gesek.net Open in urlscan Pro
2606:4700:3030::ac43:ae32  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

• http://c-stat.eu/c.php?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999 HTTP 301
• http://www5.c-stat.eu/?u=71999

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response gesek.net/	26 KB 8 KB	2948ms 2936ms	Document text/html	2606:4700:3030::ac43:ae32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://gesek.net/ Protocol HTTP/1.1 Server 2606:4700:3030::ac43:ae32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.45 Resource Hash de2e486c4cd0b4e427e94ad3557748114b1c2cb09cb08e29547a05a15c5068e2 Request headers Host gesek.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:07 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=ded171c35336d5461924e062bd00a177b1614071224; expires=Thu, 25-Mar-21 09:07:04 GMT; path=/; domain=.gesek.net; HttpOnly; SameSite=Lax X-Powered-By PHP/5.4.45 CF-Cache-Status DYNAMIC cf-request-id 086fbd71a200004e1afc128000000001 Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MtHFJevvpcqIRaj4QTHE%2FjxMNjocf2TjB45SCXRODEFBSGRg42Ts1MSUzoLTi1MOeRNmynjlIVgRMvBpBql3z0gWz1MRCtf1Zt8GtIsD6lA7UaIlLsM%3D"}],"max_age":604800} NEL {"max_age":604800,"report_to":"cf-nel"} Server cloudflare CF-RAY 625fcb629dce4e1a-FRA Content-Encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	gesek.net.png gesek.net/	9 KB 10 KB	12ms 12ms	Image image/png	2606:4700:3030::ac43:ae32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://gesek.net/gesek.net.png Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Server 2606:4700:3030::ac43:ae32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 374eab5f21281f88f606ec62c19169329c441eb222f2df81a846d4039d93c0b0 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:07 GMT CF-Cache-Status HIT NEL {"max_age":604800,"report_to":"cf-nel"} Age 4508 Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 9609 cf-request-id 086fbd7d2200004e1af91c3000000001 Last-Modified Wed, 05 Jun 2019 20:59:48 GMT Server cloudflare ETag "5cf82d44-2589" Vary Accept-Encoding Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HEK%2F8kWpdU0rsF24PmMwF3WNo9pIq%2BQhfdJPz0eawoye0vNz9nk4hpa2O8URji3mCye8kfGGhGDKyQlHVsvNb60Po4QDryydZNjGS3J1%2BhMnADWgnPY%3D"}],"max_age":604800} Content-Type image/png Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 625fcb750e6e4e1a-FRA
GET H/1.1	200 OK	c8a0bc419ef4081668e6a06995032ae7.30.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/c8/a0/bc/c8a0bc419ef4081668e6a06995032ae7/	12 KB 12 KB	383ms 58ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/c8/a0/bc/c8a0bc419ef4081668e6a06995032ae7/c8a0bc419ef4081668e6a06995032ae7.30.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash 50b1a50ef03967f9c0d483edec1a43486666c1696a102558ffa93f9b42a0c2e0 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:08 GMT Last-Modified Thu, 04 Feb 2021 19:13:52 GMT ETag "1612466032" X-HW 1614071227.dop088.lo4.t,1614071227.cds005.lo4.shn,1614071228.dop088.lo4.t,1614071228.cds234.lo4.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=7776000 Connection Keep-Alive Accept-Ranges bytes Content-Length 12233
GET H2	200	06836e1ad4bc8b5ef800d519342398d6.7.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/06/83/6e/06836e1ad4bc8b5ef800d519342398d6/	16 KB 16 KB	235ms 114ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/06/83/6e/06836e1ad4bc8b5ef800d519342398d6/06836e1ad4bc8b5ef800d519342398d6.7.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash bff389d1b6e72daef91b3df3e3c02ac418dd6410a61302b3b2d6cc7006ebb052 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 23 Feb 2021 09:07:07 GMT x-age-lb 2706271, 4360067 x-edge-pop pragueCZ x-77-cache HIT content-length 15954 x-77-nzt AcO1rwKtV3Tvg4dCAA== x-lb-ip 143.244.58.200, 156.146.33.39, 195.181.175.39 x-cache-lb HIT, MISS, MISS, HIT last-modified Fri, 21 Jun 2019 10:29:06 GMT server CDN77-Turbo x-77-nzt-ray 7XSHIF99Q6Q= x-lb-pop pragueCZ, frankfurtDE, frankfurtDE content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public x-edge-ip 185.152.65.60 accept-ranges bytes expires Fri, 02 Apr 2021 14:14:49 GMT
GET H/1.1	200 OK	eafa18b24cb5ba16317c78b4c61a2283.30.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/ea/fa/18/eafa18b24cb5ba16317c78b4c61a2283/	22 KB 22 KB	417ms 54ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/ea/fa/18/eafa18b24cb5ba16317c78b4c61a2283/eafa18b24cb5ba16317c78b4c61a2283.30.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash 84584514058ee72e1fa389e733e8051bc3551d8f5a0e48ac29f6872c126d6d56 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:08 GMT Last-Modified Mon, 14 Dec 2020 21:57:53 GMT ETag "1607983073" X-HW 1614071227.dop236.lo4.t,1614071228.cds082.lo4.shn,1614071228.dop236.lo4.t,1614071228.cds031.lo4.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=4281265 Connection Keep-Alive Accept-Ranges bytes Content-Length 22411
GET H/1.1	200 OK	2ac6c8ad2dbda82e8ed0ff32446f4c1e.25.jpg img-l3.xvideos-cdn.com/videos/thumbs169ll/2a/c6/c8/2ac6c8ad2dbda82e8ed0ff32446f4c1e/	17 KB 18 KB	117ms 84ms	Image image/jpeg	8.252.23.243
General Check archive.org Show headers Download Go to Show image Full URL http://img-l3.xvideos-cdn.com/videos/thumbs169ll/2a/c6/c8/2ac6c8ad2dbda82e8ed0ff32446f4c1e/2ac6c8ad2dbda82e8ed0ff32446f4c1e.25.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Server 8.252.23.243 , United States, ASN (), Reverse DNS Software nginx / Resource Hash 87feea7d99d5235f6bdab2ec00b654909c4e073a12bd2a41c47cec3fbdf1455e Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 22 Jan 2021 09:16:58 GMT Last-Modified Fri, 22 Jan 2021 06:38:04 GMT Server nginx Age 2764209 Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=10368000 Connection keep-alive Accept-Ranges bytes Content-Length 17723 Expires Sat, 22 May 2021 09:16:58 GMT
GET H2	200	09c5e3f8ea02615442174aa50e1da110.5.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/09/c5/e3/09c5e3f8ea02615442174aa50e1da110/	12 KB 12 KB	241ms 121ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/09/c5/e3/09c5e3f8ea02615442174aa50e1da110/09c5e3f8ea02615442174aa50e1da110.5.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash a76e75e27e55f4fee2ebeb588a0564a8874c93544d878ca551d145adb60372e9 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 23 Feb 2021 09:07:07 GMT x-age-lb 170954 x-77-cache HIT x-cache HIT x-age 4689832 x-77-nzt AcO1rwImLBrvypsCAA== content-length 11988 x-cache-lb HIT last-modified Sat, 26 Sep 2020 23:33:55 GMT server CDN77-Turbo x-77-nzt-ray hf2yrsnBOmY= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public accept-ranges bytes expires Wed, 28 Apr 2021 02:54:01 GMT
