP: stockholmSE
X-77-Cache: HIT
Content-Encoding: gzip
www.gravatar.com/avatar/b8dcb8b7313a08c6171335c598bc8738.jpg?s=16&d=mm
192.0.73.2200 OK 787 B URL HTTP/1.1 www.gravatar.com/avatar/b8dcb8b7313a08c6171335c598bc8738.jpg?s=16&d=mm
IP 192.0.73.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 16x16, components 3\012- data
Hash a45c6b0d3417ecf7526a242fc4bc2b14
9298cab03a54859d9bf7d9d4823830f57ad59439
07b220b403aa5a5a26a0142c29fe186aefb56ec846b47c588bbf22958cc4a905
GET /avatar/b8dcb8b7313a08c6171335c598bc8738.jpg?s=16&d=mm HTTP/1.1
Host: www.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Mar 2023 22:57:27 GMT
Content-Type: image/jpeg
Content-Length: 787
Connection: keep-alive
Last-Modified: Thu, 16 Sep 2010 22:53:29 GMT
Link: <https://www.gravatar.com/avatar/b8dcb8b7313a08c6171335c598bc8738.jpg?s=16&d=mm>; rel="canonical"
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="b8dcb8b7313a08c6171335c598bc8738.png"
Expires: Fri, 24 Mar 2023 23:02:27 GMT
Cache-Control: max-age=300
X-nc: HIT arn 4
Accept-Ranges: bytes
d39f23jfph0ylk.cloudfront.net/pun.bz.png
54.192.98.130200 OK 1.1 kB URL HTTP/2 d39f23jfph0ylk.cloudfront.net/pun.bz.png
IP 54.192.98.130:0
File type PNG image data, 151 x 49, 8-bit grayscale, non-interlaced\012- data
Hash 5605447d5b5425cfb5b845ad6b2b4287
52ec2abf74f302872bb90a6a289867517e6a495b
b112b4ab0824b2f85238c42d68e2cd346128253fc77237d2b5966804bca53bff
GET /pun.bz.png HTTP/1.1
Host: d39f23jfph0ylk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1084
last-modified: Wed, 28 Aug 2019 14:40:55 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 24 Mar 2023 22:21:55 GMT
etag: "5605447d5b5425cfb5b845ad6b2b4287"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 10ba4f180c8b00c38f956300d7b2f4c8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 8DhtEzFoaVC_wK5HrdmwFbxdJQzsPdo-FY_SSEQ_SOFJy3rj6urKdA==
age: 2133
X-Firefox-Spdy: h2
edge.quantserve.com/quant.js
91.228.74.159200 OK 9.2 kB URL HTTP/1.1 edge.quantserve.com/quant.js
IP 91.228.74.159:0
File type ASCII text, with very long lines (22210)
Hash b43a18fbe6986dfc5626e06e8cb23b0f
cc3ee4e5bf5f9a57e04f87c9942329ca985e6833
86107dcf815f1af0107e9c9c07880ad83fb2e56e6949e8b552f788ef917b8f1b
GET /quant.js HTTP/1.1
Host: edge.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: private, max-age=604800
Content-Encoding: gzip
Etag: "qnbLQo87mD/KmvsyZTIxlQ=="
Expires: Fri, 31 Mar 2023 22:57:27 GMT
Vary: Accept-Encoding
rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
54.230.111.16301 Moved Permanently 167 B URL HTTP/1.1 rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
IP 54.230.111.16:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /rules-p-0cfM8Oh7M9bVQ.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 24 Mar 2023 22:57:27 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
X-Cache: Redirect from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VlP8mTRMmjvGtTygdOPX5gi3mnWa_jSOesFUjw8oH2cujPZ74PykiA==
rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
54.230.111.16200 OK 160 B URL HTTP/2 rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
IP 54.230.111.16:0
Hash 2440f0fe7f89d580c051f453f7cc5d22
2f90ae2004b7fb87b87d5d826699a799610358b8
01e8c64b761cce7a14c9a7f82d4fa2162138e5e6e556350df4730498ea6417bf
GET /rules-p-0cfM8Oh7M9bVQ.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://3x39.sextgem.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 160
last-modified: Fri, 14 Oct 2022 00:42:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Fri, 24 Mar 2023 22:33:41 GMT
cache-control: max-age=3600
etag: "2440f0fe7f89d580c051f453f7cc5d22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eC_Bx8Raf9Oc4rOWwPkRQm1_o_IdDudBZOv3BHMuh5bwSTRY_Tz8cg==
age: 1859
X-Firefox-Spdy: h2
3x39.sextgem.com/favicon.ico
54.36.158.42404 Not Found 0 B URL HTTP/1.0 3x39.sextgem.com/favicon.ico
IP 54.36.158.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 3x39.sextgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/index/__xtblog_entry/10580485-foto-toket-montok-tanpa-bh-duo-srigala?__xtblog_block_id=1&page=1&q=Apa
