www.gesek.info Open in urlscan Pro
2606:4700:e4::ac40:a307  Public Scan

27 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

• https://whos.amung.us/swidget/wa8t1ix2j6hm HTTP 307
• https://widgets.amung.us/small/09/989.png

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.gesek.info/	34 KB 7 KB	194ms 157ms	Document text/html	2606:4700:e4::ac40:a307 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gesek.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a307 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.45 Resource Hash 43ad484ff8aee527f18e53795d0127984fbf6f49a8b98297702376858170df0a Request headers :method GET :authority www.gesek.info :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT content-type text/html set-cookie __cfduid=d83da5e494cb608d0b0a98f1de83b00a91615890437; expires=Thu, 15-Apr-21 10:27:17 GMT; path=/; domain=.gesek.info; HttpOnly; SameSite=Lax x-powered-by PHP/5.4.45 cf-cache-status DYNAMIC cf-request-id 08dc2c6f4e00003128a7a81000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HO0gLuecadzXpj%2FskwXcQb2vjCLc%2FOiroUXvDyFYMQgmt4nf59GYvg8UrzjyehYucsnoq%2F0OAwbbwQO1VZB5W%2Bh16SbturxqzP5TPgve2hM3DJhqdVhlDtabog%3D%3D"}]} nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare cf-ray 630d49c548913128-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	gesek.info.png www.gesek.info/	14 KB 15 KB	12ms 11ms	Image image/png	2606:4700:e4::ac40:a307 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gesek.info/gesek.info.png Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a307 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6bf67450cf0ce5baf6bcfec80df368902b4838c4cfec9bdaada4207a53c0d6c8 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 1653 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14760 cf-request-id 08dc2c6ff200003128eb3de000000001 last-modified Tue, 02 Apr 2019 01:24:40 GMT server cloudflare etag "5ca2b9d8-39a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2Kj9TVczAy9kj18cey%2BCvhGFhhQB1cvtQILGiHuEiKfsQTVuTculobjJNm1X4W6ygDvEeGaSPKLWtFtcJg0%2FDMVEaD1UfbNYVAbmoP09oAdtskJhfDIerb9%2Bdw%3D%3D"}]} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 630d49c64a633128-FRA
GET H2	200	fa2ac176a73cc8bb4746daed63436bfb.8.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/fa/2a/c1/fa2ac176a73cc8bb4746daed63436bfb/	17 KB 18 KB	101ms 42ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/fa/2a/c1/fa2ac176a73cc8bb4746daed63436bfb/fa2ac176a73cc8bb4746daed63436bfb.8.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash ba8feb495344a72315a09f2f849dda413fe4c02e6c17b875ed2dcb2e7af9964b Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 16 Mar 2021 10:27:18 GMT x-age-lb 2706196, 6179362 x-edge-pop pragueCZ x-77-cache HIT content-length 17554 x-77-nzt AcO1rwI3LhnvIkpeAA== x-lb-ip 143.244.58.216, 212.102.56.1 x-cache-lb HIT, MISS, HIT last-modified Tue, 27 Oct 2020 01:40:26 GMT server CDN77-Turbo x-77-nzt-ray ymTxUJu9tzE= x-lb-pop pragueCZ, frankfurtDE content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public x-edge-ip 185.152.65.60 accept-ranges bytes expires Fri, 02 Apr 2021 14:14:40 GMT
GET H2	200	efce4d86ce10afed9bc274304c590cf7.6.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/ef/ce/4d/efce4d86ce10afed9bc274304c590cf7/	18 KB 19 KB	126ms 74ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/ef/ce/4d/efce4d86ce10afed9bc274304c590cf7/efce4d86ce10afed9bc274304c590cf7.6.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash 54e4403ba34b4365a5ca471c78e19bb7eeec1aef09cc38a6412886137f1e5f90 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 16 Mar 2021 10:27:18 GMT x-age-lb 99799 x-77-cache HIT x-cache HIT x-age 12341 x-77-nzt AcO1rwIBb4bv14UBAA== content-length 18800 x-cache-lb HIT last-modified Tue, 25 Aug 2020 03:28:39 GMT server CDN77-Turbo x-77-nzt-ray RbwQ/IBl5GQ= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public accept-ranges bytes expires Tue, 13 Jul 2021 03:18:18 GMT
GET H2	200	c8d78882414ba655c11374cbcd796496.24.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/c8/d7/88/c8d78882414ba655c11374cbcd796496/	14 KB 14 KB	125ms 72ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/c8/d7/88/c8d78882414ba655c11374cbcd796496/c8d78882414ba655c11374cbcd796496.24.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash 393a00bbacc5d918a8aea709f1e44762dc46f15a039733852a9056961295d3ea Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 16 Mar 2021 10:27:18 GMT x-age-lb 212962 x-77-cache HIT x-cache HIT x-age 67306 x-77-nzt AcO1rwLHx8Pv4j8DAA== content-length 13978 x-cache-lb HIT last-modified Sat, 13 Mar 2021 03:25:01 GMT server CDN77-Turbo x-77-nzt-ray Ix8uOL+C7rc= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public accept-ranges bytes expires Sun, 11 Jul 2021 04:36:10 GMT
GET H/1.1	200 OK	edc13fbe6b0f01c026eab620ee43aa04.16.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/ed/c1/3f/edc13fbe6b0f01c026eab620ee43aa04/	15 KB 15 KB	41ms 9ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/ed/c1/3f/edc13fbe6b0f01c026eab620ee43aa04/edc13fbe6b0f01c026eab620ee43aa04.16.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash 80c855751a54137b55b0cd0acec3cfad5a8e85a7f4b119cfe9a3fce060c7e5c3 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 16 Mar 2021 10:27:18 GMT Last-Modified Sun, 31 Jan 2021 03:39:51 GMT ETag "1612064391" X-HW 1615890438.dop207.fr8.t,1615890438.cds228.fr8.shn,1615890438.dop207.fr8.t,1615890438.cds245.fr8.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=6542201 Connection Keep-Alive Accept-Ranges bytes Content-Length 15220
GET H2	200	3407c0b54cb296adaef3d1701c1c37b7.16.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/34/07/c0/3407c0b54cb296adaef3d1701c1c37b7/	22 KB 22 KB	116ms 64ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/34/07/c0/3407c0b54cb296adaef3d1701c1c37b7/3407c0b54cb296adaef3d1701c1c37b7.16.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash b9278556abaabd6488168554675e78f4b7d212380b49802d23917d78f2c2004f Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 16 Mar 2021 10:27:18 GMT x-age-lb 1252016 x-77-cache HIT x-cache HIT x-age 76127 x-77-nzt AcO1rwIiuHfvsBoTAA== content-length 22565 x-cache-lb HIT last-modified Sun, 28 Feb 2021 23:56:24 GMT server CDN77-Turbo x-77-nzt-ray CzXCyLZ40+I= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public accept-ranges bytes expires Tue, 29 Jun 2021 01:31:35 GMT
GET H/1.1	200 OK	28cda0efa08968b60072ed435fc0324a.2.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/28/cd/a0/28cda0efa08968b60072ed435fc0324a/	12 KB 13 KB	43ms 10ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/28/cd/a0/28cda0efa08968b60072ed435fc0324a/28cda0efa08968b60072ed435fc0324a.2.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash 8d2198b43f90083b53876d80eff5c60f168f0458155ed34108d4e58e31483948 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 16 Mar 2021 10:27:18 GMT Last-Modified Mon, 01 Mar 2021 20:27:01 GMT ETag "1614630421" X-HW 1615890438.dop208.fr8.t,1615890438.cds015.fr8.shn,1615890438.dop208.fr8.t,1615890438.cds219.fr8.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=7776000 Connection Keep-Alive Accept-Ranges bytes Content-Length 12745
GET H2	200	4167be195c350ba53eed10514ef4920b.10.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/41/67/be/4167be195c350ba53eed10514ef4920b/	12 KB 12 KB	126ms 74ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/41/67/be/4167be195c350ba53eed10514ef4920b/4167be195c350ba53eed10514ef4920b.10.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash eb8e10007cfe33e1bdfd9aac61fb7fd2c07cab9016e06c12f73e6e188601888a Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 16 Mar 2021 10:27:18 GMT x-age-lb 335957 x-77-cache HIT x-cache HIT x-age 56580 x-77-nzt AcO1rwIOrzXvVSAFAA== content-length 12366 x-cache-lb HIT last-modified Thu, 11 Mar 2021 17:02:05 GMT server CDN77-Turbo x-77-nzt-ray Fowaq2ULm0g= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public accept-ranges bytes expires Fri, 09 Jul 2021 21:25:01 GMT