GET H/1.1	200 OK	1865a8a0f457106fd2a747795cc9f830.5.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/18/65/a8/1865a8a0f457106fd2a747795cc9f830/	9 KB 10 KB	434ms 67ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/18/65/a8/1865a8a0f457106fd2a747795cc9f830/1865a8a0f457106fd2a747795cc9f830.5.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash 2f0fb6ff0cd4b054cb8711081cf609f75ee8babf8771396369f0057a3967a274 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:08 GMT Last-Modified Sat, 20 Feb 2021 08:18:56 GMT ETag "1613809136" X-HW 1614071227.dop090.lo4.t,1614071227.cds074.lo4.shn,1614071228.dop090.lo4.t,1614071228.cds211.lo4.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=7776000 Connection Keep-Alive Accept-Ranges bytes Content-Length 9483
GET H/1.1	200 OK	7909d95103b448f0a9fac2d2e4fcbb4b.24.jpg img-l3.xvideos-cdn.com/videos/thumbs169ll/79/09/d9/7909d95103b448f0a9fac2d2e4fcbb4b/	12 KB 12 KB	117ms 84ms	Image image/jpeg	8.252.23.243
General Check archive.org Show headers Download Go to Show image Full URL http://img-l3.xvideos-cdn.com/videos/thumbs169ll/79/09/d9/7909d95103b448f0a9fac2d2e4fcbb4b/7909d95103b448f0a9fac2d2e4fcbb4b.24.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Server 8.252.23.243 , United States, ASN (), Reverse DNS Software nginx / Resource Hash 7414ba535eeaa2b3f8b74f4dbca63bdde9862c4d08b98bdb1cf2fb1ba1dadce9 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 21 Feb 2021 04:50:54 GMT Last-Modified Sun, 21 Feb 2021 00:54:51 GMT Server nginx Age 188173 Content-Type image/jpeg access-control-allow-origin * Cache-Control public, max-age=10368000 Connection keep-alive Accept-Ranges bytes Content-Length 12054 Expires Mon, 21 Jun 2021 04:50:54 GMT
GET H/1.1	200 OK	47a69bba668bb4da8a7d302289f956cb.30.jpg img-l3.xvideos-cdn.com/videos/thumbs169ll/47/a6/9b/47a69bba668bb4da8a7d302289f956cb/	16 KB 17 KB	109ms 84ms	Image image/jpeg	8.252.23.243
General Check archive.org Show headers Download Go to Show image Full URL http://img-l3.xvideos-cdn.com/videos/thumbs169ll/47/a6/9b/47a69bba668bb4da8a7d302289f956cb/47a69bba668bb4da8a7d302289f956cb.30.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Server 8.252.23.243 , United States, ASN (), Reverse DNS Software nginx / Resource Hash f13afa4e13091ee4be5da8717acb435945499c16a14d3c95424e942358042437 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 13 Dec 2020 21:24:30 GMT Last-Modified Fri, 06 Nov 2020 16:44:16 GMT Server nginx Age 6176557 Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=10368000 Connection keep-alive Accept-Ranges bytes Content-Length 16733 Expires Mon, 19 Apr 2021 19:44:20 GMT
GET H2	200	33459c128ef15b7bb76efaaf8e64c63f.12.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/33/45/9c/33459c128ef15b7bb76efaaf8e64c63f/	16 KB 16 KB	227ms 114ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/33/45/9c/33459c128ef15b7bb76efaaf8e64c63f/33459c128ef15b7bb76efaaf8e64c63f.12.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash f4df0cb593789352160376008381d588811cc1da96cf1c03250b1dedb737adac Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 23 Feb 2021 09:07:07 GMT x-age-lb 1500368 x-edge-pop losangelesUSCA x-77-cache HIT x-cache HIT x-age 35075 x-77-nzt AcO1rwIQY5jv0OQWAA== content-length 16487 x-cache-lb HIT last-modified Wed, 20 Jan 2021 01:00:35 GMT server CDN77-Turbo x-77-nzt-ray Jty2fW08RBg= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public x-edge-ip 143.244.51.211 accept-ranges bytes expires Sat, 05 Jun 2021 14:36:24 GMT
GET H2	200	e6a7dd61cc90115644b901ca8cd5cf15.25.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/e6/a7/dd/e6a7dd61cc90115644b901ca8cd5cf15/	11 KB 12 KB	219ms 114ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/e6/a7/dd/e6a7dd61cc90115644b901ca8cd5cf15/e6a7dd61cc90115644b901ca8cd5cf15.25.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash f37adfa8b94fd7d0adb17a9ba5517dc6e0626dba399ee44e319556d1e3201bb8 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 23 Feb 2021 09:07:07 GMT x-age-lb 1119792 x-edge-pop losangelesUSCA x-77-cache HIT x-cache HIT x-age 51066 x-77-nzt AcO1rwIcYJzvMBYRAA== content-length 11599 x-cache-lb HIT last-modified Tue, 09 Feb 2021 17:11:50 GMT server CDN77-Turbo x-77-nzt-ray h5pTQjv6QSk= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public x-edge-ip 143.244.51.211 accept-ranges bytes expires Wed, 09 Jun 2021 19:52:49 GMT
GET H/1.1	200 OK	99118260264bba604fe440dbdc1d34e0.9.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/99/11/82/99118260264bba604fe440dbdc1d34e0/	14 KB 14 KB	176ms 58ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/99/11/82/99118260264bba604fe440dbdc1d34e0/99118260264bba604fe440dbdc1d34e0.9.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash b413e7ecfd3c013fbd845eef2559dfe0ee388e5610da03ebde0bbfb623e5db6e Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:07 GMT Last-Modified Fri, 19 Feb 2021 04:21:37 GMT ETag "1613708497" X-HW 1614071227.dop088.lo4.t,1614071227.cds005.lo4.shn,1614071227.dop088.lo4.t,1614071227.cds038.lo4.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=7776000 Connection Keep-Alive Accept-Ranges bytes Content-Length 14152
GET H/1.1	200 OK	d9989ebf2ab17da7341ff9cd739c70d9.14.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/d9/98/9e/d9989ebf2ab17da7341ff9cd739c70d9/	18 KB 19 KB	170ms 55ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/d9/98/9e/d9989ebf2ab17da7341ff9cd739c70d9/d9989ebf2ab17da7341ff9cd739c70d9.14.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash 1c8cc4c9b8cc40e1ef751872a9cdcc990b1dfdc14a2b2201ac3e3f7db54b5e1c Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:07 GMT Last-Modified Wed, 27 Jun 2018 06:43:31 GMT ETag "1530081811" X-HW 1614071227.dop090.lo4.t,1614071227.cds069.lo4.shn,1614071227.dop090.lo4.t,1614071227.cds260.lo4.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=3711676 Connection Keep-Alive Accept-Ranges bytes Content-Length 18697
GET H2	200	71810b4ecc9e193f234cc3abf53f4b2a.18.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/71/81/0b/71810b4ecc9e193f234cc3abf53f4b2a/	14 KB 15 KB	154ms 103ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/71/81/0b/71810b4ecc9e193f234cc3abf53f4b2a/71810b4ecc9e193f234cc3abf53f4b2a.18.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash f8593d4bf33ac48af11181c012e1f572913a28d36c1d1b7ef420a3403dc09f7d Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 23 Feb 2021 09:07:07 GMT x-age-lb 2817834 x-edge-pop losangelesUSCA x-77-cache HIT x-cache HIT x-age 1532112 x-77-nzt AcO1rwJ4T9bvKv8qAA== content-length 14742 x-cache-lb HIT last-modified Mon, 03 Jun 2019 12:30:06 GMT server CDN77-Turbo x-77-nzt-ray iYAvu5yletc= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public x-edge-ip 143.244.51.211 accept-ranges bytes expires Tue, 04 May 2021 00:48:01 GMT