Cookie: _xta_uid=99c370e43caf6bdf937326230910c1d4; _xta_vid=e47d8c50f3f4eb7600e4ffef91821804-1679698644; pnState={"impressions":0,"delayStarted":1679698658618,"page":"/index/__xtblog_entry/10580485-foto-toket-montok-tanpa-bh-duo-srigala"}
HTTP/1.0 404 Not Found
Date: Fri, 24 Mar 2023 22:57:27 GMT
Content-Length: 0
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 9850cb24ede7641d095cc6f324e2a72d
1d726e98906bc643c239edd6e1c4c1641cb6eded
5c9e9655fce08390d330b935a0324d4d50f8cd262342888633271708ec6cdc41
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5644
Cache-Control: max-age=157409
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 22:57:27 GMT
Etag: "641dd8ac-1d7"
Expires: Sun, 26 Mar 2023 18:40:56 GMT
Last-Modified: Fri, 24 Mar 2023 17:06:52 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
pixel.quantserve.com/pixel;r=1164464821;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2F3x39.sextgem.com%2Findex%2F__xtblog_entry%2F10580485-foto-toket-montok-tanpa-bh-duo-srigala%3F__xtblog_block_id%3D1%26page%3D1%26q%3DApa;uht=2;fpan=1;fpa=P0-305885196-1679698658777;pbc=;ns=0;ce=1;qjs=1;qv=757f3135-20230316172511;cm=;gdpr=0;ref=;d=sextgem.com;dst=0;et=1679698658806;tzo=0;ogl=;ses=389dc162-8a7e-4115-b508-f63cbea492e0
91.228.74.166200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1164464821;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2F3x39.sextgem.com%2Findex%2F__xtblog_entry%2F10580485-foto-toket-montok-tanpa-bh-duo-srigala%3F__xtblog_block_id%3D1%26page%3D1%26q%3DApa;uht=2;fpan=1;fpa=P0-305885196-1679698658777;pbc=;ns=0;ce=1;qjs=1;qv=757f3135-20230316172511;cm=;gdpr=0;ref=;d=sextgem.com;dst=0;et=1679698658806;tzo=0;ogl=;ses=389dc162-8a7e-4115-b508-f63cbea492e0
IP 91.228.74.166:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1164464821;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2F3x39.sextgem.com%2Findex%2F__xtblog_entry%2F10580485-foto-toket-montok-tanpa-bh-duo-srigala%3F__xtblog_block_id%3D1%26page%3D1%26q%3DApa;uht=2;fpan=1;fpa=P0-305885196-1679698658777;pbc=;ns=0;ce=1;qjs=1;qv=757f3135-20230316172511;cm=;gdpr=0;ref=;d=sextgem.com;dst=0;et=1679698658806;tzo=0;ogl=;ses=389dc162-8a7e-4115-b508-f63cbea492e0 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 22:57:27 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=641e2ad7-51eb5-bbe70-167fb; expires=Tue, 23-Apr-2024 22:57:27 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186200 OK 30 kB IP 104.17.166.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (713)
Hash acbeff53621631b451e6295da1b516c2
8ec081db4be72380db55d21f2eac1b642031cf79
3a2cc66423bfe325f614261efe6564e8f288c3e1117a70c9bbf67b41c51f2795
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Mon, 24 Apr 2023 22:57:27 GMT
ETag: W/"cMPvpvd3jDHdlppiuYNttw=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1280
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ad283629dd6b503-OSL
alt-svc: h2=":443"; ma=60
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:27 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://3x39.sextgem.com
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ad28362bb510b4d-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15315
Expires: Sat, 25 Mar 2023 03:12:42 GMT
Date: Fri, 24 Mar 2023 22:57:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15315
Expires: Sat, 25 Mar 2023 03:12:42 GMT
Date: Fri, 24 Mar 2023 22:57:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15315
Expires: Sat, 25 Mar 2023 03:12:42 GMT
Date: Fri, 24 Mar 2023 22:57:27 GMT
Connection: keep-alive
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash a684f3b449a125d2285678a6be0172a9
f5ba7774839ee9f45e1f2a88d322d3c3cfcc971f
91945112515f30fe6017f31f87a483adb2040d8435fce14fe9c44e89cf433b2c
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: http://3x39.sextgem.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15315
Expires: Sat, 25 Mar 2023 03:12:42 GMT
Date: Fri, 24 Mar 2023 22:57:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15315
Expires: Sat, 25 Mar 2023 03:12:42 GMT
Date: Fri, 24 Mar 2023 22:57:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aecd210f66f83c73c3450d047ae7448a
d68861e96e12e8a3f293dbae8b687f05b6e15afb
22b69c41c56e5538d91f824d5dc2e63ab5563f99ae8e429c9166f4b397cacd0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5296