GET H2	200	849816c9050c1e7b94d8a264e9425ec0.3.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/84/98/16/849816c9050c1e7b94d8a264e9425ec0/	29 KB 29 KB	126ms 74ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/84/98/16/849816c9050c1e7b94d8a264e9425ec0/849816c9050c1e7b94d8a264e9425ec0.3.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash 16c3ad58837180d427f60590004743ef9a300efdf40f97f288a1deefce54c5ab Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 16 Mar 2021 10:27:18 GMT x-age-lb 5832877 x-edge-pop losangelesUSCA x-77-cache HIT x-cache HIT x-age 346287 x-77-nzt AcO1rwI8HJPvrQBZAA== content-length 29211 x-cache-lb HIT last-modified Mon, 22 May 2017 09:43:36 GMT server CDN77-Turbo x-77-nzt-ray C1PnSnEAx28= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public x-edge-ip 143.244.51.211 accept-ranges bytes expires Mon, 03 May 2021 22:01:14 GMT
GET H/1.1	200 OK	08dbd511226569829820917f869ab2fd.5.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/08/db/d5/08dbd511226569829820917f869ab2fd/	17 KB 18 KB	43ms 10ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/08/db/d5/08dbd511226569829820917f869ab2fd/08dbd511226569829820917f869ab2fd.5.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash faf283fccd14201185baa565f059bdd348efce6b41cc03a206373b85882f73c9 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 16 Mar 2021 10:27:18 GMT Last-Modified Fri, 02 Oct 2020 12:08:52 GMT ETag "1601640532" X-HW 1615890438.dop207.fr8.t,1615890438.cds120.fr8.shn,1615890438.dop207.fr8.t,1615890438.cds266.fr8.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=6501602 Connection Keep-Alive Accept-Ranges bytes Content-Length 17762
GET H/1.1	200 OK	56bd88a24fe5e59fa7c44a503a99c4b0.5.jpg img-l3.xvideos-cdn.com/videos/thumbs169ll/56/bd/88/56bd88a24fe5e59fa7c44a503a99c4b0/	21 KB 22 KB	35ms 8ms	Image image/jpeg	8.241.10.251 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://img-l3.xvideos-cdn.com/videos/thumbs169ll/56/bd/88/56bd88a24fe5e59fa7c44a503a99c4b0/56bd88a24fe5e59fa7c44a503a99c4b0.5.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 8.241.10.251 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 8738abb4b8772ff51beaea998799fb977b6c6335b24079e42fe0be6b9471c860 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 22 Dec 2020 23:02:56 GMT Last-Modified Mon, 24 Aug 2020 14:57:06 GMT Server nginx Age 7212262 Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=10368000 Connection keep-alive Accept-Ranges bytes Content-Length 21719 Expires Thu, 22 Apr 2021 16:38:21 GMT
GET H2	200	c94624911c1136f75f209bd300847c03.5.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/c9/46/24/c94624911c1136f75f209bd300847c03/	12 KB 12 KB	67ms 63ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/c9/46/24/c94624911c1136f75f209bd300847c03/c94624911c1136f75f209bd300847c03.5.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash a338381fcb7868a77a969a9624b7dc1dc7d8b6aa07ae9d52dbed2f94908e2a2f Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 16 Mar 2021 10:27:18 GMT x-age-lb 97062 x-77-cache HIT x-cache HIT x-age 14805 x-77-nzt AcO1rwIPGanvJnsBAA== content-length 12380 x-cache-lb HIT last-modified Sun, 14 Mar 2021 21:10:56 GMT server CDN77-Turbo x-77-nzt-ray 7biLa2ORxSo= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public accept-ranges bytes expires Tue, 13 Jul 2021 03:22:51 GMT
GET H2	200	381fa0a60d16ba035c5c0306b1722a98.9.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/38/1f/a0/381fa0a60d16ba035c5c0306b1722a98/	17 KB 17 KB	67ms 63ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/38/1f/a0/381fa0a60d16ba035c5c0306b1722a98/381fa0a60d16ba035c5c0306b1722a98.9.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash 3c1eb91adbde462e1a2927e756ae3f11388eb5af1cd0c3087fca1f981d80a219 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 16 Mar 2021 10:27:18 GMT x-age-lb 6114018 x-edge-pop losangelesUSCA x-77-cache HIT x-cache HIT x-age 64202 x-77-nzt AcO1rwKrZ/zv4kpdAA== content-length 17219 x-cache-lb HIT last-modified Sat, 15 Sep 2018 05:24:18 GMT server CDN77-Turbo x-77-nzt-ray FKEqXcXe53o= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public x-edge-ip 143.244.51.211 accept-ranges bytes expires Mon, 03 May 2021 22:16:58 GMT
GET H/1.1	200 OK	7766f2c23668dc193ad199939a9d7c61.29.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/77/66/f2/7766f2c23668dc193ad199939a9d7c61/	15 KB 15 KB	15ms 11ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/77/66/f2/7766f2c23668dc193ad199939a9d7c61/7766f2c23668dc193ad199939a9d7c61.29.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash f8f889e12e1422a576c82bd3fd1c05e62a2cc582e5f879d2bd0732c7b9e607a1 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 16 Mar 2021 10:27:18 GMT Last-Modified Sat, 15 Dec 2018 23:04:43 GMT ETag "1544915083" X-HW 1615890438.dop207.fr8.t,1615890438.cds120.fr8.shn,1615890438.dop207.fr8.t,1615890438.cds097.fr8.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=2720405 Connection Keep-Alive Accept-Ranges bytes Content-Length 15120
GET H/1.1	200 OK	46dc1740d4e80380d21c5af98ce1f6dc.20.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/46/dc/17/46dc1740d4e80380d21c5af98ce1f6dc/	10 KB 10 KB	15ms 11ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/46/dc/17/46dc1740d4e80380d21c5af98ce1f6dc/46dc1740d4e80380d21c5af98ce1f6dc.20.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash 70b094fd47ff4f05b70c817c8b62ed556f082429f725898b7ab3d2b3d971dce7 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 16 Mar 2021 10:27:18 GMT Last-Modified Sun, 14 Mar 2021 03:14:42 GMT ETag "1615691682" X-HW 1615890438.dop208.fr8.t,1615890438.cds015.fr8.shn,1615890438.dop208.fr8.t,1615890438.cds149.fr8.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=7776000 Connection Keep-Alive Accept-Ranges bytes Content-Length 9815
GET H2	200	5ee557e5fb02fc704cbd75b684604e8b.25.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/5e/e5/57/5ee557e5fb02fc704cbd75b684604e8b/	13 KB 13 KB	71ms 67ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/5e/e5/57/5ee557e5fb02fc704cbd75b684604e8b/5ee557e5fb02fc704cbd75b684604e8b.25.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash cf711adb2bfd946ff647d769f6277fca46e1149b6ea2c8816df816205806091b Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 16 Mar 2021 10:27:18 GMT x-age-lb 211783 x-77-cache HIT x-cache HIT x-age 1311 x-77-nzt AcO1rwIcqODvRzsDAA== content-length 13031 x-cache-lb HIT last-modified Sat, 13 Mar 2021 18:16:04 GMT server CDN77-Turbo x-77-nzt-ray Byfc9Q9EXW0= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public accept-ranges bytes expires Sun, 11 Jul 2021 23:15:44 GMT
GET H/1.1	200 OK	95efe5a5e2f73a6569ff9e587fb11345.15.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/95/ef/e5/95efe5a5e2f73a6569ff9e587fb11345/	21 KB 21 KB	15ms 10ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/95/ef/e5/95efe5a5e2f73a6569ff9e587fb11345/95efe5a5e2f73a6569ff9e587fb11345.15.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash 848107d016fcfec8638b62f33dda14fa1c7a8e9b41d8c6cd4e1c945edb282df8 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 16 Mar 2021 10:27:18 GMT Last-Modified Mon, 09 Dec 2019 02:30:27 GMT ETag "1575858627" X-HW 1615890438.dop207.fr8.t,1615890438.cds228.fr8.shn,1615890438.dop207.fr8.t,1615890438.cds267.fr8.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=1454582 Connection Keep-Alive Accept-Ranges bytes Content-Length 21384