GET H/1.1	200 OK	318ef7b601751c2f2270de9d7b399e03.18.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/31/8e/f7/318ef7b601751c2f2270de9d7b399e03/	18 KB 19 KB	220ms 53ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/31/8e/f7/318ef7b601751c2f2270de9d7b399e03/318ef7b601751c2f2270de9d7b399e03.18.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash 8548872b5f685cbfb7c5e8b37df290334d914e084770b66c7798e0f3b509f2ac Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:07 GMT Last-Modified Sat, 16 May 2020 15:11:38 GMT ETag "1589641898" X-HW 1614071227.dop236.lo4.t,1614071227.cds082.lo4.shn,1614071227.cds082.lo4.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=6679769 Connection Keep-Alive Accept-Ranges bytes Content-Length 18831
GET H/1.1	200 OK	f813831a1305fffa7a3c0311b288a982.5.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/f8/13/83/f813831a1305fffa7a3c0311b288a982/	14 KB 14 KB	243ms 58ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/f8/13/83/f813831a1305fffa7a3c0311b288a982/f813831a1305fffa7a3c0311b288a982.5.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash e363f187e18ea97dddaa9daa55a763ae035af20529378c3a51a9151378ad7d49 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:07 GMT Last-Modified Tue, 11 Feb 2020 11:38:40 GMT ETag "1581421120" X-HW 1614071227.dop088.lo4.t,1614071227.cds005.lo4.shn,1614071227.dop088.lo4.t,1614071227.cds035.lo4.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=7776000 Connection Keep-Alive Accept-Ranges bytes Content-Length 14315
GET H/1.1	200 OK	d170253a1132660df39735acb7934bd5.1.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/d1/70/25/d170253a1132660df39735acb7934bd5/	17 KB 17 KB	286ms 56ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/d1/70/25/d170253a1132660df39735acb7934bd5/d170253a1132660df39735acb7934bd5.1.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash c255a8ad302ce409c780c51df22da2e66905f073dae09de27812f5614d9a0de5 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:08 GMT Last-Modified Sat, 20 Feb 2021 23:41:23 GMT ETag "1613864483" X-HW 1614071227.dop041.lo4.t,1614071227.cds276.lo4.shn,1614071228.dop041.lo4.t,1614071228.cds218.lo4.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=7776000 Connection Keep-Alive Accept-Ranges bytes Content-Length 16934
GET H2	200	8611d30bf7b8cab7056211b5640d27df.5.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/86/11/d3/8611d30bf7b8cab7056211b5640d27df/	13 KB 13 KB	171ms 122ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/86/11/d3/8611d30bf7b8cab7056211b5640d27df/8611d30bf7b8cab7056211b5640d27df.5.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash e1c6f0c668124d16a968301de213ed19ede28efafb921646ad426a8100e2b7e8 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 23 Feb 2021 09:07:07 GMT x-age-lb 17604, 28929, 4034211 x-edge-pop pragueCZ, amsterdamNL x-cache HIT content-length 12971 x-age 6129277 x-77-nzt AcO1rwKapdrvo449AA== x-lb-ip 185.152.65.85, 185.76.10.1 x-cache-lb HIT, HIT, HIT last-modified Mon, 19 Oct 2020 02:06:30 GMT server CDN77-Turbo x-77-nzt-ray uawUyqmTYRU= x-lb-pop pragueCZ, amsterdamNL x-77-cache HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public x-edge-ip 185.152.65.60, 185.76.10.13 accept-ranges bytes expires Thu, 25 Feb 2021 00:39:20 GMT
GET H/1.1	200 OK	30af62b69f7c15ad0a8b1ea73732b949.19.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/30/af/62/30af62b69f7c15ad0a8b1ea73732b949/	11 KB 11 KB	289ms 60ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/30/af/62/30af62b69f7c15ad0a8b1ea73732b949/30af62b69f7c15ad0a8b1ea73732b949.19.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash 12dc1312d7626bf8b106ed409e943ac0e39ebcfa3ab89e380e32ad7aefe83a7d Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:08 GMT Last-Modified Fri, 28 Oct 2016 04:19:09 GMT ETag "1477628349" X-HW 1614071227.dop090.lo4.t,1614071227.cds074.lo4.shn,1614071228.dop090.lo4.t,1614071228.cds053.lo4.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=2715238 Connection Keep-Alive Accept-Ranges bytes Content-Length 11272
GET H/1.1	200 OK	33d44afc1d6e2e1df07a49995989e66a.12.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/33/d4/4a/33d44afc1d6e2e1df07a49995989e66a/	11 KB 12 KB	295ms 55ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/33/d4/4a/33d44afc1d6e2e1df07a49995989e66a/33d44afc1d6e2e1df07a49995989e66a.12.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash 2b50ed9e9ef59f3134ff0c8f60a7855f28e096623fdb61e776cce7cdbfb4aff5 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:08 GMT Last-Modified Fri, 29 Jan 2021 12:00:41 GMT ETag "1611921641" X-HW 1614071227.dop090.lo4.t,1614071227.cds069.lo4.shn,1614071228.dop090.lo4.t,1614071228.cds254.lo4.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=7776000 Connection Keep-Alive Accept-Ranges bytes Content-Length 11751
GET H/1.1	200 OK	09cefd40430250741047c9e7dd10a298.27.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/09/ce/fd/09cefd40430250741047c9e7dd10a298/	9 KB 10 KB	236ms 55ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/09/ce/fd/09cefd40430250741047c9e7dd10a298/09cefd40430250741047c9e7dd10a298.27.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash dac1c4a01817da62fad701745f2ccc84ff547855d2028cbb39de0a1a7f8e548b Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:07 GMT Last-Modified Sun, 31 Jan 2021 03:12:24 GMT ETag "1612062744" X-HW 1614071227.dop090.lo4.t,1614071227.cds069.lo4.shn,1614071227.dop090.lo4.t,1614071227.cds275.lo4.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=7776000 Connection Keep-Alive Accept-Ranges bytes Content-Length 9524
GET H/1.1	200 OK	b3b30aad012b5d89ae98e7a455af3458.27.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/b3/b3/0a/b3b30aad012b5d89ae98e7a455af3458/	14 KB 15 KB	222ms 55ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/b3/b3/0a/b3b30aad012b5d89ae98e7a455af3458/b3b30aad012b5d89ae98e7a455af3458.27.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash 31192c7a748b6668a37001f16e9dfd65669344445182c1476831d80acc8dbb03 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:07 GMT Last-Modified Sat, 01 Oct 2016 03:20:10 GMT ETag "1475292010" X-HW 1614071227.dop041.lo4.t,1614071227.cds276.lo4.shn,1614071227.dop041.lo4.t,1614071227.cds204.lo4.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=2489478 Connection Keep-Alive Accept-Ranges bytes Content-Length 14485
GET H/1.1	200 OK	1a87f6317a000958f93e2f54d83e7643.18.jpg img-l3.xvideos-cdn.com/videos/thumbs169ll/1a/87/f6/1a87f6317a000958f93e2f54d83e7643/	13 KB 14 KB	103ms 77ms	Image image/jpeg	8.252.23.243
General Check archive.org Show headers Download Go to Show image Full URL http://img-l3.xvideos-cdn.com/videos/thumbs169ll/1a/87/f6/1a87f6317a000958f93e2f54d83e7643/1a87f6317a000958f93e2f54d83e7643.18.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Server 8.252.23.243 , United States, ASN (), Reverse DNS Software nginx / Resource Hash 624314681aef4012fec7e8b7417a17117f3f6b8e5d5ea7e9d83e9df8465c2302 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 05 Feb 2021 19:43:44 GMT Last-Modified Fri, 05 Feb 2021 11:07:14 GMT Server nginx Age 1517003 Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=10368000 Connection keep-alive Accept-Ranges bytes Content-Length 13693 Expires Sat, 05 Jun 2021 19:48:13 GMT