x-amzn-requestid: 11fdf0c8-244c-4cd5-bfa7-4c77d777174f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiuzEqkIAMFXOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17f8-5c241d63598dbf595b54ead5;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:36:56 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: b1KWFmKdRQ4DU0v5JmC7AJatpv2B5FAHKVWL7pFiyh13fqYDA5qydA==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:57:13 GMT
age: 3614
etag: "d68861e96e12e8a3f293dbae8b687f05b6e15afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf1038f-e1d8-41a0-a039-85a85d278271.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf1038f-e1d8-41a0-a039-85a85d278271.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02e0767e0c72d95e30337ad42f5d15b3
79aa21ca35c9d98ea7d0713d219e9b67083bdc05
7991a0c4d409cca49259cb626d0de39684635f14fad72e074b303235026673a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf1038f-e1d8-41a0-a039-85a85d278271.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6511
x-amzn-requestid: 38d33f4d-2b85-4666-b778-04f4b4dfdf10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTihSFIdIAMFRjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17a1-036a28e75189d05209396933;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:29 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: eYAgUDZFGkaskq0A77VgX54hvvjtQtClrFyED3COkankS76uD7hTAQ==
via: 1.1 53ee82a7eb57de316cba44c26680b4a6.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:43:52 GMT
age: 4415
etag: "79aa21ca35c9d98ea7d0713d219e9b67083bdc05"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73f9697594d173d623b331b5c35eab8d
6323f751f6b7517f062a0442480f672086ea02a1
116cb71658b31e87f19c390b242c684f6505cc8edf90b7fc934ac726fc7ddd18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8635
x-amzn-requestid: fc715b03-f48f-4300-b752-ab157a684f08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTihcETyIAMFhYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17a2-68f685ec0f50dae026ea3f64;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: i6dsVaC_gPijsRqh_EL5tZYZpjNEbQJvKIpPq501TIJZzcLUWeRz9w==
via: 1.1 ba490acb2ea716cd57876286ed686786.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:45:56 GMT
age: 4291
etag: "6323f751f6b7517f062a0442480f672086ea02a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F824b0012-dfce-43bf-8955-72831cc61188.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F824b0012-dfce-43bf-8955-72831cc61188.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9fd355f0e246bf9a1303d8afa9f1084
396b099f70cb3eff1bdd4d5343da104cd379b09c
384295c095ab737fbbd78f5165be6f4c2c02d000521b1f7893563b9b2eafb0b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F824b0012-dfce-43bf-8955-72831cc61188.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8114
x-amzn-requestid: 71780de2-2c43-4a5c-9541-9334e96f4a74
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTjQGHtSIAMFX9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e18cd-6b5831e85ebef2035ed181c1;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:40:29 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 9r-EIfk4Im_MO0TH4XkS--B_GaBb4ZnJw0YHz39zjFrzVQXedINGYA==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:56:42 GMT
etag: "396b099f70cb3eff1bdd4d5343da104cd379b09c"
content-type: image/jpeg
age: 3645
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F575e6da3-b226-4052-a0b9-fca28ce33cdf.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F575e6da3-b226-4052-a0b9-fca28ce33cdf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4eff72cc67baab6193459fde6258b90
afda12d540eca8e8bd8ef9451c764bcf52ad26ec
d7a42e4f1940187cf3ee0ca7da042544f40b1c55997dc3a2f90bb524eaa98921
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F575e6da3-b226-4052-a0b9-fca28ce33cdf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11362
x-amzn-requestid: b22b73ca-a711-4898-a279-eab98b4597a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTjS9F_HIAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e18df-6c691516066b4b50453013f3;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:40:47 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: _rudRr3bavf-10Yp9sip4sTZrENdo1YGlDShmuTWdHcXpe4Ngt2uWA==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:56:43 GMT