GET H2	200	a1b8e2b0dfc88f053be4b8a1a4c95ffb.29.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/a1/b8/e2/a1b8e2b0dfc88f053be4b8a1a4c95ffb/	13 KB 13 KB	71ms 68ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/a1/b8/e2/a1b8e2b0dfc88f053be4b8a1a4c95ffb/a1b8e2b0dfc88f053be4b8a1a4c95ffb.29.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash 08705e2e1f5800eccef55b0df7c2265c1a9c88358e5213824ee3ae88e7ad5c74 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 16 Mar 2021 10:27:18 GMT x-age-lb 6111125 x-edge-pop losangelesUSCA x-77-cache HIT x-cache HIT x-age 70986 x-77-nzt AcO1rwJpSqbvlT9dAA== content-length 13172 x-cache-lb HIT last-modified Fri, 17 Jan 2020 06:16:52 GMT server CDN77-Turbo x-77-nzt-ray t8CztDpR2TA= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public x-edge-ip 143.244.51.211 accept-ranges bytes expires Mon, 03 May 2021 21:12:07 GMT
GET H2	200	a50c35041379403c4883fd6bb71ec8ef.14.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/a5/0c/35/a50c35041379403c4883fd6bb71ec8ef/	17 KB 18 KB	71ms 68ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/a5/0c/35/a50c35041379403c4883fd6bb71ec8ef/a50c35041379403c4883fd6bb71ec8ef.14.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash 64ba596db3388ba63adf00c81aafa31f6c2a4fae00cd04d475c8b7906a17db45 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 16 Mar 2021 10:27:18 GMT x-age-lb 2686, 5570953 x-edge-pop pragueCZ, amsterdamNL x-cache HIT content-length 17775 x-age 2866568 x-77-nzt AcO1rwLYur//iQFVAA== x-lb-ip 143.244.58.216 x-cache-lb HIT, HIT last-modified Thu, 16 Jul 2020 19:10:26 GMT server CDN77-Turbo x-77-nzt-ray TToH/xXGiz8= x-lb-pop pragueCZ x-77-cache HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public x-edge-ip 185.152.65.5, 185.76.10.13 accept-ranges bytes expires Wed, 07 Apr 2021 17:57:11 GMT
GET H/1.1	200 OK	6b56dfaa5cad1ba29111c30fcbae44d0.11.jpg img-l3.xvideos-cdn.com/videos/thumbs169ll/6b/56/df/6b56dfaa5cad1ba29111c30fcbae44d0/	14 KB 15 KB	35ms 8ms	Image image/jpeg	8.241.10.251 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://img-l3.xvideos-cdn.com/videos/thumbs169ll/6b/56/df/6b56dfaa5cad1ba29111c30fcbae44d0/6b56dfaa5cad1ba29111c30fcbae44d0.11.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 8.241.10.251 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash eb81aa3d5cb51274ac0c4865236b28ea6b5da0910a1d6aba27e97b205f876813 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 29 Dec 2020 17:04:53 GMT Last-Modified Tue, 19 Sep 2017 18:34:31 GMT Server nginx Age 6628945 Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=10368000 Connection keep-alive Accept-Ranges bytes Content-Length 14771 Expires Wed, 28 Apr 2021 17:04:55 GMT
GET H2	200	a83e21d31de33b8d96300c4e6c042a56.16.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/a8/3e/21/a83e21d31de33b8d96300c4e6c042a56/	17 KB 18 KB	71ms 68ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/a8/3e/21/a83e21d31de33b8d96300c4e6c042a56/a83e21d31de33b8d96300c4e6c042a56.16.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash b24767740eb44b195890edd326e70ffc053700b28fa5a6234ac088ff45ec0e3c Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 16 Mar 2021 10:27:18 GMT x-age-lb 195751 x-77-cache HIT x-cache HIT x-age 14155 x-77-nzt AcO1rwJUPfDvp/wCAA== content-length 17818 x-cache-lb HIT last-modified Mon, 08 Mar 2021 20:51:30 GMT server CDN77-Turbo x-77-nzt-ray +ynWE/hfe/M= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public accept-ranges bytes expires Mon, 12 Jul 2021 00:08:52 GMT
GET H2	200	97460b6435e350b271893186de802151.22.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/97/46/0b/97460b6435e350b271893186de802151/	19 KB 19 KB	71ms 68ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/97/46/0b/97460b6435e350b271893186de802151/97460b6435e350b271893186de802151.22.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash 6565a658e262beacfada897397f1e9f2085be66724b35b26e127c189df350b1a Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 16 Mar 2021 10:27:18 GMT x-age-lb 234334 x-77-cache HIT x-cache HIT x-age 77098 x-77-nzt AcO1rwJPe9jvXpMDAA== content-length 19017 x-cache-lb HIT last-modified Fri, 12 Mar 2021 15:49:45 GMT server CDN77-Turbo x-77-nzt-ray ZhRl0qLWi9k= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public accept-ranges bytes expires Sat, 10 Jul 2021 19:56:46 GMT
GET H2	200	8a5b150f7961a09a153a955b1718cc12.7.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/8a/5b/15/8a5b150f7961a09a153a955b1718cc12/	13 KB 14 KB	72ms 68ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/8a/5b/15/8a5b150f7961a09a153a955b1718cc12/8a5b150f7961a09a153a955b1718cc12.7.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash 04c50d28b3c30b0f2fff7481f2b17d285b6e1eef55ea17a1deb8dd44429d4b39 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 16 Mar 2021 10:27:18 GMT x-age-lb 2119770 x-77-cache HIT x-cache HIT x-age 7184 x-77-nzt AcO1rwJsCM/vWlggAA== content-length 13693 x-cache-lb HIT last-modified Fri, 19 Feb 2021 18:24:54 GMT server CDN77-Turbo x-77-nzt-ray gUlm0qeJYsA= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public accept-ranges bytes expires Sat, 19 Jun 2021 19:38:04 GMT
GET H2	200	2cf0e97a5e3287549b2237d50eff650d.10.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/2c/f0/e9/2cf0e97a5e3287549b2237d50eff650d/	10 KB 11 KB	72ms 69ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/2c/f0/e9/2cf0e97a5e3287549b2237d50eff650d/2cf0e97a5e3287549b2237d50eff650d.10.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash 1bd4c8d0caa839057e36856c8c6158b79d94061da757d4eed55647a10463c835 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 16 Mar 2021 10:27:18 GMT x-age-lb 6110638 x-edge-pop losangelesUSCA x-77-cache HIT x-cache HIT x-age 71270 x-77-nzt AcO1rwIC8x7vrj1dAA== content-length 10698 x-cache-lb HIT last-modified Tue, 07 Apr 2020 05:09:33 GMT server CDN77-Turbo x-77-nzt-ray NMw+cCDZKHY= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public x-edge-ip 143.244.51.211 accept-ranges bytes expires Mon, 03 May 2021 21:15:29 GMT
GET H2	404	5502c79ad8b6c28c6ece5b6fc720d851.THUMBNUM.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/55/02/c7/5502c79ad8b6c28c6ece5b6fc720d851/	9 B 308 B	72ms 69ms	Image text/html	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/55/02/c7/5502c79ad8b6c28c6ece5b6fc720d851/5502c79ad8b6c28c6ece5b6fc720d851.THUMBNUM.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-nzt AcO1rwLl1D7vAkkAAA== date Tue, 16 Mar 2021 10:27:18 GMT x-age-lb 18690 server CDN77-Turbo cache-control max-age=10368000, public x-77-nzt-ray pBNT1kRWn6U= x-77-cache HIT content-type text/html; charset=iso-8859-1 access-control-allow-origin * x-cache-lb HIT x-cache HIT x-age 63701 x-77-pop frankfurtDE content-length 9 expires Tue, 13 Jul 2021 11:34:07 GMT
GET H2	200	7ac9d240458cec4de2ece960ecf1b172.3.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/7a/c9/d2/7ac9d240458cec4de2ece960ecf1b172/	14 KB 15 KB	72ms 69ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/7a/c9/d2/7ac9d240458cec4de2ece960ecf1b172/7ac9d240458cec4de2ece960ecf1b172.3.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash 4493cdc6c5f2ceb9ed4083d6b3b7149dd0960d0cc30858321a09c0eb65808efc Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 16 Mar 2021 10:27:18 GMT x-age-lb 1803833 x-77-cache HIT x-cache HIT x-age 32439 x-77-nzt AcO1rwJSP0LvOYYbAA== content-length 14625 x-cache-lb HIT last-modified Tue, 23 Feb 2021 01:20:04 GMT server CDN77-Turbo x-77-nzt-ray 7vznjvXCkKQ= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public accept-ranges bytes expires Wed, 23 Jun 2021 04:22:46 GMT
GET H/1.1	200 OK	37e6139a7c115088f26dd42ff672983f.3.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/37/e6/13/37e6139a7c115088f26dd42ff672983f/	16 KB 17 KB	27ms 9ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/37/e6/13/37e6139a7c115088f26dd42ff672983f/37e6139a7c115088f26dd42ff672983f.3.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash f12653aaef4c2501f07047304a23edb2ac1340e51094fb5ad61aff251e7008da Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 16 Mar 2021 10:27:18 GMT Last-Modified Mon, 06 May 2019 21:08:12 GMT ETag "1557176892" X-HW 1615890438.dop208.fr8.t,1615890438.cds015.fr8.shn,1615890438.dop208.fr8.t,1615890438.cds015.fr8.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=1257049 Connection Keep-Alive Accept-Ranges bytes Content-Length 16568