GET H/1.1	200 OK	2010dd99c0017c376e309e3452cf3631.1.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/20/10/dd/2010dd99c0017c376e309e3452cf3631/	9 KB 10 KB	286ms 55ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/20/10/dd/2010dd99c0017c376e309e3452cf3631/2010dd99c0017c376e309e3452cf3631.1.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash a38b7385c482ffd00bf04d1a2c87a7582fdc2acedd3c2240dfd8dfe52ef99f23 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:08 GMT Last-Modified Sun, 21 Feb 2021 16:07:02 GMT ETag "1613923622" X-HW 1614071227.dop236.lo4.t,1614071228.cds082.lo4.shn,1614071228.dop236.lo4.t,1614071228.cds044.lo4.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=7776000 Connection Keep-Alive Accept-Ranges bytes Content-Length 9670
GET H2	200	9339c838c3719046db53b8e9eaae39e8.30.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/93/39/c8/9339c838c3719046db53b8e9eaae39e8/	14 KB 15 KB	163ms 113ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/93/39/c8/9339c838c3719046db53b8e9eaae39e8/9339c838c3719046db53b8e9eaae39e8.30.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash b09d29bace8795fcfa9d7c7c0a82bf64fa0f2f7c59bc5404b551377387d4afaf Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 23 Feb 2021 09:07:07 GMT x-age-lb 134928 x-77-cache HIT x-cache HIT x-age 20018 x-77-nzt AcO1rwJR9DbvEA8CAA== content-length 14597 x-cache-lb HIT last-modified Sun, 21 Feb 2021 13:55:06 GMT server CDN77-Turbo x-77-nzt-ray v3xh0hphHb4= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public accept-ranges bytes expires Mon, 21 Jun 2021 14:04:41 GMT
GET H/1.1	200 OK	20a763f8740d75edbbfd05f479cd9d32.1.jpg img-hw.xvideos-cdn.com/videos/thumbs169ll/20/a7/63/20a763f8740d75edbbfd05f479cd9d32/	12 KB 13 KB	222ms 55ms	Image image/jpeg	209.197.3.84 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://img-hw.xvideos-cdn.com/videos/thumbs169ll/20/a7/63/20a763f8740d75edbbfd05f479cd9d32/20a763f8740d75edbbfd05f479cd9d32.1.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.84 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS vip0x054.map2.ssl.hwcdn.net Software / Resource Hash 5c61d4086d8d87953b3b9c91ffeede3b4cf6237a14bbabf5f63b89a6be15e3dd Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:07 GMT Last-Modified Mon, 08 Feb 2021 13:19:56 GMT ETag "1612790396" X-HW 1614071227.dop090.lo4.t,1614071227.cds074.lo4.shn,1614071227.dop090.lo4.t,1614071227.cds224.lo4.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control public, max-age=7776000 Connection Keep-Alive Accept-Ranges bytes Content-Length 12647
GET H2	200	62ee98041d2720bbf148b4117a7e74e7.10.jpg cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/62/ee/98/62ee98041d2720bbf148b4117a7e74e7/	23 KB 24 KB	114ms 63ms	Image image/jpeg	195.181.175.3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Show image Full URL https://cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/62/ee/98/62ee98041d2720bbf148b4117a7e74e7/62ee98041d2720bbf148b4117a7e74e7.10.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.181.175.3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS frankfurt-2.cdn77.com Software CDN77-Turbo / Resource Hash 0d3d329fc62da0f82087d9d64b63e3712304df266ee6d67373ce8bd9009add0b Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 23 Feb 2021 09:07:07 GMT x-age-lb 4359570 x-edge-pop amsterdamNL x-77-cache HIT x-cache HIT x-age 224 x-77-nzt AcO1rwIvKKrvkoVCAA== content-length 23741 x-cache-lb HIT last-modified Fri, 02 Oct 2020 18:23:08 GMT server CDN77-Turbo x-77-nzt-ray aeusiapIArY= content-type image/jpeg access-control-allow-origin * cache-control max-age=10368000, public x-edge-ip 185.76.10.13 accept-ranges bytes expires Mon, 03 May 2021 22:03:53 GMT
GET H2	200	ads.js Show response ads.exoclick.com/	2 KB 1 KB	58ms 13ms	Script application/javascript	2606:2800:234:4cc4:5670:35d5:1e00:b394 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://ads.exoclick.com/ads.js Requested by Host: gesek.net URL: http://gesek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (amb/6B92) / Resource Hash 13df6a9d4802138c474e5e0ae43840b225b4191b556429f9f5d253814e8ea27a Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 09:07:07 GMT content-encoding gzip last-modified Tue, 23 Feb 2021 06:16:07 GMT server ECS (amb/6B92) age 10260 vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=10800 accept-ranges bytes content-length 961 expires Tue, 23 Feb 2021 12:07:07 GMT
GET		/ www5.c-stat.eu/ Redirect Chain http://c-stat.eu/c.php?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999 http://www5.c-stat.eu/?u=71999	0 0
GET H/1.1	200 OK	email-decode.min.js Show response gesek.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	15ms 7ms	Script application/javascript	2606:4700:3030::ac43:ae32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://gesek.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Server 2606:4700:3030::ac43:ae32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:07 GMT Content-Encoding gzip X-Content-Type-Options nosniff NEL {"max_age":604800,"report_to":"cf-nel"} Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding cf-request-id 086fbd7d2d00004e1a59127000000001 Last-Modified Thu, 18 Feb 2021 13:46:54 GMT Server cloudflare ETag W/"602e6fce-4d7" X-Frame-Options DENY Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f8rImevrSwZASjRrTDrf44Zrp5w4VER1fH3DjPcCKeHYTV8czCXXfzuHCPzIgg1LGs5sSrh79ldPT7gwcw3TwFKf56VtiEWDcWIRIUpH3xtrYtrrcNI%3D"}],"max_age":604800} Content-Type application/javascript Cache-Control max-age=172800, public CF-RAY 625fcb751e8a4e1a-FRA Expires Thu, 25 Feb 2021 09:07:07 GMT
GET H/1.1	200 OK	pop.js Show response c1.popads.net/	30 KB 10 KB	80ms 31ms	Script application/javascript	2a02:6ea0:c700::3 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Full URL http://c1.popads.net/pop.js Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Server 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 425a7a9b9f10f9809288169af01695376da8b90b3e957f4987c4dad263403d49 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-77-POP frankfurtDE Date Tue, 23 Feb 2021 09:07:07 GMT Content-Encoding gzip X-77-NZT-Ray bUHrWHFRA9s= Transfer-Encoding chunked X-77-Cache HIT X-Cache HIT Connection keep-alive alt-svc quic="195.181.175.50:443"; ma=2592000; v="44,43,39" X-77-NZT AcO1rzIftoPvQswBAA== Last-Modified Tue, 09 Feb 2021 20:16:57 GMT Server CDN77-Turbo ETag W/"6022edb9-77fd" Content-Type application/javascript; charset=UTF-8 Access-Control-Allow-Origin * X-Age 117826 Expires Sat, 06 Mar 2021 00:23:21 GMT