age: 3644
etag: "afda12d540eca8e8bd8ef9451c764bcf52ad26ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: vOBDFA2LzOIp_0dMXApotrithfiToWtpM2xMRyx1pWAE86olKT6EpQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 02:36:43 GMT
age: 73244
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c636663c347d4344a34e8763d9113060
d0aa790282598167e104fd942b9250138dedb56f
0765b4d13b1214fd46e6f5d8ae6219e9b191944f5c4e2ad0ff754fc3a971bca5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0765B4D13B1214FD46E6F5D8AE6219E9B191944F5C4E2AD0FF754FC3A971BCA5"
Last-Modified: Fri, 24 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12617
Expires: Sat, 25 Mar 2023 02:27:44 GMT
Date: Fri, 24 Mar 2023 22:57:27 GMT
Connection: keep-alive
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://c.adsco.re/
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:27 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ad28363cf60fab8-OSL
alt-svc: h2=":443"; ma=60
ixgjarsw474l.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 ixgjarsw474l.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ixgjarsw474l.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:27 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 254b69cace8dd8476fcf193222751ed5
29f98aa0830b4f9b04df6b7d4d5e5ce3e38399b3
01621d85cde768d849b35c6d4ef04d3b09371e938eecb38f6433f6e7954b1255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01621D85CDE768D849B35C6D4EF04D3B09371E938EECB38F6433F6E7954B1255"
Last-Modified: Fri, 24 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8028
Expires: Sat, 25 Mar 2023 01:11:15 GMT
Date: Fri, 24 Mar 2023 22:57:27 GMT
Connection: keep-alive
adsco.re/p
162.252.214.5200 OK 411 B IP 162.252.214.5:0
File type ASCII text, with very long lines (487), with no line terminators
Hash d3434781d655dfbc61ff47410526b31f
aa635d95bb8d87f26fa06732aa828dd967e759d8
6a543e764e876677c1be9b650c1d1ede7183a1d145ce89fa82b78d3fb564675f
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 2053
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: http://3x39.sextgem.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ixgjarsw474l.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 ixgjarsw474l.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ixgjarsw474l.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:28 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 38abcbcccc02e90a0e12c234c7d3d783
b5236c42366d7fbe50d77a6f13e8868fe7ac0c1d
b9ff216b3eb3c31e9d06aca7f9dc557b95e7fd49fa8ab887211dfa46443060cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9FF216B3EB3C31E9D06ACA7F9DC557B95E7FD49FA8AB887211DFA46443060CC"
Last-Modified: Fri, 24 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15683
Expires: Sat, 25 Mar 2023 03:18:51 GMT
Date: Fri, 24 Mar 2023 22:57:28 GMT
Connection: keep-alive
serve.popads.net/c?_=BQFiAAAAAAAACZUAAqybNwGm07Z0c009PdhfDcxKwMAkZsLR45TNEmBKKVxTXdfjCQ0n81eWlVsPlok0dubr4qut1D6qAnYA6KQ5260ozg6h9oBplnKrEcIHP0H4v0OSvgNH4ddTpfTrQM-G55goAgHfiH76ddWfkDbjm-c3u8dlQgr_5XyCLKWT_g-NrobFwXNpV7r9077qoiikBOAPSgCF46UH9bx_MnTjd5vCMh-BOjNSAgN3wCiwOQ8fsDOWIJURhmQDcpraR9-9epiUKFpy5cX_vs6WtqXN5BxGBzmRLjk9vvtCrflyFMuQsgR6LzcMWw7fqMlNCJYGtW5jMTPBRLOFh3bAJKsj7Bj0t39aspIwb84UkBwiTuuiVyg0WzV_ltQQa33Orc2XCVQOJpYm4IreHPvLaahQAU1e2rU_V_BsrssasAeorLglIrBrf_hcZkftLumZiWa-EmlsuSPy16Ind5hdw1lV2Qk&v=4&siteId=369888&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0
216.21.13.11200 OK 44 B URL HTTP/1.1 serve.popads.net/c?_=BQFiAAAAAAAACZUAAqybNwGm07Z0c009PdhfDcxKwMAkZsLR45TNEmBKKVxTXdfjCQ0n81eWlVsPlok0dubr4qut1D6qAnYA6KQ5260ozg6h9oBplnKrEcIHP0H4v0OSvgNH4ddTpfTrQM-G55goAgHfiH76ddWfkDbjm-c3u8dlQgr_5XyCLKWT_g-NrobFwXNpV7r9077qoiikBOAPSgCF46UH9bx_MnTjd5vCMh-BOjNSAgN3wCiwOQ8fsDOWIJURhmQDcpraR9-9epiUKFpy5cX_vs6WtqXN5BxGBzmRLjk9vvtCrflyFMuQsgR6LzcMWw7fqMlNCJYGtW5jMTPBRLOFh3bAJKsj7Bj0t39aspIwb84UkBwiTuuiVyg0WzV_ltQQa33Orc2XCVQOJpYm4IreHPvLaahQAU1e2rU_V_BsrssasAeorLglIrBrf_hcZkftLumZiWa-EmlsuSPy16Ind5hdw1lV2Qk&v=4&siteId=369888&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0