GET H2	200	Miho-Ichiki.jpg www.gesek.info/img/	3 KB 3 KB	15ms 10ms	Image image/jpeg	2606:4700:e4::ac40:a307 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gesek.info/img/Miho-Ichiki.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a307 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e04c73af6ac1a10fd97e4c0acdd53f51b8f47d457d8cfcc3b171a6bd45acb386 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 3702 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3218 cf-request-id 08dc2c7000000031288eb29000000001 last-modified Tue, 02 Apr 2019 01:24:28 GMT server cloudflare etag "5ca2b9cc-c92" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t%2F%2FzJGLAtY3OEuqTT4kHUj6uFMb%2Fdc96%2F66Up4YCLcxPY7HWAesF1PLizHvJkgCtq0A2zhC9Bbzjme0IeCInVLZt4DiWybUmd9rOmrN0jiw2eMjBSsEI3t1F5g%3D%3D"}]} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 630d49c66a953128-FRA
GET H2	200	Lucie-Wilde.jpg www.gesek.info/img/	9 KB 10 KB	16ms 11ms	Image image/jpeg	2606:4700:e4::ac40:a307 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gesek.info/img/Lucie-Wilde.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a307 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c660de14a74ad5e892dcb2c5853d99f187415092db6e90d652eca6802e073cc Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 3702 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9533 cf-request-id 08dc2c700000003128e195f000000001 last-modified Tue, 02 Apr 2019 01:24:32 GMT server cloudflare etag "5ca2b9d0-253d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jIcqyx8HSeRLRtnbCjDSAjDkjp%2BUGA04qIDYA6Y8GTae6YycTsWSHS7AyxTeLe%2BaIxASDmWi3YuUedpaEj9B78asw6%2FEb9PA3vdi5Lti9Ht3Bvv12mpzBMT2JQ%3D%3D"}]} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 630d49c66a983128-FRA
GET H2	200	Mia-Khalifa.jpg www.gesek.info/img/	5 KB 5 KB	19ms 15ms	Image image/jpeg	2606:4700:e4::ac40:a307 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gesek.info/img/Mia-Khalifa.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a307 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5262428af934434bbe8141f380e7e1506a091905ebbefaa3bcccd68ac5121f0d Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 3702 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4671 cf-request-id 08dc2c7000000031288ab5a000000001 last-modified Tue, 02 Apr 2019 01:24:28 GMT server cloudflare etag "5ca2b9cc-123f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SLYHt5%2BDmSCdCaDu7D%2F9IYJ53P1RNEruOgGrdBULGQL8wFN88sV1t5IsLQcIU2652rogz58Je%2B9pehIOI0Vi5LTeE8vUYsmOgLFoSBdJU8WKqdARAmzXDZGGQg%3D%3D"}]} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 630d49c66a993128-FRA
GET H2	200	Lena-Kendrick.jpg www.gesek.info/img/	5 KB 5 KB	15ms 11ms	Image image/jpeg	2606:4700:e4::ac40:a307 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gesek.info/img/Lena-Kendrick.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a307 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0928abcd4881b565a745d607bfe675f471c5b77e2efc621402f2afa6440bdc61 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 2751 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4955 cf-request-id 08dc2c700100003128c59f4000000001 last-modified Tue, 02 Apr 2019 01:24:32 GMT server cloudflare etag "5ca2b9d0-135b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=03EwJ3chMc808qMZi1ywbxq5Ybjzoee3SCOfxeoWYJDIwFFLlgH15Fw0CoctdAINtVEbRn3gFzjguxTkccl4BvcKcL%2BkcIXBLBG%2B7wuV3e9Hixssn%2F%2BoA%2F4wAw%3D%3D"}]} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 630d49c66a9a3128-FRA
GET H2	200	Julia-Oppai.jpg www.gesek.info/img/	4 KB 5 KB	15ms 11ms	Image image/jpeg	2606:4700:e4::ac40:a307 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gesek.info/img/Julia-Oppai.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a307 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce6272a6dba008ac307dd4dba137449665880ccc681560f7a6aca5e7c5eb4c33 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 3702 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4424 cf-request-id 08dc2c700100003128f90d8000000001 last-modified Tue, 02 Apr 2019 01:24:32 GMT server cloudflare etag "5ca2b9d0-1148" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rmHrPAtgVI9mLfMKDaqbZ3zcoaEhgYb85DhW8T%2BlDvxNVBjsPLEFrcXR%2Fqn%2FQUi%2FthtsUIgfHEtwnbVE6a9yrHfLKnT4dgu0EIchbmx9yJFkdSG6Linxkoh0WQ%3D%3D"}]} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 630d49c66a9d3128-FRA
GET H2	200	Kianna-Dior.jpg www.gesek.info/img/	6 KB 6 KB	25ms 21ms	Image image/jpeg	2606:4700:e4::ac40:a307 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gesek.info/img/Kianna-Dior.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a307 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21f0fd69a0d46af49fae3b2777264345f7a9787aa117467d01c800bfeefe7670 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 2751 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6280 cf-request-id 08dc2c70040000312896124000000001 last-modified Tue, 02 Apr 2019 01:24:28 GMT server cloudflare etag "5ca2b9cc-1888" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g20cEL74xt4rb6o8TvR8VTOymIQjoXP1dQHU1H9eQT6muD0Ax797oFNbmVHhtJyg2%2FTaULVFMIVWXIRYxiQUHM7QE5Hc67E2sqo3UxIrmx5LWJZuQtvYiuhpzA%3D%3D"}]} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 630d49c66a9e3128-FRA
GET H2	200	ads.js Show response ads.exoclick.com/	2 KB 1 KB	63ms 14ms	Script application/javascript	2606:2800:234:4cc4:5670:35d5:1e00:b394 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://ads.exoclick.com/ads.js Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (amb/6B92) / Resource Hash 13df6a9d4802138c474e5e0ae43840b225b4191b556429f9f5d253814e8ea27a Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT content-encoding gzip last-modified Tue, 16 Mar 2021 09:29:12 GMT server ECS (amb/6B92) age 3486 vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=10800 accept-ranges bytes content-length 961 expires Tue, 16 Mar 2021 13:27:18 GMT
GET H2	200	989.png widgets.amung.us/small/09/ Redirect Chain https://whos.amung.us/swidget/wa8t1ix2j6hm https://widgets.amung.us/small/09/989.png	324 B 753 B	35ms 13ms	Image image/png	2606:4700:10::6816:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.amung.us/small/09/989.png Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c9f3f6b34c5ec13b5d19da3d4084b767d8719c1d220f2a5af44bf941d0e9842 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT cf-cache-status HIT age 65638 content-length 324 cf-request-id 08dc2c71c700004ac2a38eb000000001 last-modified Sun, 13 Jun 2010 09:48:30 GMT server cloudflare etag "4c14a96e-144" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=432000 accept-ranges bytes cf-ray 630d49c93c614ac2-FRA expires Tue, 16 Mar 2021 16:13:20 GMT Redirect headers location https://widgets.amung.us/small/09/989.png date Tue, 16 Mar 2021 10:27:18 GMT cache-control no-cache, no-store, must-revalidate content-type text/html; charset=UTF-8
GET		c.php c-stat.eu/	0 0
GET H2	200	email-decode.min.js Show response www.gesek.info/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	16ms 8ms	Script application/javascript	2606:4700:e4::ac40:a307 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.gesek.info/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a307 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT content-encoding gzip x-content-type-options nosniff nel {"max_age":604800,"report_to":"cf-nel"} cf-request-id 08dc2c6fff0000312807bb7000000001 last-modified Thu, 11 Mar 2021 14:31:24 GMT server cloudflare x-frame-options DENY etag W/"604a29bc-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=10gK1nUgTiLSO5SEvp8cH%2BiqiLK%2FSdVt5v4%2BQClcGGFJTahKQuFjHUlb6Zv6o506En5XbPukVaMN1P2zSgSkplMuxlXXrAc3Hw84XQCMoPYQY7aAMEuHVbpZGw%3D%3D"}]} content-type application/javascript cache-control max-age=172800, public cf-ray 630d49c66a923128-FRA expires Thu, 18 Mar 2021 10:27:18 GMT