GET H/1.1	200 OK	Cookie set ads-iframe-display.php Show response syndication.exoclick.com/ Frame FA55	32 B 588 B	111ms 85ms	Document text/html	95.211.229.247 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://syndication.exoclick.com/ads-iframe-display.php?idzone=2476879&type=300x50&p=http%3A//gesek.net/&dt=1614071227760&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22 Requested by Host: ads.exoclick.com URL: https://ads.exoclick.com/ads.js Protocol HTTP/1.1 Server 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash 101d99d2d77d1822eb4ba5adc241d1f002c7841252b0fbbb175a1243d0452bf2 Request headers Host syndication.exoclick.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://gesek.net/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://gesek.net/ Response headers Server nginx Date Tue, 23 Feb 2021 09:07:07 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Expires Mon, 26 Jul 1997 05:00:00 GMT Cache-Control no-cache, must-revalidate Pragma no-cache P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226034c5bbcfd601.030654151573642708%22%3B%7D; expires=Thu, 23 Feb 2023 09:07:07 GMT; path=; domain=.exoclick.com; Content-Encoding gzip
GET H/1.1	200 OK	Cookie set adshow.php Show response adserver.juicyads.com/ Frame 6A91	4 KB 3 KB	1934ms 1835ms	Document text/html	185.94.237.101 MOJHOST-EU
General Check archive.org Show headers Download Go to Full URL https://adserver.juicyads.com/adshow.php?adzone=566690 Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.94.237.101 , Netherlands, ASN42567 (MOJHOST-EU, NL), Reverse DNS Software nginx / PHP/5.6.40 Resource Hash 0777b6b133b925271db0813a16932bb47317c8195348b3b52445e19e6c205058 Request headers Host adserver.juicyads.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer http://gesek.net/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://gesek.net/ Response headers Server nginx Date Tue, 23 Feb 2021 09:07:09 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close X-Powered-By PHP/5.6.40 P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA" Set-Cookie surferid=249e931fe09533a156280bf78699f83f; expires=Wed, 23-Feb-2022 09:07:07 GMT; Max-Age=31536000; path=/; domain=.juicyads.com imps39422=1; expires=Wed, 24-Feb-2021 09:07:09 GMT; Max-Age=86400; path=/; domain=.juicyads.com juicy_data_1=YToxOntpOjEwODI2ODE7aToxNjE0MzMwNDI3O30%3D; expires=Fri, 26-Feb-2021 09:07:07 GMT; Max-Age=259198; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Fri, 26-Feb-2021 09:07:07 GMT; Max-Age=259198; domain=juicyads.com Content-Encoding gzip
GET H/1.1	200 OK	Cookie set ads-iframe-display.php Show response syndication.exoclick.com/ Frame EB0E	1 KB 1 KB	117ms 92ms	Document text/html	95.211.229.247 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://syndication.exoclick.com/ads-iframe-display.php?idzone=2476875&type=300x250&p=http%3A//gesek.net/&dt=1614071227775&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22 Requested by Host: ads.exoclick.com URL: https://ads.exoclick.com/ads.js Protocol HTTP/1.1 Server 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash ad2916a220af439ae01f390677d85942e1102fdd19ca357f03824f3b7cf6bb83 Request headers Host syndication.exoclick.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://gesek.net/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://gesek.net/ Response headers Server nginx Date Tue, 23 Feb 2021 09:07:07 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Expires Mon, 26 Jul 1997 05:00:00 GMT Cache-Control no-cache, must-revalidate Pragma no-cache P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226034c5bbcf7080.825605991202644023%22%3B%7D; expires=Thu, 23 Feb 2023 09:07:07 GMT; path=; domain=.exoclick.com; Content-Encoding gzip
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 19 KB	5ms 5ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: gesek.net URL: http://gesek.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 05 Feb 2021 21:33:27 GMT server Golfe2 age 3871 date Tue, 23 Feb 2021 08:02:36 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18980 expires Tue, 23 Feb 2021 10:02:36 GMT
GET H/1.1	200 OK	show.js Show response cdn.popcash.net/	125 KB 38 KB	111ms 85ms	Script application/javascript	151.139.128.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL http://cdn.popcash.net/show.js Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Server 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software cloudflare / Resource Hash 7a12f358b0d0eb8cd45b81bf39485969c511224ea79e84980294523b1cd72519 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:07 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC NEL {"report_to":"cf-nel","max_age":604800} X-HW 1614071227.cds076.lo4.h2,1614071227.cds012.lo4.c Connection keep-alive Content-Length 38263 cf-request-id 08280b4ed200000656c63f6000000001 Last-Modified Tue, 09 Feb 2021 08:40:03 GMT Server cloudflare ETag W/"60224a63-1f3c3" Vary Accept-Encoding Report-To {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vbqXiiHhmpxN1YogExOJNnuOyzinXZ0tVh%2BKZ4lB6OT0nsxZuPgv4tHI4L%2Fbz5lFoRnHAwbJFnkyIVkCHpX%2BsOFnf4UjcWQZdB%2Fnnw%3D%3D"}],"group":"cf-nel"} Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=2592000, public Accept-Ranges bytes CF-RAY 61ed14c48c430656-LHR
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 383 B	45ms 13ms	XHR text/plain	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1587805250&t=pageview&_s=1&dl=http%3A%2F%2Fgesek.net%2F&ul=en-us&de=UTF-8&dt=New%20adult%20video%20-%20Gesek.Net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=794319860&gjid=1319896446&cid=2062939748.1614071228&tid=UA-101833795-2&_gid=96585328.1614071228&_r=1&_slc=1&z=1836712320 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 23 Feb 2021 09:07:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://gesek.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	promo.php Show response promo-bc.com/ Frame 5E9B	126 KB 42 KB	174ms 75ms	Document text/html	185.75.253.87 VIKINGHOST
General Check archive.org Show headers Download Go to Full URL https://promo-bc.com/promo.php?c=680190&subid=oodNdTHddHNLVHdc4QfnT02V22VOpltsrsqqdK6iWVU9UrppaXUzOndNW6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXSudrptRrZpNxpLXxnbpxRvVpbZbPvnVpZrS6V3O5d_YwbmdNXLKqaeWVzpXSuldbQ6V0rg.wA--&subid2=2476875&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 Requested by Host: syndication.exoclick.com URL: http://syndication.exoclick.com/ads-iframe-display.php?idzone=2476875&type=300x250&p=http%3A//gesek.net/&dt=1614071227775&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.75.253.87 , Netherlands, ASN48684 (VIKINGHOST, NL), Reverse DNS Software nginx / Resource Hash d7e19a60f2977ee838bde800c5cf4ca4f29bec2c3c166bdefe9043456246e0a7 Security Headers Name Value Strict-Transport-Security max-age=0; Request headers :method GET :authority promo-bc.com :scheme https :path /promo.php?c=680190&subid=oodNdTHddHNLVHdc4QfnT02V22VOpltsrsqqdK6iWVU9UrppaXUzOndNW6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXSudrptRrZpNxpLXxnbpxRvVpbZbPvnVpZrS6V3O5d_YwbmdNXLKqaeWVzpXSuldbQ6V0rg.wA--&subid2=2476875&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://syndication.exoclick.com/ads-iframe-display.php?idzone=2476875&type=300x250&p=http%3A//gesek.net/&dt=1614071227775&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://syndication.exoclick.com/ads-iframe-display.php?idzone=2476875&type=300x250&p=http%3A//gesek.net/&dt=1614071227775&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22 Response headers server nginx date Tue, 23 Feb 2021 09:07:09 GMT content-type text/html; charset=UTF-8 access-control-allow-origin expires Tue, 23 Feb 2021 09:07:08 GMT cache-control no-cache public x-bcs ded7724 strict-transport-security max-age=0; content-encoding gzip x-bc-bl 105