IP 216.21.13.11:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /c?_=BQFiAAAAAAAACZUAAqybNwGm07Z0c009PdhfDcxKwMAkZsLR45TNEmBKKVxTXdfjCQ0n81eWlVsPlok0dubr4qut1D6qAnYA6KQ5260ozg6h9oBplnKrEcIHP0H4v0OSvgNH4ddTpfTrQM-G55goAgHfiH76ddWfkDbjm-c3u8dlQgr_5XyCLKWT_g-NrobFwXNpV7r9077qoiikBOAPSgCF46UH9bx_MnTjd5vCMh-BOjNSAgN3wCiwOQ8fsDOWIJURhmQDcpraR9-9epiUKFpy5cX_vs6WtqXN5BxGBzmRLjk9vvtCrflyFMuQsgR6LzcMWw7fqMlNCJYGtW5jMTPBRLOFh3bAJKsj7Bj0t39aspIwb84UkBwiTuuiVyg0WzV_ltQQa33Orc2XCVQOJpYm4IreHPvLaahQAU1e2rU_V_BsrssasAeorLglIrBrf_hcZkftLumZiWa-EmlsuSPy16Ind5hdw1lV2Qk&v=4&siteId=369888&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: serve.popads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3x39.sextgem.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Fri, 24 Mar 2023 22:57:28 GMT
ixgjarsw474l.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 ixgjarsw474l.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ixgjarsw474l.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://3x39.sextgem.com
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 22:57:28 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
xxccdshj.com/get/1737978?zoneid=1737978&jp=_cldowclb3grue2f9tlmxkh&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=4332205381922480
62.122.171.6200 OK 0 B URL HTTP/2 xxccdshj.com/get/1737978?zoneid=1737978&jp=_cldowclb3grue2f9tlmxkh&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=4332205381922480
IP 62.122.171.6:0
GET /get/1737978?zoneid=1737978&jp=_cldowclb3grue2f9tlmxkh&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=4332205381922480 HTTP/1.1
Host: xxccdshj.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 22:57:27 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2303241757c9fdac12a632478f953462c55c; Path=/; Expires=Sat, 23 Mar 2024 22:57:27 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
tsiwqtng8huauw30n.com/get/1255387?zoneid=1255387&jp=_clkgxa5samscax6kdlyosy&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=5739580265467935
62.122.171.6200 OK 0 B URL HTTP/2 tsiwqtng8huauw30n.com/get/1255387?zoneid=1255387&jp=_clkgxa5samscax6kdlyosy&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=5739580265467935
IP 62.122.171.6:0
GET /get/1255387?zoneid=1255387&jp=_clkgxa5samscax6kdlyosy&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=5739580265467935 HTTP/1.1
Host: tsiwqtng8huauw30n.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 22:57:26 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=23032417571e6e8187688c4d539a1dd4f8c1; Path=/; Expires=Sat, 23 Mar 2024 22:57:26 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
tslomhfys.com/apu.php?zoneid=1549892
62.122.171.6200 OK 0 B URL HTTP/2 tslomhfys.com/apu.php?zoneid=1549892
IP 62.122.171.6:0
GET /apu.php?zoneid=1549892 HTTP/1.1
Host: tslomhfys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 22:57:26 GMT
content-type: application/javascript
last-modified: Wed, 22 Mar 2023 14:10:15 GMT
vary: Accept-Encoding
etag: W/"641b0c47-123f5"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 22:57:27 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 24 Apr 2023 22:57:27 GMT
etag: W/"cMPvpvd3jDHdlppiuYNttw=="
cf-cache-status: HIT
age: 1284
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad283618a04b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tslomhfys.com/get/1549892?zoneid=1549892&jp=_cln23er39gicfjxwp1nx43&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=6865480172356213
62.122.171.6200 OK 0 B URL HTTP/2 tslomhfys.com/get/1549892?zoneid=1549892&jp=_cln23er39gicfjxwp1nx43&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=6865480172356213
IP 62.122.171.6:0
GET /get/1549892?zoneid=1549892&jp=_cln23er39gicfjxwp1nx43&nojs=0&ix=0&abvar=0&febuild=1.0.82&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=6865480172356213 HTTP/1.1
Host: tslomhfys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3x39.sextgem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 22:57:26 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=230324175754d138a44b23479890aafda3bc; Path=/; Expires=Sat, 23 Mar 2024 22:57:26 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2