GET H2	200	pop.js Show response c1.popads.net/	30 KB 9 KB	94ms 27ms	Script application/javascript	2a02:6ea0:c700::4 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Full URL https://c1.popads.net/pop.js Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 425a7a9b9f10f9809288169af01695376da8b90b3e957f4987c4dad263403d49 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-nzt AcO1rzWVhODvkbwNAA== date Tue, 16 Mar 2021 10:27:18 GMT content-encoding br etag W/"6022edb9-77fd" last-modified Tue, 09 Feb 2021 20:16:57 GMT server CDN77-Turbo x-77-nzt-ray kKIsc4g7/hE= x-77-cache HIT content-type application/javascript; charset=UTF-8 access-control-allow-origin * alt-svc quic="195.181.175.53:443"; ma=2592000; v="44,43,39" x-cache HIT x-age 900241 x-77-pop frankfurtDE expires Thu, 18 Mar 2021 00:23:17 GMT
GET H/1.1	200 OK	Cookie set ads-iframe-display.php Show response syndication.exoclick.com/ Frame 449A	46 B 617 B	53ms 23ms	Document text/html	95.211.229.245 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://syndication.exoclick.com/ads-iframe-display.php?idzone=2147665&type=300x50&p=https%3A//www.gesek.info/&dt=1615890438199&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22 Requested by Host: ads.exoclick.com URL: https://ads.exoclick.com/ads.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash f093c69d3c477cc5bf37da4a21c7fe0474186e4db7b456414efaffc646273c01 Request headers Host syndication.exoclick.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.gesek.info/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gesek.info/ Response headers Server nginx Date Tue, 16 Mar 2021 10:27:18 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Expires Mon, 26 Jul 1997 05:00:00 GMT Cache-Control no-cache, must-revalidate Pragma no-cache P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22605088063abbd4.633015702646874731%22%3B%7D; expires=Thu, 16 Mar 2023 10:27:18 GMT; path=; domain=.exoclick.com; Secure; SameSite=none Content-Encoding gzip
GET H/1.1	200 OK	Cookie set adshow.php Show response adserver.juicyads.com/ Frame 3EC9	6 KB 3 KB	1091ms 1048ms	Document text/html	185.94.236.244 MOJHOST-EU
General Check archive.org Show headers Download Go to Full URL https://adserver.juicyads.com/adshow.php?adzone=392830 Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.94.236.244 , Netherlands, ASN42567 (MOJHOST-EU, NL), Reverse DNS Software nginx / PHP/5.6.40 Resource Hash 327f2cede8e439a89fcbb70a8d3ff98cb017b63a9504023d766b836d33461abf Request headers Host adserver.juicyads.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.gesek.info/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gesek.info/ Response headers Server nginx Date Tue, 16 Mar 2021 10:27:19 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close X-Powered-By PHP/5.6.40 P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA" Set-Cookie surferid=112c74d3b38d2ea568f5fa0712f70856; expires=Wed, 16-Mar-2022 10:27:18 GMT; Max-Age=31536000; path=/; domain=.juicyads.com imps33604=1; expires=Wed, 17-Mar-2021 10:27:19 GMT; Max-Age=86400; path=/; domain=.juicyads.com juicy_data_1=YToxOntpOjg1MzMwOTtpOjE2MTYxNDk2Mzg7fQ%3D%3D; expires=Fri, 19-Mar-2021 10:27:18 GMT; Max-Age=259199; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 19-Mar-2021 10:27:18 GMT; Max-Age=259199; domain=juicyads.com Content-Encoding gzip
GET H/1.1	200 OK	Cookie set ads-iframe-display.php Show response syndication.exoclick.com/ Frame 3C88	1 KB 1 KB	82ms 52ms	Document text/html	95.211.229.245 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://syndication.exoclick.com/ads-iframe-display.php?idzone=2142931&type=300x250&p=https%3A//www.gesek.info/&dt=1615890438201&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22 Requested by Host: ads.exoclick.com URL: https://ads.exoclick.com/ads.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash 947dc27f731f6cfb34611c0fc6cbd07af66188a67b373a8b092458365e270f78 Request headers Host syndication.exoclick.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.gesek.info/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gesek.info/ Response headers Server nginx Date Tue, 16 Mar 2021 10:27:18 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Expires Mon, 26 Jul 1997 05:00:00 GMT Cache-Control no-cache, must-revalidate Pragma no-cache P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22605088063bde27.604065883052908088%22%3B%7D; expires=Thu, 16 Mar 2023 10:27:18 GMT; path=; domain=.exoclick.com; Secure; SameSite=none Content-Encoding gzip
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 05 Feb 2021 21:33:27 GMT server Golfe2 age 3533 date Tue, 16 Mar 2021 09:28:25 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18980 expires Tue, 16 Mar 2021 11:28:25 GMT
GET H2	200	show.js Show response cdn.popcash.net/	125 KB 36 KB	36ms 14ms	Script application/javascript	151.139.128.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://cdn.popcash.net/show.js Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software cloudflare / Resource Hash 7a12f358b0d0eb8cd45b81bf39485969c511224ea79e84980294523b1cd72519 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Kl6mHgThrXrypWwIfNJCN3viqGfPCpf%2Bb9eK7k8Ewk35fJKhfI1X%2FPTECkOO2I%2FAl9jIAPowAttidCZ41YbmhJwNwWmnGkSRo%2Bvx%2BQ%3D%3D"}],"max_age":604800} content-length 36332 cf-request-id 08bd4a4b0100002788d11d7000000001 last-modified Wed, 10 Mar 2021 10:25:53 GMT server cloudflare etag W/"60489eb1-1f3c3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-hw 1615890438.cds133.fr8.hn,1615890438.cds010.fr8.c content-type application/javascript access-control-allow-origin * cache-control max-age=2592000, public accept-ranges bytes cf-ray 62dbdff19f562788-PRG
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 388 B	59ms 13ms	XHR text/plain	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1389961548&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gesek.info%2F&ul=en-us&de=UTF-8&dt=Latest%20update%20video%2C%20page%201%20-%20Gesek.info&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1893568265&gjid=2054254000&cid=1579468330.1615890438&tid=UA-101833795-1&_gid=717750487.1615890438&_r=1&_slc=1&z=378545690 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 16 Mar 2021 10:27:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.gesek.info cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	znWaa3gu Show response dcba.popcash.net/	0 118 B	286ms 105ms	XHR text/plain	2600:1f18:510:800:2943:bb87:a771:c207 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://dcba.popcash.net/znWaa3gu Requested by Host: cdn.popcash.net URL: https://cdn.popcash.net/show.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:510:800:2943:bb87:a771:c207 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * pragma no-cache date Tue, 16 Mar 2021 10:27:18 GMT cache-control no-cache, no-store, must-revalidate expires 0
GET H2	200	promo.php Show response bngpt.com/ Frame 3958	127 KB 42 KB	93ms 51ms	Document text/html	94.199.255.192 VIKINGHOST