GET H2	204	znWaa3gu Show response dcba.popcash.net/	0 118 B	271ms 88ms	XHR text/plain	2600:1f18:510:801:bb21:74ae:f261:78a1 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://dcba.popcash.net/znWaa3gu Requested by Host: cdn.popcash.net URL: http://cdn.popcash.net/show.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:510:801:bb21:74ae:f261:78a1 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers access-control-allow-origin * pragma no-cache date Tue, 23 Feb 2021 09:07:08 GMT cache-control no-cache, no-store, must-revalidate expires 0
GET H2	200	/ Show response c.adsco.re/	35 KB 12 KB	56ms 32ms	Script text/html	2606:4700::6811:a6ba
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: c1.popads.net URL: http://c1.popads.net/pop.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a6ba , United States, ASN (), Reverse DNS Software cloudflare / Resource Hash 7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 09:07:08 GMT content-encoding br cf-cache-status HIT server cloudflare age 381491 etag W/"49M/vRKXL5pROhm5uOGH7A==" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch cache-control public, max-age=2678400 cf-ray 625fcb77087363f5-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 086fbd7e69000063f51f949000000001 expires Fri, 26 Mar 2021 09:07:08 GMT
GET H2	200	/ 6.adsco.re/	0 466 B	44ms 15ms	Other text/plain	2606:4700::6811:a6ba
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: gesek.net URL: http://gesek.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a6ba , United States, ASN (), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Origin http://gesek.net Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 09:07:08 GMT content-encoding br server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin http://gesek.net access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 625fcb776e774e43-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 086fbd7ea400004e43f7910000000001
GET H/1.1	200 OK	/ 4.adsco.re/	0 455 B	294ms 80ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Origin http://gesek.net Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:08 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin http://gesek.net Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
POST H/1.1	200 OK	p Show response adsco.re/	0 410 B	171ms 141ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 23 Feb 2021 09:07:08 GMT Content-Encoding gzip Content-Type text/html; charset=UTF-8 AS-P-4 OK Transfer-Encoding chunked AS-P-1 OK Access-Control-Allow-Origin http://gesek.net Access-Control-Max-Age 2592000 Cache-Control no-transform Access-Control-Allow-Credentials true Connection keep-alive AS-E ND AS-P-2 OK AS-P-3 OK
GET H/1.1	200 OK	/ Show response 4.adsco.re/	46 B 455 B	164ms 139ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 0b4d2858fa9003fae24f5d89c05887c1e034a236007ed45cdc3e6a6478485e7c Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:08 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin http://gesek.net Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H/1.1	200 OK	/ Show response 6.adsco.re/	53 B 663 B	21ms 13ms	XHR text/plain	2606:4700::6811:a6ba
General Check archive.org Show headers Download Go to Full URL http://6.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 2606:4700::6811:a6ba , United States, ASN (), Reverse DNS Software cloudflare / Resource Hash 12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:08 GMT Content-Encoding gzip Server cloudflare Access-Control-Allow-Headers Content-Type Vary Accept-Encoding Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin http://gesek.net Access-Control-Max-Age 2592000 Cache-Control private, max-age=10 Transfer-Encoding chunked Connection keep-alive CF-RAY 625fcb775df64ac3-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 086fbd7e9400004ac381b26000000001
POST		/ ebddreoe6hse.l4.adsco.re/	0 0
POST H/1.1	200 OK	/ ebddreoe6hse.n4.adsco.re/	0 464 B	497ms 128ms	Other text/html	38.132.109.186 M247
General Check archive.org Show headers Download Go to Full URL https://ebddreoe6hse.n4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 38.132.109.186 New York, United States, ASN9009 (M247, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 23 Feb 2021 09:07:08 GMT Last-Modified Mon, 30 Jul 2018 15:32:42 GMT ETag "5b5f2f9a-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
POST H/1.1	200 OK	/ ebddreoe6hse.s4.adsco.re/	0 464 B	961ms 241ms	Other text/html	185.200.116.90 M247
General Check archive.org Show headers Download Go to Full URL https://ebddreoe6hse.s4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.200.116.90 , Romania, ASN9009 (M247, GB), Reverse DNS no-mans-land.m247.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 23 Feb 2021 09:07:08 GMT Last-Modified Mon, 30 Jul 2018 15:38:01 GMT ETag "5b5f30d9-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
GET H/1.1	200 OK	/ Show response c.adsco.re/ Frame A0BC	35 KB 14 KB	18ms 12ms	Document text/html	2606:4700::6811:a6ba
General Check archive.org Show headers Download Go to Full URL http://c.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 2606:4700::6811:a6ba , United States, ASN (), Reverse DNS Software cloudflare / Resource Hash 7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b Request headers Host c.adsco.re Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://gesek.net/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://gesek.net/ Response headers Date Tue, 23 Feb 2021 09:07:08 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Cache-Control public, max-age=2678400 Link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch Expires Fri, 26 Mar 2021 09:07:08 GMT ETag W/"49M/vRKXL5pROhm5uOGH7A==" Content-Encoding gzip CF-Cache-Status HIT Age 381490 cf-request-id 086fbd7e960000d6b591b61000000001 Vary Accept-Encoding Server cloudflare CF-RAY 625fcb775f28d6b5-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	/ 6.adsco.re/ Frame A0BC	0 664 B	11ms 10ms	Other text/plain	2606:4700::6811:a6ba
General Check archive.org Show headers Download Go to Full URL http://6.adsco.re/ Requested by Host: gesek.net URL: http://gesek.net/ Protocol HTTP/1.1 Server 2606:4700::6811:a6ba , United States, ASN (), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Origin http://c.adsco.re Referer http://c.adsco.re/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:08 GMT Content-Encoding gzip Server cloudflare Access-Control-Allow-Headers Content-Type Vary Accept-Encoding Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin http://c.adsco.re Access-Control-Max-Age 2592000 Cache-Control private, max-age=10 Transfer-Encoding chunked Connection keep-alive CF-RAY 625fcb78688d4ac3-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 086fbd7f4100004ac3872d5000000001
GET		/ 4.adsco.re/ Frame A0BC	0 0
GET H/1.1	200 OK	/ c.adsco.re/ Frame A0BC	35 KB 0	16ms 15ms	XHR text/html	2606:4700::6811:a6ba
General Check archive.org Show headers Download Go to Full URL http://c.adsco.re/ Requested by Host: c.adsco.re URL: http://c.adsco.re/ Protocol HTTP/1.1 Server 2606:4700::6811:a6ba , United States, ASN (), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://c.adsco.re/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 23 Feb 2021 09:07:08 GMT Content-Encoding gzip CF-Cache-Status HIT Age 381490 Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 086fbd7f4d0000d6b5b384b000000001 Server cloudflare ETag W/"49M/vRKXL5pROhm5uOGH7A==" Vary Accept-Encoding Content-Type text/html Cache-Control public, max-age=2678400 CF-RAY 625fcb787872d6b5-FRA Link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch Expires Fri, 26 Mar 2021 09:07:08 GMT
GET H2	200	jquery.tools.min.js Show response i.bongacash.com/dynamic_banner/ Frame 5E9B	135 KB 46 KB	172ms 69ms	Script application/x-javascript	66.254.122.112 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://i.bongacash.com/dynamic_banner/jquery.tools.min.js Requested by Host: promo-bc.com URL: https://promo-bc.com/promo.php?c=680190&subid=oodNdTHddHNLVHdc4QfnT02V22VOpltsrsqqdK6iWVU9UrppaXUzOndNW6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXSudrptRrZpNxpLXxnbpxRvVpbZbPvnVpZrS6V3O5d_YwbmdNXLKqaeWVzpXSuldbQ6V0rg.wA--&subid2=2476875&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.254.122.112 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197 Request headers Referer https://promo-bc.com/promo.php?c=680190&subid=oodNdTHddHNLVHdc4QfnT02V22VOpltsrsqqdK6iWVU9UrppaXUzOndNW6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXSudrptRrZpNxpLXxnbpxRvVpbZbPvnVpZrS6V3O5d_YwbmdNXLKqaeWVzpXSuldbQ6V0rg.wA--&subid2=2476875&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 09:07:08 GMT content-encoding gzip last-modified Tue, 18 Jun 2019 13:44:19 GMT x-cdn-diag-r fra1-11039-7-47259-h-0-0--- x-shm-miss true vary Accept-Encoding content-type application/x-javascript cache-control max-age=2592000 x-cdn-diag fra1-11058-4-18812-h-0-0---;110394-27-9217----0-1-0 expires Sat, 14 Nov 2020 07:18:40 GMT
GET H2	200	video_back.gif i.bongacash.com/dynamic_banner/images/ Frame 5E9B	44 B 268 B	221ms 120ms	Image image/gif	66.254.122.112 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://i.bongacash.com/dynamic_banner/images/video_back.gif Requested by Host: promo-bc.com URL: https://promo-bc.com/promo.php?c=680190&subid=oodNdTHddHNLVHdc4QfnT02V22VOpltsrsqqdK6iWVU9UrppaXUzOndNW6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXSudrptRrZpNxpLXxnbpxRvVpbZbPvnVpZrS6V3O5d_YwbmdNXLKqaeWVzpXSuldbQ6V0rg.wA--&subid2=2476875&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.254.122.112 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 45ec8d91945614154aa6d7310bcfc5f00ea6d89647f51d8be503c988a3a91f13 Request headers Referer https://promo-bc.com/promo.php?c=680190&subid=oodNdTHddHNLVHdc4QfnT02V22VOpltsrsqqdK6iWVU9UrppaXUzOndNW6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXSudrptRrZpNxpLXxnbpxRvVpbZbPvnVpZrS6V3O5d_YwbmdNXLKqaeWVzpXSuldbQ6V0rg.wA--&subid2=2476875&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 09:07:08 GMT last-modified Tue, 18 Jun 2019 13:44:19 GMT content-type image/gif cache-control max-age=2592000 x-cdn-diag fra1-11023-6-15012-h-0-0---;110394-27-9217----0-0-0 accept-ranges bytes content-length 44 expires Sat, 14 Nov 2020 07:18:40 GMT
GET H2	200	english.png i.bongacash.com/dynamic_banner/images/lang/ Frame 5E9B	542 B 767 B	61ms 60ms	Image image/png	66.254.122.112 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://i.bongacash.com/dynamic_banner/images/lang/english.png Requested by Host: promo-bc.com URL: https://promo-bc.com/promo.php?c=680190&subid=oodNdTHddHNLVHdc4QfnT02V22VOpltsrsqqdK6iWVU9UrppaXUzOndNW6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXSudrptRrZpNxpLXxnbpxRvVpbZbPvnVpZrS6V3O5d_YwbmdNXLKqaeWVzpXSuldbQ6V0rg.wA--&subid2=2476875&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.254.122.112 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52 Request headers Referer https://promo-bc.com/promo.php?c=680190&subid=oodNdTHddHNLVHdc4QfnT02V22VOpltsrsqqdK6iWVU9UrppaXUzOndNW6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXSudrptRrZpNxpLXxnbpxRvVpbZbPvnVpZrS6V3O5d_YwbmdNXLKqaeWVzpXSuldbQ6V0rg.wA--&subid2=2476875&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 09:07:08 GMT last-modified Tue, 18 Jun 2019 13:44:19 GMT content-type image/png cache-control max-age=2592000 x-cdn-diag fra1-11023-7-15181-h-0-0---;110394-29-9217----0-1-0 accept-ranges bytes content-length 542 expires Sat, 14 Nov 2020 07:18:41 GMT
GET		/ 6.adsco.re/ Frame A0BC	0 0
GET H2	200	608b23f059d6210f5f3df62d5e47725e_thumb_medium.jpg i.bimbolive.com/067/1f0/205/ Frame 5E9B	5 KB 6 KB	29ms 14ms	Image image/jpeg	2606:4700::6810:7544 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.bimbolive.com/067/1f0/205/608b23f059d6210f5f3df62d5e47725e_thumb_medium.jpg Requested by Host: promo-bc.com URL: https://promo-bc.com/promo.php?c=680190&subid=oodNdTHddHNLVHdc4QfnT02V22VOpltsrsqqdK6iWVU9UrppaXUzOndNW6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXSudrptRrZpNxpLXxnbpxRvVpbZbPvnVpZrS6V3O5d_YwbmdNXLKqaeWVzpXSuldbQ6V0rg.wA--&subid2=2476875&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7544 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 829431a7f89cdd6c47ad990784b4b0a545d64aa727233cd7ad9b524d0ef6b370 Request headers Referer https://promo-bc.com/promo.php?c=680190&subid=oodNdTHddHNLVHdc4QfnT02V22VOpltsrsqqdK6iWVU9UrppaXUzOndNW6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXSudrptRrZpNxpLXxnbpxRvVpbZbPvnVpZrS6V3O5d_YwbmdNXLKqaeWVzpXSuldbQ6V0rg.wA--&subid2=2476875&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-bc-o 1 date Tue, 23 Feb 2021 09:07:08 GMT cf-cache-status HIT age 1814825 x-o1-p6 MISS content-length 5255 cf-request-id 086fbd806000002badf50be000000001 last-modified Tue, 02 Feb 2021 08:59:47 GMT server cloudflare etag "60191483-1487" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * expires Thu, 04 Mar 2021 09:00:03 GMT cache-control max-age=2592000 accept-ranges bytes cf-ray 625fcb7a3bcf2bad-FRA cf-bgj h2pri