General Check archive.org Show headers Download Go to Full URL https://bngpt.com/promo.php?c=680190&subid=oodbdHPTdHXTHNZM7bc7p5qZ7qJnUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnT3VSzVWOnuqlmqudK6V07p3SuldM6V0rpnOstrltntz2pu2l1ormol4o1sm3o0o4u2mdK7ncu_sfYOAumrllVNPLK50rpXSutudK6VwfY&subid2=2142931&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 Requested by Host: syndication.exoclick.com URL: https://syndication.exoclick.com/ads-iframe-display.php?idzone=2142931&type=300x250&p=https%3A//www.gesek.info/&dt=1615890438201&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.199.255.192 , Netherlands, ASN48684 (VIKINGHOST, NL), Reverse DNS Software nginx / Resource Hash ffe599b47c859691d4cdc8c72c9d44b8fd14ddcb7b5d103d058afe8f7d6ff53c Security Headers Name Value Strict-Transport-Security max-age=0; Request headers :method GET :authority bngpt.com :scheme https :path /promo.php?c=680190&subid=oodbdHPTdHXTHNZM7bc7p5qZ7qJnUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnT3VSzVWOnuqlmqudK6V07p3SuldM6V0rpnOstrltntz2pu2l1ormol4o1sm3o0o4u2mdK7ncu_sfYOAumrllVNPLK50rpXSutudK6VwfY&subid2=2142931&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://syndication.exoclick.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://syndication.exoclick.com/ Response headers server nginx date Tue, 16 Mar 2021 10:27:18 GMT content-type text/html; charset=UTF-8 access-control-allow-origin expires Tue, 16 Mar 2021 10:27:17 GMT cache-control no-cache public x-bcs ded7724 strict-transport-security max-age=0; content-encoding gzip x-bc-bl 105
GET H2	200	jquery.tools.min.js Show response i.bongacash.com/dynamic_banner/ Frame 3958	135 KB 46 KB	64ms 20ms	Script application/x-javascript	66.254.122.114 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://i.bongacash.com/dynamic_banner/jquery.tools.min.js Requested by Host: bngpt.com URL: https://bngpt.com/promo.php?c=680190&subid=oodbdHPTdHXTHNZM7bc7p5qZ7qJnUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnT3VSzVWOnuqlmqudK6V07p3SuldM6V0rpnOstrltntz2pu2l1ormol4o1sm3o0o4u2mdK7ncu_sfYOAumrllVNPLK50rpXSutudK6VwfY&subid2=2142931&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.254.122.114 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197 Request headers Referer https://bngpt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT content-encoding gzip last-modified Tue, 18 Jun 2019 13:44:19 GMT x-cdn-diag-r fra1-11024-4-23978-h-0-0--- x-shm-miss true vary Accept-Encoding content-type application/x-javascript cache-control max-age=2592000 x-cdn-diag fra1-11058-4-39916-h-0-0---;110245-14-2212----0-0-1 expires Sat, 14 Nov 2020 07:18:40 GMT
GET H2	200	logo2_default.png i.bongacash.com/dynamic_banner/images/ Frame 3958	4 KB 4 KB	78ms 44ms	Image image/png	66.254.122.114 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://i.bongacash.com/dynamic_banner/images/logo2_default.png Requested by Host: bngpt.com URL: https://bngpt.com/promo.php?c=680190&subid=oodbdHPTdHXTHNZM7bc7p5qZ7qJnUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnT3VSzVWOnuqlmqudK6V07p3SuldM6V0rpnOstrltntz2pu2l1ormol4o1sm3o0o4u2mdK7ncu_sfYOAumrllVNPLK50rpXSutudK6VwfY&subid2=2142931&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.254.122.114 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash ea5bb79665ee9cab463d102ec757ae3028aab2c32267326aeb6c1a8aa978cc4f Request headers Referer https://bngpt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT last-modified Tue, 18 Jun 2019 13:44:19 GMT content-type image/png cache-control max-age=2592000 x-cdn-diag fra1-11059-1-16262-h-0-0---;110245-14-2212----0-1-0 accept-ranges bytes content-length 3813 expires Wed, 27 Jan 2021 08:42:04 GMT
GET H2	200	video_back.gif i.bongacash.com/dynamic_banner/images/ Frame 3958	44 B 268 B	20ms 20ms	Image image/gif	66.254.122.114 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://i.bongacash.com/dynamic_banner/images/video_back.gif Requested by Host: bngpt.com URL: https://bngpt.com/promo.php?c=680190&subid=oodbdHPTdHXTHNZM7bc7p5qZ7qJnUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnT3VSzVWOnuqlmqudK6V07p3SuldM6V0rpnOstrltntz2pu2l1ormol4o1sm3o0o4u2mdK7ncu_sfYOAumrllVNPLK50rpXSutudK6VwfY&subid2=2142931&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.254.122.114 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 45ec8d91945614154aa6d7310bcfc5f00ea6d89647f51d8be503c988a3a91f13 Request headers Referer https://bngpt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT last-modified Tue, 18 Jun 2019 13:44:19 GMT content-type image/gif cache-control max-age=2592000 x-cdn-diag fra1-11023-6-22656-h-0-0---;110245-15-2212----0-1-0 accept-ranges bytes content-length 44 expires Sat, 14 Nov 2020 07:18:40 GMT
GET H2	200	russian.png i.bongacash.com/dynamic_banner/images/lang/ Frame 3958	287 B 512 B	23ms 23ms	Image image/png	66.254.122.114 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://i.bongacash.com/dynamic_banner/images/lang/russian.png Requested by Host: bngpt.com URL: https://bngpt.com/promo.php?c=680190&subid=oodbdHPTdHXTHNZM7bc7p5qZ7qJnUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnT3VSzVWOnuqlmqudK6V07p3SuldM6V0rpnOstrltntz2pu2l1ormol4o1sm3o0o4u2mdK7ncu_sfYOAumrllVNPLK50rpXSutudK6VwfY&subid2=2142931&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.254.122.114 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 4bfa891ddc3786bc6ad204bb6e25cfa3f70d4e2a2bd9a47d5d1354d1d13ea492 Request headers Referer https://bngpt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT last-modified Tue, 18 Jun 2019 13:44:19 GMT content-type image/png cache-control max-age=2592000 x-cdn-diag fra1-11051-3-42551-h-0-0---;110245-15-2212----0-3-0 accept-ranges bytes content-length 287 expires Sat, 14 Nov 2020 07:18:42 GMT
GET H2	200	english.png i.bongacash.com/dynamic_banner/images/lang/ Frame 3958	542 B 767 B	20ms 20ms	Image image/png	66.254.122.114 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://i.bongacash.com/dynamic_banner/images/lang/english.png Requested by Host: bngpt.com URL: https://bngpt.com/promo.php?c=680190&subid=oodbdHPTdHXTHNZM7bc7p5qZ7qJnUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnT3VSzVWOnuqlmqudK6V07p3SuldM6V0rpnOstrltntz2pu2l1ormol4o1sm3o0o4u2mdK7ncu_sfYOAumrllVNPLK50rpXSutudK6VwfY&subid2=2142931&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.254.122.114 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52 Request headers Referer https://bngpt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT last-modified Tue, 18 Jun 2019 13:44:19 GMT content-type image/png cache-control max-age=2592000 x-cdn-diag fra1-11023-7-22760-h-0-0---;110245-15-2212----0-0-1 accept-ranges bytes content-length 542 expires Sat, 14 Nov 2020 07:18:41 GMT
GET H2	200	/ Show response c.adsco.re/	35 KB 12 KB	39ms 22ms	Script text/html	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: c1.popads.net URL: https://c1.popads.net/pop.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT content-encoding br cf-cache-status HIT server cloudflare age 1519521 etag W/"49M/vRKXL5pROhm5uOGH7A==" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch cache-control public, max-age=2678400 cf-ray 630d49c8188d4ecd-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08dc2c711300004ecd76bfa000000001 expires Fri, 16 Apr 2021 10:27:18 GMT
GET H2	200	/ 6.adsco.re/	0 130 B	34ms 13ms	Other text/plain	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Origin https://www.gesek.info Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT content-encoding br server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin https://www.gesek.info access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 630d49c86db64e43-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08dc2c713f00004e439a2e0000000001
GET H/1.1	200 OK	/ 4.adsco.re/	0 461 B	74ms 23ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Origin https://www.gesek.info Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 16 Mar 2021 10:27:18 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://www.gesek.info Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