GET H2	206	stream_AlicePetite.webm db.bngpt.com/ Frame 5E9B	88 KB 88 KB	143ms 49ms	Media video/webm	66.254.122.104 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://db.bngpt.com/stream_AlicePetite.webm Requested by Host: promo-bc.com URL: https://promo-bc.com/promo.php?c=680190&subid=oodNdTHddHNLVHdc4QfnT02V22VOpltsrsqqdK6iWVU9UrppaXUzOndNW6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXSudrptRrZpNxpLXxnbpxRvVpbZbPvnVpZrS6V3O5d_YwbmdNXLKqaeWVzpXSuldbQ6V0rg.wA--&subid2=2476875&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.254.122.104 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash ad72d7bb7d83437b3037c357a753502c5b137923878f658ad69d05d8dfa62c66 Request headers Referer https://promo-bc.com/promo.php?c=680190&subid=oodNdTHddHNLVHdc4QfnT02V22VOpltsrsqqdK6iWVU9UrppaXUzOndNW6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXSudrptRrZpNxpLXxnbpxRvVpbZbPvnVpZrS6V3O5d_YwbmdNXLKqaeWVzpXSuldbQ6V0rg.wA--&subid2=2476875&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Range bytes=0- Response headers date Tue, 23 Feb 2021 09:07:08 GMT last-modified Mon, 22 Feb 2021 12:16:20 GMT etag "6033a094-15f35" content-type video/webm Content-Range bytes 0-89908/89909 cache-control max-age=43200 x-cdn-diag fra1-11037-3-32075-h-0-0---;110373-19-24088----0-0-0 Content-Length 89909 expires Tue, 23 Feb 2021 07:33:49 GMT
POST H/1.1	200 OK	p Show response adsco.re/	363 B 852 B	118ms 117ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 8673222b3366923179c2b2c6985ed0addf6538f4e9d9f9c92b43be85592531c2 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers AS-P-G OK Date Tue, 23 Feb 2021 09:07:08 GMT AS-P-7 OK AS-P-9 OK AS-P-C OK Transfer-Encoding chunked AS-P-5 OK AS-P-F OK Connection keep-alive Content-Encoding gzip AS-P-2 OK AS-P-D OK AS-P-6 OK AS-P-B OK AS-P-H OK AS-P-4 OK AS-P-A OK Access-Control-Max-Age 2592000 AS-P-1 OK Access-Control-Allow-Origin http://gesek.net Cache-Control no-transform Access-Control-Allow-Credentials true AS-P-8 OK Content-Type text/html; charset=UTF-8 AS-P-E OK AS-P-3 OK
GET DATA	200 OK	truncated / Frame 5E9B	21 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8b336e72ade9127a8f50308df1bc4f5cd3a89482832cd0768802b4e63bf1b25e Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	608b23f059d6210f5f3df62d5e47725e_thumb_medium.jpg i.bimbolive.com/067/1f0/205/ Frame 5E9B	5 KB 5 KB	13ms 12ms	Image image/jpeg	2606:4700::6810:7544 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.bimbolive.com/067/1f0/205/608b23f059d6210f5f3df62d5e47725e_thumb_medium.jpg Requested by Host: gesek.net URL: http://gesek.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7544 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 829431a7f89cdd6c47ad990784b4b0a545d64aa727233cd7ad9b524d0ef6b370 Request headers Referer https://promo-bc.com/promo.php?c=680190&subid=oodNdTHddHNLVHdc4QfnT02V22VOpltsrsqqdK6iWVU9UrppaXUzOndNW6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXSudrptRrZpNxpLXxnbpxRvVpbZbPvnVpZrS6V3O5d_YwbmdNXLKqaeWVzpXSuldbQ6V0rg.wA--&subid2=2476875&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-bc-o 1 date Tue, 23 Feb 2021 09:07:08 GMT cf-cache-status HIT age 1814825 x-o1-p6 MISS content-length 5255 cf-request-id 086fbd811500002bad8208c000000001 last-modified Tue, 02 Feb 2021 08:59:47 GMT server cloudflare etag "60191483-1487" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * expires Thu, 04 Mar 2021 09:00:03 GMT cache-control max-age=2592000 accept-ranges bytes cf-ray 625fcb7b5de12bad-FRA cf-bgj h2pri
GET H/1.1	200 OK	c Show response serve.popads.net/	44 B 245 B	218ms 187ms	Script text/javascript	216.21.13.16 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://serve.popads.net/c?_=BAoAYDTFvAFgNMW8gAGBAsAAINfOKUFJ0SGupx7bT9EPsg8t1vapsFiXWqQ06WDCw2BKwQBHMEUCIDwpan_SiVKHUSZXDF42W6eyv-aZpvlN-I_eY2g5zuMxAiEA3uhjiwzae0ajC0vnUVCtpuWobvVD4yC8b4Okc9CaxuXCACAcDVp3sZyqr2vwoRTC86xkRmmci5L9LO9UQUe6UwXqJ8QAECoBBPgBklQUAAAAAAAAAALFABCMTHA1cIedEadpYmJ85OlswwBHMEUCIQDI75DFf3pxGYRB42ft4Sahe62IHCyAHvgNwf4UmFhYxgIgd--YdPDQSROJ2zhPJnQjZQIbLGXxrIk7JcXR22KIBqk&v=4&siteId=1852506&minBid=&popundersPerIP=5,0&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200,0 Requested by Host: c1.popads.net URL: http://c1.popads.net/pop.js Protocol HTTP/1.1 Server 216.21.13.16 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5 Request headers Referer http://gesek.net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 23 Feb 2021 09:07:08 GMT PopAds-EC ASB ASF 9 Connection Keep-Alive Content-Length 44 Content-Type text/javascript;charset=UTF-8
GET H2	200	juicyads_black.gif ads.juicyads.me/ads/ Frame 6A91	2 KB 2 KB	170ms 57ms	Image image/gif	69.16.175.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://ads.juicyads.me/ads/juicyads_black.gif Requested by Host: adserver.juicyads.com URL: https://adserver.juicyads.com/adshow.php?adzone=566690 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS hwcdn.net Software / Resource Hash b1e12c59a9b1d3e8447d6a7aeb584101c71751561b98f3f0162f58f1e617c7fb Request headers Referer https://adserver.juicyads.com/adshow.php?adzone=566690 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 09:07:09 GMT last-modified Wed, 02 Mar 2016 17:54:59 GMT etag "1456941299" x-hw 1614071229.dop236.lo4.t,1614071229.cds248.lo4.hn,1614071229.cds232.lo4.c content-type image/gif cache-control max-age=10082038 accept-ranges bytes content-length 2193
GET H2	200	39422-1601013662-0698720001601013662.gif ads.juicyads.me/network/user153028/ Frame 6A91	5 MB 5 MB	170ms 57ms	Image image/gif	69.16.175.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://ads.juicyads.me/network/user153028/39422-1601013662-0698720001601013662.gif Requested by Host: adserver.juicyads.com URL: https://adserver.juicyads.com/adshow.php?adzone=566690 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS hwcdn.net Software / Resource Hash 8bbce0ffb1081736eab40e1d4e0a76b0637c2e24365b141c909d0e4a36061941 Request headers Referer https://adserver.juicyads.com/adshow.php?adzone=566690 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 09:07:09 GMT last-modified Fri, 25 Sep 2020 06:01:03 GMT etag "1601013663" x-hw 1614071229.dop236.lo4.t,1614071229.cds248.lo4.hn,1614071229.cds056.lo4.c content-type image/gif cache-control max-age=31191054 accept-ranges bytes content-length 5026472

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www5.c-stat.eu

URL

http://www5.c-stat.eu/?u=71999

Domain

ebddreoe6hse.l4.adsco.re

URL

https://ebddreoe6hse.l4.adsco.re/

Domain

4.adsco.re

URL

http://4.adsco.re/

Domain

6.adsco.re

URL

http://6.adsco.re/