POST H/1.1	200 OK	p Show response adsco.re/	0 416 B	72ms 23ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 16 Mar 2021 10:27:18 GMT Content-Encoding gzip Content-Type text/html; charset=UTF-8 AS-P-4 OK Transfer-Encoding chunked AS-P-1 OK Access-Control-Allow-Origin https://www.gesek.info Access-Control-Max-Age 2592000 Cache-Control no-transform Access-Control-Allow-Credentials true Connection keep-alive AS-E ND AS-P-2 OK AS-P-3 OK
GET H/1.1	200 OK	/ Show response 4.adsco.re/	46 B 461 B	64ms 23ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 7bce36180c66e68d9b9c5140aa9f582a6b4af212c5ef777db0e7cfaf5c965ca3 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 16 Mar 2021 10:27:18 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://www.gesek.info Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H2	200	/ Show response 6.adsco.re/	53 B 472 B	26ms 11ms	XHR text/plain	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 131a638276d530de6eeac45664891bd4eb4721381b348168011eb86e38f8eff3 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT content-encoding br server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin https://www.gesek.info access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 630d49c86db44e43-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08dc2c713f00004e4352882000000001
POST H/1.1	200 OK	/ yt4kw2wdnszb.l4.adsco.re/	0 464 B	72ms 18ms	Other text/html	185.200.118.90 M247
General Check archive.org Show headers Download Go to Full URL https://yt4kw2wdnszb.l4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB), Reverse DNS adscore.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 16 Mar 2021 10:27:18 GMT Last-Modified Tue, 31 Jul 2018 22:16:15 GMT ETag "5b60dfaf-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
POST H/1.1	200 OK	/ yt4kw2wdnszb.n4.adsco.re/	0 464 B	345ms 86ms	Other text/html	38.132.109.186 M247
General Check archive.org Show headers Download Go to Full URL https://yt4kw2wdnszb.n4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 38.132.109.186 New York, United States, ASN9009 (M247, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 16 Mar 2021 10:27:18 GMT Last-Modified Mon, 30 Jul 2018 15:32:42 GMT ETag "5b5f2f9a-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
POST H/1.1	200 OK	/ yt4kw2wdnszb.s4.adsco.re/	0 464 B	1489ms 269ms	Other text/html	185.200.116.90 M247
General Check archive.org Show headers Download Go to Full URL https://yt4kw2wdnszb.s4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.200.116.90 , Romania, ASN9009 (M247, GB), Reverse DNS no-mans-land.m247.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 16 Mar 2021 10:27:19 GMT Last-Modified Mon, 30 Jul 2018 15:38:01 GMT ETag "5b5f30d9-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
GET H2	200	/ Show response c.adsco.re/ Frame 1B2C	35 KB 12 KB	18ms 16ms	Document text/html	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b Request headers :method GET :authority c.adsco.re :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gesek.info/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gesek.info/ Response headers date Tue, 16 Mar 2021 10:27:18 GMT content-type text/html cache-control public, max-age=2678400 link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch expires Fri, 16 Apr 2021 10:27:18 GMT etag W/"49M/vRKXL5pROhm5uOGH7A==" cf-cache-status HIT age 1519521 cf-request-id 08dc2c713900004ecd76bfd000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare cf-ray 630d49c858e54ecd-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	/ 6.adsco.re/ Frame 1B2C	0 144 B	14ms 13ms	Other text/plain	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Origin https://c.adsco.re Referer https://c.adsco.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT content-encoding br server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin https://c.adsco.re access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 630d49c91ebe4e43-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08dc2c71b000004e435288a000000001
GET H/1.1	200 OK	/ 4.adsco.re/ Frame 1B2C	0 457 B	25ms 24ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Origin https://c.adsco.re Referer https://c.adsco.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 16 Mar 2021 10:27:18 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://c.adsco.re Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H2	200	/ Show response c.adsco.re/ Frame 1B2C	35 KB 12 KB	15ms 14ms	XHR text/html	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b Request headers Referer https://c.adsco.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:18 GMT content-encoding br cf-cache-status HIT server cloudflare age 1519521 etag W/"49M/vRKXL5pROhm5uOGH7A==" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch cache-control public, max-age=2678400 cf-ray 630d49c95ab34ecd-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08dc2c71d900004ecd913fa000000001 expires Fri, 16 Apr 2021 10:27:18 GMT
GET H2	200	a46a10c19f657f8862aa5c46155303d7_thumb_medium.jpg i.bimbolive.com/029/2f4/385/ Frame 3958	12 KB 12 KB	30ms 14ms	Image image/jpeg	2606:4700::6810:7544 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.bimbolive.com/029/2f4/385/a46a10c19f657f8862aa5c46155303d7_thumb_medium.jpg Requested by Host: bngpt.com URL: https://bngpt.com/promo.php?c=680190&subid=oodbdHPTdHXTHNZM7bc7p5qZ7qJnUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnT3VSzVWOnuqlmqudK6V07p3SuldM6V0rpnOstrltntz2pu2l1ormol4o1sm3o0o4u2mdK7ncu_sfYOAumrllVNPLK50rpXSutudK6VwfY&subid2=2142931&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7544 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb5046d202073c0d76c7a91a02579749cc8b5ff6ec3b23c2dcb84a20e861567f Request headers Referer https://bngpt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-bc-o 1 date Tue, 16 Mar 2021 10:27:18 GMT cf-cache-status HIT age 2513353 x-o1-p2 EXPIRED content-length 11852 cf-request-id 08dc2c71ef0000dfa97f387000000001 last-modified Thu, 07 Nov 2019 01:59:40 GMT server cloudflare etag "5dc37a8c-2e4c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * expires Wed, 17 Mar 2021 08:18:04 GMT cache-control max-age=2592000 accept-ranges bytes cf-ray 630d49c97973dfa9-FRA cf-bgj h2pri
GET H2	206	stream_-SashaSexy-.webm db.bngpt.com/ Frame 3958	111 KB 111 KB	65ms 21ms	Media video/webm	66.254.122.102 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://db.bngpt.com/stream_-SashaSexy-.webm Requested by Host: bngpt.com URL: https://bngpt.com/promo.php?c=680190&subid=oodbdHPTdHXTHNZM7bc7p5qZ7qJnUzUVy1VVOldRLKqeqV1U0rqZnTupldK6V0rrKZnT3VSzVWOnuqlmqudK6V07p3SuldM6V0rpnOstrltntz2pu2l1ormol4o1sm3o0o4u2mdK7ncu_sfYOAumrllVNPLK50rpXSutudK6VwfY&subid2=2142931&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.254.122.102 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash eceff49c643a2d6f475188f85ec34a0bbb4f2ea20a32ba95f8738f130a01b734 Request headers Referer https://bngpt.com/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers date Tue, 16 Mar 2021 10:27:18 GMT last-modified Fri, 12 Mar 2021 10:11:07 GMT etag "604b3e3b-1bb3a" content-type video/webm Content-Range bytes 0-113465/113466 cache-control max-age=43200 x-cdn-diag fra1-11037-1-1730-h-0-0---;110142-14-15889----0-0-1 Content-Length 113466 expires Sat, 13 Mar 2021 05:19:40 GMT
GET		/ 6.adsco.re/ Frame 1B2C	0 0
GET		/ 4.adsco.re/ Frame 1B2C	0 0
GET DATA	200 OK	truncated / Frame 3958	21 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8b336e72ade9127a8f50308df1bc4f5cd3a89482832cd0768802b4e63bf1b25e Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	a46a10c19f657f8862aa5c46155303d7_thumb_medium.jpg i.bimbolive.com/029/2f4/385/ Frame 3958	12 KB 12 KB	11ms 11ms	Image image/jpeg	2606:4700::6810:7544 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.bimbolive.com/029/2f4/385/a46a10c19f657f8862aa5c46155303d7_thumb_medium.jpg Requested by Host: www.gesek.info URL: https://www.gesek.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7544 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb5046d202073c0d76c7a91a02579749cc8b5ff6ec3b23c2dcb84a20e861567f Request headers Referer https://bngpt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-bc-o 1 date Tue, 16 Mar 2021 10:27:18 GMT cf-cache-status HIT age 2513353 x-o1-p2 EXPIRED content-length 11852 cf-request-id 08dc2c72590000dfa93fb49000000001 last-modified Thu, 07 Nov 2019 01:59:40 GMT server cloudflare etag "5dc37a8c-2e4c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * expires Wed, 17 Mar 2021 08:18:04 GMT cache-control max-age=2592000 accept-ranges bytes cf-ray 630d49ca29fddfa9-FRA cf-bgj h2pri
POST H/1.1	200 OK	p Show response adsco.re/	360 B 855 B	42ms 42ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 4e871b72d73405aca0b05c6805f5501cf83ab0515c15b3d19e02ef7d18318e74 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers AS-P-G OK Date Tue, 16 Mar 2021 10:27:18 GMT AS-P-7 OK AS-P-9 OK AS-P-C OK Transfer-Encoding chunked AS-P-5 OK AS-P-F OK Connection keep-alive Content-Encoding gzip AS-P-2 OK AS-P-D OK AS-P-6 OK AS-P-B OK AS-P-H OK AS-P-4 OK AS-P-A OK Access-Control-Max-Age 2592000 AS-P-1 OK Access-Control-Allow-Origin https://www.gesek.info Cache-Control no-transform Access-Control-Allow-Credentials true AS-P-8 OK Content-Type text/html; charset=UTF-8 AS-P-E OK AS-P-3 OK
GET H2	200	33261-1578037628-0545974001578037628.png ads.juicyads.me/network/user500/ Frame 3EC9	1 KB 2 KB	30ms 9ms	Image image/png	69.16.175.42 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://ads.juicyads.me/network/user500/33261-1578037628-0545974001578037628.png Requested by Host: adserver.juicyads.com URL: https://adserver.juicyads.com/adshow.php?adzone=392830 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS hwcdn.net Software / Resource Hash 4078d7259172477ff76f7e5efbee0e350c7a175630152029c5e3f82d207fdb76 Request headers Referer https://adserver.juicyads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:19 GMT last-modified Fri, 03 Jan 2020 07:47:08 GMT etag "1578037628" x-hw 1615890439.dop208.fr8.t,1615890439.cds258.fr8.hn,1615890439.cds052.fr8.c content-type image/png cache-control max-age=8262887 accept-ranges bytes content-length 1405
GET H2	200	45-1436715563.gif ads.juicyads.me/network/user1037/ Frame 3EC9	9 KB 9 KB	33ms 12ms	Image image/gif	69.16.175.42 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://ads.juicyads.me/network/user1037/45-1436715563.gif Requested by Host: adserver.juicyads.com URL: https://adserver.juicyads.com/adshow.php?adzone=392830 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS hwcdn.net Software / Resource Hash b36c8c0198ffa7b198b2424c701666b8532cfb400daaa641c1ba986e16b7636d Request headers Referer https://adserver.juicyads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:19 GMT last-modified Wed, 02 Mar 2016 18:37:33 GMT etag "1456943853" x-hw 1615890439.dop208.fr8.t,1615890439.cds258.fr8.hn,1615890439.cds166.fr8.c content-type image/gif cache-control max-age=8262826 accept-ranges bytes content-length 9121
GET H2	200	1x1.gif ads.juicyads.me/ Frame 3EC9	43 B 183 B	33ms 12ms	Image image/gif	69.16.175.42 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://ads.juicyads.me/1x1.gif Requested by Host: adserver.juicyads.com URL: https://adserver.juicyads.com/adshow.php?adzone=392830 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS hwcdn.net Software / Resource Hash 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db Request headers Referer https://adserver.juicyads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:19 GMT last-modified Thu, 03 Mar 2016 18:47:18 GMT etag "1457030838" x-hw 1615890439.dop208.fr8.t,1615890439.cds258.fr8.hn,1615890439.cds257.fr8.c content-type image/gif cache-control max-age=8262825 accept-ranges bytes content-length 43
GET H/1.1	200 OK	c Show response serve.popads.net/	44 B 245 B	178ms 126ms	Script text/javascript	216.21.13.10 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://serve.popads.net/c?_=BAoAYFCIBgFgUIgGgAGBAsAAIIHGj3gxsEapVnTmYCzqeV3cR2MU2K3IPp3nBFDtJbGowQBGMEQCIHxcJf9axNNZJGICAvE9k3Z0AyNvUoWvQmIBD4bv3w6-AiAVgtnlv2UE9AWdWGHt_uESFUfiln5MygQjq7oTK6CpmMIAID0CNrA75tFmOY_CrzIjfGxRcqlV7hMPFHZkH-sjcBJnxAAQKgEE-AEhExoAAAAAAAAAAsUAEFgpziLESUIwK-w09EUZSS7DAEYwRAIgWVF4P1_YtOwchnxAVQ_F-It5aM-4oYOCsbWv3qgaJBUCIDm4mVfPegn6BqbjZG0E8khYCnSQgdrrenGlg76dYZ7y&v=4&siteId=698135&minBid=&popundersPerIP=3,0&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200,0 Requested by Host: c1.popads.net URL: https://c1.popads.net/pop.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 216.21.13.10 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5 Request headers Referer https://www.gesek.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 16 Mar 2021 10:27:19 GMT PopAds-EC ASB ASF 9 Connection Keep-Alive Content-Length 44 Content-Type text/javascript;charset=UTF-8
GET H2	200	russian.png i.bongacash.com/dynamic_banner/images/lang/ Frame 3958	287 B 512 B	21ms 20ms	Image image/png	66.254.122.114 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://i.bongacash.com/dynamic_banner/images/lang/russian.png Requested by Host: i.bongacash.com URL: https://i.bongacash.com/dynamic_banner/jquery.tools.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.254.122.114 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 4bfa891ddc3786bc6ad204bb6e25cfa3f70d4e2a2bd9a47d5d1354d1d13ea492 Request headers Referer https://bngpt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:35 GMT last-modified Tue, 18 Jun 2019 13:44:19 GMT content-type image/png cache-control max-age=2592000 x-cdn-diag fra1-11051-3-42551-h-0-0---;110245-15-2212----0-0-1 accept-ranges bytes content-length 287 expires Sat, 14 Nov 2020 07:18:42 GMT
GET H2	200	english.png i.bongacash.com/dynamic_banner/images/lang/ Frame 3958	542 B 767 B	21ms 21ms	Image image/png	66.254.122.114 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://i.bongacash.com/dynamic_banner/images/lang/english.png Requested by Host: i.bongacash.com URL: https://i.bongacash.com/dynamic_banner/jquery.tools.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.254.122.114 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52 Request headers Referer https://bngpt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 10:27:35 GMT last-modified Tue, 18 Jun 2019 13:44:19 GMT content-type image/png cache-control max-age=2592000 x-cdn-diag fra1-11023-7-22760-h-0-0---;110245-15-2212----0-0-0 accept-ranges bytes content-length 542 expires Sat, 14 Nov 2020 07:18:41 GMT
GET H2	200	a46a10c19f657f8862aa5c46155303d7_thumb_medium.jpg i.bimbolive.com/029/2f4/385/ Frame 3958	12 KB 12 KB	11ms 11ms	Image image/jpeg	2606:4700::6810:7544 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.bimbolive.com/029/2f4/385/a46a10c19f657f8862aa5c46155303d7_thumb_medium.jpg Requested by Host: i.bongacash.com URL: https://i.bongacash.com/dynamic_banner/jquery.tools.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7544 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb5046d202073c0d76c7a91a02579749cc8b5ff6ec3b23c2dcb84a20e861567f Request headers Referer https://bngpt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-bc-o 1 date Tue, 16 Mar 2021 10:27:35 GMT cf-cache-status HIT age 2513370 x-o1-p2 EXPIRED content-length 11852 cf-request-id 08dc2cb4450000dfa972a36000000001 last-modified Thu, 07 Nov 2019 01:59:40 GMT server cloudflare etag "5dc37a8c-2e4c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * expires Wed, 17 Mar 2021 08:18:04 GMT cache-control max-age=2592000 accept-ranges bytes cf-ray 630d4a33af0ddfa9-FRA cf-bgj h2pri

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

c-stat.eu

URL

https://c-stat.eu/c.php?u=64018

Domain

6.adsco.re

URL

https://6.adsco.re/

Domain

4.adsco.re

URL

https://4.adsco.re/